Changes #16
Merged
Changes #16
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Co-authored-by: GitHub <noreply@github.com>
Co-authored-by: GitHub <noreply@github.com>
Co-authored-by: GitHub <noreply@github.com>
Co-authored-by: GitHub <noreply@github.com>
Co-authored-by: GitHub <noreply@github.com>
Co-authored-by: GitHub <noreply@github.com>
This update modifies the HTML report to display human-readable names for the Remarks type. For example, instead of displaying "Remarks.NotAffected" as the Python enumeration representation, the report now shows a more user-friendly name, such as "Not Affected".
Reduces the number of packages found in .package-lock.json (which may speed up the test and reduce risks of data changes breaking it in future) * fixes #3931
* Related: #3771 Signed-off-by: Meet Soni <meetsoni3017@gmail.com>
Signed-off-by: Joydeep Tripathy <113792434+crazytrain328@users.noreply.github.com> Co-authored-by: Joydeep Tripathy <113792434+crazytrain328@users.noreply.github.com> Co-authored-by: Terri Oda <terri.oda@intel.com>
Co-authored-by: Joydeep Tripathy <113792434+crazytrain328@users.noreply.github.com>
Co-authored-by: Joydeep Tripathy <113792434+crazytrain328@users.noreply.github.com>
Co-authored-by: Joydeep Tripathy <113792434+crazytrain328@users.noreply.github.com>
Co-authored-by: Joydeep Tripathy <113792434+crazytrain328@users.noreply.github.com>
Co-authored-by: Joydeep Tripathy <113792434+crazytrain328@users.noreply.github.com>
Signed-off-by: Joydeep Tripathy <113792434+crazytrain328@users.noreply.github.com> Co-authored-by: Joydeep Tripathy <113792434+crazytrain328@users.noreply.github.com>
#3846) Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 4.0.0 to 4.1.3. - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](actions/dependency-review-action@4901385...9129d7d) --- updated-dependencies: - dependency-name: actions/dependency-review-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Terri Oda <terri.oda@intel.com>
Co-authored-by: Terri Oda <terri.oda@intel.com>
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.24.8 to 3.24.9. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@05963f4...1b1aada) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* feat: add fix to prevent unknown vendor overwrite for packages with same version and name
Co-authored-by: Joydeep Tripathy <113792434+crazytrain328@users.noreply.github.com> Co-authored-by: Meet Soni <meetsoni3017@gmail.com> Co-authored-by: Terri Oda <terri.oda@intel.com>
Co-authored-by: Joydeep Tripathy <113792434+crazytrain328@users.noreply.github.com> Co-authored-by: Terri Oda <terri.oda@intel.com>
Co-authored-by: Joydeep Tripathy <113792434+crazytrain328@users.noreply.github.com> Co-authored-by: Terri Oda <terri.oda@intel.com>
BREAKING CHANGE: windows users must use python 3.12 if they want tarfile support I have been unable to find a sufficiently good safe tar workaround on windows when python < 3.12, so I'm disabling support. - Windows users will get an error message asking them to install python 3.12 if they try to extract a tarfile - Since most of our tests use tar files, there is no point in running tests on windows on older versions of python. I have changed windows_longtests to use python 3.12 and have disabled testing on other versions of python for windows (linux tests remain unchanged) - Effectively this means we only support windows users using python 3.12 going forwards, although we aren't going to stop users from trying to use it. If you're not scanning tarfiles, things will probably still work, we just don't have a way to test reliably. I don't like this solution, but I haven't been able to find a better workaround. Help is very much welcome if anyone's got a better idea of how to handle this. Signed-off-by: Terri Oda <terri.oda@intel.com>
Co-authored-by: GitHub <noreply@github.com>
Co-authored-by: GitHub <noreply@github.com>
Co-authored-by: GitHub <noreply@github.com>
Co-authored-by: GitHub <noreply@github.com>
Co-authored-by: GitHub <noreply@github.com>
…3990) * feat: Prefer vendor from CPE before PURL * feat: Support CPE 2.2 strings when decoding product information * test: Improve SBOM manager test coverage * test: Improved coverage of SBOM manager * test: Enabled tests on test_bad_ext_ref_cyclonedx_file * feat: Rolled back changes to decode PURL product name * fix: Cleanup merge conflicts
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.