Error while running action

Question

Error while running action

kislyuk opened this issue 3 years ago · comments

Error: request to https://dependabot-badges.githubapp.com/config_files/validate failed, reason: Hostname/IP does not match certificate's altnames: Host: api.dependabot.com. is not in the cert's altnames: DNS:*.gist.githubusercontent.com, DNS:gist.githubusercontent.com

marocchino · Answer 1 · Wed Nov 10 2021 16:42:50 GMT+0800 (China Standard Time)

Thank you for the report.
They must have noticed about stealing traffic.
It is easy to imitate IP and address and fix it, but it would be better to implement it in a different way. Let's take a look to see if there are any reusable parts of the code they've released.

Jose Vargas · Answer 2 · Thu Nov 11 2021 06:37:33 GMT+0800 (China Standard Time)

Subscribing, was trying to add this today and sad face

Mark Stopka · Answer 3 · Tue Jan 25 2022 05:27:10 GMT+0800 (China Standard Time)

Hi folks any update / workaround on this?

marocchino · Answer 4 · Tue Jan 25 2022 15:35:26 GMT+0800 (China Standard Time)

TL;DR sorry but, there is not clear answer here yet.

after research, It looks clear they use json schema but, there dose not opensource that schema.

I found the json schema but I am not sure it is officially maintained one.

Eir Nym · Answer 5 · Tue Jan 25 2022 15:39:45 GMT+0800 (China Standard Time)

I've saw Jetbrains products use similar schema

Mark Stopka · Answer 6 · Tue Jan 25 2022 20:53:20 GMT+0800 (China Standard Time)

Issue is logged with upstream dependabot/dependabot-core#4605

Mark Stopka · Answer 7 · Tue Jan 25 2022 21:57:26 GMT+0800 (China Standard Time)

Following worked:

Migrate dependabot-2.0.json to newest version ajv migrate -s dependabot-2.0.json -o new-dependabot-2.0.json and run ajv validate in such a way that it ignores the undefined x-intellij attributes.

mark_stopka@mark-asus-zenbook-s:~> ajv validate --strict=log -s dependabot-2.0.json -d dependabot.yml && echo ok
strict mode: unknown keyword: "x-intellij-enum-metadata"
strict mode: missing type "number" for keyword "minimum" at "http://json-schema.org/draft-04/schema#/properties/assignees" (strictTypes)
strict mode: unknown keyword: "x-intellij-enum-metadata"
strict mode: missing type "number" for keyword "minimum" at "http://json-schema.org/draft-04/schema#/properties/reviewers" (strictTypes)
strict mode: unknown keyword: "x-intellij-enum-metadata"
schema dependabot-2.0.json is invalid
error: schema is invalid: data must have required property 'version'

ajv migrate -s dependabot-2.0.json -o new-dependabot-2.0.json

mark_stopka@mark-asus-zenbook-s:~> ajv validate --strict=log -s new-dependabot-2.0.json -d dependabot.yml && echo ok
strict mode: unknown keyword: "x-intellij-enum-metadata"
strict mode: missing type "number" for keyword "minimum" at "http://json-schema.org/draft-04/schema#/properties/assignees" (strictTypes)
strict mode: unknown keyword: "x-intellij-enum-metadata"
strict mode: missing type "number" for keyword "minimum" at "http://json-schema.org/draft-04/schema#/properties/reviewers" (strictTypes)
strict mode: unknown keyword: "x-intellij-enum-metadata"
dependabot.yml valid
ok
mark_stopka@mark-asus-zenbook-s:~>

marocchino · Answer 8 · Wed Nov 16 2022 04:32:02 GMT+0800 (China Standard Time)

I reimplement this with schema-json and tag as v2.