From 53980cb868e646a5e8c7881a33599f3287729eb7 Mon Sep 17 00:00:00 2001 From: Andrew Eisenberg Date: Tue, 10 Sep 2024 11:10:00 -0700 Subject: [PATCH 1/4] Update eslint.yml Ensure suppressed warnings don't make it into the SARIF. --- code-scanning/eslint.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/code-scanning/eslint.yml b/code-scanning/eslint.yml index 7304e8358a..4c34d46ddb 100644 --- a/code-scanning/eslint.yml +++ b/code-scanning/eslint.yml @@ -36,6 +36,8 @@ jobs: npm install @microsoft/eslint-formatter-sarif@2.1.7 - name: Run ESLint + env: + SARIF_ESLINT_IGNORE_SUPPRESSED: "true" run: npx eslint . --config .eslintrc.js --ext .js,.jsx,.ts,.tsx @@ -47,4 +49,4 @@ jobs: uses: github/codeql-action/upload-sarif@v3 with: sarif_file: eslint-results.sarif - wait-for-processing: true \ No newline at end of file + wait-for-processing: true From ddb47be88806996b76adbe1a1cb77d51be4925d8 Mon Sep 17 00:00:00 2001 From: Andrew Eisenberg Date: Tue, 10 Sep 2024 11:46:17 -0700 Subject: [PATCH 2/4] Update appknox.yml Fix linting errors (remove whitespace). --- code-scanning/appknox.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/code-scanning/appknox.yml b/code-scanning/appknox.yml index 0282b6cff7..7c4b5065d5 100644 --- a/code-scanning/appknox.yml +++ b/code-scanning/appknox.yml @@ -11,12 +11,12 @@ # # Instructions: # -# 1. In your repository settings, navigate to 'Secrets' and click on 'New repository secret.' Name the -# secret APPKNOX_ACCESS_TOKEN and paste your appknox user token into the value field. If you don't have a appknox token -# or need to generate a new one for GitHub, visit the Appknox Platform, go to Account Settings->Developer Settings +# 1. In your repository settings, navigate to 'Secrets' and click on 'New repository secret.' Name the +# secret APPKNOX_ACCESS_TOKEN and paste your appknox user token into the value field. If you don't have a appknox token +# or need to generate a new one for GitHub, visit the Appknox Platform, go to Account Settings->Developer Settings # and create a token labeled GitHub # -# 2. Refer to the detailed workflow below, make any required adjustments, and then save it to your repository. After the +# 2. Refer to the detailed workflow below, make any required adjustments, and then save it to your repository. After the # action executes, check the 'Security' tab for results name: Appknox @@ -37,10 +37,10 @@ jobs: java-version: 1.8 - name: Grant execute permission for gradlew run: chmod +x gradlew - + - name: Build the app run: ./gradlew build # Update this to build your Android or iOS application - + - name: Appknox GitHub action uses: appknox/appknox-github-action@b7d2bfb2321d5544e97bffcba48557234ab953a4 with: @@ -48,7 +48,7 @@ jobs: file_path: app/build/outputs/apk/debug/app-debug.apk # Specify the path to your .ipa or .apk here risk_threshold: MEDIUM # Update this to desired risk threshold [LOW, MEDIUM, HIGH, CRITICAL] sarif: Enable - + - name: Upload SARIF to GHAS if: always() uses: github/codeql-action/upload-sarif@v3 From 9d2ae7c02812c6bcf7c52ea07edbd40ac70515a5 Mon Sep 17 00:00:00 2001 From: Andrew Eisenberg Date: Tue, 10 Sep 2024 11:50:28 -0700 Subject: [PATCH 3/4] Update appknox.yml Fix more whitespace issues. --- code-scanning/appknox.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/code-scanning/appknox.yml b/code-scanning/appknox.yml index 7c4b5065d5..15d51e0b10 100644 --- a/code-scanning/appknox.yml +++ b/code-scanning/appknox.yml @@ -25,7 +25,7 @@ on: push: branches: [ $default-branch, $protected-branches ] pull_request: - branches: [ $default-branch ] + branches: [ $default-branch ] jobs: appknox: runs-on: ubuntu-latest From dea60ba593828d8920e6169345ef3c469b80798d Mon Sep 17 00:00:00 2001 From: Andrew Eisenberg Date: Wed, 11 Sep 2024 11:12:06 -0700 Subject: [PATCH 4/4] Update code-scanning/eslint.yml --- code-scanning/eslint.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/code-scanning/eslint.yml b/code-scanning/eslint.yml index 4c34d46ddb..b0aaeb3180 100644 --- a/code-scanning/eslint.yml +++ b/code-scanning/eslint.yml @@ -33,7 +33,7 @@ jobs: - name: Install ESLint run: | npm install eslint@8.10.0 - npm install @microsoft/eslint-formatter-sarif@2.1.7 + npm install @microsoft/eslint-formatter-sarif@3.1.0 - name: Run ESLint env: