coopnorge github-workflow-supply-chain-security-validation issues

coopnorge / github-workflow-supply-chain-security-validation

MIT License

0 stars 0 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

Bump aquasecurity/trivy-action from 0.28.0 to 0.29.0

#104 dependabot[bot] closed 9 hours ago
1
feat: Use trivy-cache-action to cache db

#103 pravindahal closed 2 weeks ago
0
feat: Remove misconfig scanner

#102 pravindahal closed 4 weeks ago
0
feat: Remove support for ruby scanning

#101 pravindahal closed 1 month ago
0
docs: Change scans to weekly in the example usage

#100 pravindahal closed 1 month ago
0
chore: Run trivy scan regardless of whether there are terraform files

#99 pravindahal closed 1 month ago
0
Bump aquasecurity/trivy-action from 0.24.0 to 0.28.0

#98 dependabot[bot] closed 1 month ago
2
chore: Ignore library vulnerabilities checking

#97 pravindahal closed 1 month ago
0
Bump aquasecurity/trivy-action from 0.24.0 to 0.27.0

#96 dependabot[bot] closed 1 month ago
1
Bump aquasecurity/trivy-action from 0.24.0 to 0.26.0

#95 dependabot[bot] closed 1 month ago
1
Bump aquasecurity/trivy-action from 0.24.0 to 0.25.0

#94 dependabot[bot] closed 1 month ago
1
fix: Workaround for database download errors

#93 pravindahal closed 1 month ago
0
"CodeQL detected code written in C/C++, Java/Kotlin and Swift, but not any written in Ruby. Confirm that there is some source code for Ruby in the project."

#92 pravindahal closed 1 month ago
0
chore: Make security scans less frequent

#91 coopcodemod[bot] closed 1 month ago
0
Trivy and Dependabot are both creating security alerts thus causing duplicate alerts

#90 AtzeDeVries closed 2 weeks ago
3
Bump aquasecurity/trivy-action from 0.20.0 to 0.24.0

#89 dependabot[bot] closed 3 months ago
1
Separate security scan options for PR and scheduled

#88 pravindahal opened 3 months ago
1
feat: Replace `tfsec` with `trivy`

#87 pravindahal closed 3 months ago
0
fix: Fix setting variable for tf files count

#86 pravindahal closed 3 months ago
0
Update go setup and use stable version if not passed in arg

#85 LinMAD closed 8 months ago
3
feat: Add caching of go-dependencies

#84 bendiknesbo closed 8 months ago
0
Bump actions/dependency-review-action from 3 to 4

#83 dependabot[bot] closed 10 months ago
0
chore: bump go to 1.21, to allow for 3-part version-numbers in go.mod

#82 bendiknesbo closed 10 months ago
0
Bump github/codeql-action from 2 to 3

#81 dependabot[bot] closed 11 months ago
0
Bump actions/setup-go from 4 to 5

#80 dependabot[bot] closed 11 months ago
0
Bump actions/setup-java from 3 to 4

#79 dependabot[bot] closed 11 months ago
0
Add support for downloading private modules

#78 nhhagen opened 12 months ago
0
On PR runs only use CodeQL on relevant code

#77 nhhagen opened 12 months ago
0
Bump actions/github-script from 6 to 7

#76 dependabot[bot] closed 1 year ago
0
Get the version of Go to setup from `go.mod`.

#75 nhhagen opened 1 year ago
1
Bump actions/checkout from 3 to 4

#74 dependabot[bot] closed 1 year ago
0
Add code scanning skip

#73 nhhagen closed 1 year ago
0
Revert "Allow access to internal repos (#67)"

#72 nhhagen closed 1 year ago
0
Remove TechDocs workflow as it was added by error

#71 nhhagen closed 1 year ago
0
Fix codeql-go-version

#70 nhhagen closed 1 year ago
0
Require the REVIEWBOT_GITHUB_TOKEN for access to internal repos

#69 nhhagen closed 1 year ago
0
Bump Golang version from 1.19 to 1.20

#68 nhhagen closed 1 year ago
0
Allow access to internal repos

#67 nhhagen closed 1 year ago
0
Add packages: read to code-scanning job

#66 nedimhadz closed 1 year ago
0
Remove broken issue automation workflow

#65 nhhagen closed 1 year ago
0
Add step that adds coopnorge as nuget source for csharp code

#64 nedimhadz closed 1 year ago
2
CodeQL Scan Autobuild step fails when we use an internal nuget package (github package)

#63 nedimhadz closed 1 year ago
11
Register workflow in Inventory

#62 nhhagen closed 1 year ago
0
Fix language detection output

#61 nhhagen closed 1 year ago
0
Bump actions/setup-go from 3 to 4

#60 dependabot[bot] closed 1 year ago
0
Bump leonsteinhaeuser/project-beta-automations from 2.0.1 to 2.1.0

#59 dependabot[bot] closed 1 year ago
0
Update CODEOWNERS

#58 nhhagen closed 1 year ago
0
Update GitHub Actions output

#57 nhhagen closed 1 year ago
0
Bump actions/dependency-review-action from 2 to 3

#56 dependabot[bot] closed 1 year ago
0
Bump aquasecurity/tfsec-sarif-action from 0.1.3 to 0.1.4

#55 dependabot[bot] closed 1 year ago
0