Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: actions/toolkit
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: main
Choose a base ref
...
head repository: devlynnx/toolkit
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: main
Choose a head ref
  • 9 commits
  • 13 files changed
  • 1 contributor

Commits on Aug 10, 2023

  1. Create apisec-scan.yml

    devlynnx authored Aug 10, 2023

    Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
    Copy the full SHA
    20193d8 View commit details
  2. Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
    Copy the full SHA
    884ba7e View commit details

Commits on Aug 12, 2023

  1. Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
    Copy the full SHA
    d15f3aa View commit details

Commits on Aug 14, 2023

  1. Add files via upload

    devlynnx authored Aug 14, 2023

    Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
    Copy the full SHA
    138d2ae View commit details
  2. Add files via upload

    devlynnx authored Aug 14, 2023

    Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
    Copy the full SHA
    3c3f8e2 View commit details

Commits on Sep 8, 2023

  1. Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
    Copy the full SHA
    cbef231 View commit details

Commits on Sep 23, 2023

  1. Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
    Copy the full SHA
    c05c9d1 View commit details

Commits on Sep 27, 2023

  1. Add files via upload

    devlynnx authored Sep 27, 2023

    Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
    Copy the full SHA
    a8297b2 View commit details
  2. Add files via upload

    devlynnx authored Sep 27, 2023

    Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
    Copy the full SHA
    573a089 View commit details
1 change: 1 addition & 0 deletions .data
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
123456789
71 changes: 71 additions & 0 deletions .github/workflows/apisec-scan.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,71 @@
# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.

# APIsec addresses the critical need to secure APIs before they reach production.
# APIsec provides the industry’s only automated and continuous API testing platform that uncovers security vulnerabilities and logic flaws in APIs.
# Clients rely on APIsec to evaluate every update and release, ensuring that no APIs go to production with vulnerabilities.

# How to Get Started with APIsec.ai
# 1. Schedule a demo at https://www.apisec.ai/request-a-demo .
#
# 2. Register your account at https://cloud.apisec.ai/#/signup .
#
# 3. Register your API . See the video (https://www.youtube.com/watch?v=MK3Xo9Dbvac) to get up and running with APIsec quickly.
#
# 4. Get GitHub Actions scan attributes from APIsec Project -> Configurations -> Integrations -> CI-CD -> GitHub Actions
#
# apisec-run-scan
#
# This action triggers the on-demand scans for projects registered in APIsec.
# If your GitHub account allows code scanning alerts, you can then upload the sarif file generated by this action to show the scan findings.
# Else you can view the scan results from the project home page in APIsec Platform.
# The link to view the scan results is also displayed on the console on successful completion of action.

# This is a starter workflow to help you get started with APIsec-Scan Actions

name: APIsec

# Controls when the workflow will run
on:
# Triggers the workflow on push or pull request events but only for the "main" branch
# Customize trigger events based on your DevSecOps processes.
push:
branches: [ "main" ]
pull_request:
branches: [ "main" ]
schedule:
- cron: '32 19 * * 5'

# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:


permissions:
contents: read

jobs:

Trigger_APIsec_scan:
permissions:
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
runs-on: ubuntu-latest

steps:
- name: APIsec scan
uses: apisec-inc/apisec-run-scan@025432089674a28ba8fb55f8ab06c10215e772ea
with:
# The APIsec username with which the scans will be executed
apisec-username: ${{ secrets.apisec_username }}
# The Password of the APIsec user with which the scans will be executed
apisec-password: ${{ secrets.apisec_password}}
# The name of the project for security scan
apisec-project: "VAmPI"
# The name of the sarif format result file The file is written only if this property is provided.
sarif-result-file: "apisec-results.sarif"
- name: Import results
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: ./apisec-results.sarif
Loading