repackage to update dist

This commit is contained in:
Eli Reisman
2024-06-04 11:15:03 -07:00
parent 4531204be7
commit 087d0f81a5
2 changed files with 41 additions and 77 deletions

104
dist/index.js generated vendored
View File

@@ -46,20 +46,19 @@ var __asyncValues = (this && this.__asyncValues) || function (o) {
function settle(resolve, reject, d, v) { Promise.resolve(v).then(function(v) { resolve({ value: v, done: d }); }, reject); }
};
Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.commentPr = void 0;
exports.commentPr = exports.MAX_COMMENT_LENGTH = void 0;
const github = __importStar(__nccwpck_require__(5438));
const core = __importStar(__nccwpck_require__(2186));
const githubUtils = __importStar(__nccwpck_require__(3030));
const retry = __importStar(__nccwpck_require__(6298));
const request_error_1 = __nccwpck_require__(537);
exports.MAX_COMMENT_LENGTH = 65536;
const retryingOctokit = githubUtils.GitHub.plugin(retry.retry);
const octo = new retryingOctokit(githubUtils.getOctokitOptions(core.getInput('repo-token', { required: true })));
// Comment Marker to identify an existing comment to update, so we don't spam the PR with comments
const COMMENT_MARKER = '<!-- dependency-review-pr-comment-marker -->';
const MAX_COMMENT_LENGTH = 65536;
function commentPr(summary, config, minComment) {
function commentPr(commentContent, config) {
return __awaiter(this, void 0, void 0, function* () {
const commentContent = summary.stringify();
if (!(config.comment_summary_in_pr === 'always' ||
(config.comment_summary_in_pr === 'on-failure' &&
process.exitCode === core.ExitCode.Failure))) {
@@ -69,11 +68,7 @@ function commentPr(summary, config, minComment) {
core.warning('Not in the context of a pull request. Skipping comment creation.');
return;
}
let commentBody = `${commentContent}\n\n${COMMENT_MARKER}`;
if (commentBody.length >= MAX_COMMENT_LENGTH) {
core.debug('The comment was too big for the GitHub API. Falling back on a minimum comment');
commentBody = `${minComment}\n\n${COMMENT_MARKER}`;
}
const commentBody = `${commentContent}\n\n${COMMENT_MARKER}`;
try {
const existingCommentId = yield findCommentByMarker(COMMENT_MARKER);
if (existingCommentId) {
@@ -652,8 +647,7 @@ function run() {
core.debug(`Config Deny Packages: ${JSON.stringify(config)}`);
const deniedChanges = yield (0, deny_1.getDeniedChanges)(filteredChanges, config.deny_packages, config.deny_groups);
const scorecard = yield (0, scorecard_1.getScorecardLevels)(filteredChanges);
summary.addSummaryToSummary(vulnerableChanges, invalidLicenseChanges, deniedChanges, scorecard, config);
const minSummary = summary.getMinSummaryForComment(vulnerableChanges, invalidLicenseChanges, deniedChanges, scorecard, config);
const minSummary = summary.addSummaryToSummary(vulnerableChanges, invalidLicenseChanges, deniedChanges, scorecard, config);
if (snapshot_warnings) {
summary.addSnapshotWarnings(config, snapshot_warnings);
}
@@ -680,7 +674,16 @@ function run() {
core.setOutput('dependency-changes', JSON.stringify(changes));
summary.addScannedDependencies(changes);
printScannedDependencies(changes);
yield (0, comment_pr_1.commentPr)(core.summary, config, minSummary);
// include full summary in output; Actions will truncate if oversized
let rendered = core.summary.stringify();
core.setOutput('content-comment', rendered);
// if the summary is oversized, replace with minimal version
if (rendered.length >= comment_pr_1.MAX_COMMENT_LENGTH) {
core.debug('The comment was too big for the GitHub API. Falling back on a minimum comment');
rendered = minSummary;
}
// update the PR comment if needed with the right-sized summary
yield (0, comment_pr_1.commentPr)(rendered, config);
}
catch (error) {
if (error instanceof request_error_1.RequestError && error.status === 404) {
@@ -1310,7 +1313,7 @@ var __importStar = (this && this.__importStar) || function (mod) {
return result;
};
Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.addDeniedToSummary = exports.addSnapshotWarnings = exports.addScorecardToSummary = exports.addScannedDependencies = exports.addLicensesToSummary = exports.addChangeVulnerabilitiesToSummary = exports.addSummaryToSummary = exports.getMinSummaryForComment = void 0;
exports.addDeniedToSummary = exports.addSnapshotWarnings = exports.addScorecardToSummary = exports.addScannedDependencies = exports.addLicensesToSummary = exports.addChangeVulnerabilitiesToSummary = exports.addSummaryToSummary = void 0;
const core = __importStar(__nccwpck_require__(2186));
const utils_1 = __nccwpck_require__(918);
const icons = {
@@ -1318,52 +1321,15 @@ const icons = {
cross: '❌',
warning: '⚠️'
};
function getMinSummaryForComment(vulnerableChanges, invalidLicenseChanges, deniedChanges, scorecard, config) {
const scorecardWarnings = countScorecardWarnings(scorecard, config);
const licenseIssues = countLicenseIssues(invalidLicenseChanges);
let minSummary = '# Dependency Review\n';
if (vulnerableChanges.length === 0 &&
licenseIssues === 0 &&
deniedChanges.length === 0 &&
scorecardWarnings === 0) {
const issueTypes = [
config.vulnerability_check ? 'vulnerabilities' : '',
config.license_check ? 'license issues' : '',
config.show_openssf_scorecard ? 'OpenSSF Scorecard issues' : ''
];
if (issueTypes.filter(Boolean).length === 0) {
minSummary += `${icons.check} No issues found.`;
}
else {
minSummary += `${icons.check} No ${issueTypes.filter(Boolean).join(' or ')} found.`;
}
}
minSummary += 'The following issues were found:\n';
minSummary += config.vulnerability_check
? `* ${checkOrFailIcon(vulnerableChanges.length)} ${vulnerableChanges.length} vulnerable package(s)\n`
: '';
minSummary += config.license_check
? `* ${checkOrFailIcon(invalidLicenseChanges.forbidden.length)} ${invalidLicenseChanges.forbidden.length} package(s) with incompatible licenses\n
* ${checkOrFailIcon(invalidLicenseChanges.unresolved.length)} ${invalidLicenseChanges.unresolved.length} package(s) with invalid SPDX license definitions\n
* ${checkOrWarnIcon(invalidLicenseChanges.unlicensed.length)} ${invalidLicenseChanges.unlicensed.length} package(s) with unknown licenses.\n`
: '';
minSummary +=
deniedChanges.length > 0
? `* ${checkOrWarnIcon(deniedChanges.length)} ${deniedChanges.length} package(s) denied.\n`
: '';
minSummary +=
config.show_openssf_scorecard && scorecardWarnings > 0
? `* ${checkOrWarnIcon(scorecardWarnings)} ${scorecardWarnings ? scorecardWarnings : 'No'} packages with OpenSSF Scorecard issues.\n`
: '';
// Add the link to the job summary provided by GitHub Actions for this workflow run
minSummary += `\n[View full job summary](${process.env.GITHUB_SERVER_URL}/${process.env.GITHUB_REPOSITORY}/actions/runs/${process.env.GITHUB_RUN_ID})`;
return minSummary;
}
exports.getMinSummaryForComment = getMinSummaryForComment;
// generates the DR report summmary and caches it to the Action's core.summary.
// returns the DR summary string, ready to be posted as a PR comment if the
// final DR report is too large
function addSummaryToSummary(vulnerableChanges, invalidLicenseChanges, deniedChanges, scorecard, config) {
const out = [];
const scorecardWarnings = countScorecardWarnings(scorecard, config);
const licenseIssues = countLicenseIssues(invalidLicenseChanges);
core.summary.addHeading('Dependency Review', 1);
out.push('# Dependency Review');
if (vulnerableChanges.length === 0 &&
licenseIssues === 0 &&
deniedChanges.length === 0 &&
@@ -1373,17 +1339,21 @@ function addSummaryToSummary(vulnerableChanges, invalidLicenseChanges, deniedCha
config.license_check ? 'license issues' : '',
config.show_openssf_scorecard ? 'OpenSSF Scorecard issues' : ''
];
let msg = '';
if (issueTypes.filter(Boolean).length === 0) {
core.summary.addRaw(`${icons.check} No issues found.`);
msg = `${icons.check} No issues found.`;
}
else {
core.summary.addRaw(`${icons.check} No ${issueTypes.filter(Boolean).join(' or ')} found.`);
msg = `${icons.check} No ${issueTypes.filter(Boolean).join(' or ')} found.`;
}
return;
core.summary.addRaw(msg);
out.push(msg);
return out.join('\n');
}
core.summary
.addRaw('The following issues were found:')
.addList([
const foundIssuesHeader = 'The following issues were found:';
core.summary.addRaw(foundIssuesHeader);
out.push(foundIssuesHeader);
const summaryList = [
...(config.vulnerability_check
? [
`${checkOrFailIcon(vulnerableChanges.length)} ${vulnerableChanges.length} vulnerable package(s)`
@@ -1398,7 +1368,7 @@ function addSummaryToSummary(vulnerableChanges, invalidLicenseChanges, deniedCha
: []),
...(deniedChanges.length > 0
? [
`${checkOrFailIcon(deniedChanges.length)} ${deniedChanges.length} package(s) denied.`
`${checkOrWarnIcon(deniedChanges.length)} ${deniedChanges.length} package(s) denied.`
]
: []),
...(config.show_openssf_scorecard && scorecardWarnings > 0
@@ -1406,8 +1376,14 @@ function addSummaryToSummary(vulnerableChanges, invalidLicenseChanges, deniedCha
`${checkOrWarnIcon(scorecardWarnings)} ${scorecardWarnings ? scorecardWarnings : 'No'} packages with OpenSSF Scorecard issues.`
]
: [])
])
.addRaw('See the Details below.');
];
core.summary.addList(summaryList);
for (const line of summaryList) {
out.push(`* ${line}`);
}
core.summary.addRaw('See the Details below.');
out.push(`\n[View full job summary](${process.env.GITHUB_SERVER_URL}/${process.env.GITHUB_REPOSITORY}/actions/runs/${process.env.GITHUB_RUN_ID})`);
return out.join('\n');
}
exports.addSummaryToSummary = addSummaryToSummary;
function countScorecardWarnings(scorecard, config) {

14
dist/index.js.map generated vendored

File diff suppressed because one or more lines are too long