+6
-4
@@ -29,7 +29,7 @@ We have begun using a [Stalebot action](https://github.com/actions/stale) to hel
|
||||
|
||||
## Development lifecycle
|
||||
|
||||
Ready to contribute to `dependency-review-action`? Here is some information to help you get started.
|
||||
Ready to contribute to `dependency-review-action`? Here is some information to help you get started.
|
||||
|
||||
### High level overview of the action
|
||||
|
||||
@@ -87,8 +87,9 @@ _Note_: We don't have a very comprehensive test suite, so any contributions to t
|
||||
|
||||
1. Create a new branch: `git checkout -b my-branch-name`
|
||||
2. Make your change, add tests, and make sure the tests still pass
|
||||
3. Make sure to build and package before pushing: `npm run build && npm run package`
|
||||
4. Push to your fork and [submit a pull request][pr]
|
||||
3. Push to your fork and [submit a pull request][pr]
|
||||
|
||||
(note: we don't recommend including changes to the `dist` directory in your pull request, because changes there have an increased likelihood of conflicts.)
|
||||
|
||||
Here are a few things you can do that will increase the likelihood of your pull request being accepted:
|
||||
|
||||
@@ -106,6 +107,7 @@ Here are a few things you can do that will increase the likelihood of your pull
|
||||
_Note: these instructions are for maintainers_
|
||||
|
||||
1. Update the version number in [package.json](https://github.com/actions/dependency-review-action/blob/main/package.json) and run `npm i` to update the lockfile.
|
||||
1. Update the dist files by running `npm run build` and `npm run package`
|
||||
1. Go to [Draft a new
|
||||
release](https://github.com/actions/dependency-review-action/releases/new)
|
||||
in the Releases page.
|
||||
@@ -137,8 +139,8 @@ To do this just checkout `main`, force-create a new annotated tag, and push it:
|
||||
git tag -fa v4 -m "Updating v4 to 4.0.1"
|
||||
git push origin v4 --force
|
||||
```
|
||||
</details>
|
||||
|
||||
</details>
|
||||
|
||||
## Resources
|
||||
|
||||
|
||||
+1
-1
@@ -548,7 +548,7 @@ function groupChanges(changes_1) {
|
||||
if (change.package_url.length === 0) {
|
||||
return true;
|
||||
}
|
||||
const changeAsPackageURL = (0, purl_1.parsePURL)(encodeURI(change.package_url));
|
||||
const changeAsPackageURL = (0, purl_1.parsePURL)(change.package_url);
|
||||
// We want to find if the licenseExclusion list contains the PackageURL of the Change
|
||||
// If it does, we want to filter it out and therefore return false
|
||||
// If it doesn't, we want to keep it and therefore return true
|
||||
|
||||
+1
-1
File diff suppressed because one or more lines are too long
Generated
+2
-2
@@ -1,12 +1,12 @@
|
||||
{
|
||||
"name": "dependency-review-action",
|
||||
"version": "4.8.1",
|
||||
"version": "4.8.2",
|
||||
"lockfileVersion": 3,
|
||||
"requires": true,
|
||||
"packages": {
|
||||
"": {
|
||||
"name": "dependency-review-action",
|
||||
"version": "4.8.1",
|
||||
"version": "4.8.2",
|
||||
"license": "MIT",
|
||||
"dependencies": {
|
||||
"@actions/artifact": "^2.3.2",
|
||||
|
||||
+2
-2
@@ -1,6 +1,6 @@
|
||||
{
|
||||
"name": "dependency-review-action",
|
||||
"version": "4.8.1",
|
||||
"version": "4.8.2",
|
||||
"private": true,
|
||||
"description": "A GitHub Action for Dependency Review",
|
||||
"main": "lib/main.js",
|
||||
@@ -63,4 +63,4 @@
|
||||
"cross-spawn": ">=7.0.5",
|
||||
"@octokit/request-error@5.0.1": "5.1.1"
|
||||
}
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user