Commit graph

56 commits

Author SHA1 Message Date
Vaidotas Valuckas
0cf712888b
Merge pull request #22 from gradle/vv/bump-minimist
Bump minimist library version
2020-03-17 12:09:24 +02:00
Vaidotas Valuckas
616fa6d030
Bump minimist library version 2020-03-17 12:01:07 +02:00
Frieder Bluemle
fcaf38c511 Update checkout action to v2 2020-03-17 10:30:48 +01:00
Jonathan Leitschuh
3cfb6c24e2
Merge pull request #21 from gradle/dependabot/npm_and_yarn/acorn-5.7.4
Bump acorn from 5.7.3 to 5.7.4
2020-03-16 14:00:05 -04:00
dependabot[bot]
98b3cf662c
Bump acorn from 5.7.3 to 5.7.4
Bumps [acorn](https://github.com/acornjs/acorn) from 5.7.3 to 5.7.4.
- [Release notes](https://github.com/acornjs/acorn/releases)
- [Commits](https://github.com/acornjs/acorn/compare/5.7.3...5.7.4)

Signed-off-by: dependabot[bot] <support@github.com>
2020-03-16 17:37:20 +00:00
Jonathan Leitschuh
b759e436a5 Add a link to the example Homoglyph attack PR 2020-03-03 10:41:27 +01:00
Frieder Bluemle
78999a846d Update GitHub Actions workflow name to ci 2020-02-26 09:53:27 +01:00
Jonathan Leitschuh
3d02c5f395
Merge pull request #14 from JLLeitschuh/docs/JLL/gradle_unsupported_versions
Document unsupported versions 3.3 to 4.0
2020-02-18 08:44:49 -05:00
Jonathan Leitschuh
793a52f6a9
Fix spacing on README 2020-02-13 16:59:09 -05:00
Jonathan Leitschuh
91b8d34dbf
Add explanation of what to do if in problematic version range
Co-Authored-By: Paul Merlin <paul@nosphere.org>
2020-02-12 13:59:11 -05:00
Jonathan Leitschuh
aea0bb6ee7
Document unsupported versions 3.3 to 4.0 2020-02-04 11:22:06 -05:00
Jonathan Leitschuh
80623af194
Merge pull request #13 from JLLeitschuh/docs/JLL/external_contribution_section
Add external contribution details to README
2020-02-04 10:01:29 -05:00
Jonathan Leitschuh
76f5cdbf5e
Add external contribution details to README 2020-02-03 15:37:36 -05:00
Jonathan Leitschuh
17df8817b6
Merge pull request #12 from JLLeitschuh/chore/JLL/remove_company_note
Remove comment about problem being unique to open source
2020-01-31 11:36:54 -05:00
Jonathan Leitschuh
025bdee66a
Remove comment about problem being unique to open source 2020-01-30 12:37:07 -05:00
Jonathan Leitschuh
e7f83badee
Merge pull request #11 from friederbluemle/update-project
Fix typo
2020-01-22 21:25:19 -05:00
Frieder Bluemle
c95c3c3f46
Fix typo 2020-01-22 16:44:58 -08:00
Paul Merlin
6651bb31dd Document release process
Signed-off-by: Paul Merlin <paul@gradle.com>
2020-01-16 10:31:12 +01:00
Paul Merlin
8cb3a6f68d Let failure message link to how to report validation errors
Signed-off-by: Paul Merlin <paul@gradle.com>
2020-01-16 10:08:53 +01:00
Jonathan Leitschuh
f783f98dff Simple housekeeping improvements 2020-01-16 10:03:19 +01:00
Paul Merlin
c17576acf6 Refine workflow sample in README
Signed-off-by: Paul Merlin <paul@gradle.com>
2020-01-16 10:00:48 +01:00
Jonathan Leitschuh
ffa49e0d93
Merge pull request #6 from JLLeitschuh/feat/JLL/homoglyph_detector
Add a homoglyph detector for gradle-wrapper.jar files
2020-01-15 14:16:32 -05:00
Jonathan Leitschuh
169f8f11db
Mention the homoglyph detection capabilities in the README 2020-01-15 12:24:14 -05:00
Jonathan Leitschuh
9f4cacc32b
Merge branch 'master' into feat/JLL/homoglyph_detector
* master:
  Add :
  Build
  Rework output
  Let finding wrapper jars be predictable
  Ignore IDEA files
2020-01-15 11:59:08 -05:00
Jonathan Leitschuh
e4429f250f
Replace homoglyphs.ts with unhomoglyph library 2020-01-15 11:41:11 -05:00
Paul Merlin
fbc9d54f7d
Merge pull request #5 from gradle/eskatos/output-enhancements
Always display all found wrapper jars and their checksum
2020-01-14 10:03:22 +01:00
Jonathan Leitschuh
ae0da6528c
Add a homoglyph detector for gradle-wrapper.jar files 2020-01-13 13:00:16 -05:00
Paul Merlin
6c65025c7d Add :
Signed-off-by: Paul Merlin <paul@gradle.com>
2020-01-13 10:29:20 +01:00
Jonathan Leitschuh
c230e9d098 Update alt text for binary file image 2020-01-13 10:05:53 +01:00
Paul Merlin
a8266c0a0b Build
Signed-off-by: Paul Merlin <paul@gradle.com>
2020-01-11 15:35:28 +01:00
Paul Merlin
33646cf935 Rework output
Always display all known and unknown found wrapper jars
alongside their checksum.

The display string building was pushed down from the Github Action main
function, so it's easier to reuse and test it.

Signed-off-by: Paul Merlin <paul@gradle.com>
2020-01-11 15:35:09 +01:00
Paul Merlin
4432e91432 Let finding wrapper jars be predictable
Signed-off-by: Paul Merlin <paul@gradle.com>
2020-01-11 15:33:16 +01:00
Paul Merlin
f8dcae7055 Ignore IDEA files
Signed-off-by: Paul Merlin <paul@gradle.com>
2020-01-11 14:14:31 +01:00
Paul Merlin
b1eb08b764 Fix README
Signed-off-by: Paul Merlin <paul@gradle.com>
2020-01-10 18:05:42 +01:00
Paul Merlin
eabf8f4ea7 Add Action branding
Signed-off-by: Paul Merlin <paul@gradle.com>
2020-01-10 18:04:36 +01:00
Paul Merlin
7c1b6a0c36 Refine min-wrapper-count error message
Signed-off-by: Paul Merlin <paul@gradle.com>
2020-01-10 17:59:23 +01:00
Paul Merlin
9393a6ed98 Introduce min-wrapper-count input
Signed-off-by: Paul Merlin <paul@gradle.com>
2020-01-10 17:54:22 +01:00
Paul Merlin
66b3019a7f Refine README
Signed-off-by: Paul Merlin <paul@gradle.com>
2020-01-10 17:20:05 +01:00
Paul Merlin
b8f7b569bb Fix name in README
Signed-off-by: Paul Merlin <paul@gradle.com>
2020-01-10 17:10:52 +01:00
Paul Merlin
e8407982ad Rename action
Signed-off-by: Paul Merlin <paul@gradle.com>
2020-01-10 17:00:21 +01:00
Paul Merlin
801dc6b278 Refine README
Signed-off-by: Paul Merlin <paul@gradle.com>
2020-01-10 16:08:37 +01:00
Jonathan Leitschuh
b1a1876368 Add an explanation to the README 2020-01-10 16:07:03 +01:00
Paul Merlin
134e7085c8 README
Signed-off-by: Paul Merlin <paul@gradle.com>
2020-01-06 13:57:17 +01:00
Paul Merlin
89c35dd18b Better reporting of invalid wrapper jars
Signed-off-by: Paul Merlin <paul@gradle.com>
2020-01-06 13:50:19 +01:00
Paul Merlin
73443bf726 Add input to allow arbitrary checksums
In order for the action integration test to pass on CI
And it's a feature

Signed-off-by: Paul Merlin <paul@gradle.com>
2020-01-06 13:36:28 +01:00
Paul Merlin
bb8b9a96ab Simplify jest config
Signed-off-by: Paul Merlin <paul@gradle.com>
2020-01-06 13:26:44 +01:00
Paul Merlin
e0653151c5 Walk the dir tree instead of the git tree
In order to support shallow checkouts, because nodegit doesn't play well on CI

Signed-off-by: Paul Merlin <paul@gradle.com>
2020-01-06 13:24:48 +01:00
Paul Merlin
94a3288680 Properly close file read stream
Signed-off-by: Paul Merlin <paul@gradle.com>
2020-01-06 11:56:42 +01:00
Paul Merlin
bdf490fd65 Timeout again
Signed-off-by: Paul Merlin <paul@gradle.com>
2020-01-06 11:46:31 +01:00
Paul Merlin
ec8dbf583c Timeout
Signed-off-by: Paul Merlin <paul@gradle.com>
2020-01-06 11:43:15 +01:00