Compare commits

...

9 Commits

Author SHA1 Message Date
Federico Builes f6fff72a32 Merge pull request #540 from sgmurphy/comment-on-failure
Add `on-failure` option to `comment-summary-in-pr` setting
2023-08-15 10:08:44 +02:00
Federico Builes 61ee12c097 Merge pull request #548 from actions/dependabot/npm_and_yarn/typescript-eslint/eslint-plugin-6.3.0
Bump @typescript-eslint/eslint-plugin from 6.2.0 to 6.3.0
2023-08-14 06:39:45 +02:00
Federico Builes 7d5babfc38 Merge pull request #547 from actions/dependabot/npm_and_yarn/eslint-8.47.0
Bump eslint from 8.46.0 to 8.47.0
2023-08-14 06:39:28 +02:00
dependabot[bot] ddb1b9361c Bump @typescript-eslint/eslint-plugin from 6.2.0 to 6.3.0
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 6.2.0 to 6.3.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v6.3.0/packages/eslint-plugin)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-08-14 01:26:56 +00:00
dependabot[bot] 7c3177d3c2 Bump eslint from 8.46.0 to 8.47.0
Bumps [eslint](https://github.com/eslint/eslint) from 8.46.0 to 8.47.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.46.0...v8.47.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-08-14 01:26:22 +00:00
Sean Murphy 31afeba06d Add unit tests 2023-08-09 21:10:48 -04:00
Sean Murphy 7ef37f3853 Merge branch 'main' into comment-on-failure 2023-08-09 17:31:16 -04:00
Sean Murphy 2e59943778 Parse boolean to enum 2023-08-09 15:57:03 -04:00
Sean Murphy 902e86c6f5 Add on-failure option to comment-summary-in-pr setting 2023-08-04 22:37:51 -04:00
12 changed files with 158 additions and 82 deletions
+12 -12
View File
@@ -66,18 +66,18 @@ jobs:
Configure this action by either inlining these options in your workflow file, or by using an external configuration file. All configuration options are optional.
| Option | Usage | Possible values | Default value |
|---------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------|---------------|
| `fail-on-severity` | Defines the threshold for the level of severity. The action will fail on any pull requests that introduce vulnerabilities of the specified severity level or higher. | `low`, `moderate`, `high`, `critical` | `low` |
| `allow-licenses`\* | Contains a list of allowed licenses. The action will fail on pull requests that introduce dependencies with licenses that do not match the list. | Any [SPDX-compliant identifier(s)](https://spdx.org/licenses/) | none |
| `deny-licenses`\* | Contains a list of prohibited licenses. The action will fail on pull requests that introduce dependencies with licenses that match the list. | Any [SPDX-compliant identifier(s)](https://spdx.org/licenses/) | none |
| `fail-on-scopes`† | Contains a list of strings of the build environments you want to support. The action will fail on pull requests that introduce vulnerabilities in the scopes that match the list. | `runtime`, `development`, `unknown` | `runtime` |
| `allow-ghsas` | Contains a list of GitHub Advisory Database IDs that can be skipped during detection. | Any GHSAs from the [GitHub Advisory Database](https://github.com/advisories) | none |
| `license-check` | Enable or disable the license check performed by the action. | `true`, `false` | `true` |
| `vulnerability-check` | Enable or disable the vulnerability check performed by the action. | `true`, `false` | `true` |
| `allow-dependencies-licenses`\* | Contains a list of packages that will be excluded from license checks. | Any package(s) in [purl](https://github.com/package-url/purl-spec) format | none |
| `base-ref`/`head-ref` | Provide custom git references for the git base/head when performing the comparison check. This is only used for event types other than `pull_request` and `pull_request_target`. | Any valid git ref(s) in your project | none |
| `comment-summary-in-pr` | Enable or disable reporting the review summary as a comment in the pull request. If enabled, you must give the workflow or job permission `pull-requests: write`. | `true`, `false` | `false` |
| Option | Usage | Possible values | Default value |
| ------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------- | ------------- |
| `fail-on-severity` | Defines the threshold for the level of severity. The action will fail on any pull requests that introduce vulnerabilities of the specified severity level or higher. | `low`, `moderate`, `high`, `critical` | `low` |
| `allow-licenses`\* | Contains a list of allowed licenses. The action will fail on pull requests that introduce dependencies with licenses that do not match the list. | Any [SPDX-compliant identifier(s)](https://spdx.org/licenses/) | none |
| `deny-licenses`\* | Contains a list of prohibited licenses. The action will fail on pull requests that introduce dependencies with licenses that match the list. | Any [SPDX-compliant identifier(s)](https://spdx.org/licenses/) | none |
| `fail-on-scopes`† | Contains a list of strings of the build environments you want to support. The action will fail on pull requests that introduce vulnerabilities in the scopes that match the list. | `runtime`, `development`, `unknown` | `runtime` |
| `allow-ghsas` | Contains a list of GitHub Advisory Database IDs that can be skipped during detection. | Any GHSAs from the [GitHub Advisory Database](https://github.com/advisories) | none |
| `license-check` | Enable or disable the license check performed by the action. | `true`, `false` | `true` |
| `vulnerability-check` | Enable or disable the vulnerability check performed by the action. | `true`, `false` | `true` |
| `allow-dependencies-licenses`\* | Contains a list of packages that will be excluded from license checks. | Any package(s) in [purl](https://github.com/package-url/purl-spec) format | none |
| `base-ref`/`head-ref` | Provide custom git references for the git base/head when performing the comparison check. This is only used for event types other than `pull_request` and `pull_request_target`. | Any valid git ref(s) in your project | none |
| `comment-summary-in-pr` | Enable or disable reporting the review summary as a comment in the pull request. If enabled, you must give the workflow or job permission `pull-requests: write`. | `always`, `on-failure`, `never` | `never` |
| `deny-packages` | Any number of packages to block in a PR. | Package(s) in [purl](https://github.com/package-url/purl-spec) format | empty |
| `deny-groups` | Any number of groups (namespaces) to block in a PR. | Namespace(s) in [purl](https://github.com/package-url/purl-spec) format (no package name, no version number) | empty |
+26
View File
@@ -171,3 +171,29 @@ describe('licenses that are not valid SPDX licenses', () => {
)
})
})
test('it parses the comment-summary-in-pr input', async () => {
setInput('comment-summary-in-pr', 'true')
let config = await readConfig()
expect(config.comment_summary_in_pr).toBe('always')
clearInputs()
setInput('comment-summary-in-pr', 'false')
config = await readConfig()
expect(config.comment_summary_in_pr).toBe('never')
clearInputs()
setInput('comment-summary-in-pr', 'always')
config = await readConfig()
expect(config.comment_summary_in_pr).toBe('always')
clearInputs()
setInput('comment-summary-in-pr', 'never')
config = await readConfig()
expect(config.comment_summary_in_pr).toBe('never')
clearInputs()
setInput('comment-summary-in-pr', 'on-failure')
config = await readConfig()
expect(config.comment_summary_in_pr).toBe('on-failure')
})
+1 -1
View File
@@ -45,7 +45,7 @@ inputs:
description: A boolean to determine if vulnerability checks should be performed
required: false
comment-summary-in-pr:
description: A boolean to determine if the report should be posted as a comment in the PR itself. Setting this to true requires you to give the workflow the write permissions for pull-requests
description: Determines if the summary is posted as a comment in the PR itself. Setting this to `always` or `on-failure` requires you to give the workflow the write permissions for pull-requests
required: false
deny-packages:
description: A comma-separated list of package URLs to deny (e.g. "pkg:npm/express, pkg:pip/pycrypto")
Generated Vendored
+34 -4
View File
@@ -613,7 +613,9 @@ function run() {
}
summary.addScannedDependencies(changes);
printScannedDependencies(changes);
if (config.comment_summary_in_pr) {
if (config.comment_summary_in_pr === 'always' ||
(config.comment_summary_in_pr === 'on-failure' &&
process.exitCode === core.ExitCode.Failure)) {
yield (0, comment_pr_1.commentPr)(core.summary);
}
}
@@ -816,7 +818,21 @@ exports.ConfigurationOptionsSchema = z
config_file: z.string().optional(),
base_ref: z.string().optional(),
head_ref: z.string().optional(),
comment_summary_in_pr: z.boolean().default(false)
comment_summary_in_pr: z
.union([
z.preprocess(val => (val === 'true' ? true : val === 'false' ? false : val), z.boolean()),
z.enum(['always', 'never', 'on-failure'])
])
.default('never')
})
.transform(config => {
if (config.comment_summary_in_pr === true) {
config.comment_summary_in_pr = 'always';
}
else if (config.comment_summary_in_pr === false) {
config.comment_summary_in_pr = 'never';
}
return config;
})
.superRefine((config, context) => {
if (config.allow_licenses && config.deny_licenses) {
@@ -47951,7 +47967,7 @@ function readInlineConfig() {
const vulnerability_check = getOptionalBoolean('vulnerability-check');
const base_ref = getOptionalInput('base-ref');
const head_ref = getOptionalInput('head-ref');
const comment_summary_in_pr = getOptionalBoolean('comment-summary-in-pr');
const comment_summary_in_pr = getOptionalInput('comment-summary-in-pr');
validatePURL(allow_dependencies_licenses);
validateLicenses('allow-licenses', allow_licenses);
validateLicenses('deny-licenses', deny_licenses);
@@ -48255,7 +48271,21 @@ exports.ConfigurationOptionsSchema = z
config_file: z.string().optional(),
base_ref: z.string().optional(),
head_ref: z.string().optional(),
comment_summary_in_pr: z.boolean().default(false)
comment_summary_in_pr: z
.union([
z.preprocess(val => (val === 'true' ? true : val === 'false' ? false : val), z.boolean()),
z.enum(['always', 'never', 'on-failure'])
])
.default('never')
})
.transform(config => {
if (config.comment_summary_in_pr === true) {
config.comment_summary_in_pr = 'always';
}
else if (config.comment_summary_in_pr === false) {
config.comment_summary_in_pr = 'never';
}
return config;
})
.superRefine((config, context) => {
if (config.allow_licenses && config.deny_licenses) {
Generated Vendored
+1 -1
View File
File diff suppressed because one or more lines are too long
+3 -3
View File
@@ -161,7 +161,7 @@ jobs:
with:
fail-on-severity: critical
deny-licenses: LGPL-2.0, BSD-2-Clause
comment-summary-in-pr: true
comment-summary-in-pr: always
```
## Exclude dependencies from the license check
@@ -189,7 +189,7 @@ jobs:
with:
fail-on-severity: critical
deny-licenses: LGPL-2.0, BSD-2-Clause
comment-summary-in-pr: true
comment-summary-in-pr: always
allow-dependencies-licenses: 'pkg:npm/loadash, pkg:pip/requests'
```
@@ -227,7 +227,7 @@ jobs:
uses: actions/dependency-review-action@v3
with:
fail-on-severity: critical
comment-summary-in-pr: true
comment-summary-in-pr: always
license-check: false
```
+55 -55
View File
@@ -27,11 +27,11 @@
"@types/node": "^16.18.38",
"@types/spdx-expression-parse": "^3.0.2",
"@types/spdx-satisfies": "^0.1.0",
"@typescript-eslint/eslint-plugin": "^6.2.0",
"@typescript-eslint/eslint-plugin": "^6.3.0",
"@typescript-eslint/parser": "^6.2.1",
"@vercel/ncc": "^0.36.1",
"esbuild-register": "^3.4.2",
"eslint": "^8.44.0",
"eslint": "^8.47.0",
"eslint-plugin-github": "^4.8.0",
"eslint-plugin-jest": "^27.2.2",
"eslint-plugin-prettier": "^5.0.0",
@@ -1122,9 +1122,9 @@
}
},
"node_modules/@eslint/eslintrc": {
"version": "2.1.1",
"resolved": "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-2.1.1.tgz",
"integrity": "sha512-9t7ZA7NGGK8ckelF0PQCfcxIUzs1Md5rrO6U/c+FIQNanea5UZC0wqKXH4vHBccmu4ZJgZ2idtPeW7+Q2npOEA==",
"version": "2.1.2",
"resolved": "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-2.1.2.tgz",
"integrity": "sha512-+wvgpDsrB1YqAMdEUCcnTlpfVBH7Vqn6A/NT3D8WVXFIaKMlErPIZT3oCIAVCOtarRpMtelZLqJeU3t7WY6X6g==",
"dev": true,
"dependencies": {
"ajv": "^6.12.4",
@@ -1145,9 +1145,9 @@
}
},
"node_modules/@eslint/js": {
"version": "8.46.0",
"resolved": "https://registry.npmjs.org/@eslint/js/-/js-8.46.0.tgz",
"integrity": "sha512-a8TLtmPi8xzPkCbp/OGFUo5yhRkHM2Ko9kOWP4znJr0WAhWyThaw3PnwX4vOTWOAMsV2uRt32PPDcEz63esSaA==",
"version": "8.47.0",
"resolved": "https://registry.npmjs.org/@eslint/js/-/js-8.47.0.tgz",
"integrity": "sha512-P6omY1zv5MItm93kLM8s2vr1HICJH8v0dvddDhysbIuZ+vcjOHg5Zbkf1mTkcmi2JA9oBG2anOkRnW8WJTS8Og==",
"dev": true,
"engines": {
"node": "^12.22.0 || ^14.17.0 || >=16.0.0"
@@ -2342,16 +2342,16 @@
"dev": true
},
"node_modules/@typescript-eslint/eslint-plugin": {
"version": "6.2.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-6.2.0.tgz",
"integrity": "sha512-rClGrMuyS/3j0ETa1Ui7s6GkLhfZGKZL3ZrChLeAiACBE/tRc1wq8SNZESUuluxhLj9FkUefRs2l6bCIArWBiQ==",
"version": "6.3.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-6.3.0.tgz",
"integrity": "sha512-IZYjYZ0ifGSLZbwMqIip/nOamFiWJ9AH+T/GYNZBWkVcyNQOFGtSMoWV7RvY4poYCMZ/4lHzNl796WOSNxmk8A==",
"dev": true,
"dependencies": {
"@eslint-community/regexpp": "^4.5.1",
"@typescript-eslint/scope-manager": "6.2.0",
"@typescript-eslint/type-utils": "6.2.0",
"@typescript-eslint/utils": "6.2.0",
"@typescript-eslint/visitor-keys": "6.2.0",
"@typescript-eslint/scope-manager": "6.3.0",
"@typescript-eslint/type-utils": "6.3.0",
"@typescript-eslint/utils": "6.3.0",
"@typescript-eslint/visitor-keys": "6.3.0",
"debug": "^4.3.4",
"graphemer": "^1.4.0",
"ignore": "^5.2.4",
@@ -2480,13 +2480,13 @@
}
},
"node_modules/@typescript-eslint/scope-manager": {
"version": "6.2.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-6.2.0.tgz",
"integrity": "sha512-1ZMNVgm5nnHURU8ZSJ3snsHzpFeNK84rdZjluEVBGNu7jDymfqceB3kdIZ6A4xCfEFFhRIB6rF8q/JIqJd2R0Q==",
"version": "6.3.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-6.3.0.tgz",
"integrity": "sha512-WlNFgBEuGu74ahrXzgefiz/QlVb+qg8KDTpknKwR7hMH+lQygWyx0CQFoUmMn1zDkQjTBBIn75IxtWss77iBIQ==",
"dev": true,
"dependencies": {
"@typescript-eslint/types": "6.2.0",
"@typescript-eslint/visitor-keys": "6.2.0"
"@typescript-eslint/types": "6.3.0",
"@typescript-eslint/visitor-keys": "6.3.0"
},
"engines": {
"node": "^16.0.0 || >=18.0.0"
@@ -2497,13 +2497,13 @@
}
},
"node_modules/@typescript-eslint/type-utils": {
"version": "6.2.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-6.2.0.tgz",
"integrity": "sha512-DnGZuNU2JN3AYwddYIqrVkYW0uUQdv0AY+kz2M25euVNlujcN2u+rJgfJsBFlUEzBB6OQkUqSZPyuTLf2bP5mw==",
"version": "6.3.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-6.3.0.tgz",
"integrity": "sha512-7Oj+1ox1T2Yc8PKpBvOKWhoI/4rWFd1j7FA/rPE0lbBPXTKjdbtC+7Ev0SeBjEKkIhKWVeZSP+mR7y1Db1CdfQ==",
"dev": true,
"dependencies": {
"@typescript-eslint/typescript-estree": "6.2.0",
"@typescript-eslint/utils": "6.2.0",
"@typescript-eslint/typescript-estree": "6.3.0",
"@typescript-eslint/utils": "6.3.0",
"debug": "^4.3.4",
"ts-api-utils": "^1.0.1"
},
@@ -2524,9 +2524,9 @@
}
},
"node_modules/@typescript-eslint/types": {
"version": "6.2.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-6.2.0.tgz",
"integrity": "sha512-1nRRaDlp/XYJQLvkQJG5F3uBTno5SHPT7XVcJ5n1/k2WfNI28nJsvLakxwZRNY5spuatEKO7d5nZWsQpkqXwBA==",
"version": "6.3.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-6.3.0.tgz",
"integrity": "sha512-K6TZOvfVyc7MO9j60MkRNWyFSf86IbOatTKGrpTQnzarDZPYPVy0oe3myTMq7VjhfsUAbNUW8I5s+2lZvtx1gg==",
"dev": true,
"engines": {
"node": "^16.0.0 || >=18.0.0"
@@ -2537,13 +2537,13 @@
}
},
"node_modules/@typescript-eslint/typescript-estree": {
"version": "6.2.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-6.2.0.tgz",
"integrity": "sha512-Mts6+3HQMSM+LZCglsc2yMIny37IhUgp1Qe8yJUYVyO6rHP7/vN0vajKu3JvHCBIy8TSiKddJ/Zwu80jhnGj1w==",
"version": "6.3.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-6.3.0.tgz",
"integrity": "sha512-Xh4NVDaC4eYKY4O3QGPuQNp5NxBAlEvNQYOqJquR2MePNxO11E5K3t5x4M4Mx53IZvtpW+mBxIT0s274fLUocg==",
"dev": true,
"dependencies": {
"@typescript-eslint/types": "6.2.0",
"@typescript-eslint/visitor-keys": "6.2.0",
"@typescript-eslint/types": "6.3.0",
"@typescript-eslint/visitor-keys": "6.3.0",
"debug": "^4.3.4",
"globby": "^11.1.0",
"is-glob": "^4.0.3",
@@ -2564,17 +2564,17 @@
}
},
"node_modules/@typescript-eslint/utils": {
"version": "6.2.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-6.2.0.tgz",
"integrity": "sha512-RCFrC1lXiX1qEZN8LmLrxYRhOkElEsPKTVSNout8DMzf8PeWoQG7Rxz2SadpJa3VSh5oYKGwt7j7X/VRg+Y3OQ==",
"version": "6.3.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-6.3.0.tgz",
"integrity": "sha512-hLLg3BZE07XHnpzglNBG8P/IXq/ZVXraEbgY7FM0Cnc1ehM8RMdn9mat3LubJ3KBeYXXPxV1nugWbQPjGeJk6Q==",
"dev": true,
"dependencies": {
"@eslint-community/eslint-utils": "^4.4.0",
"@types/json-schema": "^7.0.12",
"@types/semver": "^7.5.0",
"@typescript-eslint/scope-manager": "6.2.0",
"@typescript-eslint/types": "6.2.0",
"@typescript-eslint/typescript-estree": "6.2.0",
"@typescript-eslint/scope-manager": "6.3.0",
"@typescript-eslint/types": "6.3.0",
"@typescript-eslint/typescript-estree": "6.3.0",
"semver": "^7.5.4"
},
"engines": {
@@ -2589,12 +2589,12 @@
}
},
"node_modules/@typescript-eslint/visitor-keys": {
"version": "6.2.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-6.2.0.tgz",
"integrity": "sha512-QbaYUQVKKo9bgCzpjz45llCfwakyoxHetIy8CAvYCtd16Zu1KrpzNHofwF8kGkpPOxZB2o6kz+0nqH8ZkIzuoQ==",
"version": "6.3.0",
"resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-6.3.0.tgz",
"integrity": "sha512-kEhRRj7HnvaSjux1J9+7dBen15CdWmDnwrpyiHsFX6Qx2iW5LOBUgNefOFeh2PjWPlNwN8TOn6+4eBU3J/gupw==",
"dev": true,
"dependencies": {
"@typescript-eslint/types": "6.2.0",
"@typescript-eslint/types": "6.3.0",
"eslint-visitor-keys": "^3.4.1"
},
"engines": {
@@ -4097,15 +4097,15 @@
}
},
"node_modules/eslint": {
"version": "8.46.0",
"resolved": "https://registry.npmjs.org/eslint/-/eslint-8.46.0.tgz",
"integrity": "sha512-cIO74PvbW0qU8e0mIvk5IV3ToWdCq5FYG6gWPHHkx6gNdjlbAYvtfHmlCMXxjcoVaIdwy/IAt3+mDkZkfvb2Dg==",
"version": "8.47.0",
"resolved": "https://registry.npmjs.org/eslint/-/eslint-8.47.0.tgz",
"integrity": "sha512-spUQWrdPt+pRVP1TTJLmfRNJJHHZryFmptzcafwSvHsceV81djHOdnEeDmkdotZyLNjDhrOasNK8nikkoG1O8Q==",
"dev": true,
"dependencies": {
"@eslint-community/eslint-utils": "^4.2.0",
"@eslint-community/regexpp": "^4.6.1",
"@eslint/eslintrc": "^2.1.1",
"@eslint/js": "^8.46.0",
"@eslint/eslintrc": "^2.1.2",
"@eslint/js": "^8.47.0",
"@humanwhocodes/config-array": "^0.11.10",
"@humanwhocodes/module-importer": "^1.0.1",
"@nodelib/fs.walk": "^1.2.8",
@@ -4116,7 +4116,7 @@
"doctrine": "^3.0.0",
"escape-string-regexp": "^4.0.0",
"eslint-scope": "^7.2.2",
"eslint-visitor-keys": "^3.4.2",
"eslint-visitor-keys": "^3.4.3",
"espree": "^9.6.1",
"esquery": "^1.4.2",
"esutils": "^2.0.2",
@@ -4615,9 +4615,9 @@
}
},
"node_modules/eslint-visitor-keys": {
"version": "3.4.2",
"resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-3.4.2.tgz",
"integrity": "sha512-8drBzUEyZ2llkpCA67iYrgEssKDUu68V8ChqqOfFupIaG/LCVPUT+CoGJpT77zJprs4T/W7p07LP7zAIMuweVw==",
"version": "3.4.3",
"resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-3.4.3.tgz",
"integrity": "sha512-wpc+LXeiyiisxPlEkUzU6svyS1frIO3Mgxj1fdy7Pm8Ygzguax2N3Fa/D/ag1WqbOprdI+uY6wMUl8/a2G+iag==",
"dev": true,
"engines": {
"node": "^12.22.0 || ^14.17.0 || >=16.0.0"
@@ -5079,9 +5079,9 @@
}
},
"node_modules/globals": {
"version": "13.20.0",
"resolved": "https://registry.npmjs.org/globals/-/globals-13.20.0.tgz",
"integrity": "sha512-Qg5QtVkCy/kv3FUSlu4ukeZDVf9ee0iXLAUYX13gbR17bnejFTzr4iS9bY7kwCf1NztRNm1t91fjOiyx4CSwPQ==",
"version": "13.21.0",
"resolved": "https://registry.npmjs.org/globals/-/globals-13.21.0.tgz",
"integrity": "sha512-ybyme3s4yy/t/3s35bewwXKOf7cvzfreG2lH0lZl0JB7I4GxRP2ghxOK/Nb9EkRXdbBXZLfq/p/0W2JUONB/Gg==",
"dev": true,
"dependencies": {
"type-fest": "^0.20.2"
+2 -2
View File
@@ -43,11 +43,11 @@
"@types/node": "^16.18.38",
"@types/spdx-expression-parse": "^3.0.2",
"@types/spdx-satisfies": "^0.1.0",
"@typescript-eslint/eslint-plugin": "^6.2.0",
"@typescript-eslint/eslint-plugin": "^6.3.0",
"@typescript-eslint/parser": "^6.2.1",
"@vercel/ncc": "^0.36.1",
"esbuild-register": "^3.4.2",
"eslint": "^8.44.0",
"eslint": "^8.47.0",
"eslint-plugin-github": "^4.8.0",
"eslint-plugin-jest": "^27.2.2",
"eslint-plugin-prettier": "^5.0.0",
+1 -1
View File
@@ -30,7 +30,7 @@ const defaultConfig: ConfigurationOptions = {
'pkg:pip/certifi',
'pkg:pip/pycrypto@2.6.1'
],
comment_summary_in_pr: true
comment_summary_in_pr: 'never'
}
const tmpDir = path.resolve(__dirname, '../tmp')
+1 -1
View File
@@ -40,7 +40,7 @@ function readInlineConfig(): ConfigurationOptionsPartial {
const vulnerability_check = getOptionalBoolean('vulnerability-check')
const base_ref = getOptionalInput('base-ref')
const head_ref = getOptionalInput('head-ref')
const comment_summary_in_pr = getOptionalBoolean('comment-summary-in-pr')
const comment_summary_in_pr = getOptionalInput('comment-summary-in-pr')
validatePURL(allow_dependencies_licenses)
validateLicenses('allow-licenses', allow_licenses)
+5 -1
View File
@@ -99,7 +99,11 @@ async function run(): Promise<void> {
summary.addScannedDependencies(changes)
printScannedDependencies(changes)
if (config.comment_summary_in_pr) {
if (
config.comment_summary_in_pr === 'always' ||
(config.comment_summary_in_pr === 'on-failure' &&
process.exitCode === core.ExitCode.Failure)
) {
await commentPr(core.summary)
}
} catch (error) {
+17 -1
View File
@@ -49,7 +49,23 @@ export const ConfigurationOptionsSchema = z
config_file: z.string().optional(),
base_ref: z.string().optional(),
head_ref: z.string().optional(),
comment_summary_in_pr: z.boolean().default(false)
comment_summary_in_pr: z
.union([
z.preprocess(
val => (val === 'true' ? true : val === 'false' ? false : val),
z.boolean()
),
z.enum(['always', 'never', 'on-failure'])
])
.default('never')
})
.transform(config => {
if (config.comment_summary_in_pr === true) {
config.comment_summary_in_pr = 'always'
} else if (config.comment_summary_in_pr === false) {
config.comment_summary_in_pr = 'never'
}
return config
})
.superRefine((config, context) => {
if (config.allow_licenses && config.deny_licenses) {