pimhwang
/
ILSpy
mirror of https://github.com/icsharpcode/ILSpy.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Update Scorecard actions versions and apply Zizmor offline findings (#3365) 

* Update scorecard.yml actions versions
* Zizmor offline analysis findings
pull/3366/head
Christoph Wille 4 months ago committed by GitHub
parent
1263f48dc0
commit
3a809d7b53
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
5 changed files with 9 additions and 3 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      .github/workflows/build-frontends.yml
  2. 1
      .github/workflows/build-ilspy.yml
  3. 1
      .github/workflows/codeql-analysis.yml
  4. 1
      .github/workflows/generate-bom.yml
  5. 7
      .github/workflows/scorecard.yml

2
.github/workflows/build-frontends.yml
Unescape View File

@ -17,6 +17,8 @@ jobs: @@ -17,6 +17,8 @@ jobs:
- uses: actions/checkout@v4
with:
fetch-depth: 0
persist-credentials: false
- uses: actions/setup-dotnet@v4
with:
dotnet-version: '8.0.x'

1
.github/workflows/build-ilspy.yml
Unescape View File

@ -30,6 +30,7 @@ jobs: @@ -30,6 +30,7 @@ jobs:
with:
submodules: true
fetch-depth: 0
persist-credentials: false
- uses: actions/setup-dotnet@v4
with:

1
.github/workflows/codeql-analysis.yml
Unescape View File

@ -28,6 +28,7 @@ jobs: @@ -28,6 +28,7 @@ jobs:
uses: actions/checkout@v4
with:
fetch-depth: 0
persist-credentials: false
- name: Initialize CodeQL
uses: github/codeql-action/init@v3

1
.github/workflows/generate-bom.yml
Unescape View File

@ -17,6 +17,7 @@ jobs: @@ -17,6 +17,7 @@ jobs:
- uses: actions/checkout@v4
with:
submodules: true
persist-credentials: false
- name: Install CycloneDX
run: dotnet tool install --global CycloneDX

7
.github/workflows/scorecard.yml
Unescape View File

@ -1,4 +1,5 @@ @@ -1,4 +1,5 @@
name: Scorecard supply-chain security
on:
# For Branch-Protection check. Only the default branch is supported. See
# https://github.com/ossf/scorecard/blob/main/docs/checks.md#branch-protection (disabled)
@ -23,19 +24,19 @@ jobs: @@ -23,19 +24,19 @@ jobs:
steps:
- name: "Checkout code"
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
uses: actions/checkout@v4
with:
persist-credentials: false
- name: "Run analysis"
uses: ossf/scorecard-action@0864cf19026789058feabb7e87baa5f140aac736 # v2.3.1
uses: ossf/scorecard-action@v2.4.0 # https://github.com/marketplace/actions/ossf-scorecard-action
with:
results_file: results.sarif
results_format: sarif
publish_results: true
- name: "Upload artifact"
uses: actions/upload-artifact@97a0fba1372883ab732affbe8f94b823f91727db # v3.pre.node20
uses: actions/upload-artifact@v4
with:
name: SARIF file
path: results.sarif

Write Preview
Loading…
Cancel
Save