Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

🌱 Cleanup codeApproved outcomes and semantics #3902

Merged
merged 15 commits into from
Mar 5, 2024
Merged

🌱 Cleanup codeApproved outcomes and semantics #3902

merged 15 commits into from
Mar 5, 2024

Conversation

spencerschrock
Copy link
Member

What kind of change does this PR introduce?

probe tidy

What is the current behavior?

The probes dont follow the standard behavior of the other probes.

What is the new behavior (if this is a feature change)?**

  • export the probe name
  • no changesets isn't an error, instead OutcomeNotApplicable
  • deduplicate some of the the finding creation
  • include the reviewed / total fields as Values, this will be used by the evaluation code
  • fixed ordering bug where unreviewed bot changesets weren't being seen as OutcomeNegative
  • Tests for the changes have been added (for bug fixes/features)

Which issue(s) this PR fixes

NONE

Special notes for your reviewer

Does this PR introduce a user-facing change?

For user-facing changes, please add a concise, human-readable release note to
the release-note

(In particular, describe what changes users might need to make in their
application as a result of this pull request.)

NONE

@spencerschrock
tidy probe documentation
11c94ea 
Signed-off-by: Spencer Schrock <[email protected]>
@spencerschrock
export probe name
eccbeb9 
Signed-off-by: Spencer Schrock <[email protected]>
@spencerschrock
check for no raw data
c7a46ae 
Signed-off-by: Spencer Schrock <[email protected]>
@spencerschrock
return OutcomeNotApplicable when no changesets are present
0387701 
Signed-off-by: Spencer Schrock <[email protected]>
@spencerschrock
extract approved logic and return errors as OutcomeError
fdbd4d5 
Signed-off-by: Spencer Schrock <[email protected]>
@spencerschrock
simplify finding creation
44db60a 
Signed-off-by: Spencer Schrock <[email protected]>
@spencerschrock
add clarifying comment for skipping bot changes
b79d452 
Signed-off-by: Spencer Schrock <[email protected]>
@spencerschrock
only bot commits results in OutcomeNotApplicable
ecc9d17 
Signed-off-by: Spencer Schrock <[email protected]>
@spencerschrock
move no changeset code back to where it was originally
cd29116 
Signed-off-by: Spencer Schrock <[email protected]>
@spencerschrock
include ratio of approved/total as values
c0e616e 
count the number of approved vs unapproved changesets

Signed-off-by: Spencer Schrock <[email protected]>
@spencerschrock
ensure unreviewed bot PRs always give negative outcome
8e6951d 
Signed-off-by: Spencer Schrock <[email protected]>
@spencerschrock
use common outcome test code
72941fa 
Signed-off-by: Spencer Schrock <[email protected]>
@spencerschrock
fix linter
e2072e7 
Signed-off-by: Spencer Schrock <[email protected]>
@spencerschrock
mention dependabot in probe description
130534c 
Signed-off-by: Spencer Schrock <[email protected]>
@spencerschrock spencerschrock requested a review from a team as a code owner February 26, 2024 21:06
@spencerschrock spencerschrock requested review from raghavkaul and laurentsimon and removed request for a team February 26, 2024 21:06
@codecov Codecov
Copy link

codecov bot commented Feb 26, 2024
edited
Loading

Codecov Report

Merging #3902 (872490f) into main (16b6759) will decrease coverage by 8.41%.
The diff coverage is 82.97%.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #3902      +/-   ##
==========================================
- Coverage   75.08%   66.68%   -8.41%     
==========================================
  Files         234      234              
  Lines       15857    15860       +3     
==========================================
- Hits        11907    10577    -1330     
- Misses       3189     4629    +1440     
+ Partials      761      654     -107

@spencerschrock spencerschrock enabled auto-merge (squash) March 5, 2024 21:49
@spencerschrock spencerschrock merged commit e9af90c into ossf:main Mar 5, 2024
38 checks passed
@spencerschrock spencerschrock deleted the probe-code-approved branch March 5, 2024 21:57
fhoeborn pushed a commit to fhoeborn/scorecard that referenced this pull request Apr 1, 2024
@spencerschrock @fhoeborn
🌱 Cleanup codeApproved outcomes and semantics (ossf#3902)
0173fb0 
* tidy probe documentation

Signed-off-by: Spencer Schrock <[email protected]>

* export probe name

Signed-off-by: Spencer Schrock <[email protected]>

* check for no raw data

Signed-off-by: Spencer Schrock <[email protected]>

* return OutcomeNotApplicable when no changesets are present

Signed-off-by: Spencer Schrock <[email protected]>

* extract approved logic and return errors as OutcomeError

Signed-off-by: Spencer Schrock <[email protected]>

* simplify finding creation

Signed-off-by: Spencer Schrock <[email protected]>

* add clarifying comment for skipping bot changes

Signed-off-by: Spencer Schrock <[email protected]>

* only bot commits results in OutcomeNotApplicable

Signed-off-by: Spencer Schrock <[email protected]>

* move no changeset code back to where it was originally

Signed-off-by: Spencer Schrock <[email protected]>

* include ratio of approved/total as values

count the number of approved vs unapproved changesets

Signed-off-by: Spencer Schrock <[email protected]>

* ensure unreviewed bot PRs always give negative outcome

Signed-off-by: Spencer Schrock <[email protected]>

* use common outcome test code

Signed-off-by: Spencer Schrock <[email protected]>

* fix linter

Signed-off-by: Spencer Schrock <[email protected]>

* mention dependabot in probe description

Signed-off-by: Spencer Schrock <[email protected]>

---------

Signed-off-by: Spencer Schrock <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@raghavkaul raghavkaul raghavkaul left review comments

@laurentsimon laurentsimon laurentsimon approved these changes

Assignees
No one assigned
Labels
None yet
Projects
Scorecard - NEW
Status: Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@spencerschrock @raghavkaul @laurentsimon