110 lines
4.0 KiB
JSON
110 lines
4.0 KiB
JSON
{
|
|
"excluded_findings": [
|
|
{
|
|
"location": "entrypoint.sh:10-15",
|
|
"title": "trim unit tests",
|
|
"reason": "This repository intentionally excludes test fixtures and CI workflows."
|
|
},
|
|
{
|
|
"location": "entrypoint.sh:16-18",
|
|
"title": "url_encode unit tests",
|
|
"reason": "This repository intentionally excludes test fixtures and CI workflows."
|
|
},
|
|
{
|
|
"location": "entrypoint.sh:30-59",
|
|
"title": "resolve_package_names unit tests",
|
|
"reason": "This repository intentionally excludes test fixtures and CI workflows."
|
|
},
|
|
{
|
|
"location": "entrypoint.sh:61-76",
|
|
"title": "parse_repo_context unit tests",
|
|
"reason": "This repository intentionally excludes test fixtures and CI workflows."
|
|
},
|
|
{
|
|
"location": "entrypoint.sh:35-51",
|
|
"title": "resolve_keep_count unit tests",
|
|
"reason": "This repository intentionally excludes test fixtures and CI workflows."
|
|
},
|
|
{
|
|
"location": "entrypoint.sh:78-120",
|
|
"title": "api_request unit tests",
|
|
"reason": "This repository intentionally excludes test fixtures and CI workflows."
|
|
},
|
|
{
|
|
"location": "entrypoint.sh:122-181",
|
|
"title": "fetch_package_versions unit tests",
|
|
"reason": "This repository intentionally excludes test fixtures and CI workflows."
|
|
},
|
|
{
|
|
"location": "entrypoint.sh:183-241",
|
|
"title": "collect_package_candidates unit tests",
|
|
"reason": "This repository intentionally excludes test fixtures and CI workflows."
|
|
},
|
|
{
|
|
"location": "entrypoint.sh:243-286",
|
|
"title": "process_candidates unit tests",
|
|
"reason": "This repository intentionally excludes test fixtures and CI workflows."
|
|
},
|
|
{
|
|
"location": "entrypoint.sh(整體)",
|
|
"title": "shell test framework",
|
|
"reason": "This repository intentionally excludes test fixtures and CI workflows."
|
|
},
|
|
{
|
|
"location": "entrypoint.sh:7",
|
|
"title": "structured logging",
|
|
"reason": "Plain stderr logging is sufficient for this lightweight container action."
|
|
},
|
|
{
|
|
"location": "entrypoint.sh:105",
|
|
"title": "GITEA_SERVER_URL validation",
|
|
"reason": "The runtime provides this value; extra host allowlisting is not required here."
|
|
},
|
|
{
|
|
"location": "entrypoint.sh:125-126,241",
|
|
"title": "temporary file reuse",
|
|
"reason": "The current mktemp-based approach is acceptable for the action's expected scale."
|
|
},
|
|
{
|
|
"location": "entrypoint.sh:149",
|
|
"title": "streaming JSON merge",
|
|
"reason": "The per-package payload size is bounded and jq aggregation is sufficient."
|
|
},
|
|
{
|
|
"location": "entrypoint.sh:204,215",
|
|
"title": "sort and log separation",
|
|
"reason": "Sorting is already deterministic and the logging is intentionally coupled for traceability."
|
|
},
|
|
{
|
|
"location": "entrypoint.sh:243-286",
|
|
"title": "repeated url_encode optimization",
|
|
"reason": "The updated code already caches encoded path components per candidate."
|
|
},
|
|
{
|
|
"location": "entrypoint.sh:183-241",
|
|
"title": "owner-wide package scan / N+1 API",
|
|
"reason": "The action intentionally targets only the requested package names to avoid scanning unrelated packages."
|
|
},
|
|
{
|
|
"location": "entrypoint.sh(整體)",
|
|
"title": "end-to-end tests",
|
|
"reason": "This repository intentionally excludes test fixtures and CI workflows."
|
|
},
|
|
{
|
|
"location": "entrypoint.sh:290-332",
|
|
"title": "main integration tests",
|
|
"reason": "This repository intentionally excludes test fixtures and CI workflows."
|
|
},
|
|
{
|
|
"location": "entrypoint.sh:78-120",
|
|
"title": "api_request mock tests",
|
|
"reason": "This repository intentionally excludes test fixtures and CI workflows."
|
|
},
|
|
{
|
|
"location": "entrypoint.sh:7-12",
|
|
"title": "token export preference",
|
|
"reason": "Token is now passed explicitly between functions instead of exported."
|
|
}
|
|
]
|
|
}
|