Create hawksnan.yml

[reisene]

Podsumowanie przez Sourcery

CI:

• Dodano nowy workflow GitHub Actions o nazwie 'HawkScan' do uruchamiania skanów bezpieczeństwa podczas zdarzeń push i pull request przy użyciu narzędzia HawkScan.

Original summary in English

Summary by Sourcery

CI:

• Add a new GitHub Actions workflow named 'HawkScan' to run security scans on push and pull request events using the HawkScan tool.

[aviator-app]

Aviator Changeset actions:

• View Changeset dashboard - Open Changeset Dashboard on Aviator

[semanticdiff-com]

Review changes with  

[aviator-app]

Current Aviator status

Aviator will automatically update this comment as the status of the PR changes.
Comment /aviator refresh to force Aviator to re-examine your PR (or learn about other /aviator commands).

This PR was merged using Aviator.

---

See the real-time status of this PR on the Aviator webapp.

Use the Aviator Chrome Extension to see the status of your PR within GitHub.

[naming-conventions-bot]

Please follow naming conventions! 😿

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
hulaj-dusza-serwis	❌ Failed (Inspect)			Jan 13, 2025 6:11pm

[github-actions]

Click here to review and test in web IDE:

[sourcery-ai]

Przewodnik Recenzenta przez Sourcery

Ten pull request wprowadza nowy przepływ pracy GitHub Actions o nazwie 'HawkScan' do automatyzacji skanowania bezpieczeństwa przy użyciu StackHawk. Przepływ pracy jest skonfigurowany do uruchamiania podczas zdarzeń push i pull request, wykorzystując akcję 'stackhawk/hawkscan-action' do przeprowadzenia skanów. Niezbędny klucz API jest bezpiecznie pobierany z sekretów GitHub.

Diagram sekwencji wykonania przepływu pracy HawkScan

sequenceDiagram
    participant G as GitHub
    participant W as Workflow Runner
    participant H as HawkScan

    Note over G,H: Triggered on push or pull request

    G->>W: Trigger workflow
    W->>W: Checkout repository
    W->>H: Initialize HawkScan
    W->>H: Pass API key from secrets
    H->>H: Perform security scan
    H->>W: Return scan results
    W->>G: Update workflow status

Loading

Zmiany na poziomie plików

Zmiana	Szczegóły	Pliki
Dodano nowy przepływ pracy GitHub Actions dla HawkScan.	Utworzono nowy plik YAML dla konfiguracji przepływu pracy. Skonfigurowano przepływ pracy do uruchamiania podczas zdarzeń push i pull request. Zdefiniowano zadanie o nazwie 'hawkscan' uruchamiane na 'ubuntu-latest'. Dołączono kroki do klonowania repozytorium i uruchamiania HawkScan przy użyciu stackhawk/hawkscan-action. Skonfigurowano akcję HawkScan do używania klucza API z sekretów.	.github/workflows/hawksnan.yml

---

Porady i polecenia

Interakcja z Sourcery

• Zainicjuj nową recenzję: Skomentuj @sourcery-ai review w pull requeście.
• Kontynuuj dyskusje: Odpowiedz bezpośrednio na komentarze recenzji Sourcery.
• Wygeneruj issue GitHub z komentarza recenzji: Poproś Sourcery o utworzenie issue z komentarza recenzji, odpowiadając na niego.
• Wygeneruj tytuł pull requesta: Napisz @sourcery-ai w dowolnym miejscu tytułu pull requesta, aby wygenerować tytuł w dowolnym momencie.
• Wygeneruj podsumowanie pull requesta: Napisz @sourcery-ai summary w dowolnym miejscu treści pull requesta, aby wygenerować podsumowanie PR w dowolnym momencie. Możesz również użyć tego polecenia, aby określić, gdzie podsumowanie ma zostać wstawione.

Dostosowywanie Twojego doświadczenia

Uzyskaj dostęp do pulpitu nawigacyjnego, aby:

• Włączyć lub wyłączyć funkcje recenzji, takie jak podsumowanie pull requesta generowane przez Sourcery, przewodnik recenzenta i inne.
• Zmienić język recenzji.
• Dodawać, usuwać lub edytować niestandardowe instrukcje recenzji.
• Dostosować inne ustawienia recenzji.

Uzyskiwanie pomocy

• Skontaktuj się z naszym zespołem wsparcia w razie pytań lub opinii.
• Odwiedź naszą dokumentację w celu uzyskania szczegółowych przewodników i informacji.
• Bądź w kontakcie z zespołem Sourcery, śledząc nas na X/Twitter, LinkedIn lub GitHub.

Original review guide in English

Reviewer's Guide by Sourcery

This pull request introduces a new GitHub Actions workflow named 'HawkScan' to automate security scanning using StackHawk. The workflow is configured to run on both push and pull request events, and it utilizes the 'stackhawk/hawkscan-action' to perform the scans. The necessary API key is securely accessed from GitHub secrets.

Sequence diagram for HawkScan workflow execution

sequenceDiagram
    participant G as GitHub
    participant W as Workflow Runner
    participant H as HawkScan

    Note over G,H: Triggered on push or pull request

    G->>W: Trigger workflow
    W->>W: Checkout repository
    W->>H: Initialize HawkScan
    W->>H: Pass API key from secrets
    H->>H: Perform security scan
    H->>W: Return scan results
    W->>G: Update workflow status

Loading

File-Level Changes

Change	Details	Files
Added a new GitHub Actions workflow for HawkScan.	Created a new YAML file for the workflow configuration. Configured the workflow to trigger on push and pull request events. Defined a job named 'hawkscan' that runs on 'ubuntu-latest'. Included steps to clone the repository and run HawkScan using the stackhawk/hawkscan-action. Configured the HawkScan action to use an API key from secrets.	.github/workflows/hawksnan.yml

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time. You can also use
  this command to specify where the summary should be inserted.

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[github-actions]

Code review by ChatGPT

[aviator-app]

This pull request can't be queued because it's currently a draft.

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package	Version	Score	Details
actions/actions/checkout	2.*.*	🟢 6.7	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Maintained 🟢 4 5 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 4 Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ -1 no releases found Security-Policy 🟢 9 security policy file detected Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging 🟢 10 packaging workflow detected SAST 🟢 9 SAST tool detected but not run on all commits Vulnerabilities 🟢 8 2 existing vulnerabilities detected
actions/stackhawk/hawkscan-action	2.*.*	🟢 4.5	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained ⚠️ 0 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 Binary-Artifacts 🟢 10 no binaries found in the repo Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Security-Policy ⚠️ 0 security policy file not detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities 🟢 7 3 existing vulnerabilities detected

Scanned Files

• .github/workflows/hawkscan.yml

[deepsource-io]

Here's the code health analysis summary for commits 8d48140..82295df. View details on DeepSource ↗.

Analysis Summary

Analyzer	Status	Summary	Link
JavaScript	✅ Success		View Check ↗
PHP	✅ Success		View Check ↗
Test coverage	⚠️ Artifact not reported	Timed out: Artifact was never reported	View Check ↗

---

💡 If you’re a repository administrator, you can configure the quality gates from the settings.

[mergify]

Merge Protections

Your pull request matches the following merge protections and will not be merged until they are valid.

🟢 Do not merge outdated PRs

Wonderful, this rule succeeded.

Make sure PRs are almost up to date before merging

• #commits-behind <= 10

[github-actions]

Code review by ChatGPT

[aviator-app]

This pull request can't be queued because it's currently a draft.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[aviator-app]

Skipping bot pull request creation because the queue is empty and this pull request is up to date with main.