Merge branch 'main' into main
This commit is contained in:
@@ -0,0 +1,55 @@
|
||||
# This workflow uses actions that are not certified by GitHub.
|
||||
# They are provided by a third-party and are governed by
|
||||
# separate terms of service, privacy policy, and support
|
||||
# documentation.
|
||||
#
|
||||
# NowSecure: The Mobile Security Experts <https://www.nowsecure.com/>.
|
||||
#
|
||||
# To use this workflow, you must have a token for NowSecure Platform. If you are a NowSecure customer,
|
||||
# you can find it in NowSecure Platform.
|
||||
#
|
||||
# If you *are not* a NowSecure customer, click here to sign up for a free trial to get access:
|
||||
# <https://bit.ly/ns-git-sbom>.
|
||||
#
|
||||
# Instructions:
|
||||
#
|
||||
# 1. In the settings for your repository, click "Secrets" then "New repository secret". Name the secret "NS_TOKEN" and
|
||||
# paste in your Platform token. If you do not have a Platform token, or wish to create a new one for GitHub, visit
|
||||
# NowSecure Platform and go to "Profile & Preferences" then create a token labelled "GitHub".
|
||||
#
|
||||
# 2. Follow the annotated workflow below and make any necessary modifications then save the workflow to your repository
|
||||
# and review the "Dependency graph" tab in the "Insights" pane once the action has run.
|
||||
|
||||
name: "NowSecure Mobile SBOM"
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: [ $default-branch, $protected-branches ]
|
||||
pull_request:
|
||||
# The branches below must be a subset of the branches above
|
||||
branches: [ $default-branch ]
|
||||
schedule:
|
||||
- cron: $cron-weekly
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
|
||||
jobs:
|
||||
nowsecure:
|
||||
name: NowSecure Mobile SBOM
|
||||
runs-on: ubuntu-latest
|
||||
permissions:
|
||||
contents: read
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v3
|
||||
|
||||
- name: Build your application
|
||||
run: ./gradlew assembleDebug # Update this to build your Android or iOS application
|
||||
|
||||
- name: NowSecure upload app
|
||||
uses: nowsecure/nowsecure-sbom-action@ecb731b6f17a83fa53f756f9dae2ec7034c5ed7c
|
||||
with:
|
||||
token: ${{ secrets.NS_TOKEN }}
|
||||
app_file: app-debug.apk # Update this to a path to your .ipa or .apk
|
||||
group_id: {{ groupId }} # Update this to your desired Platform group ID
|
||||
@@ -0,0 +1,21 @@
|
||||
{
|
||||
"name": "NowSecure Mobile SBOM",
|
||||
"creator": "NowSecure",
|
||||
"description": "Generate a Mobile SBOM for an application and submit to Dependency Graph",
|
||||
"iconName": "nowsecure",
|
||||
"categories": [
|
||||
"Code Scanning",
|
||||
"Java",
|
||||
"Kotlin",
|
||||
"Scala",
|
||||
"Swift",
|
||||
"Objective C",
|
||||
"C",
|
||||
"C++",
|
||||
"C#",
|
||||
"Rust",
|
||||
"JavaScript",
|
||||
"TypeScript",
|
||||
"Node"
|
||||
]
|
||||
}
|
||||
@@ -0,0 +1,14 @@
|
||||
{
|
||||
"name": "zScan",
|
||||
"creator": "Zimperium",
|
||||
"description": "The zimperium-zscan GitHub action scans your mobile app binary (iOS or Android) and identifies security, privacy, and compliance-related vulnerabilities. ",
|
||||
"iconName": "zscan",
|
||||
"categories": [
|
||||
"Code Scanning",
|
||||
"Java",
|
||||
"Kotlin",
|
||||
"Scala",
|
||||
"Swift",
|
||||
"Objective C"
|
||||
]
|
||||
}
|
||||
@@ -0,0 +1,61 @@
|
||||
# This workflow uses actions that are not certified by GitHub.
|
||||
# They are provided by a third-party and are governed by
|
||||
# separate terms of service, privacy policy, and support
|
||||
# documentation.
|
||||
#
|
||||
# The zimperium-zscan GitHub action scans your mobile app binary (iOS or Android)
|
||||
# and identifies security, privacy, and compliance-related vulnerabilities.
|
||||
#
|
||||
# Prerequisites:
|
||||
# * An active Zimperium zScan account is required. If you are not an existing Zimperium
|
||||
# zScan customer, please request a zSCAN demo by visiting https://www.zimperium.com/contact-us.
|
||||
# * Either GitHub Advanced Security (GHAS) or a public repository is required to display
|
||||
# issues and view the remediation information inside of GitHub code scanning alerts.
|
||||
#
|
||||
# For additional information and setup instructions
|
||||
# please visit: https://github.com/Zimperium/zScanMarketplace#readme
|
||||
|
||||
name: "Zimperium zScan"
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: [ $default-branch, $protected-branches ]
|
||||
pull_request:
|
||||
branches: [ $default-branch ]
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
|
||||
jobs:
|
||||
zscan:
|
||||
name: zScan
|
||||
runs-on: ubuntu-latest
|
||||
permissions:
|
||||
contents: read # for actions/checkout to fetch code
|
||||
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
|
||||
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v3
|
||||
|
||||
- name: Execute gradle build
|
||||
run: ./gradlew build # Change this to build your mobile application
|
||||
|
||||
- name: Run Zimperium zScan
|
||||
uses: zimperium/zscanmarketplace@bfc6670f6648d796098c251ccefcfdb98983174d
|
||||
timeout-minutes: 60
|
||||
with:
|
||||
# REPLACE: Zimperium Client Environment Name
|
||||
client_env: env_string
|
||||
# REPLACE: Zimperium Client ID
|
||||
client_id: id_string
|
||||
# REPLACE: Zimperium Client Secret
|
||||
client_secret: ${{ secrets.ZSCAN_CLIENT_SECRET }}
|
||||
# REPLACE: The path to an .ipa or .apk
|
||||
app_file: app-release-unsigned.apk
|
||||
|
||||
- name: Upload SARIF file
|
||||
uses: github/codeql-action/upload-sarif@v2
|
||||
with:
|
||||
sarif_file: Zimperium.sarif
|
||||
|
||||
@@ -0,0 +1,11 @@
|
||||
<?xml version="1.0" encoding="UTF-8" ?>
|
||||
<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">
|
||||
<svg width="900pt" height="750pt" viewBox="0 0 900 750" version="1.1" xmlns="http://www.w3.org/2000/svg">
|
||||
<g id="#63788eff">
|
||||
<path fill="#63788e" opacity="1.00" d=" M 169.76 58.08 C 248.92 45.26 328.85 36.97 408.99 34.00 C 434.66 34.01 460.32 33.98 485.98 34.01 C 566.09 36.97 645.97 45.22 725.07 58.14 C 773.12 123.20 820.59 188.70 868.62 253.78 C 857.86 253.89 847.46 250.91 836.96 248.98 C 699.42 221.76 559.34 204.66 418.96 206.84 C 416.92 207.01 414.93 207.43 412.94 207.86 C 389.26 208.73 365.56 209.50 341.91 211.16 C 286.53 214.80 231.34 221.09 176.45 229.24 C 125.58 236.94 74.79 245.53 24.64 257.10 C 25.55 254.66 27.15 252.60 28.71 250.54 C 75.59 186.29 122.48 122.04 169.76 58.08 Z" />
|
||||
<path fill="#63788e" opacity="1.00" d=" M 428.98 510.59 C 522.23 511.26 615.32 501.64 707.12 485.63 C 622.30 560.00 537.49 634.39 452.56 708.65 C 450.19 710.68 448.64 713.49 446.12 715.36 C 441.25 709.40 435.10 704.72 429.35 699.67 C 349.99 630.09 270.59 560.55 191.23 490.97 C 198.21 487.63 205.87 489.81 213.04 491.12 C 273.93 500.89 335.34 507.54 396.96 510.28 C 407.63 510.63 418.31 511.53 428.98 510.59 Z" />
|
||||
</g>
|
||||
<g id="#4b596bff">
|
||||
<path fill="#4b596b" opacity="1.00" d=" M 412.94 207.86 C 414.93 207.43 416.92 207.01 418.96 206.84 C 559.34 204.66 699.42 221.76 836.96 248.98 C 847.46 250.91 857.86 253.89 868.62 253.78 C 869.28 254.66 869.96 255.54 870.64 256.43 C 797.25 290.57 724.44 326.00 652.91 363.93 C 616.99 383.02 581.36 402.69 546.42 423.53 C 504.39 448.39 465.24 477.93 428.98 510.59 C 418.31 511.53 407.63 510.63 396.96 510.28 C 335.34 507.54 273.93 500.89 213.04 491.12 C 205.87 489.81 198.21 487.63 191.23 490.97 C 189.47 489.44 187.72 487.92 185.95 486.42 C 235.44 401.48 297.86 324.65 366.59 254.58 C 381.76 238.73 397.58 223.52 412.94 207.86 Z" />
|
||||
</g>
|
||||
</svg>
|
||||
|
After Width: | Height: | Size: 1.9 KiB |
Reference in New Issue
Block a user