feat: read from GitHub using the github module#25
Merged
eddie-knight merged 1 commit intoossf:mainfrom May 6, 2025
Merged
Conversation
trumant
force-pushed
the
read-using-github-client
branch
from
604ac66 to
68a40fb
Compare
trumant
commented
May 6, 2025
| "github.com/goccy/go-yaml" | ||
| ) | ||
|
|
||
| type FileAPIResponse struct { |
Contributor
Author
There was a problem hiding this comment.
This duplicates a type defined by go-github, so we can just theirs
trumant
commented
May 6, 2025
trumant
commented
May 6, 2025
| Funding string `yaml:"funding"` | ||
| Administrators []Contact `yaml:"administrators"` | ||
| Repositories []Repo `yaml:"repositories"` | ||
| Steward *Link `yaml:"steward"` |
Contributor
Author
There was a problem hiding this comment.
Unfortunately when ossf/security-insights@4c4a631 merged, a strict YAML parse/decode (i.e. one with reject unknown fields enabled) would fail when attempting to decode any insights file like https://github.com/ossf/security-insights-spec/blob/main/.github/security-insights.yml that had a project.steward defined.
trumant
force-pushed
the
read-using-github-client
branch
from
68a40fb to
bfb2c61
Compare
trumant
commented
May 6, 2025
| url: https://vcs.example.com/foobar/foo | ||
| comment: | | ||
| Foo is the core repo for FooBar. | ||
| steward: |
Contributor
Author
There was a problem hiding this comment.
Note that steward is here as well
This change updates Read to use the github/v71 module client. This change also adds a Load func for those clients who have an SI data file at hand. Finally, test coverage is added. Signed-off-by: Travis Truman <trumant@gmail.com>
trumant
force-pushed
the
read-using-github-client
branch
from
bfb2c61 to
ad440b2
Compare
eddie-knight
approved these changes
May 6, 2025
Contributor
eddie-knight
left a comment
eddie-knight
left a comment
There was a problem hiding this comment.
Tested this using pvtr-github-repo locally against multiple targets without any unexpected behavior or changes required in that codebase 👍
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR builds on the changes in #24 to:
I wouldn't expect to merge this without first merging the #24 and rebasing this against main.