Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

92 SBOM page hyperlinks to npm pipy package home #99

Merged
merged 7 commits into from
Aug 17, 2023
Merged

92 SBOM page hyperlinks to npm pipy package home #99

merged 7 commits into from
Aug 17, 2023

Conversation

itayox
Copy link
Contributor

@itayox itayox commented Aug 16, 2023
edited
Loading

  • Add link to packages registry
  • Internal packages won't link to registry and will get a notice (see screenshot)
  • Also, scope our internal packages to avoid dependency-confusion-attack. shared types -> @ct/shared-types
image

@itayox itayox added the enhancement New feature or request label Aug 16, 2023
@itayox itayox self-assigned this Aug 16, 2023
@itayox itayox linked an issue Aug 16, 2023 that may be closed by this pull request
SBOM page: hyperlinks to npm & pipy package home #92
Closed
@itayox itayox marked this pull request as draft August 16, 2023 16:33
@github-actions
Copy link

github-actions bot commented Aug 16, 2023
edited
Loading

🦙 MegaLinter status: ⚠️ WARNING

Descriptor Linter Files Fixed Errors Elapsed time
⚠️ ACTION actionlint 6 3 0.1s
✅ COPYPASTE jscpd yes no 3.85s
⚠️ CSS stylelint 3 0 1 1.18s
✅ DOCKERFILE hadolint 1 0 0.11s
✅ HTML djlint 1 0 0.9s
✅ HTML htmlhint 1 0 0.23s
✅ JSON eslint-plugin-jsonc 19 0 0 1.97s
✅ JSON jsonlint 19 0 0.19s
✅ JSON npm-package-json-lint yes no 0.61s
✅ JSON prettier 19 0 0 1.88s
✅ JSON v8r 19 0 17.98s
⚠️ MARKDOWN markdownlint 10 0 31 1.44s
✅ MARKDOWN markdown-table-formatter 10 0 0 0.41s
✅ REPOSITORY checkov yes no 22.54s
✅ REPOSITORY gitleaks yes no 2.76s
✅ REPOSITORY git_diff yes no 0.15s
✅ REPOSITORY grype yes no 9.69s
⚠️ REPOSITORY kics yes 1 17.83s
✅ REPOSITORY secretlint yes no 1.88s
✅ REPOSITORY trivy yes no 4.26s
✅ REPOSITORY trivy-sbom yes no 0.92s
✅ REPOSITORY trufflehog yes no 4.0s
✅ SPELL cspell 56 0 3.53s
✅ SPELL lychee 43 0 2.76s
✅ YAML prettier 11 0 0 0.73s
✅ YAML v8r 11 0 15.43s
✅ YAML yamllint 11 0 0.43s

See detailed report in MegaLinter reports

MegaLinter is graciously provided by OX Security

@itayox itayox requested review from nvuillam and removed request for nvuillam August 17, 2023 14:06
@itayox itayox requested a review from nvuillam August 17, 2023 14:52
@itayox itayox marked this pull request as ready for review August 17, 2023 14:54
nvuillam
nvuillam approved these changes Aug 17, 2023
View reviewed changes
Copy link
Member

@nvuillam nvuillam left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fantastic :)

@nvuillam nvuillam merged commit c40adb1 into main Aug 17, 2023
3 checks passed
@nvuillam nvuillam deleted the 92-sbom-page-hyperlinks-to-npm-pipy-package-home branch August 17, 2023 19:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nvuillam nvuillam nvuillam approved these changes

Assignees

@itayox itayox

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

SBOM page: hyperlinks to npm & pipy package home
2 participants
@itayox @nvuillam