Ecosyste.ms: Timeline
Browse the timeline of events for every public repo on GitHub. Data updated hourly from GH Archive.
sschuberth created a review comment on a pull request on oss-review-toolkit/ort
Nits: - "yarn" -> "Yarn" - Probably drop the trailing "." as `content` could already contain it.
sschuberth created a review comment on a pull request on oss-review-toolkit/ort
Commit message: - "because `npm`" -> "because Yarn" - "[1] https://github.com/oss-review-toolkit/ort/commit/ad9a3639604aacfa6aa3fd831593201f42e78483" -> "[1]: https://github.com/oss-review-toolki...
sschuberth created a review comment on a pull request on oss-review-toolkit/ort
Probably better use `.getOrDefault(emptySet())`.
sschuberth created a review comment on a pull request on oss-review-toolkit/ort
Maybe say explicitly in the commit message "This function is not suitable for parsing the JSON objects on `stderr` as-is.".
sschuberth created a review comment on a pull request on oss-review-toolkit/ort
This change should go to the previous commit.
sschuberth created a review comment on a pull request on oss-review-toolkit/ort
Maybe extend the commit message a bit by saying: "Prepare for an upcoming change that signals that parsing of `PackageJson` data was unsuccessful."
fviernau pushed 1 commit to yarn-info-parsing-fixes oss-review-toolkit/ort
- fix(yarn): Fix up the error handling in `getRemotePackageDetails()` Previously, calling `parseYarnInfo(process.stder... e297b5a
fviernau pushed 1 commit to yarn-info-parsing-fixes oss-review-toolkit/ort
- fix(yarn): Fix up the error handling in `getRemotePackageDetails()` Previously, calling `parseYarnInfo(process.stder... a12ad89
fviernau pushed 1 commit to yarn-info-parsing-fixes oss-review-toolkit/ort
- fix(yarn): Fix up the error handling in `getRemotePackageDetails()` Previously, calling `parseYarnInfo(process.stder... f3e7d9d
fviernau pushed 2 commits to yarn-info-parsing-fixes oss-review-toolkit/ort
fviernau pushed 14 commits to yarn-info-parsing-fixes oss-review-toolkit/ort
- feat(spdx): Deal with cycles in dependency relations Circular dependency relations caused the SPDX package manager t... c9d2a49
- docs(model): Clarify in a test what a "clean" purl is supposed to be Signed-off-by: Sebastian Schuberth <sebastian@d... 1219605
- chore(model): Nest purl tests in preparation for adding more tests Signed-off-by: Sebastian Schuberth <sebastian@dou... d2dd061
- chore: Align on "purl" spelling for Package URLs That seems to be the official spelling, see [1]. [1]: https://gith... 4814301
- refactor(model): Move purl-related tests to `PurlExtensionsTest` Signed-off-by: Sebastian Schuberth <sebastian@doubl... 7f07648
- chore(model): Remove a few redundant purl tests Qualifiers are already tested as part of provenance conversion. Sig... 2c79d17
- fix(model): Rework purl conversion according to the specs Implement the pseudo-algorithm described at [1]. Most impo... b1740ef
- test(model): Test against the official purl test suite data The data has been copied from [1]. [1]: https://github.... 419b42b
- docs(yarn): Re-align the docs with the function This is a fix-up for ad9a363. Signed-off-by: Frank Viernau <frank_v... e1993d2
- docs(yarn): Add information about the mentioned network issue Signed-off-by: Frank Viernau <[email protected]> 9fe3c08
- refactor(npm): Allow `getRemotePackageDetails()` to return `null` Prepare for an upcoming change. Signed-off-by: Fr... c11fbfc
- refactor(yarn): Use a more speaking name for `output` Signed-off-by: Frank Viernau <[email protected]> 5530df9
- refactor(yarn): Extract `extractDataNodes()` Avoid code duplication in an upcoming change. Signed-off-by: Frank Vie... c172928
- fix(yarn): Fix up the error handling in `getRemotePackageDetails()` Previously, calling `parseYarnInfo(process.stder... 53e6982
sschuberth created a comment on a pull request on oss-review-toolkit/ort
> > I added a test cases, hoping that this is what you had in mind. > > Hmm, not really. I was hoping for a funTest that queries VC for a Go package which is known to have vulnerabilities. Ne...
sschuberth pushed 7 commits to main oss-review-toolkit/ort
- docs(model): Clarify in a test what a "clean" purl is supposed to be Signed-off-by: Sebastian Schuberth <sebastian@d... 1219605
- chore(model): Nest purl tests in preparation for adding more tests Signed-off-by: Sebastian Schuberth <sebastian@dou... d2dd061
- chore: Align on "purl" spelling for Package URLs That seems to be the official spelling, see [1]. [1]: https://gith... 4814301
- refactor(model): Move purl-related tests to `PurlExtensionsTest` Signed-off-by: Sebastian Schuberth <sebastian@doubl... 7f07648
- chore(model): Remove a few redundant purl tests Qualifiers are already tested as part of provenance conversion. Sig... 2c79d17
- fix(model): Rework purl conversion according to the specs Implement the pseudo-algorithm described at [1]. Most impo... b1740ef
- test(model): Test against the official purl test suite data The data has been copied from [1]. [1]: https://github.... 419b42b
sschuberth pushed 1 commit to main oss-review-toolkit/ort
- feat(spdx): Deal with cycles in dependency relations Circular dependency relations caused the SPDX package manager t... c9d2a49
sschuberth closed a pull request on oss-review-toolkit/ort
feat(spdx): Deal with cycles in dependency relations
Circular dependency relations caused the SPDX package manager to run in a stack overflow. Avoid this by detecting cyclic dependencies and handle them gracefully.
codecov[bot] created a comment on a pull request on oss-review-toolkit/ort
## [Codecov](https://app.codecov.io/gh/oss-review-toolkit/ort/pull/9328?dropdown=coverage&src=pr&el=h1&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=os...
github-advanced-security[bot] created a review comment on a pull request on oss-review-toolkit/ort
## Unused import directive Unused import directive [Show more details](https://github.com/oss-review-toolkit/ort/security/code-scanning/3979)
sschuberth created a review comment on a pull request on oss-review-toolkit/ort
> I still have doubts that the error handling code path is used at all. ... > Ok, i've reproduced it. The code is indeed reachable: Yes, I also remember to have run into it in real life.
oheger-bosch created a review comment on a pull request on oss-review-toolkit/ort
If `add` returns *false*, this means that this ID is already contained in the set, so it is listed in the output.
fviernau pushed 5 commits to yarn-info-parsing-fixes oss-review-toolkit/ort
- docs(yarn): Re-align the docs with the function This is a fix-up for ad9a363. Signed-off-by: Frank Viernau <frank_v... 8ca9619
- docs(yarn): Add information about the mentioned network issue Signed-off-by: Frank Viernau <[email protected]> 6cede46
- refactor(npm): Allow `getRemotePackageDetails()` to return `null` Prepare for an upcoming change. Signed-off-by: Fr... 7042af5
- refactor(yarn): Use a more speaking name for `output` Signed-off-by: Frank Viernau <[email protected]> d151e84
- fix(yarn): Fix up the error handling in `getRemotePackageDetails()` Previously, calling `parseYarnInfo(process.stder... 4b81b04
oheger-bosch created a review comment on a pull request on oss-review-toolkit/ort
Renamed to `ancestorIds`. I decided against a default value to make sure that no invocation is missed.