actions/dependency-review-action
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
NaN Commits 1 Branch 0 Tags
c869fcfa38dee553d8d3d81748ff998cfa96095f
Commit Graph

54 Commits

Author SHA1 Message Date
Federico Builes
5da7945e2b Fixing lint/dist. 2022-08-18 16:15:03 +02:00
Federico Builes
0e0d6ec5d6 Merge branch 'main' into add-summary 2022-08-18 16:11:15 +02:00
Tiago Pascoal
dfcdb87cb3 Fix typo 
Co-authored-by: Eric Cornelissen <ericornelissen@gmail.com>
 2022-08-07 12:36:42 +01:00
Tiago Pascoal
aef949f026 Show vulnerabities and license information on the job summary. 
Users can see the results that were found directly on the job summary

All the results are grouped by manifest.

It shows a table with vulnerable packages, together with package version,
the vulnerabily info and it's severity.

Shows info about package licenses, which packages have a non allowed license,
and the list of packages with unknown licenses.
 2022-08-04 15:35:07 +00:00
Will Da Silva
388b1a309d Support user-provided base/head refs & non-PR workflows 2022-07-21 15:47:05 -04:00
Kenichi Kamiya
c5d7bdcf7f Ignore removed changes in license checker 2022-07-13 18:11:10 +09:00
Kenichi Kamiya
9fdc2574b8 Fix rest eslint errors manually 2022-07-04 20:12:07 +09:00
Kenichi Kamiya
6e9189a5c1 npx eslint --fix src/**/*.ts 2022-07-04 20:12:07 +09:00
Kenichi Kamiya
c6f347d470 npm run format 2022-07-04 20:12:07 +09:00
Federico Builes
1c59cdf2a9 Fix the unknown licenses error message 2022-06-16 06:03:16 +02:00
Federico Builes
963fe8045d Always print null licenses. 2022-06-15 15:22:35 +02:00
Federico Builes
bf94d94f63 Remove old TODO. 2022-06-15 15:22:14 +02:00
Courtney Claessens
dfd519642f Update schemas.ts 2022-06-14 22:37:00 -04:00
Federico Builes
42e2bc1ed2 Handle unknown licenses. 2022-06-14 13:54:27 +02:00
Federico Builes
fd6e756c7b Updating readConfig() to be more readable, get rid of typecasts. 
Co-authored-by: Henri Maurer <hmaurer@github.com>
 2022-06-14 11:29:13 +02:00
Federico Builes
f83a407eb9 Use the correct name for allowlists. 2022-06-14 09:46:59 +02:00
Federico Builes
76ad37608d Adding more tests for the config file. 2022-06-14 07:42:51 +02:00
Federico Builes
7278093fa0 Clarify some of the error messages. 2022-06-14 07:41:37 +02:00
Federico Builes
ef97470a0f Don't set the defaults in the test :/ 2022-06-14 07:04:26 +02:00
Federico Builes
24d7ef3c5d Use an empty config options type. 2022-06-14 06:48:58 +02:00
Federico Builes
1791775ce6 temp commit 2022-06-14 05:57:43 +02:00
Federico Builes
571f236610 Improved wording on license messages. 2022-06-13 20:08:16 +02:00
Federico Builes
cc22dcd654 Use undefined instead of null when dealing with lists. 2022-06-09 10:42:31 +02:00
Federico Builes
6b5518a9ed Adding more docs to licenses.ts 2022-06-09 10:33:05 +02:00
Federico Builes
20cca5c0c4 The default settings should not use []. 2022-06-08 18:28:10 +02:00
Federico Builes
a51db20961 Use null for unspecified values when filtering licenses. 2022-06-08 18:21:28 +02:00
Federico Builes
4ac3d318ab Refactoring on PR feedback. 2022-06-08 17:45:42 +02:00
Federico Builes
2ae9a2d51b Add logic for denied licenses. 2022-06-06 20:32:46 +02:00
Federico Builes
dc7b0a2788 Show an error when disallowed dependencies show up. 2022-06-06 20:32:46 +02:00
Federico Builes
06297bf229 Fixing failing tests 2022-06-06 20:32:46 +02:00
Federico Builes
bccacf9708 Skeleton for license validation. 2022-06-06 20:32:46 +02:00
Federico Builes
8c646c1c91 Get rid of redundant variables. 2022-06-06 20:32:46 +02:00
Federico Builes
2f38c7e78c Add severity level to the vulns not found message. 2022-06-01 15:56:16 +02:00
Federico Builes
19b36f0933 Use a more definitive name for the config file. 2022-06-01 13:28:03 +02:00
Federico Builes
b327132e4b Remove state from the filtering function. 2022-06-01 13:10:58 +02:00
Federico Builes
f9a13e70f4 Fixing circular reference, adding prettier. 2022-06-01 12:09:11 +02:00
Federico Builes
db9f724163 Introduce a schema for ConfigurationOptions. 
This commit illustrates an approach, but is currently
failing the tests.
 2022-06-01 06:36:02 +02:00
Federico Builes
7db11574b7 Make vulnerabilities be [] by default. 2022-06-01 05:36:46 +02:00
Federico Builes
7063d0ca45 Don't modify array in place. 2022-06-01 05:32:50 +02:00
Federico Builes
2dd55385c1 Use let instead of var, fix failing test. 2022-06-01 05:31:33 +02:00
Federico Builes
731e67eca2 Add filtering by low severity as the default. 2022-05-31 17:08:22 +02:00
Federico Builes
982e1d16cb Whitespace and newlines. 2022-05-31 16:54:59 +02:00
Federico Builes
f0a04841ce Adding logic to filter by vulnerability severity. 2022-05-31 16:50:39 +02:00
Federico Builes
e622e72c6f Export Change schema. 2022-05-31 06:06:19 +02:00
Federico Builes
92e40d7290 Move printing function out. 2022-05-31 06:03:42 +02:00
Federico Builes
0b73ead548 Merge branch 'main' into adding-config-file 2022-05-30 06:37:29 +02:00
Federico Builes
a8dcc6b774 Adding basic config file parsing and some test scaffolding. 2022-05-26 15:54:59 -07:00
Eli Reisman
a4da1f9048 handle unexpected error types opaquely 2022-05-23 11:45:36 -07:00
Eli Reisman
19edfd7243 fix default case in error handling 2022-05-23 11:36:34 -07:00
Federico Builes
0e2b63f1f4 Cleaning up errors. 2022-05-12 18:07:14 +02:00