Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Show ecosystem and version even if git is shown if the info exists. #736

Merged
merged 1 commit into from
Jan 9, 2024
Merged

Show ecosystem and version even if git is shown if the info exists. #736

merged 1 commit into from
Jan 9, 2024

Conversation

another-rex
Copy link
Collaborator

Fixes #735

Also update composer.lock in our integration tests fixture to contain a vulnerability to catch this issue in the future.

@another-rex
Show ecosystem and version even if git is shown if the info exists.
ceb986e 
Also update composer.lock fixture to actually contain a vuln
@another-rex another-rex mentioned this pull request Jan 5, 2024
Closed
@codecov-commenter
Copy link

codecov-commenter commented Jan 5, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Comparison is base (ff7f2d6) 78.94% compared to head (ceb986e) 78.96%.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main     #736      +/-   ##
==========================================
+ Coverage   78.94%   78.96%   +0.01%     
==========================================
  Files          85       85              
  Lines        6037     6037              
==========================================
+ Hits         4766     4767       +1     
+ Misses       1067     1066       -1     
  Partials      204      204

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

G-Rath
G-Rath approved these changes Jan 8, 2024
View reviewed changes
Copy link
Collaborator

@G-Rath G-Rath left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I personally don't mind this change, but fwiw I'm pretty sure it means we're favoring versions over commits - while that'll generally look nicer it is arguably less accurate i.e. I can give an NPM package whatever name and version I like but I can't "forge" a commit.

@another-rex another-rex merged commit f1412ee into google:main Jan 9, 2024
11 checks passed
@BrewTestBot BrewTestBot mentioned this pull request Jan 18, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@G-Rath G-Rath G-Rath approved these changes

@oliverchang oliverchang oliverchang approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Issue with Blank Package Versions in JSON Output when Scanning composer.lock File
4 participants
@another-rex @codecov-commenter @oliverchang @G-Rath