Commit Graph

266 Commits

Author SHA1 Message Date
SOOS-JAlvarez 65cfd09f0d update soos dast to latest version 2022-10-26 16:05:53 -03:00
Sampark Sharma 89327a1d93 Merge branch 'main' into update-42crunch 2022-06-09 12:48:57 +05:30
Sampark Sharma e2ed348af3 Merge branch 'main' into main 2022-06-09 12:40:17 +05:30
Satyam Chaurasia 7ba355c39e Adding changes of version and repo URL issue 2022-06-08 06:39:55 +05:30
Anton Krasovsky 44f8355dd3 Update workflow to use the newest version of 42Crunch REST API Static Security Testing Action 2022-06-07 17:57:25 +01:00
Sampark Sharma 36e2f0ff5a Merge branch 'main' into pysa 2022-06-07 18:37:00 +05:30
Sampark Sharma 7586af9685 Merge branch 'main' into pyre 2022-06-07 18:35:08 +05:30
Edward 862560d6d0 Add workflow for Pysa
https://github.com/facebook/pysa-action
https://github.com/facebook/pyre-check
2022-06-06 18:06:03 -04:00
Edward eda5a46a95 Add Pyre starter workflow 2022-06-06 18:04:42 -04:00
Sampark Sharma 55277da135 Merge branch 'main' into patch-2 2022-06-06 16:03:16 +05:30
satyamchaurasiapersistent ab9d895e8d Repo Url and SHA value updated. 2022-06-06 11:45:21 +05:30
satyamchaurasiapersistent def3d9a065 Merge pull request #1 from DhavalPatelPersistent/patch-1
Update checkmarx.yml
2022-06-06 11:40:16 +05:30
Sampark Sharma d9a1c35a67 Merge branch 'main' into soosdast 2022-06-03 12:17:00 +05:30
SOOS-JAlvarez d33aefde62 updated action version 2022-06-02 12:12:22 -03:00
laurentsimon 74408a5287 Update scorecards.yml 2022-06-01 11:00:27 -07:00
laurentsimon 74b6f42255 Update scorecards.yml 2022-06-01 10:50:44 -07:00
laurentsimon 978c3bbb41 Update scorecards.yml 2022-06-01 09:15:10 -07:00
SOOS-JAlvarez 6f6fb6862e Merge pull request #1 from actions/main
Merge branch 'actions:main' into soosdast
2022-05-31 12:49:33 -03:00
Remco Vermeulen 7757e2cdbd Merge branch 'main' into patch-2 2022-05-31 14:34:24 +02:00
Remco Vermeulen 477f6af84e Shorten the comment
The comment is shortened by removing the URL to the documentation.

Co-authored-by: Sampark Sharma <phantsure@github.com>
2022-05-31 14:19:53 +02:00
Remco Vermeulen 27f5b1e9fd Add descriptive comment
The `actions: read` permission is only required when the workflow is executed in a private repository.
2022-05-31 12:28:16 +02:00
Remco Vermeulen 77df908268 Set fail-build property to false
Whenever a security issue is found the `scan action` fails the build and the step, which causes the workflow to fail before uploading the results to Code Scanning.
This change turns the error into a warning.
2022-05-30 14:16:42 +02:00
Remco Vermeulen b9fbda1e7d Add actions read permission
The CodeQL Action requires this permission to collect information of the workflow run.
2022-05-30 14:11:28 +02:00
SOOS-JAlvarez e2e966c910 couple fixes from review 2022-05-27 09:36:07 -03:00
laurentsimon 866ad3b83c updates 2022-05-26 14:50:13 +00:00
laurentsimon a80536a617 Scorecard v1.1.0 hash bump 2022-05-26 14:46:58 +00:00
SOOS-JAlvarez a4fc6b086e SOOS DAST starter action submission 2022-05-24 16:52:04 -03:00
Federico Builes a3f4ca426f Fixing typo in dependency-review-action. 2022-05-16 13:44:44 -07:00
Yong Yan fc57d75274 use action commitment sha 2022-05-09 11:16:42 -07:00
Yong Yan 3fc8d6c608 Merge branch 'main' into users/yongyan-gh/hadolint 2022-05-04 12:33:33 -07:00
Jack G Kafaty e6c5cbdbe2 Merge branch 'main' into patch-5 2022-05-02 12:37:31 -04:00
Yong Yan 39e5002eed Merge branch 'main' into users/yongyan-gh/hadolint 2022-05-02 01:54:24 -07:00
Yong Yan ee2bbcf8d8 update step name 2022-05-02 01:53:59 -07:00
Sampark Sharma ca970a2124 Fix typo 2022-05-02 12:23:29 +05:30
Abir Majumdar d09e57c7a3 Adding workflow for sobelow (static analysis tool for the Phoenix framework) (#1528)
* Adding sobelow workflow

* Removing setup-beam dependency

* Updating instructions
2022-04-29 00:52:57 +05:30
Bar Hofesh 662e915c0f Add NeuraLegion to starter workflows (#1203)
* Added Neuralegion to starter workflows

* Using an action

* Fixed Indentation :)

* Update neuralegion.yml

Co-authored-by: Bishal Prasad <bishal-pdmsft@github.com>
2022-04-29 00:31:20 +05:30
Yong Yan b6633ec292 Add starter workflow for hadolint 2022-04-26 22:00:20 -07:00
Aditya Sharad a2a01a4b0b CodeQL starter workflow: Replace git.io links
git.io is deprecated.
Replace the references with full links or aka.ms links to the same documentation.
2022-04-26 02:26:34 -07:00
DhavalPatelPersistent 308401f524 Update checkmarx.yml 2022-04-25 15:30:28 +05:30
Jack G Kafaty a5cb76fffb Update codeql.yml 2022-04-21 13:19:45 -04:00
Jack G Kafaty bf7a4cab85 Update codeql.yml
Line 51 added the query packs by default but commented.
Lines 62-63: added better instructions
Lines 68-70 added an example which provides better detail
2022-04-21 13:09:39 -04:00
Yong Yan 92b20ce19b Add ESLint starter workflow (#1461)
* Add ESLint starter workflow

* Specify versions

* update permission

* Add typescript to categories

* Update codeql action to v2; add comments

* address review feedbacks

* update categories
2022-04-14 11:34:48 +05:30
Anurag Chauhan 5a51a46097 Merge branch 'main' into patch-12 2022-04-13 12:47:24 +05:30
Bishal Prasad 94d3aff4c6 Remove creator property from rust-clippy
This is owned by @josepalafox's BD team in GitHub.
2022-04-12 10:27:04 +05:30
Yong Yan 66f87f9dfe Add clj-watson starter workflow (#1460)
* Add clj-watson starter workflow

* update permissions

* update to latest release

* Update clj-watson-action to official release

* Update code-scanning/clj-watson.yml

Co-authored-by: Matheus Bernardes <12648924+mthbernardes@users.noreply.github.com>

* Update code-scanning/clj-watson.yml

Co-authored-by: Matheus Bernardes <12648924+mthbernardes@users.noreply.github.com>

* update categories

* update categories

* Update code-scanning/clj-watson.yml

Co-authored-by: Matheus Bernardes <12648924+mthbernardes@users.noreply.github.com>

* Update code-scanning/properties/clj-watson.properties.json

Co-authored-by: Bishal Prasad <bishal-pdmsft@github.com>

* Update code-scanning/clj-watson.yml

Co-authored-by: Matheus Bernardes <12648924+mthbernardes@users.noreply.github.com>

* add comments to yml file

* Update clj-watson.properties.json

* use codeql-action/upload-sarif v2

Co-authored-by: Matheus Bernardes <12648924+mthbernardes@users.noreply.github.com>
Co-authored-by: Bishal Prasad <bishal-pdmsft@github.com>
2022-04-12 10:11:27 +05:30
Bishal Prasad 53ed8ca56f Merge branch 'main' into main 2022-04-10 23:20:32 +05:30
Sampark Sharma 769950ce81 Removing code-scanning/shiftleft as per author request (#1513)
Co-authored-by: Bishal Prasad <bishal-pdmsft@github.com>
2022-04-10 17:20:15 +05:30
Yong Yan cca97c83b8 Add rust-clippy starter workflow (#1462)
* Add rust-clippy starter workflow

* fix parameter `wait-for-processing` indent of action github/codeql-action/upload-sarif@v1

* Use commit sha instead of tag

* addressing pr comments

* Update creator

* Add comments
2022-04-09 13:58:14 +05:30
Federico Builes 9e8a797367 Merge branch 'main' into elireisman/dr-action 2022-04-06 15:49:02 +02:00
Christophe H 090ead86a9 Update syntax for validation 2022-04-06 14:51:15 +02:00