William Woodruff
231e6b5f6f
python-publish: contents: read at toplevel
...
Signed-off-by: William Woodruff <william@trailofbits.com >
2024-03-19 16:41:37 -04:00
William Woodruff
f4c64fb836
Apply suggestions from code review
...
Co-authored-by: Sviatoslav Sydorenko (Святослав Сидоренко) <wk.cvs.github@sydorenko.org.ua >
2024-03-19 15:40:07 -04:00
William Woodruff
469c22e7a4
ci/python-publish: bump, use trusted publishing
...
Signed-off-by: William Woodruff <william@trailofbits.com >
2024-03-19 12:45:34 -04:00
Tim Heuer
3fb9f82449
Updating dotnet CI starter workflows ( #2333 )
...
* Update dotnet.yml
Updating versions
* Update dotnet-desktop.yml
Bumping versions
* Update ci/dotnet-desktop.yml
Co-authored-by: Alexis Abril <alexisabril@github.com >
---------
Co-authored-by: Alexis Abril <alexisabril@github.com >
2024-03-12 14:08:25 -05:00
Chad Bentz
03277899f0
tfsec latest v0.1.4 ( #2318 )
2024-03-06 15:46:46 -06:00
Jon Janego
be552580a6
Merge pull request #2305 from bigdaz/main
...
Update for `gradle/actions@v3.1.0` release
2024-02-14 10:03:12 -06:00
daz
d303234ad7
Update for gradle/actions@v3.1.0 release
...
- Bump version hashes to use `gradle/actions/setup-gradle@v3.1.0`
- Bump version hash to use `gradle/actions/dependency-submission@v3.1.0`
2024-02-13 14:00:27 -07:00
Sam Partington
2b5d980659
Merge pull request #2299 from actions/dependency-review-ownership
...
Code Scanning shouldn't own `dependency-review.yml`
2024-02-09 17:37:50 +00:00
Sam Partington
813dc76266
Merge branch 'main' into dependency-review-ownership
2024-02-09 17:33:22 +00:00
Jon Janego
da7a61e43c
Merge pull request #2297 from actions/jonjanego-patch-1
...
Changing default behavior to include comment summary in PR
2024-02-07 12:19:42 -06:00
Sam Partington
c4f5db6260
Code Scanning shouldn't own dependency-review.yml
2024-02-07 17:33:08 +00:00
Jon Janego
8aab15dd49
Update code-scanning/dependency-review.yml
...
begone, whitespace
Co-authored-by: Chad Bentz <1760475+felickz@users.noreply.github.com >
2024-02-07 09:06:01 -06:00
Jon Janego
ba9d3788e4
Changing default behavior to include comment summary in PR
...
also gave the workflow the appropriate permissions required, pull-requests: write
2024-02-06 12:55:25 -06:00
SOOS-GSteen
6e4aae97ef
soos-dast-scan.yml update ( #2240 )
...
* Update soos-dast-scan.yml
* use major version syntax
* code review
* lint
* Update soos-dast-scan.yml
2024-02-06 10:44:04 -06:00
Jon Janego
aecd7f349b
Merge pull request #2290 from bigdaz/main
...
Update for `gradle/actions@v3.0.0` release
2024-01-31 16:13:33 -06:00
daz
6c7819814a
Fix typo
2024-01-31 15:07:12 -07:00
daz
51848d8b15
Remove trailing whitespace
2024-01-31 13:38:44 -07:00
daz
b0b88404ff
Improve documentation in starter workflow
...
- Remove "optional" flag from dependency-submission
- Add example of running without Gradle wrapper
- Link to action docs
2024-01-31 13:29:02 -07:00
daz
2d30c1b64c
Update for gradle/actions@v3.0.0 release
...
- Bump version hashes to use `v3.0.0` of Gradle action
- Bump to Node20-compatible versions of `actions/checkout` and `actions/setup-java`
- Replace uses of `gradle/gradle-build-action` with `gradle/actions/setup-gradle`
- Split "Setup Gradle" step out of "Run Gradle" steps
- Add separate Job using `gradle/actions/dependency-submission` (flagged as optional)
- Bump to setup JDK 17
2024-01-31 05:34:15 -07:00
Jon Janego
0753b8da50
Merge pull request #2242 from ctcampbell/patch-1
...
Update dependency-review.yml actions/checkout version, add common with: options, and add comments for dependency submission
2024-01-29 14:40:24 -06:00
Jon Janego
cea0111003
Update dependency-review.yml
...
removing extra whitespace
2024-01-29 14:38:17 -06:00
Jon Janego
c969459da2
Merge branch 'main' into patch-1
2024-01-29 14:34:36 -06:00
James M. Greene
196126a4fc
Merge pull request #2288 from actions/pages-cache-v4
...
Update all Pages workflows to `actions/cache@v4` for `node20` compliance
2024-01-29 14:29:10 -06:00
James M. Greene
fc7f47d8b0
Update all Pages workflows to actions/cache@v4 for node20 compliance
2024-01-29 14:27:36 -06:00
Cameron Booth
170651fcd5
Merge pull request #2287 from actions/jonjanego-patch-1
...
Update CODEOWNERS
2024-01-29 12:26:40 -08:00
Jon Janego
7a5fb795ed
Update CODEOWNERS
2024-01-29 14:24:42 -06:00
Jon Janego
1d205de418
Update CODEOWNERS
...
adding dependency graph team as an additional codeowner for the /code-scanning/ directory
2024-01-29 12:24:50 -06:00
Chris Campbell
e67682c31c
Add perms for comment-summary-in-pr
2024-01-29 10:09:37 +00:00
Chris Campbell
a6ab3d3f95
Update dependency-review.yml
2024-01-29 09:05:18 +00:00
Chris Campbell
f9970771a8
Update dependency-review-action to v4
2024-01-29 08:47:36 +00:00
Chris Campbell
0d8fa6f490
Add $protected-branches to pull_request target
2024-01-26 09:03:10 +00:00
Chris Campbell
0239269003
Update to match standards in actions/starter-workflows/.../pull_request_template.md
2024-01-26 09:03:10 +00:00
Chris Campbell
aa49bd3095
Tidy up comments
2024-01-26 09:03:10 +00:00
Chris Campbell
11f5772f81
Update dependency-review.yml
2024-01-26 09:03:10 +00:00
Orhan Toy
4d89c3455a
Merge pull request #2275 from aeisenberg/patch-1
...
Clarify permisions on codeql-action starter
2024-01-10 23:12:29 +01:00
Andrew Eisenberg
42326d0804
Clarify permisions on codeql-action starter
2024-01-09 12:22:16 -08:00
James M. Greene
c31fe3d5d4
Merge pull request #2266 from actions/pages/use-artifacts-v4
...
Pages: Update all workflows to use Artifacts V4
2023-12-22 13:38:44 -06:00
James M. Greene
9ca802af48
Pages: Update all workflows to use Artifacts V4
2023-12-22 13:22:30 -06:00
lsynopsys
4f4ef4e030
Synopsys Action's starter workflow ( #2234 )
...
* Synopsys action starter workflow
* Synopsys action - Address review comments
* Synopsys action - Address review comments 2
* Addressed review comments
* Fixed review comments
* Parameter changes accommodation
---------
Co-authored-by: kishorikumar <104522232+kishorikumar@users.noreply.github.com >
Co-authored-by: Alexis Abril <alexisabril@github.com >
2023-12-22 12:11:56 -06:00
Orhan Toy
a0941187cc
Merge pull request #2257 from nickfyson/patch-2
...
update codeql.yml to reference node20 actions
2023-12-14 14:01:50 +01:00
Nick Fyson
3cb56ae6f3
update codeql.yml to reference node20 actions
2023-12-14 12:21:29 +00:00
James M. Greene
71ac18ef2d
Merge pull request #2244 from actions/pages-actions-updates
...
Pages: Update core actions usage and target Node 20
2023-12-04 15:54:00 -06:00
James M. Greene
e6948282a2
Revert to Ruby 3.1 due to incompatibility issues with google-protobuf
2023-12-04 13:26:42 -06:00
James M. Greene
78e2eb137d
Update to latest Hugo version
2023-12-04 13:09:37 -06:00
James M. Greene
b90d989799
Update setup-ruby and ruby-version for Pages Jekyll workflow
2023-12-04 13:07:46 -06:00
James M. Greene
036cf7236e
Update mdBook version
2023-12-04 13:02:46 -06:00
James M. Greene
a0a25cc2d4
Pages: Update core actions usage and target Node 20
2023-12-04 12:51:37 -06:00
Marco Gario
bd7e79e8ab
Merge pull request #2243 from actions/marcogario/analyze_protected_branches_prs
...
CodeQL: Include protected branches in PR analyses
2023-12-04 12:03:16 +01:00
Marco Gario
d4b398cf2d
Include protected branches in PR analyses
2023-12-04 10:24:28 +01:00
Philip Hayton
16ea338f2a
fix: bearer does not upload sarif report ( #2178 )
...
* fix: bearer does not upload sarif report
When issues are found the exit code is non zero and so the github action aborts before uploading the sarif report.
This change fixes that issues.
* chore: update bearer.yml following review
---------
Co-authored-by: Cédric Fabianski <cfabianski@me.com >
Co-authored-by: Cédric Fabianski <cedric@bearer.com >
2023-11-22 16:01:57 -06:00