MCPcopy
hub / github.com/ossf/scorecard / IsPackagingWorkflow

Function IsPackagingWorkflow

checks/fileparser/github_workflow.go:453–610  ·  view source on GitHub ↗

IsPackagingWorkflow checks for a packaging workflow.

(workflow *actionlint.Workflow, fp string)

Source from the content-addressed store, hash-verified

451
452// IsPackagingWorkflow checks for a packaging workflow.
453func IsPackagingWorkflow(workflow *actionlint.Workflow, fp string) (JobMatchResult, bool) {
454 jobMatchers := []JobMatcher{
455 {
456 Steps: []*JobMatcherStep{
457 {
458 Uses: "actions/setup-node",
459 With: map[string]string{"registry-url": "https://registry.npmjs.org"},
460 },
461 {
462 Run: "npm.*publish",
463 },
464 },
465 LogText: "candidate node publishing workflow using npm",
466 },
467 {
468 // Java packages with maven.
469 Steps: []*JobMatcherStep{
470 {
471 Uses: "actions/setup-java",
472 },
473 {
474 Run: "mvn.*deploy",
475 },
476 },
477 LogText: "candidate java publishing workflow using maven",
478 },
479 {
480 // Java packages with gradle.
481 Steps: []*JobMatcherStep{
482 {
483 Uses: "actions/setup-java",
484 },
485 {
486 Run: "gradle.*publish",
487 },
488 },
489 LogText: "candidate java publishing workflow using gradle",
490 },
491 {
492 // Scala packages with sbt-ci-release
493 Steps: []*JobMatcherStep{
494 {
495 Run: "sbt.*ci-release",
496 },
497 },
498 LogText: "candidate Scala publishing workflow using sbt-ci-release",
499 },
500 {
501 // Ruby packages.
502 Steps: []*JobMatcherStep{
503 {
504 Run: "gem.*push",
505 },
506 },
507 LogText: "candidate ruby publishing workflow using gem",
508 },
509 {
510 // NuGet packages.

Callers 3

PackagingFunction · 0.92
TestIsPackagingWorkflowFunction · 0.85

Calls 1

AnyJobsMatchFunction · 0.85

Tested by 1

TestIsPackagingWorkflowFunction · 0.68