✨ checks/evaluation logs findings #3409

laurentsimon · 2023-08-21T19:45:20Z

Let checks/evaluation logs findings

codecov · 2023-08-21T19:48:54Z

Codecov Report

Merging #3409 (3630f54) into main (52a4843) will decrease coverage by 8.48%.
The diff coverage is 96.00%.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #3409      +/-   ##
==========================================
- Coverage   72.75%   64.27%   -8.48%     
==========================================
  Files         185      186       +1     
  Lines       13149    13155       +6     
==========================================
- Hits         9566     8455    -1111     
- Misses       3062     4237    +1175     
+ Partials      521      463      -58

go.sum

laurentsimon · 2023-08-21T21:08:02Z

All tests green, ready for review

checker/check_result.go

checks/evaluation/dependency_update_tool_test.go

checks/evaluation/fuzzing_test.go

checks/evaluation/security_policy.go

checks/evaluation/security_policy_test.go

checks/run_probes.go

Signed-off-by: laurentsimon <[email protected]>

spencerschrock · 2023-09-07T18:57:13Z

Ready for reviews

I thought we both were leaning towards option 1? #3409 (comment)

laurentsimon · 2023-09-07T20:48:46Z

Ready for reviews

I thought we both were leaning towards option 1? #3409 (comment)

Sorry, I must have meant option 2.

Signed-off-by: laurentsimon <[email protected]>

spencerschrock

just a few small things to take care of

checker/check_result.go

checks/evaluation/dependency_update_tool_test.go

checks/evaluation/fuzzing_test.go

checks/evaluation/security_policy_test.go

Signed-off-by: AdamKorcz <[email protected]>

Signed-off-by: laurentsimon <[email protected]>

Signed-off-by: AdamKorcz <[email protected]>

* 🌱 Add probe support for contributors metrics Signed-off-by: AdamKorcz <[email protected]> * fix lint issues Signed-off-by: AdamKorcz <[email protected]> * change 'contributorsWith' to 'contributorsFrom' Signed-off-by: AdamKorcz <[email protected]> * change remediation difficulty Signed-off-by: AdamKorcz <[email protected]> * fix nits Signed-off-by: AdamKorcz <[email protected]> * Updates to checks and checks/evaluation Signed-off-by: AdamKorcz <[email protected]> * fix tests like in #3409 Signed-off-by: AdamKorcz <[email protected]> * fix raw test Signed-off-by: AdamKorcz <[email protected]> * Update description in def.yml Signed-off-by: AdamKorcz <[email protected]> * move logic out of utils Signed-off-by: AdamKorcz <[email protected]> * add comment to consolidate unit test validation Signed-off-by: AdamKorcz <[email protected]> * change a couple of t.Fatal to t.Error Signed-off-by: AdamKorcz <[email protected]> * un-remove comment Signed-off-by: AdamKorcz <[email protected]> * remove map Signed-off-by: AdamKorcz <[email protected]> * fix typo Signed-off-by: AdamKorcz <[email protected]> * remove lint comment Signed-off-by: AdamKorcz <[email protected]> * fix incorrect -1/0 scoring Signed-off-by: AdamKorcz <[email protected]> * Do not specify 'Github' in def.yml Signed-off-by: AdamKorcz <[email protected]> * do not mention 'which companies' in def.yml Signed-off-by: AdamKorcz <[email protected]> * Rename tests Signed-off-by: AdamKorcz <[email protected]> * Use getRawResults and uncomment logging statement Signed-off-by: AdamKorcz <[email protected]> * Define return values of probe better Signed-off-by: AdamKorcz <[email protected]> * Use proportional score instead of min score Signed-off-by: AdamKorcz <[email protected]> * revert changed scoring Signed-off-by: AdamKorcz <[email protected]> * fix incorrect function name Signed-off-by: AdamKorcz <[email protected]> * remove utility function that finds non-positive outcomes Signed-off-by: AdamKorcz <[email protected]> * rebase with latest upstream main and fix linter issues Signed-off-by: AdamKorcz <[email protected]> * Log findings in one statements except a logging statements per finding Signed-off-by: AdamKorcz <[email protected]> * redefine conditional logic Signed-off-by: AdamKorcz <[email protected]> * rebase Signed-off-by: AdamKorcz <[email protected]> * remove unused function Signed-off-by: AdamKorcz <[email protected]> --------- Signed-off-by: AdamKorcz <[email protected]>

* 🌱 Add probe support for contributors metrics Signed-off-by: AdamKorcz <[email protected]> * fix lint issues Signed-off-by: AdamKorcz <[email protected]> * change 'contributorsWith' to 'contributorsFrom' Signed-off-by: AdamKorcz <[email protected]> * change remediation difficulty Signed-off-by: AdamKorcz <[email protected]> * fix nits Signed-off-by: AdamKorcz <[email protected]> * Updates to checks and checks/evaluation Signed-off-by: AdamKorcz <[email protected]> * fix tests like in ossf#3409 Signed-off-by: AdamKorcz <[email protected]> * fix raw test Signed-off-by: AdamKorcz <[email protected]> * Update description in def.yml Signed-off-by: AdamKorcz <[email protected]> * move logic out of utils Signed-off-by: AdamKorcz <[email protected]> * add comment to consolidate unit test validation Signed-off-by: AdamKorcz <[email protected]> * change a couple of t.Fatal to t.Error Signed-off-by: AdamKorcz <[email protected]> * un-remove comment Signed-off-by: AdamKorcz <[email protected]> * remove map Signed-off-by: AdamKorcz <[email protected]> * fix typo Signed-off-by: AdamKorcz <[email protected]> * remove lint comment Signed-off-by: AdamKorcz <[email protected]> * fix incorrect -1/0 scoring Signed-off-by: AdamKorcz <[email protected]> * Do not specify 'Github' in def.yml Signed-off-by: AdamKorcz <[email protected]> * do not mention 'which companies' in def.yml Signed-off-by: AdamKorcz <[email protected]> * Rename tests Signed-off-by: AdamKorcz <[email protected]> * Use getRawResults and uncomment logging statement Signed-off-by: AdamKorcz <[email protected]> * Define return values of probe better Signed-off-by: AdamKorcz <[email protected]> * Use proportional score instead of min score Signed-off-by: AdamKorcz <[email protected]> * revert changed scoring Signed-off-by: AdamKorcz <[email protected]> * fix incorrect function name Signed-off-by: AdamKorcz <[email protected]> * remove utility function that finds non-positive outcomes Signed-off-by: AdamKorcz <[email protected]> * rebase with latest upstream main and fix linter issues Signed-off-by: AdamKorcz <[email protected]> * Log findings in one statements except a logging statements per finding Signed-off-by: AdamKorcz <[email protected]> * redefine conditional logic Signed-off-by: AdamKorcz <[email protected]> * rebase Signed-off-by: AdamKorcz <[email protected]> * remove unused function Signed-off-by: AdamKorcz <[email protected]> --------- Signed-off-by: AdamKorcz <[email protected]> Signed-off-by: Diogo Teles Sant'Anna <[email protected]>

* checks/validation logs findings Signed-off-by: laurentsimon <[email protected]> * gofmt file Signed-off-by: laurentsimon <[email protected]> * linter Signed-off-by: laurentsimon <[email protected]> * revert go.sum Signed-off-by: laurentsimon <[email protected]> * typo Signed-off-by: laurentsimon <[email protected]> * add unit tests and address comments Signed-off-by: laurentsimon <[email protected]> * update comment Signed-off-by: laurentsimon <[email protected]> * missing file Signed-off-by: laurentsimon <[email protected]> * use option 1 Signed-off-by: laurentsimon <[email protected]> * use got / want in test Signed-off-by: laurentsimon <[email protected]> * missing tests updates Signed-off-by: laurentsimon <[email protected]> --------- Signed-off-by: laurentsimon <[email protected]> Signed-off-by: Allen Shearin <[email protected]>

* 🌱 Add probe support for contributors metrics Signed-off-by: AdamKorcz <[email protected]> * fix lint issues Signed-off-by: AdamKorcz <[email protected]> * change 'contributorsWith' to 'contributorsFrom' Signed-off-by: AdamKorcz <[email protected]> * change remediation difficulty Signed-off-by: AdamKorcz <[email protected]> * fix nits Signed-off-by: AdamKorcz <[email protected]> * Updates to checks and checks/evaluation Signed-off-by: AdamKorcz <[email protected]> * fix tests like in ossf#3409 Signed-off-by: AdamKorcz <[email protected]> * fix raw test Signed-off-by: AdamKorcz <[email protected]> * Update description in def.yml Signed-off-by: AdamKorcz <[email protected]> * move logic out of utils Signed-off-by: AdamKorcz <[email protected]> * add comment to consolidate unit test validation Signed-off-by: AdamKorcz <[email protected]> * change a couple of t.Fatal to t.Error Signed-off-by: AdamKorcz <[email protected]> * un-remove comment Signed-off-by: AdamKorcz <[email protected]> * remove map Signed-off-by: AdamKorcz <[email protected]> * fix typo Signed-off-by: AdamKorcz <[email protected]> * remove lint comment Signed-off-by: AdamKorcz <[email protected]> * fix incorrect -1/0 scoring Signed-off-by: AdamKorcz <[email protected]> * Do not specify 'Github' in def.yml Signed-off-by: AdamKorcz <[email protected]> * do not mention 'which companies' in def.yml Signed-off-by: AdamKorcz <[email protected]> * Rename tests Signed-off-by: AdamKorcz <[email protected]> * Use getRawResults and uncomment logging statement Signed-off-by: AdamKorcz <[email protected]> * Define return values of probe better Signed-off-by: AdamKorcz <[email protected]> * Use proportional score instead of min score Signed-off-by: AdamKorcz <[email protected]> * revert changed scoring Signed-off-by: AdamKorcz <[email protected]> * fix incorrect function name Signed-off-by: AdamKorcz <[email protected]> * remove utility function that finds non-positive outcomes Signed-off-by: AdamKorcz <[email protected]> * rebase with latest upstream main and fix linter issues Signed-off-by: AdamKorcz <[email protected]> * Log findings in one statements except a logging statements per finding Signed-off-by: AdamKorcz <[email protected]> * redefine conditional logic Signed-off-by: AdamKorcz <[email protected]> * rebase Signed-off-by: AdamKorcz <[email protected]> * remove unused function Signed-off-by: AdamKorcz <[email protected]> --------- Signed-off-by: AdamKorcz <[email protected]> Signed-off-by: Allen Shearin <[email protected]>

laurentsimon requested review from azeemshaikh38, justaugustus, naveensrinivasan, spencerschrock and raghavkaul as code owners August 21, 2023 19:45

laurentsimon temporarily deployed to gitlab August 21, 2023 19:45 — with GitHub Actions Inactive

laurentsimon temporarily deployed to integration-test August 21, 2023 19:45 — with GitHub Actions Inactive

laurentsimon temporarily deployed to gitlab August 21, 2023 19:52 — with GitHub Actions Inactive

laurentsimon temporarily deployed to integration-test August 21, 2023 19:52 — with GitHub Actions Inactive

laurentsimon commented Aug 21, 2023

View reviewed changes

go.sum Outdated Show resolved Hide resolved

laurentsimon force-pushed the feat/probes-log-findings branch from c99a206 to bcee394 Compare August 21, 2023 20:22

laurentsimon temporarily deployed to gitlab August 21, 2023 20:22 — with GitHub Actions Inactive

laurentsimon temporarily deployed to integration-test August 21, 2023 20:22 — with GitHub Actions Inactive

laurentsimon temporarily deployed to gitlab August 21, 2023 20:26 — with GitHub Actions Inactive

laurentsimon temporarily deployed to integration-test August 21, 2023 20:26 — with GitHub Actions Inactive

laurentsimon temporarily deployed to gitlab August 21, 2023 20:27 — with GitHub Actions Inactive

laurentsimon temporarily deployed to integration-test August 21, 2023 20:27 — with GitHub Actions Inactive

spencerschrock reviewed Aug 21, 2023

View reviewed changes

github-actions bot added the no-pr-activity label Sep 3, 2023

ossf deleted a comment from github-actions bot Sep 5, 2023

spencerschrock added work-in-progress and removed no-pr-activity labels Sep 5, 2023

laurentsimon added 6 commits September 6, 2023 23:52

checks/validation logs findings

083596c

Signed-off-by: laurentsimon <[email protected]>

gofmt file

4557e47

Signed-off-by: laurentsimon <[email protected]>

linter

7ae57c0

Signed-off-by: laurentsimon <[email protected]>

revert go.sum

8e2d085

Signed-off-by: laurentsimon <[email protected]>

typo

effe3be

Signed-off-by: laurentsimon <[email protected]>

add unit tests and address comments

9726d92

Signed-off-by: laurentsimon <[email protected]>

missing file

efd02b4

Signed-off-by: laurentsimon <[email protected]>

laurentsimon temporarily deployed to gitlab September 7, 2023 03:46 — with GitHub Actions Inactive

laurentsimon temporarily deployed to integration-test September 7, 2023 03:46 — with GitHub Actions Inactive

laurentsimon mentioned this pull request Sep 7, 2023

🌱 Add probe support for contributors metrics #3460

Merged

2 tasks

use option 1

50e1c89

Signed-off-by: laurentsimon <[email protected]>

laurentsimon temporarily deployed to gitlab September 7, 2023 22:32 — with GitHub Actions Inactive

laurentsimon temporarily deployed to integration-test September 7, 2023 22:33 — with GitHub Actions Inactive

spencerschrock approved these changes Sep 8, 2023

View reviewed changes

checker/check_result.go Outdated Show resolved Hide resolved

checks/evaluation/dependency_update_tool_test.go Outdated Show resolved Hide resolved

checks/evaluation/fuzzing_test.go Outdated Show resolved Hide resolved

checks/evaluation/security_policy_test.go Outdated Show resolved Hide resolved

AdamKorcz added a commit to AdamKorcz/scorecard that referenced this pull request Sep 8, 2023

fix tests like in ossf#3409

c36ef5f

Signed-off-by: AdamKorcz <[email protected]>

AdamKorcz added a commit to AdamKorcz/scorecard that referenced this pull request Sep 8, 2023

fix tests like in ossf#3409

d0b6074

Signed-off-by: AdamKorcz <[email protected]>

use got / want in test

25d7241

Signed-off-by: laurentsimon <[email protected]>

laurentsimon temporarily deployed to gitlab September 12, 2023 15:15 — with GitHub Actions Inactive

laurentsimon temporarily deployed to integration-test September 12, 2023 15:15 — with GitHub Actions Inactive

missing tests updates

3630f54

Signed-off-by: laurentsimon <[email protected]>

laurentsimon enabled auto-merge (squash) September 12, 2023 15:16

laurentsimon temporarily deployed to gitlab September 12, 2023 15:16 — with GitHub Actions Inactive

laurentsimon temporarily deployed to integration-test September 12, 2023 15:16 — with GitHub Actions Inactive

laurentsimon merged commit 8b096ad into ossf:main Sep 12, 2023

laurentsimon mentioned this pull request Sep 12, 2023

🌱 Add license probe #3465

Merged

2 tasks

AdamKorcz added a commit to AdamKorcz/scorecard that referenced this pull request Sep 14, 2023

fix tests like in ossf#3409

50d8385

Signed-off-by: AdamKorcz <[email protected]>

spencerschrock mentioned this pull request Sep 18, 2023

✨ Add additional fuzzing probes #3473

Merged

2 tasks

AdamKorcz added a commit to AdamKorcz/scorecard that referenced this pull request Sep 28, 2023

fix tests like in ossf#3409

b44d2d0

Signed-off-by: AdamKorcz <[email protected]>

AdamKorcz added a commit to AdamKorcz/scorecard that referenced this pull request Oct 11, 2023

fix tests like in ossf#3409

30e7927

Signed-off-by: AdamKorcz <[email protected]>

AdamKorcz added a commit to AdamKorcz/scorecard that referenced this pull request Oct 24, 2023

fix tests like in ossf#3409

3d316e4

Signed-off-by: AdamKorcz <[email protected]>

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

✨ checks/evaluation logs findings #3409

✨ checks/evaluation logs findings #3409

laurentsimon commented Aug 21, 2023 •

edited

Loading

codecov bot commented Aug 21, 2023 •

edited

Loading

laurentsimon commented Aug 21, 2023

spencerschrock commented Sep 7, 2023

laurentsimon commented Sep 7, 2023

spencerschrock left a comment

✨ checks/evaluation logs findings #3409

✨ checks/evaluation logs findings #3409

Conversation

laurentsimon commented Aug 21, 2023 • edited Loading

codecov bot commented Aug 21, 2023 • edited Loading

Codecov Report

laurentsimon commented Aug 21, 2023

spencerschrock commented Sep 7, 2023

laurentsimon commented Sep 7, 2023

spencerschrock left a comment

Choose a reason for hiding this comment

laurentsimon commented Aug 21, 2023 •

edited

Loading

codecov bot commented Aug 21, 2023 •

edited

Loading