From 0283bcffe276b5475f0a6d2599d54be16f866b19 Mon Sep 17 00:00:00 2001 From: "whitesource-bolt-for-github[bot]" <42819689+whitesource-bolt-for-github[bot]@users.noreply.github.com> Date: Fri, 7 Feb 2020 15:40:22 +0000 Subject: [PATCH 1/6] Add .whitesource configuration file --- .whitesource | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 .whitesource diff --git a/.whitesource b/.whitesource new file mode 100644 index 00000000000..e0aaa3e9eba --- /dev/null +++ b/.whitesource @@ -0,0 +1,8 @@ +{ + "checkRunSettings": { + "vulnerableCheckRunConclusionLevel": "failure" + }, + "issueSettings": { + "minSeverityLevel": "LOW" + } +} \ No newline at end of file From cf5fbadb610ff837459c4e19b2bcc1aea94b7f13 Mon Sep 17 00:00:00 2001 From: Techini Date: Fri, 7 Feb 2020 13:35:42 -0500 Subject: [PATCH 2/6] Create .sonarcloud.properties --- .sonarcloud.properties | 1 + 1 file changed, 1 insertion(+) create mode 100644 .sonarcloud.properties diff --git a/.sonarcloud.properties b/.sonarcloud.properties new file mode 100644 index 00000000000..8b137891791 --- /dev/null +++ b/.sonarcloud.properties @@ -0,0 +1 @@ + From 033f7d1564d52013d5dc1db1e49ce3e92d5b7dce Mon Sep 17 00:00:00 2001 From: Techini Date: Fri, 7 Feb 2020 13:58:41 -0500 Subject: [PATCH 3/6] Create secret --- .github/workflows/secret | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 .github/workflows/secret diff --git a/.github/workflows/secret b/.github/workflows/secret new file mode 100644 index 00000000000..5d971588224 --- /dev/null +++ b/.github/workflows/secret @@ -0,0 +1,8 @@ +workflow "Find Secrets" { + on = "push" + resolves = ["max/secret-scan"] +} + +action "max/secret-scan" { + uses = "max/secret-scan@master" +} From 624668fdbaaa727eff40dc60da884987d1392675 Mon Sep 17 00:00:00 2001 From: Techini Date: Fri, 7 Feb 2020 13:59:17 -0500 Subject: [PATCH 4/6] Delete secret --- .github/workflows/secret | 8 -------- 1 file changed, 8 deletions(-) delete mode 100644 .github/workflows/secret diff --git a/.github/workflows/secret b/.github/workflows/secret deleted file mode 100644 index 5d971588224..00000000000 --- a/.github/workflows/secret +++ /dev/null @@ -1,8 +0,0 @@ -workflow "Find Secrets" { - on = "push" - resolves = ["max/secret-scan"] -} - -action "max/secret-scan" { - uses = "max/secret-scan@master" -} From 7aa37b566270097d935ac2cb04740af1c7d58af6 Mon Sep 17 00:00:00 2001 From: Techini Date: Sun, 30 Aug 2020 07:24:42 -0400 Subject: [PATCH 5/6] Create codeql-analysis.yml --- .github/workflows/codeql-analysis.yml | 62 +++++++++++++++++++++++++++ 1 file changed, 62 insertions(+) create mode 100644 .github/workflows/codeql-analysis.yml diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml new file mode 100644 index 00000000000..aa3bb9bf278 --- /dev/null +++ b/.github/workflows/codeql-analysis.yml @@ -0,0 +1,62 @@ +name: "CodeQL" + +on: + push: + branches: [master] + pull_request: + # The branches below must be a subset of the branches above + branches: [master] + schedule: + - cron: '0 2 * * 5' + +jobs: + analyze: + name: Analyze + runs-on: ubuntu-latest + + strategy: + fail-fast: false + matrix: + # Override automatic language detection by changing the below list + # Supported options are ['csharp', 'cpp', 'go', 'java', 'javascript', 'python'] + language: ['javascript'] + # Learn more... + # https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#overriding-automatic-language-detection + + steps: + - name: Checkout repository + uses: actions/checkout@v2 + with: + # We must fetch at least the immediate parents so that if this is + # a pull request then we can checkout the head. + fetch-depth: 2 + + # If this run was triggered by a pull request event, then checkout + # the head of the pull request instead of the merge commit. + - run: git checkout HEAD^2 + if: ${{ github.event_name == 'pull_request' }} + + # Initializes the CodeQL tools for scanning. + - name: Initialize CodeQL + uses: github/codeql-action/init@v1 + with: + languages: ${{ matrix.language }} + + # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). + # If this step fails, then you should remove it and run the build manually (see below) + - name: Autobuild + uses: github/codeql-action/autobuild@v1 + + # ℹī¸ Command-line programs to run using the OS shell. + # 📚 https://git.io/JvXDl + + # ✏ī¸ If the Autobuild fails above, remove it and uncomment the following three lines + # and modify them (or add more) to build your code if your project + # uses a compiled language + + #- run: | + # make bootstrap + # make release + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v1 From 160cc76943f31563a027b66a9bee4083172f0971 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 20 Nov 2020 00:50:05 +0000 Subject: [PATCH 6/6] fix: frontend/package.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-Y18N-1021887 --- frontend/package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/frontend/package.json b/frontend/package.json index d39ccacad99..5a393537c76 100644 --- a/frontend/package.json +++ b/frontend/package.json @@ -17,7 +17,7 @@ "@angular/cli": "^8.3.20", "@angular/common": "^8.2.14", "@angular/compiler": "^8.2.14", - "@angular/compiler-cli": "^8.2.14", + "@angular/compiler-cli": "^11.0.2", "@angular/core": "^8.2.14", "@angular/flex-layout": "8.0.0-beta.27", "@angular/forms": "^8.2.14",