Merge branch 'main' into main

This commit is contained in:
Jeevan Reddy Ragula
2022-09-09 11:26:55 +05:30
committed by GitHub
37 changed files with 863 additions and 62 deletions
+1 -1
View File
@@ -34,7 +34,7 @@ jobs:
# Customize the ruby version depending on your needs
- name: Setup Ruby
uses: ruby/setup-ruby@f20f1eae726df008313d2e0d78c5e602562a1bcf
uses: ruby/setup-ruby@0a29871fe2b0200a17a4497bae54fe5df0d973aa # v1.115.3
with:
ruby-version: '2.7'
+3 -6
View File
@@ -10,14 +10,11 @@
name: "Frogbot Scan and Fix"
on:
push:
branches:
# The scanning and creation of pull requests with fixes are triggered by pushing code to one of the these branches.
# You can edit the list of branches you wish to open fix pull requests on.
- "main"
- "master"
branches: [ $default-branch ]
permissions:
contents: write
pull-requests: write
security-events: write
jobs:
create-fix-pull-requests:
runs-on: ubuntu-latest
@@ -40,7 +37,7 @@ jobs:
# node-version: "16.x"
- uses: jfrog/frogbot@de3d42bf3a454ddf156632ae520a5ead49048416
- uses: jfrog/frogbot@34759934930c177bdefba6ca3a417589d4db6cab
env:
# [Mandatory]
# JFrog platform URL (This functionality requires version 3.29.0 or above of Xray)
+1 -1
View File
@@ -42,7 +42,7 @@ jobs:
# The full template list with the required GitHub Actions can be found at https://github.com/jfrog/frogbot/tree/master/templates/github-actions/scan-pull-request
- uses: jfrog/frogbot@de3d42bf3a454ddf156632ae520a5ead49048416
- uses: jfrog/frogbot@34759934930c177bdefba6ca3a417589d4db6cab
env:
# [Mandatory]
# JFrog platform URL (This functionality requires version 3.29.0 or above of Xray)
+54
View File
@@ -0,0 +1,54 @@
# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
# lintr provides static code analysis for R.
# It checks for adherence to a given style,
# identifying syntax errors and possible semantic issues,
# then reports them to you so you can take action.
# More details at https://lintr.r-lib.org/
name: lintr
on:
push:
branches: [ $default-branch, $protected-branches ]
pull_request:
# The branches below must be a subset of the branches above
branches: [ $default-branch ]
schedule:
- cron: $cron-weekly
permissions:
contents: read
jobs:
lintr:
name: Run lintr scanning
runs-on: ubuntu-latest
permissions:
contents: read # for checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Setup R
uses: r-lib/actions/setup-r@4e1feaf90520ec1215d1882fdddfe3411c08e492
- name: Setup lintr
uses: r-lib/actions/setup-r-dependencies@4e1feaf90520ec1215d1882fdddfe3411c08e492
with:
extra-packages: lintr
- name: Run lintr
run: lintr::sarif_output(lintr::lint_dir("."), "lintr-results.sarif")
shell: Rscript {0}
continue-on-error: true
- name: Upload analysis results to GitHub
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: lintr-results.sarif
wait-for-processing: true
@@ -0,0 +1,6 @@
{
"name": "lintr",
"description": "lintr provides static code analysis for R.",
"iconName": "lintr",
"categories": [ "Code Scanning", "R" ]
}
+1 -1
View File
@@ -35,7 +35,7 @@ jobs:
uses: actions/checkout@v3
- name: Setup Ruby
uses: ruby/setup-ruby@f20f1eae726df008313d2e0d78c5e602562a1bcf
uses: ruby/setup-ruby@0a29871fe2b0200a17a4497bae54fe5df0d973aa # v1.115.3
with:
ruby-version: 2.7
bundler-cache: true
+1 -1
View File
@@ -28,7 +28,7 @@ jobs:
# If running on a self-hosted runner, check it meets the requirements
# listed at https://github.com/ruby/setup-ruby#using-self-hosted-runners
- name: Set up Ruby
uses: ruby/setup-ruby@f20f1eae726df008313d2e0d78c5e602562a1bcf
uses: ruby/setup-ruby@0a29871fe2b0200a17a4497bae54fe5df0d973aa # v1.115.3
with:
ruby-version: 2.6
+4 -4
View File
@@ -25,12 +25,12 @@ jobs:
steps:
- name: "Checkout code"
uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v3.0.0
uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # tag=v3.0.0
with:
persist-credentials: false
- name: "Run analysis"
uses: ossf/scorecard-action@3e15ea8318eee9b333819ec77a36aca8d39df13e # v1.1.1
uses: ossf/scorecard-action@3e15ea8318eee9b333819ec77a36aca8d39df13e # tag=v1.1.1
with:
results_file: results.sarif
results_format: sarif
@@ -49,7 +49,7 @@ jobs:
# Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
# format to the repository Actions tab.
- name: "Upload artifact"
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 # v3.0.0
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 # tag=v3.0.0
with:
name: SARIF file
path: results.sarif
@@ -57,6 +57,6 @@ jobs:
# Upload the results to GitHub's code scanning dashboard.
- name: "Upload to code-scanning"
uses: github/codeql-action/upload-sarif@5f532563584d71fdef14ee64d17bafb34f751ce5 # v1.0.26
uses: github/codeql-action/upload-sarif@5f532563584d71fdef14ee64d17bafb34f751ce5 # tag=v1.0.26
with:
sarif_file: results.sarif