Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: add unit tests, integration tests, coverage and documentation #32

Merged
merged 16 commits into from
Jul 24, 2024
Merged

chore: add unit tests, integration tests, coverage and documentation #32

merged 16 commits into from
Jul 24, 2024

Conversation

IlonaShishov
Copy link
Collaborator

No description provided.

IlonaShishov and others added 13 commits July 10, 2024 10:56
@IlonaShishov
test: add unit tests
d6809a4 
Signed-off-by: Ilona Shishov <[email protected]>
@IlonaShishov
test: add coverage using vitest v8
9cb102b 
Signed-off-by: Ilona Shishov <[email protected]>
@IlonaShishov
test: improve coverage
48e58de 
Signed-off-by: Ilona Shishov <[email protected]>
@IlonaShishov
doc: add typeDoc annotations
c949f03 
Signed-off-by: Ilona Shishov <[email protected]>
@IlonaShishov
doc: update README
953f311 
Signed-off-by: Ilona Shishov <[email protected]>
@IlonaShishov
test: add integration tests
7ac4384 
Signed-off-by: Ilona Shishov <[email protected]>
@IlonaShishov
fix: windows support
bc24bc5 
Signed-off-by: Ilona Shishov <[email protected]>
@agunn303
7/19/24 - ritz303 : Reviewed README, made edits, and added a CHANGELOG
3ab1321
@agunn303
7/22/24 - gunnage : Edits from feedback
d98788d
@agunn303
7/22/24 - gunnage : Edits from feedback
281a469
@agunn303
7/23/24 - ritz303 : Removed prerequisite heading
d146150
@IlonaShishov
Merge pull request #31 from ritz303/readme-review
4e13798 
docs: Reviewed README, made edits, and added a CHANGELOG
@IlonaShishov
doc: remove link to header
bea9dd7 
Signed-off-by: Ilona Shishov <[email protected]>
github-advanced-security[bot]
github-advanced-security bot found potential problems Jul 24, 2024
View reviewed changes
Copy link

@github-advanced-security github-advanced-security bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Red Hat Dependency Analytics found more than 20 potential problems in the proposed changes. Check the Files changed tab for more details.

@github-actions github-actions bot added the RHDA Scan Passed RHDA found no vulnerabilities label Jul 24, 2024
github-advanced-security[bot]
github-advanced-security bot found potential problems Jul 24, 2024
View reviewed changes
manifests/gradle/build.gradle Fixed Show fixed Hide fixed
manifests/gradle/build.gradle Fixed Show fixed Hide fixed
manifests/gradle/build.gradle Fixed Show fixed Hide fixed
manifests/gradle/build.gradle Fixed Show fixed Hide fixed
manifests/gradle/build.gradle Fixed Show fixed Hide fixed
manifests/gradle/build.gradle Fixed Show fixed Hide fixed
manifests/gradle/build.gradle Fixed Show fixed Hide fixed
manifests/gradle/build.gradle Fixed Show fixed Hide fixed
manifests/gradle/build.gradle Fixed Show fixed Hide fixed
manifests/gradle/build.gradle Fixed Show fixed Hide fixed
github-advanced-security[bot]
github-advanced-security bot found potential problems Jul 24, 2024
View reviewed changes
manifests/npm/package.json Fixed Show fixed Hide fixed
manifests/npm/package.json Fixed Show fixed Hide fixed
manifests/npm/package.json Fixed Show fixed Hide fixed
manifests/npm/package.json Fixed Show fixed Hide fixed
manifests/npm/package.json Fixed Show fixed Hide fixed
manifests/npm/package.json Fixed Show fixed Hide fixed
manifests/npm/package.json Fixed Show fixed Hide fixed
github-advanced-security[bot]
github-advanced-security bot found potential problems Jul 24, 2024
View reviewed changes
manifests/golang/go.mod
go 1.22

require (
golang.org/x/net v0.10.0 // indirect

Check failure

Code scanning / Red Hat Dependency Analytics

HIGH severity - HTTP/2 rapid reset can cause excessive work in net/http vulnerability Error

This line introduces a "HTTP/2 rapid reset can cause excessive work in net/http" vulnerability with HIGH severity.
Vulnerability data provider is osv.
Vulnerability data source is osv.
Vulnerable dependency is golang.org/x/net version v0.10.0.
manifests/golang/go.mod
go 1.22

require (
golang.org/x/net v0.10.0 // indirect

Check warning

Code scanning / Red Hat Dependency Analytics

MEDIUM severity - Improper rendering of text nodes in golang.org/x/net/html vulnerability Warning

This line introduces a "Improper rendering of text nodes in golang.org/x/net/html" vulnerability with MEDIUM severity.
Vulnerability data provider is osv.
Vulnerability data source is osv.
Vulnerable dependency is golang.org/x/net version v0.10.0.
manifests/golang/go.mod
go 1.22

require (
golang.org/x/net v0.10.0 // indirect

Check warning

Code scanning / Red Hat Dependency Analytics

MEDIUM severity - net/http, x/net/http2: close connections when receiving too many headers vulnerability Warning

This line introduces a "net/http, x/net/http2: close connections when receiving too many headers" vulnerability with MEDIUM severity.
Vulnerability data provider is osv.
Vulnerability data source is osv.
Vulnerable dependency is golang.org/x/net version v0.10.0.
manifests/golang/go.mod
go 1.22

require (
golang.org/x/net v0.10.0 // indirect

Check warning

Code scanning / Red Hat Dependency Analytics

MEDIUM severity - HTTP/2 Stream Cancellation Attack vulnerability Warning

This line introduces a "HTTP/2 Stream Cancellation Attack" vulnerability with MEDIUM severity.
Vulnerability data provider is osv.
Vulnerability data source is osv.
Vulnerable dependency is golang.org/x/net version v0.10.0.
github-advanced-security[bot]
github-advanced-security bot found potential problems Jul 24, 2024
View reviewed changes
manifests/podman/Containerfile
@@ -0,0 +1,2 @@
FROM --platform=linux/amd64 ubuntu:latest
FROM node:14

Check failure

Code scanning / Red Hat Dependency Analytics

CRITICAL severity - NPM IP package incorrectly identifies some private IP addresses as public vulnerability

This line introduces a "NPM IP package incorrectly identifies some private IP addresses as public" vulnerability with CRITICAL severity. Vulnerability data provider is osv. Vulnerability data source is osv. Vulnerable dependency is ip version 1.1.5.
manifests/podman/Containerfile
@@ -0,0 +1,2 @@
FROM --platform=linux/amd64 ubuntu:latest
FROM node:14

Check failure

Code scanning / Red Hat Dependency Analytics

HIGH severity - Inefficient Regular Expression Complexity in chalk/ansi-regex vulnerability

This line introduces a "Inefficient Regular Expression Complexity in chalk/ansi-regex" vulnerability with HIGH severity. Vulnerability data provider is osv. Vulnerability data source is osv. Vulnerable dependency is ansi-regex version 3.0.0.
manifests/podman/Containerfile
@@ -0,0 +1,2 @@
FROM --platform=linux/amd64 ubuntu:latest
FROM node:14

Check failure

Code scanning / Red Hat Dependency Analytics

HIGH severity - Inefficient Regular Expression Complexity in chalk/ansi-regex vulnerability

This line introduces a "Inefficient Regular Expression Complexity in chalk/ansi-regex" vulnerability with HIGH severity. Vulnerability data provider is osv. Vulnerability data source is osv. Vulnerable dependency is ansi-regex version 4.1.0.
manifests/podman/Containerfile
@@ -0,0 +1,2 @@
FROM --platform=linux/amd64 ubuntu:latest
FROM node:14

Check failure

Code scanning / Red Hat Dependency Analytics

HIGH severity - http-cache-semantics vulnerable to Regular Expression Denial of Service vulnerability

This line introduces a "http-cache-semantics vulnerable to Regular Expression Denial of Service" vulnerability with HIGH severity. Vulnerability data provider is osv. Vulnerability data source is osv. Vulnerable dependency is http-cache-semantics version 3.8.1.
manifests/podman/Containerfile
@@ -0,0 +1,2 @@
FROM --platform=linux/amd64 ubuntu:latest
FROM node:14

Check warning

Code scanning / Red Hat Dependency Analytics

MEDIUM severity - Denial of service while parsing a tar file due to lack of folders count validation vulnerability

This line introduces a "Denial of service while parsing a tar file due to lack of folders count validation" vulnerability with MEDIUM severity. Vulnerability data provider is osv. Vulnerability data source is osv. Vulnerable dependency is tar version 4.4.19.
manifests/podman/Containerfile
@@ -0,0 +1,2 @@
FROM --platform=linux/amd64 ubuntu:latest
FROM node:14

Check warning

Code scanning / Red Hat Dependency Analytics

MEDIUM severity - Server-Side Request Forgery in Request vulnerability

This line introduces a "Server-Side Request Forgery in Request" vulnerability with MEDIUM severity. Vulnerability data provider is osv. Vulnerability data source is osv. Vulnerable dependency is request version 2.88.2.
manifests/podman/Containerfile
@@ -0,0 +1,2 @@
FROM --platform=linux/amd64 ubuntu:latest
FROM node:14

Check warning

Code scanning / Red Hat Dependency Analytics

MEDIUM severity - Mercurial Path Traversal/Link Following vulnerability vulnerability

This line introduces a "Mercurial Path Traversal/Link Following vulnerability" vulnerability with MEDIUM severity. Vulnerability data provider is osv. Vulnerability data source is osv. Vulnerable dependency is mercurial version 4.8.2.
manifests/podman/Containerfile
@@ -0,0 +1,2 @@
FROM --platform=linux/amd64 ubuntu:latest
FROM node:14

Check warning

Code scanning / Red Hat Dependency Analytics

MEDIUM severity - Got allows a redirect to a UNIX socket vulnerability

This line introduces a "Got allows a redirect to a UNIX socket" vulnerability with MEDIUM severity. Vulnerability data provider is osv. Vulnerability data source is osv. Vulnerable dependency is got version 6.7.1.
manifests/podman/Containerfile
@@ -0,0 +1,2 @@
FROM --platform=linux/amd64 ubuntu:latest
FROM node:14

Check warning

Code scanning / Red Hat Dependency Analytics

MEDIUM severity - semver vulnerable to Regular Expression Denial of Service vulnerability

This line introduces a "semver vulnerable to Regular Expression Denial of Service" vulnerability with MEDIUM severity. Vulnerability data provider is osv. Vulnerability data source is osv. Vulnerable dependency is semver version 5.7.1.
manifests/podman/Containerfile
@@ -0,0 +1,2 @@
FROM --platform=linux/amd64 ubuntu:latest

Check notice

Code scanning / Red Hat Dependency Analytics

Red Hat recommendation

Recommended Red Hat verified version: sha256%3Af5983f7c7878cc9b26a3962be7756e3c810e9831b0b9f9613e6f6b445f884e74.
@github-actions github-actions bot added RHDA Scan Passed RHDA found no vulnerabilities and removed RHDA Scan Passed RHDA found no vulnerabilities labels Jul 24, 2024
github-advanced-security[bot]
github-advanced-security bot found potential problems Jul 24, 2024
View reviewed changes
manifests/npm/package.json Fixed Show fixed Hide fixed
manifests/npm/package.json Fixed Show fixed Hide fixed
manifests/npm/package.json Fixed Show fixed Hide fixed
manifests/npm/package.json Fixed Show fixed Hide fixed
manifests/npm/package.json Fixed Show fixed Hide fixed
manifests/npm/package.json Fixed Show fixed Hide fixed
manifests/npm/package.json Fixed Show fixed Hide fixed
@github-actions github-actions bot added RHDA Scan Passed RHDA found no vulnerabilities and removed RHDA Scan Passed RHDA found no vulnerabilities labels Jul 24, 2024
@github-actions github-actions bot added RHDA Scan Passed RHDA found no vulnerabilities and removed RHDA Scan Passed RHDA found no vulnerabilities labels Jul 24, 2024
@IlonaShishov
fix: startline detection
48bb794 
Signed-off-by: Ilona Shishov <[email protected]>
github-advanced-security[bot]
github-advanced-security bot found potential problems Jul 24, 2024
View reviewed changes
manifests/gradle/build.gradle Fixed Show fixed Hide fixed
manifests/gradle/build.gradle Fixed Show fixed Hide fixed
manifests/gradle/build.gradle Fixed Show fixed Hide fixed
manifests/gradle/build.gradle Fixed Show fixed Hide fixed
manifests/gradle/build.gradle Fixed Show fixed Hide fixed
manifests/gradle/build.gradle Fixed Show fixed Hide fixed
manifests/gradle/build.gradle Fixed Show fixed Hide fixed
manifests/gradle/build.gradle Fixed Show fixed Hide fixed
@github-actions github-actions bot added RHDA Scan Passed RHDA found no vulnerabilities and removed RHDA Scan Passed RHDA found no vulnerabilities labels Jul 24, 2024
@github-actions github-actions bot added RHDA Scan Passed RHDA found no vulnerabilities and removed RHDA Scan Passed RHDA found no vulnerabilities labels Jul 24, 2024
@github-actions github-actions bot added RHDA Scan Passed RHDA found no vulnerabilities and removed RHDA Scan Passed RHDA found no vulnerabilities labels Jul 24, 2024
@IlonaShishov IlonaShishov merged commit aa56c78 into main Jul 24, 2024
6 of 40 checks passed
@github-actions github-actions bot added RHDA Scan Passed RHDA found no vulnerabilities and removed RHDA Scan Passed RHDA found no vulnerabilities labels Jul 24, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
RHDA Scan Passed RHDA found no vulnerabilities
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@IlonaShishov @agunn303