Skip to content

feat: add in new metadata-based heuristic to pypi malware analyzer #2917

feat: add in new metadata-based heuristic to pypi malware analyzer

feat: add in new metadata-based heuristic to pypi malware analyzer #2917

# Copyright (c) 2022 - 2024, Oracle and/or its affiliates. All rights reserved.
# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl/.
# This workflow lints the PR's title and commits. It uses the commitizen
# package (https://github.com/commitizen-tools/commitizen) and its `cz`
# tool to check the title of the PR and all commit messages of the branch
# which triggers this Action.
name: Check conventional commits
on:
pull_request:
branches:
- '*'
types:
- opened
- reopened
- edited
- synchronize
permissions:
contents: read
jobs:
conventional-commits:
runs-on: ubuntu-latest
steps:
- name: Check out repository
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
with:
fetch-depth: 0
- name: Set up Python
uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0
with:
python-version: '3.11'
# Prepare the environment to run commitizen.
- name: Create empty virtual environment for Actions
run: mkdir .venv
- name: Install dependencies
run: make setup-github-actions
# Run Commitizen to check the title of the PR which triggered this workflow, and check
# all commit messages of the PR's branch. If any of the checks fails then this job fails.
- name: Check PR title
run: echo "$PR_TITLE" | cz check
env:
PR_TITLE: ${{ github.event.pull_request.title }}
- name: Check PR commit messages
run: |
git remote add other "$PR_HEAD_REPO_CLONE_URL"
git fetch other
cz check --rev-range "origin/$PR_BASE_REF..other/$PR_HEAD_REF"
env:
PR_BASE_REF: ${{ github.event.pull_request.base.ref }}
PR_HEAD_REF: ${{ github.event.pull_request.head.ref }}
PR_HEAD_REPO_CLONE_URL: ${{ github.event.pull_request.head.repo.clone_url }}