Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #40 from p2p-org/security-workflow-sast
[Security][Workflow]: Include SAST
- Loading branch information
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,14 @@ | ||
| name: Security Testing | ||
|
|
||
| on: | ||
| workflow_dispatch: | ||
| pull_request: | ||
| types: [ opened, synchronize ] | ||
|
|
||
| jobs: | ||
| sast: | ||
| uses: p2p-org/security-workflows/.github/workflows/sast.yaml@main | ||
|
Check failure on line 10 in .github/workflows/security.yaml
|
||
| secrets: inherit | ||
| sca: | ||
| uses: p2p-org/security-workflows/.github/workflows/sca.yaml@main | ||
|
Check failure on line 13 in .github/workflows/security.yaml
|
||
| secrets: inherit | ||
ca9ce65There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@check-spelling-bot Report
🔴 Please review
See the 📜action log or 📝 job summary for details.
Unrecognized words (4)
cancun
sast
sca
yaml
Previously acknowledged words that are now absent
aae aaf ada adaefbe aecded aefb afdcab afe Bbbd bfbe BFF cafec cbb cdd cfe dcc dcdd dda DEAE debd deca ded ecca EFBA fca fccdea Fcd fdf fea fffebe hex'a hex'adfdd hex'b 🫥To accept these unrecognized words as correct and remove the previously acknowledged and now absent words, you could run the following commands
... in a clone of the git@github.com:p2p-org/eth-staking-fee-distributor-contracts.git repository
on the
masterbranch (ℹ️ how do I use this?):Available 📚 dictionaries could cover words (expected and unrecognized) not in the 📘 dictionary
This includes both expected items (76) from .github/actions/spelling/expect.txt and unrecognized words (4)
Consider adding them (in
.github/workflows/spelling.yml) foruses: check-spelling/check-spelling@mainin itswith:To stop checking additional dictionaries, add (in
.github/workflows/spelling.yml) foruses: check-spelling/check-spelling@mainin itswith:If the flagged items are false positives
If items relate to a ...
binary file (or some other file you wouldn't want to check at all).
Please add a file path to the
excludes.txtfile matching the containing file.File paths are Perl 5 Regular Expressions - you can test yours before committing to verify it will match your files.
^refers to the file's path from the root of the repository, so^README\.md$would exclude README.md (on whichever branch you're using).well-formed pattern.
If you can write a pattern that would match it,
try adding it to the
patterns.txtfile.Patterns are Perl 5 Regular Expressions - you can test yours before committing to verify it will match your lines.
Note that patterns can't match multiline strings.