makes
makes copied to clipboard
fluidattacks
A software supply chain framework powered by Nix.
Considering how fast it is, we should support [ruff](https://github.com/charliermarsh/ruff) within makes' python linters. ### Relevant links [/lintPython settings](https://github.com/fluidattacks/makes/tree/main/src/evaluator/modules/lint-python) [Prospector settings](https://github.com/fluidattacks/makes/blob/main/src/evaluator/modules/lint-python/settings-prospector.yaml) [Issue to add ruff to prospector](https://github.com/PyCQA/prospector/issues/601)
Let's add a `Locally testing your changes` section here: https://makes.fluidattacks.com/contributing/ Basically, 1. Temporarily adding a `makes.lock.nix` pointing to `./.` to use the local back. 2. Running `m . /makes .`...
``` $ m . /docs/dev ... error: Package ‘python3.8-watchdog-2.1.2’ in /nix/store/kapfg8wxbnxrd74l75j03jj3l7qv2vcw-source/pkgs/development/python-modules/watchdog/default.nix:46 is marked as broken, refusing to evaluate. ```
1. Make the container run as user by default, and instead make a feature flag run it as root 2. Make sure sandbox is enabled in the container 3. Update...
https://github.com/anchore/syft Something like ```nix { scanWithSyft = { myEnvs = { setup = [ env1 env2 ]; policy = { maxSeverity = 4; ... }; }; }; } ```
 When the user has an old version of makes and attempts to run a command from a newer one The proposal is to handle this case, showing a clear...
The most common errors of users when using **makes** should be documented in a Troubleshooting section. e. g. Files and directories should be tracked by the control version for detecting...
Let's create a `testPR` builtin for running [Danger.js](https://www.google.com/search?client=safari&rls=en&q=Danger.js&ie=UTF-8&oe=UTF-8) against a PR.
Today many builtins do not have: 1. Good enough tests. 2. tests at all. We should consider creating a comfortable approach for testing all makes builtins in a thorough way.
Let's improve https://makes.fluidattacks.com/getting-started/ by quickly explaining `makes.nix` files and how to call API builtins.
Metadata
Owner
Metadata
A software supply chain framework powered by Nix.