merge

[starlightretailceo]

This pull request introduces changes to improve the security and deployment process of the codebase. The most significant changes include the addition of a GitHub workflow for open-source static analysis, the modification of the Azure deployment settings, and the addition of a new certificate request.

Security improvements:

• .github/workflows/ossar.yml: This new file adds a GitHub workflow that integrates a collection of open-source static analysis tools with GitHub code scanning. This workflow is triggered on push and pull request events on the main branch, and also runs on a schedule. It runs on windows-latest and uses the actions/checkout@v4 action to checkout the repository, the github/ossar-action@v1 action to run the open-source static analysis tools, and the github/codeql-action/upload-sarif@v2 action to upload the results to the Security tab.

Deployment settings:

• Starlight-Chat-Assistant.PublishSettings: This file was modified to update the publish profiles for Web Deploy, FTP, and Zip Deploy methods for the Starlight-Chat-Assistant application. The changes include updates to the publish URL, user name, password, and destination application URL.

Certificate request:

• primarycert.csr: This new file adds a certificate request for starlightretail.my.salesforce.com. The certificate request is generated for the organization STARLIGHT RETAIL INC located in LOS ANGELES, CA, US and the email mammon@starlightretail.ltd.### Motivation and Context

Description

Contribution Checklist

• [x] I have built and tested the code locally and in a deployed app
• [x] For frontend changes, I have pulled the latest code from main, built the frontend, and committed all static files.
• [ ] This is a change for all users of this app. No code or asset is specific to my use case or my organization.
• [x] I didn't break any existing functionality :smile: This pull request introduces changes related to security, deployment, and certificate management. The most important changes include the addition of an Open Source Static Analysis Results Aggregator (OSSAR) workflow, the update of the Starlight-Chat-Assistant.PublishSettings file, and the creation of a new certificate signing request.

Security enhancements:

• .github/workflows/ossar.yml: Added a new GitHub Actions workflow that integrates a collection of open source static analysis tools with GitHub's code scanning feature. This workflow will run on every push to the main branch, on every pull request to the main branch, and on a scheduled basis.

Deployment settings:

• Starlight-Chat-Assistant.PublishSettings: Updated the publish settings for the Starlight Chat Assistant. This includes settings for Web Deploy, FTP, and Zip Deploy methods.

Certificate management:

• primarycert.csr: Added a new certificate signing request. This is typically used to apply for an SSL certificate from a Certificate Authority.

[starlightretailceo]

@microsoft-github-policy-service agree [company="{starlightretailinc}"]

[starlightretailceo]

This pull request introduces several important changes to the codebase focused on security and deployment settings. The most significant changes are the addition of an Open Source Static Analysis Results Aggregator (OSSAR) workflow, updates to the Azure publish settings for the Starlight Chat Assistant, and the addition of a new certificate request.

Security enhancements:

• .github/workflows/ossar.yml: Added a new GitHub workflow that uses OSSAR, a collection of open source static analysis tools integrated with GitHub code scanning. The workflow is triggered on push and pull requests to the main branch and also runs on a schedule. The workflow runs on windows-latest and includes steps to checkout the repository, run OSSAR, and upload the results to the Security tab.

Deployment settings:

• Starlight-Chat-Assistant.PublishSettings: Updated the Azure publish settings for the Starlight Chat Assistant. The changes include new publish profiles for Web Deploy, FTP, and Zip Deploy methods. The profiles contain the publish method, publish URL, username, password, destination app URL, and other settings.

Certificate request:

• primarycert.csr: Added a new certificate request for the domain starlightretail.my.salesforce.com. The request includes the domain name, email, organization, location, and other details. This pull request includes changes that enhance security and deployment configurations for the project. The most important changes are the addition of the OSSAR workflow for static analysis of the code, the update of the Starlight-Chat-Assistant.PublishSettings with new deployment settings, and the creation of a new certificate request in primarycert.csr.

Security enhancements:

• .github/workflows/ossar.yml: Added the OSSAR (Open Source Static Analysis Runner) workflow to the project. This workflow will run a collection of open source static analysis tools on the code whenever there is a push or pull request to the main branch or according to the specified schedule. The results of the analysis will be uploaded to the Security tab on GitHub.

Deployment configuration updates:

• Starlight-Chat-Assistant.PublishSettings: Updated the publish settings for the Starlight Chat Assistant. The changes include new settings for Web Deploy, FTP, and Zip Deploy methods. These settings include the publish URL, username, and password among other parameters.

Certificate updates:

• primarycert.csr: Added a new Certificate Signing Request (CSR). This is a block of encoded text that is given to a Certificate Authority when applying for an SSL Certificate. It is usually required as part of the SSL certificate application process.