Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ci: Ignore javax.servlet updates #553

Merged
merged 1 commit into from
Nov 26, 2024
Merged

ci: Ignore javax.servlet updates #553

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 6 additions & 4 deletions .github/dependabot.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,9 +2,11 @@
# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
version: 2
updates:
- package-ecosystem: "maven"
directory: "/"
- package-ecosystem: 'maven'
directory: '/'
schedule:
interval: "weekly"
interval: 'weekly'
commit-message:
prefix: "build"
prefix: 'build'
ignore:
- dependency-name: 'jakarta.servlet:jakarta-servlet-api'
10 changes: 5 additions & 5 deletions .github/workflows/codeql.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,17 +1,17 @@
name: "CodeQL"
name: CodeQL
on:
push:
branches: [ "main" ]
branches: [ 'main' ]
pull_request:
branches: [ "main" ]
branches: [ 'main' ]
schedule:
- cron: '35 2 * * 2'

permissions: read-all

jobs:
analyze:
name: Analyze (${{ matrix.language }})
name: "Analyze (java-kotlin)"
runs-on: 'ubuntu-latest'
permissions:
# required for all workflows
Expand Down Expand Up @@ -39,4 +39,4 @@ jobs:
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@cbe18979603527f12c7871a6eb04833ecf1548c7
with:
category: "/language:${{matrix.language}}"
category: "/language:java-kotlin"
10 changes: 5 additions & 5 deletions .github/workflows/scorecard.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ on:
schedule:
- cron: '16 23 * * 2'
push:
branches: [ "main" ]
branches: [ 'main' ]

# Declare default permissions as read only.
permissions: read-all
Expand All @@ -31,12 +31,12 @@ jobs:
# actions: read

steps:
- name: "Checkout code"
- name: Checkout code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
with:
persist-credentials: false

- name: "Run analysis"
- name: Run analysis
uses: ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46
with:
results_file: results.sarif
Expand All @@ -58,7 +58,7 @@ jobs:

# Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
# format to the repository Actions tab.
- name: "Upload artifact"
- name: Upload artifact
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882
with:
name: SARIF file
Expand All @@ -67,7 +67,7 @@ jobs:

# Upload the results to GitHub's code scanning dashboard (optional).
# Commenting out will disable upload of results to your repo's Code Scanning dashboard
- name: "Upload to code-scanning"
- name: Upload to code-scanning
uses: github/codeql-action/upload-sarif@86b04fb0e47484f7282357688f21d5d0e32175fe
with:
sarif_file: results.sarif