Commit Graph

296 Commits

Author SHA1 Message Date
Lewis Jones 466989c808 Merge pull request #4 from actions/weekly-sync-branch-15774881579
Sync Fork with Upstream
2025-06-20 09:40:55 +01:00
github-actions[bot] 67f3292117 Empty commit to open PR 2025-06-20 08:36:52 +00:00
github-actions[bot] 3f420ae88d Merge upstream:main 2025-06-20 08:36:52 +00:00
Lewis Jones b242ddf67a Merge pull request #120 from advanced-security/ljones140/fix-direct-when-self-referring
Fix Direct Dependencies Marked as Indirect
2025-06-20 09:26:51 +01:00
Lewis Jones 3349f8c032 Generated dist 2025-06-19 15:22:04 +01:00
Lewis Jones 2517c7a607 Add types 2025-06-19 15:21:52 +01:00
Lewis Jones 2efc7af7df Refactor: Extract another method and test with real data 2025-06-19 15:13:55 +01:00
Lewis Jones 6d56d2b42c Don't make self refential referrer as indirect 2025-06-19 12:55:00 +01:00
Lewis Jones 0de0af1352 Remove unnesessary test package incrementation 2025-06-19 12:35:41 +01:00
Lewis Jones 4daccf7142 Ensure tests are testing properly
Don't use mocks
2025-06-19 12:33:31 +01:00
Lewis Jones caa69e181f Extract addPackagesToManifests to unit test
There is a but here we would like to test
2025-06-19 12:14:02 +01:00
Lewis Jones ef571d5a84 Merge pull request #3 from actions/weekly-sync-branch-15680274825
Sync Fork with Upstream
2025-06-16 13:05:03 +01:00
github-actions[bot] 0eb73668fa Empty commit to open PR 2025-06-16 12:04:03 +00:00
github-actions[bot] 7a168cbdc4 Merge upstream:main 2025-06-16 12:04:03 +00:00
Lewis Jones 04aaaf6193 Merge pull request #118 from advanced-security/ljones140/add-snapshot-inputs
Add Snapshot inputs
2025-06-16 13:03:18 +01:00
Lewis Jones 0f3b6aecc6 Generate dist 2025-06-16 11:17:06 +01:00
Lewis Jones 348257c874 Add sha and ref snapshot inputs 2025-06-16 11:15:10 +01:00
Lewis Jones 779e8387fd Add detector inputs
Optional but if any are provided, then all are required
2025-06-16 11:03:28 +01:00
Lewis Jones d5fd67e101 Merge pull request #2 from actions/weekly-sync-branch-15612676798
Sync Fork with Upstream
2025-06-12 15:02:36 +01:00
github-actions[bot] 27e6d82755 Empty commit to open PR 2025-06-12 14:01:47 +00:00
github-actions[bot] 3d11e5a0f7 Merge upstream:main 2025-06-12 14:01:47 +00:00
Lewis Jones e0dcc85667 Merge pull request #117 from actions/ljones140/clean-detector-categories-pr
Add DetectorCategories input So we can run by ecosystem
2025-06-12 13:26:39 +01:00
Lewis Jones 4f5a06217d Remove examples
As not confirmed they are correct.

For example PIp doesn't work but Python does
2025-06-12 12:23:38 +01:00
Lewis Jones 81fde650c2 Add new input to readme 2025-06-12 12:10:17 +01:00
Lewis Jones 786fb5fe93 dist generated code 2025-06-12 12:10:06 +01:00
Lewis Jones 550b6f27ed Pass detectorCategories
As we want to use for specific ecosystems.
2025-06-12 12:09:54 +01:00
Lewis Jones 51ef6b3995 Merge pull request #1 from actions/ljones140/setup-fork
Setup fork Codeowners and sync
2025-06-10 15:35:24 +01:00
Lewis Jones cfe815dd6d Add fork sync mechanism 2025-06-10 14:51:08 +01:00
Lewis Jones 9db31129a3 update codeowners 2025-06-10 14:50:54 +01:00
Mathew Payne 07208f2876 Merge pull request #116 from advanced-security/dist_update
Update binary files for index.js and index.js.map
2025-05-27 13:27:12 +01:00
Adrien Pessu 67d05b822a Update binary files for index.js and index.js.map 2025-05-27 11:17:44 +00:00
Adrien Pessu 2aa140be93 Merge pull request #113 from advanced-security/dependabot/npm_and_yarn/npm_and_yarn-87115a91ec
Bump undici from 5.28.5 to 5.29.0 in the npm_and_yarn group
2025-05-27 12:55:59 +02:00
dependabot[bot] e4fe0062c4 Bump undici from 5.28.5 to 5.29.0 in the npm_and_yarn group
Bumps the npm_and_yarn group with 1 update: [undici](https://github.com/nodejs/undici).


Updates `undici` from 5.28.5 to 5.29.0
- [Release notes](https://github.com/nodejs/undici/releases)
- [Commits](https://github.com/nodejs/undici/compare/v5.28.5...v5.29.0)

---
updated-dependencies:
- dependency-name: undici
  dependency-version: 5.29.0
  dependency-type: indirect
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-05-15 16:35:16 +00:00
Chad Bentz 1874d0f72d Merge pull request #109 from advanced-security/feature/handle-null-purls
Improve missing package URL handling
2025-05-14 14:14:21 -04:00
Chad Bentz 4a59086e33 Merge branch 'main' into feature/handle-null-purls 2025-05-13 14:27:43 -04:00
Mathew Payne 3805c51da5 Merge pull request #105 from advanced-security/dependabot/github_actions/actions-dependencies-37cd5763f6
Bump actions/setup-node from 4.2.0 to 4.4.0 in the actions-dependencies group
2025-05-13 09:18:05 +01:00
Mathew Payne 1a821e1ee2 Merge branch 'main' into dependabot/github_actions/actions-dependencies-37cd5763f6 2025-05-13 09:12:58 +01:00
Mathew Payne 67962323ba Merge pull request #112 from advanced-security/alert-autofix-workflow-permissions
Potential fix for alerts: Workflow does not contain permissions
2025-05-13 09:12:03 +01:00
Chad Bentz 73e1388139 Validate packageUrlJson structure in makePackageUrl method 2025-05-12 22:25:29 +00:00
Chad Bentz 47ec470b21 Refactor tests 2025-05-12 22:05:43 +00:00
Chad Bentz 203f6e5c2e Update componentDetection.test.ts
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
2025-05-12 17:39:26 -04:00
Chad Bentz 3f82ca7921 Update componentDetection.test.ts
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
2025-05-12 17:39:18 -04:00
Chad Bentz fcd2c805ee Update componentDetection.test.ts
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
2025-05-12 17:35:43 -04:00
Chad Bentz 7cfdb92164 Potential fix for code scanning alert no. 11: Workflow does not contain permissions
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
2025-05-12 17:30:29 -04:00
Chad Bentz 7eebd4d574 Potential fix for code scanning alert no. 12: Workflow does not contain permissions
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
2025-05-12 17:29:23 -04:00
Chad Bentz b69d2d201b Add tests 2025-05-12 21:08:26 +00:00
Chad Bentz 5840bc427c Update index.js.map with new build output 2025-05-12 20:05:44 +00:00
Chad Bentz 0b3ad66ec5 Merge remote-tracking branch 'origin/main' into feature/handle-null-purls 2025-05-12 20:03:12 +00:00
Chad Bentz 6a1035d837 Merge pull request #111 from advanced-security/dependabot/npm_and_yarn/npm-dependencies-e202d7757e
Bump the npm-dependencies group across 1 directory with 9 updates
2025-05-12 15:49:21 -04:00
Chad Bentz 2c2e919e21 Fix eslint ... v9 upgrade broke! 2025-05-12 17:14:48 +00:00