STACKITGit/cli
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
11279 commits 87 branches 0 tags 160 MiB
Commit graph

11279 commits

This branch
This branch
All branches
Author SHA1 Message Date
bagtoad
deb34d6456 Refactor error handling for missing "workflow" scope in createRelease 2024-11-23 16:59:49 -07:00
bagtoad
11dc6df88b ScopesResponder wraps StatusScopesResponder 2024-11-23 13:19:45 -07:00
Kynan Ware
a4f96d29e3 Refactor workflow scope checking 
Refactor the logic for checking `workflow` scope checking in releases to be in the positive - check if the scope is there, not check if it isn't there. Then, when the function is called we invert it.

Also update comments to be more imperative.

This refactor also incorporates @andyfeller's suggestion to use `slices`.

Co-Authored-By: Andy Feller <andyfeller@github.com>
 2024-11-23 13:17:09 -07:00
Phill MV
b50022db08 wip: added new printSummaryInspection 2024-11-22 17:08:51 -05:00
Andy Feller
cdfc12caf5 Expand logic and tests to handle edge cases 
This commit expands filepathDescendsFrom(string, string) to handle edge cases such as mixing absolute and relative paths or artifact name edge cases.

Additionally, tests for filepathDescendsFrom() and downloadrun() have been expanded to verify additional use cases.
 2024-11-22 15:26:11 -05:00
Kynan Ware
ae87caf8d6
Merge pull request #9948 from cli/kw/use-heredoc-for-several-command-docs 
Fix some multiline command documentation to use `heredoc` strings
 2024-11-22 10:11:32 -07:00
Meredith Lancaster
862786cca6 Merge branch 'trunk' into print-policy-info 2024-11-22 09:10:19 -07:00
Phill MV
6a9a1f0143 Merge branch 'trunk' into phillmv/improve-gh-at-inspect 2024-11-22 11:09:48 -05:00
Phill MV
583a3ac656 Merge branch 'trunk' into phillmv/improve-gh-at-inspect 2024-11-22 11:09:19 -05:00
Phill MV
f84c1c6f51
Merge pull request #9937 from malancas/verify-result-processing 
Update verification results printing
 2024-11-22 10:54:34 -05:00
Kynan Ware
50e5d94a82
Merge branch 'trunk' into dependabot/go_modules/github.com/gabriel-vasile/mimetype-1.4.7 2024-11-21 22:55:23 -07:00
Meredith Lancaster
f92d703554 pr feedback 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-11-21 15:40:15 -07:00
Meredith Lancaster
0fd09eb5ff pr feedback 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-11-21 15:30:41 -07:00
Meredith Lancaster
fed3c8142c
Update pkg/cmd/attestation/verify/attestation_integration_test.go 
Co-authored-by: Phill MV <phillmv@github.com>
 2024-11-21 15:20:44 -07:00
Andy Feller
e7c5706336 Refactor download testing, simpler file descends 
This incorporates the work done by @williammartin to improve reasoning about `gh run download` behavior through testing while verifying a simpler solution to checking if a path is contained within a directory.
 2024-11-21 17:07:27 -05:00
Kynan Ware
74f13a9b4f
Apply suggestions from code review 
Co-authored-by: Andy Feller <andyfeller@github.com>
 2024-11-21 13:55:35 -07:00
bagtoad
677ed2cdcf Refactor command documentation to use heredoc 2024-11-21 13:23:03 -07:00
Meredith Lancaster
27a268cf17
Merge branch 'trunk' into verify-result-processing 2024-11-21 10:07:03 -07:00
Meredith Lancaster
2d41225dd5 pr feedback 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-11-21 09:11:18 -07:00
Meredith Lancaster
28565dc1f8 remove unused test file 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-11-21 08:58:55 -07:00
Meredith Lancaster
7a271b008a undo change 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-11-21 08:58:23 -07:00
Meredith Lancaster
4d277df559 add more testing testing fixtures 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-11-21 08:43:21 -07:00
bagtoad
b5f3463b75 Improve error handling for missing executable 
Check for executable file existence using os.IsNotExist for clearer error handling
 2024-11-20 16:03:03 -07:00
Meredith Lancaster
19afe453c7 update test with new test bundle 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-11-20 14:53:02 -07:00
Meredith Lancaster
5601149c83 naming 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-11-20 13:34:40 -07:00
Meredith Lancaster
ff8844a308 update test 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-11-20 13:22:55 -07:00
Tyler McGoffin
1ec23f698f
Merge pull request #9938 from daliusd/base-ref-oid 
Adding option to return `baseRefOid` in `pr view`
 2024-11-20 12:08:40 -08:00
Meredith Lancaster
4671b8d66b update test 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-11-20 12:46:06 -07:00
Meredith Lancaster
a170c91c6d experiment with table output 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-11-20 09:04:42 -07:00
Andy Feller
984bfdc38d
Merge pull request #9936 from kommendorkapten/manual-verification 
Added a section on manual verification of the relases.
 2024-11-20 10:36:08 -05:00
Andy Feller
78260967f9
Fix README.md code block formatting 2024-11-20 10:26:00 -05:00
dependabot[bot]
6b2c552978
Bump github.com/gabriel-vasile/mimetype from 1.4.6 to 1.4.7 
Bumps [github.com/gabriel-vasile/mimetype](https://github.com/gabriel-vasile/mimetype) from 1.4.6 to 1.4.7.
- [Release notes](https://github.com/gabriel-vasile/mimetype/releases)
- [Commits](https://github.com/gabriel-vasile/mimetype/compare/v1.4.6...v1.4.7)

---
updated-dependencies:
- dependency-name: github.com/gabriel-vasile/mimetype
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-11-20 15:00:03 +00:00
Tyler McGoffin
83cf411556 Improve test names so there is no repetition 2024-11-19 16:08:31 -08:00
bagtoad
e5eedefd09 Assert stderr is empty in manager_test.go 2024-11-19 16:42:16 -07:00
bagtoad
83c5bf3589 Update error message wording 2024-11-19 16:42:15 -07:00
bagtoad
4b73e55fd2 Change: exit zero, still print warning to stderr 
Instead of returning `ErrExtensionExecutableNotFound` error which causes `gh` to have a non-zero exit code, catch it and print the message to stderr, returning nil. Only print the warning to stderr when there is a TTY.
 2024-11-19 16:42:15 -07:00
Meredith Lancaster
3e6861e7e1 clean up 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-11-19 16:28:36 -07:00
Meredith Lancaster
b5788f2523 wrap sigstore and cert ext verification into a single function 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-11-19 16:24:17 -07:00
Andy Feller
8da27d2c8a Second attempt to address exploit 
This builds off suggestion to reuse logic used already within `gh run download` for detecting path traversals.

This largely works but runs into an issue where detection logic doesn't handle non-separated traversal.
 2024-11-19 17:55:18 -05:00
Dalius Dobravolskas
9414930b5d
Adding option to return baseRefOid in pr view 
You need to know exact `baseRefOid` so you could show correct diff.
`baseRefName` is not enough sometimes because branch from which PR was
forked might have changes already.

Example usage:
```
gh pr view --json headRefName,headRefOid,number,baseRefName,baseRefOid,reviewDecision
```
 2024-11-19 23:50:45 +02:00
Meredith Lancaster
f48e6b56e3 verify cert extensions function should return filtered result list 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-11-19 14:38:28 -07:00
Meredith Lancaster
08a66f5383 wording 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-11-19 14:26:15 -07:00
Fredrik Skogman
0cc4846239
Merge branch 'trunk' into manual-verification 2024-11-19 13:25:11 +01:00
Kynan Ware
1bc2bb8059
Improve docs on installing extensions 
Better clarify the two extension types in the `extension install` docs.

Co-authored-by: Tyler McGoffin <jtmcg@github.com>
 2024-11-18 16:45:57 -07:00
Kynan Ware
bb3b64ad06
Update language for missing extension executable 
Co-authored-by: Tyler McGoffin <jtmcg@github.com>
 2024-11-18 16:25:07 -07:00
Kynan Ware
2ec27ff9fe
Update test comments about Windows behavior 
Co-authored-by: Tyler McGoffin <jtmcg@github.com>
 2024-11-18 16:21:14 -07:00
Meredith Lancaster
a55f9a6301 Merge branch 'trunk' into print-policy-info 2024-11-18 13:57:34 -07:00
Meredith Lancaster
9177b22a21
Merge pull request #9892 from malancas/refactor-fetch-attestations 
Refactor the `getAttestations` functions
 2024-11-18 13:56:46 -07:00
Meredith Lancaster
b787a8b785 wording 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-11-18 13:39:06 -07:00
Meredith Lancaster
a89071c30d wording 
Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-11-18 12:25:57 -07:00