actions/dependency-review-action
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
NaN Commits 1 Branch 0 Tags
862b667fee29dd7ca4dfd1287d1a5c0b6a552b71
Commit Graph

128 Commits

Author SHA1 Message Date
David Losert
1c85e9db8d Adds option to write summary into a pr comment 2023-02-16 10:03:16 +00:00
Federico Builes
6855e6ed4e Merge branch 'main' of gh into fix-request-error-handling 2023-01-09 08:16:48 +01:00
Federico Builes
ef8bfcec89 linter suggestions 2023-01-09 07:59:55 +01:00
Chad Bentz
e6aba92fb0 Enhance failure message to include GHAS note 2023-01-05 17:26:46 +00:00
Josh Soref
03c7962be5 spelling: vulnerabilities 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-12-08 11:04:05 -05:00
Josh Soref
a184554be2 spelling: minimum 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-12-08 11:04:05 -05:00
Federico Builes
369356e2e7 Fixing merge conflict in dist/ 
# Conflicts:
#	dist/index.js.map
 2022-11-16 11:24:44 +01:00
Federico Builes
ac059c649c Checkpoint! 2022-11-15 22:29:00 +01:00
Federico Builes
c57c602135 Force error casting to get messages! 2022-11-15 07:50:45 +01:00
Federico Builes
0a055a6a13 Improve error messages for external config files. 2022-11-15 07:45:29 +01:00
cnagadya
d87317e782 Set octokit baseurl for enterprise 2022-11-14 13:49:52 +00:00
Federico Builes
bf8cfe8b38 Linting, adding dist files. 2022-11-09 13:22:33 +01:00
Federico Builes
ae538ebe32 Linting and whitespace. Smol rename. 2022-11-09 13:17:12 +01:00
Federico Builes
b4126ce983 Shuffle things around. 2022-11-09 13:16:53 +01:00
cnagadya
f0ff0b670a Rename config token > external-repo-token 2022-11-08 11:16:26 +00:00
cnagadya
78565a954f Dont merge config lists 
Co-authored-by: Henri Maurer<hmaurer@github.com>
Co-authored-by: Federico Builes<febuiles@github.com>
 2022-11-08 10:52:30 +00:00
cnagadya
3c73a622ba Fix config-file tests 2022-11-08 09:53:36 +00:00
cnagadya
13455c7175 Merge array config options 2022-11-07 17:57:05 +00:00
cnagadya
6d941b396a Fix inconsistencies due to zod defaults / partials mixup 2022-11-07 17:08:00 +00:00
cnagadya
49ed3f2876 Merge lists in configs instead of overwritting them 2022-11-07 12:33:54 +00:00
cnagadya
b55cddb69d Use config-file for both remote and local config-files 2022-11-07 12:12:03 +00:00
cnagadya
b4a2fbfa16 Complete functionality for handling remote config file 2022-11-04 14:51:41 +00:00
cnagadya
97e5a607ba Handle getContent response as is 
Co-authored-by: Henri Maurer <hmaurer@github.com>
 2022-11-04 10:08:00 +00:00
cnagadya
3b410dc4ad Load remote config file 2022-11-04 09:05:45 +00:00
Eric Cornelissen
84921e5e4a Simplify Summary summary based on license-check and vulnerability-check 
Omit details related to the license check of vulnerability check from
the GitHub Actions Summary's summary if the respective check is disabled
from the configuration.
 2022-10-28 22:15:44 +02:00
Eric Cornelissen
c5af7ff272 Prevent disabling all checks 
Prevent users from disabling both the license and vulnerability check by
checking if both are set to `false` and throwing if that's the case.
 2022-10-28 22:08:55 +02:00
Eric Cornelissen
31279d265a Add license-check and vulnerability-check inputs 
Add support for two new inputs, named `license-check` and
`vulnerability-check`, to disable the license checks or vulnerability
checks performed by this action. By default, both are enabled.
 2022-10-28 22:06:05 +02:00
cnagadya
216fafaed5 PR feedback 
Co-authored-by: Federico Builes <febuiles@github.com>
 2022-10-28 11:23:05 +02:00
cnagadya
0144419c8e Format violations area 2022-10-27 16:43:45 +00:00
cnagadya
7b16bd0b54 Add unvalidated changes to summary 2022-10-27 16:24:30 +00:00
cnagadya
4525a8c091 Format summary findings 2022-10-27 15:41:19 +00:00
cnagadya
562a2f3c0a Improve summary formatting 2022-10-27 15:19:32 +00:00
cnagadya
022ea02fbb Add unresolved licenses section 2022-10-27 13:09:37 +00:00
cnagadya
3baea959cf Fix license test failures 2022-10-26 09:58:00 +00:00
cnagadya
ac5ed8754d Use SPDX license expressions 2022-10-26 09:56:34 +00:00
cnagadya
4c0961eff6 Add tests for GitHub License API fallback 2022-10-13 11:57:38 +00:00
cnagadya
d1e9a12830 Resolve conflicts 2022-10-13 11:06:40 +00:00
cnagadya
2e3713aab8 Optimise setGHLicenses 
Co-authored-by: Henri Maurer <hmaurer@github.com>
Co-authored-by: Federico Builes <febuiles@github.com>
 2022-10-13 11:03:34 +00:00
cnagadya
ba9d7c1389 Retrieve null licenses from licenses API 2022-10-13 11:03:34 +00:00
Federico Builes
2dd6c6a3d7 Fixing a bug with GHSA filtering. 
Co-authored-by: Christine Nagadya <cnagadya@github.com>
 2022-10-11 15:17:34 +02:00
Federico Builes
1d9bfbbddf Document the behavior of the GHSA filtering function. 2022-10-11 15:09:58 +02:00
Federico Builes
ee42a6512f Show the dependency name instead of the manifest. 2022-10-11 14:50:55 +02:00
Federico Builes
468485fc8e Clean up the main script a bit. 2022-09-27 12:25:12 +02:00
Federico Builes
46c9f79a1f Create utils.ts file for helper functions. 2022-09-27 12:23:05 +02:00
Federico Builes
cd3f55e8f9 Add all the dependencies to the review summary too. 2022-09-27 11:52:15 +02:00
Federico Builes
0515f5cb39 Adding a skeleton for scanned dependencies in the summary. 2022-09-26 19:14:04 +02:00
Federico Builes
2d1d679f58 Move manifest grouping outside main.ts 2022-09-26 19:13:25 +02:00
Federico Builes
a3563a05bc Use a set instead of raw JS objects. 2022-09-26 12:41:16 +02:00
Federico Builes
8a20ddbf25 try adding 3 sections 2022-09-26 12:21:24 +02:00
Federico Builes
60be833ffd Update manifest formatting in output. 2022-09-26 12:01:39 +02:00