Compare commits

...

5 Commits

Author SHA1 Message Date
Federico Builes 7bbfa034e7 bumping to 3.1.3 2023-11-13 17:57:44 +01:00
Federico Builes 26f1ad9120 Merge pull request #617 from theztefan/purl-encoding-error
Fixes purl "version must be percent-encoded"
2023-11-13 17:55:23 +01:00
Stefan Petrushevski 152d8e2def Prettier 2023-11-13 17:45:48 +01:00
Stefan Petrushevski b99756ecd3 encode string for pUrl 2023-11-13 17:19:24 +01:00
Federico Builes fde92acd08 Merge pull request #611 from actions/fix-https-proxy
Fix proxy failures in 3.1.1
2023-11-08 09:14:57 +01:00
5 changed files with 10 additions and 8 deletions
Generated Vendored
+2 -2
View File
@@ -351,7 +351,7 @@ function getInvalidLicenseChanges(changes, licenses) {
return __awaiter(this, void 0, void 0, function* () {
const { allow, deny } = licenses;
const licenseExclusions = (_a = licenses.licenseExclusions) === null || _a === void 0 ? void 0 : _a.map((pkgUrl) => {
return packageurl_js_1.PackageURL.fromString(pkgUrl);
return packageurl_js_1.PackageURL.fromString(encodeURI(pkgUrl));
});
const groupedChanges = yield groupChanges(changes);
// Takes the changes from the groupedChanges object and filters out the ones that are part of the exclusions list
@@ -360,7 +360,7 @@ function getInvalidLicenseChanges(changes, licenses) {
if (change.package_url.length === 0) {
return true;
}
const changeAsPackageURL = packageurl_js_1.PackageURL.fromString(change.package_url);
const changeAsPackageURL = packageurl_js_1.PackageURL.fromString(encodeURI(change.package_url));
// We want to find if the licenseExclussion list contains the PackageURL of the Change
// If it does, we want to filter it out and therefore return false
// If it doesn't, we want to keep it and therefore return true
Generated Vendored
+1 -1
View File
File diff suppressed because one or more lines are too long
+2 -2
View File
@@ -1,12 +1,12 @@
{
"name": "dependency-review-action",
"version": "3.1.2",
"version": "3.1.3",
"lockfileVersion": 3,
"requires": true,
"packages": {
"": {
"name": "dependency-review-action",
"version": "3.1.2",
"version": "3.1.3",
"license": "MIT",
"dependencies": {
"@actions/core": "^1.10.1",
+1 -1
View File
@@ -1,6 +1,6 @@
{
"name": "dependency-review-action",
"version": "3.1.2",
"version": "3.1.3",
"private": true,
"description": "A GitHub Action for Dependency Review",
"main": "lib/main.js",
+4 -2
View File
@@ -32,7 +32,7 @@ export async function getInvalidLicenseChanges(
const {allow, deny} = licenses
const licenseExclusions = licenses.licenseExclusions?.map(
(pkgUrl: string) => {
return PackageURL.fromString(pkgUrl)
return PackageURL.fromString(encodeURI(pkgUrl))
}
)
@@ -45,7 +45,9 @@ export async function getInvalidLicenseChanges(
return true
}
const changeAsPackageURL = PackageURL.fromString(change.package_url)
const changeAsPackageURL = PackageURL.fromString(
encodeURI(change.package_url)
)
// We want to find if the licenseExclussion list contains the PackageURL of the Change
// If it does, we want to filter it out and therefore return false