Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix V3 scans for client-side & generate separate VSCode notices bundle #146

Closed
wants to merge 576 commits into from
Closed

Fix V3 scans for client-side & generate separate VSCode notices bundle #146

wants to merge 576 commits into from

Conversation

t1m0thyj
Copy link
Member

@t1m0thyj t1m0thyj commented Sep 26, 2024
edited
Loading

  • Moved the notices for zowe-explorer-vscode into a separate zip artifact. Previously the VSCode notices were being included with the zos components.
  • Added --ignore-scripts flag to npm/yarn/pnpm install commands. Since the --prod flag was added in Support PNPM, Respect Lockfiles #145, the prepare script fails for some repos if it requires a dev dep (e.g. husky).
  • Added step to install pnpm in workflow because it was missing from PATH. Not sure why the install script added to Dockerfile in Support PNPM, Respect Lockfiles #145 didn't work.
  • Updated version of ORT in Dockerfile and published a snapshot with test-timothy tag. V15 had several errors causing it to fail parsing Cargo (CLI daemon) and PNPM (ZE) projects that were fixed by upgrading.

@awharn @zFernand0 @traeok Please review the CLI and VSCode artifacts generated by the license workflow.

jackjia-ibm and others added 30 commits January 29, 2021 15:41
@jackjia-ibm
Merge pull request #45 from zowe/users/caretcake/performance-tests
b77a0dd 
Add component level test suite for Explorer APIs
@jackjia-ibm
check available ts users space
4c8d9b7 
Signed-off-by: Jack (T.) Jia <[email protected]>
@jackjia-ibm
Merge branch 'master' into users/jack/extend-utils
e46faa9
@jackjia-ibm
Merge branch 'master' into dependabot/npm_and_yarn/performance/client…
0664c85 
…/node-notifier-8.0.1
@jackjia-ibm
Merge pull request #47 from zowe/dependabot/npm_and_yarn/performance/…
57c08e0 
…client/node-notifier-8.0.1

Bump node-notifier from 8.0.0 to 8.0.1 in /performance/client
@jackjia-ibm
Merge branch 'master' into users/jack/extend-utils
9843185
@jackjia-ibm
use apiml cookie and add jes checks
2044ade 
Signed-off-by: Jack (T.) Jia <[email protected]>
@jackjia-ibm
convert to use new httpRequest helper function
b5fc627 
Signed-off-by: Jack (T.) Jia <[email protected]>
@jackjia-ibm
use apiml cookie and add jes checks for v1 tests
941ea09 
Signed-off-by: Jack (T.) Jia <[email protected]>
@jackjia-ibm
all test case to customize debug duration
c48e118 
Signed-off-by: Jack (T.) Jia <[email protected]>
@jackjia-ibm
fail the test early if temporary files cannot be cleaned up
56d85dc 
Signed-off-by: Jack (T.) Jia <[email protected]>
@jackjia-ibm
record test result and failure messages
78e9369 
Signed-off-by: Jack (T.) Jia <[email protected]>
@jackjia-ibm
write test summary to test report
c562abe 
Signed-off-by: Jack (T.) Jia <[email protected]>
@jackjia-ibm
improve tsocmd response handling
fb97d5f 
Signed-off-by: Jack (T.) Jia <[email protected]>
@jackjia-ibm
a little more debug info
feee116 
Signed-off-by: Jack (T.) Jia <[email protected]>
@jackjia-ibm
centralize recommended jes checks
5f59a29 
Signed-off-by: Jack (T.) Jia <[email protected]>
@jackjia-ibm
fix path
7c4c2c9 
Signed-off-by: Jack (T.) Jia <[email protected]>
@jackjia-ibm
reduce zms output lines
7cbc271 
Signed-off-by: Jack (T.) Jia <[email protected]>
@jackjia-ibm
display CEA summary
338c979 
Signed-off-by: Jack (T.) Jia <[email protected]>
@jackjia-ibm
fix issues with getCeaSummary
032a840 
Signed-off-by: Jack (T.) Jia <[email protected]>
@jackjia-ibm
more possible error messages
367d66f 
Signed-off-by: Jack (T.) Jia <[email protected]>
@jackjia-ibm
Merge pull request #53 from zowe/users/jack/extend-utils
7e34658
@jackjia-ibm
define zosmf port
0e782c9 
Signed-off-by: Jack (T.) Jia <[email protected]>
@jackjia-ibm
Merge pull request #56 from zowe/users/jack/extend-utils
ab3e78b 
define zosmf port
@jackjia-ibm
re-enable weekly test
bad0180 
Signed-off-by: Jack (T.) Jia <[email protected]>
@jackjia-ibm
Merge pull request #57 from zowe/users/jack/extend-utils
fe27345 
re-enable weekly test
@jackjia-ibm
extend test to max 6 hours
e98d28b 
Signed-off-by: Jack (T.) Jia <[email protected]>
@jackjia-ibm
Merge pull request #58 from zowe/users/jack/extend-timeout
38ee493 
extend test to max 6 hours
@MarkAckert
refactor directory layout
0e84561 
Signed-off-by: MarkAckert <[email protected]>
@MarkAckert
Merge pull request #63 from zowe/user/markackert/license-updates/master
c000b45 
refactor directory layout
dependabot bot and others added 9 commits September 10, 2024 18:30
@dependabot
Bump path-to-regexp and express in /performance/server
7b69608 
Bumps [path-to-regexp](https://github.com/pillarjs/path-to-regexp) to 0.1.10 and updates ancestor dependency [express](https://github.com/expressjs/express). These dependencies need to be updated together.


Updates `path-to-regexp` from 0.1.7 to 0.1.10
- [Release notes](https://github.com/pillarjs/path-to-regexp/releases)
- [Changelog](https://github.com/pillarjs/path-to-regexp/blob/master/History.md)
- [Commits](pillarjs/path-to-regexp@v0.1.7...v0.1.10)

Updates `express` from 4.19.2 to 4.20.0
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/master/History.md)
- [Commits](expressjs/express@4.19.2...4.20.0)

---
updated-dependencies:
- dependency-name: path-to-regexp
  dependency-type: indirect
- dependency-name: express
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@zFernand0
Merge pull request #143 from zowe/dependabot/npm_and_yarn/performance…
00883bd 
…/server/multi-ceff1a497b

Bump path-to-regexp and express in /performance/server
@dependabot
Bump send and express in /performance/server
0b260d6 
Bumps [send](https://github.com/pillarjs/send) to 0.19.0 and updates ancestor dependency [express](https://github.com/expressjs/express). These dependencies need to be updated together.


Updates `send` from 0.18.0 to 0.19.0
- [Release notes](https://github.com/pillarjs/send/releases)
- [Changelog](https://github.com/pillarjs/send/blob/master/HISTORY.md)
- [Commits](pillarjs/send@0.18.0...0.19.0)

Updates `express` from 4.20.0 to 4.21.0
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/4.21.0/History.md)
- [Commits](expressjs/express@4.20.0...4.21.0)

---
updated-dependencies:
- dependency-name: send
  dependency-type: indirect
- dependency-name: express
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@zFernand0
Merge pull request #144 from zowe/dependabot/npm_and_yarn/performance…
4835e21 
…/server/multi-cf87d80143

Bump send and express in /performance/server
@MarkAckert
add artifacts to nightly clean
57e4547 
Signed-off-by: MarkAckert <[email protected]>
@MarkAckert
add pnpm support, respect lockfiles
8f9387e 
Signed-off-by: MarkAckert <[email protected]>
@MarkAckert
Revert "add pnpm support, respect lockfiles"
2d1046b 
This reverts commit 8f9387e.
@MarkAckert
Reapply "add pnpm support, respect lockfiles"
3dd7739 
This reverts commit 2d1046b.
@t1m0thyj
Generate a separate VSCode notices bundle
3ccd9ad 
Signed-off-by: Timothy Johnson <[email protected]>
@t1m0thyj t1m0thyj force-pushed the user/timothy/separate-vscode-notices branch from 8b4d7ec to 3ccd9ad Compare September 26, 2024 21:38
@t1m0thyj t1m0thyj marked this pull request as ready for review September 27, 2024 13:01
@t1m0thyj t1m0thyj changed the title Generate a separate VSCode notices bundle Fix V3 scans for client-side, generate a separate VSCode notices bundle Sep 27, 2024
@t1m0thyj t1m0thyj changed the title Fix V3 scans for client-side, generate a separate VSCode notices bundle Fix V3 scans for client-side & generate a separate VSCode notices bundle Sep 27, 2024
@t1m0thyj t1m0thyj changed the title Fix V3 scans for client-side & generate a separate VSCode notices bundle Fix V3 scans for client-side & generate separate VSCode notices bundle Sep 27, 2024
traeok
traeok approved these changes Sep 27, 2024
View reviewed changes
Copy link
Member

@traeok traeok left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, thanks Timothy for the fixes!

Not related, but I see we have a couple "android"-related deps in the dependency tree 😂 not quite sure where that's coming from, but the licenses & dependency list seems accurate

image

.github/workflows/license-generation.yml Outdated
container:
image: zowe-docker-release.jfrog.io/ompzowe/zowecicd-license-base:latest
image: zowe-docker-snapshot.jfrog.io/ompzowe/zowecicd-license-base:test-timothy
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we still plan on using the test-timothy tag for the container image? No request for changes here, just wondering 😋

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please revert the image to release/latest before merging in 👍

@t1m0thyj t1m0thyj mentioned this pull request Sep 27, 2024
Closed
15 tasks
MarkAckert
MarkAckert reviewed Sep 27, 2024
View reviewed changes
.github/workflows/license-generation.yml Outdated
env:
APP_NOTICES_SCAN: true
APP_LICENSE_SCAN: true
ZOWE_MANIFEST_BRANCH: ${{ env.ZOWE_RELEASE_BRANCH }}
working-directory: ${{ env.DEPENDENCY_SCAN_HOME }}
run: |
# Rustup is set to default in the container, but it's not picked up in this run block
rustup default stable
rustup default stable
npm install -g pnpm@8
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we move this pnpm install to the docker build?

@MarkAckert MarkAckert closed this Sep 27, 2024
@MarkAckert MarkAckert force-pushed the user/markackert/pnpm-lockfile-support branch from 3dd7739 to 07cadb1 Compare September 27, 2024 17:27
@MarkAckert MarkAckert mentioned this pull request Sep 27, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@MarkAckert MarkAckert MarkAckert left review comments

@traeok traeok traeok approved these changes

@awharn awharn Awaiting requested review from awharn

@zFernand0 zFernand0 Awaiting requested review from zFernand0

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
7 participants
@t1m0thyj @MarkAckert @traeok @jackjia-ibm @FlappiTomic @zFernand0 @awharn