Skip to content

Test failure scenarios #15

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 12 commits into from
Closed

Test failure scenarios #15

wants to merge 12 commits into from

Conversation

@BigBlueHat
Copy link
Collaborator

This is only for testing purposes and should not be merged.

@BigBlueHat
Combine audit and list reports; refactoring.
8d54bd8 
This is headed toward being a shared GitHub Action, so it can be run on
both the old code and the new/latest code (without copying and pasting...).
@BigBlueHat
Add shared action for npm audit/list reporting.
7a382a6
@BigBlueHat
Use new shared audit/list action.
325a12e 
This also now generates reports for the old and new code separately.
@BigBlueHat
Continue past the initial shared action call.
19ba15d 
This action is new to the repo and it will fail on the old branch, so we
are continuing on error in that case.
@digitalbazaar digitalbazaar deleted a comment from github-actions bot Oct 10, 2025
@digitalbazaar digitalbazaar deleted a comment from github-actions bot Oct 10, 2025
@digitalbazaar digitalbazaar deleted a comment from github-actions bot Oct 10, 2025
@BigBlueHat
Use --package-lock-only on npm list.
4ae8602 
Otherwise we have to download the entire node_modules/ just to check the same data.
@BigBlueHat
Fix spacing in shared action.
9cf1201
@digitalbazaar digitalbazaar deleted a comment from github-actions bot Oct 11, 2025
@github-actions
Copy link

Vulnerability results from base branch

Vulnerability results from current PR branch

OSV URL CVSS Ecosystem Package Version Source
https://osv.dev/GHSA-pxg6-pf52-xh8x npm cookie 0.4.0 package-lock.json
https://osv.dev/GHSA-8gh8-hqwg-xf34 7.3 npm fast-json-patch 2.2.1 package-lock.json

npm audit

Severity Name Version Fix Available
high ajv-cli >=0.7.0 0.6.0
low cookie <0.7.0 1.0.2
high fast-json-patch <3.1.1 0.6.0

npm list

  • ajv-cli@5.0.0
    • fast-json-patch@2.2.1
  • cookie@0.4.0

@digitalbazaar digitalbazaar deleted a comment from github-actions bot Oct 11, 2025
@digitalbazaar digitalbazaar deleted a comment from github-actions bot Oct 11, 2025
@digitalbazaar digitalbazaar deleted a comment from github-actions bot Oct 11, 2025
@BigBlueHat
Copy link
Collaborator Author

Closing until we need to re-run tests here.

@BigBlueHat BigBlueHat closed this Oct 23, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@BigBlueHat