Merge pull request #1844 from actions/phantsure/lint-fix

Fix whitespace lint
This commit is contained in:
Sampark Sharma
2022-12-13 18:05:11 +05:30
committed by GitHub
11 changed files with 26 additions and 27 deletions
+2 -2
View File
@@ -1,7 +1,7 @@
name: Lint
on:
pull_request:
pull_request_target:
branches:
- main
@@ -28,4 +28,4 @@ jobs:
run: pip3 install pre-commit
- name: Run pre-commit
run: pre-commit run --all-files --show-diff-on-failure --color always
run: pre-commit run --all-files --show-diff-on-failure --color always
+1 -1
View File
@@ -29,7 +29,7 @@ For example: `ci/django.yml` and `ci/properties/django.properties.json`.
* `description`: the description shown in onboarding
* `iconName`: the icon name in the relevant folder, for example, `django` should have an icon `icons/django.svg`. Only SVG is supported at this time. Another option is to use [octicon](https://primer.style/octicons/). The format to use an octicon is `octicon <<icon name>>`. Example: `octicon person`
* `creator`: creator of the template shown in onboarding. All the workflow templates from an author will have the same `creator` field.
* `categories`: the categories that it will be shown under. Choose at least one category from the list [here](#categories). Further, choose the categories from the list of languages available [here](https://github.com/github/linguist/blob/master/lib/linguist/languages.yml). When a user views the available templates, those templates that match the same language will feature more prominently.
* `categories`: the categories that it will be shown under. Choose at least one category from the list [here](#categories). Further, choose the categories from the list of languages available [here](https://github.com/github/linguist/blob/master/lib/linguist/languages.yml) and the list of tech stacks available [here](https://github.com/github-starter-workflows/repo-analysis-partner/blob/main/tech_stacks.yml). When a user views the available templates, those templates that match the language and tech stacks will feature more prominently.
### Categories
* continuous-integration
+6 -6
View File
@@ -3,12 +3,12 @@
# separate terms of service, privacy policy, and support
# documentation.
# The Checkmarx One GitHub Action enables you to trigger SAST, SCA, and KICS scans directly from the GitHub workflow.
# It provides a wrapper around the Checkmarx One CLI Tool which creates a zip archive from your source code repository
# and uploads it to Checkmarx One for scanning. The Github Action provides easy integration with GitHub while enabling
# The Checkmarx One GitHub Action enables you to trigger SAST, SCA, and KICS scans directly from the GitHub workflow.
# It provides a wrapper around the Checkmarx One CLI Tool which creates a zip archive from your source code repository
# and uploads it to Checkmarx One for scanning. The Github Action provides easy integration with GitHub while enabling
# scan customization using the full functionality and flexibility of the CLI tool.
# This is a basic workflow to help you get started with Using Checkmarx One Action,
# This is a basic workflow to help you get started with Using Checkmarx One Action,
# documentation can be found here : https://checkmarx.com/resource/documents/en/34965-68702-checkmarx-one-github-actions.html
name: Checkmarx Scan
@@ -30,7 +30,7 @@ jobs:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif
# The type of runner that the job will run on
runs-on: ubuntu-latest
@@ -39,7 +39,7 @@ jobs:
# This step checks out a copy of your repository.
- name: Checkout repository
uses: actions/checkout@v3
# This step creates the Checkmarx One scan
# This step creates the Checkmarx One scan
- name: Checkmarx One scan
uses: checkmarx/ast-github-action@8e887bb93dacc44e0f5b64ee2b06d5815f89d4fc
with:
@@ -13,4 +13,4 @@
"Ruby",
"Actions",
"PHP"]
}
}
@@ -4,10 +4,10 @@
"description": "Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.",
"iconName": "mobsf",
"categories": [
"Code Scanning",
"Java",
"Swift",
"Objective-C",
"Code Scanning",
"Java",
"Swift",
"Objective-C",
"Kotlin"
]
}
+6 -6
View File
@@ -4,12 +4,12 @@
"description": "PMD is a static source code analyzer. It supports Java, JavaScript, Apex and Visualforce, Modelica, PLSQL, Apache Velocity, XML, XSL, Scala.",
"iconName": "pmd",
"categories": [
"Code Scanning",
"Java",
"JavaScript",
"Apex",
"Modelica",
"PLSQL",
"Code Scanning",
"Java",
"JavaScript",
"Apex",
"Modelica",
"PLSQL",
"Apache Velocity",
"XML",
"XSl",
@@ -4,4 +4,4 @@
"description": "Continuously run Semgrep to find bugs and enforce secure code standards. Start with 1k+ community rules or write your own in a few minutes.",
"iconName": "semgrep",
"categories": ["Code Scanning", "Go", "Java", "JavaScript", "JSON", "Python", "Ruby", "TypeScript", "JSX", "TSX"]
}
}
@@ -8,4 +8,3 @@
"Elixir"
]
}
@@ -3,5 +3,5 @@
"creator": "Sonar",
"description": "Static analysis of code for vulnerability detection, covering 26+ languages. Start cleaning your code in minutes!",
"iconName": "sonarcloud",
"categories": ["Code Scanning","abap","apex","c","cobol","cpp","cloudformation","csharp","css","flex","go","java","javascript","kotlin","objectivec","php","plsql","ruby","scala","swift","terraform","tsql","typescript","vb","vba","xml"]
"categories": ["Code Scanning","abap","apex","c","cobol","cpp","cloudformation","csharp","css","flex","go","java","javascript","kotlin","objectivec","php","plsql","ruby","scala","swift","terraform","tsql","typescript","vb","vba","xml"]
}
@@ -3,5 +3,5 @@
"creator": "Sonar",
"description": "Static analysis of code for vulnerability detection, covering 26+ languages. Start cleaning your code in minutes!",
"iconName": "sonarqube",
"categories": ["Code Scanning","abap","apex","c","cobol","cpp","cloudformation","csharp","css","flex","go","java","javascript","kotlin","objectivec","php","plsql","ruby","scala","swift","terraform","tsql","typescript","vb","vba","xml"]
"categories": ["Code Scanning","abap","apex","c","cobol","cpp","cloudformation","csharp","css","flex","go","java","javascript","kotlin","objectivec","php","plsql","ruby","scala","swift","terraform","tsql","typescript","vb","vba","xml"]
}
+3 -3
View File
@@ -3,7 +3,7 @@
# separate terms of service, privacy policy, and support
# documentation.
# This workflow helps you trigger a SonarQube analysis of your code and populates
# This workflow helps you trigger a SonarQube analysis of your code and populates
# GitHub Code Scanning alerts with the vulnerabilities found.
# (this feature is available starting from SonarQube 9.7, Developer Edition and above)
@@ -11,7 +11,7 @@
# 2. Import your project on SonarQube
# * Add your repository as a new project by clicking "Create project" from your homepage.
#
#
# 3. Select GitHub Actions as your CI and follow the tutorial
# * a. Generate a new token and add it to your GitHub repository's secrets using the name SONAR_TOKEN
# (On SonarQube, click on your avatar on top-right > My account > Security or ask your administrator)
@@ -39,7 +39,7 @@ permissions:
jobs:
Analysis:
runs-on: ubuntu-latest
steps:
- name: Analyze with SonarQube