✨ Add line number to unpinned dependency: GitHub workflow "uses" field #821
Conversation
Sure thing, I'll get some added. |
|
Tests have been added. |
| @@ -542,3 +543,78 @@ func TestGitHubWorflowRunDownload(t *testing.T) { | |||
| }) | |||
| } | |||
| } | |||
|
|
|||
| func TestGitHubWorkflowUsesLineNumber(t *testing.T) { | |||
There was a problem hiding this comment.
is there a way we could re-use the existing TestGithubWorkflowPinning instead of creating a new TestGitHubWorkflowUsesLineNumber ?
There was a problem hiding this comment.
I personally think it's better having it in its own test because I prefer unit tests to focus on just one thing as opposed to several disparate things. Combining it with TestGithubWorkflowPinning would make it a bit too convoluted.
There was a problem hiding this comment.
I agree with @chrismcgehee
|
FYI, we can start migrating to using new structure. Example in #883 |
|
@laurentsimon Is this good to merge? |
|
I wanted to wait for @chrismcgehee to migrate the changes he made to the new structured results (#883), if possible. |
I'd like to update this PR to take advantage of the logging structure. |
ristomcgehee
force-pushed
the
unpinned-line-number-uses
branch
from
74b8cc8
to
5bb681b
Compare
What kind of change does this PR introduce? (Bug fix, feature, docs update, ...)
Feature
What is the current behavior? (You can also link to an open issue here)
Line numbers are not displayed in the results when there are unpinned dependencies.
Feature: add line number to Pinned-Dependencies detail reporting #725
What is the new behavior (if this is a feature change)?
When there is an unpinned
usesfield in a.github/workflowsfile , the line number for theusesfield will be displayed in the detailed results.I will create additional PRs to add line numbers for other places in the code that deal with unpinned dependencies.
Does this PR introduce a breaking change? (What changes might users need to make in their application due to this PR?)
No
Other information:
I updated
gopkg.in/yamlto v3 inchecks/pinned_dependencies.goin order to use the newerUnmarshalYAML()in order to set the line number of the field. I did not update other files to go fromgopkg.in/yaml/v2to ``gopkg.in/yaml/v3` because when I tried doing so, some of the test for Token-Permissions failed.