{ "excluded_findings": [ { "location": "entrypoint.sh:10-15", "title": "trim unit tests", "reason": "This repository intentionally excludes test fixtures and CI workflows." }, { "location": "entrypoint.sh:16-18", "title": "url_encode unit tests", "reason": "This repository intentionally excludes test fixtures and CI workflows." }, { "location": "entrypoint.sh:30-59", "title": "resolve_package_names unit tests", "reason": "This repository intentionally excludes test fixtures and CI workflows." }, { "location": "entrypoint.sh:61-76", "title": "parse_repo_context unit tests", "reason": "This repository intentionally excludes test fixtures and CI workflows." }, { "location": "entrypoint.sh:35-51", "title": "resolve_keep_count unit tests", "reason": "This repository intentionally excludes test fixtures and CI workflows." }, { "location": "entrypoint.sh:78-120", "title": "api_request unit tests", "reason": "This repository intentionally excludes test fixtures and CI workflows." }, { "location": "entrypoint.sh:122-181", "title": "fetch_package_versions unit tests", "reason": "This repository intentionally excludes test fixtures and CI workflows." }, { "location": "entrypoint.sh:183-241", "title": "collect_package_candidates unit tests", "reason": "This repository intentionally excludes test fixtures and CI workflows." }, { "location": "entrypoint.sh:243-286", "title": "process_candidates unit tests", "reason": "This repository intentionally excludes test fixtures and CI workflows." }, { "location": "entrypoint.sh(整體)", "title": "shell test framework", "reason": "This repository intentionally excludes test fixtures and CI workflows." }, { "location": "entrypoint.sh:7", "title": "structured logging", "reason": "Plain stderr logging is sufficient for this lightweight container action." }, { "location": "entrypoint.sh:105", "title": "GITEA_SERVER_URL validation", "reason": "The runtime provides this value; extra host allowlisting is not required here." }, { "location": "entrypoint.sh:125-126,241", "title": "temporary file reuse", "reason": "The current mktemp-based approach is acceptable for the action's expected scale." }, { "location": "entrypoint.sh:149", "title": "streaming JSON merge", "reason": "The per-package payload size is bounded and jq aggregation is sufficient." }, { "location": "entrypoint.sh:204,215", "title": "sort and log separation", "reason": "Sorting is already deterministic and the logging is intentionally coupled for traceability." }, { "location": "entrypoint.sh:243-286", "title": "repeated url_encode optimization", "reason": "The updated code already caches encoded path components per candidate." }, { "location": "entrypoint.sh:183-241", "title": "owner-wide package scan / N+1 API", "reason": "The action intentionally targets only the requested package names to avoid scanning unrelated packages." }, { "location": "entrypoint.sh(整體)", "title": "end-to-end tests", "reason": "This repository intentionally excludes test fixtures and CI workflows." }, { "location": "entrypoint.sh:290-332", "title": "main integration tests", "reason": "This repository intentionally excludes test fixtures and CI workflows." }, { "location": "entrypoint.sh:78-120", "title": "api_request mock tests", "reason": "This repository intentionally excludes test fixtures and CI workflows." }, { "location": "entrypoint.sh:7-12", "title": "token export preference", "reason": "Token is now passed explicitly between functions instead of exported." } ] }