mirror of
https://github.com/imjasonh/govulncheck-action
synced 2026-07-07 00:12:55 +00:00
This commit fixes the parser to handle both JSON lines and multi-line JSON formats from govulncheck, and adds tools for local testing: - Updated parser to detect and handle both JSON lines and pretty-printed JSON - Added logic to skip govulncheck installation if already present - Created run-local.js for testing the action locally without GitHub Actions - Added test:local npm script for easy local testing - Changed example to use a version of golang.org/x/net with known vulnerabilities The parser now correctly identifies 14 vulnerabilities in the example, including ones that trace to the html.Parse call in main.go. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
55 lines
1.4 KiB
JavaScript
Executable file
55 lines
1.4 KiB
JavaScript
Executable file
#!/usr/bin/env node
|
|
|
|
// Local test script to run the action without GitHub Actions environment
|
|
const path = require('path');
|
|
const { run } = require('./index');
|
|
|
|
// Mock the @actions/core module for local testing
|
|
const mockCore = {
|
|
getInput: (name) => {
|
|
const inputs = {
|
|
'working-directory': process.argv[2] || './example'
|
|
};
|
|
return inputs[name] || '.';
|
|
},
|
|
info: (message) => {
|
|
console.log(`[INFO] ${message}`);
|
|
},
|
|
warning: (message, properties) => {
|
|
console.log(`[WARNING] ${message}`);
|
|
if (properties) {
|
|
console.log(` Annotation properties:`, properties);
|
|
}
|
|
},
|
|
setOutput: (name, value) => {
|
|
console.log(`[OUTPUT] ${name}=${value}`);
|
|
},
|
|
setFailed: (message) => {
|
|
console.error(`[ERROR] ${message}`);
|
|
process.exit(1);
|
|
}
|
|
};
|
|
|
|
// Replace the real @actions/core with our mock
|
|
require.cache[require.resolve('@actions/core')] = {
|
|
exports: mockCore
|
|
};
|
|
|
|
// Run the action
|
|
async function testLocal() {
|
|
console.log('Running govulncheck-action locally...');
|
|
console.log(`Working directory: ${mockCore.getInput('working-directory')}`);
|
|
console.log('---');
|
|
|
|
try {
|
|
const result = await run();
|
|
console.log('---');
|
|
console.log('Action completed successfully!');
|
|
console.log(`Found ${result.vulnerabilities.length} vulnerabilities`);
|
|
} catch (error) {
|
|
console.error('Action failed:', error);
|
|
process.exit(1);
|
|
}
|
|
}
|
|
|
|
testLocal();
|