New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix package-url parsing for allow-dependencies-licenses #761
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM!
@@ -46,6 +46,22 @@ const PackageURLWithNamespace = z | |||
} | |||
}) | |||
|
|||
const PackageURLString = z.string().superRefine((value, context) => { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
👍 Nice I really like zod's superRefine. Hopefully we can slowly tease out more of the validation logic out of the config.ts and into their own schema's here.
…#666) [![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/dependency-review-action](https://togithub.com/actions/dependency-review-action) | action | patch | `v4.3.1` -> `v4.3.2` | --- ### Release Notes <details> <summary>actions/dependency-review-action (actions/dependency-review-action)</summary> ### [`v4.3.2`](https://togithub.com/actions/dependency-review-action/releases/tag/v4.3.2) [Compare Source](https://togithub.com/actions/dependency-review-action/compare/v4.3.1...v4.3.2) #### What's Changed - Fix package-url parsing for allow-dependencies-licenses by [@​juxtin](https://togithub.com/juxtin) in [actions/dependency-review-action#761 **Full Changelog**: actions/dependency-review-action@v4.3.1...v4.3.2 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/xmldom/xmldom). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zMjEuMiIsInVwZGF0ZWRJblZlciI6IjM3LjMyMS4yIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbXX0=--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/dependency-review-action](https://togithub.com/actions/dependency-review-action) | action | minor | `v4.2.5` -> `v4.3.2` | --- ### Release Notes <details> <summary>actions/dependency-review-action (actions/dependency-review-action)</summary> ### [`v4.3.2`](https://togithub.com/actions/dependency-review-action/releases/tag/v4.3.2) [Compare Source](https://togithub.com/actions/dependency-review-action/compare/v4.3.1...v4.3.2) #### What's Changed - Fix package-url parsing for allow-dependencies-licenses by [@​juxtin](https://togithub.com/juxtin) in [actions/dependency-review-action#761 **Full Changelog**: actions/dependency-review-action@v4.3.1...v4.3.2 ### [`v4.3.1`](https://togithub.com/actions/dependency-review-action/compare/v4.2.5...v4.3.1) [Compare Source](https://togithub.com/actions/dependency-review-action/compare/v4.3.0...v4.3.1) ### [`v4.3.0`](https://togithub.com/actions/dependency-review-action/releases/tag/v4.3.0) [Compare Source](https://togithub.com/actions/dependency-review-action/compare/v4.2.5...v4.3.0) #### New Features - The `deny-packages` option can now be used without a version number to exclude *all* versions of a package. #### What's Changed - Fix action variable name for scorecard by [@​lukehinds](https://togithub.com/lukehinds) in [actions/dependency-review-action#735 - Fix extra https:// in summary by [@​jhutchings1](https://togithub.com/jhutchings1) in [actions/dependency-review-action#748 - Bump typescript from 5.3.3 to 5.4.5 by [@​dependabot](https://togithub.com/dependabot) in [actions/dependency-review-action#744 - Bump eslint-plugin-github from 4.10.1 to 4.10.2 by [@​dependabot](https://togithub.com/dependabot) in [actions/dependency-review-action#737 - Show denied packages with red X by [@​juxtin](https://togithub.com/juxtin) in [actions/dependency-review-action#750 - deny-packages configuration option can deny specified version or all packages by [@​febuiles](https://togithub.com/febuiles) and [@​bteng22](https://togithub.com/bteng22) in [actions/dependency-review-action#733 #### New Contributors - [@​bteng22](https://togithub.com/bteng22) made their first contribution in [actions/dependency-review-action#733 - [@​lukehinds](https://togithub.com/lukehinds) made their first contribution in [actions/dependency-review-action#735 **Full Changelog**: actions/dependency-review-action@v4.2.5...V4.3.0 </details> --- ### Configuration 📅 **Schedule**: Branch creation - "monthly" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/ni/nimble). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zMjEuMiIsInVwZGF0ZWRJblZlciI6IjM3LjMyMS4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119--> --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Milan Raj <rajsite@users.noreply.github.com>
[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/dependency-review-action](https://togithub.com/actions/dependency-review-action) | action | patch | `v4.3.1` -> `v4.3.2` | | [defenseunicorns/uds-common](https://togithub.com/defenseunicorns/uds-common) | | patch | `v0.4.0` -> `v0.4.2` | | [defenseunicorns/uds-common](https://togithub.com/defenseunicorns/uds-common) | action | patch | `v0.4.0` -> `v0.4.2` | | [golangci/golangci-lint](https://togithub.com/golangci/golangci-lint) | repository | minor | `v1.57.2` -> `v1.58.0` | | [renovatebot/pre-commit-hooks](https://togithub.com/renovatebot/pre-commit-hooks) | repository | minor | `37.329.0` -> `37.342.1` | Note: The `pre-commit` manager in Renovate is not supported by the `pre-commit` maintainers or community. Please do not report any problems there, instead [create a Discussion in the Renovate repository](https://togithub.com/renovatebot/renovate/discussions/new) if you have any questions. --- ### Release Notes <details> <summary>actions/dependency-review-action (actions/dependency-review-action)</summary> ### [`v4.3.2`](https://togithub.com/actions/dependency-review-action/releases/tag/v4.3.2) [Compare Source](https://togithub.com/actions/dependency-review-action/compare/v4.3.1...v4.3.2) #### What's Changed - Fix package-url parsing for allow-dependencies-licenses by [@​juxtin](https://togithub.com/juxtin) in [actions/dependency-review-action#761 **Full Changelog**: actions/dependency-review-action@v4.3.1...v4.3.2 </details> <details> <summary>defenseunicorns/uds-common (defenseunicorns/uds-common)</summary> ### [`v0.4.2`](https://togithub.com/defenseunicorns/uds-common/releases/tag/v0.4.2) [Compare Source](https://togithub.com/defenseunicorns/uds-common/compare/v0.4.1...v0.4.2) ##### Miscellaneous - give doug a mattermostid attribute and update uds version ([#​120](https://togithub.com/defenseunicorns/uds-common/issues/120)) ([4a85172](https://togithub.com/defenseunicorns/uds-common/commit/4a851720a8ac7e62826efda9e92200ba3a5b6709)) ### [`v0.4.1`](https://togithub.com/defenseunicorns/uds-common/releases/tag/v0.4.1) [Compare Source](https://togithub.com/defenseunicorns/uds-common/compare/v0.4.0...v0.4.1) ##### Miscellaneous - **deps:** update uds common support dependencies ([#​116](https://togithub.com/defenseunicorns/uds-common/issues/116)) ([8aed1e0](https://togithub.com/defenseunicorns/uds-common/commit/8aed1e0ae8b4d65f7418664e8f2c73a16bf42801)) </details> <details> <summary>golangci/golangci-lint (golangci/golangci-lint)</summary> ### [`v1.58.0`](https://togithub.com/golangci/golangci-lint/compare/v1.57.2...v1.58.0) [Compare Source](https://togithub.com/golangci/golangci-lint/compare/v1.57.2...v1.58.0) </details> <details> <summary>renovatebot/pre-commit-hooks (renovatebot/pre-commit-hooks)</summary> ### [`v37.342.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.342.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.341.0...37.342.1) See https://github.com/renovatebot/renovate/releases/tag/37.342.1 for more changes ### [`v37.341.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.341.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.340.10...37.341.0) See https://github.com/renovatebot/renovate/releases/tag/37.341.0 for more changes ### [`v37.340.10`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.340.10) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.340.9...37.340.10) See https://github.com/renovatebot/renovate/releases/tag/37.340.10 for more changes ### [`v37.340.9`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.340.9) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.340.8...37.340.9) See https://github.com/renovatebot/renovate/releases/tag/37.340.9 for more changes ### [`v37.340.8`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.340.8) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.340.5...37.340.8) See https://github.com/renovatebot/renovate/releases/tag/37.340.8 for more changes ### [`v37.340.5`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.340.5) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.340.4...37.340.5) See https://github.com/renovatebot/renovate/releases/tag/37.340.5 for more changes ### [`v37.340.4`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.340.4) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.340.0...37.340.4) See https://github.com/renovatebot/renovate/releases/tag/37.340.4 for more changes ### [`v37.340.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.340.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.339.0...37.340.0) See https://github.com/renovatebot/renovate/releases/tag/37.340.0 for more changes ### [`v37.339.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.339.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.338.0...37.339.0) See https://github.com/renovatebot/renovate/releases/tag/37.339.0 for more changes ### [`v37.338.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.338.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.337.0...37.338.0) See https://github.com/renovatebot/renovate/releases/tag/37.338.0 for more changes ### [`v37.337.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.337.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.336.0...37.337.0) See https://github.com/renovatebot/renovate/releases/tag/37.337.0 for more changes ### [`v37.336.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.336.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.334.3...37.336.0) See https://github.com/renovatebot/renovate/releases/tag/37.336.0 for more changes ### [`v37.334.3`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.334.3) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.334.1...37.334.3) See https://github.com/renovatebot/renovate/releases/tag/37.334.3 for more changes ### [`v37.334.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.334.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.333.1...37.334.1) See https://github.com/renovatebot/renovate/releases/tag/37.334.1 for more changes ### [`v37.333.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.333.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.333.0...37.333.1) See https://github.com/renovatebot/renovate/releases/tag/37.333.1 for more changes ### [`v37.333.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.333.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.332.0...37.333.0) See https://github.com/renovatebot/renovate/releases/tag/37.333.0 for more changes ### [`v37.332.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.332.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.331.0...37.332.0) See https://github.com/renovatebot/renovate/releases/tag/37.332.0 for more changes ### [`v37.331.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.331.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.330.1...37.331.0) See https://github.com/renovatebot/renovate/releases/tag/37.331.0 for more changes ### [`v37.330.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.330.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.330.0...37.330.1) See https://github.com/renovatebot/renovate/releases/tag/37.330.1 for more changes ### [`v37.330.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.330.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.329.1...37.330.0) See https://github.com/renovatebot/renovate/releases/tag/37.330.0 for more changes ### [`v37.329.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.329.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.329.0...37.329.1) See https://github.com/renovatebot/renovate/releases/tag/37.329.1 for more changes </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://togithub.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/defenseunicorns/uds-package-mattermost). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zMjEuMiIsInVwZGF0ZWRJblZlciI6IjM3LjM0MC4xMCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsic3VwcG9ydC1kZXBzIl19--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Closes #759
Unfortunately we didn't have tests for this config parameter, and it was using a sort of odd validation flow. I've added a few tests and brought it up to spec with the other package-url types for the most part, but I decided to leave it as a string for now to avoid having to significantly rewrite the actual license checking logic.