search

notaryproject / notation

A CLI tool to sign and verify artifacts
https://notaryproject.dev/
Apache License 2.0
306 stars 84 forks source link

fix: `notation plugin install` error messages and tests #855

Closed Two-Hearts closed 6 months ago

Two-Hearts commented 6 months ago

This PR improves error messages of notation plugin install command and updates the related cli specs as well.

This PR also adds zip bomb and zip slip tests.

Resolves #853.

codecov-commenter commented 6 months ago

Codecov Report

Attention: 18 lines in your changes are missing coverage. Please review.

Comparison is base (dc575a6) 63.91% compared to head (29aabda) 65.14%.

Files Patch % Lines
cmd/notation/plugin/install.go 70.73% 8 Missing and 4 partials :warning:
internal/osutil/file.go 20.00% 3 Missing and 1 partial :warning:
cmd/notation/internal/plugin/plugin.go 0.00% 1 Missing :warning:
cmd/notation/plugin/uninstall.go 0.00% 1 Missing :warning:

:exclamation: Your organization needs to install the Codecov GitHub app to enable full functionality.

Additional details and impacted files ```diff @@ Coverage Diff @@ ## main #855 +/- ## ========================================== + Coverage 63.91% 65.14% +1.23% ========================================== Files 45 45 Lines 2699 2717 +18 ========================================== + Hits 1725 1770 +45 + Misses 820 787 -33 - Partials 154 160 +6 ```

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.