Spencer Schrock
4620c76b38
update Scorecard Action hashes and version comments ( #2348 )
...
* update action hashes and version comments
ossf/scorecard-action v2.1.2 is old and doesnt work after a Sigstore
change. https://blog.sigstore.dev/tuf-root-update/
Signed-off-by: Spencer Schrock <sschrock@google.com >
* downgrade actions/upload-artifact to node20 version of v3
dependabot will suggest upgrade to v4.3.1 for repos that can upgrade.
note: v3.pre.node20 is how dependabot refers to the pinned hash, so
use that so it can upgrade the comment
Signed-off-by: Spencer Schrock <sschrock@google.com >
* upgrade github/codeql-action/upload-sarif to v3.24.9
Signed-off-by: Spencer Schrock <sschrock@google.com >
---------
Signed-off-by: Spencer Schrock <sschrock@google.com >
Co-authored-by: Alexis Abril <alexisabril@github.com >
2024-03-27 13:25:03 -07:00
Andreas Deininger
831e9cb8e4
Bump workflow actions of various starter files ( #2210 )
2024-03-27 10:51:41 -07:00
Marco Gario
fdbad9c74f
Update codeql.yml
...
links to docs
2024-03-26 13:45:32 +01:00
Marco Gario
97c6254b5e
Merge branch 'main' into update_codeql_template
2024-03-26 13:35:12 +01:00
Marco Gario
aad9272438
Update codeql.yml
...
Limit matrix information in the job name to language by default
2024-03-26 13:18:17 +01:00
Chad Bentz
03277899f0
tfsec latest v0.1.4 ( #2318 )
2024-03-06 15:46:46 -06:00
Marco Gario
4a8c4e08b0
Update code-scanning/codeql.yml
...
Co-authored-by: Henry Mercer <henrymercer@github.com >
2024-02-19 15:57:02 +01:00
Marco Gario
8a973982d1
Update code-scanning/codeql.yml
...
Co-authored-by: Henry Mercer <henrymercer@github.com >
2024-02-19 15:54:06 +01:00
Marco Gario
05e4581159
Update codeql.yml with new build-mode
2024-02-15 09:01:39 +01:00
Jon Janego
8aab15dd49
Update code-scanning/dependency-review.yml
...
begone, whitespace
Co-authored-by: Chad Bentz <1760475+felickz@users.noreply.github.com >
2024-02-07 09:06:01 -06:00
Jon Janego
ba9d3788e4
Changing default behavior to include comment summary in PR
...
also gave the workflow the appropriate permissions required, pull-requests: write
2024-02-06 12:55:25 -06:00
SOOS-GSteen
6e4aae97ef
soos-dast-scan.yml update ( #2240 )
...
* Update soos-dast-scan.yml
* use major version syntax
* code review
* lint
* Update soos-dast-scan.yml
2024-02-06 10:44:04 -06:00
Jon Janego
cea0111003
Update dependency-review.yml
...
removing extra whitespace
2024-01-29 14:38:17 -06:00
Chris Campbell
e67682c31c
Add perms for comment-summary-in-pr
2024-01-29 10:09:37 +00:00
Chris Campbell
a6ab3d3f95
Update dependency-review.yml
2024-01-29 09:05:18 +00:00
Chris Campbell
f9970771a8
Update dependency-review-action to v4
2024-01-29 08:47:36 +00:00
Chris Campbell
0d8fa6f490
Add $protected-branches to pull_request target
2024-01-26 09:03:10 +00:00
Chris Campbell
0239269003
Update to match standards in actions/starter-workflows/.../pull_request_template.md
2024-01-26 09:03:10 +00:00
Chris Campbell
aa49bd3095
Tidy up comments
2024-01-26 09:03:10 +00:00
Chris Campbell
11f5772f81
Update dependency-review.yml
2024-01-26 09:03:10 +00:00
Andrew Eisenberg
42326d0804
Clarify permisions on codeql-action starter
2024-01-09 12:22:16 -08:00
lsynopsys
4f4ef4e030
Synopsys Action's starter workflow ( #2234 )
...
* Synopsys action starter workflow
* Synopsys action - Address review comments
* Synopsys action - Address review comments 2
* Addressed review comments
* Fixed review comments
* Parameter changes accommodation
---------
Co-authored-by: kishorikumar <104522232+kishorikumar@users.noreply.github.com >
Co-authored-by: Alexis Abril <alexisabril@github.com >
2023-12-22 12:11:56 -06:00
Nick Fyson
3cb56ae6f3
update codeql.yml to reference node20 actions
2023-12-14 12:21:29 +00:00
Marco Gario
d4b398cf2d
Include protected branches in PR analyses
2023-12-04 10:24:28 +01:00
Philip Hayton
16ea338f2a
fix: bearer does not upload sarif report ( #2178 )
...
* fix: bearer does not upload sarif report
When issues are found the exit code is non zero and so the github action aborts before uploading the sarif report.
This change fixes that issues.
* chore: update bearer.yml following review
---------
Co-authored-by: Cédric Fabianski <cfabianski@me.com >
Co-authored-by: Cédric Fabianski <cedric@bearer.com >
2023-11-22 16:01:57 -06:00
Isabelle
c6c44522f3
Update to latest audit code version ( #2209 )
...
* Update to latest audit code version
* Fix Description
* Fix extra space in comments
2023-11-13 11:49:29 -06:00
David Verdeguer
61f8558b81
Update codeql.yml
2023-10-03 07:40:34 +02:00
Cédric Fabianski
9744b8f3b5
feat: add Bearer code scanning option
2023-07-17 15:30:33 +02:00
James M. Greene
0720e7f4d0
Merge branch 'main' into main
2023-07-13 11:00:22 -05:00
James M. Greene
652258c72a
Bump frogbot to v2.10.0
2023-07-13 11:00:03 -05:00
James M. Greene
257b26fcde
Merge branch 'main' into patch-3
2023-07-13 10:53:32 -05:00
James M. Greene
f186f33e75
Merge branch 'main' into patch-4
2023-07-13 09:43:51 -05:00
James M. Greene
ec351ca4a9
Delete trailing whitespace
2023-07-13 09:39:44 -05:00
James M. Greene
bbb14beb4a
Merge branch 'main' into patch-2
2023-07-13 09:37:46 -05:00
James M. Greene
d0ceca4fea
Compress the comment
2023-07-13 09:36:51 -05:00
delarea
c4caf17ee5
Update latest commit
2023-07-03 17:30:23 +03:00
Chad Bentz
2402be0dd2
Update code-scanning/codeql.yml
...
Co-authored-by: Nick Liffen <nickliffen@github.com >
2023-06-15 16:46:40 -04:00
Jamie Scott
03ce4e088f
Fix Linter Issues
2023-06-15 10:36:30 -07:00
Jamie Scott
ebf081c724
Merge branch 'main' into js/endorlabs-update
2023-06-15 09:17:45 -07:00
Jamie Scott
6da5a650b9
Update case and spacing
2023-06-15 09:13:08 -07:00
Jamie Scott
c6e2cb88e6
Add comments header
2023-06-15 09:11:51 -07:00
Jonathan Tamsut
768f356939
Merge branch 'main' into psalm-starter-workflow
2023-06-14 11:20:12 -07:00
Jamie Scott
10d0b40d4c
Merge branch 'main' into js/endorlabs-update
2023-06-13 21:55:53 -07:00
Jonathan Tamsut
fef79f799e
Merge branch 'main' into patch-1
2023-06-13 11:04:08 -07:00
Jamie Scott
018bc70643
Update endorlabs.yml
2023-06-12 19:08:58 -07:00
Jamie Scott
9988e13794
Update endorlabs.yml
2023-06-12 19:08:27 -07:00
Jamie Scott
fae93dfd03
Update endorlabs.properties.json
2023-06-12 19:05:57 -07:00
Henry Mercer
47e25f9095
CodeQL: Update autobuild comment
...
Add Swift to the list of compiled languages that autobuild will try to build.
2023-06-12 11:13:06 +01:00
Chad Bentz
82f55d00bd
Bump DR to take advantage of latest features
2023-06-08 12:08:28 -04:00
ElizabethBarrord
bb9bbc31d8
add line at eof and adding icon
2023-06-07 17:28:33 -05:00