Closed starlightretailceo closed 3 weeks ago
@microsoft-github-policy-service agree [company="{starlightretailinc}"]
This pull request introduces several important changes to the codebase focused on security and deployment settings. The most significant changes are the addition of an Open Source Static Analysis Results Aggregator (OSSAR) workflow, updates to the Azure publish settings for the Starlight Chat Assistant, and the addition of a new certificate request.
Security enhancements:
.github/workflows/ossar.yml
: Added a new GitHub workflow that uses OSSAR, a collection of open source static analysis tools integrated with GitHub code scanning. The workflow is triggered on push and pull requests to the main
branch and also runs on a schedule. The workflow runs on windows-latest
and includes steps to checkout the repository, run OSSAR, and upload the results to the Security tab.Deployment settings:
Starlight-Chat-Assistant.PublishSettings
: Updated the Azure publish settings for the Starlight Chat Assistant. The changes include new publish profiles for Web Deploy, FTP, and Zip Deploy methods. The profiles contain the publish method, publish URL, username, password, destination app URL, and other settings.Certificate request:
primarycert.csr
: Added a new certificate request for the domain starlightretail.my.salesforce.com
. The request includes the domain name, email, organization, location, and other details.
This pull request includes changes that enhance security and deployment configurations for the project. The most important changes are the addition of the OSSAR workflow for static analysis of the code, the update of the Starlight-Chat-Assistant.PublishSettings
with new deployment settings, and the creation of a new certificate request in primarycert.csr
.Security enhancements:
.github/workflows/ossar.yml
: Added the OSSAR (Open Source Static Analysis Runner) workflow to the project. This workflow will run a collection of open source static analysis tools on the code whenever there is a push or pull request to the main
branch or according to the specified schedule. The results of the analysis will be uploaded to the Security tab on GitHub.Deployment configuration updates:
Starlight-Chat-Assistant.PublishSettings
: Updated the publish settings for the Starlight Chat Assistant. The changes include new settings for Web Deploy, FTP, and Zip Deploy methods. These settings include the publish URL, username, and password among other parameters.Certificate updates:
primarycert.csr
: Added a new Certificate Signing Request (CSR). This is a block of encoded text that is given to a Certificate Authority when applying for an SSL Certificate. It is usually required as part of the SSL certificate application process.
This pull request introduces changes to improve the security and deployment process of the codebase. The most significant changes include the addition of a GitHub workflow for open-source static analysis, the modification of the Azure deployment settings, and the addition of a new certificate request.
Security improvements:
.github/workflows/ossar.yml
: This new file adds a GitHub workflow that integrates a collection of open-source static analysis tools with GitHub code scanning. This workflow is triggered on push and pull request events on themain
branch, and also runs on a schedule. It runs onwindows-latest
and uses theactions/checkout@v4
action to checkout the repository, thegithub/ossar-action@v1
action to run the open-source static analysis tools, and thegithub/codeql-action/upload-sarif@v2
action to upload the results to the Security tab.Deployment settings:
Starlight-Chat-Assistant.PublishSettings
: This file was modified to update the publish profiles for Web Deploy, FTP, and Zip Deploy methods for theStarlight-Chat-Assistant
application. The changes include updates to the publish URL, user name, password, and destination application URL.Certificate request:
primarycert.csr
: This new file adds a certificate request forstarlightretail.my.salesforce.com
. The certificate request is generated for the organizationSTARLIGHT RETAIL INC
located inLOS ANGELES, CA, US
and the emailmammon@starlightretail.ltd
.### Motivation and ContextDescription
Contribution Checklist
Starlight-Chat-Assistant.PublishSettings
file, and the creation of a new certificate signing request.Security enhancements:
.github/workflows/ossar.yml
: Added a new GitHub Actions workflow that integrates a collection of open source static analysis tools with GitHub's code scanning feature. This workflow will run on every push to themain
branch, on every pull request to themain
branch, and on a scheduled basis.Deployment settings:
Starlight-Chat-Assistant.PublishSettings
: Updated the publish settings for the Starlight Chat Assistant. This includes settings for Web Deploy, FTP, and Zip Deploy methods.Certificate management:
primarycert.csr
: Added a new certificate signing request. This is typically used to apply for an SSL certificate from a Certificate Authority.