Commit Graph

563 Commits

Author SHA1 Message Date
Ilya Khivrich 7f50c70218 pass token over stdin, add security to properties 2024-10-22 11:53:35 +03:00
Ilya Khivrich 09fa3b9723 add jfrog-sast flow 2024-10-21 23:01:52 +03:00
ginilpg 666350e29b Added appknox.yml for code scanning (#2498)
Create appknox.json

Create appknox.svg

Update appknox.json

Update appknox.svg

Rename appknox.json to appknox.properties.json

Update appknox.yml

Update appknox.yml

Update appknox.properties.json

Formatting yml

Removed preview mode from appknox scanner

Removed preview mode from appknox scanner

Add Appknox starter workflow (#2447)

* Added appknox.yml for code scanning

* Create appknox.json

* Create appknox.svg

* Update appknox.json

* Update appknox.svg

* Rename appknox.json to appknox.properties.json

* Update appknox.yml

* Update appknox.yml

* Update appknox.properties.json

* Formatting yml

removed preview mode

removed preview mode

precommit lint
2024-09-17 13:50:21 -05:00
Andrew Eisenberg dea60ba593 Update code-scanning/eslint.yml 2024-09-11 11:12:06 -07:00
Andrew Eisenberg 9d2ae7c028 Update appknox.yml
Fix more whitespace issues.
2024-09-10 11:50:28 -07:00
Andrew Eisenberg ddb47be888 Update appknox.yml
Fix linting errors (remove whitespace).
2024-09-10 11:46:17 -07:00
Andrew Eisenberg 53980cb868 Update eslint.yml
Ensure suppressed warnings don't make it into the SARIF.
2024-09-10 11:10:00 -07:00
ginilpg 9db23a2437 Add Appknox starter workflow (#2447)
* Added appknox.yml for code scanning

* Create appknox.json

* Create appknox.svg

* Update appknox.json

* Update appknox.svg

* Rename appknox.json to appknox.properties.json

* Update appknox.yml

* Update appknox.yml

* Update appknox.properties.json

* Formatting yml
2024-09-10 09:41:53 -05:00
Chad Bentz 6ac176a96e CodeQL - Add unique name vs default setup 2024-08-23 10:49:57 -04:00
Ian Lynagh ba125834f1 CodeQL: Remove Swift 2h timeout
Spurious intermittent timeouts are no longer expected on Swift.
2024-08-20 12:06:59 +01:00
Michael Chernov 83b6e98d43 Add Debricked starter workflow (#2107)
* Add Debricked starter workflow

* Add permissions section

* Remove schedule

* Fix review comments

---------

Co-authored-by: Alexis Abril <alexisabril@github.com>
2024-08-16 10:16:20 -05:00
SOOS-GSteen af1bbdc430 Update soos-dast-scan.yml hash (#2466)
* Update soos-dast-scan.yml

* Update soos-dast-scan.yml

* Update soos-dast-scan.yml

* Update soos-dast-scan.yml
2024-08-16 10:10:57 -05:00
Jacob Wallraff 81a51b81d8 Merge branch 'main' into main 2024-08-01 14:50:04 -07:00
Jacob Wallraff aa685e127e Merge branch 'main' into bump-frogbot 2024-07-31 16:58:12 -07:00
Jacob Wallraff e1c2a477dd Merge branch 'main' into bump-actions-upload-sarif 2024-07-30 10:41:29 -07:00
Jacob Wallraff 1e293eebe5 Merge branch 'main' into bump-actions-setup-node 2024-07-30 10:38:56 -07:00
Jacob Wallraff 7be9afd1d3 Merge branch 'main' into bump-actions-setup-java 2024-07-30 10:37:42 -07:00
Jacob Wallraff a256a78ce8 Merge branch 'main' into bump-actions-setup-dotnet 2024-07-30 10:35:14 -07:00
Jacob Wallraff fe6ffc79e3 Merge branch 'main' into bump-actions-setup-dotnet 2024-07-30 10:21:02 -07:00
Jacob Wallraff 47f69d786f Revert "Artifacts: Update all workflows to use Artifacts V4" 2024-07-30 10:17:07 -07:00
Josh Soref 570cd926cd Switch github upload sarif to tag
GitHub owed actions are allowed to use tags instead of SHAs

Co-authored-by: Jacob Wallraff <thyeggman@github.com>
2024-07-29 14:37:50 -04:00
Jacob Wallraff 04bebdd039 Merge branch 'main' into bump-actions-setup-node 2024-07-29 10:04:36 -07:00
Jacob Wallraff bb5f99bd4f Merge branch 'main' into bump-actions-setup-java 2024-07-29 10:03:02 -07:00
Jacob Wallraff 309e783fdd Merge branch 'main' into bump-actions-setup-dotnet 2024-07-29 10:02:03 -07:00
Jacob Wallraff 9be7944e1d Merge branch 'main' into bump-actions-load-artifact 2024-07-29 10:01:18 -07:00
Josh Soref 763a1a60f8 Upload-Sarif: Update all workflows to use Upload-Sarif V3 2024-07-25 09:43:06 -04:00
yahavi eb0381de25 Update to 2.21.2 2024-06-28 15:56:30 +03:00
Yahav Itschak a2d9dce826 Merge branch 'main' into bump-frogbot 2024-06-28 15:54:25 +03:00
alankuo-aws 647cac4f34 Update policy validator starter workflows (#2433)
* Update policy validator starter workflows

* Fix reference policy argument
2024-06-17 15:32:21 -05:00
Antoine Vinot 9f1db53454 Update sonarcloud.yml after latest release of the action (#2405)
Co-authored-by: Alexis Abril <alexisabril@github.com>
2024-06-03 13:58:42 -05:00
yahavi de925c96d9 Frogbot: Update to 2.21.0 2024-06-01 18:58:42 +03:00
Ross Rogers 7ea2dd7e08 Update Mayhem for API to reference new site 2024-05-21 14:38:32 -07:00
Marco Gario 899b09ba54 Merge branch 'main' into patch-5 2024-05-13 11:29:02 +02:00
Dylan 6702f0d2e3 Fortify Starter Workflow to use new Fortify AST Action (#2245)
* Update Fortify logo

* Update fortify workflow

Update positioning, Github action versions, Java version and add in Debricked packaging support

* Update fortify.properties.json

Update languages and creator

* Update fortify.yml

Update triggers based on latest starter workflow guidelines

* Update code-scanning/fortify.yml

Co-authored-by: James M. Greene <JamesMGreene@github.com>

* Update code-scanning/fortify.yml

Co-authored-by: James M. Greene <JamesMGreene@github.com>

* Update code-scanning/properties/fortify.properties.json

Co-authored-by: James M. Greene <JamesMGreene@github.com>

* Update code-scanning/fortify.yml

Co-authored-by: James M. Greene <JamesMGreene@github.com>

* Update code-scanning/fortify.yml

Co-authored-by: James M. Greene <JamesMGreene@github.com>

* Update code-scanning/fortify.yml

Co-authored-by: James M. Greene <JamesMGreene@github.com>

* Update fortify.yml

* Update fortify.properties.json

* Update fortify.yml

Update starter workflow to use new unified Fortify AST Action

* Update fortify.yml

* Update fortify.yml

* Update fortify.yml

Refine workflow comments

* Update fortify.yml

Bump checkout action version

* Update fortify.yml

* Update fortify.yml

* Update fortify.yml

One final clean up

* Update fortify.properties.json

* Update fortify.yml

* Update fortify.yml

* Update fortify.properties.json

Update with support for Bicep and Solidity

* Update fortify.properties.json

Uppercase "Solidity" for consistency

* Change v1 to commit hash

---------

Co-authored-by: James M. Greene <JamesMGreene@github.com>
Co-authored-by: Ruud Senden <8635138+rsenden@users.noreply.github.com>
2024-05-06 13:57:14 +00:00
Chad Bentz b30fbdf5f2 Specify bash shell so that it doesn't fail if switching to 'windows` 2024-05-02 10:59:15 -04:00
Josh Soref 1830845916 Setup-Node: Update all workflows to use Setup-Node V4
* Switch default node version to 20
* Update version set to 18.x, 20.x, 22.x

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
2024-04-25 17:42:55 -04:00
Josh Soref d51dfabea2 Artifacts: Update all workflows to use Artifacts V4
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
2024-04-25 16:11:16 -04:00
Josh Soref 545832af8b Setup-Dotnet: Update all workflows to Setup-Dotnet V4 2024-04-25 14:27:37 -04:00
Josh Soref 37d6de723e Setup-Java: Update all workflows to use Setup-Java V4
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
2024-04-25 14:15:25 -04:00
Dan Rigby 8ff5c7e7bb Merge branch 'main' into bump-actions 2024-04-25 12:51:52 -04:00
mponaws ac9c407320 Add starter-workflows for Policy Validator (#2375)
* Add starter-workflows for Policy Validator

* Add starter-workflows for Policy Validator

* Add starter-workflows for Policy Validator, removed references to GitHub secrets & S3 to keep it simple
2024-04-18 14:39:17 -05:00
Marco Gario a3194f5b47 Update CodeQL workflow to use packages:read permission.
Co-authored-by: Anders Starcke Henriksen <starcke@github.com>
2024-04-11 09:42:21 +02:00
Rex P ca5bcdc693 Add OSV-Scanner code scanning workflow (#2350)
* Add OSV-Scanner code scanning workflow

* Update code-scanning/osv-scanner.yml

Co-authored-by: Alexis Abril <alexisabril@github.com>

---------

Co-authored-by: Alexis Abril <alexisabril@github.com>
2024-04-09 22:21:33 -05:00
Josh Soref cd4b67d0b4 Checkout: Update all workflows to use Checkout V4 2024-04-05 15:29:37 -04:00
Issy Long 31a3e00dab codeql: Clarify that hosted larger runners only exist on GHEC
- Part of https://github.com/github/code-scanning/issues/13748.
2024-04-03 10:23:11 +01:00
SOOS-GSteen efd31e5f0f update soos dash action commit hash / sarif action version / logo (#2317)
* Update soos-dast-scan.yml

* Update soos-dast-scan.yml

* Update soos.svg

* Update code-scanning/soos-dast-scan.yml

Co-authored-by: Alexis Abril <alexisabril@github.com>

---------

Co-authored-by: Alexis Abril <alexisabril@github.com>
2024-04-01 15:11:05 -05:00
Spencer Schrock 4620c76b38 update Scorecard Action hashes and version comments (#2348)
* update action hashes and version comments

ossf/scorecard-action v2.1.2 is old and doesnt work after a Sigstore
change. https://blog.sigstore.dev/tuf-root-update/

Signed-off-by: Spencer Schrock <sschrock@google.com>

* downgrade actions/upload-artifact to node20 version of v3

dependabot will suggest upgrade to v4.3.1 for repos that can upgrade.
note: v3.pre.node20 is how dependabot refers to the pinned hash, so
use that so it can upgrade the comment

Signed-off-by: Spencer Schrock <sschrock@google.com>

* upgrade github/codeql-action/upload-sarif to v3.24.9

Signed-off-by: Spencer Schrock <sschrock@google.com>

---------

Signed-off-by: Spencer Schrock <sschrock@google.com>
Co-authored-by: Alexis Abril <alexisabril@github.com>
2024-03-27 13:25:03 -07:00
Andreas Deininger 831e9cb8e4 Bump workflow actions of various starter files (#2210) 2024-03-27 10:51:41 -07:00
Marco Gario fdbad9c74f Update codeql.yml
links to docs
2024-03-26 13:45:32 +01:00
Marco Gario 97c6254b5e Merge branch 'main' into update_codeql_template 2024-03-26 13:35:12 +01:00