Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Adding settings for score board implementation #253

Merged
merged 19 commits into from
Dec 19, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
19 commits
Select commit Hold shift + click to select a range
ae9b5ae
Merge pull request #164 from rsksmart/develop
Nov 8, 2022
f7383d4
hotfix: top message warning removal (#165) (#166)
Nov 9, 2022
2921db6
Merge pull request #191 from rsksmart/develop
ezequiel-rodriguez Feb 23, 2024
ef17b7e
Merge pull request #193 from rsksmart/develop
ezequiel-rodriguez Feb 23, 2024
5fa9196
Merge pull request #197 from rsksmart/develop
ezequiel-rodriguez Feb 26, 2024
95eab85
Merge pull request #203 from rsksmart/develop
ezequiel-rodriguez Feb 29, 2024
59f251a
Merge pull request #205 from rsksmart/develop
ezequiel-rodriguez Feb 29, 2024
158c966
Merge pull request #209 from rsksmart/develop
ezequiel-rodriguez Mar 27, 2024
bc4ff33
Merge pull request #211 from rsksmart/develop
ezequiel-rodriguez Mar 28, 2024
d92cba3
Merge pull request #220 from rsksmart/develop
ezequiel-rodriguez Jun 7, 2024
b5afeb3
Merge pull request #227 from rsksmart/develop
nicov-iov Jul 11, 2024
a4d4c89
Merge pull request #229 from rsksmart/develop
nicov-iov Jul 17, 2024
e0561da
Merge pull request #232 from rsksmart/develop
ezequiel-rodriguez Aug 12, 2024
10f2a23
Merge pull request #235 from rsksmart/develop
ezequiel-rodriguez Aug 15, 2024
6e93d48
Merge pull request #238 from rsksmart/develop
IOVgomezdn Sep 16, 2024
0211377
Merge pull request #240 from rsksmart/develop
nicov-iov Oct 7, 2024
2f72288
Merge pull request #244 from rsksmart/develop
ivegabr Oct 29, 2024
86441ba
feat/settings for score board
SebasGuaquetaRSK Dec 19, 2024
9dcc211
feat/setting correct lang name
SebasGuaquetaRSK Dec 19, 2024
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
13 changes: 13 additions & 0 deletions .github/dependabot.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
version: 2
updates:
# Maintain dependencies for GitHub Actions
- package-ecosystem: github-actions
directory: /
schedule:
interval: daily

# Maintain dependencies for npm
- package-ecosystem: npm
directory: /
schedule:
interval: daily
45 changes: 45 additions & 0 deletions .github/workflows/codeql.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,45 @@
name: "CodeQL"

on:
push:
branches: [ "master, develop" ]
pull_request:
branches: [ "master, develop" ]
schedule:
- cron: "0 0 * * *"

# Declare default permissions as read only.
permissions:
contents: read

jobs:
analyze:
name: Analyze
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
security-events: write

strategy:
fail-fast: false
matrix:
language: [javascript]

steps:
- name: Checkout
uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1

- name: Initialize CodeQL
uses: github/codeql-action/init@f779452ac5af1c261dce0346a8f964149f49322b #v3.26.13
with:
languages: ${{ matrix.language }}
queries: +security-and-quality

- name: Autobuild
uses: github/codeql-action/autobuild@f779452ac5af1c261dce0346a8f964149f49322b #v3.26.13

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@f779452ac5af1c261dce0346a8f964149f49322b #v3.26.13
with:
category: "/language:${{ matrix.language }}"
21 changes: 21 additions & 0 deletions .github/workflows/dependency-review.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
name: 'Dependency Review'
on: [pull_request]

# Declare default permissions as read only.
permissions: read-all

jobs:
dependency-review:
runs-on: ubuntu-latest
permissions:
contents: read
pull-requests: write
steps:
- name: 'Checkout Repository'
uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1

- name: 'Dependency Review'
uses: actions/dependency-review-action@4081bf99e2866ebe428fc0477b69eb4fcda7220a # v4.4.0
with:
fail-on-severity: high
comment-summary-in-pr: true
47 changes: 47 additions & 0 deletions .github/workflows/scorecard.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,47 @@
name: Scorecard supply-chain security
on:
branch_protection_rule:
schedule:
- cron: '33 2 * * 2'
push:
branches: [ "master, develop" ]

# Declare default permissions as read only.
permissions: read-all

jobs:
analysis:
name: Scorecard analysis
runs-on: ubuntu-latest
permissions:
security-events: write
id-token: write

steps:
- name: "Checkout code"
uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 #v4.2.1
with:
persist-credentials: false

- name: "Run analysis"
uses: ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46 # v2.4.0
with:
results_file: results.sarif
results_format: sarif
publish_results: true

# Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
# format to the repository Actions tab.
- name: "Upload artifact"
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 #v4.4.3
with:
name: SARIF file
path: results.sarif
retention-days: 5

# Upload the results to GitHub's code scanning dashboard (optional).
# Commenting out will disable upload of results to your repo's Code Scanning dashboard
- name: "Upload to code-scanning"
uses: github/codeql-action/upload-sarif@c36620d31ac7c881962c3d9dd939c40ec9434f2b # v3.26.12
with:
sarif_file: results.sarif
Loading