You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Macaron can analyze a specific <branch, commit sha> of a repo. However, the provenance analyzer looks for the provenance in the latest release. We need to search the releases to match the provided commit sha if possible and analyze the corresponding artifact and provenance. We can add an optional artifact version input to assist the search.
If we cannot find such mapping, we can fall back to analyze the latest release and analyze the repo with its corresponding <branch, commit sha>.
The text was updated successfully, but these errors were encountered:
Once we complete this enhancement to map artifacts/provenances to a commit sha, issues like this one would be avoided because we would analyze the artifact corresponding to the specified commit sha in e2e test configurations (and not just the latest release artifact).
Macaron can analyze a specific
<branch, commit sha>
of a repo. However, the provenance analyzer looks for the provenance in the latest release. We need to search the releases to match the provided commit sha if possible and analyze the corresponding artifact and provenance. We can add an optional artifact version input to assist the search.If we cannot find such mapping, we can fall back to analyze the latest release and analyze the repo with its corresponding
<branch, commit sha>
.The text was updated successfully, but these errors were encountered: