Skip to content

Commit

Permalink
[SECRES-2430] Improve npm testing (#25)
Browse files Browse the repository at this point in the history
  • Loading branch information
@ikretz
ikretz authored Oct 1, 2024
1 parent 95c8f63 commit d126467
Show file tree
Hide file tree
Showing 3 changed files with 134 additions and 6 deletions.
136 changes: 132 additions & 4 deletions .github/workflows/test.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,11 +54,133 @@ jobs:
run: make test-pip

npm-integration:
name: npm-integration (${{ matrix.npm-version }})
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
node-version: ["15.x", "16.x", "17.x", "18.x", "19.x", "20.x", "21.x", "22.x"]
include:
- node-version: "15.0.0"
npm-version: "7.0"
- node-version: "15.0.0"
npm-version: "7.1"
- node-version: "15.0.0"
npm-version: "7.2"
- node-version: "15.0.0"
npm-version: "7.3"
- node-version: "15.0.0"
npm-version: "7.4"
- node-version: "15.0.0"
npm-version: "7.5"
- node-version: "15.0.0"
npm-version: "7.6"
- node-version: "15.0.0"
npm-version: "7.7"
- node-version: "15.0.0"
npm-version: "7.8"
- node-version: "15.0.0"
npm-version: "7.9"
- node-version: "15.0.0"
npm-version: "7.10"
- node-version: "15.0.0"
npm-version: "7.11"
- node-version: "15.0.0"
npm-version: "7.12"
- node-version: "15.0.0"
npm-version: "7.13"
- node-version: "15.0.0"
npm-version: "7.14"
- node-version: "15.0.0"
npm-version: "7.15"
- node-version: "15.0.0"
npm-version: "7.16"
- node-version: "15.0.0"
npm-version: "7.17"
- node-version: "15.0.0"
npm-version: "7.18"
- node-version: "15.0.0"
npm-version: "7.19"
- node-version: "15.0.0"
npm-version: "7.20"
- node-version: "15.0.0"
npm-version: "7.21"
- node-version: "15.0.0"
npm-version: "7.22"
- node-version: "15.0.0"
npm-version: "7.23"
- node-version: "15.0.0"
npm-version: "7.24"
- node-version: "16.0.0"
npm-version: "8.0"
- node-version: "16.0.0"
npm-version: "8.1"
- node-version: "16.0.0"
npm-version: "8.2"
- node-version: "16.0.0"
npm-version: "8.3"
- node-version: "16.0.0"
npm-version: "8.4"
- node-version: "16.0.0"
npm-version: "8.5"
- node-version: "16.0.0"
npm-version: "8.6"
- node-version: "16.0.0"
npm-version: "8.7"
- node-version: "16.0.0"
npm-version: "8.8"
- node-version: "16.0.0"
npm-version: "8.9"
- node-version: "16.0.0"
npm-version: "8.10"
- node-version: "16.0.0"
npm-version: "8.11"
- node-version: "16.0.0"
npm-version: "8.12"
- node-version: "16.0.0"
npm-version: "8.13"
- node-version: "16.0.0"
npm-version: "8.14"
- node-version: "16.0.0"
npm-version: "8.15"
- node-version: "16.0.0"
npm-version: "8.16"
- node-version: "19.0.0"
npm-version: "9.0"
- node-version: "19.0.0"
npm-version: "9.1"
- node-version: "19.0.0"
npm-version: "9.2"
- node-version: "19.0.0"
npm-version: "9.3"
- node-version: "19.0.0"
npm-version: "9.4"
- node-version: "19.0.0"
npm-version: "9.5"
- node-version: "19.0.0"
npm-version: "9.6"
- node-version: "19.0.0"
npm-version: "9.7"
- node-version: "19.0.0"
npm-version: "9.8"
- node-version: "19.0.0"
npm-version: "9.9"
- node-version: "22.0.0"
npm-version: "10.0"
- node-version: "22.0.0"
npm-version: "10.1"
- node-version: "22.0.0"
npm-version: "10.2"
- node-version: "22.0.0"
npm-version: "10.3"
- node-version: "22.0.0"
npm-version: "10.4"
- node-version: "22.0.0"
npm-version: "10.5"
- node-version: "22.0.0"
npm-version: "10.6"
- node-version: "22.0.0"
npm-version: "10.7"
- node-version: "22.0.0"
npm-version: "10.8"
steps:
- uses: actions/checkout@v4
- name: Set up Python 3.10
Expand All @@ -76,8 +198,14 @@ jobs:
uses: actions/setup-node@v4
with:
node-version: ${{ matrix.node-version }}
- name: Test firewall npm integration
run: make test-npm
- name: Test firewall npm v${{ matrix.npm-version }} integration
run: |
if [ "${{ matrix.node-version }}" = "15.0.0" ]; then
# Known issue on npm v7.x: need to first install this manually
npm install -g agentkeepalive
fi
npm install -g npm@${{ matrix.npm-version }}
make test-npm
verifiers:
runs-on: ubuntu-latest
Expand Down
2 changes: 1 addition & 1 deletion README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
![Test](https://github.com/DataDog/supply-chain-firewall/actions/workflows/test.yaml/badge.svg)
![Code quality](https://github.com/DataDog/supply-chain-firewall/actions/workflows/code_quality.yaml/badge.svg)

The supply-chain firewall is a command-line tool for preventing the installation of vulnerable or malicious PyPI and npm packages. It is intended primarily for use by engineers to protect their development workstations from compromise in a supply-chain attack.
The supply-chain firewall is a command-line tool for preventing the installation of malicious PyPI and npm packages. It is intended primarily for use by engineers to protect their development workstations from compromise in a supply-chain attack.

![scfw demo usage](images/demo.png)

Expand Down
2 changes: 1 addition & 1 deletion pyproject.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ authors = [
maintainers = [
{name = "Ian Kretz", email = "[email protected]"},
]
description = "A tool to prevent the installation of vulnerable or malicious open source packages"
description = "A tool for preventing the installation of malicious open-source packages"
readme = "README.md"

[project.scripts]
Expand Down

0 comments on commit d126467

Please sign in to comment.