Only Run npm-package-json-lint When package.json is Present
#2280
Conversation
Codecov Report
📣 This organization is not using Codecov’s GitHub App Integration. We recommend you install it so Codecov can continue to function properly for your repositories. Learn more @@ Coverage Diff @@
## main #2280 +/- ##
==========================================
+ Coverage 82.39% 83.02% +0.63%
==========================================
Files 171 171
Lines 4521 4513 -8
==========================================
+ Hits 3725 3747 +22
+ Misses 796 766 -30
📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more |
🦙 MegaLinter status:
|
| Descriptor | Linter | Files | Fixed | Errors | Elapsed time |
|---|---|---|---|---|---|
| ✅ BASH | bash-exec | 7 | 0 | 0.02s | |
| ✅ BASH | shellcheck | 7 | 0 | 0.41s | |
| ✅ BASH | shfmt | 7 | 0 | 0 | 0.04s |
| ✅ COPYPASTE | jscpd | yes | no | 2.61s | |
| ✅ DOCKERFILE | hadolint | 105 | 0 | 8.19s | |
| ✅ JSON | eslint-plugin-jsonc | 21 | 0 | 0 | 1.85s |
| ✅ JSON | jsonlint | 19 | 0 | 0.21s | |
| ✅ JSON | npm-package-json-lint | yes | no | 0.62s | |
| ✅ JSON | v8r | 21 | 0 | 14.42s | |
| markdownlint | 309 | 2 | 229 | 6.09s | |
| ✅ MARKDOWN | markdown-link-check | 309 | 0 | 5.22s | |
| ✅ MARKDOWN | markdown-table-formatter | 309 | 2 | 0 | 17.24s |
| ✅ OPENAPI | spectral | 1 | 0 | 0.94s | |
| bandit | 176 | 45 | 2.47s | ||
| ✅ PYTHON | black | 176 | 0 | 0 | 3.8s |
| ✅ PYTHON | flake8 | 176 | 0 | 1.87s | |
| ✅ PYTHON | isort | 176 | 0 | 0 | 0.45s |
| ✅ PYTHON | mypy | 176 | 0 | 7.08s | |
| ✅ PYTHON | pylint | 176 | 0 | 12.02s | |
| pyright | 176 | 280 | 18.74s | ||
| ✅ REPOSITORY | checkov | yes | no | 27.16s | |
| devskim | yes | 61 | 1.23s | ||
| ✅ REPOSITORY | dustilock | yes | no | 1.6s | |
| ✅ REPOSITORY | git_diff | yes | no | 0.04s | |
| ✅ REPOSITORY | secretlint | yes | no | 5.09s | |
| ✅ REPOSITORY | syft | yes | no | 3.25s | |
| ✅ REPOSITORY | trivy | yes | no | 18.08s | |
| ✅ SPELL | cspell | 730 | 0 | 18.91s | |
| ✅ SPELL | misspell | 551 | 2 | 0 | 0.51s |
| ✅ XML | xmllint | 3 | 0 | 0 | 0.03s |
| ✅ YAML | prettier | 81 | 0 | 0 | 2.55s |
| ✅ YAML | v8r | 23 | 0 | 55.97s | |
| ✅ YAML | yamllint | 82 | 0 | 1.47s |
See detailed report in MegaLinter reports
You could have same capabilities but better runtime performances if you request a new MegaLinter flavor.
MegaLinter is graciously provided by
| # Manage cases where linters are missing in flavor | ||
| if len(missing_linters) > 0: | ||
| # Do not warn/stop if missing linters are repository ones (mostly OX.security related) | ||
| if not are_all_repository_linters(missing_linters): |
There was a problem hiding this comment.
@Kurt-von-Laven plz could you rename are_all_repository_linters into are_ignorable_linters, and move your check inside the method ? thanks :)
There was a problem hiding this comment.
The reason I moved the check up here was that I didn't think we should be including the repository linters in missing_linters since we display its contents to the user. I can decompose the check (and rename the helper method) and retain the effect of the commit copied below, but it feels indirect to add the linters into this list only to then immediately remove them. I could alternatively revert the commit copied below (and rename the helper method) if you would rather we continue listing these linters as missing.
Don't warn that REPOSITORY linters are missing
Some REPOSITORY linters are intentionally omitted from flavors to keep their size small and performance fast. Hence, their absence from a flavor isn't considered an error when
FAIL_IF_MISSING_LINTER_IN_FLAVORistrue. Therefore, omit them from the list of missing linters displayed to the user to avoid confusion.
There was a problem hiding this comment.
@Kurt-von-Laven I think you broke something here :(
Now the beta version of python flavor crashes before it looks for devskim, which is not in this flavor on purpose :/
There was a problem hiding this comment.
Can you link me to or paste the stack trace or error message? All of the checks that I see passed when this PR was merged to main, so I'm guessing this is an issue that snuck past CI?
There was a problem hiding this comment.
But the latest one works... I'm kind of lost, maybe it was just a version of beta that was wrongly built >_<
https://github.com/oxsecurity/megalinter/actions/runs/4052028152/jobs/6970984591
There was a problem hiding this comment.
Ah, yes, I remember seeing that error inconsistently while working on this pull request and I believe on #2275 as well, so I assumed it was unrelated to either. It sounds like this may be a job for git bisect since we aren't sure when it started, although it probably would have to be scripted to try several times since it's not reproducing consistently.
There was a problem hiding this comment.
There was a problem hiding this comment.
It impacts mega-linter-runner tests, which use javascript flavor
https://github.com/oxsecurity/megalinter/actions/workflows/mega-linter-for-runner.yml
There was a problem hiding this comment.
If I were to cd mega-linter-runner once and then npm run test repeatedly at each Git bisection point, would that be likely to isolate the issue to a particular commit?
|
@Kurt-von-Laven Another thought... why not just adding the following in the descriptor ? active_only_if_file_found:
- "package.json" |
| # Manage cases where linters are missing in flavor | ||
| if len(missing_linters) > 0: | ||
| # Do not warn/stop if missing linters are repository ones (mostly OX.security related) | ||
| if not are_all_repository_linters(missing_linters): |
There was a problem hiding this comment.
The reason I moved the check up here was that I didn't think we should be including the repository linters in missing_linters since we display its contents to the user. I can decompose the check (and rename the helper method) and retain the effect of the commit copied below, but it feels indirect to add the linters into this list only to then immediately remove them. I could alternatively revert the commit copied below (and rename the helper method) if you would rather we continue listing these linters as missing.
Don't warn that REPOSITORY linters are missing
Some REPOSITORY linters are intentionally omitted from flavors to keep their size small and performance fast. Hence, their absence from a flavor isn't considered an error when
FAIL_IF_MISSING_LINTER_IN_FLAVORistrue. Therefore, omit them from the list of missing linters displayed to the user to avoid confusion.
The former is slightly faster as it generally doesn't create a new list.
Some REPOSITORY linters are intentionally omitted from flavors to keep their size small and performance fast. Hence, their absence from a flavor isn't considered an error when FAIL_IF_MISSING_LINTER_IN_FLAVOR is true. Therefore, omit them from the list of missing linters displayed to the user to avoid confusion.
Reduce indentation by inverting test, and prefer the more Pythonic test not list to len(list) == 0 for simplicity. Remove some comments rendered unnecessary via this more direct expression of our intent.
npm-package-json-lint only lints Node.js package.json files, so only run it when package.json is present. npm-package-json-lint is correctly omitted from most flavors. Many non-Node.js projects contain other JSON files, so this change prevents false positives when FAIL_IF_MISSING_LINTER_IN_FLAVOR is true.
Kurt-von-Laven
force-pushed
the
missing-linter
branch
from
069d738 to
c481644
Compare
🦙 MegaLinter status:
|
| Descriptor | Linter | Files | Fixed | Errors | Elapsed time |
|---|---|---|---|---|---|
| ✅ BASH | bash-exec | 7 | 0 | 0.02s | |
| ✅ BASH | shellcheck | 7 | 0 | 0.43s | |
| ✅ BASH | shfmt | 7 | 0 | 0 | 0.38s |
| ✅ COPYPASTE | jscpd | yes | no | 3.24s | |
| ✅ DOCKERFILE | hadolint | 105 | 0 | 10.97s | |
| ✅ JSON | eslint-plugin-jsonc | 21 | 0 | 0 | 2.67s |
| ✅ JSON | jsonlint | 19 | 0 | 0.31s | |
| ✅ JSON | v8r | 21 | 0 | 16.6s | |
| markdownlint | 309 | 0 | 229 | 7.57s | |
| ✅ MARKDOWN | markdown-link-check | 309 | 0 | 5.97s | |
| ✅ MARKDOWN | markdown-table-formatter | 309 | 0 | 0 | 19.4s |
| ✅ OPENAPI | spectral | 1 | 0 | 0.91s | |
| bandit | 176 | 45 | 2.78s | ||
| ✅ PYTHON | black | 176 | 0 | 0 | 5.66s |
| ✅ PYTHON | flake8 | 176 | 0 | 2.5s | |
| ✅ PYTHON | isort | 176 | 0 | 0 | 0.83s |
| ✅ PYTHON | mypy | 176 | 0 | 9.07s | |
| ✅ PYTHON | pylint | 176 | 0 | 15.55s | |
| pyright | 176 | 282 | 22.82s | ||
| ✅ REPOSITORY | checkov | yes | no | 32.39s | |
| ✅ REPOSITORY | git_diff | yes | no | 0.39s | |
| ✅ REPOSITORY | secretlint | yes | no | 8.29s | |
| ✅ REPOSITORY | trivy | yes | no | 29.35s | |
| ✅ SPELL | cspell | 730 | 0 | 27.3s | |
| ✅ SPELL | misspell | 551 | 0 | 0 | 1.0s |
| ✅ XML | xmllint | 3 | 0 | 0 | 0.45s |
| ✅ YAML | prettier | 81 | 0 | 0 | 3.41s |
| ✅ YAML | v8r | 23 | 0 | 62.65s | |
| ✅ YAML | yamllint | 82 | 0 | 1.7s |
See detailed report in MegaLinter reports
MegaLinter is graciously provided by
Kurt-von-Laven
changed the title
package.json is Present
|
The test failures seem unrelated to this PR. |
|
Unauthentified calls to api.github.com limits reached , as usual :/ Let's run the again :) |
| # Manage cases where linters are missing in flavor | ||
| if len(missing_linters) > 0: | ||
| # Do not warn/stop if missing linters are repository ones (mostly OX.security related) | ||
| if not are_all_repository_linters(missing_linters): |
Fixes #2279.
Proposed Changes
package.jsonis present.Readiness Checklist
Author/Contributor
Reviewing Maintainer
breakingif this is a large fundamental changeautomation,bug,documentation,enhancement,infrastructure, orperformance