Skip to content

Commit

Permalink
Remove extra whitespaces
Browse files Browse the repository at this point in the history
  • Loading branch information
jorgectf committed Nov 4, 2022
1 parent 9a49c6d commit 0b50b4b
Show file tree
Hide file tree
Showing 56 changed files with 140 additions and 141 deletions.
6 changes: 3 additions & 3 deletions .github/dependabot.yml
Original file line number Diff line number Diff line change
Expand Up @@ -5,12 +5,12 @@

version: 2
updates:
- package-ecosystem: "npm"
- package-ecosystem: "npm"
directory: "/"
schedule:
interval: "weekly"
- package-ecosystem: "github-actions"

- package-ecosystem: "github-actions"
directory: "/"
schedule:
interval: "weekly"
2 changes: 1 addition & 1 deletion ci/ada.yml
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ jobs:

- name: Set up GNAT toolchain
run: >
sudo apt-get update &&
sudo apt-get update &&
sudo apt-get install gnat gprbuild
- name: Build
Expand Down
4 changes: 2 additions & 2 deletions ci/cmake.yml
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ jobs:

- name: Test
working-directory: ${{github.workspace}}/build
# Execute tests defined by the CMake configuration.
# Execute tests defined by the CMake configuration.
# See https://cmake.org/cmake/help/latest/manual/ctest.1.html for more detail
run: ctest -C ${{env.BUILD_TYPE}}

8 changes: 4 additions & 4 deletions ci/go-ossf-slsa3-publish.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,10 +3,10 @@
# separate terms of service, privacy policy, and support
# documentation.

# This workflow lets you compile your Go project using a SLSA3 compliant builder.
# This workflow will generate a so-called "provenance" file describing the steps
# This workflow lets you compile your Go project using a SLSA3 compliant builder.
# This workflow will generate a so-called "provenance" file describing the steps
# that were performed to generate the final binary.
# The project is an initiative of the OpenSSF (openssf.org) and is developed at
# The project is an initiative of the OpenSSF (openssf.org) and is developed at
# https://github.com/slsa-framework/slsa-github-generator.
# The provenance file can be verified using https://github.com/slsa-framework/slsa-verifier.
# For more information about SLSA and how it improves the supply-chain, visit slsa.dev.
Expand All @@ -21,7 +21,7 @@ permissions: read-all

jobs:
# ========================================================================================================================================
# Prerequesite: Create a .slsa-goreleaser.yml in the root directory of your project.
# Prerequesite: Create a .slsa-goreleaser.yml in the root directory of your project.
# See format in https://github.com/slsa-framework/slsa-github-generator/blob/main/internal/builders/go/README.md#configuration-file
#=========================================================================================================================================
build:
Expand Down
8 changes: 4 additions & 4 deletions ci/makefile.yml
Original file line number Diff line number Diff line change
Expand Up @@ -13,15 +13,15 @@ jobs:

steps:
- uses: actions/checkout@v3

- name: configure
run: ./configure

- name: Install dependencies
run: make

- name: Run check
run: make check

- name: Run distcheck
run: make distcheck
2 changes: 1 addition & 1 deletion ci/npm-grunt.yml
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ jobs:
strategy:
matrix:
node-version: [14.x, 16.x, 18.x]

steps:
- uses: actions/checkout@v3

Expand Down
2 changes: 1 addition & 1 deletion ci/npm-gulp.yml
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ jobs:
strategy:
matrix:
node-version: [14.x, 16.x, 18.x]

steps:
- uses: actions/checkout@v3

Expand Down
2 changes: 1 addition & 1 deletion ci/webpack.yml
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ jobs:
strategy:
matrix:
node-version: [14.x, 16.x, 18.x]

steps:
- uses: actions/checkout@v3

Expand Down
6 changes: 3 additions & 3 deletions code-scanning/apisec-scan.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,8 @@
# separate terms of service, privacy policy, and support
# documentation.

# APIsec addresses the critical need to secure APIs before they reach production.
# APIsec provides the industry’s only automated and continuous API testing platform that uncovers security vulnerabilities and logic flaws in APIs.
# APIsec addresses the critical need to secure APIs before they reach production.
# APIsec provides the industry’s only automated and continuous API testing platform that uncovers security vulnerabilities and logic flaws in APIs.
# Clients rely on APIsec to evaluate every update and release, ensuring that no APIs go to production with vulnerabilities.

# How to Get Started with APIsec.ai
Expand Down Expand Up @@ -50,7 +50,7 @@ jobs:
Trigger_APIsec_scan:
permissions:
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
runs-on: ubuntu-latest

steps:
Expand Down
2 changes: 1 addition & 1 deletion code-scanning/brakeman.yml
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
name: Brakeman Scan
runs-on: ubuntu-latest
steps:
Expand Down
2 changes: 1 addition & 1 deletion code-scanning/checkmarx.yml
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ jobs:
issues: write # for checkmarx-ts/checkmarx-cxflow-github-action to write feedback to github issues
pull-requests: write # for checkmarx-ts/checkmarx-cxflow-github-action to write feedback to PR
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
runs-on: ubuntu-latest

# Steps require - checkout code, run CxFlow Action, Upload SARIF report (optional)
Expand Down
4 changes: 2 additions & 2 deletions code-scanning/clj-holmes.yml
Original file line number Diff line number Diff line change
Expand Up @@ -16,15 +16,15 @@ on:

permissions:
contents: read

jobs:
clj-holmes:
name: Run clj-holmes scanning
runs-on: ubuntu-latest
permissions:
contents: read
security-events: write
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
steps:
- name: Checkout code
uses: actions/checkout@v2
Expand Down
6 changes: 3 additions & 3 deletions code-scanning/clj-watson.yml
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
# seeking for vulnerable direct/transitive dependencies and
# build a report with all the information needed to help you
# understand how the vulnerability manifest in your software.
# More details at https://github.com/clj-holmes/clj-watson
# More details at https://github.com/clj-holmes/clj-watson

name: clj-watson

Expand All @@ -29,7 +29,7 @@ jobs:
permissions:
contents: read
security-events: write
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
steps:
- name: Checkout code
uses: actions/checkout@v2
Expand All @@ -40,7 +40,7 @@ jobs:
clj-watson-sha: "65d928c"
clj-watson-tag: "v4.0.1"
database-strategy: github-advisory
aliases: clojure-lsp,test
aliases: clojure-lsp,test
deps-edn-path: deps.edn
suggest-fix: true
output-type: sarif
Expand Down
6 changes: 3 additions & 3 deletions code-scanning/cloudrail.yml
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ on:
push:
branches: [ $default-branch, $protected-branches ]
pull_request:
branches: [ $default-branch ]
branches: [ $default-branch ]
schedule:
- cron: $cron-weekly

Expand All @@ -26,7 +26,7 @@ jobs:
- name: Clone repo
uses: actions/checkout@v3

# For Terraform, Cloudrail requires the plan as input. So we generate it using
# For Terraform, Cloudrail requires the plan as input. So we generate it using
# the Terraform core binary.
- uses: hashicorp/setup-terraform@v1
with:
Expand All @@ -53,6 +53,6 @@ jobs:
uses: github/codeql-action/upload-sarif@v2
# Remember that if issues are found, Cloudrail return non-zero exit code, so the if: always()
# is needed to ensure the SARIF file is uploaded
if: always()
if: always()
with:
sarif_file: cloudrail_results.sarif
2 changes: 1 addition & 1 deletion code-scanning/codacy.yml
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
name: Codacy Security Scan
runs-on: ubuntu-latest
steps:
Expand Down
6 changes: 3 additions & 3 deletions code-scanning/codeql.yml
Original file line number Diff line number Diff line change
Expand Up @@ -48,11 +48,11 @@ jobs:
# If you wish to specify custom queries, you can do so here or in a config file.
# By default, queries listed here will override any specified in a config file.
# Prefix the list here with "+" to use these queries and those in the config file.

# Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
# queries: security-extended,security-and-quality


# Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java).
# If this step fails, then you should remove it and run the build manually (see below)
- name: Autobuild
Expand All @@ -61,7 +61,7 @@ jobs:
# ℹ️ Command-line programs to run using the OS shell.
# 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun

# If the Autobuild fails above, remove it and uncomment the following three lines.
# If the Autobuild fails above, remove it and uncomment the following three lines.
# modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance.

# - run: |
Expand Down
2 changes: 1 addition & 1 deletion code-scanning/codescan.yml
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
runs-on: ubuntu-latest
steps:
- name: Checkout repository
Expand Down
8 changes: 4 additions & 4 deletions code-scanning/contrast-scan.yml
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@
# Contrast Scan currently supports Java, JavaScript and .NET artifacts.
# For more information about the Contrast Scan GitHub Action see here: https://github.com/Contrast-Security-OSS/contrastscan-action

# Pre-requisites:
# Pre-requisites:
# All Contrast related account secrets should be configured as GitHub secrets to be passed as inputs to the Contrast Scan Action.
# The required secrets are CONTRAST_API_KEY, CONTRAST_ORGANIZATION_ID and CONTRAST_AUTH_HEADER.

Expand All @@ -30,23 +30,23 @@ jobs:
permissions:
contents: read # for actions/checkout
security-events: write # for github/codeql-action/upload-sarif
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
runs-on: ubuntu-latest
# check out project
steps:
- uses: actions/checkout@v3
# Since Contrast Scan is designed to run against your deployable artifact, the steps to build your artifact should go here.
# -name: Build Project
# ...
# Scan Artifact
# Scan Artifact
- name: Contrast Scan Action
uses: Contrast-Security-OSS/contrastscan-action@7352a45d9678ec8a434cf061b07ffb51c1e351a1
with:
artifact: mypath/target/myartifact.jar # replace this path with the path to your built artifact
apiKey: ${{ secrets.CONTRAST_API_KEY }}
orgId: ${{ secrets.CONTRAST_ORGANIZATION_ID }}
authHeader: ${{ secrets.CONTRAST_AUTH_HEADER }}
#Upload the results to GitHub
#Upload the results to GitHub
- name: Upload SARIF file
uses: github/codeql-action/upload-sarif@v2
with:
Expand Down
4 changes: 2 additions & 2 deletions code-scanning/detekt.yml
Original file line number Diff line number Diff line change
Expand Up @@ -69,13 +69,13 @@ jobs:
}
}
' 1> gh_response.json
DETEKT_RELEASE_SHA=$(jq --raw-output '.data.repository.release.releaseAssets.tagCommit.oid' gh_response.json)
if [ $DETEKT_RELEASE_SHA != "37f0a1d006977512f1f216506cd695039607c3e5" ]; then
echo "Release tag doesn't match expected commit SHA"
exit 1
fi
DETEKT_DOWNLOAD_URL=$(jq --raw-output '.data.repository.release.releaseAssets.nodes[0].downloadUrl' gh_response.json)
echo "::set-output name=download_url::$DETEKT_DOWNLOAD_URL"
Expand Down
2 changes: 1 addition & 1 deletion code-scanning/devskim.yml
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ jobs:

- name: Run DevSkim scanner
uses: microsoft/DevSkim-Action@v1

- name: Upload DevSkim scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v2
with:
Expand Down
4 changes: 2 additions & 2 deletions code-scanning/eslint.yml
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ jobs:
permissions:
contents: read
security-events: write
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
steps:
- name: Checkout code
uses: actions/checkout@v3
Expand All @@ -39,7 +39,7 @@ jobs:
run: npx eslint .
--config .eslintrc.js
--ext .js,.jsx,.ts,.tsx
--format @microsoft/eslint-formatter-sarif
--format @microsoft/eslint-formatter-sarif
--output-file eslint-results.sarif
continue-on-error: true

Expand Down
8 changes: 4 additions & 4 deletions code-scanning/ethicalcheck.yml
Original file line number Diff line number Diff line change
Expand Up @@ -44,12 +44,12 @@ on:

permissions:
contents: read

jobs:
Trigger_EthicalCheck:
permissions:
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
runs-on: ubuntu-latest

steps:
Expand All @@ -61,9 +61,9 @@ jobs:
# The email address to which the penetration test report will be sent.
email: "[email protected]"
sarif-result-file: "ethicalcheck-results.sarif"

- name: Upload sarif file to repository
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: ./ethicalcheck-results.sarif

2 changes: 1 addition & 1 deletion code-scanning/hadolint.yml
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
steps:
- name: Checkout code
uses: actions/checkout@v3
Expand Down
2 changes: 1 addition & 1 deletion code-scanning/lintr.yml
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ jobs:
permissions:
contents: read # for checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status

steps:
- name: Checkout code
Expand Down
4 changes: 2 additions & 2 deletions code-scanning/mobsf.yml
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ on:
push:
branches: [ $default-branch, $protected-branches ]
pull_request:
branches: [ $default-branch ]
branches: [ $default-branch ]
schedule:
- cron: $cron-weekly

Expand All @@ -21,7 +21,7 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
runs-on: ubuntu-latest

steps:
Expand Down
Loading

0 comments on commit 0b50b4b

Please sign in to comment.