ossf/scorecard
1
1
Fork 0
mirror of https://github.com/ossf/scorecard.git synced 2024-11-05 05:17:00 +03:00
Code Issues Actions 6 Packages Projects Releases Wiki Activity
3e2c0fa1f8
scorecard/checks/testdata/Dockerfile-pkg-managers
Alan Jowett fe6e0917ac
Support for detecting choco installer without required hash (#1810) 
* Initial support for choco installer

https://github.com/ossf/scorecard/issues/1807

Signed-off-by: Alan Jowett <alanjo@microsoft.com>

* PR feedback

Signed-off-by: Alan Jowett <alanjo@microsoft.com>

* Simplify if statement

Co-authored-by: laurentsimon <64505099+laurentsimon@users.noreply.github.com>
2022-04-25 09:40:35 -07:00

90 lines
3.0 KiB
Plaintext
Raw Blame History

# Copyright 2021 Security Scorecard Authors
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
RUN go get github.com/org/name@some_tag
RUN go install github.com/org/name@some_tag
RUN ["go", "install", "github.com/org/name@tag"]
RUN ["go", "install"]
RUN go install github.com/org/name@some_tag
RUN go get github.com/org/name@some_tag
RUN go get github.com/org/name@1111111111ccccccccccaaaaaaaaaa9999999999
RUN go get github.com/org/name@1111111111ccccccccccaaaaaaaaaa9999999999
RUN ["go", "install", "-Y", "github.com/org/name@1111111111ccccccccccaaaaaaaaaa9999999999"]
RUN ["go", "get", "github.com/org/name@1111111111ccccccccccaaaaaaaaaa9999999999"]
RUN go install /some/local/path
RUN go mod download
RUN go build -a bla
RUN ["pip", "install", "-r", "requirements.txt"]
RUN ["pip3", "install", "-r", "requirements.txt"]
RUN ["/bin/pip", "install", "-r", "requirements.txt"]
RUN ["pip3", "install"]
RUN ["pip", "install"]
RUN ["/bin/pip", "install", "-U"]
RUN pip install
RUN pip3 install
RUN pip install -r any_file
RUN pip3 install -r bla-requirements.txt
RUN ["pip", "install", "-r", "requirements.txt", "--require-hashes"]
RUN ["pip3", "install", "-r", "requirements.txt", "--require-hashes"]
RUN ["/bin/pip", "install", "--upgrade", "-r", "requirements.txt"]
RUN ["/bin/pip", "install", "--upgrade"]
RUN pip3 install -r bla-requirements.txt --require-hashes
RUN pip3 install --require-hashes -r bla-requirements.txt
RUN pip install somepkg
RUN pip3 install somepkg==1.2.3
RUN /bin/pip3 install -X -H somepkg
RUN python -m notpip -X bla
RUN python2.7 -m pip install -X -H somepkg \
'some-ther==1.2.3' \
'somebla<3.4.5'
RUN ["python", "-m", "pip", "install", "-X", "-H", "somepkg", \
"'some-ther==1.2.3'", \
"'somebla<3.4.5'"]
RUN ["python3", "-m", "pip", "install", "-X", "-H", "somepkg", \
"'some-ther==1.2.3'", \
"'somebla<3.4.5'"]
RUN python -m pip install bla1.whl 'some-pkg>1.2.3'
RUN python -m pip install "some-pkg>1.2.3" bla2.whl
RUN python -m pip install 'some-pkg>1.2.3' bla2.whl
RUN python -m pip install bla3.whl
RUN python -m pip install -r file
RUN python -m pip install 'some-pkg==1.2.3'
RUN python -m pip install 'some-pkg>1.2.3'
RUN npm install typescript
RUN npm install -g typescript
RUN npm i typescript
RUN npm i -g typescript
RUN npm install
RUN npm install -g
RUN npm i
RUN npm ci
RUN npm install-test
RUN npm install-ci-test
RUN choco install 'some-package'
RUN choco install 'some-other-package'
RUN choco install --requirechecksum 'some-package'
RUN choco install --requirechecksums 'some-package'
RUN choco install --require-checksums 'some-package'
Reference in New Issue View Git Blame Copy Permalink