Merge branch 'main' into patch-1

This commit is contained in:
h0x0er
2022-02-08 20:26:28 +05:30
committed by GitHub
3 changed files with 21 additions and 1 deletions
+7 -1
View File
@@ -20,8 +20,14 @@ on:
schedule:
- cron: $cron-weekly
permissions:
contents: read
jobs:
Anchore-Build-Scan:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
runs-on: ubuntu-latest
steps:
- name: Checkout the code
@@ -36,4 +42,4 @@ jobs:
- name: Upload Anchore Scan Report
uses: github/codeql-action/upload-sarif@v1
with:
sarif_file: results.sarif
sarif_file: results.sarif
+8
View File
@@ -17,10 +17,18 @@ on:
- cron: $cron-weekly
# A workflow run is made up of one or more jobs that can run sequentially or in parallel - this job is specifically configured to use the Checkmarx CxFlow Action
permissions:
contents: read
jobs:
# This workflow contains a single job called "build"
build:
# The type of runner that the job will run on - Ubuntu is required as Docker is leveraged for the action
permissions:
contents: read # for actions/checkout to fetch code
issues: write # for checkmarx-ts/checkmarx-cxflow-github-action to write feedback to github issues
pull-requests: write # for checkmarx-ts/checkmarx-cxflow-github-action to write feedback to PR
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
runs-on: ubuntu-latest
# Steps require - checkout code, run CxFlow Action, Upload SARIF report (optional)
+6
View File
@@ -33,8 +33,14 @@ on:
schedule:
- cron: $cron-weekly
permissions:
contents: read
jobs:
rest-api-static-security-testing:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for 42Crunch/api-security-audit-action to upload results to Github Code Scanning
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2