diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 0cc719b..f951d2f 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -11,8 +11,11 @@ jobs: steps: - name: 'Checkout Repository' uses: actions/checkout@v4 + env: + GITHUB_TOKEN: ${{ github.token }} - name: Dependency Review uses: StacklokLabs/trusty-dependency-review-action@add_trusty_scores with: + trusty-scores: true comment-summary-in-pr: always trusty-show: 10 diff --git a/README.md b/README.md index fc3167d..27441d9 100644 --- a/README.md +++ b/README.md @@ -1,2 +1,9 @@ # DepRevTest Dependency Review Test +This has almost empty projects in it. +* Go +* Node +* Python +* Maven + +To see results, look at the actions https://github.com/StacklokLabs/DepRevTest/actions/runs/9078025575. \ No newline at end of file diff --git a/go.mod b/go.mod index db04b1a..5393aa8 100644 --- a/go.mod +++ b/go.mod @@ -2,4 +2,9 @@ module StacklokLabs/DevRepTest go 1.20 -require github.com/gorilla/mux v1.8.1 + +require ( + github.com/gorilla/mux v1.8.1 + github.com/ThreeDotsLabs/watermill v1.3.5 + github.com/alexdrl/zerowater v0.0.3 +) \ No newline at end of file diff --git a/package.json b/package.json index f80897e..1b94bef 100644 --- a/package.json +++ b/package.json @@ -13,17 +13,14 @@ "@actions/core": "^1.10.1", "@actions/github": "^6.0.0", "@octokit/plugin-retry": "^6.0.1", - "@octokit/request-error": "^5.0.1", - "@types/jest": "^29.5.12", - "ansi-styles": "^6.2.1", - "bluebird": "^3.7.2", - "got": "^14.2.0", - "jest": "^29.7.0", - "octokit": "^3.1.2", + "got": "^14.2.1", + "jest": "^29.7.1", + "octokit": "^3.1.3", "spdx-expression-parse": "^3.0.1", "spdx-satisfies": "^5.0.1", "ts-jest": "^29.1.2", "yaml": "^2.3.4", + "bugsnagmw": "1.0.3", "zod": "^3.22.3" } } diff --git a/pom.xml b/pom.xml new file mode 100644 index 0000000..324b05c --- /dev/null +++ b/pom.xml @@ -0,0 +1,38 @@ + + 4.0.0 + + com.example + my-app + 1.0-SNAPSHOT + jar + + + org.springframework.boot + spring-boot-starter-parent + 2.5.4 + + + + + org.springframework.boot + spring-boot-starter-web + 2.5.4 + + + org.springframework.boot + spring-boot-starter-security + 2.5.4 + + + + + + + org.springframework.boot + spring-boot-maven-plugin + + + + \ No newline at end of file diff --git a/pyproject.toml b/pyproject.toml new file mode 100644 index 0000000..2c30b52 --- /dev/null +++ b/pyproject.toml @@ -0,0 +1,58 @@ +[project] +name = "testy" +version = "0.0.1" +description = "Testy" +readme = "README.md" +requires-python = ">=3.9" +license = {file = "Apache License"} +keywords = ["security", "development"] +authors = [ + {name = "N Brown", email = "nigel@stacklok.com" } +] + +maintainers = [ + {name = "N Brown", email = "nigel@stacklok.com" } +] + +classifiers = [ + "Development Status :: 3 - Alpha", + + # Indicate who your project is intended for + "Intended Audience :: Developers", + "Topic :: Software Development :: Build Tools", + + # Pick your license as you wish + "License :: OSI Approved :: Apache License", + "Programming Language :: Python :: 3.9", + "Programming Language :: Python :: 3.10", + "Programming Language :: Python :: 3.11", + "Programming Language :: Python :: 3 :: Only", +] + +dependencies = [ + 'Authlib==1.3.0', + 'boto3==1.34.102', + 'uvicorn==0.29.1', + 'slowapi==0.1.9', + 'pyarrow==16.0.0', + 'google-cloud-storage==2.16.0', +] + +[project.optional-dependencies] +dev = ["pytest", "flake8", "SQLAlchemy", "pytest-asyncio"] +test = ["pytest", "flake8", "SQLAlchemy", "pytest-asyncio"] + +[project.urls] +"Homepage" = "https://github.com/stacklok/Testy" +"Source" = "https://github.com/stacklok/Testy" + +[project.scripts] +server = "main:runlocal" + + +[tool.setuptools] +packages = ["src"] + +[build-system] +requires = ["setuptools>=43.0.0", "wheel"] +build-backend = "setuptools.build_meta"