Merge pull request #80 from VirdocsSoftware/release/v2.12.0

robaone-redshelf · web-flow · commit 93bafd2f42d1 · 2025-03-25T00:04:50.000-05:00
release v2.12.0 to main
diff --git a/.github/actions/static-analysis/action.yml b/.github/actions/static-analysis/action.yml
@@ -1,6 +1,12 @@
 name: "Static Analysis"
 description: "Runs static analysis on the code"
 
+inputs:
+  ignored-accounts:
+    description: "Comma-separated list of accounts to ignore"
+    required: false
+    default: "actions,VirdocsSoftware"
+
 runs:
   using: "composite"
   steps:
@@ -12,4 +18,6 @@ runs:
         echo "With the current working directory: $(pwd)"
         node ${{ github.action_path }}/scan_github_actions.js
       shell: bash
-      working-directory: ${{ github.workspace }}
+      working-directory: ${{ github.workspace }}
+      env:
+        IGNORED_ACCOUNTS: ${{ inputs.ignored-accounts }}
diff --git a/.github/actions/static-analysis/scan_github_actions.js b/.github/actions/static-analysis/scan_github_actions.js
@@ -1,7 +1,8 @@
 class StaticAnalysis {
-    constructor(dataProvider, process) {
+    constructor(dataProvider, process, ignoredAccounts = []) {
         this.dataProvider = dataProvider;
         this.process = process;
+        this.ignoredAccounts = ignoredAccounts;
     }
 
     isCommitHash(ref) {
@@ -25,11 +26,15 @@ class StaticAnalysis {
 
     scanFile(filePath) {
         const content = this.dataProvider.readFile(filePath);
-        const regex = /uses:\s*[\w-]+\/[\w-]+@([\w-.]+)/g;
+        const regex = /uses:\s*([\w-]+\/[\w-]+)@([\w-.]+)/g;
         let match;
         let warnings = [];
         while ((match = regex.exec(content)) !== null) {
-            const ref = match[1];
+            const ref = match[2];
+            const account = match[1].split('/')[0];
+            if (this.ignoredAccounts.includes(account)) {
+                continue;
+            }
             if (!this.isCommitHash(ref)) {
                 warnings.push(`Warning: In file ${filePath}, '${match[0]}' does not use a commit hash.`);
             }
@@ -90,7 +95,8 @@ class DataProvider {
 const fs = require('fs');
 const path = require('path');
 const process = require('process');
+const ignoredAccounts = (process.env.IGNORED_ACCOUNTS || '').split(',');
 
 const dataProvider = new DataProvider(fs, path);
-const staticAnalysis = new StaticAnalysis(dataProvider, process);
+const staticAnalysis = new StaticAnalysis(dataProvider, process, ignoredAccounts);
 staticAnalysis.run();
diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "github-actions",
-  "version": "2.11.0",
+  "version": "2.12.0",
   "description": "Used to store GitHub actions for use across the enterprise",
   "scripts": {
     "test": "./tooling/scripts/run_tests.sh",

Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`	`{`
`2`	`2`	`"name": "github-actions",`
`3`		`- "version": "2.11.0",`
	`3`	`+ "version": "2.12.0",`
`4`	`4`	`"description": "Used to store GitHub actions for use across the enterprise",`
`5`	`5`	`"scripts": {`
`6`	`6`	`"test": "./tooling/scripts/run_tests.sh",`