Always enable git_source registries#4000
Open
mbg wants to merge 1 commit into
Open
Conversation
Contributor
There was a problem hiding this comment.
Warning
- Copilot's review of this pull request may be incomplete because some of the changed files are excluded by your Copilot content exclusion settings. See Excluding content from Copilot for details.
Pull request overview
This PR updates start-proxy’s registry-credential filtering so that git_source registries are always enabled, even when credentials are otherwise filtered by language. This aligns with the stated goal that git_source registries can be used by generic workflow components (not only language-specific ones).
Changes:
- Introduce an “always enabled” registry-type allowlist (currently
git_source) and apply it during language-based filtering. - Adjust registry-credential tests to cover the new always-enabled behavior.
Show a summary per file
| File | Description |
|---|---|
| src/start-proxy.ts | Adds an always-enabled registry-type list and updates credential filtering logic accordingly. |
| src/start-proxy.test.ts | Updates/extends tests to validate git_source credentials are always returned across languages. |
| lib/entry-points.js | Generated/excluded by policy (not reviewed). |
Review details
Files excluded by content exclusion policy (1)
- lib/entry-points.js
- Files reviewed: 2/3 changed files
- Comments generated: 4
- Review effort level: Low
Comment on lines
302
to
+305
| // Filter credentials based on language if specified. `type` is the registry type. | ||
| // E.g., "maven_feed" for Java/Kotlin, "nuget_repository" for C#. | ||
| // We always allow types in `ALWAYS_ENABLED_REGISTRY_TYPE` since they can be used by | ||
| // other parts of the workflow. |
Member
Author
There was a problem hiding this comment.
Unrelated to this PR and the suggestion removes the part added in this PR for no reason.
| * enabled, because generic CodeQL workflow components may use them rather than just | ||
| * language-specific components. | ||
| */ | ||
| export const ALWAYS_ENABLED_REGISTRY_TYPE = ["git_source"]; |
Comment on lines
+645
to
+651
| for (const credential of credentials) { | ||
| t.true( | ||
| startProxyExports.ALWAYS_ENABLED_REGISTRY_TYPE.some( | ||
| (ty) => ty === credential.type, | ||
| ), | ||
| ); | ||
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR changes the language-based registry configuration filtering logic in the
start-proxyaction to always enablegit_sourceregistries sincegit_sourceregistries are useful outside of language-specific contexts.Risk assessment
For internal use only. Please select the risk level of this change:
Which use cases does this change impact?
Workflow types:
dynamicworkflows (Default Setup, Code Quality, ...).Products:
analysis-kinds: code-scanning.analysis-kinds: code-quality.Environments:
github.comand/or GitHub Enterprise Cloud with Data Residency.How did/will you validate this change?
.test.tsfiles).pr-checks).If something goes wrong after this change is released, what are the mitigation and rollback strategies?
How will you know if something goes wrong after this change is released?
Are there any special considerations for merging or releasing this change?
Merge / deployment checklist