Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update versions from packages themselves #437

Merged
merged 2 commits into from
Feb 20, 2023
Merged

Update versions from packages themselves #437

merged 2 commits into from
Feb 20, 2023

Conversation

HirumalPriyashan
Copy link
Contributor

Use the Java tools and NTIA Conformance checker package themselves to obtain their version for the About page instead of hard coding.

@HirumalPriyashan
Update versions from packages themselves
63b139d 
Use the Java tools and NTIA Conformance checker package themselves to obtain their version for the About page instead of hard coding.

Signed-off-by: Hirumal Priyashan <hirupriyashanrc@gmail.com>
sonatype-lift[bot]
sonatype-lift bot reviewed Feb 18, 2023
View reviewed changes
src/src/version.py Outdated
string -- JAVA Tools version
"""
path = join(dirname(abspath(__file__)), "..", jarName)
output = run(["java", "-jar", path, "Version"], stdout=PIPE).stdout.decode("utf-8")
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

B607: Starting a process with a partial executable path

ℹ️ Expand to see all @sonatype-lift commands

You can reply with the following commands. For example, reply with @sonatype-lift ignoreall to leave out all findings.

Command Usage
@sonatype-lift ignore Leave out the above finding from this PR
@sonatype-lift ignoreall Leave out all the existing findings from this PR
@sonatype-lift exclude <file|issue|path|tool> Exclude specified file|issue|path|tool from Lift findings by updating your config.toml file

Note: When talking to LiftBot, you need to refresh the page to see its response.
Click here to add LiftBot to another repo.

Help us improve LIFT! (Sonatype LiftBot external survey)

Was this a good recommendation for you? Answering this survey will not impact your Lift settings.

[ 🙁 Not relevant ] - [ 😕 Won't fix ] - [ 😑 Not critical, will fix ] - [ 🙂 Critical, will fix ] - [ 😊 Critical, fixing now ]

sonatype-lift[bot]
sonatype-lift bot reviewed Feb 18, 2023
View reviewed changes
src/src/version.py Outdated
string -- JAVA Tools version
"""
path = join(dirname(abspath(__file__)), "..", jarName)
output = run(["java", "-jar", path, "Version"], stdout=PIPE).stdout.decode("utf-8")
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

B603: subprocess call - check for execution of untrusted input.

ℹ️ Expand to see all @sonatype-lift commands

You can reply with the following commands. For example, reply with @sonatype-lift ignoreall to leave out all findings.

Command Usage
@sonatype-lift ignore Leave out the above finding from this PR
@sonatype-lift ignoreall Leave out all the existing findings from this PR
@sonatype-lift exclude <file|issue|path|tool> Exclude specified file|issue|path|tool from Lift findings by updating your config.toml file

Note: When talking to LiftBot, you need to refresh the page to see its response.
Click here to add LiftBot to another repo.

Help us improve LIFT! (Sonatype LiftBot external survey)

Was this a good recommendation for you? Answering this survey will not impact your Lift settings.

[ 🙁 Not relevant ] - [ 😕 Won't fix ] - [ 😑 Not critical, will fix ] - [ 🙂 Critical, will fix ] - [ 😊 Critical, fixing now ]

goneall
goneall requested changes Feb 19, 2023
View reviewed changes
Copy link
Member

@goneall goneall left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @HirumalPriyashan - Overall looks good. Just one suggested UI related change.

src/src/version.py Show resolved Hide resolved
src/src/version.py Outdated Show resolved Hide resolved
@HirumalPriyashan
Address suggestions
eab2cbf 
Signed-off-by: Hirumal Priyashan <hirupriyashanrc@gmail.com>
goneall
goneall approved these changes Feb 20, 2023
View reviewed changes
Copy link
Member

@goneall goneall left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM - Thanks @HirumalPriyashan

@goneall goneall merged commit 79f75e1 into spdx:main Feb 20, 2023
@HirumalPriyashan HirumalPriyashan deleted the patch-420 branch February 20, 2023 02:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sonatype-lift sonatype-lift[bot] sonatype-lift left review comments

@goneall goneall goneall approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Update versions from the packages
2 participants
@HirumalPriyashan @goneall