diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml index 76c82c2..2bb90ed 100644 --- a/.github/workflows/lint.yaml +++ b/.github/workflows/lint.yaml @@ -1,7 +1,7 @@ name: Lint on: - pull_request: + pull_request_target: branches: - main diff --git a/code-scanning/checkmarx-one.yml b/code-scanning/checkmarx-one.yml index d85c0c5..6214ab1 100644 --- a/code-scanning/checkmarx-one.yml +++ b/code-scanning/checkmarx-one.yml @@ -3,12 +3,12 @@ # separate terms of service, privacy policy, and support # documentation. -# The Checkmarx One GitHub Action enables you to trigger SAST, SCA, and KICS scans directly from the GitHub workflow. -# It provides a wrapper around the Checkmarx One CLI Tool which creates a zip archive from your source code repository -# and uploads it to Checkmarx One for scanning. The Github Action provides easy integration with GitHub while enabling +# The Checkmarx One GitHub Action enables you to trigger SAST, SCA, and KICS scans directly from the GitHub workflow. +# It provides a wrapper around the Checkmarx One CLI Tool which creates a zip archive from your source code repository +# and uploads it to Checkmarx One for scanning. The Github Action provides easy integration with GitHub while enabling # scan customization using the full functionality and flexibility of the CLI tool. -# This is a basic workflow to help you get started with Using Checkmarx One Action, +# This is a basic workflow to help you get started with Using Checkmarx One Action, # documentation can be found here : https://checkmarx.com/resource/documents/en/34965-68702-checkmarx-one-github-actions.html name: Checkmarx Scan @@ -30,7 +30,7 @@ jobs: contents: read # for actions/checkout to fetch code security-events: write # for github/codeql-action/upload-sarif to upload SARIF results actions: read # only required for a private repository by github/codeql-action/upload-sarif - + # The type of runner that the job will run on runs-on: ubuntu-latest @@ -39,7 +39,7 @@ jobs: # This step checks out a copy of your repository. - name: Checkout repository uses: actions/checkout@v3 - # This step creates the Checkmarx One scan + # This step creates the Checkmarx One scan - name: Checkmarx One scan uses: checkmarx/ast-github-action@8e887bb93dacc44e0f5b64ee2b06d5815f89d4fc with: diff --git a/code-scanning/properties/dependency-review.properties.json b/code-scanning/properties/dependency-review.properties.json index c195c73..f76aacd 100644 --- a/code-scanning/properties/dependency-review.properties.json +++ b/code-scanning/properties/dependency-review.properties.json @@ -13,4 +13,4 @@ "Ruby", "Actions", "PHP"] -} +} diff --git a/code-scanning/properties/mobsf.properties.json b/code-scanning/properties/mobsf.properties.json index a6afbfa..fb5d65b 100644 --- a/code-scanning/properties/mobsf.properties.json +++ b/code-scanning/properties/mobsf.properties.json @@ -4,10 +4,10 @@ "description": "Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.", "iconName": "mobsf", "categories": [ - "Code Scanning", - "Java", - "Swift", - "Objective-C", + "Code Scanning", + "Java", + "Swift", + "Objective-C", "Kotlin" ] } \ No newline at end of file diff --git a/code-scanning/properties/pmd.properties.json b/code-scanning/properties/pmd.properties.json index b96ecb7..7b79709 100644 --- a/code-scanning/properties/pmd.properties.json +++ b/code-scanning/properties/pmd.properties.json @@ -4,12 +4,12 @@ "description": "PMD is a static source code analyzer. It supports Java, JavaScript, Apex and Visualforce, Modelica, PLSQL, Apache Velocity, XML, XSL, Scala.", "iconName": "pmd", "categories": [ - "Code Scanning", - "Java", - "JavaScript", - "Apex", - "Modelica", - "PLSQL", + "Code Scanning", + "Java", + "JavaScript", + "Apex", + "Modelica", + "PLSQL", "Apache Velocity", "XML", "XSl", diff --git a/code-scanning/properties/semgrep.properties.json b/code-scanning/properties/semgrep.properties.json index 5f74ed5..c694b38 100644 --- a/code-scanning/properties/semgrep.properties.json +++ b/code-scanning/properties/semgrep.properties.json @@ -4,4 +4,4 @@ "description": "Continuously run Semgrep to find bugs and enforce secure code standards. Start with 1k+ community rules or write your own in a few minutes.", "iconName": "semgrep", "categories": ["Code Scanning", "Go", "Java", "JavaScript", "JSON", "Python", "Ruby", "TypeScript", "JSX", "TSX"] -} \ No newline at end of file +} \ No newline at end of file diff --git a/code-scanning/properties/sobelow.properties.json b/code-scanning/properties/sobelow.properties.json index 163e866..960ac8a 100644 --- a/code-scanning/properties/sobelow.properties.json +++ b/code-scanning/properties/sobelow.properties.json @@ -8,4 +8,3 @@ "Elixir" ] } - \ No newline at end of file diff --git a/code-scanning/properties/sonarcloud.properties.json b/code-scanning/properties/sonarcloud.properties.json index 9b88a78..0f4e151 100644 --- a/code-scanning/properties/sonarcloud.properties.json +++ b/code-scanning/properties/sonarcloud.properties.json @@ -3,5 +3,5 @@ "creator": "Sonar", "description": "Static analysis of code for vulnerability detection, covering 26+ languages. Start cleaning your code in minutes!", "iconName": "sonarcloud", - "categories": ["Code Scanning","abap","apex","c","cobol","cpp","cloudformation","csharp","css","flex","go","java","javascript","kotlin","objectivec","php","plsql","ruby","scala","swift","terraform","tsql","typescript","vb","vba","xml"] + "categories": ["Code Scanning","abap","apex","c","cobol","cpp","cloudformation","csharp","css","flex","go","java","javascript","kotlin","objectivec","php","plsql","ruby","scala","swift","terraform","tsql","typescript","vb","vba","xml"] }