Merge pull request #920 from jsoref/issue-919

This commit is contained in:
Eric Sorenson
2025-10-17 14:30:12 -07:00
committed by GitHub
3 changed files with 32 additions and 5 deletions
Generated Vendored
+11 -1
View File
@@ -814,7 +814,17 @@ function run() {
core.setFailed(`Dependency review could not obtain dependency data for the specified owner, repository, or revision range.`);
}
else if (error instanceof request_error_1.RequestError && error.status === 403) {
core.setFailed(`Dependency review is not supported on this repository. Please ensure that Dependency graph is enabled along with GitHub Advanced Security on private repositories, see ${github.context.serverUrl}/${github.context.repo.owner}/${github.context.repo.repo}/settings/security_analysis`);
let repoIsPrivate = false;
if ('repository' in github.context.payload) {
const repo = github.context.payload.repository;
repoIsPrivate = repo.private;
}
if (repoIsPrivate) {
core.setFailed(`Dependency review is not supported on this repository. Please ensure that Dependency graph is enabled along with GitHub Advanced Security, see ${github.context.serverUrl}/${github.context.repo.owner}/${github.context.repo.repo}/settings/security_analysis`);
}
else {
core.setFailed(`Dependency review is not supported on this repository. Please ensure that Dependency graph is enabled, see ${github.context.serverUrl}/${github.context.repo.owner}/${github.context.repo.repo}/settings/security_analysis`);
}
}
else {
if (error instanceof Error) {
Generated Vendored
+1 -1
View File
File diff suppressed because one or more lines are too long
+20 -3
View File
@@ -27,6 +27,8 @@ import {getDeniedChanges} from './deny'
import * as artifact from '@actions/artifact'
import * as fs from 'fs'
import type {PayloadRepository} from '@actions/github/lib/interfaces.d'
async function delay(ms: number): Promise<void> {
return new Promise(resolve => setTimeout(resolve, ms))
}
@@ -98,6 +100,10 @@ The full dependency review summary is too large to display here. Please download
}
}
interface RepoWithPrivate extends PayloadRepository {
private: boolean
}
async function run(): Promise<void> {
try {
const config = await readConfig()
@@ -235,9 +241,20 @@ async function run(): Promise<void> {
`Dependency review could not obtain dependency data for the specified owner, repository, or revision range.`
)
} else if (error instanceof RequestError && error.status === 403) {
core.setFailed(
`Dependency review is not supported on this repository. Please ensure that Dependency graph is enabled along with GitHub Advanced Security on private repositories, see ${github.context.serverUrl}/${github.context.repo.owner}/${github.context.repo.repo}/settings/security_analysis`
)
let repoIsPrivate = false
if ('repository' in github.context.payload) {
const repo = github.context.payload.repository as RepoWithPrivate
repoIsPrivate = repo.private
}
if (repoIsPrivate) {
core.setFailed(
`Dependency review is not supported on this repository. Please ensure that Dependency graph is enabled along with GitHub Advanced Security, see ${github.context.serverUrl}/${github.context.repo.owner}/${github.context.repo.repo}/settings/security_analysis`
)
} else {
core.setFailed(
`Dependency review is not supported on this repository. Please ensure that Dependency graph is enabled, see ${github.context.serverUrl}/${github.context.repo.owner}/${github.context.repo.repo}/settings/security_analysis`
)
}
} else {
if (error instanceof Error) {
core.setFailed(error.message)