Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

✨ implement yarn2 parser #9985

Merged
merged 6 commits into from
May 2, 2024
Merged

✨ implement yarn2 parser #9985

merged 6 commits into from
May 2, 2024

Conversation

manuel-sommer
Copy link
Contributor

see #9911

@dryrunsecurity DryRunSecurity
Copy link

dryrunsecurity bot commented Apr 22, 2024
edited

Hi there 👋, @DryRunSecurity here, below is a summary of our analysis and findings.

DryRun Security Status Findings
Configured Codepaths Analyzer 0 findings
Sensitive Files Analyzer 0 findings
AppSec Analyzer 0 findings
Authn/Authz Analyzer 0 findings
Secrets Analyzer 0 findings

Note

🟢 Risk threshold not exceeded.

Powered by DryRun Security

@manuel-sommer manuel-sommer marked this pull request as draft April 22, 2024 13:01
@manuel-sommer manuel-sommer marked this pull request as ready for review April 22, 2024 13:19
mtesauro
mtesauro approved these changes Apr 22, 2024
View reviewed changes
Copy link
Contributor

@mtesauro mtesauro left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approved

cneill
cneill requested changes Apr 23, 2024
View reviewed changes
Copy link
Collaborator

@cneill cneill left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just a couple comments around component_name here. It would also be nice to include the URL key in references if it's available.

dojo/tools/yarn_audit/parser.py Outdated Show resolved Hide resolved
dojo/tools/yarn_audit/parser.py Outdated Show resolved Hide resolved
manuel-sommer and others added 2 commits April 23, 2024 02:31
@manuel-sommer @cneill
Update dojo/tools/yarn_audit/parser.py
8a53274 
Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com>
@manuel-sommer
thank you for the review @cneill
d700cd9
@egorbeliy
Copy link

anyone can check it to be approved?

@github-actions GitHub Actions
Copy link
Contributor

This pull request has conflicts, please resolve those before we can evaluate the pull request.

@github-actions GitHub Actions
Copy link
Contributor

Conflicts have been resolved. A maintainer will review the pull request shortly.

@blakeaowens blakeaowens merged commit a1bf40f into DefectDojo:dev May 2, 2024
123 checks passed
@manuel-sommer manuel-sommer deleted the implement_yarn2_issu9911 branch May 4, 2024 07:32
dogboat pushed a commit to dogboat/django-DefectDojo that referenced this pull request May 6, 2024
@manuel-sommer @cneill
✨ implement yarn2 parser (DefectDojo#9985)
f08166d 
* ✨ implement yarn2 parser

* fix bug

* Update dojo/tools/yarn_audit/parser.py

Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com>

* thank you for the review @cneill

* fix ruff

---------

Co-authored-by: Charles Neill <1749665+cneill@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cneill cneill cneill approved these changes

@mtesauro mtesauro mtesauro approved these changes

@kostiq kostiq kostiq approved these changes

@egorbeliy egorbeliy egorbeliy approved these changes

@Maffooch Maffooch Maffooch approved these changes

@blakeaowens blakeaowens blakeaowens approved these changes

Assignees
No one assigned
Labels
parser unittests
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
7 participants
@manuel-sommer @egorbeliy @cneill @mtesauro @kostiq @Maffooch @blakeaowens