Commit Graph

452 Commits

Author SHA1 Message Date
Jamie Scott fae93dfd03 Update endorlabs.properties.json 2023-06-12 19:05:57 -07:00
Jamie Scott ea40b7a267 Update to commit sha 2023-06-06 20:22:38 -07:00
Jamie Scott 43f7851be3 Change to specified version 2023-06-06 20:20:00 -07:00
Jamie Scott 437d407a8a add Endor Labs 2023-06-06 16:22:48 -07:00
Issy Long 5eb502afa5 Merge branch 'main' into codeql-add-swift 2023-06-02 09:50:06 +01:00
Aditya Sharad b015c848b6 CodeQL: Reduce job timeout to 2h if the target language is Swift
Some projects observed intermittent build timeouts with Swift.
In case this happens, and our CodeQL-level mitigations do not prevent the problem, we want to avoid using up 6h of the customer's billed macOS Actions minutes (which is the default timeout), so we suggest a reduced timeout of 2h.

This value is chosen to accommodate the total job time (build + CodeQL extraction + CodeQL analysis) we expect for large Swift projects. We may choose to adjust it in future.
2023-05-22 10:10:15 -07:00
Aditya Sharad 73f69c4600 CodeQL: Run on macOS by default if the target language is Swift
CodeQL Swift analysis is best supported on macOS.

In preparation for CodeQL supporting Swift analysis in beta,
adjust the CodeQL starter workflow template to run the `swift` matrix job on `macos-latest`, and all other matrix jobs on
`ubuntu-latest`. This does not affect the matrix itself.
2023-04-17 12:06:44 -07:00
Issy Long b9b8227591 Add Swift to the list of CodeQL-supported languages
- This is in public beta.
2023-04-11 15:40:06 +01:00
なつき eeb9248ea6 Update ruby/setup-ruby for CVE-2023-28755 and CVE-2023-28756 2023-04-04 14:26:08 -07:00
James M. Greene ee942792c7 Merge branch 'main' into chore/replace-deprecated-command-with-environment-file 2023-03-14 00:23:56 -05:00
Omer Zidkoni c1b76c45d4 Frogbot update (#1980)
* Update Frogbot starter workflows

* Update

* Update Frogbot starter-workflows commit hash

---------

Co-authored-by: Sampark Sharma <phantsure@github.com>
2023-03-13 16:26:25 +05:30
Eric Fernandez 02af783829 Addition of snyk-security workflow to enable the Snyk platform from a single GitHub Action (#1939)
* Create snyk-security.properties.json

* Create snyk-security.yml

* Update snyk-security.yml

* Fix mispelling

Co-authored-by: Sampark Sharma <phantsure@github.com>

* Apply comments from PR

- Moved documentation link to the top
- Made `|| true` optional
- Added commit SHA for the Snyk GitHub Action

* Remove empty space

Co-authored-by: Sampark Sharma <phantsure@github.com>

* Remove empty space in line end

Co-authored-by: Sampark Sharma <phantsure@github.com>

* Update Categories

* Updated after running pre-commit linting

---------

Co-authored-by: Sampark Sharma <phantsure@github.com>
2023-03-07 16:22:52 +05:30
syed-imran da484b4eb5 Update apisec-scan.yml (#1898)
Co-authored-by: Sampark Sharma <phantsure@github.com>
2023-03-04 18:12:33 +05:30
jongwooo 44ca9a5fd1 Replace deprecated command with environment file 2023-02-28 00:18:12 +09:00
Tajinder Singh (TJ) 1d039e1607 fixed typo (#1942)
* fixed typo

* Update defender-for-devops.yml

* update to valid categories

* fixed request changes
2023-02-21 18:20:42 +05:30
Chris Carini 10f6091ee8 Update scorecard.yml with latest releases (#1944)
Update scorecard.yml with latest releases for ossf/scorecard-action & github/codeql-action/upload-sarif
2023-02-16 11:39:52 +05:30
Tajinder Singh (TJ) 62569bfea9 Add defender for devops workflow (#1940)
* Created new workflow for defender for devops

* Create defender-for-devops.properties.json

* fixed pr comments

* fixed linting issues

* fixed linting issues

* removed trailing white space

* changed from preview to v1.6.0
2023-02-15 17:57:26 +05:30
Omer Zidkoni dd99cc0733 Frogbot update (#1925)
* Update Frogbot starter workflows

* Update

* Update Frogbot starter-workflows commit hash
2023-02-08 17:49:57 +05:30
vitorveiga a248253343 Add Jscrambler Code Integrity starter workflow (#1893)
* Add Jscrambler Code Integrity starter workflow

* Use hash commit

* fix: missing permissions and improve description

* chore: move to code scanning category

* chore: workflow checks review
2023-01-31 16:25:13 +05:30
Robin Neatherway d92e1f890e Correct indentation of "run" example 2023-01-23 15:56:27 +00:00
Bishal Prasad 96f31daf69 Try to fix lint error (#1914) 2023-01-23 11:10:50 +05:30
Paul Hodgkinson a3c3cf245c Added Bandit starter workflow and properties file (#1859)
* Added Bandit starter workflow and properties file. Python security scanner, Action by a Hubber, wraps free tool

* Set icon name to one in the icons folder

* Switched to Bandit's own SVG icon

* Added workflow disclaimer

* Fixed author name

Co-authored-by: Sampark Sharma <phantsure@github.com>
2023-01-12 16:27:17 +05:30
Gabriela Gutierrez 9f245d9aba Update 'Scorecards' occurrences to 'Scorecard' (#1889)
* Update Scorecard naming occurences

Signed-off-by: Gabriela Gutierrez <gabigutierrez@google.com>

* Update Scorecard icon naming

Signed-off-by: Gabriela Gutierrez <gabigutierrez@google.com>

* Update Scorecard workflow naming

Signed-off-by: Gabriela Gutierrez <gabigutierrez@google.com>

Signed-off-by: Gabriela Gutierrez <gabigutierrez@google.com>
Co-authored-by: Sampark Sharma <phantsure@github.com>
2023-01-03 13:49:28 +05:30
Matt Wang 65ce1d1247 Update all pinned versions of ruby/setup-ruby to latest (#1869) 2022-12-20 10:22:40 +01:00
Chris Gavin 95cee2a6f2 Add Kotlin to CodeQL supported languages. 2022-12-14 12:23:14 +00:00
Sampark Sharma 09f1d3bf86 Merge branch 'main' into phantsure/lint-fix 2022-12-13 18:04:36 +05:30
Sampark Sharma c363441cf9 Merge branch 'main' into patch-1 2022-12-13 17:59:18 +05:30
SOOS-JAlvarez 1006a379d3 linter 2022-12-13 08:40:14 -03:00
SOOS-JAlvarez babc52e1e2 Merge branch 'main' into soos-dast-update 2022-12-13 08:38:36 -03:00
SOOS-JAlvarez 5f790e392e update soos dast to latest version 2022-12-12 16:44:33 -03:00
Florin Coada 9e27144d52 Add explanation on which value to use to scan Kotlin and TypeScript
Added comments explaining which values should be used if the user would like to scan Kotlin or TypeScript.
2022-12-09 15:35:44 +00:00
hadar-co bf83018c61 Update code-scanning/datree.yml
Co-authored-by: Sampark Sharma <phantsure@github.com>
2022-12-08 09:57:36 +02:00
hadar-co eaef38b7d5 fix workflow 2022-12-08 09:56:22 +02:00
hadar-co 2fe9028318 fix workflow 2022-12-08 09:56:22 +02:00
hadar-co b79ff384b9 add Datree 2022-12-08 09:56:22 +02:00
hadar-co 384d799f2c add Datree 2022-12-08 09:56:22 +02:00
Sampark Sharma 1899cb6891 Fix whitespaces 2022-12-08 06:10:22 +00:00
Sampark Sharma c1d13cba2f Merge branch 'main' into phantsure/lint-fix 2022-12-08 11:39:46 +05:30
Sampark Sharma 2a767a8215 Merge branch 'main' into main 2022-12-07 17:57:29 +05:30
Christophe H 0cd0541922 added SHA to action definition 2022-12-01 17:13:18 +01:00
Christophe H db5c5c4b5e Apply suggestions from code review
Co-authored-by: Sampark Sharma <phantsure@github.com>
2022-12-01 17:08:17 +01:00
Sampark Sharma 6adaff50c1 Fix no newline at EOF 2022-11-30 10:26:21 +00:00
Sampark Sharma 1716d2dcd6 Fix whitespace lint 2022-11-30 10:21:45 +00:00
laurentsimon edcef6ec3e update 2022-11-22 19:23:58 +00:00
Sampark Sharma 32f8856bb8 Merge branch 'main' into soosdast 2022-11-10 19:18:07 +05:30
Sampark Sharma 50e278e682 Merge branch 'main' into main 2022-11-10 19:16:05 +05:30
Sampark Sharma cbc70bf7f9 Merge branch 'main' into jorgectf/yaml-check 2022-11-09 16:59:00 +05:30
SOOS-JAlvarez faccf94fad Merge branch 'main' into soosdast 2022-11-08 19:50:47 -03:00
SOOS-JAlvarez 4050b957a2 update soos dast version 2022-11-08 15:34:49 -03:00
Omer Zidkoni 0872e2d9b2 Merge branch 'main' into main 2022-11-08 16:07:00 +02:00