Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

🐛 Add wasm files as binary artifacts #2548

Merged
merged 7 commits into from
Jan 6, 2023
Merged

Conversation

gabibguti
Copy link
Contributor

@gabibguti gabibguti commented Dec 16, 2022

What kind of change does this PR introduce?

(Is it a bug fix, feature, docs update, something else?)

What is the current behavior?

WebAssembly binary files, identified by .wasm extension, are not considered as binaries in the Binary-Artifacts check.

What is the new behavior (if this is a feature change)?**

  • Tests for the changes have been added (for bug fixes/features)

Which issue(s) this PR fixes

No related issue.

Special notes for your reviewer

Retrieved simple.wasm test binary from https://raw.githubusercontent.com/mdn/webassembly-examples/master/js-api-examples/simple.wasm.

Scorecard API identifies .o and .zip as binaries but no .wasm binaries for nodejs/node.

{"name":"Binary-Artifacts","score":7,"reason":"binaries present in source code","details":["Warn: binary detected: deps/v8/third_party/ittapi/include/fortran/posix/x86/ittfortran.o:1","Warn: binary detected: deps/v8/third_party/ittapi/include/fortran/posix/x86_64/ittfortran.o:1","Warn: binary detected: deps/zlib/google/test/data/evil_via_invalid_utf8.zip:1"],"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/c61f6bc297ee71dc4b5f2511144d6c031b946089/docs/checks.md#binary-artifacts"}}

While there are wasm binaries.

Does this PR introduce a user-facing change?

For user-facing changes, please add a concise, human-readable release note to
the release-note

(In particular, describe what changes users might need to make in their
application as a result of this pull request.)

Add wasm files as binary artifacts

The changes may impact the users score. The remediation steps can remain the same for Binary-Artifacts. Therefore, I understand no release note is needed.

@codecov
Copy link

codecov bot commented Dec 16, 2022

Codecov Report

Merging #2548 (e66d19e) into main (a2bc29a) will increase coverage by 0.00%.
The diff coverage is 100.00%.

Additional details and impacted files
@@           Coverage Diff           @@
##             main    #2548   +/-   ##
=======================================
  Coverage   40.03%   40.03%           
=======================================
  Files         122      122           
  Lines        9865     9866    +1     
=======================================
+ Hits         3949     3950    +1     
  Misses       5635     5635           
  Partials      281      281           

Copy link
Member

@naveensrinivasan naveensrinivasan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks! LGTM. Except for changes for projects.csv

Also, can you please include release notes in the release notes section?

cron/internal/data/projects.csv Outdated Show resolved Hide resolved
cron/internal/data/projects.csv Outdated Show resolved Hide resolved
@naveensrinivasan naveensrinivasan enabled auto-merge (squash) December 16, 2022 18:39
@github-actions
Copy link

Integration tests success for
[99fb2af]
(https://github.com/ossf/scorecard/actions/runs/3715571603)

@naveensrinivasan
Copy link
Member

@gabibguti Please DCO the commit https://wiki.linuxfoundation.org/dco

@laurentsimon
Copy link
Contributor

I updated the release-notes section

auto-merge was automatically disabled December 19, 2022 14:26

Head branch was pushed to by a user without write access

@gabibguti
Copy link
Contributor Author

@gabibguti Please DCO the commit https://wiki.linuxfoundation.org/dco

All commits are signed-off now.

I updated the release-notes section

Thanks laurent!

@github-actions
Copy link

Integration tests success for
[ed69ffa]
(https://github.com/ossf/scorecard/actions/runs/3773987807)

@laurentsimon
Copy link
Contributor

DCO pre-submit has not started. Not sure why.

Signed-off-by: Gabriela Gutierrez <gabigutierrez@google.com>
Signed-off-by: Gabriela Gutierrez <gabigutierrez@google.com>
Signed-off-by: Gabriela Gutierrez <gabigutierrez@google.com>
This reverts commit 99fb2af.

Signed-off-by: Gabriela Gutierrez <gabigutierrez@google.com>
@justaugustus justaugustus temporarily deployed to integration-test December 31, 2022 21:47 — with GitHub Actions Inactive
Copy link
Member

@justaugustus justaugustus left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @gabibguti!

@github-actions
Copy link

Integration tests success for
[fd5dd37]
(https://github.com/ossf/scorecard/actions/runs/3813867999)

@spencerschrock spencerschrock temporarily deployed to integration-test January 6, 2023 18:54 — with GitHub Actions Inactive
@github-actions
Copy link

github-actions bot commented Jan 6, 2023

Integration tests success for
[e66d19e]
(https://github.com/ossf/scorecard/actions/runs/3857724267)

@laurentsimon laurentsimon merged commit be695d1 into ossf:main Jan 6, 2023
raghavkaul pushed a commit to raghavkaul/scorecard that referenced this pull request Feb 9, 2023
* fix: Add wasm files to binary check

Signed-off-by: Gabriela Gutierrez <gabigutierrez@google.com>

* test: Add wasm to binary check

Signed-off-by: Gabriela Gutierrez <gabigutierrez@google.com>

* chore: Automatic projects update

Signed-off-by: Gabriela Gutierrez <gabigutierrez@google.com>

* Revert "chore: Automatic projects update"

This reverts commit 99fb2af.

Signed-off-by: Gabriela Gutierrez <gabigutierrez@google.com>

Signed-off-by: Gabriela Gutierrez <gabigutierrez@google.com>
raghavkaul pushed a commit to raghavkaul/scorecard that referenced this pull request Apr 4, 2023
* fix: Add wasm files to binary check

Signed-off-by: Gabriela Gutierrez <gabigutierrez@google.com>

* test: Add wasm to binary check

Signed-off-by: Gabriela Gutierrez <gabigutierrez@google.com>

* chore: Automatic projects update

Signed-off-by: Gabriela Gutierrez <gabigutierrez@google.com>

* Revert "chore: Automatic projects update"

This reverts commit 99fb2af.

Signed-off-by: Gabriela Gutierrez <gabigutierrez@google.com>

Signed-off-by: Gabriela Gutierrez <gabigutierrez@google.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants