Commit Graph

302 Commits

Author SHA1 Message Date
Lewis Jones e6ad22924a Refactor: improve full scan manifest test 2025-07-09 13:46:43 +01:00
Lewis Jones 0b0b651777 Refactor test. Download latest release 2025-07-09 13:41:17 +01:00
Lewis Jones 914cb6dc5e Remove debug logging 2025-07-09 13:35:28 +01:00
Lewis Jones 28905c6bc0 manifest test 2025-07-09 13:28:41 +01:00
Lewis Jones f89d41905d Add manifest level test 2025-07-09 12:36:47 +01:00
Lewis Jones 4e2fbd91ff Transpiled JS 2025-07-09 12:16:42 +01:00
Lewis Jones 6d25ae13f5 Remove leading slashes from top manifests 2025-07-09 12:16:21 +01:00
Lewis Jones 7d147e8b5f Add nested dirs to test 2025-07-09 11:56:34 +01:00
Lewis Jones 5789c204e4 update test 2025-07-09 11:46:15 +01:00
Lewis Jones 98b7e66125 Transpiled JS 2025-07-09 11:41:22 +01:00
Lewis Jones b2779b0030 Remove leading slash from root manifests
This causes issues with GitHub dependency Graph
2025-07-09 11:39:47 +01:00
Justin Holguín 64db6d9d15 Merge pull request #123 from advanced-security/juxtin/prep-007
Prepare for v0.0.7 release
2025-07-02 12:54:29 -07:00
Justin Holguín a44e08867f Prepare for v0.0.7 release 2025-07-02 19:39:44 +00:00
Justin Holguín fc216b239a Merge pull request #121 from advanced-security/juxtin/direct-vs-transitive
Use explicitlyReferencedComponentIds to determine which packages are direct
2025-07-02 12:32:40 -07:00
Justin Holguín 5b2736e4f4 Update dist 2025-07-02 18:40:35 +00:00
Justin Holguín bbe83e8988 Skip self-referrers 2025-07-02 18:40:04 +00:00
Justin Holguín c936885d12 Update dist 2025-06-27 20:28:38 +00:00
Justin Holguín 5f4db12f7b Use explicitlyReferencedComponentIds to mark directs 2025-06-27 20:28:38 +00:00
Lewis Jones b242ddf67a Merge pull request #120 from advanced-security/ljones140/fix-direct-when-self-referring
Fix Direct Dependencies Marked as Indirect
2025-06-20 09:26:51 +01:00
Lewis Jones 3349f8c032 Generated dist 2025-06-19 15:22:04 +01:00
Lewis Jones 2517c7a607 Add types 2025-06-19 15:21:52 +01:00
Lewis Jones 2efc7af7df Refactor: Extract another method and test with real data 2025-06-19 15:13:55 +01:00
Lewis Jones 6d56d2b42c Don't make self refential referrer as indirect 2025-06-19 12:55:00 +01:00
Lewis Jones 0de0af1352 Remove unnesessary test package incrementation 2025-06-19 12:35:41 +01:00
Lewis Jones 4daccf7142 Ensure tests are testing properly
Don't use mocks
2025-06-19 12:33:31 +01:00
Lewis Jones caa69e181f Extract addPackagesToManifests to unit test
There is a but here we would like to test
2025-06-19 12:14:02 +01:00
Lewis Jones 04aaaf6193 Merge pull request #118 from advanced-security/ljones140/add-snapshot-inputs
Add Snapshot inputs
2025-06-16 13:03:18 +01:00
Lewis Jones 0f3b6aecc6 Generate dist 2025-06-16 11:17:06 +01:00
Lewis Jones 348257c874 Add sha and ref snapshot inputs 2025-06-16 11:15:10 +01:00
Lewis Jones 779e8387fd Add detector inputs
Optional but if any are provided, then all are required
2025-06-16 11:03:28 +01:00
Lewis Jones e0dcc85667 Merge pull request #117 from actions/ljones140/clean-detector-categories-pr
Add DetectorCategories input So we can run by ecosystem
2025-06-12 13:26:39 +01:00
Lewis Jones 4f5a06217d Remove examples
As not confirmed they are correct.

For example PIp doesn't work but Python does
2025-06-12 12:23:38 +01:00
Lewis Jones 81fde650c2 Add new input to readme 2025-06-12 12:10:17 +01:00
Lewis Jones 786fb5fe93 dist generated code 2025-06-12 12:10:06 +01:00
Lewis Jones 550b6f27ed Pass detectorCategories
As we want to use for specific ecosystems.
2025-06-12 12:09:54 +01:00
Mathew Payne 07208f2876 Merge pull request #116 from advanced-security/dist_update
Update binary files for index.js and index.js.map
2025-05-27 13:27:12 +01:00
Adrien Pessu 67d05b822a Update binary files for index.js and index.js.map 2025-05-27 11:17:44 +00:00
Adrien Pessu 2aa140be93 Merge pull request #113 from advanced-security/dependabot/npm_and_yarn/npm_and_yarn-87115a91ec
Bump undici from 5.28.5 to 5.29.0 in the npm_and_yarn group
2025-05-27 12:55:59 +02:00
dependabot[bot] e4fe0062c4 Bump undici from 5.28.5 to 5.29.0 in the npm_and_yarn group
Bumps the npm_and_yarn group with 1 update: [undici](https://github.com/nodejs/undici).


Updates `undici` from 5.28.5 to 5.29.0
- [Release notes](https://github.com/nodejs/undici/releases)
- [Commits](https://github.com/nodejs/undici/compare/v5.28.5...v5.29.0)

---
updated-dependencies:
- dependency-name: undici
  dependency-version: 5.29.0
  dependency-type: indirect
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-05-15 16:35:16 +00:00
Chad Bentz 1874d0f72d Merge pull request #109 from advanced-security/feature/handle-null-purls
Improve missing package URL handling
2025-05-14 14:14:21 -04:00
Chad Bentz 4a59086e33 Merge branch 'main' into feature/handle-null-purls 2025-05-13 14:27:43 -04:00
Mathew Payne 3805c51da5 Merge pull request #105 from advanced-security/dependabot/github_actions/actions-dependencies-37cd5763f6
Bump actions/setup-node from 4.2.0 to 4.4.0 in the actions-dependencies group
2025-05-13 09:18:05 +01:00
Mathew Payne 1a821e1ee2 Merge branch 'main' into dependabot/github_actions/actions-dependencies-37cd5763f6 2025-05-13 09:12:58 +01:00
Mathew Payne 67962323ba Merge pull request #112 from advanced-security/alert-autofix-workflow-permissions
Potential fix for alerts: Workflow does not contain permissions
2025-05-13 09:12:03 +01:00
Chad Bentz 73e1388139 Validate packageUrlJson structure in makePackageUrl method 2025-05-12 22:25:29 +00:00
Chad Bentz 47ec470b21 Refactor tests 2025-05-12 22:05:43 +00:00
Chad Bentz 203f6e5c2e Update componentDetection.test.ts
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
2025-05-12 17:39:26 -04:00
Chad Bentz 3f82ca7921 Update componentDetection.test.ts
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
2025-05-12 17:39:18 -04:00
Chad Bentz fcd2c805ee Update componentDetection.test.ts
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
2025-05-12 17:35:43 -04:00
Chad Bentz 7cfdb92164 Potential fix for code scanning alert no. 11: Workflow does not contain permissions
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
2025-05-12 17:30:29 -04:00