From 96bb1e17c1ddb3aa459774749171d033eddcdcbe Mon Sep 17 00:00:00 2001 From: htrgouvea Date: Wed, 24 Jan 2024 12:07:57 -0300 Subject: [PATCH 1/4] create --- .github/workflows/linter.yml | 16 ---------------- 1 file changed, 16 deletions(-) delete mode 100644 .github/workflows/linter.yml diff --git a/.github/workflows/linter.yml b/.github/workflows/linter.yml deleted file mode 100644 index 1bc1e02..0000000 --- a/.github/workflows/linter.yml +++ /dev/null @@ -1,16 +0,0 @@ -name: Linter / Perl Critic - -on: - pull_request: - branches: - - main - -jobs: - critic: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - - name: Run Perl::Critic - uses: natanlao/perl-critic-action@v1.1 - with: - files: critic \ No newline at end of file From fb078528f3e0aa43b389ae84828f839ed01279a8 Mon Sep 17 00:00:00 2001 From: htrgouvea Date: Wed, 24 Jan 2024 12:08:08 -0300 Subject: [PATCH 2/4] more seeds --- seeds/emails.txt | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/seeds/emails.txt b/seeds/emails.txt index c08f576..d2058a9 100644 --- a/seeds/emails.txt +++ b/seeds/emails.txt @@ -3,4 +3,10 @@ hil°arde@example.com victim@exámple.com $i$gits@$ex$mple$.$c$m$ victim%00@domain.com -victim%00%00%00@domain.com \ No newline at end of file +victim%00%00%00@domain.com +jöhn.døê@gmail.com +“john.doe”@example.com +"😀"@gmail.com +" "@example.com +“@”@example.com +“\"”@example.com From 5b5c7a63e273fb74db2e6a87f3661da405b4d642 Mon Sep 17 00:00:00 2001 From: htrgouvea Date: Wed, 24 Jan 2024 12:15:54 -0300 Subject: [PATCH 3/4] add zarn to the project --- .github/workflows/zarn.yml | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) create mode 100644 .github/workflows/zarn.yml diff --git a/.github/workflows/zarn.yml b/.github/workflows/zarn.yml new file mode 100644 index 0000000..f66840c --- /dev/null +++ b/.github/workflows/zarn.yml @@ -0,0 +1,25 @@ +name: ZARN + +on: + pull_request: + branches: + - main + - develop + +jobs: + build: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v4 + - name: Install dependencies + run: | + git clone https://github.com/htrgouvea/zarn + sudo apt install -y perl cpanminus + cd zarn && sudo cpanm --installdeps . + - name: Hunt for findings + run: | + perl zarn/zarn.pl --source . --sarif zarn.sarif + - uses: github/codeql-action/upload-sarif@v3 + with: + sarif_file: zarn.sarif \ No newline at end of file From ad4e393b743cd0d56334288939f007825918b4bc Mon Sep 17 00:00:00 2001 From: htrgouvea Date: Thu, 25 Jan 2024 18:29:44 -0300 Subject: [PATCH 4/4] add linter and fix the sast --- .github/workflows/linter.yml | 16 ++++++++++++++++ .github/workflows/zarn.yml | 12 +++++++----- 2 files changed, 23 insertions(+), 5 deletions(-) create mode 100644 .github/workflows/linter.yml diff --git a/.github/workflows/linter.yml b/.github/workflows/linter.yml new file mode 100644 index 0000000..1bc1e02 --- /dev/null +++ b/.github/workflows/linter.yml @@ -0,0 +1,16 @@ +name: Linter / Perl Critic + +on: + pull_request: + branches: + - main + +jobs: + critic: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - name: Run Perl::Critic + uses: natanlao/perl-critic-action@v1.1 + with: + files: critic \ No newline at end of file diff --git a/.github/workflows/zarn.yml b/.github/workflows/zarn.yml index f66840c..f552764 100644 --- a/.github/workflows/zarn.yml +++ b/.github/workflows/zarn.yml @@ -1,11 +1,13 @@ name: ZARN on: + push: + branches: [ "main" ] pull_request: - branches: - - main - - develop - + branches: [ "main" ] + schedule: + - cron: '28 23 * * 1' + jobs: build: runs-on: ubuntu-latest @@ -19,7 +21,7 @@ jobs: cd zarn && sudo cpanm --installdeps . - name: Hunt for findings run: | - perl zarn/zarn.pl --source . --sarif zarn.sarif + cd zarn && perl zarn.pl --source ../ --sarif ../zarn.sarif - uses: github/codeql-action/upload-sarif@v3 with: sarif_file: zarn.sarif \ No newline at end of file