Compare commits
1 Commits
main
...
dependabot
| Author | SHA1 | Date | |
|---|---|---|---|
|
ee690894ab |
@@ -1,68 +0,0 @@
|
||||
name: Codeant Security Scan
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: ["main"]
|
||||
pull_request:
|
||||
branches: ["main"]
|
||||
schedule:
|
||||
- cron: "0 0 * * *"
|
||||
workflow_dispatch:
|
||||
|
||||
jobs:
|
||||
codeant-scan:
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
steps:
|
||||
- name: Checkout Code
|
||||
uses: actions/checkout@v3
|
||||
with:
|
||||
fetch-depth: 0
|
||||
|
||||
- name: Setup Node.js
|
||||
uses: actions/setup-node@v3
|
||||
with:
|
||||
node-version: '22'
|
||||
|
||||
- name: Install CodeAnt CLI
|
||||
run: npm install -g codeant-cli
|
||||
|
||||
# ✅ KEEP THIS (correct method)
|
||||
- name: Configure CodeAnt Auth
|
||||
env:
|
||||
CODEANT_API_TOKEN: ${{ secrets.CODEANT_API_TOKEN }}
|
||||
run: |
|
||||
mkdir -p $HOME/.codeant
|
||||
printf '{"apiKey":"%s"}\n' "$CODEANT_API_TOKEN" > $HOME/.codeant/config.json
|
||||
|
||||
- name: Setup Git identity
|
||||
run: |
|
||||
git config --global user.email "ci@gitea.local"
|
||||
git config --global user.name "Gitea CI"
|
||||
|
||||
# 🔥 Full scan only on schedule
|
||||
- name: Full repo AI scan (daily)
|
||||
if: github.event_name == 'schedule'
|
||||
run: |
|
||||
echo "Running FULL repo scan..."
|
||||
|
||||
git checkout -b codeant-fullscan || git checkout codeant-fullscan
|
||||
|
||||
find . -type f \
|
||||
-not -path "./.git/*" \
|
||||
-exec sh -c 'echo "" >> "$1"' _ {} \;
|
||||
|
||||
git add .
|
||||
git commit -m "full repo scan" || true
|
||||
|
||||
codeant review --committed > review.txt || true
|
||||
|
||||
# ⚡ Incremental scan
|
||||
- name: Incremental AI scan
|
||||
if: github.event_name != 'schedule'
|
||||
run: |
|
||||
echo "Running incremental scan..."
|
||||
codeant review --committed > review.txt || true
|
||||
|
||||
- name: Show results
|
||||
run: cat review.txt
|
||||
@@ -1,36 +0,0 @@
|
||||
name: SonarQube Analysis
|
||||
on:
|
||||
push:
|
||||
branches: [main]
|
||||
pull_request:
|
||||
branches: [main]
|
||||
|
||||
jobs:
|
||||
sonarqube:
|
||||
name: SonarQube Scan
|
||||
runs-on: ubuntu-latest
|
||||
# This runs the whole job INSIDE the sonar-scanner container
|
||||
container:
|
||||
image: sonarsource/sonar-scanner-cli:12.0.0.3214_8.0.1
|
||||
options: --user root
|
||||
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v3
|
||||
with:
|
||||
fetch-depth: 0
|
||||
|
||||
- name: Run Scan
|
||||
run: |
|
||||
# Gitea repo name
|
||||
REPO_NAME=${{ gitea.event.repository.name }}
|
||||
|
||||
# We call the scanner directly since we are already inside its container
|
||||
sonar-scanner \
|
||||
-Dsonar.projectKey=$REPO_NAME \
|
||||
-Dsonar.projectName=$REPO_NAME \
|
||||
-Dsonar.sources=. \
|
||||
-Dsonar.host.url=${{ secrets.SONARQUBE_HOST }} \
|
||||
-Dsonar.token=${{ secrets.SONARQUBE_TOKEN }} \
|
||||
-Dsonar.exclusions=node_modules/**,dist/**,coverage/** \
|
||||
-Dsonar.qualitygate.wait=true
|
||||
6
package-lock.json
generated
6
package-lock.json
generated
@@ -1811,9 +1811,9 @@
|
||||
"integrity": "sha1-aN/1++YMUes3cl6p4+0xDcwed24="
|
||||
},
|
||||
"bootstrap": {
|
||||
"version": "4.1.1",
|
||||
"resolved": "https://registry.npmjs.org/bootstrap/-/bootstrap-4.1.1.tgz",
|
||||
"integrity": "sha512-SpiDSOcbg4J/PjVSt4ny5eY6j74VbVSjROY4Fb/WIUXBV9cnb5luyR4KnPvNoXuGnBK1T+nJIWqRsvU3yP8Mcg=="
|
||||
"version": "4.3.1",
|
||||
"resolved": "https://registry.npmjs.org/bootstrap/-/bootstrap-4.3.1.tgz",
|
||||
"integrity": "sha512-rXqOmH1VilAt2DyPzluTi2blhk17bO7ef+zLLPlWvG494pDxcM234pJ8wTc/6R40UWizAIIMgxjvxZg5kmsbag=="
|
||||
},
|
||||
"boxen": {
|
||||
"version": "0.6.0",
|
||||
|
||||
@@ -9,7 +9,7 @@
|
||||
"babel-loader": "8.0.1",
|
||||
"babel-preset-react-app": "^3.1.2",
|
||||
"babel-runtime": "6.23.0",
|
||||
"bootstrap": "^4.1.1",
|
||||
"bootstrap": "^4.3.1",
|
||||
"case-sensitive-paths-webpack-plugin": "2.1.2",
|
||||
"chalk": "1.1.3",
|
||||
"css-loader": "0.28.4",
|
||||
|
||||
Reference in New Issue
Block a user