Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ENH Update reference to supported modules data #241

Merged
merged 1 commit into from
May 8, 2024
Merged

ENH Update reference to supported modules data #241

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
61 changes: 30 additions & 31 deletions .github/workflows/js-prs-issue.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,8 +24,7 @@ jobs:
ALERTS_LIST=''

# Get list of supported modules
# Assumes CMS 5 is the most recent stable version
curl -s -o __modules.json https://raw.githubusercontent.com/silverstripe/supported-modules/5/modules.json
curl -s -o __modules.json https://raw.githubusercontent.com/silverstripe/supported-modules/main/repositories.json
# If we can't parse the JSON at all, $MODULES will be an empty string and that means we couldn't fetch the file.
MODULES=$(jq -e '.' __modules.json) || true
if [[ $MODULES == "" ]]; then
Expand All @@ -35,37 +34,37 @@ jobs:
# Instead of exiting, output an error instead of the dependabot alert list.
# We don't have any reporting indicating if this workflow fails, so this is a good way to track that.
ALERTS_LIST='Failed to parse supported-modules JSON. Please check the GitHub action log.'
fi
else
Comment on lines -38 to +37
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This (and the related indentation change) is unrelated - but I noticed we set ALERTS_LIST to indicate failed JSON fetching above but then we just continue as though we didn't just identify an error.
Now we only try to use the json content if we didn't already detect it was faulty.

Copy link
Member Author

@GuySartorelli GuySartorelli May 7, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I recommend adding ?w=1 to the URL when viewing the diff so you can ignore whitespace and just see what's actually materially changed in this PR.

# Create a list of markdown links for supported module dependabot stuff
ALERTS_LIST=$(php -r '
$json = json_decode(file_get_contents("__modules.json"), true);
foreach ($json["supportedModules"] as $module) {
# Assumes CMS 5 is the most recent stable version
if (!isset($module["majorVersionMapping"]["5"])) {
continue;
}
$githubRef = $module["github"];
$branch = end($module["majorVersionMapping"]["5"]);
$packageJsonURL = "https://raw.githubusercontent.com/$githubRef/$branch/package.json";
$headers = get_headers($packageJsonURL);
# $headers[0] includes the response code in a format like: "HTTP/1.1 404 Not Found"
$response = $headers[0];
# Skip modules which do not have a package.json file
if (strpos($response, "404") !== false) {
continue;
}
# If we have something other than 404 (above) or 200, output an error string for the list
# and move on.
if (strpos($response, "200") === false) {
echo "- $githubRef: Unable to check package.json, response was $response.\\n";
continue;
}

# Create a list of markdown links for supported module dependabot stuff
ALERTS_LIST=$(php -r '
$json = json_decode(file_get_contents("__modules.json"), true);
foreach ($json as $module) {
# Skip non-github modules, if any listed
if (!$module["github"]) {
continue;
}
$githubRef = $module["github"];
$branch = end($module["branches"]);
$packageJsonURL = "https://raw.githubusercontent.com/$githubRef/$branch/package.json";
$headers = get_headers($packageJsonURL);
# $headers[0] includes the response code in a format like: "HTTP/1.1 404 Not Found"
$response = $headers[0];
# Skip modules which do not have a package.json file
if (strpos($response, "404") !== false) {
continue;
}
# If we have something other than 404 (above) or 200, output an error string for the list
# and move on.
if (strpos($response, "200") === false) {
echo "- $githubRef: Unable to check package.json, response was $response.\\n";
continue;
# If we get here, we have a package.json file so we should add a dependabot alerts URL to the list
echo "- [$githubRef](https://github.com/$githubRef/security/dependabot)\\n";
}

# If we get here, we have a package.json file so we should add a dependabot alerts URL to the list
echo "- [$githubRef](https://github.com/$githubRef/security/dependabot)\\n";
}
')
')
fi

echo 'ALERTS_LIST is:'
echo $ALERTS_LIST
Expand Down