Commit Graph

509 Commits

Author SHA1 Message Date
Chad Bentz 03277899f0 tfsec latest v0.1.4 (#2318) 2024-03-06 15:46:46 -06:00
Jon Janego 8aab15dd49 Update code-scanning/dependency-review.yml
begone, whitespace

Co-authored-by: Chad Bentz <1760475+felickz@users.noreply.github.com>
2024-02-07 09:06:01 -06:00
Jon Janego ba9d3788e4 Changing default behavior to include comment summary in PR
also gave the workflow the appropriate permissions required, pull-requests: write
2024-02-06 12:55:25 -06:00
SOOS-GSteen 6e4aae97ef soos-dast-scan.yml update (#2240)
* Update soos-dast-scan.yml

* use major version syntax

* code review

* lint

* Update soos-dast-scan.yml
2024-02-06 10:44:04 -06:00
Jon Janego cea0111003 Update dependency-review.yml
removing extra whitespace
2024-01-29 14:38:17 -06:00
Chris Campbell e67682c31c Add perms for comment-summary-in-pr 2024-01-29 10:09:37 +00:00
Chris Campbell a6ab3d3f95 Update dependency-review.yml 2024-01-29 09:05:18 +00:00
Chris Campbell f9970771a8 Update dependency-review-action to v4 2024-01-29 08:47:36 +00:00
Chris Campbell 0d8fa6f490 Add $protected-branches to pull_request target 2024-01-26 09:03:10 +00:00
Chris Campbell 0239269003 Update to match standards in actions/starter-workflows/.../pull_request_template.md 2024-01-26 09:03:10 +00:00
Chris Campbell aa49bd3095 Tidy up comments 2024-01-26 09:03:10 +00:00
Chris Campbell 11f5772f81 Update dependency-review.yml 2024-01-26 09:03:10 +00:00
Andrew Eisenberg 42326d0804 Clarify permisions on codeql-action starter 2024-01-09 12:22:16 -08:00
lsynopsys 4f4ef4e030 Synopsys Action's starter workflow (#2234)
* Synopsys action starter workflow

* Synopsys action - Address review comments

* Synopsys action - Address review comments 2

* Addressed review comments

* Fixed review comments

* Parameter changes accommodation

---------

Co-authored-by: kishorikumar <104522232+kishorikumar@users.noreply.github.com>
Co-authored-by: Alexis Abril <alexisabril@github.com>
2023-12-22 12:11:56 -06:00
Nick Fyson 3cb56ae6f3 update codeql.yml to reference node20 actions 2023-12-14 12:21:29 +00:00
Marco Gario d4b398cf2d Include protected branches in PR analyses 2023-12-04 10:24:28 +01:00
Philip Hayton 16ea338f2a fix: bearer does not upload sarif report (#2178)
* fix: bearer does not upload sarif report

When issues are found the exit code is non zero and so the github action aborts before uploading the sarif report. 

This change fixes that issues.

* chore: update bearer.yml following review

---------

Co-authored-by: Cédric Fabianski <cfabianski@me.com>
Co-authored-by: Cédric Fabianski <cedric@bearer.com>
2023-11-22 16:01:57 -06:00
Isabelle c6c44522f3 Update to latest audit code version (#2209)
* Update to latest audit code version

* Fix Description

* Fix extra space in comments
2023-11-13 11:49:29 -06:00
David Verdeguer 61f8558b81 Update codeql.yml 2023-10-03 07:40:34 +02:00
Cédric Fabianski 9744b8f3b5 feat: add Bearer code scanning option 2023-07-17 15:30:33 +02:00
James M. Greene 0720e7f4d0 Merge branch 'main' into main 2023-07-13 11:00:22 -05:00
James M. Greene 652258c72a Bump frogbot to v2.10.0 2023-07-13 11:00:03 -05:00
James M. Greene 257b26fcde Merge branch 'main' into patch-3 2023-07-13 10:53:32 -05:00
James M. Greene f186f33e75 Merge branch 'main' into patch-4 2023-07-13 09:43:51 -05:00
James M. Greene ec351ca4a9 Delete trailing whitespace 2023-07-13 09:39:44 -05:00
James M. Greene bbb14beb4a Merge branch 'main' into patch-2 2023-07-13 09:37:46 -05:00
James M. Greene d0ceca4fea Compress the comment 2023-07-13 09:36:51 -05:00
delarea c4caf17ee5 Update latest commit 2023-07-03 17:30:23 +03:00
Chad Bentz 2402be0dd2 Update code-scanning/codeql.yml
Co-authored-by: Nick Liffen <nickliffen@github.com>
2023-06-15 16:46:40 -04:00
Jamie Scott 03ce4e088f Fix Linter Issues 2023-06-15 10:36:30 -07:00
Jamie Scott ebf081c724 Merge branch 'main' into js/endorlabs-update 2023-06-15 09:17:45 -07:00
Jamie Scott 6da5a650b9 Update case and spacing 2023-06-15 09:13:08 -07:00
Jamie Scott c6e2cb88e6 Add comments header 2023-06-15 09:11:51 -07:00
Jonathan Tamsut 768f356939 Merge branch 'main' into psalm-starter-workflow 2023-06-14 11:20:12 -07:00
Jamie Scott 10d0b40d4c Merge branch 'main' into js/endorlabs-update 2023-06-13 21:55:53 -07:00
Jonathan Tamsut fef79f799e Merge branch 'main' into patch-1 2023-06-13 11:04:08 -07:00
Jamie Scott 018bc70643 Update endorlabs.yml 2023-06-12 19:08:58 -07:00
Jamie Scott 9988e13794 Update endorlabs.yml 2023-06-12 19:08:27 -07:00
Jamie Scott fae93dfd03 Update endorlabs.properties.json 2023-06-12 19:05:57 -07:00
Henry Mercer 47e25f9095 CodeQL: Update autobuild comment
Add Swift to the list of compiled languages that autobuild will try to build.
2023-06-12 11:13:06 +01:00
Chad Bentz 82f55d00bd Bump DR to take advantage of latest features 2023-06-08 12:08:28 -04:00
ElizabethBarrord bb9bbc31d8 add line at eof and adding icon 2023-06-07 17:28:33 -05:00
ElizabethBarrord 64aaaf712e Merge branch 'actions:main' into add-credo-workflow 2023-06-07 17:12:20 -05:00
Jamie Scott ea40b7a267 Update to commit sha 2023-06-06 20:22:38 -07:00
Jamie Scott 43f7851be3 Change to specified version 2023-06-06 20:20:00 -07:00
Jamie Scott 437d407a8a add Endor Labs 2023-06-06 16:22:48 -07:00
Issy Long 5eb502afa5 Merge branch 'main' into codeql-add-swift 2023-06-02 09:50:06 +01:00
Chad Bentz 02d32ccbc2 ubuntu runner upgrade to vNext 2023-05-30 09:56:36 -04:00
Chad Bentz 5aa237a2b7 add descriptive name to trivy starter workflow 2023-05-30 09:38:22 -04:00
Aditya Sharad b015c848b6 CodeQL: Reduce job timeout to 2h if the target language is Swift
Some projects observed intermittent build timeouts with Swift.
In case this happens, and our CodeQL-level mitigations do not prevent the problem, we want to avoid using up 6h of the customer's billed macOS Actions minutes (which is the default timeout), so we suggest a reduced timeout of 2h.

This value is chosen to accommodate the total job time (build + CodeQL extraction + CodeQL analysis) we expect for large Swift projects. We may choose to adjust it in future.
2023-05-22 10:10:15 -07:00