actions/dependency-review-action
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Commit Graph

  • 4474253eb8 Merge branch 'main' into adding-lists Federico Builes 2022-06-07 06:23:53 +02:00
  • 1a7225bc91 Merge pull request #104 from actions/dependabot/npm_and_yarn/typescript-eslint/parser-5.27.1 Federico Builes 2022-06-07 06:20:33 +02:00
  • 4ebaca3419 Merge pull request #105 from actions/dependabot/npm_and_yarn/yaml-2.1.1 Federico Builes 2022-06-07 06:20:17 +02:00
  • a96d28f120 Remove configuration docs until we have a proper release. Federico Builes 2022-06-07 06:19:13 +02:00
  • 29b67f0a05 Bump @typescript-eslint/parser from 5.27.0 to 5.27.1 dependabot[bot] 2022-06-07 04:16:25 +00:00
  • c187f6f12d Merge pull request #103 from actions/dependabot/npm_and_yarn/typescript-eslint/eslint-plugin-5.27.1 Federico Builes 2022-06-07 06:15:32 +02:00
  • 3b0a091baa Bump yaml from 2.1.0 to 2.1.1 dependabot[bot] 2022-06-07 01:33:07 +00:00
  • 3456819f12 Bump @typescript-eslint/eslint-plugin from 5.27.0 to 5.27.1 dependabot[bot] 2022-06-07 01:32:39 +00:00
  • 56e63b1bc5 adding dist Federico Builes 2022-06-06 18:08:56 +02:00
  • 2ae9a2d51b Add logic for denied licenses. Federico Builes 2022-06-06 18:06:48 +02:00
  • 1261e18905 Clarify license tests. Federico Builes 2022-06-06 18:06:00 +02:00
  • dc7b0a2788 Show an error when disallowed dependencies show up. Federico Builes 2022-06-06 17:46:22 +02:00
  • 06297bf229 Fixing failing tests Federico Builes 2022-06-06 17:31:33 +02:00
  • bccacf9708 Skeleton for license validation. Federico Builes 2022-06-06 17:07:26 +02:00
  • 8c646c1c91 Get rid of redundant variables. Federico Builes 2022-06-06 17:06:16 +02:00
  • 30c4549c8c Merge pull request #91 from actions/adding-config-file Federico Builes 2022-06-06 20:32:21 +02:00
  • 93c8cb2c8a Merge pull request #101 from actions/dependabot/npm_and_yarn/eslint-plugin-jest-26.5.3 Federico Builes 2022-06-06 13:43:17 +02:00
  • d7c6d6203f Merge pull request #100 from actions/dependabot/npm_and_yarn/esbuild-register-3.3.3 Federico Builes 2022-06-06 13:34:38 +02:00
  • 92bcc5a0bf Bump esbuild-register from 3.3.2 to 3.3.3 dependabot[bot] 2022-06-06 11:32:09 +00:00
  • 545050ada5 Merge pull request #99 from actions/dependabot/npm_and_yarn/eslint-8.17.0 Federico Builes 2022-06-06 13:31:00 +02:00
  • 2b674f0e26 Merge pull request #98 from actions/dependabot/npm_and_yarn/types/node-17.0.40 Federico Builes 2022-06-06 13:30:45 +02:00
  • 802525536f Merge pull request #97 from actions/dependabot/npm_and_yarn/typescript-4.7.3 Federico Builes 2022-06-06 13:30:28 +02:00
  • 4eb9ad1d38 Bump eslint-plugin-jest from 26.4.6 to 26.5.3 dependabot[bot] 2022-06-06 01:49:06 +00:00
  • 12cf02f216 Bump eslint from 8.16.0 to 8.17.0 dependabot[bot] 2022-06-06 01:48:31 +00:00
  • c7ff505b05 Bump @types/node from 17.0.38 to 17.0.40 dependabot[bot] 2022-06-06 01:48:14 +00:00
  • 90221b23f7 Bump typescript from 4.7.2 to 4.7.3 dependabot[bot] 2022-06-06 01:47:20 +00:00
  • 2f38c7e78c Add severity level to the vulns not found message. Federico Builes 2022-06-01 15:56:16 +02:00
  • c235374b9d Removing redundant test. Federico Builes 2022-06-01 13:42:22 +02:00
  • ae2949c9c1 Removing old file. Federico Builes 2022-06-01 13:40:09 +02:00
  • 3ae540bf96 Updating the README with config instructions. Federico Builes 2022-06-01 13:39:05 +02:00
  • 1c15a1745e Adding dependency-review.yml. Federico Builes 2022-06-01 13:38:42 +02:00
  • 19b36f0933 Use a more definitive name for the config file. Federico Builes 2022-06-01 13:28:03 +02:00
  • 0b9547aabf Adding more expectations for severities. Federico Builes 2022-06-01 13:14:32 +02:00
  • b327132e4b Remove state from the filtering function. Federico Builes 2022-06-01 13:10:58 +02:00
  • f9a13e70f4 Fixing circular reference, adding prettier. Federico Builes 2022-06-01 12:09:11 +02:00
  • db9f724163 Introduce a schema for ConfigurationOptions. Federico Builes 2022-06-01 06:36:02 +02:00
  • 7db11574b7 Make vulnerabilities be [] by default. Federico Builes 2022-06-01 05:36:46 +02:00
  • 7063d0ca45 Don't modify array in place. Federico Builes 2022-06-01 05:32:50 +02:00
  • 2dd55385c1 Use let instead of var, fix failing test. Federico Builes 2022-06-01 05:31:33 +02:00
  • 48729e4e38 Merge pull request #96 from actions/dependabot/npm_and_yarn/types/node-17.0.38 Federico Builes 2022-06-01 04:48:28 +02:00
  • 230442bc30 Bump @types/node from 17.0.36 to 17.0.38 dependabot[bot] 2022-06-01 01:54:46 +00:00
  • 4235242818 adding dist files Federico Builes 2022-05-31 17:09:21 +02:00
  • 731e67eca2 Add filtering by low severity as the default. Federico Builes 2022-05-31 17:08:22 +02:00
  • b601c09c4e Merge branch 'main' into adding-config-file Federico Builes 2022-05-31 16:59:33 +02:00
  • 982e1d16cb Whitespace and newlines. Federico Builes 2022-05-31 16:54:59 +02:00
  • f0a04841ce Adding logic to filter by vulnerability severity. Federico Builes 2022-05-31 16:50:39 +02:00
  • e622e72c6f Export Change schema. Federico Builes 2022-05-31 06:06:19 +02:00
  • 92e40d7290 Move printing function out. Federico Builes 2022-05-31 06:03:42 +02:00
  • 21763d05e0 Merge pull request #94 from actions/dependabot/npm_and_yarn/eslint-plugin-jest-26.4.6 Federico Builes 2022-05-31 05:25:05 +02:00
  • 2c245d1aba Merge pull request #93 from actions/dependabot/npm_and_yarn/typescript-eslint/parser-5.27.0 Federico Builes 2022-05-31 05:24:37 +02:00
  • d6fb424a28 Bump @typescript-eslint/parser from 5.26.0 to 5.27.0 dependabot[bot] 2022-05-31 03:22:15 +00:00
  • 088fc4d4e8 Merge pull request #92 from actions/dependabot/npm_and_yarn/typescript-eslint/eslint-plugin-5.27.0 Federico Builes 2022-05-31 05:21:37 +02:00
  • 132427b4bc Bump eslint-plugin-jest from 26.4.5 to 26.4.6 dependabot[bot] 2022-05-31 01:28:59 +00:00
  • 5f0449f13c Bump @typescript-eslint/eslint-plugin from 5.26.0 to 5.27.0 dependabot[bot] 2022-05-31 01:28:15 +00:00
  • 0b73ead548 Merge branch 'main' into adding-config-file Federico Builes 2022-05-30 06:37:29 +02:00
  • 67a046c994 Merge pull request #89 from actions/dependabot/npm_and_yarn/types/node-17.0.36 Federico Builes 2022-05-30 06:30:17 +02:00
  • 64c25ba2f4 Merge pull request #90 from actions/dependabot/npm_and_yarn/eslint-plugin-jest-26.4.5 Federico Builes 2022-05-30 06:30:05 +02:00
  • f3682c87a7 Bump eslint-plugin-jest from 26.2.2 to 26.4.5 dependabot[bot] 2022-05-30 01:47:42 +00:00
  • fc7745e42a Bump @types/node from 17.0.35 to 17.0.36 dependabot[bot] 2022-05-30 01:46:36 +00:00
  • a8dcc6b774 Adding basic config file parsing and some test scaffolding. Federico Builes 2022-05-26 15:54:59 -07:00
  • d09b96a7b1 Updating YAML deps. Federico Builes 2022-05-26 14:49:02 -07:00
  • 243561faa0 Merge pull request #87 from actions/dependabot/npm_and_yarn/vercel/ncc-0.34.0 Federico Builes 2022-05-26 10:47:33 -07:00
  • 860cc21fc2 Merge pull request #86 from actions/dependabot/npm_and_yarn/got-12.1.0 Federico Builes 2022-05-26 10:47:20 -07:00
  • 98f8200aaa Bump @vercel/ncc from 0.33.4 to 0.34.0 dependabot[bot] 2022-05-26 03:00:41 +00:00
  • b3375e0be4 Bump got from 12.0.4 to 12.1.0 dependabot[bot] 2022-05-26 03:00:11 +00:00
  • 737f9b3a71 Merge pull request #85 from actions/dependabot/npm_and_yarn/typescript-4.7.2 Federico Builes 2022-05-25 10:57:24 -07:00
  • 91660a5ad1 Bump typescript from 4.6.4 to 4.7.2 dependabot[bot] 2022-05-25 01:46:29 +00:00
  • 2b78124491 Merge pull request #83 from actions/dependabot/npm_and_yarn/typescript-eslint/eslint-plugin-5.26.0 Federico Builes 2022-05-24 16:21:37 -07:00
  • 365fad2034 Merge pull request #82 from actions/dependabot/npm_and_yarn/zod-3.17.3 Federico Builes 2022-05-24 14:54:41 -07:00
  • 31314537ae adding dist files Federico Builes 2022-05-24 14:52:45 -07:00
  • c893395cf8 Bump @typescript-eslint/eslint-plugin from 5.25.0 to 5.26.0 dependabot[bot] 2022-05-24 02:43:26 +00:00
  • 93e4466112 Bump zod from 3.17.2 to 3.17.3 dependabot[bot] 2022-05-24 02:42:32 +00:00
  • a9c83d3af6 Merge pull request #81 from actions/elireisman/fix-default-case Federico Builes 2022-05-23 12:30:51 -07:00
  • f4b10ab0c4 update dist package Eli Reisman 2022-05-23 11:46:07 -07:00
  • a4da1f9048 handle unexpected error types opaquely Eli Reisman 2022-05-23 11:45:36 -07:00
  • 19edfd7243 fix default case in error handling Eli Reisman 2022-05-23 11:36:34 -07:00
  • 0be808458e Merge pull request #80 from actions/dependabot/npm_and_yarn/typescript-eslint/parser-5.26.0 Federico Builes 2022-05-23 11:20:37 -07:00
  • 77396f2e4f Merge pull request #79 from actions/dependabot/npm_and_yarn/zod-3.17.2 Federico Builes 2022-05-23 11:19:59 -07:00
  • 9bc6bded9e updating dist Federico Builes 2022-05-23 11:18:56 -07:00
  • 3b26a2a544 Bump zod from 3.16.0 to 3.17.2 dependabot[bot] 2022-05-23 18:16:20 +00:00
  • 7517e23bfc Bump @typescript-eslint/parser from 5.24.0 to 5.26.0 dependabot[bot] 2022-05-23 18:16:05 +00:00
  • cdae254423 Merge pull request #78 from actions/dependabot/npm_and_yarn/eslint-8.16.0 Federico Builes 2022-05-23 11:14:59 -07:00
  • a257e84a2f Merge pull request #77 from actions/dependabot/npm_and_yarn/types/node-17.0.35 Federico Builes 2022-05-23 11:14:38 -07:00
  • e0be07f423 Bump eslint from 8.15.0 to 8.16.0 dependabot[bot] 2022-05-23 18:04:04 +00:00
  • 4b83e15691 Bump @types/node from 17.0.33 to 17.0.35 dependabot[bot] 2022-05-23 18:03:59 +00:00
  • e4396493ba Merge pull request #73 from actions/dependabot/npm_and_yarn/typescript-eslint/eslint-plugin-5.25.0 Federico Builes 2022-05-23 11:03:13 -07:00
  • 8ba008fb62 Bump @typescript-eslint/eslint-plugin from 5.24.0 to 5.25.0 dependabot[bot] 2022-05-18 01:30:23 +00:00
  • 5ce46b3424 Merge pull request #65 from actions/update-readme Federico Builes 2022-05-16 14:20:09 -07:00
  • 9680f24ea3 Merge pull request #71 from actions/dependabot/npm_and_yarn/actions/github-5.0.3 Federico Builes 2022-05-16 14:19:29 -07:00
  • 9cdb91e238 updating dist files Federico Builes 2022-05-16 14:17:47 -07:00
  • 92e8876693 Bump @actions/github from 5.0.1 to 5.0.3 dependabot[bot] 2022-05-16 21:15:27 +00:00
  • c91da44591 Merge pull request #67 from actions/dependabot/npm_and_yarn/eslint-plugin-jest-26.2.2 Federico Builes 2022-05-16 14:13:20 -07:00
  • b988161c8f Merge pull request #70 from actions/updating-deps Federico Builes 2022-05-16 14:09:47 -07:00
  • a086ec5a2d updating dependencies Federico Builes 2022-05-16 14:06:20 -07:00
  • b40a0040b5 Bump eslint-plugin-jest from 26.1.5 to 26.2.2 dependabot[bot] 2022-05-16 21:05:19 +00:00
  • dcc694e92a Merge pull request #61 from actions/dependabot/npm_and_yarn/zod-3.16.0 Federico Builes 2022-05-16 14:04:47 -07:00
  • dfafa144e7 Bump zod from 3.15.1 to 3.16.0 dependabot[bot] 2022-05-16 21:03:27 +00:00
  • 7a2877d9c8 updating the dist folder Federico Builes 2022-05-16 14:02:08 -07:00
  • 265d6e12a9 updating README Federico Builes 2022-05-13 08:11:58 +02:00
  • 39e692fa32 Merge pull request #60 from actions/elireisman/handle-403 Eli Reisman 2022-05-12 11:13:53 -07:00