Skip to content

Commit

Permalink
Merge branch 'main' into meson-build
Browse files Browse the repository at this point in the history
  • Loading branch information
marcransome authored Mar 14, 2024
2 parents 587871d + 7e51106 commit d0cb582
Show file tree
Hide file tree
Showing 5 changed files with 59 additions and 14 deletions.
13 changes: 7 additions & 6 deletions .github/workflows/codeql-analysis.yml
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
name: "CodeQL"
name: CodeQL analysis
on:
push:
branches:
Expand All @@ -9,21 +9,22 @@ on:
schedule:
- cron: '00 18 * * 1'
workflow_dispatch:

permissions: read-all

jobs:
analyze:
name: Analyze
runs-on: macos-latest
permissions:
actions: read
contents: read
security-events: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
- name: Install dependencies
run: brew install popt
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
uses: github/codeql-action/init@3ab4101902695724f9365a384f86c1074d94e18c # v3.24.7
with:
languages: cpp
queries: security-and-quality
Expand All @@ -37,4 +38,4 @@ jobs:
meson setup build
ninja -C build
- name: Perform CodeQL analysis
uses: github/codeql-action/analyze@v3
uses: github/codeql-action/analyze@3ab4101902695724f9365a384f86c1074d94e18c # v3.24.7
9 changes: 6 additions & 3 deletions .github/workflows/dependency-review.yml
Original file line number Diff line number Diff line change
@@ -1,18 +1,21 @@
name: dependency-review
name: Dependency review
on:
pull_request:
branches:
- main

permissions: read-all

jobs:
dependency-review:
runs-on: ubuntu-latest
permissions:
pull-requests: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
- name: Dependency review
uses: actions/dependency-review-action@v4
uses: actions/dependency-review-action@9129d7d40b8c12c1ed0f60400d00c92d437adcce # v4.1.3
with:
comment-summary-in-pr: true
fail-on-severity: low
Expand Down
11 changes: 7 additions & 4 deletions .github/workflows/markdown-links.yml
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
name: "Markdown links"
name: Markdown links check
on:
push:
branches:
Expand All @@ -12,22 +12,25 @@ on:
schedule:
- cron: '0 18 * * 1'
workflow_dispatch:

permissions: read-all

jobs:
markdown-links:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
- name: Check links in modified Markdown files
if: github.event_name == 'pull_request'
uses: gaurav-nelson/github-action-markdown-link-check@v1
uses: gaurav-nelson/github-action-markdown-link-check@d53a906aa6b22b8979d33bc86170567e619495ec # 1.0.15
with:
base-branch: main
check-modified-files-only: yes
use-verbose-mode: yes
config-file: .github/markdown/markdown-links.json
- name: Check links in all Markdown files
if: github.event_name != 'pull_request'
uses: gaurav-nelson/github-action-markdown-link-check@v1
uses: gaurav-nelson/github-action-markdown-link-check@d53a906aa6b22b8979d33bc86170567e619495ec # 1.0.15
with:
use-verbose-mode: yes
config-file: .github/markdown/markdown-links.json
38 changes: 38 additions & 0 deletions .github/workflows/openssf-scorecard.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,38 @@
name: OpenSSF Scorecard supply-chain security
on:
branch_protection_rule:
schedule:
- cron: '0 3 * * 1'
push:
branches: [ "main" ]

permissions: read-all

jobs:
analysis:
name: OpenSSF Scorecard analysis
runs-on: ubuntu-latest
permissions:
security-events: write # Needed to upload the results to code scanning dashboard
id-token: write # Needed to publish results to OpenSSF API and get a badge (see publish_results below)
steps:
- name: Checkout repository
uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
with:
persist-credentials: false
- name: Run analysis
uses: ossf/scorecard-action@0864cf19026789058feabb7e87baa5f140aac736 # v2.3.1
with:
results_file: results.sarif
results_format: sarif
publish_results: true
- name: Upload Actions artifact
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
with:
name: SARIF file
path: results.sarif
retention-days: 5
- name: Upload to code scanning dashboard
uses: github/codeql-action/upload-sarif@3ab4101902695724f9365a384f86c1074d94e18c # v3.24.7
with:
sarif_file: results.sarif
2 changes: 1 addition & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

# flog

[![CodeQL](https://github.com/marcransome/flog/actions/workflows/codeql-analysis.yml/badge.svg?branch=main)](https://github.com/marcransome/flog/actions/workflows/codeql-analysis.yml) [![Issues](https://img.shields.io/github/issues/marcransome/flog)](https://github.com/marcransome/flog/issues) [![License](https://img.shields.io/badge/license-MIT-blue)](https://opensource.org/licenses/mit-license.php) [![macOS](https://img.shields.io/badge/macOS-11+-blue)](https://www.apple.com/macos/)
[![OpenSSF Scorecard](https://img.shields.io/ossf-scorecard/github.com/marcransome/flog?label=OpenSSF%20Scorecard)](https://securityscorecards.dev/viewer/?uri=github.com/marcransome/flog) [![CodeQL](https://github.com/marcransome/flog/actions/workflows/codeql-analysis.yml/badge.svg?branch=main)](https://github.com/marcransome/flog/actions/workflows/codeql-analysis.yml) [![Issues](https://img.shields.io/github/issues/marcransome/flog)](https://github.com/marcransome/flog/issues) [![License](https://img.shields.io/badge/license-MIT-blue)](https://opensource.org/licenses/mit-license.php) [![macOS](https://img.shields.io/badge/macOS-11+-blue)](https://www.apple.com/macos/)

`flog` is a command-line tool for sending log messages to Apple's unified logging system and is primaily intended for use in scripts.

Expand Down

0 comments on commit d0cb582

Please sign in to comment.