Commit Graph

2182 Commits

Author SHA1 Message Date
William Woodruff 231e6b5f6f python-publish: contents: read at toplevel
Signed-off-by: William Woodruff <william@trailofbits.com>
2024-03-19 16:41:37 -04:00
William Woodruff f4c64fb836 Apply suggestions from code review
Co-authored-by: Sviatoslav Sydorenko (Святослав Сидоренко) <wk.cvs.github@sydorenko.org.ua>
2024-03-19 15:40:07 -04:00
William Woodruff 469c22e7a4 ci/python-publish: bump, use trusted publishing
Signed-off-by: William Woodruff <william@trailofbits.com>
2024-03-19 12:45:34 -04:00
Tim Heuer 3fb9f82449 Updating dotnet CI starter workflows (#2333)
* Update dotnet.yml

Updating versions

* Update dotnet-desktop.yml

Bumping versions

* Update ci/dotnet-desktop.yml

Co-authored-by: Alexis Abril <alexisabril@github.com>

---------

Co-authored-by: Alexis Abril <alexisabril@github.com>
2024-03-12 14:08:25 -05:00
Chad Bentz 03277899f0 tfsec latest v0.1.4 (#2318) 2024-03-06 15:46:46 -06:00
Jon Janego be552580a6 Merge pull request #2305 from bigdaz/main
Update for `gradle/actions@v3.1.0` release
2024-02-14 10:03:12 -06:00
daz d303234ad7 Update for gradle/actions@v3.1.0 release
- Bump version hashes to use `gradle/actions/setup-gradle@v3.1.0`
- Bump version hash to use `gradle/actions/dependency-submission@v3.1.0`
2024-02-13 14:00:27 -07:00
Sam Partington 2b5d980659 Merge pull request #2299 from actions/dependency-review-ownership
Code Scanning shouldn't own `dependency-review.yml`
2024-02-09 17:37:50 +00:00
Sam Partington 813dc76266 Merge branch 'main' into dependency-review-ownership 2024-02-09 17:33:22 +00:00
Jon Janego da7a61e43c Merge pull request #2297 from actions/jonjanego-patch-1
Changing default behavior to include comment summary in PR
2024-02-07 12:19:42 -06:00
Sam Partington c4f5db6260 Code Scanning shouldn't own dependency-review.yml 2024-02-07 17:33:08 +00:00
Jon Janego 8aab15dd49 Update code-scanning/dependency-review.yml
begone, whitespace

Co-authored-by: Chad Bentz <1760475+felickz@users.noreply.github.com>
2024-02-07 09:06:01 -06:00
Jon Janego ba9d3788e4 Changing default behavior to include comment summary in PR
also gave the workflow the appropriate permissions required, pull-requests: write
2024-02-06 12:55:25 -06:00
SOOS-GSteen 6e4aae97ef soos-dast-scan.yml update (#2240)
* Update soos-dast-scan.yml

* use major version syntax

* code review

* lint

* Update soos-dast-scan.yml
2024-02-06 10:44:04 -06:00
Jon Janego aecd7f349b Merge pull request #2290 from bigdaz/main
Update for `gradle/actions@v3.0.0` release
2024-01-31 16:13:33 -06:00
daz 6c7819814a Fix typo 2024-01-31 15:07:12 -07:00
daz 51848d8b15 Remove trailing whitespace 2024-01-31 13:38:44 -07:00
daz b0b88404ff Improve documentation in starter workflow
- Remove "optional" flag from dependency-submission
- Add example of running without Gradle wrapper
- Link to action docs
2024-01-31 13:29:02 -07:00
daz 2d30c1b64c Update for gradle/actions@v3.0.0 release
- Bump version hashes to use `v3.0.0` of Gradle action
- Bump to Node20-compatible versions of `actions/checkout` and `actions/setup-java`
- Replace uses of `gradle/gradle-build-action` with `gradle/actions/setup-gradle`
- Split "Setup Gradle" step out of "Run Gradle" steps
- Add separate Job using `gradle/actions/dependency-submission` (flagged as optional)
- Bump to setup JDK 17
2024-01-31 05:34:15 -07:00
Jon Janego 0753b8da50 Merge pull request #2242 from ctcampbell/patch-1
Update dependency-review.yml actions/checkout version, add common with: options, and add comments for dependency submission
2024-01-29 14:40:24 -06:00
Jon Janego cea0111003 Update dependency-review.yml
removing extra whitespace
2024-01-29 14:38:17 -06:00
Jon Janego c969459da2 Merge branch 'main' into patch-1 2024-01-29 14:34:36 -06:00
James M. Greene 196126a4fc Merge pull request #2288 from actions/pages-cache-v4
Update all Pages workflows to `actions/cache@v4` for `node20` compliance
2024-01-29 14:29:10 -06:00
James M. Greene fc7f47d8b0 Update all Pages workflows to actions/cache@v4 for node20 compliance 2024-01-29 14:27:36 -06:00
Cameron Booth 170651fcd5 Merge pull request #2287 from actions/jonjanego-patch-1
Update CODEOWNERS
2024-01-29 12:26:40 -08:00
Jon Janego 7a5fb795ed Update CODEOWNERS 2024-01-29 14:24:42 -06:00
Jon Janego 1d205de418 Update CODEOWNERS
adding dependency graph team as an additional codeowner for the /code-scanning/ directory
2024-01-29 12:24:50 -06:00
Chris Campbell e67682c31c Add perms for comment-summary-in-pr 2024-01-29 10:09:37 +00:00
Chris Campbell a6ab3d3f95 Update dependency-review.yml 2024-01-29 09:05:18 +00:00
Chris Campbell f9970771a8 Update dependency-review-action to v4 2024-01-29 08:47:36 +00:00
Chris Campbell 0d8fa6f490 Add $protected-branches to pull_request target 2024-01-26 09:03:10 +00:00
Chris Campbell 0239269003 Update to match standards in actions/starter-workflows/.../pull_request_template.md 2024-01-26 09:03:10 +00:00
Chris Campbell aa49bd3095 Tidy up comments 2024-01-26 09:03:10 +00:00
Chris Campbell 11f5772f81 Update dependency-review.yml 2024-01-26 09:03:10 +00:00
Orhan Toy 4d89c3455a Merge pull request #2275 from aeisenberg/patch-1
Clarify permisions on codeql-action starter
2024-01-10 23:12:29 +01:00
Andrew Eisenberg 42326d0804 Clarify permisions on codeql-action starter 2024-01-09 12:22:16 -08:00
James M. Greene c31fe3d5d4 Merge pull request #2266 from actions/pages/use-artifacts-v4
Pages: Update all workflows to use Artifacts V4
2023-12-22 13:38:44 -06:00
James M. Greene 9ca802af48 Pages: Update all workflows to use Artifacts V4 2023-12-22 13:22:30 -06:00
lsynopsys 4f4ef4e030 Synopsys Action's starter workflow (#2234)
* Synopsys action starter workflow

* Synopsys action - Address review comments

* Synopsys action - Address review comments 2

* Addressed review comments

* Fixed review comments

* Parameter changes accommodation

---------

Co-authored-by: kishorikumar <104522232+kishorikumar@users.noreply.github.com>
Co-authored-by: Alexis Abril <alexisabril@github.com>
2023-12-22 12:11:56 -06:00
Orhan Toy a0941187cc Merge pull request #2257 from nickfyson/patch-2
update codeql.yml to reference node20 actions
2023-12-14 14:01:50 +01:00
Nick Fyson 3cb56ae6f3 update codeql.yml to reference node20 actions 2023-12-14 12:21:29 +00:00
James M. Greene 71ac18ef2d Merge pull request #2244 from actions/pages-actions-updates
Pages: Update core actions usage and target Node 20
2023-12-04 15:54:00 -06:00
James M. Greene e6948282a2 Revert to Ruby 3.1 due to incompatibility issues with google-protobuf 2023-12-04 13:26:42 -06:00
James M. Greene 78e2eb137d Update to latest Hugo version 2023-12-04 13:09:37 -06:00
James M. Greene b90d989799 Update setup-ruby and ruby-version for Pages Jekyll workflow 2023-12-04 13:07:46 -06:00
James M. Greene 036cf7236e Update mdBook version 2023-12-04 13:02:46 -06:00
James M. Greene a0a25cc2d4 Pages: Update core actions usage and target Node 20 2023-12-04 12:51:37 -06:00
Marco Gario bd7e79e8ab Merge pull request #2243 from actions/marcogario/analyze_protected_branches_prs
CodeQL: Include protected branches in PR analyses
2023-12-04 12:03:16 +01:00
Marco Gario d4b398cf2d Include protected branches in PR analyses 2023-12-04 10:24:28 +01:00
Philip Hayton 16ea338f2a fix: bearer does not upload sarif report (#2178)
* fix: bearer does not upload sarif report

When issues are found the exit code is non zero and so the github action aborts before uploading the sarif report. 

This change fixes that issues.

* chore: update bearer.yml following review

---------

Co-authored-by: Cédric Fabianski <cfabianski@me.com>
Co-authored-by: Cédric Fabianski <cedric@bearer.com>
2023-11-22 16:01:57 -06:00