Juri Burakov
82af7bd2a8
Create xanitizer-analysis.yml
2021-10-05 18:52:38 +03:00
Juri Burakov
ed87561059
Create veracode-analysis.yml
2021-10-05 18:52:29 +03:00
Juri Burakov
0262880861
Create snyk-infrastructure-analysis.yml
2021-10-05 18:52:05 +03:00
Juri Burakov
8e09aabe01
Create semgrep-analysis.yml
2021-10-05 18:51:33 +03:00
Juri Burakov
e4f8eacb93
Create ossar-analysis.yml
2021-10-05 18:51:23 +03:00
Juri Burakov
3a8a3c6992
Create njsscan-analysis.yml
2021-10-05 18:50:53 +03:00
Juri Burakov
c1786275f7
Create mayhem-for-api-analysis.yml
2021-10-05 18:50:44 +03:00
Juri Burakov
3f78c19f63
Create kubesec-analysis.yml
2021-10-05 18:50:34 +03:00
Juri Burakov
4201ddca39
Create fortify-analysis.yml
2021-10-05 18:50:25 +03:00
Juri Burakov
70b500fa76
Create devskim-analysis.yml
2021-10-05 18:50:12 +03:00
Juri Burakov
c780d1c47d
Create checkmarx-analysis.yml
2021-10-05 18:49:51 +03:00
Juri Burakov
4c80ed3dc1
Create codescan-analysis.yml
2021-10-05 18:49:42 +03:00
Juri Burakov
2bf9babf87
Create codacy-analysis.yml
2021-10-05 18:49:32 +03:00
Juri Burakov
5a06639c05
Create crunch42-analysis.yml
2021-10-05 18:49:22 +03:00
Juri Burakov
e82308b244
Set theme jekyll-theme-cayman
2021-10-05 18:36:43 +03:00
Juri Burakov
7d8cc4ccdd
Update issue templates
2021-10-05 18:34:41 +03:00
Juri Burakov
77fdb3833b
Create SECURITY.md
2021-10-05 18:32:47 +03:00
Brian Cristante
11e311c8b5
Remove path filters ( #229 )
2021-06-25 13:39:56 -04:00
Brian Cristante
317b58f0d1
Fix YAML types in licensed.yml ( #228 )
...
* fix YAML types in licensed.yml
* Update .github/workflows/licensed.yml
Co-authored-by: Josh Gross <joshmgross@github.com>
* formatting
Co-authored-by: Josh Gross <joshmgross@github.com>
2021-06-24 11:52:33 -04:00
Brian Cristante
8d06e6c094
Create check-dist.yml ( #227 )
...
* Create check-dist.yml
* steps.if still needs ${{ }} when the expr has operators
* single quotes?
* npm install
* mess with index.js
* add if failure()
* Copy the correct version back in from the artifact
* Update .github/workflows/check-dist.yml
Co-authored-by: Konrad Pabjan <konradpabjan@github.com>
* formatting & language
* npm ci
Co-authored-by: Konrad Pabjan <konradpabjan@github.com>
2021-06-24 11:38:43 -04:00
Brian Cristante
27121b0bdf
Ingest v0.5.2 of @actions/artifact ( #224 )
...
* npm install --update @actions/artifact
* update .license file
* npm run release
2021-06-16 11:09:14 -04:00
dependabot[bot]
4537e112f4
Bump ws from 7.2.3 to 7.5.0 ( #221 )
...
Bumps [ws](https://github.com/websockets/ws ) from 7.2.3 to 7.5.0.
- [Release notes](https://github.com/websockets/ws/releases )
- [Commits](https://github.com/websockets/ws/compare/7.2.3...7.5.0 )
---
updated-dependencies:
- dependency-name: ws
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Brian Cristante <33549821+brcrista@users.noreply.github.com>
2021-06-16 10:34:57 -04:00
Brian Cristante
2368feccd5
Avoid triggering push for Dependabot branches (again) ( #223 )
2021-06-16 10:31:46 -04:00
dependabot[bot]
52a3c6b975
Bump glob-parent from 5.1.1 to 5.1.2 ( #219 )
...
Bumps [glob-parent](https://github.com/gulpjs/glob-parent ) from 5.1.1 to 5.1.2.
- [Release notes](https://github.com/gulpjs/glob-parent/releases )
- [Changelog](https://github.com/gulpjs/glob-parent/blob/main/CHANGELOG.md )
- [Commits](https://github.com/gulpjs/glob-parent/compare/v5.1.1...v5.1.2 )
---
updated-dependencies:
- dependency-name: glob-parent
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Brian Cristante <33549821+brcrista@users.noreply.github.com>
2021-06-16 10:19:08 -04:00
dependabot[bot]
76f4433885
Bump hosted-git-info from 2.8.5 to 2.8.9 ( #203 )
...
* Bump hosted-git-info from 2.8.5 to 2.8.9
Bumps [hosted-git-info](https://github.com/npm/hosted-git-info ) from 2.8.5 to 2.8.9.
- [Release notes](https://github.com/npm/hosted-git-info/releases )
- [Changelog](https://github.com/npm/hosted-git-info/blob/v2.8.9/CHANGELOG.md )
- [Commits](https://github.com/npm/hosted-git-info/compare/v2.8.5...v2.8.9 )
Signed-off-by: dependabot[bot] <support@github.com>
* Empty commit
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Brian Cristante <33549821+brcrista@users.noreply.github.com>
2021-06-16 10:15:16 -04:00
Brian Cristante
46426468d3
Merge pull request #222 from actions/brcrista/dependabot-push
...
Avoid triggering push for Dependabot branches
2021-06-16 10:08:56 -04:00
Brian Cristante
8507687653
avoid triggering push for Dependabot branches
2021-06-16 10:05:05 -04:00
Brian Cristante
0482dbbe7a
Merge pull request #202 from actions/dependabot/npm_and_yarn/lodash-4.17.21
...
Bump lodash from 4.17.19 to 4.17.21
2021-06-16 10:01:31 -04:00
Brian Cristante
58518184d2
Merge pull request #211 from JasonGross/patch-1
...
Fix the grammar in a warning message
2021-06-16 09:59:04 -04:00
Jason Gross
4db8255e70
Fix the grammar in a warning message
2021-05-23 08:33:18 -04:00
Robert Cannon
9243a41f97
Re-order example descriptions ( #209 )
...
Given the way that the two descriptions were written it was confusing about which example was being discussed (see specifically "In the above example in the previous version).
2021-05-21 19:28:43 +02:00
Remy Kabel
9dc0ee81a2
Fix spelling error ( #204 )
...
effect -> affect
2021-05-14 15:13:55 +02:00
dependabot[bot]
2e3d6da508
Bump lodash from 4.17.19 to 4.17.21
...
Bumps [lodash](https://github.com/lodash/lodash ) from 4.17.19 to 4.17.21.
- [Release notes](https://github.com/lodash/lodash/releases )
- [Commits](https://github.com/lodash/lodash/compare/4.17.19...4.17.21 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-05-11 12:10:04 +00:00
Konrad Pabjan
ee69f02b3d
Bump @actions/artifact to version 0.5.1 ( #189 )
...
* Bump @actions/artifact to version 0.5.1
* Update license versions
2021-04-06 16:47:26 -04:00
dependabot[bot]
bcd44ad93d
Bump y18n from 4.0.0 to 4.0.1 ( #186 )
...
Bumps [y18n](https://github.com/yargs/y18n ) from 4.0.0 to 4.0.1.
- [Release notes](https://github.com/yargs/y18n/releases )
- [Changelog](https://github.com/yargs/y18n/blob/master/CHANGELOG.md )
- [Commits](https://github.com/yargs/y18n/commits )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-06 14:57:20 -04:00
Yang Cao
ea3d524381
Merge pull request #173 from yacaovsnc/main
...
Display a warning if user tries to upload over 10000 files
2021-02-08 15:48:10 -05:00
Yang Cao
e95d1b9c8d
update index.js
2021-02-08 15:41:35 -05:00
Yang Cao
0fbc4b771a
Display a warning if user tries to upload over 10000 files
2021-02-08 15:09:20 -05:00
Robin Neatherway
a1af2e8f43
Add on: pull_request trigger to CodeQL workflow ( #165 )
...
From February 2021, in order to provide feedback on pull requests, Code Scanning workflows must be configured with both `push` and `pull_request` triggers. This is because Code Scanning compares the results from a pull request against the results for the base branch to tell you only what has changed between the two.
Early in the beta period we supported displaying results on pull requests for workflows with only `push` triggers, but have discontinued support as this proved to be less robust.
See https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#scanning-pull-requests for more information on how best to configure your Code Scanning workflows.
2021-01-15 12:19:21 +01:00
Konrad Pabjan
a4f98af3fa
Update README.md
2021-01-07 18:56:21 +01:00
Konrad Pabjan
16b8b2b2e7
Update where does the upload go section ( #162 )
2021-01-05 16:00:51 +01:00
Konrad Pabjan
e448a9b857
Add retries to all HTTP calls + resolve dependabot alerts ( #160 )
...
* Bump @actions/artifact to version 0.5.0
* Resolve dependabot alert for node-notifier
* Resolve dependabot alert for node-fetch
* Bump artifact.dep.yml
* Update http-client.dep.yml
2021-01-04 15:48:10 +01:00
Hugo van Kemenade
e6bd6b7749
Replace "file(s)" with "file" or "files" ( #159 )
2021-01-04 11:24:12 +01:00
Josh Gross
1fd4c858f9
Merge pull request #152 from actions/joshmgross/fix-codeowners
...
Fix CODEOWNERS team name
2020-12-07 14:24:45 -05:00
Josh Gross
a2af908e3a
Fix CODEOWNERS team name
2020-12-07 13:36:14 -05:00
Brian Cristante
928d1a16d9
Create CODEOWNERS ( #149 )
2020-11-25 15:24:41 -05:00
Konrad Pabjan
e4a7ffadfc
Update README with more retention documentation
2020-11-17 12:57:17 -05:00
Brian Westphal
726a6dcd01
Adding example of retention-days option. ( #131 )
2020-11-13 12:25:13 -05:00
Josh Gross
3db166e2ea
Merge pull request #145 from actions/joshmgross/update-actions-core
...
Update @actions/core to 1.2.6
2020-11-13 10:52:34 -05:00
Josh Gross
d86048c66c
Update @actions/core license
2020-11-12 16:46:49 -05:00