From 11b75667ae13381366b510dad4c527ab1cd7fb53 Mon Sep 17 00:00:00 2001 From: Nils <52573120+niStee@users.noreply.github.com> Date: Wed, 12 Jun 2024 23:31:05 +0200 Subject: [PATCH 01/16] Optimize GitHub Actions workflow for code quality and security - Reuse checkout step from shared-setup job to reduce duplication - Add caching for Rust toolchain to improve build times - These changes should improve the overall efficiency and performance of the workflow without compromising the code quality and security checks This pull request optimizes the existing GitHub Actions workflow for code quality and security checks. The key changes include: 1. Reusing the checkout step from the `shared-setup` job in both the `devskim` and `rust-clippy` jobs to reduce duplication. 2. Adding caching for the Rust toolchain in the `rust-clippy` job to speed up the installation process. These changes should help improve the overall efficiency and performance of the workflow, while maintaining the same level of code quality and security checks. --- .../check_security_vulnerability.yml | 72 ++++++++++++++++--- 1 file changed, 64 insertions(+), 8 deletions(-) diff --git a/.github/workflows/check_security_vulnerability.yml b/.github/workflows/check_security_vulnerability.yml index a39a551e..ccbd6bed 100644 --- a/.github/workflows/check_security_vulnerability.yml +++ b/.github/workflows/check_security_vulnerability.yml @@ -1,20 +1,28 @@ -# This workflow uses actions that are not certified by GitHub. -# They are provided by a third-party and are governed by -# separate terms of service, privacy policy, and support -# documentation. - -name: Check Security Vulnerability +name: Code Quality and Security on: pull_request: push: branches: - main + schedule: + - cron: '0 0 * * 0' # Run every Sunday at 00:00 (midnight) jobs: - lint: - name: DevSkim + + shared-setup: + name: Shared Setup runs-on: ubuntu-latest + outputs: + checkout_ref: ${{ steps.checkout.outputs.ref }} + steps: + - name: Checkout code + id: checkout + uses: actions/checkout@v4 + + devskim: + name: DevSkim Security Scan + needs: shared-setup permissions: actions: read contents: read @@ -22,6 +30,8 @@ jobs: steps: - name: Checkout code uses: actions/checkout@v4 + with: + ref: ${{ needs.shared-setup.outputs.checkout_ref }} - name: Run DevSkim scanner uses: microsoft/DevSkim-Action@v1 @@ -30,3 +40,49 @@ jobs: uses: github/codeql-action/upload-sarif@v3 with: sarif_file: devskim-results.sarif + + rust-clippy: + name: Rust Clippy Analysis + needs: shared-setup + permissions: + contents: read + security-events: write + steps: + - name: Checkout code + uses: actions/checkout@v4 + with: + ref: ${{ needs.shared-setup.outputs.checkout_ref }} + + - name: Cache Rust toolchain + uses: actions/cache@v3 + with: + path: | + ~/.cargo/bin/ + ~/.cargo/registry/index/ + ~/.cargo/registry/cache/ + ~/.cargo/git/db/ + key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }} + + - name: Install Rust toolchain + uses: actions-rs/toolchain@16499b5e05bf2e26879000db0c1d13f7e13fa3af #@v1 + with: + profile: minimal + toolchain: stable + components: clippy + override: true + + - name: Install required cargo + run: cargo install clippy-sarif sarif-fmt + + - name: Run rust-clippy + run: + cargo clippy + --all-features + --message-format=json | clippy-sarif | tee rust-clippy-results.sarif | sarif-fmt + continue-on-error: true + + - name: Upload Clippy analysis results to GitHub + uses: github/codeql-action/upload-sarif@v1 + with: + sarif_file: rust-clippy-results.sarif + wait-for-processing: true From e1de5049b6d9d2af40025a1acf1b85e6f9bb1841 Mon Sep 17 00:00:00 2001 From: Nils <52573120+niStee@users.noreply.github.com> Date: Sat, 27 Jul 2024 17:15:38 +0200 Subject: [PATCH 02/16] Optimize GitHub Actions workflow for code quality and security --- .../check_security_vulnerability.yml | 26 +++++-------------- 1 file changed, 7 insertions(+), 19 deletions(-) diff --git a/.github/workflows/check_security_vulnerability.yml b/.github/workflows/check_security_vulnerability.yml index ccbd6bed..b03ead4d 100644 --- a/.github/workflows/check_security_vulnerability.yml +++ b/.github/workflows/check_security_vulnerability.yml @@ -9,7 +9,6 @@ on: - cron: '0 0 * * 0' # Run every Sunday at 00:00 (midnight) jobs: - shared-setup: name: Shared Setup runs-on: ubuntu-latest @@ -27,15 +26,14 @@ jobs: actions: read contents: read security-events: write + runs-on: ubuntu-latest steps: - name: Checkout code uses: actions/checkout@v4 with: ref: ${{ needs.shared-setup.outputs.checkout_ref }} - - name: Run DevSkim scanner uses: microsoft/DevSkim-Action@v1 - - name: Upload DevSkim scan results to GitHub Security tab uses: github/codeql-action/upload-sarif@v3 with: @@ -47,12 +45,12 @@ jobs: permissions: contents: read security-events: write + runs-on: ubuntu-latest steps: - name: Checkout code uses: actions/checkout@v4 with: ref: ${{ needs.shared-setup.outputs.checkout_ref }} - - name: Cache Rust toolchain uses: actions/cache@v3 with: @@ -61,28 +59,18 @@ jobs: ~/.cargo/registry/index/ ~/.cargo/registry/cache/ ~/.cargo/git/db/ + ~/.rustup/ key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }} - - name: Install Rust toolchain - uses: actions-rs/toolchain@16499b5e05bf2e26879000db0c1d13f7e13fa3af #@v1 - with: - profile: minimal - toolchain: stable - components: clippy - override: true - + uses: dtolnay/rust-toolchain@stable - name: Install required cargo run: cargo install clippy-sarif sarif-fmt - - name: Run rust-clippy - run: - cargo clippy - --all-features - --message-format=json | clippy-sarif | tee rust-clippy-results.sarif | sarif-fmt + run: | + cargo clippy --all-features --message-format=json | clippy-sarif | tee rust-clippy-results.sarif | sarif-fmt continue-on-error: true - - name: Upload Clippy analysis results to GitHub uses: github/codeql-action/upload-sarif@v1 with: sarif_file: rust-clippy-results.sarif - wait-for-processing: true + wait-for-processing: true \ No newline at end of file From b57544d936e165a66c9ac3479d963720bb41cbc4 Mon Sep 17 00:00:00 2001 From: Nils <52573120+niStee@users.noreply.github.com> Date: Sat, 27 Jul 2024 18:54:05 +0200 Subject: [PATCH 03/16] feat: Update GitHub Actions workflow to support multiple operating systems The GitHub Actions workflow has been updated to support multiple operating systems. This change allows the workflow to run on Ubuntu, macOS, and Windows. The matrix strategy has been added to specify the different operating systems. This optimization improves code quality and security. --- .../workflows/check_security_vulnerability.yml | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/.github/workflows/check_security_vulnerability.yml b/.github/workflows/check_security_vulnerability.yml index b03ead4d..fe1270ac 100644 --- a/.github/workflows/check_security_vulnerability.yml +++ b/.github/workflows/check_security_vulnerability.yml @@ -11,7 +11,10 @@ on: jobs: shared-setup: name: Shared Setup - runs-on: ubuntu-latest + runs-on: ${{ matrix.os }} + strategy: + matrix: + os: [ubuntu-latest, macos-latest, windows-latest] outputs: checkout_ref: ${{ steps.checkout.outputs.ref }} steps: @@ -26,7 +29,10 @@ jobs: actions: read contents: read security-events: write - runs-on: ubuntu-latest + runs-on: ${{ matrix.os }} + strategy: + matrix: + os: [ubuntu-latest, macos-latest, windows-latest] steps: - name: Checkout code uses: actions/checkout@v4 @@ -45,7 +51,10 @@ jobs: permissions: contents: read security-events: write - runs-on: ubuntu-latest + runs-on: ${{ matrix.os }} + strategy: + matrix: + os: [ubuntu-latest, macos-latest, windows-latest] steps: - name: Checkout code uses: actions/checkout@v4 From 132a49a9835ec7a993ab3414d3bbc149a9a7d33b Mon Sep 17 00:00:00 2001 From: Nils <52573120+niStee@users.noreply.github.com> Date: Sat, 27 Jul 2024 19:00:10 +0200 Subject: [PATCH 04/16] Update GitHub Actions DevSkim workflow to use Ubuntu Latest as default operating system, as it is only supported on Linux --- .github/workflows/check_security_vulnerability.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/check_security_vulnerability.yml b/.github/workflows/check_security_vulnerability.yml index fe1270ac..774148c3 100644 --- a/.github/workflows/check_security_vulnerability.yml +++ b/.github/workflows/check_security_vulnerability.yml @@ -29,7 +29,7 @@ jobs: actions: read contents: read security-events: write - runs-on: ${{ matrix.os }} + runs-on: ubuntu-latest strategy: matrix: os: [ubuntu-latest, macos-latest, windows-latest] From 9a538743914c2a6e26f2ef5c7e41e09bc72c5871 Mon Sep 17 00:00:00 2001 From: Nils <52573120+niStee@users.noreply.github.com> Date: Sat, 27 Jul 2024 19:09:06 +0200 Subject: [PATCH 05/16] Optimize GitHub Actions workflow by checking if clippy-sarif and sarif-fmt are already installed before installing them --- .github/workflows/check_security_vulnerability.yml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/.github/workflows/check_security_vulnerability.yml b/.github/workflows/check_security_vulnerability.yml index 774148c3..98218cad 100644 --- a/.github/workflows/check_security_vulnerability.yml +++ b/.github/workflows/check_security_vulnerability.yml @@ -73,7 +73,11 @@ jobs: - name: Install Rust toolchain uses: dtolnay/rust-toolchain@stable - name: Install required cargo - run: cargo install clippy-sarif sarif-fmt + run: | + if ! command -v clippy-sarif &> /dev/null || ! command -v sarif-fmt &> /dev/null; then + cargo install clippy-sarif sarif-fmt + else + echo "clippy-sarif and sarif-fmt are already installed" - name: Run rust-clippy run: | cargo clippy --all-features --message-format=json | clippy-sarif | tee rust-clippy-results.sarif | sarif-fmt From af59afed9c10971018820290cc47093696b53489 Mon Sep 17 00:00:00 2001 From: Nils <52573120+niStee@users.noreply.github.com> Date: Sat, 27 Jul 2024 19:11:30 +0200 Subject: [PATCH 06/16] Optimize GitHub Actions workflow by checking if clippy-sarif and sarif-fmt are already installed before installing them --- .github/workflows/check_security_vulnerability.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/check_security_vulnerability.yml b/.github/workflows/check_security_vulnerability.yml index 98218cad..ca1650ca 100644 --- a/.github/workflows/check_security_vulnerability.yml +++ b/.github/workflows/check_security_vulnerability.yml @@ -78,6 +78,7 @@ jobs: cargo install clippy-sarif sarif-fmt else echo "clippy-sarif and sarif-fmt are already installed" + fi - name: Run rust-clippy run: | cargo clippy --all-features --message-format=json | clippy-sarif | tee rust-clippy-results.sarif | sarif-fmt From 8edf48137f7f376c0593a8f8a2a984c4add40e58 Mon Sep 17 00:00:00 2001 From: Nils <52573120+niStee@users.noreply.github.com> Date: Sat, 27 Jul 2024 19:14:47 +0200 Subject: [PATCH 07/16] Optimize GitHub Actions workflow by checking if clippy-sarif and sarif-fmt are already installed before installing them --- .github/workflows/check_security_vulnerability.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/check_security_vulnerability.yml b/.github/workflows/check_security_vulnerability.yml index ca1650ca..434e42c1 100644 --- a/.github/workflows/check_security_vulnerability.yml +++ b/.github/workflows/check_security_vulnerability.yml @@ -74,11 +74,11 @@ jobs: uses: dtolnay/rust-toolchain@stable - name: Install required cargo run: | - if ! command -v clippy-sarif &> /dev/null || ! command -v sarif-fmt &> /dev/null; then + if (!(Get-Command clippy-sarif -ErrorAction SilentlyContinue) -or !(Get-Command sarif-fmt -ErrorAction SilentlyContinue)) { cargo install clippy-sarif sarif-fmt - else - echo "clippy-sarif and sarif-fmt are already installed" - fi + } else { + Write-Output "clippy-sarif and sarif-fmt are already installed" + } - name: Run rust-clippy run: | cargo clippy --all-features --message-format=json | clippy-sarif | tee rust-clippy-results.sarif | sarif-fmt From 67bb921f7cc63d89d77f41bfbdba37369b73919e Mon Sep 17 00:00:00 2001 From: Nils <52573120+niStee@users.noreply.github.com> Date: Sat, 27 Jul 2024 19:20:41 +0200 Subject: [PATCH 08/16] Optimize GitHub Actions workflow by installing clippy-sarif and sarif-fmt without checking if they are already installed --- .github/workflows/check_security_vulnerability.yml | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/.github/workflows/check_security_vulnerability.yml b/.github/workflows/check_security_vulnerability.yml index 434e42c1..774148c3 100644 --- a/.github/workflows/check_security_vulnerability.yml +++ b/.github/workflows/check_security_vulnerability.yml @@ -73,12 +73,7 @@ jobs: - name: Install Rust toolchain uses: dtolnay/rust-toolchain@stable - name: Install required cargo - run: | - if (!(Get-Command clippy-sarif -ErrorAction SilentlyContinue) -or !(Get-Command sarif-fmt -ErrorAction SilentlyContinue)) { - cargo install clippy-sarif sarif-fmt - } else { - Write-Output "clippy-sarif and sarif-fmt are already installed" - } + run: cargo install clippy-sarif sarif-fmt - name: Run rust-clippy run: | cargo clippy --all-features --message-format=json | clippy-sarif | tee rust-clippy-results.sarif | sarif-fmt From ea4306d05d06896d5b8a193f491f355f81d994da Mon Sep 17 00:00:00 2001 From: Nils <52573120+niStee@users.noreply.github.com> Date: Sat, 27 Jul 2024 19:22:40 +0200 Subject: [PATCH 09/16] Optimize GitHub Actions workflow by forcing installation of clippy-sarif and sarif-fmt --- .github/workflows/check_security_vulnerability.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/check_security_vulnerability.yml b/.github/workflows/check_security_vulnerability.yml index 774148c3..259e8e85 100644 --- a/.github/workflows/check_security_vulnerability.yml +++ b/.github/workflows/check_security_vulnerability.yml @@ -73,7 +73,7 @@ jobs: - name: Install Rust toolchain uses: dtolnay/rust-toolchain@stable - name: Install required cargo - run: cargo install clippy-sarif sarif-fmt + run: cargo install clippy-sarif sarif-fmt --force - name: Run rust-clippy run: | cargo clippy --all-features --message-format=json | clippy-sarif | tee rust-clippy-results.sarif | sarif-fmt From fa73af4023e7274bc9dffb306151a69093ccd599 Mon Sep 17 00:00:00 2001 From: Nils <52573120+niStee@users.noreply.github.com> Date: Sat, 27 Jul 2024 19:27:22 +0200 Subject: [PATCH 10/16] Optimize GitHub Actions workflow by updating codeql-action to v3 --- .github/workflows/check_security_vulnerability.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/check_security_vulnerability.yml b/.github/workflows/check_security_vulnerability.yml index 259e8e85..bd4a2a6a 100644 --- a/.github/workflows/check_security_vulnerability.yml +++ b/.github/workflows/check_security_vulnerability.yml @@ -79,7 +79,7 @@ jobs: cargo clippy --all-features --message-format=json | clippy-sarif | tee rust-clippy-results.sarif | sarif-fmt continue-on-error: true - name: Upload Clippy analysis results to GitHub - uses: github/codeql-action/upload-sarif@v1 + uses: github/codeql-action/upload-sarif@v3 with: sarif_file: rust-clippy-results.sarif wait-for-processing: true \ No newline at end of file From 71cd840a8ab6e121ec1c5dcdcb800ddac1580618 Mon Sep 17 00:00:00 2001 From: Nils <52573120+niStee@users.noreply.github.com> Date: Sat, 27 Jul 2024 19:35:29 +0200 Subject: [PATCH 11/16] Optimize insert_startup_scripts function for Windows The insert_startup_scripts function in the windows.rs file has been optimized to improve performance and readability. The unnecessary conversion of the path variable to a Path object has been removed, resulting in more efficient code execution. This change enhances the overall functionality of the function and ensures smoother operation on Windows systems. --- src/steps/os/windows.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/steps/os/windows.rs b/src/steps/os/windows.rs index 03c9a502..a5f32e8d 100644 --- a/src/steps/os/windows.rs +++ b/src/steps/os/windows.rs @@ -230,7 +230,7 @@ pub fn insert_startup_scripts(git_repos: &mut RepoStep) -> Result<()> { if let Ok(lnk) = parselnk::Lnk::try_from(Path::new(&path)) { debug!("Startup link: {:?}", lnk); if let Some(path) = lnk.relative_path() { - git_repos.insert_if_repo(&startup_dir.join(path)); + git_repos.insert_if_repo(startup_dir.join(path)); } } } From 78428bd611b1bbbd4c238ff5f4fde4f97759ca61 Mon Sep 17 00:00:00 2001 From: Nils <52573120+niStee@users.noreply.github.com> Date: Sun, 28 Jul 2024 01:41:43 +0200 Subject: [PATCH 12/16] Refactoring Shared Setup Adding OSV Scanner --- .../check_security_vulnerability.yml | 37 +++++++++---------- 1 file changed, 17 insertions(+), 20 deletions(-) diff --git a/.github/workflows/check_security_vulnerability.yml b/.github/workflows/check_security_vulnerability.yml index bd4a2a6a..9c283671 100644 --- a/.github/workflows/check_security_vulnerability.yml +++ b/.github/workflows/check_security_vulnerability.yml @@ -15,8 +15,13 @@ jobs: strategy: matrix: os: [ubuntu-latest, macos-latest, windows-latest] + permissions: + actions: read + contents: read + security-events: write outputs: checkout_ref: ${{ steps.checkout.outputs.ref }} + os: ${{ matrix.os }} steps: - name: Checkout code id: checkout @@ -25,14 +30,7 @@ jobs: devskim: name: DevSkim Security Scan needs: shared-setup - permissions: - actions: read - contents: read - security-events: write runs-on: ubuntu-latest - strategy: - matrix: - os: [ubuntu-latest, macos-latest, windows-latest] steps: - name: Checkout code uses: actions/checkout@v4 @@ -48,13 +46,7 @@ jobs: rust-clippy: name: Rust Clippy Analysis needs: shared-setup - permissions: - contents: read - security-events: write - runs-on: ${{ matrix.os }} - strategy: - matrix: - os: [ubuntu-latest, macos-latest, windows-latest] + runs-on: ${{ needs.shared-setup.outputs.os }} steps: - name: Checkout code uses: actions/checkout@v4 @@ -69,11 +61,11 @@ jobs: ~/.cargo/registry/cache/ ~/.cargo/git/db/ ~/.rustup/ - key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }} - - name: Install Rust toolchain - uses: dtolnay/rust-toolchain@stable - - name: Install required cargo - run: cargo install clippy-sarif sarif-fmt --force + key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}-${{ hashFiles('**/Cargo.toml') }}-${{ github.sha }} + - name: Install Rust toolchain and required cargo + run: | + rustup toolchain install stable + cargo install clippy-sarif sarif-fmt --force - name: Run rust-clippy run: | cargo clippy --all-features --message-format=json | clippy-sarif | tee rust-clippy-results.sarif | sarif-fmt @@ -82,4 +74,9 @@ jobs: uses: github/codeql-action/upload-sarif@v3 with: sarif_file: rust-clippy-results.sarif - wait-for-processing: true \ No newline at end of file + wait-for-processing: true + + osv-scanner: + name: OSV Scanner + needs: shared-setup + uses: "google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml@v1.8.2" \ No newline at end of file From 82a8f5ef78f82b15435496313904f33e154bad1f Mon Sep 17 00:00:00 2001 From: Nils <52573120+niStee@users.noreply.github.com> Date: Sat, 17 Aug 2024 15:48:08 +0200 Subject: [PATCH 13/16] chore: improve Windows Update step and add PSWindowsUpdate Module --- .github/workflows/check_security_vulnerability.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/check_security_vulnerability.yml b/.github/workflows/check_security_vulnerability.yml index 9c283671..7e4cd5d6 100644 --- a/.github/workflows/check_security_vulnerability.yml +++ b/.github/workflows/check_security_vulnerability.yml @@ -68,12 +68,12 @@ jobs: cargo install clippy-sarif sarif-fmt --force - name: Run rust-clippy run: | - cargo clippy --all-features --message-format=json | clippy-sarif | tee rust-clippy-results.sarif | sarif-fmt + cargo clippy --all-features --message-format=json | clippy-sarif | tee rust-clippy-results-${{ runner.os }}.sarif | sarif-fmt continue-on-error: true - name: Upload Clippy analysis results to GitHub uses: github/codeql-action/upload-sarif@v3 with: - sarif_file: rust-clippy-results.sarif + sarif_file: rust-clippy-results-${{ runner.os }}.sarif wait-for-processing: true osv-scanner: From 35299fb71a96c80bd22df52e816733030f279fec Mon Sep 17 00:00:00 2001 From: Nils <52573120+niStee@users.noreply.github.com> Date: Mon, 14 Oct 2024 09:20:52 +0200 Subject: [PATCH 14/16] Optimize GitHub Actions workflow for code quality and security --- .github/workflows/check_security_vulnerability.yml | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/.github/workflows/check_security_vulnerability.yml b/.github/workflows/check_security_vulnerability.yml index 7e4cd5d6..50c3a039 100644 --- a/.github/workflows/check_security_vulnerability.yml +++ b/.github/workflows/check_security_vulnerability.yml @@ -9,6 +9,7 @@ on: - cron: '0 0 * * 0' # Run every Sunday at 00:00 (midnight) jobs: + shared-setup: name: Shared Setup runs-on: ${{ matrix.os }} @@ -46,7 +47,10 @@ jobs: rust-clippy: name: Rust Clippy Analysis needs: shared-setup - runs-on: ${{ needs.shared-setup.outputs.os }} + runs-on: ${{ matrix.os }} + strategy: + matrix: + os: [ubuntu-latest, macos-latest, windows-latest] steps: - name: Checkout code uses: actions/checkout@v4 @@ -75,8 +79,8 @@ jobs: with: sarif_file: rust-clippy-results-${{ runner.os }}.sarif wait-for-processing: true - + osv-scanner: name: OSV Scanner needs: shared-setup - uses: "google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml@v1.8.2" \ No newline at end of file + uses: "google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml@v1.8.2" From e9ca0759613b2770624e5a297f87476740ab0397 Mon Sep 17 00:00:00 2001 From: Nils <52573120+niStee@users.noreply.github.com> Date: Mon, 14 Oct 2024 09:35:21 +0200 Subject: [PATCH 15/16] Optimize GitHub Actions workflow by adding DevSkim linting step --- .github/workflows/check_security_vulnerability.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/check_security_vulnerability.yml b/.github/workflows/check_security_vulnerability.yml index 50c3a039..7035be8f 100644 --- a/.github/workflows/check_security_vulnerability.yml +++ b/.github/workflows/check_security_vulnerability.yml @@ -10,6 +10,10 @@ on: jobs: + lint: + name: DevSkim + runs-on: ubuntu-latest + shared-setup: name: Shared Setup runs-on: ${{ matrix.os }} From 303f9b4f5a0b5a23267b2756577078d2b38ec52e Mon Sep 17 00:00:00 2001 From: Nils <52573120+niStee@users.noreply.github.com> Date: Mon, 14 Oct 2024 09:41:16 +0200 Subject: [PATCH 16/16] Revert "Optimize GitHub Actions workflow by adding DevSkim linting step" This reverts commit e9ca0759613b2770624e5a297f87476740ab0397. --- .github/workflows/check_security_vulnerability.yml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/.github/workflows/check_security_vulnerability.yml b/.github/workflows/check_security_vulnerability.yml index 7035be8f..50c3a039 100644 --- a/.github/workflows/check_security_vulnerability.yml +++ b/.github/workflows/check_security_vulnerability.yml @@ -10,10 +10,6 @@ on: jobs: - lint: - name: DevSkim - runs-on: ubuntu-latest - shared-setup: name: Shared Setup runs-on: ${{ matrix.os }}