Skip to main content

Week 5

(June 28, 2024 - July 04, 2024)

Meeting 1

(July 03, 2024)

Attendees

Discussions

  • I showed my progress regarding differential scans and allowlist functionality.
  • Discussed doubts regarding the nomos scanner -J flag. We'll tackle this later for now.
  • Mentors mentioned that we should now work towards providing a fossology action which will provide smooth integration into Github Actions.
  • Created a new repository in fossology, called fossology-action for now.

Work Done

  • Researched and tested the relevant API endpoints from the Github and Gitab API's:
    • Github API: https://api.github.com/repos/:owner/:repo/compare/{:tag1}...{:tag2} Screenshot
    • Gitlab API: https://gitlab.com/api/v4/projects/:projectid/repository/compare/?from={:tag1}&to={:tag2} Screenshot
  • Implement differential scans and tested on Github and Gitlab and sent out a PR(#2775) for the same.
  • Solved some bugs found in the previous PR(#2574).
  • Resolved and corrected some issues in PR(#2754) and PR(#2769) respectively.
  • Started implementing the functionality that allows passing allowlist.conf file from a custom location by the user.

Planning for next week

  • Complete the allowlist.conf part and send a PR for the same.
  • Next, start researching and testing which type of Github Action we should create. Currently, there are three choices:
    • JavaScript Action
    • Docker Action
    • Composite Action
  • Docker Action and Composite Action are most relevant to our use case. Need to test and find out which is a better fit for us.
  • Start working on providing and then releasing the action to the marketplace.
  • PS: Also need to think about a cool name for the action 😜