Commit Graph

321 Commits

Author SHA1 Message Date
Simon Engledew 6b52b98767 Hide ESLint on GHES 2022-09-21 12:46:14 +01:00
omerzi e7e1dc2037 Update Frogbot's version 2022-09-20 16:36:24 +03:00
Sampark Sharma 67e9e6e817 Merge branch 'main' into codeql-category 2022-09-16 15:33:47 +05:30
Sampark Sharma a2618651d7 Merge branch 'main' into patch-1 2022-09-16 14:55:33 +05:30
Marco Gario cb341b59ed Update CodeQL to include category by default
Code Scanning can accept multiple uploads for the same tool and uses the concept of category to keep results separated.
If not provided explicitly, the category is computed based on a few parameters like workflow path and matrix variables. The implicit computation of the category can create confusion if users change their workflow, as we start considering the new analyses as unrelated to existing results.

By making the category explicit in the workflow we hope to make the concept more prominent and reduce accidental changes.
2022-09-16 09:25:07 +02:00
Chad Bentz 568b096f39 add actions: read to any job using upload-sarif 2022-09-14 18:17:28 -04:00
Azeem Shaikh 81fe53796f Update to scorecard-action:v2.0.3
Includes bug fixes
2022-09-14 09:37:06 -04:00
A-Katopodis cf9b684433 Updated powershell to v1.1 commit 2022-09-13 13:14:35 -05:00
naveensrinivasan 2333616c7d Upgraded scorecard action to v2.0.0
- Upgraded scorecard action to v2.0.0
https://github.com/ossf/scorecard-action/commit/13ec8c77e8a5dae7e0a0d47bde3e3004df15d34f

Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
2022-09-08 09:37:44 -05:00
Shaopeng f187f4a712 Merge branch 'main' into users/shaopeng-gh/lintr 2022-09-06 04:32:06 -07:00
Sampark Sharma 2184ca2468 Merge branch 'main' into main 2022-09-06 16:19:26 +05:30
Omer Zidkoni 7744fcb103 Merge branch 'main' into main 2022-09-06 09:28:31 +03:00
Sampark Sharma 3e8e8ddac6 Merge branch 'main' into setup-ruby-latest 2022-09-01 17:05:15 +05:30
Austen Stone a4af1b700b branches 2022-08-30 10:13:31 -04:00
omerzi 2f880ea2a2 Update Frogbot permissions and Tag 2022-08-28 16:07:58 +03:00
James M. Greene 9d734850ef Update all usages of ruby/setup-ruby to latest 2022-08-25 23:42:31 -05:00
laurentsimon a640bca95a Merge branch 'main' into patch-3 2022-08-24 09:22:57 -07:00
Omer Zidkoni bb6277cf2a Update frogbot-scan-pr.properties.json 2022-08-24 15:42:10 +03:00
Omer Zidkoni cdcdda3a89 Update frogbot-scan-and-fix.properties.json 2022-08-24 15:41:50 +03:00
Omer Zidkoni 5fd9f56689 Update frogbot-scan-pr.yml 2022-08-23 16:56:36 +03:00
Omer Zidkoni 77485a55d0 Update frogbot-scan-and-fix.yml 2022-08-23 16:56:22 +03:00
Omer Zidkoni c61f33a701 Merge branch 'main' into main 2022-08-23 11:21:25 +03:00
Omer Zidkoni f4c529ed9f Update frogbot-scan-and-fix.yml 2022-08-23 11:17:52 +03:00
Omer Zidkoni 27a76bc269 Update frogbot-scan-pr.yml 2022-08-23 11:17:35 +03:00
laurentsimon 5ab15a7349 Update scorecards.yml 2022-08-22 12:13:18 -07:00
omerzi 4d18310e04 added read permissions for private repos 2022-08-17 15:29:22 +03:00
Sampark Sharma 571a01b0f9 Merge branch 'main' into patch-1 2022-08-17 17:01:05 +05:30
omerzi a82c7d200a Code review changes 2022-08-17 09:41:13 +03:00
Keith Zantow 65d796c94f Add Anchore Syft SBOM scan workflow 2022-08-16 12:47:02 -04:00
Dylan Rinker b206471e4d Update clj-holes.yml
- Fixed a typo in the upload-sarif@v1 action 
- Commented out the rules-repository. The template will now default to rules in git://clj-holmes/clj-holmes-rules#main, but the format is preserved.
2022-08-16 09:24:41 -04:00
omerzi e35bb09c20 Code review changes 2022-08-07 09:32:25 +03:00
omerzi 8d20e65309 Adding JFrog Frogbot to GitHub starter workflows 2022-07-26 10:56:16 +03:00
omerzi 157a5156d8 Adding JFrog Frogbot to GitHub starter workflows 2022-07-26 10:54:41 +03:00
Federico Builes 948fdf226a Update the sample version of the Dependency Review action. 2022-06-28 17:20:56 +02:00
Shaopeng Li 658980f080 Add lintr starter workflow 2022-06-27 20:51:38 -07:00
divyansh42 beafd2dec2 Add CRDA starter workflow and modify openshift workflow
Signed-off-by: divyansh42 <diagrawa@redhat.com>
2022-06-24 16:25:53 +05:30
Sampark Sharma 1a3f256934 Merge branch 'main' into patch-1 2022-06-23 16:23:28 +05:30
Teppei Fukuda b2d74e9093 Update trivy-action to fix the performance issue
This version of trivy-action fixed an issue reported by GitHub. The detail is in https://github.com/aquasecurity/trivy/issues/2357.
2022-06-23 08:36:06 +03:00
Shaopeng Li bbd824dff4 use hash 2022-06-22 17:58:09 -07:00
Shaopeng Li be331aaa2f Add puppet-lint starter workflow 2022-06-22 17:54:14 -07:00
Austen Stone c91d79cf30 Update tfsec.yml (#1616) 2022-06-22 17:10:07 +05:30
Noah Irwin 11f6dcf7a3 Merge branch 'main' of https://github.com/actions/starter-workflows 2022-06-20 13:03:41 +01:00
Noah Irwin 3a8411e0fd Add workflow permissions 2022-06-20 11:44:08 +01:00
Shaopeng Li 5864b8200b move What PHPMD does is... below PHPMD is a spin-off... 2022-06-14 03:20:43 -07:00
Shaopeng aa2b29b1c9 Merge branch 'main' into users/shaopeng-gh/phpmd 2022-06-13 13:43:51 -07:00
Shaopeng Li 724a2029a2 Merge branch 'users/shaopeng-gh/phpmd' of https://github.com/shaopeng-gh/starter-workflows into users/shaopeng-gh/phpmd 2022-06-13 13:38:12 -07:00
Shaopeng Li a0d1fc31f7 Add what PHPMD does 2022-06-13 13:38:09 -07:00
SOOS-JAlvarez 66d01dd6da code review - put exact hash of release 2022-06-13 08:50:37 -03:00
SOOS-JAlvarez 5f8fa2190b use codeql upload sarif action 2022-06-10 15:31:19 -03:00
Noah Irwin ad064a4af4 Updates from PR feedback 2022-06-10 11:35:06 +01:00