Commit Graph

524 Commits

Author SHA1 Message Date
Dan Rigby 8ff5c7e7bb Merge branch 'main' into bump-actions 2024-04-25 12:51:52 -04:00
mponaws ac9c407320 Add starter-workflows for Policy Validator (#2375)
* Add starter-workflows for Policy Validator

* Add starter-workflows for Policy Validator

* Add starter-workflows for Policy Validator, removed references to GitHub secrets & S3 to keep it simple
2024-04-18 14:39:17 -05:00
Marco Gario a3194f5b47 Update CodeQL workflow to use packages:read permission.
Co-authored-by: Anders Starcke Henriksen <starcke@github.com>
2024-04-11 09:42:21 +02:00
Rex P ca5bcdc693 Add OSV-Scanner code scanning workflow (#2350)
* Add OSV-Scanner code scanning workflow

* Update code-scanning/osv-scanner.yml

Co-authored-by: Alexis Abril <alexisabril@github.com>

---------

Co-authored-by: Alexis Abril <alexisabril@github.com>
2024-04-09 22:21:33 -05:00
Josh Soref cd4b67d0b4 Checkout: Update all workflows to use Checkout V4 2024-04-05 15:29:37 -04:00
Issy Long 31a3e00dab codeql: Clarify that hosted larger runners only exist on GHEC
- Part of https://github.com/github/code-scanning/issues/13748.
2024-04-03 10:23:11 +01:00
SOOS-GSteen efd31e5f0f update soos dash action commit hash / sarif action version / logo (#2317)
* Update soos-dast-scan.yml

* Update soos-dast-scan.yml

* Update soos.svg

* Update code-scanning/soos-dast-scan.yml

Co-authored-by: Alexis Abril <alexisabril@github.com>

---------

Co-authored-by: Alexis Abril <alexisabril@github.com>
2024-04-01 15:11:05 -05:00
Spencer Schrock 4620c76b38 update Scorecard Action hashes and version comments (#2348)
* update action hashes and version comments

ossf/scorecard-action v2.1.2 is old and doesnt work after a Sigstore
change. https://blog.sigstore.dev/tuf-root-update/

Signed-off-by: Spencer Schrock <sschrock@google.com>

* downgrade actions/upload-artifact to node20 version of v3

dependabot will suggest upgrade to v4.3.1 for repos that can upgrade.
note: v3.pre.node20 is how dependabot refers to the pinned hash, so
use that so it can upgrade the comment

Signed-off-by: Spencer Schrock <sschrock@google.com>

* upgrade github/codeql-action/upload-sarif to v3.24.9

Signed-off-by: Spencer Schrock <sschrock@google.com>

---------

Signed-off-by: Spencer Schrock <sschrock@google.com>
Co-authored-by: Alexis Abril <alexisabril@github.com>
2024-03-27 13:25:03 -07:00
Andreas Deininger 831e9cb8e4 Bump workflow actions of various starter files (#2210) 2024-03-27 10:51:41 -07:00
Marco Gario fdbad9c74f Update codeql.yml
links to docs
2024-03-26 13:45:32 +01:00
Marco Gario 97c6254b5e Merge branch 'main' into update_codeql_template 2024-03-26 13:35:12 +01:00
Marco Gario aad9272438 Update codeql.yml
Limit matrix information in the job name to language by default
2024-03-26 13:18:17 +01:00
Chad Bentz 03277899f0 tfsec latest v0.1.4 (#2318) 2024-03-06 15:46:46 -06:00
Marco Gario 4a8c4e08b0 Update code-scanning/codeql.yml
Co-authored-by: Henry Mercer <henrymercer@github.com>
2024-02-19 15:57:02 +01:00
Marco Gario 8a973982d1 Update code-scanning/codeql.yml
Co-authored-by: Henry Mercer <henrymercer@github.com>
2024-02-19 15:54:06 +01:00
Marco Gario 05e4581159 Update codeql.yml with new build-mode 2024-02-15 09:01:39 +01:00
Jon Janego 8aab15dd49 Update code-scanning/dependency-review.yml
begone, whitespace

Co-authored-by: Chad Bentz <1760475+felickz@users.noreply.github.com>
2024-02-07 09:06:01 -06:00
Jon Janego ba9d3788e4 Changing default behavior to include comment summary in PR
also gave the workflow the appropriate permissions required, pull-requests: write
2024-02-06 12:55:25 -06:00
SOOS-GSteen 6e4aae97ef soos-dast-scan.yml update (#2240)
* Update soos-dast-scan.yml

* use major version syntax

* code review

* lint

* Update soos-dast-scan.yml
2024-02-06 10:44:04 -06:00
Jon Janego cea0111003 Update dependency-review.yml
removing extra whitespace
2024-01-29 14:38:17 -06:00
Chris Campbell e67682c31c Add perms for comment-summary-in-pr 2024-01-29 10:09:37 +00:00
Chris Campbell a6ab3d3f95 Update dependency-review.yml 2024-01-29 09:05:18 +00:00
Chris Campbell f9970771a8 Update dependency-review-action to v4 2024-01-29 08:47:36 +00:00
Chris Campbell 0d8fa6f490 Add $protected-branches to pull_request target 2024-01-26 09:03:10 +00:00
Chris Campbell 0239269003 Update to match standards in actions/starter-workflows/.../pull_request_template.md 2024-01-26 09:03:10 +00:00
Chris Campbell aa49bd3095 Tidy up comments 2024-01-26 09:03:10 +00:00
Chris Campbell 11f5772f81 Update dependency-review.yml 2024-01-26 09:03:10 +00:00
Andrew Eisenberg 42326d0804 Clarify permisions on codeql-action starter 2024-01-09 12:22:16 -08:00
lsynopsys 4f4ef4e030 Synopsys Action's starter workflow (#2234)
* Synopsys action starter workflow

* Synopsys action - Address review comments

* Synopsys action - Address review comments 2

* Addressed review comments

* Fixed review comments

* Parameter changes accommodation

---------

Co-authored-by: kishorikumar <104522232+kishorikumar@users.noreply.github.com>
Co-authored-by: Alexis Abril <alexisabril@github.com>
2023-12-22 12:11:56 -06:00
Nick Fyson 3cb56ae6f3 update codeql.yml to reference node20 actions 2023-12-14 12:21:29 +00:00
Marco Gario d4b398cf2d Include protected branches in PR analyses 2023-12-04 10:24:28 +01:00
Philip Hayton 16ea338f2a fix: bearer does not upload sarif report (#2178)
* fix: bearer does not upload sarif report

When issues are found the exit code is non zero and so the github action aborts before uploading the sarif report. 

This change fixes that issues.

* chore: update bearer.yml following review

---------

Co-authored-by: Cédric Fabianski <cfabianski@me.com>
Co-authored-by: Cédric Fabianski <cedric@bearer.com>
2023-11-22 16:01:57 -06:00
Isabelle c6c44522f3 Update to latest audit code version (#2209)
* Update to latest audit code version

* Fix Description

* Fix extra space in comments
2023-11-13 11:49:29 -06:00
David Verdeguer 61f8558b81 Update codeql.yml 2023-10-03 07:40:34 +02:00
Cédric Fabianski 9744b8f3b5 feat: add Bearer code scanning option 2023-07-17 15:30:33 +02:00
James M. Greene 0720e7f4d0 Merge branch 'main' into main 2023-07-13 11:00:22 -05:00
James M. Greene 652258c72a Bump frogbot to v2.10.0 2023-07-13 11:00:03 -05:00
James M. Greene 257b26fcde Merge branch 'main' into patch-3 2023-07-13 10:53:32 -05:00
James M. Greene f186f33e75 Merge branch 'main' into patch-4 2023-07-13 09:43:51 -05:00
James M. Greene ec351ca4a9 Delete trailing whitespace 2023-07-13 09:39:44 -05:00
James M. Greene bbb14beb4a Merge branch 'main' into patch-2 2023-07-13 09:37:46 -05:00
James M. Greene d0ceca4fea Compress the comment 2023-07-13 09:36:51 -05:00
delarea c4caf17ee5 Update latest commit 2023-07-03 17:30:23 +03:00
Chad Bentz 2402be0dd2 Update code-scanning/codeql.yml
Co-authored-by: Nick Liffen <nickliffen@github.com>
2023-06-15 16:46:40 -04:00
Jamie Scott 03ce4e088f Fix Linter Issues 2023-06-15 10:36:30 -07:00
Jamie Scott ebf081c724 Merge branch 'main' into js/endorlabs-update 2023-06-15 09:17:45 -07:00
Jamie Scott 6da5a650b9 Update case and spacing 2023-06-15 09:13:08 -07:00
Jamie Scott c6e2cb88e6 Add comments header 2023-06-15 09:11:51 -07:00
Jonathan Tamsut 768f356939 Merge branch 'main' into psalm-starter-workflow 2023-06-14 11:20:12 -07:00
Jamie Scott 10d0b40d4c Merge branch 'main' into js/endorlabs-update 2023-06-13 21:55:53 -07:00