Compare commits
25 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| 3b139cfc5f | |||
| d6807b6643 | |||
| c89b41fdc6 | |||
| eee97d8b03 | |||
| 9d101822a3 | |||
| 9192be9c72 | |||
| 2fc8e23b12 | |||
| fb86db2043 | |||
| 0a198ab3ed | |||
| fc499fc13a | |||
| b02ea3a88b | |||
| 612e96e757 | |||
| 0adc9b8215 | |||
| 591cbf9044 | |||
| c0a5e20c51 | |||
| c82883d789 | |||
| 4081bf99e2 | |||
| 03e585eea7 | |||
| 08b4117924 | |||
| 9c3441f7ee | |||
| 304a544dca | |||
| e99353b1e1 | |||
| d8ae44e2a0 | |||
| a6993e2c61 | |||
| ac1d2d7d35 |
@@ -124,11 +124,7 @@ test('it raises an error when no refs are provided and the event is not a pull r
|
||||
).toThrow()
|
||||
})
|
||||
|
||||
const pullRequestLikeEvents = [
|
||||
'pull_request',
|
||||
'pull_request_target',
|
||||
'merge_group'
|
||||
]
|
||||
const pullRequestLikeEvents = ['pull_request', 'pull_request_target']
|
||||
|
||||
test.each(pullRequestLikeEvents)(
|
||||
'it uses the given refs even when the event is %s',
|
||||
@@ -152,7 +148,7 @@ test.each(pullRequestLikeEvents)(
|
||||
)
|
||||
|
||||
test.each(pullRequestLikeEvents)(
|
||||
'it uses the event refs when the event is %s and the no refs are input',
|
||||
'it uses the event refs when the event is %s and no refs are provided in config',
|
||||
async eventName => {
|
||||
const refs = getRefs(await readConfig(), {
|
||||
payload: {
|
||||
@@ -169,6 +165,37 @@ test.each(pullRequestLikeEvents)(
|
||||
}
|
||||
)
|
||||
|
||||
test('it uses the given refs even when the event is merge_group', async () => {
|
||||
setInput('base-ref', 'a-custom-base-ref')
|
||||
setInput('head-ref', 'a-custom-head-ref')
|
||||
|
||||
const refs = getRefs(await readConfig(), {
|
||||
payload: {
|
||||
merge_group: {
|
||||
base_sha: 'pr-base-ref',
|
||||
head_sha: 'pr-head-ref'
|
||||
}
|
||||
},
|
||||
eventName: 'merge_group'
|
||||
})
|
||||
expect(refs.base).toEqual('a-custom-base-ref')
|
||||
expect(refs.head).toEqual('a-custom-head-ref')
|
||||
})
|
||||
|
||||
test('it uses the event refs when the event is merge_group and no refs are provided in config', async () => {
|
||||
const refs = getRefs(await readConfig(), {
|
||||
payload: {
|
||||
merge_group: {
|
||||
base_sha: 'pr-base-ref',
|
||||
head_sha: 'pr-head-ref'
|
||||
}
|
||||
},
|
||||
eventName: 'merge_group'
|
||||
})
|
||||
expect(refs.base).toEqual('pr-base-ref')
|
||||
expect(refs.head).toEqual('pr-head-ref')
|
||||
})
|
||||
|
||||
test('it defaults to runtime scope', async () => {
|
||||
const config = await readConfig()
|
||||
expect(config.fail_on_scopes).toEqual(['runtime'])
|
||||
|
||||
+1568
-1545
File diff suppressed because one or more lines are too long
+1
-1
File diff suppressed because one or more lines are too long
+1
-1
File diff suppressed because one or more lines are too long
Generated
+25
-25
@@ -1,12 +1,12 @@
|
||||
{
|
||||
"name": "dependency-review-action",
|
||||
"version": "4.3.5",
|
||||
"version": "4.5.0",
|
||||
"lockfileVersion": 3,
|
||||
"requires": true,
|
||||
"packages": {
|
||||
"": {
|
||||
"name": "dependency-review-action",
|
||||
"version": "4.3.5",
|
||||
"version": "4.5.0",
|
||||
"license": "MIT",
|
||||
"dependencies": {
|
||||
"@actions/core": "^1.10.1",
|
||||
@@ -15,7 +15,7 @@
|
||||
"@octokit/request-error": "^5.0.1",
|
||||
"@onebeyond/spdx-license-satisfies": "^1.0.1",
|
||||
"ansi-styles": "^6.2.1",
|
||||
"got": "^14.4.2",
|
||||
"got": "^14.4.3",
|
||||
"jest": "^29.7.0",
|
||||
"octokit": "^3.1.2",
|
||||
"spdx-expression-parse": "^3.0.1",
|
||||
@@ -31,14 +31,14 @@
|
||||
"@types/spdx-satisfies": "^0.1.1",
|
||||
"@typescript-eslint/eslint-plugin": "^6.21.0",
|
||||
"@typescript-eslint/parser": "^6.21.0",
|
||||
"@vercel/ncc": "^0.38.0",
|
||||
"@vercel/ncc": "^0.38.3",
|
||||
"esbuild-register": "^3.5.0",
|
||||
"eslint": "^8.57.0",
|
||||
"eslint-plugin-github": "^4.10.2",
|
||||
"eslint-plugin-jest": "^28.8.3",
|
||||
"eslint-plugin-prettier": "^5.1.3",
|
||||
"js-yaml": "^4.1.0",
|
||||
"nodemon": "^3.1.0",
|
||||
"nodemon": "^3.1.7",
|
||||
"prettier": "3.2.5",
|
||||
"typescript": "^5.4.5"
|
||||
}
|
||||
@@ -1956,9 +1956,9 @@
|
||||
"integrity": "sha512-+Fj43pSMwJs4KRrH/938Uf+uAELIgVBmQzg/q1YG10djyfA3TnrU8N8XzqCh/okZdszqBQTZf96idMfE5lnwTA=="
|
||||
},
|
||||
"node_modules/@sindresorhus/is": {
|
||||
"version": "7.0.0",
|
||||
"resolved": "https://registry.npmjs.org/@sindresorhus/is/-/is-7.0.0.tgz",
|
||||
"integrity": "sha512-WDTlVTyvFivSOuyvMeedzg2hdoBLZ3f1uNVuEida2Rl9BrfjrIRjWA/VZIrMRLvSwJYCAlCRA3usDt1THytxWQ==",
|
||||
"version": "7.0.1",
|
||||
"resolved": "https://registry.npmjs.org/@sindresorhus/is/-/is-7.0.1.tgz",
|
||||
"integrity": "sha512-QWLl2P+rsCJeofkDNIT3WFmb6NrRud1SUYW8dIhXK/46XFV8Q/g7Bsvib0Askb0reRLe+WYPeeE+l5cH7SlkuQ==",
|
||||
"engines": {
|
||||
"node": ">=18"
|
||||
},
|
||||
@@ -2369,9 +2369,9 @@
|
||||
"dev": true
|
||||
},
|
||||
"node_modules/@vercel/ncc": {
|
||||
"version": "0.38.1",
|
||||
"resolved": "https://registry.npmjs.org/@vercel/ncc/-/ncc-0.38.1.tgz",
|
||||
"integrity": "sha512-IBBb+iI2NLu4VQn3Vwldyi2QwaXt5+hTyh58ggAMoCGE6DJmPvwL3KPBWcJl1m9LYPChBLE980Jw+CS4Wokqxw==",
|
||||
"version": "0.38.3",
|
||||
"resolved": "https://registry.npmjs.org/@vercel/ncc/-/ncc-0.38.3.tgz",
|
||||
"integrity": "sha512-rnK6hJBS6mwc+Bkab+PGPs9OiS0i/3kdTO+CkI8V0/VrW3vmz7O2Pxjw/owOlmo6PKEIxRSeZKv/kuL9itnpYA==",
|
||||
"dev": true,
|
||||
"bin": {
|
||||
"ncc": "dist/ncc/cli.js"
|
||||
@@ -3187,9 +3187,9 @@
|
||||
}
|
||||
},
|
||||
"node_modules/cross-spawn": {
|
||||
"version": "7.0.3",
|
||||
"resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz",
|
||||
"integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==",
|
||||
"version": "7.0.6",
|
||||
"resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz",
|
||||
"integrity": "sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==",
|
||||
"dependencies": {
|
||||
"path-key": "^3.1.0",
|
||||
"shebang-command": "^2.0.0",
|
||||
@@ -4722,11 +4722,11 @@
|
||||
}
|
||||
},
|
||||
"node_modules/got": {
|
||||
"version": "14.4.2",
|
||||
"resolved": "https://registry.npmjs.org/got/-/got-14.4.2.tgz",
|
||||
"integrity": "sha512-+Te/qEZ6hr7i+f0FNgXx/6WQteSM/QqueGvxeYQQFm0GDfoxLVJ/oiwUKYMTeioColWUTdewZ06hmrBjw6F7tw==",
|
||||
"version": "14.4.3",
|
||||
"resolved": "https://registry.npmjs.org/got/-/got-14.4.3.tgz",
|
||||
"integrity": "sha512-iTC0Z87yxSijWTh/IpvGpwOhIQK7+GgWkYrMRoN/hB9qeRj9RPuLGODwevs0p5idUf7nrxCVa5IlOmK3b8z+KA==",
|
||||
"dependencies": {
|
||||
"@sindresorhus/is": "^7.0.0",
|
||||
"@sindresorhus/is": "^7.0.1",
|
||||
"@szmarczak/http-timer": "^5.0.1",
|
||||
"cacheable-lookup": "^7.0.0",
|
||||
"cacheable-request": "^12.0.1",
|
||||
@@ -4736,7 +4736,7 @@
|
||||
"lowercase-keys": "^3.0.0",
|
||||
"p-cancelable": "^4.0.1",
|
||||
"responselike": "^3.0.0",
|
||||
"type-fest": "^4.19.0"
|
||||
"type-fest": "^4.26.1"
|
||||
},
|
||||
"engines": {
|
||||
"node": ">=20"
|
||||
@@ -4746,9 +4746,9 @@
|
||||
}
|
||||
},
|
||||
"node_modules/got/node_modules/type-fest": {
|
||||
"version": "4.20.0",
|
||||
"resolved": "https://registry.npmjs.org/type-fest/-/type-fest-4.20.0.tgz",
|
||||
"integrity": "sha512-MBh+PHUHHisjXf4tlx0CFWoMdjx8zCMLJHOjnV1prABYZFHqtFOyauCIK2/7w4oIfwkF8iNhLtnJEfVY2vn3iw==",
|
||||
"version": "4.26.1",
|
||||
"resolved": "https://registry.npmjs.org/type-fest/-/type-fest-4.26.1.tgz",
|
||||
"integrity": "sha512-yOGpmOAL7CkKe/91I5O3gPICmJNLJ1G4zFYVAsRHg7M64biSnPtRj0WNQt++bRkjYOqjWXrhnUw1utzmVErAdg==",
|
||||
"engines": {
|
||||
"node": ">=16"
|
||||
},
|
||||
@@ -6349,9 +6349,9 @@
|
||||
"integrity": "sha512-uYr7J37ae/ORWdZeQ1xxMJe3NtdmqMC/JZK+geofDrkLUApKRHPd18/TxtBOJ4A0/+uUIliorNrfYV6s1b02eQ=="
|
||||
},
|
||||
"node_modules/nodemon": {
|
||||
"version": "3.1.0",
|
||||
"resolved": "https://registry.npmjs.org/nodemon/-/nodemon-3.1.0.tgz",
|
||||
"integrity": "sha512-xqlktYlDMCepBJd43ZQhjWwMw2obW/JRvkrLxq5RCNcuDDX1DbcPT+qT1IlIIdf+DhnWs90JpTMe+Y5KxOchvA==",
|
||||
"version": "3.1.7",
|
||||
"resolved": "https://registry.npmjs.org/nodemon/-/nodemon-3.1.7.tgz",
|
||||
"integrity": "sha512-hLj7fuMow6f0lbB0cD14Lz2xNjwsyruH251Pk4t/yIitCFJbmY1myuLlHm/q06aST4jg6EgAh74PIBBrRqpVAQ==",
|
||||
"dev": true,
|
||||
"dependencies": {
|
||||
"chokidar": "^3.5.2",
|
||||
|
||||
+7
-4
@@ -1,6 +1,6 @@
|
||||
{
|
||||
"name": "dependency-review-action",
|
||||
"version": "4.3.5",
|
||||
"version": "4.5.0",
|
||||
"private": true,
|
||||
"description": "A GitHub Action for Dependency Review",
|
||||
"main": "lib/main.js",
|
||||
@@ -31,7 +31,7 @@
|
||||
"@octokit/request-error": "^5.0.1",
|
||||
"@onebeyond/spdx-license-satisfies": "^1.0.1",
|
||||
"ansi-styles": "^6.2.1",
|
||||
"got": "^14.4.2",
|
||||
"got": "^14.4.3",
|
||||
"jest": "^29.7.0",
|
||||
"octokit": "^3.1.2",
|
||||
"spdx-expression-parse": "^3.0.1",
|
||||
@@ -47,15 +47,18 @@
|
||||
"@types/spdx-satisfies": "^0.1.1",
|
||||
"@typescript-eslint/eslint-plugin": "^6.21.0",
|
||||
"@typescript-eslint/parser": "^6.21.0",
|
||||
"@vercel/ncc": "^0.38.0",
|
||||
"@vercel/ncc": "^0.38.3",
|
||||
"esbuild-register": "^3.5.0",
|
||||
"eslint": "^8.57.0",
|
||||
"eslint-plugin-github": "^4.10.2",
|
||||
"eslint-plugin-jest": "^28.8.3",
|
||||
"eslint-plugin-prettier": "^5.1.3",
|
||||
"js-yaml": "^4.1.0",
|
||||
"nodemon": "^3.1.0",
|
||||
"nodemon": "^3.1.7",
|
||||
"prettier": "3.2.5",
|
||||
"typescript": "^5.4.5"
|
||||
},
|
||||
"overrides": {
|
||||
"cross-spawn": ">=7.0.5"
|
||||
}
|
||||
}
|
||||
|
||||
+3
-3
@@ -17,13 +17,13 @@ const COMMENT_MARKER = '<!-- dependency-review-pr-comment-marker -->'
|
||||
|
||||
export async function commentPr(
|
||||
commentContent: string,
|
||||
config: ConfigurationOptions
|
||||
config: ConfigurationOptions,
|
||||
issueFound: boolean
|
||||
): Promise<void> {
|
||||
if (
|
||||
!(
|
||||
config.comment_summary_in_pr === 'always' ||
|
||||
(config.comment_summary_in_pr === 'on-failure' &&
|
||||
process.exitCode === core.ExitCode.Failure)
|
||||
(config.comment_summary_in_pr === 'on-failure' && issueFound)
|
||||
)
|
||||
) {
|
||||
return
|
||||
|
||||
@@ -9,7 +9,6 @@ export async function getDeniedChanges(
|
||||
): Promise<Change[]> {
|
||||
const changesDenied: Change[] = []
|
||||
|
||||
let hasDeniedPackage = false
|
||||
for (const change of changes) {
|
||||
for (const denied of deniedPackages) {
|
||||
if (
|
||||
@@ -17,7 +16,6 @@ export async function getDeniedChanges(
|
||||
change.name === denied.name
|
||||
) {
|
||||
changesDenied.push(change)
|
||||
hasDeniedPackage = true
|
||||
}
|
||||
}
|
||||
|
||||
@@ -30,17 +28,10 @@ export async function getDeniedChanges(
|
||||
}
|
||||
if (namespace && namespace === denied.namespace) {
|
||||
changesDenied.push(change)
|
||||
hasDeniedPackage = true
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (hasDeniedPackage) {
|
||||
core.setFailed('Dependency review detected denied packages.')
|
||||
} else {
|
||||
core.info('Dependency review did not detect any denied packages')
|
||||
}
|
||||
|
||||
return changesDenied
|
||||
}
|
||||
|
||||
|
||||
+22
-10
@@ -1,22 +1,34 @@
|
||||
import {PullRequestSchema, ConfigurationOptions} from './schemas'
|
||||
import {
|
||||
PullRequestSchema,
|
||||
ConfigurationOptions,
|
||||
MergeGroupSchema
|
||||
} from './schemas'
|
||||
|
||||
export function getRefs(
|
||||
config: ConfigurationOptions,
|
||||
context: {payload: {pull_request?: unknown}; eventName: string}
|
||||
context: {
|
||||
payload: {pull_request?: unknown; merge_group?: unknown}
|
||||
eventName: string
|
||||
}
|
||||
): {base: string; head: string} {
|
||||
let base_ref = config.base_ref
|
||||
let head_ref = config.head_ref
|
||||
|
||||
// If possible, source default base & head refs from the GitHub event.
|
||||
// The base/head ref from the config take priority, if provided.
|
||||
if (
|
||||
context.eventName === 'pull_request' ||
|
||||
context.eventName === 'pull_request_target' ||
|
||||
context.eventName === 'merge_group'
|
||||
) {
|
||||
const pull_request = PullRequestSchema.parse(context.payload.pull_request)
|
||||
base_ref = base_ref || pull_request.base.sha
|
||||
head_ref = head_ref || pull_request.head.sha
|
||||
if (!base_ref && !head_ref) {
|
||||
if (
|
||||
context.eventName === 'pull_request' ||
|
||||
context.eventName === 'pull_request_target'
|
||||
) {
|
||||
const pull_request = PullRequestSchema.parse(context.payload.pull_request)
|
||||
base_ref = base_ref || pull_request.base.sha
|
||||
head_ref = head_ref || pull_request.head.sha
|
||||
} else if (context.eventName === 'merge_group') {
|
||||
const merge_group = MergeGroupSchema.parse(context.payload.merge_group)
|
||||
base_ref = base_ref || merge_group.base_sha
|
||||
head_ref = head_ref || merge_group.head_sha
|
||||
}
|
||||
}
|
||||
|
||||
if (!base_ref && !head_ref) {
|
||||
|
||||
+44
-20
@@ -141,10 +141,16 @@ async function run(): Promise<void> {
|
||||
summary.addSnapshotWarnings(config, snapshot_warnings)
|
||||
}
|
||||
|
||||
let issueFound = false
|
||||
|
||||
if (config.vulnerability_check) {
|
||||
core.setOutput('vulnerable-changes', JSON.stringify(vulnerableChanges))
|
||||
summary.addChangeVulnerabilitiesToSummary(vulnerableChanges, minSeverity)
|
||||
printVulnerabilitiesBlock(vulnerableChanges, minSeverity, warnOnly)
|
||||
issueFound ||= await printVulnerabilitiesBlock(
|
||||
vulnerableChanges,
|
||||
minSeverity,
|
||||
warnOnly
|
||||
)
|
||||
}
|
||||
if (config.license_check) {
|
||||
core.setOutput(
|
||||
@@ -152,12 +158,12 @@ async function run(): Promise<void> {
|
||||
JSON.stringify(invalidLicenseChanges)
|
||||
)
|
||||
summary.addLicensesToSummary(invalidLicenseChanges, config)
|
||||
printLicensesBlock(invalidLicenseChanges, warnOnly)
|
||||
issueFound ||= await printLicensesBlock(invalidLicenseChanges, warnOnly)
|
||||
}
|
||||
if (config.deny_packages || config.deny_groups) {
|
||||
core.setOutput('denied-changes', JSON.stringify(deniedChanges))
|
||||
summary.addDeniedToSummary(deniedChanges)
|
||||
printDeniedDependencies(deniedChanges, config)
|
||||
issueFound ||= await printDeniedDependencies(deniedChanges, config)
|
||||
}
|
||||
if (config.show_openssf_scorecard) {
|
||||
summary.addScorecardToSummary(scorecard, config)
|
||||
@@ -182,7 +188,7 @@ async function run(): Promise<void> {
|
||||
}
|
||||
|
||||
// update the PR comment if needed with the right-sized summary
|
||||
await commentPr(rendered, config)
|
||||
await commentPr(rendered, config, issueFound)
|
||||
} catch (error) {
|
||||
if (error instanceof RequestError && error.status === 404) {
|
||||
core.setFailed(
|
||||
@@ -204,18 +210,16 @@ async function run(): Promise<void> {
|
||||
}
|
||||
}
|
||||
|
||||
function printVulnerabilitiesBlock(
|
||||
async function printVulnerabilitiesBlock(
|
||||
addedChanges: Changes,
|
||||
minSeverity: Severity,
|
||||
warnOnly: boolean
|
||||
): void {
|
||||
let vulFound = false
|
||||
core.group('Vulnerabilities', async () => {
|
||||
if (addedChanges.length > 0) {
|
||||
for (const change of addedChanges) {
|
||||
printChangeVulnerabilities(change)
|
||||
}
|
||||
vulFound = true
|
||||
): Promise<boolean> {
|
||||
return core.group('Vulnerabilities', async () => {
|
||||
let vulFound = false
|
||||
|
||||
for (const change of addedChanges) {
|
||||
vulFound ||= printChangeVulnerabilities(change)
|
||||
}
|
||||
|
||||
if (vulFound) {
|
||||
@@ -230,10 +234,12 @@ function printVulnerabilitiesBlock(
|
||||
`Dependency review did not detect any vulnerable packages with severity level "${minSeverity}" or higher.`
|
||||
)
|
||||
}
|
||||
|
||||
return vulFound
|
||||
})
|
||||
}
|
||||
|
||||
function printChangeVulnerabilities(change: Change): void {
|
||||
function printChangeVulnerabilities(change: Change): boolean {
|
||||
for (const vuln of change.vulnerabilities) {
|
||||
core.info(
|
||||
`${styles.bold.open}${change.manifest} » ${change.name}@${
|
||||
@@ -244,14 +250,18 @@ function printChangeVulnerabilities(change: Change): void {
|
||||
)
|
||||
core.info(` ↪ ${vuln.advisory_url}`)
|
||||
}
|
||||
return change.vulnerabilities.length > 0
|
||||
}
|
||||
|
||||
function printLicensesBlock(
|
||||
async function printLicensesBlock(
|
||||
invalidLicenseChanges: Record<string, Changes>,
|
||||
warnOnly: boolean
|
||||
): void {
|
||||
core.group('Licenses', async () => {
|
||||
): Promise<boolean> {
|
||||
return core.group('Licenses', async () => {
|
||||
let issueFound = false
|
||||
|
||||
if (invalidLicenseChanges.forbidden.length > 0) {
|
||||
issueFound = true
|
||||
core.info('\nThe following dependencies have incompatible licenses:')
|
||||
printLicensesError(invalidLicenseChanges.forbidden)
|
||||
const msg = 'Dependency review detected incompatible licenses.'
|
||||
@@ -262,6 +272,7 @@ function printLicensesBlock(
|
||||
}
|
||||
}
|
||||
if (invalidLicenseChanges.unresolved.length > 0) {
|
||||
issueFound = true
|
||||
core.warning(
|
||||
'\nThe validity of the licenses of the dependencies below could not be determined. Ensure that they are valid SPDX licenses:'
|
||||
)
|
||||
@@ -271,6 +282,8 @@ function printLicensesBlock(
|
||||
)
|
||||
}
|
||||
printNullLicenses(invalidLicenseChanges.unlicensed)
|
||||
|
||||
return issueFound
|
||||
})
|
||||
}
|
||||
|
||||
@@ -370,11 +383,13 @@ function printScannedDependencies(changes: Changes): void {
|
||||
})
|
||||
}
|
||||
|
||||
function printDeniedDependencies(
|
||||
async function printDeniedDependencies(
|
||||
changes: Changes,
|
||||
config: ConfigurationOptions
|
||||
): void {
|
||||
core.group('Denied', async () => {
|
||||
): Promise<boolean> {
|
||||
return core.group('Denied', async () => {
|
||||
let issueFound = false
|
||||
|
||||
for (const denied of config.deny_packages) {
|
||||
core.info(`Config: ${denied}`)
|
||||
}
|
||||
@@ -383,6 +398,15 @@ function printDeniedDependencies(
|
||||
core.info(`Change: ${change.name}@${change.version} is denied`)
|
||||
core.info(`Change: ${change.package_url} is denied`)
|
||||
}
|
||||
|
||||
if (changes.length > 0) {
|
||||
issueFound = true
|
||||
core.setFailed('Dependency review detected denied packages.')
|
||||
} else {
|
||||
core.info('Dependency review did not detect any denied packages')
|
||||
}
|
||||
|
||||
return issueFound
|
||||
})
|
||||
}
|
||||
|
||||
|
||||
@@ -91,6 +91,11 @@ export const PullRequestSchema = z.object({
|
||||
head: z.object({sha: z.string()})
|
||||
})
|
||||
|
||||
export const MergeGroupSchema = z.object({
|
||||
base_sha: z.string(),
|
||||
head_sha: z.string()
|
||||
})
|
||||
|
||||
export const ConfigurationOptionsSchema = z
|
||||
.object({
|
||||
fail_on_severity: SeveritySchema,
|
||||
|
||||
Reference in New Issue
Block a user