Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OpenSSF: Binary artifacts #839

Closed
gaborcsardi opened this issue May 7, 2024 · 4 comments
Closed

OpenSSF: Binary artifacts #839

gaborcsardi opened this issue May 7, 2024 · 4 comments
Labels
bug an unexpected problem or unintended behavior

Comments

@gaborcsardi
Copy link
Member

Reason

binaries present in source code

Details

Warn: binary detected: pr-fetch/node_modules/fsevents/fsevents.node:1
Warn: binary detected: pr-fetch/node_modules/undici/lib/llhttp/llhttp.wasm:1
Warn: binary detected: pr-fetch/node_modules/undici/lib/llhttp/llhttp_simd.wasm:1
Warn: binary detected: pr-push/node_modules/fsevents/fsevents.node:1
Warn: binary detected: setup-pandoc/node_modules/@actions/tool-cache/scripts/externals/7zdec.exe:1
Warn: binary detected: setup-pandoc/node_modules/fsevents/fsevents.node:1
Warn: binary detected: setup-pandoc/node_modules/undici/lib/llhttp/llhttp.wasm:1
Warn: binary detected: setup-pandoc/node_modules/undici/lib/llhttp/llhttp_simd.wasm:1
Warn: binary detected: setup-r/node_modules/@actions/tool-cache/scripts/externals/7zdec.exe:1
Warn: binary detected: setup-r/node_modules/fsevents/fsevents.node:1
Warn: binary detected: setup-r/node_modules/undici/lib/llhttp/llhttp.wasm:1
Warn: binary detected: setup-r/node_modules/undici/lib/llhttp/llhttp_simd.wasm:1
Warn: binary detected: setup-tinytex/node_modules/@actions/tool-cache/scripts/externals/7zdec.exe:1
Warn: binary detected: setup-tinytex/node_modules/fsevents/fsevents.node:1
Warn: binary detected: setup-tinytex/node_modules/undici/lib/llhttp/llhttp.wasm:1
Warn: binary detected: setup-tinytex/node_modules/undici/lib/llhttp/llhttp_simd.wasm:1

Some of these are from dev dependencies, we can surely get rid of those.
@gaborcsardi gaborcsardi added the bug an unexpected problem or unintended behavior label May 7, 2024
gaborcsardi added a commit that referenced this issue May 7, 2024
@gaborcsardi
Delete dev and optional node dependencies
dac5629 
For #839.
@gaborcsardi
Copy link
Member Author

gaborcsardi commented May 7, 2024
edited
Loading

After removing the dev and optional dependencies we are at

Warn: binary detected: pr-fetch/node_modules/undici/lib/llhttp/llhttp.wasm:1 
Warn: binary detected: pr-fetch/node_modules/undici/lib/llhttp/llhttp_simd.wasm:1 
Warn: binary detected: pr-push/node_modules/undici/lib/llhttp/llhttp.wasm:1 
Warn: binary detected: pr-push/node_modules/undici/lib/llhttp/llhttp_simd.wasm:1
Warn: binary detected: setup-pandoc/node_modules/@actions/tool-cache/scripts/externals/7zdec.exe:1
Warn: binary detected: setup-pandoc/node_modules/undici/lib/llhttp/llhttp.wasm:1 
Warn: binary detected: setup-pandoc/node_modules/undici/lib/llhttp/llhttp_simd.wasm:1
Warn: binary detected: setup-r/node_modules/@actions/tool-cache/scripts/externals/7zdec.exe:1 
Warn: binary detected: setup-r/node_modules/undici/lib/llhttp/llhttp.wasm:1 
Warn: binary detected: setup-r/node_modules/undici/lib/llhttp/llhttp_simd.wasm:1
Warn: binary detected: setup-tinytex/node_modules/@actions/tool-cache/scripts/externals/7zdec.exe:1
Warn: binary detected: setup-tinytex/node_modules/undici/lib/llhttp/llhttp.wasm:1 
Warn: binary detected: setup-tinytex/node_modules/undici/lib/llhttp/llhttp_simd.wasm:1

@gaborcsardi
Copy link
Member Author

We can bundle up the node actions with https://github.com/vercel/ncc, that'll simplify a lot of things, anyway.

@gaborcsardi
Copy link
Member Author

With the bundling in #840 this is fixed as well.

@github-actions GitHub Actions
Copy link

This issue has been automatically locked. If you believe you have found a related problem, please file a new issue and include a link to this issue

@github-actions github-actions bot locked as resolved and limited conversation to collaborators May 22, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
bug an unexpected problem or unintended behavior
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@gaborcsardi