Compare commits
9 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| ba8a6b0374 | |||
| e670dd5178 | |||
| 84fee7a0e6 | |||
| 83d9668e82 | |||
| 2de3b6e872 | |||
| 40b430b284 | |||
| 606ea175ce | |||
| 213eb60e28 | |||
| 7ae29e4a7c |
+39
@@ -0,0 +1,39 @@
|
||||
# Security
|
||||
|
||||
GitHub takes the security of our software products and services seriously,
|
||||
including all of the open source code repositories managed through our GitHub
|
||||
organizations, such as [GitHub](https://github.com/GitHub).
|
||||
|
||||
Even though
|
||||
[open source repositories are outside of the scope of our bug bounty program](https://bounty.github.com/index.html#scope)
|
||||
and therefore not eligible for bounty rewards, we will ensure that your finding
|
||||
gets passed along to the appropriate maintainers for remediation.
|
||||
|
||||
## Reporting Security Issues
|
||||
|
||||
If you believe you have found a security vulnerability in any GitHub-owned
|
||||
repository, please report it to us through coordinated disclosure.
|
||||
|
||||
**Please do not report security vulnerabilities through public GitHub issues,
|
||||
discussions, or pull requests.**
|
||||
|
||||
Instead, please send an email to opensource-security[@]github.com.
|
||||
|
||||
Please include as much of the information listed below as you can to help us
|
||||
better understand and resolve the issue:
|
||||
|
||||
- The type of issue (e.g., buffer overflow, SQL injection, or cross-site
|
||||
scripting)
|
||||
- Full paths of source file(s) related to the manifestation of the issue
|
||||
- The location of the affected source code (tag/branch/commit or direct URL)
|
||||
- Any special configuration required to reproduce the issue
|
||||
- Step-by-step instructions to reproduce the issue
|
||||
- Proof-of-concept or exploit code (if possible)
|
||||
- Impact of the issue, including how an attacker might exploit the issue
|
||||
|
||||
This information will help us triage your report more quickly.
|
||||
|
||||
## Policy
|
||||
|
||||
See
|
||||
[GitHub's Safe Harbor Policy](https://docs.github.com/en/site-policy/security-policies/github-bug-bounty-program-legal-safe-harbor#1-safe-harbor-terms)
|
||||
+17
@@ -0,0 +1,17 @@
|
||||
# Support
|
||||
|
||||
## How to file issues and get help
|
||||
|
||||
This project uses GitHub issues to track bugs and feature requests. Please
|
||||
search the existing issues before filing new issues to avoid duplicates. For new
|
||||
issues, file your bug or feature request as a new issue.
|
||||
|
||||
For help or questions about using this project, please file an issue.
|
||||
|
||||
This project is under active development and maintained by GitHub staff and the
|
||||
community. We will do our best to respond to support, feature requests, and
|
||||
community questions in a timely manner.
|
||||
|
||||
## GitHub Support Policy
|
||||
|
||||
Support for this project is limited to the resources listed above.
|
||||
+1
-1
@@ -1 +1 @@
|
||||
<svg xmlns="http://www.w3.org/2000/svg" width="116" height="20" role="img" aria-label="Coverage: 76.92%"><title>Coverage: 76.92%</title><linearGradient id="s" x2="0" y2="100%"><stop offset="0" stop-color="#bbb" stop-opacity=".1"/><stop offset="1" stop-opacity=".1"/></linearGradient><clipPath id="r"><rect width="116" height="20" rx="3" fill="#fff"/></clipPath><g clip-path="url(#r)"><rect width="63" height="20" fill="#555"/><rect x="63" width="53" height="20" fill="#e05d44"/><rect width="116" height="20" fill="url(#s)"/></g><g fill="#fff" text-anchor="middle" font-family="Verdana,Geneva,DejaVu Sans,sans-serif" text-rendering="geometricPrecision" font-size="110"><text aria-hidden="true" x="325" y="150" fill="#010101" fill-opacity=".3" transform="scale(.1)" textLength="530">Coverage</text><text x="325" y="140" transform="scale(.1)" fill="#fff" textLength="530">Coverage</text><text aria-hidden="true" x="885" y="150" fill="#010101" fill-opacity=".3" transform="scale(.1)" textLength="430">76.92%</text><text x="885" y="140" transform="scale(.1)" fill="#fff" textLength="430">76.92%</text></g></svg>
|
||||
<svg xmlns="http://www.w3.org/2000/svg" width="116" height="20" role="img" aria-label="Coverage: 77.27%"><title>Coverage: 77.27%</title><linearGradient id="s" x2="0" y2="100%"><stop offset="0" stop-color="#bbb" stop-opacity=".1"/><stop offset="1" stop-opacity=".1"/></linearGradient><clipPath id="r"><rect width="116" height="20" rx="3" fill="#fff"/></clipPath><g clip-path="url(#r)"><rect width="63" height="20" fill="#555"/><rect x="63" width="53" height="20" fill="#e05d44"/><rect width="116" height="20" fill="url(#s)"/></g><g fill="#fff" text-anchor="middle" font-family="Verdana,Geneva,DejaVu Sans,sans-serif" text-rendering="geometricPrecision" font-size="110"><text aria-hidden="true" x="325" y="150" fill="#010101" fill-opacity=".3" transform="scale(.1)" textLength="530">Coverage</text><text x="325" y="140" transform="scale(.1)" fill="#fff" textLength="530">Coverage</text><text aria-hidden="true" x="885" y="150" fill="#010101" fill-opacity=".3" transform="scale(.1)" textLength="430">77.27%</text><text x="885" y="140" transform="scale(.1)" fill="#fff" textLength="430">77.27%</text></g></svg>
|
||||
|
Before Width: | Height: | Size: 1.1 KiB After Width: | Height: | Size: 1.1 KiB |
+4
-11
@@ -33566,15 +33566,10 @@ async function run() {
|
||||
if (token === undefined) {
|
||||
throw new Error('GITHUB_TOKEN is not set');
|
||||
}
|
||||
let endpoint = coreExports.getInput('endpoint');
|
||||
// If we're in an org-owned repository, we should use the org-owned endpoint
|
||||
const repoOwner = process.env.GITHUB_REPOSITORY_OWNER;
|
||||
const ownerType = process.env.GITHUB_REPOSITORY_OWNER_TYPE;
|
||||
if (endpoint == 'https://models.github.ai/inference' &&
|
||||
ownerType == 'Organization') {
|
||||
endpoint = `https://models.github.ai/${repoOwner}/inference`;
|
||||
}
|
||||
const client = createClient(endpoint, new AzureKeyCredential(token));
|
||||
const endpoint = coreExports.getInput('endpoint');
|
||||
const client = createClient(endpoint, new AzureKeyCredential(token), {
|
||||
userAgentOptions: { userAgentPrefix: 'github-actions-ai-inference' }
|
||||
});
|
||||
const response = await client.path('/chat/completions').post({
|
||||
body: {
|
||||
messages: [
|
||||
@@ -33584,8 +33579,6 @@ async function run() {
|
||||
},
|
||||
{ role: 'user', content: prompt }
|
||||
],
|
||||
temperature: 1.0,
|
||||
top_p: 1.0,
|
||||
max_tokens: maxTokens,
|
||||
model: modelName
|
||||
}
|
||||
|
||||
+1
-1
File diff suppressed because one or more lines are too long
Generated
+43
-24
@@ -9,12 +9,13 @@
|
||||
"version": "0.0.0",
|
||||
"license": "MIT",
|
||||
"dependencies": {
|
||||
"@actions/core": "^1.11.1"
|
||||
"@actions/core": "^1.11.1",
|
||||
"@rollup/rollup-linux-x64-gnu": "*"
|
||||
},
|
||||
"devDependencies": {
|
||||
"@azure-rest/ai-inference": "latest",
|
||||
"@azure/core-auth": "latest",
|
||||
"@azure/core-sse": "latest",
|
||||
"@azure-rest/ai-inference": "*",
|
||||
"@azure/core-auth": "*",
|
||||
"@azure/core-sse": "*",
|
||||
"@eslint/compat": "^1.2.7",
|
||||
"@github/local-action": "^3.1.3",
|
||||
"@jest/globals": "^29.7.0",
|
||||
@@ -804,25 +805,27 @@
|
||||
}
|
||||
},
|
||||
"node_modules/@babel/helpers": {
|
||||
"version": "7.26.9",
|
||||
"resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.26.9.tgz",
|
||||
"integrity": "sha512-Mz/4+y8udxBKdmzt/UjPACs4G3j5SshJJEFFKxlCGPydG4JAHXxjWjAwjd09tf6oINvl1VfMJo+nB7H2YKQ0dA==",
|
||||
"version": "7.27.0",
|
||||
"resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.27.0.tgz",
|
||||
"integrity": "sha512-U5eyP/CTFPuNE3qk+WZMxFkp/4zUzdceQlfzf7DdGdhp+Fezd7HD+i8Y24ZuTMKX3wQBld449jijbGq6OdGNQg==",
|
||||
"dev": true,
|
||||
"license": "MIT",
|
||||
"dependencies": {
|
||||
"@babel/template": "^7.26.9",
|
||||
"@babel/types": "^7.26.9"
|
||||
"@babel/template": "^7.27.0",
|
||||
"@babel/types": "^7.27.0"
|
||||
},
|
||||
"engines": {
|
||||
"node": ">=6.9.0"
|
||||
}
|
||||
},
|
||||
"node_modules/@babel/parser": {
|
||||
"version": "7.26.9",
|
||||
"resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.26.9.tgz",
|
||||
"integrity": "sha512-81NWa1njQblgZbQHxWHpxxCzNsa3ZwvFqpUg7P+NNUU6f3UU2jBEg4OlF/J6rl8+PQGh1q6/zWScd001YwcA5A==",
|
||||
"version": "7.27.0",
|
||||
"resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.27.0.tgz",
|
||||
"integrity": "sha512-iaepho73/2Pz7w2eMS0Q5f83+0RKI7i4xmiYeBmDzfRVbQtTOG7Ts0S4HzJVsTMGI9keU8rNfuZr8DKfSt7Yyg==",
|
||||
"dev": true,
|
||||
"license": "MIT",
|
||||
"dependencies": {
|
||||
"@babel/types": "^7.26.9"
|
||||
"@babel/types": "^7.27.0"
|
||||
},
|
||||
"bin": {
|
||||
"parser": "bin/babel-parser.js"
|
||||
@@ -1054,14 +1057,15 @@
|
||||
}
|
||||
},
|
||||
"node_modules/@babel/template": {
|
||||
"version": "7.26.9",
|
||||
"resolved": "https://registry.npmjs.org/@babel/template/-/template-7.26.9.tgz",
|
||||
"integrity": "sha512-qyRplbeIpNZhmzOysF/wFMuP9sctmh2cFzRAZOn1YapxBsE1i9bJIY586R/WBLfLcmcBlM8ROBiQURnnNy+zfA==",
|
||||
"version": "7.27.0",
|
||||
"resolved": "https://registry.npmjs.org/@babel/template/-/template-7.27.0.tgz",
|
||||
"integrity": "sha512-2ncevenBqXI6qRMukPlXwHKHchC7RyMuu4xv5JBXRfOGVcTy1mXCD12qrp7Jsoxll1EV3+9sE4GugBVRjT2jFA==",
|
||||
"dev": true,
|
||||
"license": "MIT",
|
||||
"dependencies": {
|
||||
"@babel/code-frame": "^7.26.2",
|
||||
"@babel/parser": "^7.26.9",
|
||||
"@babel/types": "^7.26.9"
|
||||
"@babel/parser": "^7.27.0",
|
||||
"@babel/types": "^7.27.0"
|
||||
},
|
||||
"engines": {
|
||||
"node": ">=6.9.0"
|
||||
@@ -1095,10 +1099,11 @@
|
||||
}
|
||||
},
|
||||
"node_modules/@babel/types": {
|
||||
"version": "7.26.9",
|
||||
"resolved": "https://registry.npmjs.org/@babel/types/-/types-7.26.9.tgz",
|
||||
"integrity": "sha512-Y3IR1cRnOxOCDvMmNiym7XpXQ93iGDDPHx+Zj+NM+rg0fBaShfQLkg+hKPaZCEvg5N/LeCo4+Rj/i3FuJsIQaw==",
|
||||
"version": "7.27.0",
|
||||
"resolved": "https://registry.npmjs.org/@babel/types/-/types-7.27.0.tgz",
|
||||
"integrity": "sha512-H45s8fVLYjbhFH62dIJ3WtmJ6RSPt/3DRO0ZcT2SUiYiQyz3BLVb9ADEnLl91m74aQPS3AzzeajZHYOalWe3bg==",
|
||||
"dev": true,
|
||||
"license": "MIT",
|
||||
"dependencies": {
|
||||
"@babel/helper-string-parser": "^7.25.9",
|
||||
"@babel/helper-validator-identifier": "^7.25.9"
|
||||
@@ -3076,9 +3081,9 @@
|
||||
]
|
||||
},
|
||||
"node_modules/@rollup/rollup-linux-x64-gnu": {
|
||||
"version": "4.38.0",
|
||||
"resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-gnu/-/rollup-linux-x64-gnu-4.38.0.tgz",
|
||||
"integrity": "sha512-vPvNgFlZRAgO7rwncMeE0+8c4Hmc+qixnp00/Uv3ht2x7KYrJ6ERVd3/R0nUtlE6/hu7/HiiNHJ/rP6knRFt1w==",
|
||||
"version": "4.39.0",
|
||||
"resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-gnu/-/rollup-linux-x64-gnu-4.39.0.tgz",
|
||||
"integrity": "sha512-t9jqYw27R6Lx0XKfEFe5vUeEJ5pF3SGIM6gTfONSMb7DuG6z6wfj2yjcoZxHg129veTqU7+wOhY6GX8wmf90dA==",
|
||||
"cpu": [
|
||||
"x64"
|
||||
],
|
||||
@@ -9693,6 +9698,20 @@
|
||||
"fsevents": "~2.3.2"
|
||||
}
|
||||
},
|
||||
"node_modules/rollup/node_modules/@rollup/rollup-linux-x64-gnu": {
|
||||
"version": "4.38.0",
|
||||
"resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-gnu/-/rollup-linux-x64-gnu-4.38.0.tgz",
|
||||
"integrity": "sha512-vPvNgFlZRAgO7rwncMeE0+8c4Hmc+qixnp00/Uv3ht2x7KYrJ6ERVd3/R0nUtlE6/hu7/HiiNHJ/rP6knRFt1w==",
|
||||
"cpu": [
|
||||
"x64"
|
||||
],
|
||||
"dev": true,
|
||||
"license": "MIT",
|
||||
"optional": true,
|
||||
"os": [
|
||||
"linux"
|
||||
]
|
||||
},
|
||||
"node_modules/run-parallel": {
|
||||
"version": "1.2.0",
|
||||
"resolved": "https://registry.npmjs.org/run-parallel/-/run-parallel-1.2.0.tgz",
|
||||
|
||||
+4
-14
@@ -23,19 +23,11 @@ export async function run(): Promise<void> {
|
||||
throw new Error('GITHUB_TOKEN is not set')
|
||||
}
|
||||
|
||||
let endpoint = core.getInput('endpoint')
|
||||
const endpoint = core.getInput('endpoint')
|
||||
|
||||
// If we're in an org-owned repository, we should use the org-owned endpoint
|
||||
const repoOwner = process.env.GITHUB_REPOSITORY_OWNER
|
||||
const ownerType = process.env.GITHUB_REPOSITORY_OWNER_TYPE
|
||||
if (
|
||||
endpoint == 'https://models.github.ai/inference' &&
|
||||
ownerType == 'Organization'
|
||||
) {
|
||||
endpoint = `https://models.github.ai/${repoOwner}/inference`
|
||||
}
|
||||
|
||||
const client = ModelClient(endpoint, new AzureKeyCredential(token))
|
||||
const client = ModelClient(endpoint, new AzureKeyCredential(token), {
|
||||
userAgentOptions: { userAgentPrefix: 'github-actions-ai-inference' }
|
||||
})
|
||||
|
||||
const response = await client.path('/chat/completions').post({
|
||||
body: {
|
||||
@@ -46,8 +38,6 @@ export async function run(): Promise<void> {
|
||||
},
|
||||
{ role: 'user', content: prompt }
|
||||
],
|
||||
temperature: 1.0,
|
||||
top_p: 1.0,
|
||||
max_tokens: maxTokens,
|
||||
model: modelName
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user