Commit Graph

493 Commits

Author SHA1 Message Date
Philip Hayton 16ea338f2a fix: bearer does not upload sarif report (#2178)
* fix: bearer does not upload sarif report

When issues are found the exit code is non zero and so the github action aborts before uploading the sarif report. 

This change fixes that issues.

* chore: update bearer.yml following review

---------

Co-authored-by: Cédric Fabianski <cfabianski@me.com>
Co-authored-by: Cédric Fabianski <cedric@bearer.com>
2023-11-22 16:01:57 -06:00
Isabelle c6c44522f3 Update to latest audit code version (#2209)
* Update to latest audit code version

* Fix Description

* Fix extra space in comments
2023-11-13 11:49:29 -06:00
David Verdeguer 61f8558b81 Update codeql.yml 2023-10-03 07:40:34 +02:00
Cédric Fabianski 9744b8f3b5 feat: add Bearer code scanning option 2023-07-17 15:30:33 +02:00
James M. Greene 0720e7f4d0 Merge branch 'main' into main 2023-07-13 11:00:22 -05:00
James M. Greene 652258c72a Bump frogbot to v2.10.0 2023-07-13 11:00:03 -05:00
James M. Greene 257b26fcde Merge branch 'main' into patch-3 2023-07-13 10:53:32 -05:00
James M. Greene f186f33e75 Merge branch 'main' into patch-4 2023-07-13 09:43:51 -05:00
James M. Greene ec351ca4a9 Delete trailing whitespace 2023-07-13 09:39:44 -05:00
James M. Greene bbb14beb4a Merge branch 'main' into patch-2 2023-07-13 09:37:46 -05:00
James M. Greene d0ceca4fea Compress the comment 2023-07-13 09:36:51 -05:00
delarea c4caf17ee5 Update latest commit 2023-07-03 17:30:23 +03:00
Chad Bentz 2402be0dd2 Update code-scanning/codeql.yml
Co-authored-by: Nick Liffen <nickliffen@github.com>
2023-06-15 16:46:40 -04:00
Jamie Scott 03ce4e088f Fix Linter Issues 2023-06-15 10:36:30 -07:00
Jamie Scott ebf081c724 Merge branch 'main' into js/endorlabs-update 2023-06-15 09:17:45 -07:00
Jamie Scott 6da5a650b9 Update case and spacing 2023-06-15 09:13:08 -07:00
Jamie Scott c6e2cb88e6 Add comments header 2023-06-15 09:11:51 -07:00
Jonathan Tamsut 768f356939 Merge branch 'main' into psalm-starter-workflow 2023-06-14 11:20:12 -07:00
Jamie Scott 10d0b40d4c Merge branch 'main' into js/endorlabs-update 2023-06-13 21:55:53 -07:00
Jonathan Tamsut fef79f799e Merge branch 'main' into patch-1 2023-06-13 11:04:08 -07:00
Jamie Scott 018bc70643 Update endorlabs.yml 2023-06-12 19:08:58 -07:00
Jamie Scott 9988e13794 Update endorlabs.yml 2023-06-12 19:08:27 -07:00
Jamie Scott fae93dfd03 Update endorlabs.properties.json 2023-06-12 19:05:57 -07:00
Henry Mercer 47e25f9095 CodeQL: Update autobuild comment
Add Swift to the list of compiled languages that autobuild will try to build.
2023-06-12 11:13:06 +01:00
Chad Bentz 82f55d00bd Bump DR to take advantage of latest features 2023-06-08 12:08:28 -04:00
ElizabethBarrord bb9bbc31d8 add line at eof and adding icon 2023-06-07 17:28:33 -05:00
ElizabethBarrord 64aaaf712e Merge branch 'actions:main' into add-credo-workflow 2023-06-07 17:12:20 -05:00
Jamie Scott ea40b7a267 Update to commit sha 2023-06-06 20:22:38 -07:00
Jamie Scott 43f7851be3 Change to specified version 2023-06-06 20:20:00 -07:00
Jamie Scott 437d407a8a add Endor Labs 2023-06-06 16:22:48 -07:00
Issy Long 5eb502afa5 Merge branch 'main' into codeql-add-swift 2023-06-02 09:50:06 +01:00
Chad Bentz 02d32ccbc2 ubuntu runner upgrade to vNext 2023-05-30 09:56:36 -04:00
Chad Bentz 5aa237a2b7 add descriptive name to trivy starter workflow 2023-05-30 09:38:22 -04:00
Aditya Sharad b015c848b6 CodeQL: Reduce job timeout to 2h if the target language is Swift
Some projects observed intermittent build timeouts with Swift.
In case this happens, and our CodeQL-level mitigations do not prevent the problem, we want to avoid using up 6h of the customer's billed macOS Actions minutes (which is the default timeout), so we suggest a reduced timeout of 2h.

This value is chosen to accommodate the total job time (build + CodeQL extraction + CodeQL analysis) we expect for large Swift projects. We may choose to adjust it in future.
2023-05-22 10:10:15 -07:00
Aditya Sharad 73f69c4600 CodeQL: Run on macOS by default if the target language is Swift
CodeQL Swift analysis is best supported on macOS.

In preparation for CodeQL supporting Swift analysis in beta,
adjust the CodeQL starter workflow template to run the `swift` matrix job on `macos-latest`, and all other matrix jobs on
`ubuntu-latest`. This does not affect the matrix itself.
2023-04-17 12:06:44 -07:00
Issy Long b9b8227591 Add Swift to the list of CodeQL-supported languages
- This is in public beta.
2023-04-11 15:40:06 +01:00
なつき eeb9248ea6 Update ruby/setup-ruby for CVE-2023-28755 and CVE-2023-28756 2023-04-04 14:26:08 -07:00
ElizabethBarrord dda2aa56ea Merge branch 'main' into add-credo-workflow 2023-03-24 09:23:52 -05:00
ElizabethBarrord fc5ffa2714 removed whitespace 2023-03-24 14:14:25 +00:00
James M. Greene ee942792c7 Merge branch 'main' into chore/replace-deprecated-command-with-environment-file 2023-03-14 00:23:56 -05:00
Omer Zidkoni c1b76c45d4 Frogbot update (#1980)
* Update Frogbot starter workflows

* Update

* Update Frogbot starter-workflows commit hash

---------

Co-authored-by: Sampark Sharma <phantsure@github.com>
2023-03-13 16:26:25 +05:30
Chad Bentz 19a9f5df85 Add runner size docs 2023-03-09 13:49:38 -05:00
ElizabethBarrord 07c72062df adding commit sha to for action 2023-03-07 20:56:57 +00:00
ElizabethBarrord f5cfb3ea9c Update code-scanning/credo.yml
Co-authored-by: Sampark Sharma <phantsure@github.com>
2023-03-07 14:52:54 -06:00
Eric Fernandez 02af783829 Addition of snyk-security workflow to enable the Snyk platform from a single GitHub Action (#1939)
* Create snyk-security.properties.json

* Create snyk-security.yml

* Update snyk-security.yml

* Fix mispelling

Co-authored-by: Sampark Sharma <phantsure@github.com>

* Apply comments from PR

- Moved documentation link to the top
- Made `|| true` optional
- Added commit SHA for the Snyk GitHub Action

* Remove empty space

Co-authored-by: Sampark Sharma <phantsure@github.com>

* Remove empty space in line end

Co-authored-by: Sampark Sharma <phantsure@github.com>

* Update Categories

* Updated after running pre-commit linting

---------

Co-authored-by: Sampark Sharma <phantsure@github.com>
2023-03-07 16:22:52 +05:30
syed-imran da484b4eb5 Update apisec-scan.yml (#1898)
Co-authored-by: Sampark Sharma <phantsure@github.com>
2023-03-04 18:12:33 +05:30
jongwooo 44ca9a5fd1 Replace deprecated command with environment file 2023-02-28 00:18:12 +09:00
ElizabethBarrord c7f44d7163 Merge branch 'main' into add-credo-workflow 2023-02-22 09:41:49 -06:00
ElizabethBarrord 77bc6e809f add credo properties 2023-02-22 15:39:47 +00:00
Tajinder Singh (TJ) 1d039e1607 fixed typo (#1942)
* fixed typo

* Update defender-for-devops.yml

* update to valid categories

* fixed request changes
2023-02-21 18:20:42 +05:30