Skip to content
Reachables tests

fix(deps): update dependency @npmcli/installed-package-contents to v4 #3022

Sign in to view logs

fix(deps): update dependency @npmcli/installed-package-contents to v4

fix(deps): update dependency @npmcli/installed-package-contents to v4 #3022

Workflow file for this run

.github/workflows/java-reachables-test.yml at 6090a56
name: Reachables tests
on:
pull_request:
paths:
- '.github/workflows/java-reachables-test.yml'
- '.nvmrc'
- '.pnpmfile.cjs'
- 'bin/**'
- 'data/**'
- 'index.cjs'
- 'lib/**'
- 'package.json'
- 'pnpm-lock.yaml'
- '!**.poku.js'
workflow_dispatch:
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: true
# https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/controlling-permissions-for-github_token
permissions: {}
jobs:
java-js-sample-tests:
strategy:
fail-fast: false
matrix:
java-version: ['24']
os: ['ubuntu-24.04']
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
persist-credentials: false
- name: Set up JDK ${{ matrix.java-version }}
uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0
with:
distribution: 'temurin'
java-version: ${{ matrix.java-version }}
- name: Setup pnpm
uses: pnpm/action-setup@41ff72655975bd51cab0327fa583b6e92b6d3061 # v4.2.0
- name: Use Node.js
uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0
with:
node-version-file: .nvmrc
- name: pnpm install, build
run: |
pnpm install --config.strict-dep-builds=true
mkdir -p repotests
mkdir -p bomresults
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
persist-credentials: false
repository: 'DependencyTrack/dependency-track'
path: 'repotests/dependency-track'
ref: '4.11.1'
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
persist-credentials: false
repository: 'DependencyTrack/frontend'
path: 'repotests/frontend'
ref: '4.13.0'
- name: compile
run: |
cd repotests/dependency-track
mvn -q clean compile -DskipTests -Dmaven.test.skip=true
- name: reachables tests - java
run: |
node bin/cdxgen.js -p -t java --profile research -o repotests/dependency-track/bom.json repotests/dependency-track
ls -ltr repotests/dependency-track/
cp -rf repotests/dependency-track/*.json bomresults/
env:
CDXGEN_DEBUG_MODE: verbose
- name: reachables tests - js
run: |
node bin/cdxgen.js -p -t js --profile research -o repotests/frontend/bom.json repotests/frontend
- uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
with:
name: bomresults
path: bomresults
# ruby-samples:
# strategy:
# fail-fast: false
# matrix:
# os: ["ubuntu-24.04"]
# runs-on: ${{ matrix.os }}
# steps:
# - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
# with:
# persist-credentials: false
# - name: setup paths
# run: |
# mkdir -p repotests
# mkdir -p rubyresults
# - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
# with:
# persist-credentials: false
# repository: 'bionomia/bionomia'
# path: 'repotests/bionomia'
# ref: '5ada8b5f4a5f68561a7195e2badc2f744dc4676e'
# - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
# with:
# persist-credentials: false
# repository: 'OWASP/railsgoat'
# path: 'repotests/railsgoat'
# ref: 'c1e8ff1e3b24a1c48fcfc9fbee0f65dc296b49d9'
# - name: generate reachables sbom - bionomia
# run: |
# mkdir -p $GITHUB_WORKSPACE/rubyresults/bionomia
# cd repotests/bionomia
# docker run --rm -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/cyclonedx/cdxgen-debian-ruby33:v11 -r /app -o /app/bom.json -t ruby --profile research
# cp bom.json *.slices.json $GITHUB_WORKSPACE/rubyresults/bionomia
# - name: generate reachables sbom - railsgoat
# run: |
# mkdir -p $GITHUB_WORKSPACE/rubyresults/railsgoat
# cd repotests/railsgoat
# docker run --rm -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/cyclonedx/cdxgen-debian-ruby26:v11 -r /app -o /app/bom.json -t ruby --profile research
# cp bom.json *.slices.json $GITHUB_WORKSPACE/rubyresults/railsgoat
# - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
# with:
# name: rubyresults
# path: rubyresults
#
# scala-samples:
# strategy:
# fail-fast: false
# matrix:
# os: ["ubuntu-24.04"]
# runs-on: ${{ matrix.os }}
# steps:
# - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
# with:
# persist-credentials: false
# - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
# with:
# persist-credentials: false
# repository: 'playframework/play-samples'
# path: 'repotests/play-samples'
# ref: '0dccba17856e89dbb5e457ab760efb14cc691395'
# - name: setup paths
# run: |
# mkdir -p repotests
# mkdir -p scalaresults
# - name: generate reachables sbom - play-scala-rest-api-example
# run: |
# mkdir -p $GITHUB_WORKSPACE/scalaresults/play-scala-rest-api-example
# cd repotests/play-samples/play-scala-rest-api-example
# docker run --rm -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/cyclonedx/cdxgen-temurin-java21:v11 -r /app -o /app/bom.json -t scala --profile research
# cp *.json $GITHUB_WORKSPACE/scalaresults/play-scala-rest-api-example
# - name: generate reachables sbom - play-scala-slick-example
# run: |
# mkdir -p $GITHUB_WORKSPACE/scalaresults/play-scala-slick-example
# cd repotests/play-samples/play-scala-slick-example
# docker run --rm -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/cyclonedx/cdxgen-temurin-java21:v11 -r /app -o /app/bom.json -t scala --profile research
# cp *.json $GITHUB_WORKSPACE/scalaresults/play-scala-slick-example
# - name: generate reachables sbom - play-scala-starter-example/
# run: |
# mkdir -p $GITHUB_WORKSPACE/scalaresults/play-scala-starter-example
# cd repotests/play-samples/play-scala-starter-example
# docker run --rm -v /tmp:/tmp -v $(pwd):/app:rw -t ghcr.io/cyclonedx/cdxgen-temurin-java21:v11 -r /app -o /app/bom.json -t scala --profile research
# cp *.json $GITHUB_WORKSPACE/scalaresults/play-scala-starter-example
# - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
# with:
# name: scalaresults
# path: scalaresults