8000 Added direct/indirect/unknown enum for IsDependency and update deps.dev collector/parser by pxp928 · Pull Request #778 · guacsec/guac · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

Added direct/indirect/unknown enum for IsDependency and update deps.dev collector/parser #778

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 7 commits into from
Apr 25, 2023
Merged

Added direct/indirect/unknown enum for IsDependency and update deps.dev collector/parser #778

merged 7 commits into from
Apr 25, 2023

Conversation

pxp928
Copy link
Collaborator
@pxp928 pxp928 commented Apr 25, 2023
edited
Loading

Address Issue #769

Closes #748

  • Added direct/indirect/unknown enum for IsDependency
  • [Deps.dev Parser] Updated parser for IsDependency to include direct/indirect/unknown info
  • [Deps.dev collector] Updated parsing for deps.dev to include structure of the tree
  • [Deps.dev collector] enabled Collectsub identifier strings
  • Removes scorecard compare from unit tests to ensure the CI doesnt break each time it changes in deps.dev (fixes Update deps.dev unit tests to be more resilient  #740)

@pxp928 pxp928 requested a review from mihaimaruseac as a code owner April 25, 2023 12:00
@pxp928 pxp928 mentioned this pull request Apr 25, 2023
Closed
@pxp928 pxp928 changed the title Direct indirect is depdendency Added direct/indirect/unknown enum for IsDependency and update deps.dev collector/parser Apr 25, 2023
pxp928
pxp928 commented Apr 25, 2023
View reviewed changes
@pxp928 pxp928 force-pushed the direct-indirect-isDepdendency branch from a622f84 to 2bd790a Compare April 25, 2023 13:17
@pxp928 pxp928 requested a review from lumjjb April 25, 2023 13:55
@pxp928
Copy link
Collaborator Author
pxp928 commented Apr 25, 2023
edited
Loading

Ready for review. Removes scorecard compare from unit tests to ensure the CI doesnt break each time it changes in deps.dev (fixes Update deps.dev unit tests to be more resilient #740)

pxp928 added 6 commits April 25, 2023 15:40
@pxp928
add dependencyType to IsDependency and update resolvers
bcf21a3 
Signed-off-by: pxp928 <parth.psu@gmail.com>
@pxp928
update parsers to add dependencyType
2201ada 
Signed-off-by: pxp928 <parth.psu@gmail.com>
@pxp928
update deps.dev to follow direct and indirect dependencies
598bd3d 
Signed-off-by: pxp928 <parth.psu@gmail.com>
@pxp928
remove cyclical error
89b3386 
Signed-off-by: pxp928 <parth.psu@gmail.com>
@pxp928
change to unknwon for dependencyType, remove old document from TODO
c4d2dd7 
Signed-off-by: pxp928 <parth.psu@gmail.com>
@pxp928
if edge.requirement is , replace with the version of the ToNode package
d35ed12 
Signed-off-by: pxp928 <parth.psu@gmail.com>
@pxp928 pxp928 force-pushed the direct-indirect-isDepdendency branch from 9e6a9de to f24af60 Compare April 25, 2023 19:40
@pxp928
remove scorecard check from unit tests
71ef533 
Signed-off-by: pxp928 <parth.psu@gmail.com>
@pxp928 pxp928 force-pushed the direct-indirect-isDepdendency branch from f24af60 to 71ef533 Compare April 25, 2023 19:50
@kodiakhq kodiakhq bot merged commit 37ff3a2 into guacsec:main Apr 25, 2023
@pxp928 pxp928 deleted the direct-indirect-isDepdendency branch April 26, 2023 11:52
mlieberman85 pushed a commit to mlieberman85/artifact-ff that referenced this pull request Jul 5, 2023
@pxp928 @mlieberman85
Added direct/indirect/unknown enum for IsDependency and update deps.d…
b0b83d0 
…ev collector/parser (guacsec#778)

* add dependencyType to IsDependency and update resolvers

Signed-off-by: pxp928 <parth.psu@gmail.com>

* update parsers to add dependencyType

Signed-off-by: pxp928 <parth.psu@gmail.com>

* update deps.dev to follow direct and indirect dependencies

Signed-off-by: pxp928 <parth.psu@gmail.com>

* remove cyclical error

Signed-off-by: pxp928 <parth.psu@gmail.com>

* change to unknwon for dependencyType, remove old document from TODO

Signed-off-by: pxp928 <parth.psu@gmail.com>

* if edge.requirement is , replace with the version of the ToNode package

Signed-off-by: pxp928 <parth.psu@gmail.com>

* remove scorecard check from unit tests

Signed-off-by: pxp928 <parth.psu@gmail.com>

---------

Signed-off-by: pxp928 <parth.psu@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mihaimaruseac mihaimaruseac mihaimaruseac approved these changes

@trmiller trmiller trmiller approved these changes

@lumjjb lumjjb Awaiting requested review from lumjjb

Assignees
No one assigned
Labels
size/XXL
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[Ontology] Have isDependency include information on direct or indirect or unknown Update deps.dev unit tests to be more resilient
3 participants
@pxp928 @mihaimaruseac @trmiller
0