Merge develop into master for release
#3465
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Bumps [axios](https://github.com/axios/axios) from 1.7.2 to 1.7.4. - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md) - [Commits](axios/axios@v1.7.2...v1.7.4) --- updated-dependencies: - dependency-name: axios dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]>
2 - After release: Merge master back into develop [auto-generated]
Bumps [actions/setup-java](https://github.com/actions/setup-java) from 4.2.2 to 4.3.0. - [Release notes](https://github.com/actions/setup-java/releases) - [Commits](actions/setup-java@6a0805f...2dfa201) --- updated-dependencies: - dependency-name: actions/setup-java dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>
…3419) * implement pull request hook for gh actions * ignore tags on push * ignore tags on push * ignore tags on push * apply if condition in build step to check if branch name is matching * added comments and renamed branch to test gha * pr fixes * pr fixes * implement pull request workflow for gha action and gradle action #3357 * implement pull request workflow for gha action and gradle action #3357
) * move default sechub client to new open api module * migrate systemtest to new open api module #3239 * merge develop branch #3239 * revert changes in AnonymousUserRequestNewApiTokenRestController #3239 * change from #!/usr/bin/bash to #!/bin/bash in shell files #3239 * change from #!/usr/bin/bash to #!/bin/bash in shell files #3239 * moved deletion of projects and profile from SystemTestRuntime into finally block * moved deletion of projects and profile from SystemTestRuntime into finally block * temp * Refactored import path #3395 * temp * Removed SystemSupport for ArchUnit #3395 * Removed predefined import options #3395 * temp * add enabled field to ProductExecutionProfile * temp * temp * store sechub result file in test folder * Replaced package import through path import and ignore JAR import #3395 * Ignore generated API in coding rules #3395 * fix openapi.yaml * reconfigure pr action events * revert pr hooks in gh actions * remove unnecessary runtime exception * pr fixes * pr fixes * pr fixes * pr fixes * pr fixes --------- Co-authored-by: Laura <[email protected]> Co-authored-by: Jan Winz <[email protected]>
Bumps [gradle/actions](https://github.com/gradle/actions) from 4.0.1 to 4.1.0. - [Release notes](https://github.com/gradle/actions/releases) - [Commits](gradle/actions@16bf8bc...d156388) --- updated-dependencies: - dependency-name: gradle/actions dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 6.1.0 to 7.0.3. - [Release notes](https://github.com/peter-evans/create-pull-request/releases) - [Commits](peter-evans/create-pull-request@c5a7806...6cd32fd) --- updated-dependencies: - dependency-name: peter-evans/create-pull-request dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
…/peter-evans/create-pull-request-7.0.3 Bump peter-evans/create-pull-request from 6.1.0 to 7.0.3
…/gradle/actions-4.1.0 Bump gradle/actions from 4.0.1 to 4.1.0
…/actions/setup-java-4.3.0 Bump actions/setup-java from 4.2.2 to 4.3.0
…ithub-actions/scan/axios-1.7.4 Bump axios from 1.7.2 to 1.7.4 in /github-actions/scan
…yml & github-action-scan.yml (#3432) * add main master develop or hotfix to job execution in gradle.yml & github-action-scan.yml * add main master develop or hotfix to job execution in gradle.yml & github-action-scan.yml * add main master develop or hotfix to job execution in gradle.yml & github-action-scan.yml * include dependabot branches in workflow files
…g-if-condition-in-pipeline fix if statement in github-action-scan.yml & gradle.yml
…a-helmchart helm chart extended by env variables #3427
but not "tag-ignore"
"tag-ignore" in the on: section does not work. So placed in the job
direct pushes should not happen to the main branches anyway
…d-workflows-based-on-changes Trigger build workflows based on changed files #3439
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 7.0.3 to 7.0.5. - [Release notes](https://github.com/peter-evans/create-pull-request/releases) - [Commits](peter-evans/create-pull-request@6cd32fd...5e91468) --- updated-dependencies: - dependency-name: peter-evans/create-pull-request dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
Added section that explains variables and config files better.
Added suggestions of improvement proposed by @sven-dmlr
…docu Improved GHA documentation
* build index.js inside action.yml and remove manually committed dist folder * call setup-script.sh in 'pre' hook of action.yaml * call setup-script.sh in 'pre' hook of action.yaml * call setup-script.sh in 'pre' hook of action.yaml * add setup-script.js wrapper around shell script to make it executable in action.yml * add setup-script.js wrapper around shell script to make it executable in action.yml * remove ./ relative path in setup-script.js * call npm i and npm run build directly in pre hook of action.yml * use composite action in action.yml * use composite action in action.yml * use composite action in action.yml * use composite action in action.yml * use composite action in action.yml * manually check out sechub repo from foss repo * make index.js executable chmod +x * use node to execute dist/index.js * use node to execute dist/index.js * use node to execute dist/index.js * use node to execute dist/index.js * read github input param from env vars * implement cache for action.yml in github action scan * implement cache for action.yml in github action scan * implement cache for action.yml in github action scan * read github actions config from environment variable or github parameters * read github actions config from environment variable or github parameters * implement caching strategy for action.yml * rewrite getParam function in github-input.ts * rewrite getParam function in github-input.ts * rewrite getParam function in github-input.ts * rewrite getParam function in github-input.ts * rewrite getParam function in github-input.ts * add ACTIONS_RUNTIME_TOKEN to environment of index.js runtime * add ACTIONS_RUNTIME_TOKEN to environment of index.js runtime * export github env vars in action.yml * improve caching in action.yml of github actions scan * improve caching in action.yml of github actions scan * add 'branch' input param to action.yml of sechub scan * add 'branch' input param to action.yml of sechub scan * add 'branch' input param to action.yml of sechub scan * set 'master' as default branch name in action.yml github action scan
…/peter-evans/create-pull-request-7.0.5 Bump peter-evans/create-pull-request from 7.0.3 to 7.0.5
…nt-ignoring-exclude-patterns fixed windows client exclude handling #3447
Also mentioned creating an issue as precondition
…nity-branch removed community branch mention #3358
Also replaced some occurences of deprecated ioutil calls.
…-not-follow-symlinks client shall not follow symlinks #3367
…rt-.pc-file-extensions added support for Pro*C file extensions #3271
proposed text was slightly modified
…ng-addScmHistory-non-compatible-scantypes warn on -addScmHistory but no secretScan #3392
For these actions: - listJobs - getReport - getStatus
tabs vs. blanks
…obs-accepts-labels Feature 3459 client list jobs accepts labels
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.