Commit Graph

468 Commits

Author SHA1 Message Date
Jamie Scott 6da5a650b9 Update case and spacing 2023-06-15 09:13:08 -07:00
Jamie Scott c6e2cb88e6 Add comments header 2023-06-15 09:11:51 -07:00
Jamie Scott 10d0b40d4c Merge branch 'main' into js/endorlabs-update 2023-06-13 21:55:53 -07:00
Jonathan Tamsut fef79f799e Merge branch 'main' into patch-1 2023-06-13 11:04:08 -07:00
Jamie Scott 018bc70643 Update endorlabs.yml 2023-06-12 19:08:58 -07:00
Jamie Scott 9988e13794 Update endorlabs.yml 2023-06-12 19:08:27 -07:00
Jamie Scott fae93dfd03 Update endorlabs.properties.json 2023-06-12 19:05:57 -07:00
Henry Mercer 47e25f9095 CodeQL: Update autobuild comment
Add Swift to the list of compiled languages that autobuild will try to build.
2023-06-12 11:13:06 +01:00
ElizabethBarrord bb9bbc31d8 add line at eof and adding icon 2023-06-07 17:28:33 -05:00
ElizabethBarrord 64aaaf712e Merge branch 'actions:main' into add-credo-workflow 2023-06-07 17:12:20 -05:00
Jamie Scott ea40b7a267 Update to commit sha 2023-06-06 20:22:38 -07:00
Jamie Scott 43f7851be3 Change to specified version 2023-06-06 20:20:00 -07:00
Jamie Scott 437d407a8a add Endor Labs 2023-06-06 16:22:48 -07:00
Issy Long 5eb502afa5 Merge branch 'main' into codeql-add-swift 2023-06-02 09:50:06 +01:00
Aditya Sharad b015c848b6 CodeQL: Reduce job timeout to 2h if the target language is Swift
Some projects observed intermittent build timeouts with Swift.
In case this happens, and our CodeQL-level mitigations do not prevent the problem, we want to avoid using up 6h of the customer's billed macOS Actions minutes (which is the default timeout), so we suggest a reduced timeout of 2h.

This value is chosen to accommodate the total job time (build + CodeQL extraction + CodeQL analysis) we expect for large Swift projects. We may choose to adjust it in future.
2023-05-22 10:10:15 -07:00
Aditya Sharad 73f69c4600 CodeQL: Run on macOS by default if the target language is Swift
CodeQL Swift analysis is best supported on macOS.

In preparation for CodeQL supporting Swift analysis in beta,
adjust the CodeQL starter workflow template to run the `swift` matrix job on `macos-latest`, and all other matrix jobs on
`ubuntu-latest`. This does not affect the matrix itself.
2023-04-17 12:06:44 -07:00
Issy Long b9b8227591 Add Swift to the list of CodeQL-supported languages
- This is in public beta.
2023-04-11 15:40:06 +01:00
なつき eeb9248ea6 Update ruby/setup-ruby for CVE-2023-28755 and CVE-2023-28756 2023-04-04 14:26:08 -07:00
ElizabethBarrord dda2aa56ea Merge branch 'main' into add-credo-workflow 2023-03-24 09:23:52 -05:00
ElizabethBarrord fc5ffa2714 removed whitespace 2023-03-24 14:14:25 +00:00
James M. Greene ee942792c7 Merge branch 'main' into chore/replace-deprecated-command-with-environment-file 2023-03-14 00:23:56 -05:00
Omer Zidkoni c1b76c45d4 Frogbot update (#1980)
* Update Frogbot starter workflows

* Update

* Update Frogbot starter-workflows commit hash

---------

Co-authored-by: Sampark Sharma <phantsure@github.com>
2023-03-13 16:26:25 +05:30
ElizabethBarrord 07c72062df adding commit sha to for action 2023-03-07 20:56:57 +00:00
ElizabethBarrord f5cfb3ea9c Update code-scanning/credo.yml
Co-authored-by: Sampark Sharma <phantsure@github.com>
2023-03-07 14:52:54 -06:00
Eric Fernandez 02af783829 Addition of snyk-security workflow to enable the Snyk platform from a single GitHub Action (#1939)
* Create snyk-security.properties.json

* Create snyk-security.yml

* Update snyk-security.yml

* Fix mispelling

Co-authored-by: Sampark Sharma <phantsure@github.com>

* Apply comments from PR

- Moved documentation link to the top
- Made `|| true` optional
- Added commit SHA for the Snyk GitHub Action

* Remove empty space

Co-authored-by: Sampark Sharma <phantsure@github.com>

* Remove empty space in line end

Co-authored-by: Sampark Sharma <phantsure@github.com>

* Update Categories

* Updated after running pre-commit linting

---------

Co-authored-by: Sampark Sharma <phantsure@github.com>
2023-03-07 16:22:52 +05:30
syed-imran da484b4eb5 Update apisec-scan.yml (#1898)
Co-authored-by: Sampark Sharma <phantsure@github.com>
2023-03-04 18:12:33 +05:30
jongwooo 44ca9a5fd1 Replace deprecated command with environment file 2023-02-28 00:18:12 +09:00
ElizabethBarrord c7f44d7163 Merge branch 'main' into add-credo-workflow 2023-02-22 09:41:49 -06:00
ElizabethBarrord 77bc6e809f add credo properties 2023-02-22 15:39:47 +00:00
Tajinder Singh (TJ) 1d039e1607 fixed typo (#1942)
* fixed typo

* Update defender-for-devops.yml

* update to valid categories

* fixed request changes
2023-02-21 18:20:42 +05:30
Chris Carini 10f6091ee8 Update scorecard.yml with latest releases (#1944)
Update scorecard.yml with latest releases for ossf/scorecard-action & github/codeql-action/upload-sarif
2023-02-16 11:39:52 +05:30
Tajinder Singh (TJ) 62569bfea9 Add defender for devops workflow (#1940)
* Created new workflow for defender for devops

* Create defender-for-devops.properties.json

* fixed pr comments

* fixed linting issues

* fixed linting issues

* removed trailing white space

* changed from preview to v1.6.0
2023-02-15 17:57:26 +05:30
Omer Zidkoni dd99cc0733 Frogbot update (#1925)
* Update Frogbot starter workflows

* Update

* Update Frogbot starter-workflows commit hash
2023-02-08 17:49:57 +05:30
ElizabethBarrord c26da3749c adding credo workflow 2023-02-02 17:31:49 +00:00
vitorveiga a248253343 Add Jscrambler Code Integrity starter workflow (#1893)
* Add Jscrambler Code Integrity starter workflow

* Use hash commit

* fix: missing permissions and improve description

* chore: move to code scanning category

* chore: workflow checks review
2023-01-31 16:25:13 +05:30
Robin Neatherway d92e1f890e Correct indentation of "run" example 2023-01-23 15:56:27 +00:00
Bishal Prasad 96f31daf69 Try to fix lint error (#1914) 2023-01-23 11:10:50 +05:30
Paul Hodgkinson a3c3cf245c Added Bandit starter workflow and properties file (#1859)
* Added Bandit starter workflow and properties file. Python security scanner, Action by a Hubber, wraps free tool

* Set icon name to one in the icons folder

* Switched to Bandit's own SVG icon

* Added workflow disclaimer

* Fixed author name

Co-authored-by: Sampark Sharma <phantsure@github.com>
2023-01-12 16:27:17 +05:30
Gabriela Gutierrez 9f245d9aba Update 'Scorecards' occurrences to 'Scorecard' (#1889)
* Update Scorecard naming occurences

Signed-off-by: Gabriela Gutierrez <gabigutierrez@google.com>

* Update Scorecard icon naming

Signed-off-by: Gabriela Gutierrez <gabigutierrez@google.com>

* Update Scorecard workflow naming

Signed-off-by: Gabriela Gutierrez <gabigutierrez@google.com>

Signed-off-by: Gabriela Gutierrez <gabigutierrez@google.com>
Co-authored-by: Sampark Sharma <phantsure@github.com>
2023-01-03 13:49:28 +05:30
Matt Wang 65ce1d1247 Update all pinned versions of ruby/setup-ruby to latest (#1869) 2022-12-20 10:22:40 +01:00
Chris Gavin 95cee2a6f2 Add Kotlin to CodeQL supported languages. 2022-12-14 12:23:14 +00:00
Sampark Sharma 09f1d3bf86 Merge branch 'main' into phantsure/lint-fix 2022-12-13 18:04:36 +05:30
Sampark Sharma c363441cf9 Merge branch 'main' into patch-1 2022-12-13 17:59:18 +05:30
SOOS-JAlvarez 1006a379d3 linter 2022-12-13 08:40:14 -03:00
SOOS-JAlvarez babc52e1e2 Merge branch 'main' into soos-dast-update 2022-12-13 08:38:36 -03:00
SOOS-JAlvarez 5f790e392e update soos dast to latest version 2022-12-12 16:44:33 -03:00
Florin Coada 9e27144d52 Add explanation on which value to use to scan Kotlin and TypeScript
Added comments explaining which values should be used if the user would like to scan Kotlin or TypeScript.
2022-12-09 15:35:44 +00:00
hadar-co bf83018c61 Update code-scanning/datree.yml
Co-authored-by: Sampark Sharma <phantsure@github.com>
2022-12-08 09:57:36 +02:00
hadar-co eaef38b7d5 fix workflow 2022-12-08 09:56:22 +02:00
hadar-co 2fe9028318 fix workflow 2022-12-08 09:56:22 +02:00