Merge pull request #783 from actions/elireisman/all-changes-to-scorecard

Include all added dependencies in scorecard entries
actions · Jun 7, 2024 · df5d74f · df5d74f
2 parents 8285e75 + 1e5b2e6
commit df5d74f
Show file tree

Hide file tree

Showing 3 changed files with 28 additions and 4 deletions.
diff --git a/dist/index.js b/dist/index.js
diff --git a/dist/index.js.map b/dist/index.js.map
diff --git a/src/main.ts b/src/main.ts
@@ -125,7 +125,9 @@ async function run(): Promise<void> {
       config.deny_groups
     )
 
-    const scorecard = await getScorecardLevels(filteredChanges)
+    // generate informational scorecard entries for all added changes in the PR
+    const scorecardChanges = getScorecardChanges(changes)
+    const scorecard = await getScorecardLevels(scorecardChanges)
 
     const minSummary = summary.addSummaryToSummary(
       vulnerableChanges,
@@ -369,7 +371,7 @@ function printScannedDependencies(changes: Changes): void {
 }
 
 function printDeniedDependencies(
-  changes: Change[],
+  changes: Changes,
   config: ConfigurationOptions
 ): void {
   core.group('Denied', async () => {
@@ -384,6 +386,17 @@ function printDeniedDependencies(
   })
 }
 
+function getScorecardChanges(changes: Changes): Changes {
+  const out: Changes = []
+  for (const change of changes) {
+    if (change.change_type === 'added') {
+      out.push(change)
+    }
+  }
+
+  return out
+}
+
 async function createScorecardWarnings(
   scorecards: Scorecard,
   config: ConfigurationOptions