sfdx-scan-pull-request icon indicating copy to clipboard operation
sfdx-scan-pull-request copied to clipboard
verified publisher icon mitchspano

Feature: omnibus PR updating scanner plugin

Open codefriar opened this issue 1 year ago • 4 comments

@mitchspano

I am a typescript n00b. I figure there's every chance I have no idea what I'm doing.

This pr has a number of enhancements:

  • it establishes some verification of the scanner inputs to ensure, for instance, the severity params are >0 and <3
  • it mitigates the api rate limiting by utilizing the octokit throttling, and retry plugins
  • it converts the scanner action's output to SARIF as a file
    • this mitigates the out-of-buffer error when too many violations are found. Writing the output to disk keeps it out of the buffer
    • Sarif provides us a standardized output for static code analysis.
    • the Sarif file is uploadable to github repos' security tab. These are helpful for high-regulation audits
    • It restructures the code as an ES module
    • it restructures the code to be more-class based, where it makes sense
    • It decomposes the types from logic classes

I think thats it.

codefriar avatar Apr 22 '24 04:04 codefriar

Can we please split this up into more manageable and reviewable chunks?

This is too much to review all in one PR.

mitchspano avatar Apr 30 '24 01:04 mitchspano

@codefriar Nice PR. But I disagreed with this part:
run-flow-scanner: description: "Should this plugin run the lightning-flow-scanner" default: "false" haha! ;)

RubenHalman avatar May 10 '24 18:05 RubenHalman

I cannot accept a PR of this magnitude to the project. This needs to be broken down into smaller chunks.

mitchspano avatar May 28 '24 09:05 mitchspano

as soon as I get a chance...

codefriar avatar May 30 '24 21:05 codefriar

This pull request is simply far too large for a valid review.

mitchspano avatar Oct 16 '24 11:10 mitchspano