Skip to content

Commit

Permalink
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
fix: more review fixes
Browse files Browse the repository at this point in the history
Signed-off-by: Tim Yarkov <[email protected]>
timyarkov committed Sep 22, 2023
1 parent a82e179 commit dd80b32
Showing 3 changed files with 13 additions and 5 deletions.
2 changes: 1 addition & 1 deletion scripts/dev_scripts/integration_tests.sh
Original file line number Diff line number Diff line change
@@ -100,7 +100,7 @@ $RUN_MACARON analyze -rp https://github.com/timyarkov/docker_test -b main -d 404
python $COMPARE_JSON_OUT $JSON_RESULT $JSON_EXPECTED || log_fail

echo -e "\n----------------------------------------------------------------------------------"
echo "uiv-lib/uiv: Analysing the repo path, the branch name and the commit digest for an NPM project,"
echo "uiv-lib/uiv: Analysing the repo path, the branch name and the commit digest for an npm project,"
echo "skipping dependency resolution."
echo -e "----------------------------------------------------------------------------------\n"
JSON_EXPECTED=$WORKSPACE/tests/e2e/expected_results/uiv/uiv.json
10 changes: 8 additions & 2 deletions src/macaron/config/defaults.ini
Original file line number Diff line number Diff line change
@@ -328,15 +328,20 @@ package_lock =
package-lock.json
builder =
npm
# Build args not defined since npm build is just a plumbing command https://docs.npmjs.com/cli/v6/commands/npm-build
# and SLSA v1.0 removes the scripted build requirement https://slsa.dev/spec/v1.0/requirements
build_arg =
build
deploy_arg =
publish
[builder.npm.ci.deploy]
github_actions =
JS-DevTools/npm-publish

# This is the spec for trusted Yarn build tool usages.
# The entries cover both Yarn classic and Yarn modern; namely .yarnrc vs .yarnrc.yml
# for the entry configs, publish vs npm publish for the deploy args, and yarn.lock for
# Yarn classic's package lock.
# See https://yarnpkg.com/migration/guide and https://classic.yarnpkg.com/lang/en/docs/yarn-lock/
[builder.yarn]
entry_conf =
.yarnrc
@@ -345,10 +350,11 @@ build_configs =
package.json
package_lock =
package-lock.json
yarn.lock
builder =
yarn
# Build args not defined for similar reasons to npm
build_arg =
build
deploy_arg =
publish
npm publish
6 changes: 4 additions & 2 deletions tests/slsa_analyzer/build_tool/test_go.py
Original file line number Diff line number Diff line change
@@ -42,8 +42,10 @@ def test_go_build_tool(
"""Test the Go build tool."""
base_dir = Path(__file__).parent

# Since there's issues having 2 go.mod files in the same project, we make
# it on the fly for this test
# Making directories with a go.mod but no actual Go project seems to cause issues
# for the pre-commit hooks (errors like go: warning: "./..." matched no packages);
# as such it is easiest for this test to just create/delete the go.mod files
# macaron looks for on the fly instead of managing a proper project within the mock repos.
proj_dir = tmp_path.joinpath(folder)
proj_dir.mkdir(parents=True)

0 comments on commit dd80b32

Please sign in to comment.