Nagarjun Sanji
ab2a8c2716
Merge branch 'actions:main' into main
2025-12-01 16:18:07 +05:30
Mario Campos
43f0e19226
Add name to manual build step in CodeQL starter workflow
2025-10-09 13:42:49 -05:00
Mario Campos
69b278ad65
Update CodeQL action versions to v4 in workflow configuration
2025-10-07 10:11:06 -05:00
Konrad Pabjan
0d93bc2a4f
Merge branch 'main' into scorecard-bug-fix
2025-03-25 16:52:46 -04:00
Ruud Senden
7525cf0deb
Merge branch 'main' into fortify-20241106
2025-03-17 22:58:26 +01:00
Ruud Senden
dd84e34b8d
Update to latest published action version
2025-03-17 22:57:43 +01:00
Chad Bentz
c95135c3f9
Merge branch 'main' into patch-5
2025-03-05 01:28:16 -05:00
Spencer Schrock
4a5b4939a6
add future looking pull_request event to conditional
...
Scorecard currently has experimental support for the `pull_request`
trigger, so we want to allow analysis to be run for it in the future.
Signed-off-by: Spencer Schrock <sschrock@google.com >
2025-02-24 11:32:33 -07:00
Josh Soref
41e00af395
Limit scorecard to default branch
...
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com >
2025-02-24 11:32:28 -07:00
Spencer Schrock
f70f9c8252
bump action versions to latest to resolve issues
...
1. Scorecard update v2.4.1 was released, which includes months of bug
fixes and a new `file_mode` input to address a .gitattributes bug.
2. Bumped actions/upload-artifact to the v4 branch. This was previously
kept at v3 as GHES doesn't support v4, but github.com no longer
supports v3: as uploads return the following error "Create Artifact
Container failed: The artifact name JSON file is not valid."
Signed-off-by: Spencer Schrock <sschrock@google.com >
2025-02-24 11:27:23 -07:00
Sadman Anik
fcdc1287fc
Fixed Linting Issues
2025-02-10 11:43:15 +06:00
Sadman Anik
345594d7f5
Updated actions/checkout v3 to v4
2025-02-07 14:47:21 +06:00
Sadman Anik
5969febe64
Resolved reviwed comments
2025-02-05 13:47:33 +06:00
Sadman Anik
51a27e7024
Merge branch 'main' into main
2025-02-04 16:17:52 +06:00
Chad Bentz
7db00754dc
Code Scanning: bandit to latest hash
...
ab1d87dfccc5a0ffab88be3aaac6ffe35c10d6cd
2025-02-03 15:12:05 -05:00
Andrew Eisenberg
adcb922ec2
Make the example setup more explicit.
2025-01-30 16:50:30 -08:00
Sadman Anik
1de3a149b3
Update black-duck-security-scan-ci.yml
2025-01-30 13:48:02 +06:00
Andrew Eisenberg
7398b4eca4
Remove trailing whitespace
2025-01-29 15:39:32 -08:00
Andrew Eisenberg
2abfcee18d
Update codeql.yml
...
Explicitly suggest that users add their setup steps before calling init.
2025-01-29 14:23:54 -08:00
Sadman Anik
56844b15c7
Merge branch 'main' into main
2025-01-28 12:45:05 +06:00
SOOS-GSteen
9085976703
SOOS Dast Feature Update ( #2733 )
...
* Update soos-dast-scan.yml
* Update soos-dast-scan.yml
* Update soos-dast-scan.yml
2025-01-23 18:15:51 -06:00
Josh Gross
1e05f3c86d
Update starter workflows to use the latest artifact actions ( #2726 )
...
* Update starter workflows to use the latest artifact actions
* Ensure incompatible artifact actions aren't synced to GHES
2025-01-21 15:06:02 -05:00
Oscar Reimer
c8284a423c
Update debricked.yml
...
Update debricked.yml to use latest version debricked/actions
2025-01-16 14:03:53 +01:00
Beth Brennan
3cd0650576
Merge branch 'main' into bump-actions
2025-01-14 13:13:27 -05:00
Josh Soref
95a3224907
Remove stray -
...
Co-authored-by: Beth Brennan <34719884+elbrenn@users.noreply.github.com >
2025-01-13 20:52:25 -05:00
Beth Brennan
e1deb63e94
Merge branch 'main' into ubuntu-latest
2025-01-13 12:52:40 -05:00
Josh Soref
be1cddbe1d
Checkout: Update all workflows to use Checkout V4
2025-01-06 09:43:57 -05:00
Sadman Anik
84747ed355
Used hash instead of tag name
2024-12-23 16:49:39 +06:00
Sadman Anik
4a84ccf8e0
Added black duck security scan action template
2024-12-18 18:07:23 +06:00
Ruud Senden
0486897d48
Update action version, update comment
2024-11-22 14:24:04 +01:00
Ruud Senden
1c6c18c8ea
Remove trailing spaces
2024-11-08 11:31:30 +01:00
Ruud Senden
196973618e
Remove trailing spaces
2024-11-08 11:30:15 +01:00
Ruud Senden
4cbe5359f3
Update Fortify starter workflow
2024-11-08 11:18:15 +01:00
Ilya Khivrich
7f50c70218
pass token over stdin, add security to properties
2024-10-22 11:53:35 +03:00
Ilya Khivrich
09fa3b9723
add jfrog-sast flow
2024-10-21 23:01:52 +03:00
ginilpg
666350e29b
Added appknox.yml for code scanning ( #2498 )
...
Create appknox.json
Create appknox.svg
Update appknox.json
Update appknox.svg
Rename appknox.json to appknox.properties.json
Update appknox.yml
Update appknox.yml
Update appknox.properties.json
Formatting yml
Removed preview mode from appknox scanner
Removed preview mode from appknox scanner
Add Appknox starter workflow (#2447 )
* Added appknox.yml for code scanning
* Create appknox.json
* Create appknox.svg
* Update appknox.json
* Update appknox.svg
* Rename appknox.json to appknox.properties.json
* Update appknox.yml
* Update appknox.yml
* Update appknox.properties.json
* Formatting yml
removed preview mode
removed preview mode
precommit lint
2024-09-17 13:50:21 -05:00
Andrew Eisenberg
dea60ba593
Update code-scanning/eslint.yml
2024-09-11 11:12:06 -07:00
Andrew Eisenberg
9d2ae7c028
Update appknox.yml
...
Fix more whitespace issues.
2024-09-10 11:50:28 -07:00
Andrew Eisenberg
ddb47be888
Update appknox.yml
...
Fix linting errors (remove whitespace).
2024-09-10 11:46:17 -07:00
Andrew Eisenberg
53980cb868
Update eslint.yml
...
Ensure suppressed warnings don't make it into the SARIF.
2024-09-10 11:10:00 -07:00
ginilpg
9db23a2437
Add Appknox starter workflow ( #2447 )
...
* Added appknox.yml for code scanning
* Create appknox.json
* Create appknox.svg
* Update appknox.json
* Update appknox.svg
* Rename appknox.json to appknox.properties.json
* Update appknox.yml
* Update appknox.yml
* Update appknox.properties.json
* Formatting yml
2024-09-10 09:41:53 -05:00
Chad Bentz
6ac176a96e
CodeQL - Add unique name vs default setup
2024-08-23 10:49:57 -04:00
Ian Lynagh
ba125834f1
CodeQL: Remove Swift 2h timeout
...
Spurious intermittent timeouts are no longer expected on Swift.
2024-08-20 12:06:59 +01:00
Michael Chernov
83b6e98d43
Add Debricked starter workflow ( #2107 )
...
* Add Debricked starter workflow
* Add permissions section
* Remove schedule
* Fix review comments
---------
Co-authored-by: Alexis Abril <alexisabril@github.com >
2024-08-16 10:16:20 -05:00
SOOS-GSteen
af1bbdc430
Update soos-dast-scan.yml hash ( #2466 )
...
* Update soos-dast-scan.yml
* Update soos-dast-scan.yml
* Update soos-dast-scan.yml
* Update soos-dast-scan.yml
2024-08-16 10:10:57 -05:00
Josh Soref
a5047545ff
Ubuntu-Latest: Update all workflows to use ubuntu-latest
2024-08-06 01:11:49 -04:00
Jacob Wallraff
81a51b81d8
Merge branch 'main' into main
2024-08-01 14:50:04 -07:00
Jacob Wallraff
aa685e127e
Merge branch 'main' into bump-frogbot
2024-07-31 16:58:12 -07:00
Jacob Wallraff
e1c2a477dd
Merge branch 'main' into bump-actions-upload-sarif
2024-07-30 10:41:29 -07:00
Jacob Wallraff
1e293eebe5
Merge branch 'main' into bump-actions-setup-node
2024-07-30 10:38:56 -07:00