actions/dependency-review-action
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
NaN Commits 1 Branch 0 Tags
86477f1ea049be9c101cf7ecdc08c976c94de5e2
Commit Graph

88 Commits

Author SHA1 Message Date
Federico Builes
70f8094bec adding a test for empty PURLs 2023-05-31 16:24:19 +02:00
Stefan Petrushevski
f1c8401a59 resolve merge conflicts 2023-05-30 18:04:26 +02:00
Stefan Petrushevski
7b5fa84cfc added tests; docs and cleanup 2023-05-19 10:47:59 +02:00
Federico Builes
8938bd9ef0 Merge pull request #451 from actions/fix-external-config 
Fix default values for fail-on-severity
 2023-04-10 07:41:00 +02:00
Federico Builes
cebb5b1214 Don't use underscore for inline configs. 2023-04-06 21:33:24 +02:00
Federico Builes
3f6a17c81c Update examples to use underscores instead of dashes. 2023-04-06 17:58:58 +02:00
Federico Builes
2c065db296 Add a test-helpers file. 2023-04-06 17:32:42 +02:00
Federico Builes
ff46a4b16e Fixing failing test. 2023-04-06 17:11:29 +02:00
Federico Builes
153f274eb4 Mock octokit. 2023-04-06 17:11:16 +02:00
Federico Builes
0041d7fa41 Add a failing test. 2023-04-06 16:21:52 +02:00
Federico Builes
97c9465751 separate tests for external configs 2023-04-05 15:14:57 +02:00
Justin Holguín
76b8e83d1a Use 'Unnamed Manifest' as catchall bucket 2023-03-28 16:06:07 +00:00
Justin Holguín
7e1f7be1f6 Handle dependencies with an empty manifest field 
This happens sometimes with snapshots. We just want them to be displayed properly in the HTML output.
 2023-03-24 19:07:22 +00:00
David Losert
b7a25f4e9b Makes License Issues a single table per manifest 2023-03-02 07:43:23 +00:00
David Losert
1090cda9d5 Adjusts headlines and formatting for license issues 2023-02-28 12:28:20 +00:00
David Losert
b089c5b002 Adds conditional license summary 2023-02-28 11:08:39 +00:00
David Losert
6e66d136ec Reformats vulnerability section 2023-02-27 16:05:59 +00:00
David Losert
1b9faef957 Fixes ESLint to also incldue tests and fixes eslint errors in tests 2023-02-27 16:05:03 +00:00
David Losert
19ee172e7e feat: Adjusts the formatting and content for the status header 2023-02-22 14:05:52 +00:00
David Losert
1c85e9db8d Adds option to write summary into a pr comment 2023-02-16 10:03:16 +00:00
Chad Bentz
4b2cf01947 integration test to ensure RequestError catch 2023-01-05 17:22:27 +00:00
Josh Soref
cff3674e25 spelling: the 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2022-12-08 11:04:05 -05:00
Federico Builes
b8e622f102 Move test out of failing block. 2022-11-15 22:33:31 +01:00
Federico Builes
93652d7af0 Fix failing tests. 2022-11-15 22:28:50 +01:00
Federico Builes
ba127cac5e Adding a test to confirm lists work properly in config files. 2022-11-15 22:25:26 +01:00
Federico Builes
1dd7392739 Adding fixture for testing config file string lists. 2022-11-15 22:25:13 +01:00
Federico Builes
c2097b2a9b Updating copy in a test. 2022-11-15 07:50:32 +01:00
cnagadya
336da03de2 Update empty allow-licenses tests 2022-11-08 11:15:36 +00:00
cnagadya
78565a954f Dont merge config lists 
Co-authored-by: Henri Maurer<hmaurer@github.com>
Co-authored-by: Federico Builes<febuiles@github.com>
 2022-11-08 10:52:30 +00:00
cnagadya
3c73a622ba Fix config-file tests 2022-11-08 09:53:36 +00:00
cnagadya
6d941b396a Fix inconsistencies due to zod defaults / partials mixup 2022-11-07 17:08:00 +00:00
cnagadya
b55cddb69d Use config-file for both remote and local config-files 2022-11-07 12:12:03 +00:00
cnagadya
dcdeb7de77 Remove redundant skips 
Co-authored-by: Federico Builes <febuiles@github.com>
 2022-11-04 16:12:05 +00:00
cnagadya
b4a2fbfa16 Complete functionality for handling remote config file 2022-11-04 14:51:41 +00:00
Federico Builes
04f48dec81 Update __tests__/config.test.ts 2022-10-31 07:55:17 +01:00
Eric Cornelissen
c5af7ff272 Prevent disabling all checks 
Prevent users from disabling both the license and vulnerability check by
checking if both are set to `false` and throwing if that's the case.
 2022-10-28 22:08:55 +02:00
Eric Cornelissen
31279d265a Add license-check and vulnerability-check inputs 
Add support for two new inputs, named `license-check` and
`vulnerability-check`, to disable the license checks or vulnerability
checks performed by this action. By default, both are enabled.
 2022-10-28 22:06:05 +02:00
cnagadya
022ea02fbb Add unresolved licenses section 2022-10-27 13:09:37 +00:00
cnagadya
3baea959cf Fix license test failures 2022-10-26 09:58:00 +00:00
cnagadya
782c57b17e Fix config test failures 2022-10-26 09:57:02 +00:00
Federico Builes
7e41a6f1ee Removing unnecessary beforeAll block 
Mocks are removed in Jest automatically due to our
Jest config file.

Co-authored-by: Christine Nagadya <cnagadya@github.com>
Co-authored-by: Henri Maurer <hmaurer@github.com>
 2022-10-13 16:52:54 +02:00
cnagadya
4c0961eff6 Add tests for GitHub License API fallback 2022-10-13 11:57:38 +00:00
cnagadya
d1e9a12830 Resolve conflicts 2022-10-13 11:06:40 +00:00
Federico Builes
2dd6c6a3d7 Fixing a bug with GHSA filtering. 
Co-authored-by: Christine Nagadya <cnagadya@github.com>
 2022-10-11 15:17:34 +02:00
Sarah Aladetan
602f968ea2 create a filter for vulns that are on the allowlist 2022-09-22 21:36:26 +00:00
Sarah Aladetan
bd61ea0d9e create config option for ghsa allowlist 2022-09-22 21:34:18 +00:00
Federico Builes
54cd9a7cba Merge branch 'main' into external-config 
# Conflicts:
#	README.md
#	__tests__/config.test.ts
#	dist/index.js.map
#	src/config.ts
#	src/schemas.ts
 2022-09-21 16:50:02 +02:00
Federico Builes
c4693c00ac Raise errors for invalid values in the external config. 2022-09-21 16:30:05 +02:00
Federico Builes
eef7e39202 Accept options from both sources, prioritize external config. 2022-09-20 15:52:34 +02:00
Federico Builes
61f19e6447 Let the users set the path for the config file. 2022-09-20 15:15:14 +02:00