Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add step security config #659

Merged
merged 7 commits into from
May 3, 2024
Merged

Add step security config #659

merged 7 commits into from
May 3, 2024

Conversation

pdabelf5
Copy link
Contributor

@pdabelf5 pdabelf5 commented Apr 30, 2024
edited
Loading

Proposed changes

  • pin actions to commit sha's
  • ensure dependabot can update actions
  • add dependency review workflow
  • add codeql workflow
  • add scorecard checks

https://app.stepsecurity.io/securerepo?repo=https://github.com/nginx/agent

Checklist

Before creating a PR, run through this checklist and mark each as complete.

  • I have read the CONTRIBUTING document
  • I have run make install-tools and have attached any dependency changes to this pull request
  • If applicable, I have added tests that prove my fix is effective or that my feature works
  • If applicable, I have checked that any relevant tests pass after adding my changes
  • If applicable, I have updated any relevant documentation (README.md)
  • If applicable, I have tested my cross-platform changes on Ubuntu 22, Redhat 8, SUSE 15 and FreeBSD 13

@netlify Netlify
Copy link

netlify bot commented Apr 30, 2024
edited
Loading

Deploy Preview for agent-public-docs canceled.

Name Link
🔨 Latest commit 0a851a7
🔍 Latest deploy log https://app.netlify.com/sites/agent-public-docs/deploys/66336f563b9b5f00087eddef

@github-advanced-security
Copy link

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

@dhurley dhurley changed the title add step security config Add step security config May 2, 2024
dhurley
dhurley reviewed May 2, 2024
View reviewed changes
.pre-commit-config.yaml Outdated Show resolved Hide resolved
@pdabelf5 pdabelf5 merged commit 754f8d2 into main May 3, 2024
33 checks passed
@pdabelf5 pdabelf5 deleted the pin-actions branch May 3, 2024 13:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dhurley dhurley dhurley left review comments

@aphralG aphralG aphralG approved these changes

@olli-holmala olli-holmala olli-holmala approved these changes

@Dean-Coakley Dean-Coakley Awaiting requested review from Dean-Coakley

@oliveromahony oliveromahony Awaiting requested review from oliveromahony

@craigell craigell Awaiting requested review from craigell

@spencerugbo spencerugbo Awaiting requested review from spencerugbo

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@pdabelf5 @dhurley @olli-holmala @aphralG