NotificationsYou must be signed in to change notification settings
Fork914
Star10.1k

Commit675b3e9

committed

Merge remote-tracking branch 'origin/main' into 15843-queue-position

2 parentsb4ea4db +e27953d commit675b3e9Copy full SHA for 675b3e9

File tree

280 files changed

+9355

-2890

lines changed

.github/workflows
- ci.yaml
- contrib.yaml
- release.yaml
- scorecard.yml
- security.yaml
Makefile
agent
- agent.go
- agent_test.go
- agentcontainers
- agentrsa
  - key.go
  - key_test.go
- agentssh
- agenttest
  - client.go
- proto
- reconnectingpty
  - server.go
- usershell
buildinfo/resources
- .gitignore
- resources.go
cli
- agent.go
- dotfiles_test.go
- exp.go
- exp_errors.go
- exp_errors_test.go
- exp_prompts.go
- exp_rpty.go
- exp_rpty_test.go
- gitauth
  - vscode.go
- ping.go
- ping_test.go
- provisioners.go
- root.go
- server.go
- server_test.go
- ssh.go
- ssh_test.go
- testdata
cmd/coder
- main.go
coderd
- agentapi
  - api.go
  - audit.go
  - audit_test.go
- apidoc
  - docs.go
  - swagger.json
- audit
  - request.go
- audit.go
- coderd.go
- coderdtest/oidctest
  - idp.go
- cryptokeys
  - rotate.go
- database
  - db.go
  - db2sdk
    - db2sdk.go
  - dbauthz
  - dbfake
    - dbfake.go
  - dbmem
    - dbmem.go
  - dbmetrics
    - querymetrics.go
  - dbmock
    - dbmock.go
  - dbpurge
    - dbpurge.go
  - dump.sql
  - migrations
    - 000296_organization_soft_delete.down.sql
    - 000296_organization_soft_delete.up.sql
  - modelmethods.go
  - models.go
  - querier.go
  - querier_test.go
  - queries
  - queries.sql.go
  - unique_constraint.go
- entitlements
  - entitlements.go
- httpapi
  - httpapi.go
- httpmw
  - oauth2.go
  - organizationparam.go
- idpsync
  - organization.go
- members.go
- metricscache
  - metricscache.go
  - metricscache_test.go
- notifications.go
- presets.go
- presets_test.go
- provisionerdaemons_test.go
- provisionerdserver
  - provisionerdserver.go
  - provisionerdserver_test.go
- rbac
  - object_gen.go
  - policy
    - policy.go
  - roles.go
  - roles_test.go
- searchquery
  - search.go
- telemetry
  - telemetry.go
- templateversions_test.go
- userauth.go
- userauth_test.go
- users.go
- workspaceagents.go
- workspaceagents_test.go
- workspaceagentsrpc.go
- workspaceapps
  - proxy.go
- workspacebuilds_test.go
- workspaceresourceauth_test.go
- workspaces_test.go
- wsbuilder
  - wsbuilder.go
codersdk
- agentsdk
  - agentsdk.go
  - convert.go
- deployment.go
- licenses.go
- notifications.go
- oauth2.go
- provisionerdaemons.go
- rbacresources_gen.go
- rbacroles.go
- users.go
- workspacesdk
  - agentconn.go
  - workspacesdk.go
docs
- CONTRIBUTING.md
- about
  - feature-stages.md
- admin
  - integrations
    - kubernetes-logs.md
    - prometheus.md
  - monitoring/notifications
    - index.md
  - security
    - audit-logs.md
- changelogs
  - v0.26.0.md
  - v2.9.0.md
- contributing
  - feature-stages.md
- images/screenshots
  - welcome-create-admin-user.png
- install
  - kubernetes.md
  - releases.md
- manifest.json
- reference
  - api
  - cli
- tutorials
  - quickstart.md
dogfood/contents
- Dockerfile
- main.tf
enterprise
- audit
  - table.go
- cli
  - provisionerdaemonstart.go
  - testdata
    - coder_provisioner_list_--help.golden
    - coder_server_--help.golden
- cmd/coder
  - main.go
- coderd
go.mod
go.sum
provisioner
- appslug.go
- appslug_test.go
- regexes.go
- regexes_test.go
- terraform
provisionerd
- provisionerd.go
provisionersdk
- serve.go
scripts
- build_go.sh
- release
  - docs_update_experiments.sh
- testidp
  - main.go
site
- e2e
- site.go
- src
  - api
    - api.ts
    - errors.ts
    - queries
      - oauth2.ts
    - rbacresourcesGenerated.ts
    - typesGenerated.ts
  - components
    - Alert
      - ErrorAlert.tsx
    - CollapsibleSummary
      - CollapsibleSummary.stories.tsx
      - CollapsibleSummary.tsx
    - FeatureStageBadge
      - FeatureStageBadge.tsx
    - Filter
      - storyHelpers.ts
    - GitDeviceAuth
      - GitDeviceAuth.tsx
    - Input
      - Input.tsx
  - contexts/auth
    - RequirePermission.tsx
  - modules
    - dashboard/LicenseBanner
      - LicenseBannerView.tsx
    - management
    - provisioners
    - resources/AppLink
      - AppLink.tsx
      - BaseIcon.tsx
  - pages
    - AuditPage
      - AuditLogRow
        AuditLogDescription
        AuditLogDescription.tsx
        AuditLogRow.stories.tsx
        AuditLogRow.tsx
      - AuditPage.tsx
    - CreateTemplateGalleryPage
    - CreateTemplatePage
    - CreateUserPage
    - CreateWorkspacePage
      - CreateWorkspacePageView.tsx
    - DeploymentSettingsPage/NotificationsPage
    - ExternalAuthPage
      - ExternalAuthPageView.tsx
    - LoginOAuthDevicePage
      - LoginOAuthDevicePage.tsx
      - LoginOAuthDevicePageView.tsx
    - LoginPage
      - SignInForm.stories.tsx
    - OrganizationSettingsPage
    - SetupPage
    - TemplateVersionEditorPage
    - TemplatesPage
    - UsersPage/storybookData
      - roles.ts
    - WorkspacePage
      - Workspace.stories.tsx
      - WorkspaceBuildProgress.tsx
    - WorkspaceSettingsPage/WorkspaceSchedulePage
      - WorkspaceSchedulePage.test.tsx
      - WorkspaceSchedulePage.tsx
  - router.tsx
  - testHelpers
    - entities.ts
  - utils
    - formUtils.ts
tailnet
- controllers.go
- proto
  - tailnet_drpc_old.go
  - version.go
vpn
- tun_windows.go

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

280 files changed

+9355

-2890

lines changed

`‎.github/workflows/ci.yaml`

Lines changed: 59 additions & 10 deletions

Original file line number	Diff line number	Diff line change
`@@ -178,7 +178,7 @@ jobs:`
`178`	`178`	`echo "LINT_CACHE_DIR=$dir" >> $GITHUB_ENV`
`179`	`179`
`180`	`180`	`-name:golangci-lint cache`
`181`		`-uses:actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57# v4.2.0`
	`181`	`+uses:actions/cache@0c907a75c2c80ebcb7f088228285e798b750cf8f# v4.2.1`
`182`	`182`	`with:`
`183`	`183`	`path:\|`
`184`	`184`	`${{ env.LINT_CACHE_DIR }}`
`@@ -188,7 +188,7 @@ jobs:`
`188`	`188`
`189`	`189`	`# Check for any typos`
`190`	`190`	`-name:Check for typos`
`191`		`-uses:crate-ci/typos@51f257b946f503b768e522781f56e9b7b5570d48# v1.29.7`
	`191`	`+uses:crate-ci/typos@212923e4ff05b7fc2294a204405eec047b807138# v1.29.9`
`192`	`192`	`with:`
`193`	`193`	`config:.github/workflows/typos.toml`
`194`	`194`
`@@ -201,7 +201,7 @@ jobs:`
`201`	`201`
`202`	`202`	`# Needed for helm chart linting`
`203`	`203`	`-name:Install helm`
`204`		`-uses:azure/setup-helm@fe7b79cd5ee1e45176fcad797de68ecaf3ca4814# v4.2.0`
	`204`	`+uses:azure/setup-helm@b9e51907a09c216f16ebe8536097933489208112# v4.3.0`
`205`	`205`	`with:`
`206`	`206`	`version:v3.9.2`
`207`	`207`
`@@ -733,15 +733,15 @@ jobs:`
`733`	`733`
`734`	`734`	`-name:Upload Playwright Failed Tests`
`735`	`735`	`if:always() && github.actor != 'dependabot[bot]' && runner.os == 'Linux' && !github.event.pull_request.head.repo.fork`
`736`		`-uses:actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08# v4.6.0`
	`736`	`+uses:actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1# v4.6.1`
`737`	`737`	`with:`
`738`	`738`	`name:failed-test-videos${{ matrix.variant.premium && '-premium' \|\| '' }}`
`739`	`739`	`path:./site/test-results/*/.webm`
`740`	`740`	`retention-days:7`
`741`	`741`
`742`	`742`	`-name:Upload pprof dumps`
`743`	`743`	`if:always() && github.actor != 'dependabot[bot]' && runner.os == 'Linux' && !github.event.pull_request.head.repo.fork`
`744`		`-uses:actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08# v4.6.0`
	`744`	`+uses:actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1# v4.6.1`
`745`	`745`	`with:`
`746`	`746`	`name:debug-pprof-dumps${{ matrix.variant.premium && '-premium' \|\| '' }}`
`747`	`747`	`path:./site/test-results/*/debug-pprof-.txt`
`@@ -1000,7 +1000,7 @@ jobs:`
`1000`	`1000`
`1001`	`1001`	`-name:Upload build artifacts`
`1002`	`1002`	`if:${{ github.repository_owner == 'coder' && github.ref == 'refs/heads/main' }}`
`1003`		`-uses:actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08# v4.6.0`
	`1003`	`+uses:actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1# v4.6.1`
`1004`	`1004`	`with:`
`1005`	`1005`	`name:dylibs`
`1006`	`1006`	`path:\|`
`@@ -1021,7 +1021,10 @@ jobs:`
`1021`	`1021`	`if:github.ref == 'refs/heads/main' && needs.changes.outputs.docs-only == 'false' && !github.event.pull_request.head.repo.fork`
`1022`	`1022`	`runs-on:${{ github.repository_owner == 'coder' && 'depot-ubuntu-22.04-8' \|\| 'ubuntu-22.04' }}`
`1023`	`1023`	`permissions:`
`1024`		`-packages:write# Needed to push images to ghcr.io`
	`1024`	`+# Necessary to push docker images to ghcr.io.`
	`1025`	`+packages:write`
	`1026`	`+# Necessary for GCP authentication (https://github.com/google-github-actions/setup-gcloud#usage)`
	`1027`	`+id-token:write`
`1025`	`1028`	`env:`
`1026`	`1029`	`DOCKER_CLI_EXPERIMENTAL:"enabled"`
`1027`	`1030`	`outputs:`
`@@ -1050,12 +1053,44 @@ jobs:`
`1050`	`1053`	`-name:Setup Go`
`1051`	`1054`	`uses:./.github/actions/setup-go`
`1052`	`1055`
	`1056`	`+# Necessary for signing Windows binaries.`
	`1057`	`+ -name:Setup Java`
	`1058`	`+uses:actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12# v4.7.0`
	`1059`	`+with:`
	`1060`	`+distribution:"zulu"`
	`1061`	`+java-version:"11.0"`
	`1062`	`+`
	`1063`	`+ -name:Install go-winres`
	`1064`	`+run:go install github.com/tc-hib/go-winres@d743268d7ea168077ddd443c4240562d4f5e8c3e# v0.3.3`
	`1065`	`+`
`1053`	`1066`	`-name:Install nfpm`
`1054`	`1067`	`run:go install github.com/goreleaser/nfpm/v2/cmd/nfpm@v2.35.1`
`1055`	`1068`
`1056`	`1069`	`-name:Install zstd`
`1057`	`1070`	`run:sudo apt-get install -y zstd`
`1058`	`1071`
	`1072`	`+ -name:Setup Windows EV Signing Certificate`
	`1073`	`+run:\|`
	`1074`	`+ set -euo pipefail`
	`1075`	`+ touch /tmp/ev_cert.pem`
	`1076`	`+ chmod 600 /tmp/ev_cert.pem`
	`1077`	`+ echo "$EV_SIGNING_CERT" > /tmp/ev_cert.pem`
	`1078`	`+ wget https://github.com/ebourg/jsign/releases/download/6.0/jsign-6.0.jar -O /tmp/jsign-6.0.jar`
	`1079`	`+env:`
	`1080`	`+EV_SIGNING_CERT:${{ secrets.EV_SIGNING_CERT }}`
	`1081`	`+`
	`1082`	`+# Setup GCloud for signing Windows binaries.`
	`1083`	`+ -name:Authenticate to Google Cloud`
	`1084`	`+id:gcloud_auth`
	`1085`	`+uses:google-github-actions/auth@71f986410dfbc7added4569d411d040a91dc6935# v2.1.8`
	`1086`	`+with:`
	`1087`	`+workload_identity_provider:${{ secrets.GCP_CODE_SIGNING_WORKLOAD_ID_PROVIDER }}`
	`1088`	`+service_account:${{ secrets.GCP_CODE_SIGNING_SERVICE_ACCOUNT }}`
	`1089`	`+token_format:"access_token"`
	`1090`	`+`
	`1091`	`+ -name:Setup GCloud SDK`
	`1092`	`+uses:google-github-actions/setup-gcloud@77e7a554d41e2ee56fc945c52dfd3f33d12def9a# v2.1.4`
	`1093`	`+`
`1059`	`1094`	`-name:Download dylibs`
`1060`	`1095`	`uses:actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16# v4.1.8`
`1061`	`1096`	`with:`
`@@ -1082,6 +1117,18 @@ jobs:`
`1082`	`1117`	`build/coder_linux_{amd64,arm64,armv7} \`
`1083`	`1118`	`build/coder_"$version"_windows_amd64.zip \`
`1084`	`1119`	`build/coder_"$version"_linux_amd64.{tar.gz,deb}`
	`1120`	`+env:`
	`1121`	`+# The Windows slim binary must be signed for Coder Desktop to accept`
	`1122`	`+# it. The darwin executables don't need to be signed, but the dylibs`
	`1123`	`+# do (see above).`
	`1124`	`+CODER_SIGN_WINDOWS:"1"`
	`1125`	`+CODER_WINDOWS_RESOURCES:"1"`
	`1126`	`+EV_KEY:${{ secrets.EV_KEY }}`
	`1127`	`+EV_KEYSTORE:${{ secrets.EV_KEYSTORE }}`
	`1128`	`+EV_TSA_URL:${{ secrets.EV_TSA_URL }}`
	`1129`	`+EV_CERTIFICATE_PATH:/tmp/ev_cert.pem`
	`1130`	`+GCLOUD_ACCESS_TOKEN:${{ steps.gcloud_auth.outputs.access_token }}`
	`1131`	`+JSIGN_PATH:/tmp/jsign-6.0.jar`
`1085`	`1132`
`1086`	`1133`	`-name:Build Linux Docker images`
`1087`	`1134`	`id:build-docker`
`@@ -1140,7 +1187,7 @@ jobs:`
`1140`	`1187`
`1141`	`1188`	`-name:Upload build artifacts`
`1142`	`1189`	`if:github.ref == 'refs/heads/main'`
`1143`		`-uses:actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08# v4.6.0`
	`1190`	`+uses:actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1# v4.6.1`
`1144`	`1191`	`with:`
`1145`	`1192`	`name:coder`
`1146`	`1193`	`path:\|`
`@@ -1183,10 +1230,10 @@ jobs:`
`1183`	`1230`	`uses:google-github-actions/setup-gcloud@77e7a554d41e2ee56fc945c52dfd3f33d12def9a# v2.1.4`
`1184`	`1231`
`1185`	`1232`	`-name:Set up Flux CLI`
`1186`		`-uses:fluxcd/flux2/action@5350425cdcd5fa015337e09fa502153c0275bd4b# v2.4.0`
	`1233`	`+uses:fluxcd/flux2/action@8d5f40dca5aa5d3c0fc3414457dda15a0ac92fa4# v2.5.1`
`1187`	`1234`	`with:`
`1188`	`1235`	`# Keep this and the github action up to date with the version of flux installed in dogfood cluster`
`1189`		`-version:"2.2.1"`
	`1236`	`+version:"2.5.1"`
`1190`	`1237`
`1191`	`1238`	`-name:Get Cluster Credentials`
`1192`	`1239`	`uses:google-github-actions/get-gke-credentials@7a108e64ed8546fe38316b4086e91da13f4785e1# v2.3.1`
`@@ -1219,6 +1266,8 @@ jobs:`
`1219`	`1266`	`kubectl --namespace coder rollout status deployment/coder`
`1220`	`1267`	`kubectl --namespace coder rollout restart deployment/coder-provisioner`
`1221`	`1268`	`kubectl --namespace coder rollout status deployment/coder-provisioner`
	`1269`	`+ kubectl --namespace coder rollout restart deployment/coder-provisioner-tagged`
	`1270`	`+ kubectl --namespace coder rollout status deployment/coder-provisioner-tagged`
`1222`	`1271`
`1223`	`1272`	`deploy-wsproxies:`
`1224`	`1273`	`runs-on:ubuntu-latest`

`‎.github/workflows/contrib.yaml`

Lines changed: 1 addition & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -84,7 +84,7 @@ jobs:`
`84`	`84`	`repo: context.repo.repo,`
`85`	`85`	`}`
`86`	`86`
`87`		`- if (action === "opened" \|\| action === "reopened") {`
	`87`	`+ if (action === "opened" \|\| action === "reopened" \|\| action === "ready_for_review") {`
`88`	`88`	`if (isBreakingTitle && !labels.includes(releaseLabels.breaking)) {`
`89`	`89`	`console.log('Add "%s" label', releaseLabels.breaking)`
`90`	`90`	`await github.rest.issues.addLabels({`

`‎.github/workflows/release.yaml`

Lines changed: 18 additions & 14 deletions

Original file line number	Diff line number	Diff line change
`@@ -101,7 +101,7 @@ jobs:`
`101`	`101`	`AC_CERTIFICATE_PASSWORD_FILE:/tmp/apple_cert_password.txt`
`102`	`102`
`103`	`103`	`-name:Upload build artifacts`
`104`		`-uses:actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08# v4.6.0`
	`104`	`+uses:actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1# v4.6.1`
`105`	`105`	`with:`
`106`	`106`	`name:dylibs`
`107`	`107`	`path:\|`
`@@ -223,21 +223,12 @@ jobs:`
`223`	`223`	`distribution:"zulu"`
`224`	`224`	`java-version:"11.0"`
`225`	`225`
	`226`	`+ -name:Install go-winres`
	`227`	`+run:go install github.com/tc-hib/go-winres@d743268d7ea168077ddd443c4240562d4f5e8c3e# v0.3.3`
	`228`	`+`
`226`	`229`	`-name:Install nsis and zstd`
`227`	`230`	`run:sudo apt-get install -y nsis zstd`
`228`	`231`
`229`		`- -name:Download dylibs`
`230`		`-uses:actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16# v4.1.8`
`231`		`-with:`
`232`		`-name:dylibs`
`233`		`-path:./build`
`234`		`-`
`235`		`- -name:Insert dylibs`
`236`		`-run:\|`
`237`		`- mv ./build/*amd64.dylib ./site/out/bin/coder-vpn-darwin-amd64.dylib`
`238`		`- mv ./build/*arm64.dylib ./site/out/bin/coder-vpn-darwin-arm64.dylib`
`239`		`- mv ./build/*arm64.h ./site/out/bin/coder-vpn-darwin-dylib.h`
`240`		`-`
`241`	`232`	`-name:Install nfpm`
`242`	`233`	`run:\|`
`243`	`234`	`set -euo pipefail`
`@@ -294,6 +285,18 @@ jobs:`
`294`	`285`	`-name:Setup GCloud SDK`
`295`	`286`	`uses:google-github-actions/setup-gcloud@77e7a554d41e2ee56fc945c52dfd3f33d12def9a# v2.1.4`
`296`	`287`
	`288`	`+ -name:Download dylibs`
	`289`	`+uses:actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16# v4.1.8`
	`290`	`+with:`
	`291`	`+name:dylibs`
	`292`	`+path:./build`
	`293`	`+`
	`294`	`+ -name:Insert dylibs`
	`295`	`+run:\|`
	`296`	`+ mv ./build/*amd64.dylib ./site/out/bin/coder-vpn-darwin-amd64.dylib`
	`297`	`+ mv ./build/*arm64.dylib ./site/out/bin/coder-vpn-darwin-arm64.dylib`
	`298`	`+ mv ./build/*arm64.h ./site/out/bin/coder-vpn-darwin-dylib.h`
	`299`	`+`
`297`	`300`	`-name:Build binaries`
`298`	`301`	`run:\|`
`299`	`302`	`set -euo pipefail`
`@@ -310,6 +313,7 @@ jobs:`
`310`	`313`	`env:`
`311`	`314`	`CODER_SIGN_WINDOWS:"1"`
`312`	`315`	`CODER_SIGN_DARWIN:"1"`
	`316`	`+CODER_WINDOWS_RESOURCES:"1"`
`313`	`317`	`AC_CERTIFICATE_FILE:/tmp/apple_cert.p12`
`314`	`318`	`AC_CERTIFICATE_PASSWORD_FILE:/tmp/apple_cert_password.txt`
`315`	`319`	`AC_APIKEY_ISSUER_ID:${{ secrets.AC_APIKEY_ISSUER_ID }}`
`@@ -485,7 +489,7 @@ jobs:`
`485`	`489`
`486`	`490`	`-name:Upload artifacts to actions (if dry-run)`
`487`	`491`	`if:${{ inputs.dry_run }}`
`488`		`-uses:actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08# v4.6.0`
	`492`	`+uses:actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1# v4.6.1`
`489`	`493`	`with:`
`490`	`494`	`name:release-artifacts`
`491`	`495`	`path:\|`

`‎.github/workflows/scorecard.yml`

Lines changed: 3 additions & 3 deletions

Original file line number	Diff line number	Diff line change
`@@ -30,7 +30,7 @@ jobs:`
`30`	`30`	`persist-credentials:false`
`31`	`31`
`32`	`32`	`-name:"Run analysis"`
`33`		`-uses:ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46# v2.4.0`
	`33`	`+uses:ossf/scorecard-action@f49aabe0b5af0936a0987cfb85d86b75731b0186# v2.4.1`
`34`	`34`	`with:`
`35`	`35`	`results_file:results.sarif`
`36`	`36`	`results_format:sarif`
`@@ -39,14 +39,14 @@ jobs:`
`39`	`39`
`40`	`40`	`# Upload the results as artifacts.`
`41`	`41`	`-name:"Upload artifact"`
`42`		`-uses:actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08# v4.6.0`
	`42`	`+uses:actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1# v4.6.1`
`43`	`43`	`with:`
`44`	`44`	`name:SARIF file`
`45`	`45`	`path:results.sarif`
`46`	`46`	`retention-days:5`
`47`	`47`
`48`	`48`	`# Upload the results to GitHub's code scanning dashboard.`
`49`	`49`	`-name:"Upload to code-scanning"`
`50`		`-uses:github/codeql-action/upload-sarif@9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0# v3.28.9`
	`50`	`+uses:github/codeql-action/upload-sarif@b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d# v3.28.10`
`51`	`51`	`with:`
`52`	`52`	`sarif_file:results.sarif`

`‎.github/workflows/security.yaml`

Lines changed: 4 additions & 4 deletions

Original file line number	Diff line number	Diff line change
`@@ -38,7 +38,7 @@ jobs:`
`38`	`38`	`uses:./.github/actions/setup-go`
`39`	`39`
`40`	`40`	`-name:Initialize CodeQL`
`41`		`-uses:github/codeql-action/init@9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0# v3.28.9`
	`41`	`+uses:github/codeql-action/init@b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d# v3.28.10`
`42`	`42`	`with:`
`43`	`43`	`languages:go, javascript`
`44`	`44`
`@@ -48,7 +48,7 @@ jobs:`
`48`	`48`	`rm Makefile`
`49`	`49`
`50`	`50`	`-name:Perform CodeQL Analysis`
`51`		`-uses:github/codeql-action/analyze@9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0# v3.28.9`
	`51`	`+uses:github/codeql-action/analyze@b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d# v3.28.10`
`52`	`52`
`53`	`53`	`-name:Send Slack notification on failure`
`54`	`54`	`if:${{ failure() }}`
`@@ -144,13 +144,13 @@ jobs:`
`144`	`144`	`severity:"CRITICAL,HIGH"`
`145`	`145`
`146`	`146`	`-name:Upload Trivy scan results to GitHub Security tab`
`147`		`-uses:github/codeql-action/upload-sarif@9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0# v3.28.9`
	`147`	`+uses:github/codeql-action/upload-sarif@b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d# v3.28.10`
`148`	`148`	`with:`
`149`	`149`	`sarif_file:trivy-results.sarif`
`150`	`150`	`category:"Trivy"`
`151`	`151`
`152`	`152`	`-name:Upload Trivy scan results as an artifact`
`153`		`-uses:actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08# v4.6.0`
	`153`	`+uses:actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1# v4.6.1`
`154`	`154`	`with:`
`155`	`155`	`name:trivy`
`156`	`156`	`path:trivy-results.sarif`

`‎Makefile`

Lines changed: 1 addition & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -116,7 +116,7 @@ endif`
`116`	`116`
`117`	`117`	`clean:`
`118`	`118`	`rm -rf build/ site/build/ site/out/`
`119`		`-mkdir -p build/ site/out/bin/`
	`119`	`+mkdir -p build/`
`120`	`120`	`git restore site/out/`
`121`	`121`	`.PHONY: clean`
`122`	`122`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit675b3e9

File tree

280 files changed

Some content is hidden

280 files changed

`‎.github/workflows/ci.yaml`

`‎.github/workflows/contrib.yaml`

`‎.github/workflows/release.yaml`

`‎.github/workflows/scorecard.yml`

`‎.github/workflows/security.yaml`

`‎Makefile`

0 commit comments