actions/dependency-review-action
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
NaN Commits 1 Branch 0 Tags
main
Commit Graph

54 Commits

Author SHA1 Message Date
Chad Bentz
aa60746a92 Add 'show-patched-versions' option to configuration and update summary handling 
- Introduced 'show-patched-versions' input in action.yml to control visibility of patched versions in vulnerability summaries.
- Updated default configuration and related functions to handle the new option.
- Enhanced tests to verify behavior with and without the patched version column.
 2026-02-27 14:58:54 -05:00
Josh Soref
c4b82d3047 Reword comment-summary-in-pr description 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2025-11-04 20:08:49 -05:00
Justin Holguín
640617990f Replace packageurl-js with our own implementation 2024-04-27 21:26:06 +00:00
Brandon Teng
061f471b83 updating docs 2024-04-04 15:48:24 -05:00
Federico Builes
651d22c5d5 Revert default values in action.yml to fix external configs. 2024-03-22 08:29:26 +01:00
laughedelic
16bfb3360c Merge branch 'main' into feat/data-outputs 2024-03-15 03:21:07 +01:00
Justin Hutchings
f8ebb4b946 Add formatting around warning for low scorecard levels 2024-03-04 19:34:29 +00:00
Justin Hutchings
7d2e20d06d Stub out summary implementation for scorecards 2024-03-04 17:52:17 +00:00
Justin Hutchings
ffd129c285 Refactor types, add printing 2024-03-03 05:24:07 +00:00
laughedelic
eecc9aab88 feat: add action outputs for different types of changes 2024-03-02 04:55:58 +01:00
Josh Soref
2876926e7f Expose dependency comment content 2024-02-19 10:09:03 -05:00
tgrall
c2936a6e3e fix reviewed done by @juxtin - bad line in yml 2024-02-10 09:20:39 +01:00
tgrall
98e8293881 Update Readme and action.yml based on review comments 2024-02-01 06:03:53 +01:00
tgrall
fc49851780 merge from main and fix code review comment from @juxtin 2024-01-28 10:16:07 +01:00
Tatyana Kostromskaya
02456f4a00 Merge branch 'main' into takost/update-to-node-20 2023-12-14 15:08:39 +00:00
Tatyana Kostromskaya
1c9a424cbc . 2023-12-14 15:06:21 +00:00
Federico Builes
b39e17ba5e Replace pip -> pypi in PURL examples 2023-12-11 17:23:19 +01:00
Federico Builes
fc5e2db757 go back to Node 16 to skip using fetch API 2023-11-08 08:36:27 +01:00
Federico Builes
03ace23f96 Update Node JS version. 2023-10-09 12:36:16 +02:00
Justin Holguín
bb0ca79fcd Update action.yml to show retry default 2023-09-07 17:08:20 +00:00
Justin Holguín
c7e8727af4 Update action.yml 
Co-authored-by: Federico Builes <febuiles@github.com>
 2023-09-07 09:50:44 -07:00
Justin Holguín
ada103783f Merge remote-tracking branch 'origin/retry-on-snapshot-warnings' into juxtin/dr-snaps-pre-launch 2023-08-31 16:31:44 +00:00
Sean Murphy
7ef37f3853 Merge branch 'main' into comment-on-failure 2023-08-09 17:31:16 -04:00
Federico Builes
fe2a482baf Apply suggestions from code review 2023-08-09 15:24:26 +02:00
Adrien Pessu
00f1f5b642 add tests and docs 2023-08-07 14:07:46 +02:00
Adrien Pessu
6862f6f65f add groups 2023-08-07 14:07:26 +02:00
Adrien Pessu
2f38ecd3fd add deny_list as paramter 2023-08-07 14:07:26 +02:00
Sean Murphy
902e86c6f5 Add on-failure option to comment-summary-in-pr setting 2023-08-04 22:37:51 -04:00
tgrall
0b053fccb4 add new parameter warn_only 2023-06-12 11:26:44 +02:00
Henri Maurer
66b6f67835 Add configs 2023-06-09 10:26:24 +01:00
Stefan Petrushevski
f1c8401a59 resolve merge conflicts 2023-05-30 18:04:26 +02:00
Stefan
8ef2903f61 Update action.yml 
Co-authored-by: Justin Holguín <juxtin@github.com>
 2023-05-17 09:45:02 +02:00
Federico Builes
9885d0c74c Remove default values in action.yml 2023-04-06 21:33:35 +02:00
Stefan Petrushevski
d3fdbc93c5 Build and updated README 2023-04-06 09:58:14 +02:00
tgrall
621d03bf3a Add none as option for fail-on-severity 2023-03-18 05:21:58 +01:00
David Losert
1c85e9db8d Adds option to write summary into a pr comment 2023-02-16 10:03:16 +00:00
Josh Soref
660812709b spelling: github 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-12-08 11:04:05 -05:00
Federico Builes
6e42c3395a Remove defaults from the recently added fields. 2022-11-11 15:19:46 +01:00
Federico Builes
51a29d6960 Updating action.yml to include *-check config 
options.
 2022-11-11 14:56:07 +01:00
cnagadya
f0ff0b670a Rename config token > external-repo-token 2022-11-08 11:16:26 +00:00
cnagadya
b55cddb69d Use config-file for both remote and local config-files 2022-11-07 12:12:03 +00:00
cnagadya
b4a2fbfa16 Complete functionality for handling remote config file 2022-11-04 14:51:41 +00:00
Federico Builes
9760f87258 Fix config-file description in action.yml 2022-10-21 17:38:18 +02:00
Federico Builes
74c047086c Adding README and action.yml for external config files. 2022-10-21 17:34:20 +02:00
Sarah Aladetan
716b322ec9 add allow-ghsas input to action.yml 2022-09-23 19:59:39 +00:00
Federico Builes
54cd9a7cba Merge branch 'main' into external-config 
# Conflicts:
#	README.md
#	__tests__/config.test.ts
#	dist/index.js.map
#	src/config.ts
#	src/schemas.ts
 2022-09-21 16:50:02 +02:00
Federico Builes
61f19e6447 Let the users set the path for the config file. 2022-09-20 15:15:14 +02:00
Sarah Aladetan
6fa5a8f9c0 add fail-on-scopes input to action config 2022-09-15 20:07:28 +00:00
Will Da Silva
388b1a309d Support user-provided base/head refs & non-PR workflows 2022-07-21 15:47:05 -04:00
Federico Builes
b0e1f384d7 Linting YAML 2022-06-14 09:05:05 +02:00