Compare commits
38 Commits
dependabot
...
main
| Author | SHA1 | Date | |
|---|---|---|---|
| 6053179f25 | |||
| 2f95e39f0a | |||
| 404856622f | |||
| d08b9b3721 | |||
| 53c3464104 | |||
| 27732e3033 | |||
| 62d38422f7 | |||
| d09083de8b | |||
| 32fd6a3154 | |||
| 496c85f625 | |||
| 0dd6249fc2 | |||
| 2cda367152 | |||
| 87060c4340 | |||
| d17deb57e4 | |||
| c7a22cfe3e | |||
| e4977f9960 | |||
| 92211502e2 | |||
| 48e28bb2a0 | |||
| 917886a208 | |||
| 521a0d7885 | |||
| 5e8a701f64 | |||
| 8c1d8b0274 | |||
| f0ded5b4b6 | |||
| ce26bc1b69 | |||
| 2909de8763 | |||
| e7a45eaa50 | |||
| cd9e5d2e11 | |||
| 244db1c207 | |||
| 7f0ffc0674 | |||
| d1ed394a9f | |||
| af75c75332 | |||
| 5faf125fe7 | |||
| 7e2d250f1a | |||
| e66e062370 | |||
| b823a75886 | |||
| 60f0f542d4 | |||
| cc860b15ee | |||
| 645c5f7bff |
68
.gitea/workflows/codeant.yml
Normal file
68
.gitea/workflows/codeant.yml
Normal file
@@ -0,0 +1,68 @@
|
||||
name: Codeant Security Scan
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: ["main"]
|
||||
pull_request:
|
||||
branches: ["main"]
|
||||
schedule:
|
||||
- cron: "0 0 * * *"
|
||||
workflow_dispatch:
|
||||
|
||||
jobs:
|
||||
codeant-scan:
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
steps:
|
||||
- name: Checkout Code
|
||||
uses: actions/checkout@v3
|
||||
with:
|
||||
fetch-depth: 0
|
||||
|
||||
- name: Setup Node.js
|
||||
uses: actions/setup-node@v3
|
||||
with:
|
||||
node-version: '22'
|
||||
|
||||
- name: Install CodeAnt CLI
|
||||
run: npm install -g codeant-cli
|
||||
|
||||
# ✅ KEEP THIS (correct method)
|
||||
- name: Configure CodeAnt Auth
|
||||
env:
|
||||
CODEANT_API_TOKEN: ${{ secrets.CODEANT_API_TOKEN }}
|
||||
run: |
|
||||
mkdir -p $HOME/.codeant
|
||||
printf '{"apiKey":"%s"}\n' "$CODEANT_API_TOKEN" > $HOME/.codeant/config.json
|
||||
|
||||
- name: Setup Git identity
|
||||
run: |
|
||||
git config --global user.email "ci@gitea.local"
|
||||
git config --global user.name "Gitea CI"
|
||||
|
||||
# 🔥 Full scan only on schedule
|
||||
- name: Full repo AI scan (daily)
|
||||
if: github.event_name == 'schedule'
|
||||
run: |
|
||||
echo "Running FULL repo scan..."
|
||||
|
||||
git checkout -b codeant-fullscan || git checkout codeant-fullscan
|
||||
|
||||
find . -type f \
|
||||
-not -path "./.git/*" \
|
||||
-exec sh -c 'echo "" >> "$1"' _ {} \;
|
||||
|
||||
git add .
|
||||
git commit -m "full repo scan" || true
|
||||
|
||||
codeant review --committed > review.txt || true
|
||||
|
||||
# ⚡ Incremental scan
|
||||
- name: Incremental AI scan
|
||||
if: github.event_name != 'schedule'
|
||||
run: |
|
||||
echo "Running incremental scan..."
|
||||
codeant review --committed > review.txt || true
|
||||
|
||||
- name: Show results
|
||||
run: cat review.txt
|
||||
36
.gitea/workflows/sonar.bak
Normal file
36
.gitea/workflows/sonar.bak
Normal file
@@ -0,0 +1,36 @@
|
||||
name: SonarQube Analysis
|
||||
on:
|
||||
push:
|
||||
branches: [main]
|
||||
pull_request:
|
||||
branches: [main]
|
||||
|
||||
jobs:
|
||||
sonarqube:
|
||||
name: SonarQube Scan
|
||||
runs-on: ubuntu-latest
|
||||
# This runs the whole job INSIDE the sonar-scanner container
|
||||
container:
|
||||
image: sonarsource/sonar-scanner-cli:12.0.0.3214_8.0.1
|
||||
options: --user root
|
||||
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v3
|
||||
with:
|
||||
fetch-depth: 0
|
||||
|
||||
- name: Run Scan
|
||||
run: |
|
||||
# Gitea repo name
|
||||
REPO_NAME=${{ gitea.event.repository.name }}
|
||||
|
||||
# We call the scanner directly since we are already inside its container
|
||||
sonar-scanner \
|
||||
-Dsonar.projectKey=$REPO_NAME \
|
||||
-Dsonar.projectName=$REPO_NAME \
|
||||
-Dsonar.sources=. \
|
||||
-Dsonar.host.url=${{ secrets.SONARQUBE_HOST }} \
|
||||
-Dsonar.token=${{ secrets.SONARQUBE_TOKEN }} \
|
||||
-Dsonar.exclusions=node_modules/**,dist/**,coverage/** \
|
||||
-Dsonar.qualitygate.wait=true
|
||||
93
package-lock.json
generated
93
package-lock.json
generated
@@ -2574,6 +2574,13 @@
|
||||
"os-homedir": "^1.0.1",
|
||||
"parse-json": "^2.2.0",
|
||||
"require-from-string": "^1.1.0"
|
||||
},
|
||||
"dependencies": {
|
||||
"minimist": {
|
||||
"version": "1.2.0",
|
||||
"resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.0.tgz",
|
||||
"integrity": "sha1-o1AIsg9BOD7sH7kU9M1d95omQoQ="
|
||||
}
|
||||
}
|
||||
},
|
||||
"create-ecdh": {
|
||||
@@ -4649,6 +4656,11 @@
|
||||
"brace-expansion": "^1.1.7"
|
||||
}
|
||||
},
|
||||
"minimist": {
|
||||
"version": "0.0.8",
|
||||
"bundled": true,
|
||||
"optional": true
|
||||
},
|
||||
"minipass": {
|
||||
"version": "2.2.4",
|
||||
"bundled": true,
|
||||
@@ -4666,6 +4678,14 @@
|
||||
"minipass": "^2.2.1"
|
||||
}
|
||||
},
|
||||
"mkdirp": {
|
||||
"version": "0.5.1",
|
||||
"bundled": true,
|
||||
"optional": true,
|
||||
"requires": {
|
||||
"minimist": "0.0.8"
|
||||
}
|
||||
},
|
||||
"ms": {
|
||||
"version": "2.0.0",
|
||||
"bundled": true,
|
||||
@@ -4788,6 +4808,13 @@
|
||||
"ini": "~1.3.0",
|
||||
"minimist": "^1.2.0",
|
||||
"strip-json-comments": "~2.0.1"
|
||||
},
|
||||
"dependencies": {
|
||||
"minimist": {
|
||||
"version": "1.2.0",
|
||||
"bundled": true,
|
||||
"optional": true
|
||||
}
|
||||
}
|
||||
},
|
||||
"readable-stream": {
|
||||
@@ -5129,6 +5156,11 @@
|
||||
"wordwrap": "^1.0.0"
|
||||
},
|
||||
"dependencies": {
|
||||
"minimist": {
|
||||
"version": "1.2.5",
|
||||
"resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.5.tgz",
|
||||
"integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw=="
|
||||
},
|
||||
"neo-async": {
|
||||
"version": "2.6.2",
|
||||
"resolved": "https://registry.npmjs.org/neo-async/-/neo-async-2.6.2.tgz",
|
||||
@@ -6716,12 +6748,12 @@
|
||||
}
|
||||
},
|
||||
"loader-fs-cache": {
|
||||
"version": "1.0.3",
|
||||
"resolved": "https://registry.npmjs.org/loader-fs-cache/-/loader-fs-cache-1.0.3.tgz",
|
||||
"integrity": "sha512-ldcgZpjNJj71n+2Mf6yetz+c9bM4xpKtNds4LbqXzU/PTdeAX0g3ytnU1AJMEcTk2Lex4Smpe3Q/eCTsvUBxbA==",
|
||||
"version": "1.0.1",
|
||||
"resolved": "https://registry.npmjs.org/loader-fs-cache/-/loader-fs-cache-1.0.1.tgz",
|
||||
"integrity": "sha1-VuC/CL2XCLJqdltoUJhAyN7J/bw=",
|
||||
"requires": {
|
||||
"find-cache-dir": "^0.1.1",
|
||||
"mkdirp": "^0.5.1"
|
||||
"mkdirp": "0.5.1"
|
||||
}
|
||||
},
|
||||
"loader-runner": {
|
||||
@@ -6997,6 +7029,13 @@
|
||||
"read-pkg-up": "^1.0.1",
|
||||
"redent": "^1.0.0",
|
||||
"trim-newlines": "^1.0.0"
|
||||
},
|
||||
"dependencies": {
|
||||
"minimist": {
|
||||
"version": "1.2.0",
|
||||
"resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.0.tgz",
|
||||
"integrity": "sha1-o1AIsg9BOD7sH7kU9M1d95omQoQ="
|
||||
}
|
||||
}
|
||||
},
|
||||
"merge": {
|
||||
@@ -7085,9 +7124,9 @@
|
||||
}
|
||||
},
|
||||
"minimist": {
|
||||
"version": "1.2.8",
|
||||
"resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.8.tgz",
|
||||
"integrity": "sha512-2yyAR8qBkN3YuheJanUpWC5U3bb5osDywNB8RzDVlDwDHbocAJveqqj1u8+SVD7jkWT4yvsHCpWqqWqAxb0zCA=="
|
||||
"version": "0.0.8",
|
||||
"resolved": "https://registry.npmjs.org/minimist/-/minimist-0.0.8.tgz",
|
||||
"integrity": "sha1-hX/Kv8M5fSYluCKCYuhqp6ARsF0="
|
||||
},
|
||||
"mississippi": {
|
||||
"version": "2.0.0",
|
||||
@@ -7126,11 +7165,11 @@
|
||||
}
|
||||
},
|
||||
"mkdirp": {
|
||||
"version": "0.5.6",
|
||||
"resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-0.5.6.tgz",
|
||||
"integrity": "sha512-FP+p8RB8OWpF3YZBCrP5gtADmtXApB5AMLn+vdyA+PyxCjrCs00mjyUozssO33cwDeT3wNGdLxJ5M//YqtHAJw==",
|
||||
"version": "0.5.1",
|
||||
"resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-0.5.1.tgz",
|
||||
"integrity": "sha1-MAV0OOrGz3+MR2fzhkjWaX11yQM=",
|
||||
"requires": {
|
||||
"minimist": "^1.2.6"
|
||||
"minimist": "0.0.8"
|
||||
}
|
||||
},
|
||||
"move-concurrently": {
|
||||
@@ -9631,6 +9670,13 @@
|
||||
"ini": "~1.3.0",
|
||||
"minimist": "^1.2.0",
|
||||
"strip-json-comments": "~2.0.1"
|
||||
},
|
||||
"dependencies": {
|
||||
"minimist": {
|
||||
"version": "1.2.0",
|
||||
"resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.0.tgz",
|
||||
"integrity": "sha1-o1AIsg9BOD7sH7kU9M1d95omQoQ="
|
||||
}
|
||||
}
|
||||
},
|
||||
"react": {
|
||||
@@ -12494,6 +12540,11 @@
|
||||
"requires": {
|
||||
"bser": "1.0.2"
|
||||
}
|
||||
},
|
||||
"minimist": {
|
||||
"version": "1.2.0",
|
||||
"resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.0.tgz",
|
||||
"integrity": "sha1-o1AIsg9BOD7sH7kU9M1d95omQoQ="
|
||||
}
|
||||
}
|
||||
},
|
||||
@@ -15566,6 +15617,11 @@
|
||||
"brace-expansion": "^1.1.7"
|
||||
}
|
||||
},
|
||||
"minimist": {
|
||||
"version": "0.0.8",
|
||||
"bundled": true,
|
||||
"optional": true
|
||||
},
|
||||
"minipass": {
|
||||
"version": "2.3.5",
|
||||
"bundled": true,
|
||||
@@ -15583,6 +15639,14 @@
|
||||
"minipass": "^2.2.1"
|
||||
}
|
||||
},
|
||||
"mkdirp": {
|
||||
"version": "0.5.1",
|
||||
"bundled": true,
|
||||
"optional": true,
|
||||
"requires": {
|
||||
"minimist": "0.0.8"
|
||||
}
|
||||
},
|
||||
"ms": {
|
||||
"version": "2.0.0",
|
||||
"bundled": true,
|
||||
@@ -15705,6 +15769,13 @@
|
||||
"ini": "~1.3.0",
|
||||
"minimist": "^1.2.0",
|
||||
"strip-json-comments": "~2.0.1"
|
||||
},
|
||||
"dependencies": {
|
||||
"minimist": {
|
||||
"version": "1.2.0",
|
||||
"bundled": true,
|
||||
"optional": true
|
||||
}
|
||||
}
|
||||
},
|
||||
"readable-stream": {
|
||||
|
||||
Reference in New Issue
Block a user