-
Notifications
You must be signed in to change notification settings - Fork 508
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
✨ Added additional github repositories in projects.csv #1886
Conversation
qq: which additional repos did you add? Are the entires sorted? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
2 changes:
- Run
make add-projects
which will de-duplicate the projects and sort them alphabetically. - Update the PR title to add an appropriate prefix - https://github.com/ossf/scorecard/blob/main/CONTRIBUTING.md#pr-process
Yeah GH UI does not show the diff since it's too large. I did a local diff to see it for myself. |
Integration tests success for |
Codecov Report
@@ Coverage Diff @@
## main #1886 +/- ##
==========================================
+ Coverage 51.35% 54.40% +3.04%
==========================================
Files 79 79
Lines 6729 6729
==========================================
+ Hits 3456 3661 +205
+ Misses 3043 2832 -211
- Partials 230 236 +6 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Also, I noticed that these dependencies have num_dependencies_deps.dev
metadata field. Please remove that. We get that metadata from deps.dev API directly.
Hi Team, Error log when running make add-projects # Add new projects to ./cron/data/projects.csv goroutine 1 [running]: It occurs even when I add the following GitHub repo list - https://drive.google.com/file/d/1vF2r6onpc4lUKVJobgBNixW0yuuE-BZ3/view?usp=sharing |
So the error will tell you what's going on. For example, when I run this command on your PR locally, I get the error: Note that for a GitHub URL to be considered valid, it should be of the form: |
Hi Team, |
Integration tests success for |
Integration tests success for |
Integration tests success for |
Integration tests success for |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM, thanks! Excited to see the results from your research.
The tool does not look for 404 errors on the repo page. If there is a 404 error during Scorecard calculation we simply skip it so no data will be populated. |
What kind of change does this PR introduce?
(Is it a bug fix, feature, docs update, something else?)
This can be considered a feature. This PR will allow the generation of scorecard metrics for additional repositories that we consider vital to the PyPi and NPM ecosystem.
What is the current behavior?
Currently, there are around 1M GitHub repos. After this PR is approved additional 250k repos will be added.
What is the new behavior (if this is a feature change)?**
Added additional repositories. The additional repositories are from packages from the NPM and PyPI ecosystem.
No need for tests as no code change is involved.
Which issue(s) this PR fixes
A Request to bump up the repositories analyzed. No issue was created.
Special notes for your reviewer
Please note that some of the Github repos that are added might encounter 404 due to the repository being deleted by the developer/maintainer. While we have taken utmost care to filter them out, there might still be some that might have gone under the radar.
Does this PR introduce a user-facing change?
NONE