From 81251eb6ec3b7aa2535ef4b40fee14e5aa7d0751 Mon Sep 17 00:00:00 2001 From: Rohit Date: Wed, 14 Sep 2022 22:24:41 +0530 Subject: [PATCH 01/19] Add KBs for actions --- .../abhinavsingh/setup-bazel/action-security.yml | 2 ++ .../actionshub/chef-delivery/action-security.yml | 2 ++ .../eskatos/gradle-command-action/action-security.yml | 9 +++++++++ .../actions/irongut/editrelease/action-security.yml | 9 ++++----- .../yarn-audit-action/action-security.yml | 11 +++++++++++ 5 files changed, 28 insertions(+), 5 deletions(-) create mode 100644 knowledge-base/actions/abhinavsingh/setup-bazel/action-security.yml create mode 100644 knowledge-base/actions/actionshub/chef-delivery/action-security.yml create mode 100644 knowledge-base/actions/eskatos/gradle-command-action/action-security.yml create mode 100644 knowledge-base/actions/pragatheeswarans/yarn-audit-action/action-security.yml diff --git a/knowledge-base/actions/abhinavsingh/setup-bazel/action-security.yml b/knowledge-base/actions/abhinavsingh/setup-bazel/action-security.yml new file mode 100644 index 000000000..55ae2c1da --- /dev/null +++ b/knowledge-base/actions/abhinavsingh/setup-bazel/action-security.yml @@ -0,0 +1,2 @@ +name: "Setup Bazel" +#Note: github token not used diff --git a/knowledge-base/actions/actionshub/chef-delivery/action-security.yml b/knowledge-base/actions/actionshub/chef-delivery/action-security.yml new file mode 100644 index 000000000..bd9dde35f --- /dev/null +++ b/knowledge-base/actions/actionshub/chef-delivery/action-security.yml @@ -0,0 +1,2 @@ +name: "Chef Delivery Action" +#Note: github token not used diff --git a/knowledge-base/actions/eskatos/gradle-command-action/action-security.yml b/knowledge-base/actions/eskatos/gradle-command-action/action-security.yml new file mode 100644 index 000000000..25a92b21c --- /dev/null +++ b/knowledge-base/actions/eskatos/gradle-command-action/action-security.yml @@ -0,0 +1,9 @@ +name: "Gradle Build Action" +github-token: + action-input: + input: GITHUB_TOKEN + is-default: false + permissions: + issues: write + issues-reason: to create Github issues + #Reference: https://github.com/gradle/gradle-build-action/blob/1761dcff1325d8cb9775a28df9cfb73fa093c3c9/README.md diff --git a/knowledge-base/actions/irongut/editrelease/action-security.yml b/knowledge-base/actions/irongut/editrelease/action-security.yml index 8ccef01f2..499642eb6 100644 --- a/knowledge-base/actions/irongut/editrelease/action-security.yml +++ b/knowledge-base/actions/irongut/editrelease/action-security.yml @@ -1,9 +1,8 @@ -name: 'Edit Release' -# irongut/EditRelease +name: "Edit Release" github-token: - action-input: - input: token - is-default: false + environment-variable-name: GITHUB_TOKEN permissions: contents: write contents-reason: to edit release details + #Reference: https://github.com/irongut/EditRelease/blob/9cca065cfb86c7e0e250a87b9cc0b5ffac06e4a2/src/EditRelease/Options.cs + # https://github.com/irongut/EditRelease/blob/9cca065cfb86c7e0e250a87b9cc0b5ffac06e4a2/src/EditRelease/Program.cs diff --git a/knowledge-base/actions/pragatheeswarans/yarn-audit-action/action-security.yml b/knowledge-base/actions/pragatheeswarans/yarn-audit-action/action-security.yml new file mode 100644 index 000000000..e19324e95 --- /dev/null +++ b/knowledge-base/actions/pragatheeswarans/yarn-audit-action/action-security.yml @@ -0,0 +1,11 @@ +name: "Yarn Audit" +github-token: + action-input: + input: GITHUB_TOKEN + is-default: false + permissions: + actions: read + actions-reason: to run yarn audit command + issues: write + issues-reason: to create Github issues + #Reference: https://github.com/pragatheeswarans/yarn-audit-action/blob/f3ab4c055f4b8f1db1b1ae0e32bab690c9050603/index.js From 6af937dfc53b0bd3d57fa4ff64c2da46d7db104c Mon Sep 17 00:00:00 2001 From: Rohit Date: Wed, 14 Sep 2022 22:38:34 +0530 Subject: [PATCH 02/19] Add KBs for actions --- .../atlassian/gajira-login/action-security.yml | 10 ++++++++++ .../actions/damccorm/tag-ur-it/action-security.yml | 12 ++++++++++++ .../actions/datadog/labeler/action-security.yml | 11 +++++++++++ .../mikepenz/action-junit-report/action-security.yml | 10 ++++++++++ .../actions/zendesk/setup-ruby/action-security.yml | 2 ++ 5 files changed, 45 insertions(+) create mode 100644 knowledge-base/actions/atlassian/gajira-login/action-security.yml create mode 100644 knowledge-base/actions/damccorm/tag-ur-it/action-security.yml create mode 100644 knowledge-base/actions/datadog/labeler/action-security.yml create mode 100644 knowledge-base/actions/mikepenz/action-junit-report/action-security.yml create mode 100644 knowledge-base/actions/zendesk/setup-ruby/action-security.yml diff --git a/knowledge-base/actions/atlassian/gajira-login/action-security.yml b/knowledge-base/actions/atlassian/gajira-login/action-security.yml new file mode 100644 index 000000000..abd90ddd8 --- /dev/null +++ b/knowledge-base/actions/atlassian/gajira-login/action-security.yml @@ -0,0 +1,10 @@ +name: "Jira Login" +github-token: + environment-variable-name: GITHUB_TOKEN + permissions: + actions: write + actions-reason: to login in to Jira cloud instance and create issues for TODO event + issues: write + issues-reason: to create a Jira issue for each TODO comment +#Reference: https://github.com/atlassian/gajira-todo/blob/b8fab37af0a6a5c86c7f1c27ab6c39d347a5aaaa/README.md +#https://github.com/atlassian/gajira-todo/blob/b8fab37af0a6a5c86c7f1c27ab6c39d347a5aaaa/index.js diff --git a/knowledge-base/actions/damccorm/tag-ur-it/action-security.yml b/knowledge-base/actions/damccorm/tag-ur-it/action-security.yml new file mode 100644 index 000000000..bb6b852e0 --- /dev/null +++ b/knowledge-base/actions/damccorm/tag-ur-it/action-security.yml @@ -0,0 +1,12 @@ +name: "tag-ur-it" +github-token: + action-input: + input: GITHUB_TOKEN + is-default: false + permissions: + issues: write + issues-reason: to tag issues with labels and assignees + actions: write + actions-reason: to label and assign issues based on their contents + #Reference: https://github.com/damccorm/tag-ur-it/blob/7c0e852a6bd84e9c7f842ef4f0ee67335b005a49/README.md + #https://github.com/damccorm/tag-ur-it/blob/7c0e852a6bd84e9c7f842ef4f0ee67335b005a49/src/index.ts diff --git a/knowledge-base/actions/datadog/labeler/action-security.yml b/knowledge-base/actions/datadog/labeler/action-security.yml new file mode 100644 index 000000000..4956f5d00 --- /dev/null +++ b/knowledge-base/actions/datadog/labeler/action-security.yml @@ -0,0 +1,11 @@ +name: "Pull Request Labeler" +github-token: + action-input: + input: GITHUB_TOKEN + is-default: true + permissions: + pull-requests: read + pull-requests-reason: to label PRs + actions: write + actions-reason: to triage PRs + #Reference: triages PRs based on the paths that are modified in the PR. diff --git a/knowledge-base/actions/mikepenz/action-junit-report/action-security.yml b/knowledge-base/actions/mikepenz/action-junit-report/action-security.yml new file mode 100644 index 000000000..4562228f0 --- /dev/null +++ b/knowledge-base/actions/mikepenz/action-junit-report/action-security.yml @@ -0,0 +1,10 @@ +name: "JUnit Report Action" +github-token: + action-input: + input: github_token + is-default: true + permissions: + checks: write + checks-reason: to create check/test results + #Reference: https://github.com/mikepenz/action-junit-report/blob/7e977792727942c3091dd66d60469d9944b43b97/src/main.ts + #https://github.com/mikepenz/action-junit-report/blob/0e0c47752e7b85a02bf53a5dda077d6b013bcff8/README.md diff --git a/knowledge-base/actions/zendesk/setup-ruby/action-security.yml b/knowledge-base/actions/zendesk/setup-ruby/action-security.yml new file mode 100644 index 000000000..2924d567c --- /dev/null +++ b/knowledge-base/actions/zendesk/setup-ruby/action-security.yml @@ -0,0 +1,2 @@ +name: "Setup Ruby, JRuby and TruffleRuby" +#Note: github token not used From 61068057274a9809eceac90cabd761e712387cc7 Mon Sep 17 00:00:00 2001 From: Rohit Date: Wed, 14 Sep 2022 22:45:51 +0530 Subject: [PATCH 03/19] Add KBs for actions --- .../actions/atlassian/gajira-login/action-security.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/knowledge-base/actions/atlassian/gajira-login/action-security.yml b/knowledge-base/actions/atlassian/gajira-login/action-security.yml index abd90ddd8..8204d0f30 100644 --- a/knowledge-base/actions/atlassian/gajira-login/action-security.yml +++ b/knowledge-base/actions/atlassian/gajira-login/action-security.yml @@ -3,7 +3,7 @@ github-token: environment-variable-name: GITHUB_TOKEN permissions: actions: write - actions-reason: to login in to Jira cloud instance and create issues for TODO event + actions-reason: to login in to Jira cloud instance issues: write issues-reason: to create a Jira issue for each TODO comment #Reference: https://github.com/atlassian/gajira-todo/blob/b8fab37af0a6a5c86c7f1c27ab6c39d347a5aaaa/README.md From b20a9d4c87e4c735c3a5bb654494d4b6aea41462 Mon Sep 17 00:00:00 2001 From: Rohit Date: Wed, 14 Sep 2022 23:52:30 +0530 Subject: [PATCH 04/19] Add KBs for actions --- .../abhinavsingh/setup-bazel/action-security.yml | 2 -- .../actionshub/chef-delivery/action-security.yml | 2 -- .../eskatos/gradle-command-action/action-security.yml | 9 --------- .../actions/irongut/editrelease/action-security.yml | 7 ++++--- .../yarn-audit-action/action-security.yml | 11 ----------- 5 files changed, 4 insertions(+), 27 deletions(-) delete mode 100644 knowledge-base/actions/abhinavsingh/setup-bazel/action-security.yml delete mode 100644 knowledge-base/actions/actionshub/chef-delivery/action-security.yml delete mode 100644 knowledge-base/actions/eskatos/gradle-command-action/action-security.yml delete mode 100644 knowledge-base/actions/pragatheeswarans/yarn-audit-action/action-security.yml diff --git a/knowledge-base/actions/abhinavsingh/setup-bazel/action-security.yml b/knowledge-base/actions/abhinavsingh/setup-bazel/action-security.yml deleted file mode 100644 index 55ae2c1da..000000000 --- a/knowledge-base/actions/abhinavsingh/setup-bazel/action-security.yml +++ /dev/null @@ -1,2 +0,0 @@ -name: "Setup Bazel" -#Note: github token not used diff --git a/knowledge-base/actions/actionshub/chef-delivery/action-security.yml b/knowledge-base/actions/actionshub/chef-delivery/action-security.yml deleted file mode 100644 index bd9dde35f..000000000 --- a/knowledge-base/actions/actionshub/chef-delivery/action-security.yml +++ /dev/null @@ -1,2 +0,0 @@ -name: "Chef Delivery Action" -#Note: github token not used diff --git a/knowledge-base/actions/eskatos/gradle-command-action/action-security.yml b/knowledge-base/actions/eskatos/gradle-command-action/action-security.yml deleted file mode 100644 index 25a92b21c..000000000 --- a/knowledge-base/actions/eskatos/gradle-command-action/action-security.yml +++ /dev/null @@ -1,9 +0,0 @@ -name: "Gradle Build Action" -github-token: - action-input: - input: GITHUB_TOKEN - is-default: false - permissions: - issues: write - issues-reason: to create Github issues - #Reference: https://github.com/gradle/gradle-build-action/blob/1761dcff1325d8cb9775a28df9cfb73fa093c3c9/README.md diff --git a/knowledge-base/actions/irongut/editrelease/action-security.yml b/knowledge-base/actions/irongut/editrelease/action-security.yml index 499642eb6..40e2c4f4c 100644 --- a/knowledge-base/actions/irongut/editrelease/action-security.yml +++ b/knowledge-base/actions/irongut/editrelease/action-security.yml @@ -1,8 +1,9 @@ name: "Edit Release" +# irongut/EditRelease github-token: - environment-variable-name: GITHUB_TOKEN + action-input: + input: token + is-default: false permissions: contents: write contents-reason: to edit release details - #Reference: https://github.com/irongut/EditRelease/blob/9cca065cfb86c7e0e250a87b9cc0b5ffac06e4a2/src/EditRelease/Options.cs - # https://github.com/irongut/EditRelease/blob/9cca065cfb86c7e0e250a87b9cc0b5ffac06e4a2/src/EditRelease/Program.cs diff --git a/knowledge-base/actions/pragatheeswarans/yarn-audit-action/action-security.yml b/knowledge-base/actions/pragatheeswarans/yarn-audit-action/action-security.yml deleted file mode 100644 index e19324e95..000000000 --- a/knowledge-base/actions/pragatheeswarans/yarn-audit-action/action-security.yml +++ /dev/null @@ -1,11 +0,0 @@ -name: "Yarn Audit" -github-token: - action-input: - input: GITHUB_TOKEN - is-default: false - permissions: - actions: read - actions-reason: to run yarn audit command - issues: write - issues-reason: to create Github issues - #Reference: https://github.com/pragatheeswarans/yarn-audit-action/blob/f3ab4c055f4b8f1db1b1ae0e32bab690c9050603/index.js From c1bd0c25922bd53b78a3d284e150d9d411f098f1 Mon Sep 17 00:00:00 2001 From: Rohit Date: Thu, 15 Sep 2022 21:14:57 +0530 Subject: [PATCH 05/19] Add KBs for actions --- .../alexellis/upload-assets/action-security.yml | 9 +++++++++ .../chrnorm/deployment-action/action-security.yml | 10 ++++++++++ .../chrnorm/deployment-status/action-security.yml | 10 ++++++++++ .../lcov-reporter-action/action-security.yml | 12 ++++++++++++ 4 files changed, 41 insertions(+) create mode 100644 knowledge-base/actions/alexellis/upload-assets/action-security.yml create mode 100644 knowledge-base/actions/chrnorm/deployment-action/action-security.yml create mode 100644 knowledge-base/actions/chrnorm/deployment-status/action-security.yml create mode 100644 knowledge-base/actions/eberlitz/lcov-reporter-action/action-security.yml diff --git a/knowledge-base/actions/alexellis/upload-assets/action-security.yml b/knowledge-base/actions/alexellis/upload-assets/action-security.yml new file mode 100644 index 000000000..4e5835d7c --- /dev/null +++ b/knowledge-base/actions/alexellis/upload-assets/action-security.yml @@ -0,0 +1,9 @@ +name: 'Upload Release Assets' +github-token: + environment-variable-name: GITHUB_TOKEN + is-default: false + permissions: + contents: write + contents-reason: Upload release assets + #Reference: https://github.com/alexellis/upload-assets/blob/9e94dcf277d4c86fdac84b857a6b4ea08f077f1e/dist/index.js + #https://github.com/alexellis/upload-assets/blob/9e94dcf277d4c86fdac84b857a6b4ea08f077f1e/src/lib.js \ No newline at end of file diff --git a/knowledge-base/actions/chrnorm/deployment-action/action-security.yml b/knowledge-base/actions/chrnorm/deployment-action/action-security.yml new file mode 100644 index 000000000..dcf4644b8 --- /dev/null +++ b/knowledge-base/actions/chrnorm/deployment-action/action-security.yml @@ -0,0 +1,10 @@ +name: "Deployment Action" +github-token: + action-input: + input: token + is-default: false + permissions: + deployments: write + deployments-reason: to create Github Deployments + #Reference: https://github.com/chrnorm/deployment-action#readme + # https://github.com/chrnorm/deployment-action/blob/81b5fe715539b0ed9bfb8337b3508f15b288b4bd/lib/main.js diff --git a/knowledge-base/actions/chrnorm/deployment-status/action-security.yml b/knowledge-base/actions/chrnorm/deployment-status/action-security.yml new file mode 100644 index 000000000..5b93dea8b --- /dev/null +++ b/knowledge-base/actions/chrnorm/deployment-status/action-security.yml @@ -0,0 +1,10 @@ +name: "Deployment Status" +github-token: + action-input: + input: token + is-default: false + permissions: + contents: write + contents-reason: to update status of Deployments + #Reference: https://github.com/chrnorm/deployment-status/blob/8a81fd4d7b467e95818f2c6a1b5b228de211e90c/src/main.ts + # diff --git a/knowledge-base/actions/eberlitz/lcov-reporter-action/action-security.yml b/knowledge-base/actions/eberlitz/lcov-reporter-action/action-security.yml new file mode 100644 index 000000000..7ae595157 --- /dev/null +++ b/knowledge-base/actions/eberlitz/lcov-reporter-action/action-security.yml @@ -0,0 +1,12 @@ +name: "Code Coverage Report" +github-token: + action-input: + input: github_token + is-default: true + permissions: + actions: write + actions-reson: to comment PRs with code coverage report + pull_requests: write + pull-requests-reasons: to commit the comment + #Reference: https://github.com/eberlitz/lcov-reporter-action + #https://github.com/romeovs/lcov-reporter-action From d57b3e3ab0759646edd21d3d289aae59fa6b9e71 Mon Sep 17 00:00:00 2001 From: Rohit Date: Thu, 15 Sep 2022 22:17:30 +0530 Subject: [PATCH 06/19] Add KBs for actions --- .../atlassian/gajira-login/action-security.yml | 10 ---------- .../chrnorm/deployment-status/action-security.yml | 1 - .../actions/damccorm/tag-ur-it/action-security.yml | 12 ------------ .../actions/datadog/labeler/action-security.yml | 11 ----------- .../actions/zendesk/setup-ruby/action-security.yml | 2 -- 5 files changed, 36 deletions(-) delete mode 100644 knowledge-base/actions/atlassian/gajira-login/action-security.yml delete mode 100644 knowledge-base/actions/damccorm/tag-ur-it/action-security.yml delete mode 100644 knowledge-base/actions/datadog/labeler/action-security.yml delete mode 100644 knowledge-base/actions/zendesk/setup-ruby/action-security.yml diff --git a/knowledge-base/actions/atlassian/gajira-login/action-security.yml b/knowledge-base/actions/atlassian/gajira-login/action-security.yml deleted file mode 100644 index 8204d0f30..000000000 --- a/knowledge-base/actions/atlassian/gajira-login/action-security.yml +++ /dev/null @@ -1,10 +0,0 @@ -name: "Jira Login" -github-token: - environment-variable-name: GITHUB_TOKEN - permissions: - actions: write - actions-reason: to login in to Jira cloud instance - issues: write - issues-reason: to create a Jira issue for each TODO comment -#Reference: https://github.com/atlassian/gajira-todo/blob/b8fab37af0a6a5c86c7f1c27ab6c39d347a5aaaa/README.md -#https://github.com/atlassian/gajira-todo/blob/b8fab37af0a6a5c86c7f1c27ab6c39d347a5aaaa/index.js diff --git a/knowledge-base/actions/chrnorm/deployment-status/action-security.yml b/knowledge-base/actions/chrnorm/deployment-status/action-security.yml index 5b93dea8b..a60b1b0f6 100644 --- a/knowledge-base/actions/chrnorm/deployment-status/action-security.yml +++ b/knowledge-base/actions/chrnorm/deployment-status/action-security.yml @@ -7,4 +7,3 @@ github-token: contents: write contents-reason: to update status of Deployments #Reference: https://github.com/chrnorm/deployment-status/blob/8a81fd4d7b467e95818f2c6a1b5b228de211e90c/src/main.ts - # diff --git a/knowledge-base/actions/damccorm/tag-ur-it/action-security.yml b/knowledge-base/actions/damccorm/tag-ur-it/action-security.yml deleted file mode 100644 index bb6b852e0..000000000 --- a/knowledge-base/actions/damccorm/tag-ur-it/action-security.yml +++ /dev/null @@ -1,12 +0,0 @@ -name: "tag-ur-it" -github-token: - action-input: - input: GITHUB_TOKEN - is-default: false - permissions: - issues: write - issues-reason: to tag issues with labels and assignees - actions: write - actions-reason: to label and assign issues based on their contents - #Reference: https://github.com/damccorm/tag-ur-it/blob/7c0e852a6bd84e9c7f842ef4f0ee67335b005a49/README.md - #https://github.com/damccorm/tag-ur-it/blob/7c0e852a6bd84e9c7f842ef4f0ee67335b005a49/src/index.ts diff --git a/knowledge-base/actions/datadog/labeler/action-security.yml b/knowledge-base/actions/datadog/labeler/action-security.yml deleted file mode 100644 index 4956f5d00..000000000 --- a/knowledge-base/actions/datadog/labeler/action-security.yml +++ /dev/null @@ -1,11 +0,0 @@ -name: "Pull Request Labeler" -github-token: - action-input: - input: GITHUB_TOKEN - is-default: true - permissions: - pull-requests: read - pull-requests-reason: to label PRs - actions: write - actions-reason: to triage PRs - #Reference: triages PRs based on the paths that are modified in the PR. diff --git a/knowledge-base/actions/zendesk/setup-ruby/action-security.yml b/knowledge-base/actions/zendesk/setup-ruby/action-security.yml deleted file mode 100644 index 2924d567c..000000000 --- a/knowledge-base/actions/zendesk/setup-ruby/action-security.yml +++ /dev/null @@ -1,2 +0,0 @@ -name: "Setup Ruby, JRuby and TruffleRuby" -#Note: github token not used From 439222e27ed38d81bf871a7a7925cad5d578e98d Mon Sep 17 00:00:00 2001 From: Rohit Date: Thu, 15 Sep 2022 22:19:41 +0530 Subject: [PATCH 07/19] Add KBs for actions --- .../mikepenz/action-junit-report/action-security.yml | 10 ---------- 1 file changed, 10 deletions(-) delete mode 100644 knowledge-base/actions/mikepenz/action-junit-report/action-security.yml diff --git a/knowledge-base/actions/mikepenz/action-junit-report/action-security.yml b/knowledge-base/actions/mikepenz/action-junit-report/action-security.yml deleted file mode 100644 index 4562228f0..000000000 --- a/knowledge-base/actions/mikepenz/action-junit-report/action-security.yml +++ /dev/null @@ -1,10 +0,0 @@ -name: "JUnit Report Action" -github-token: - action-input: - input: github_token - is-default: true - permissions: - checks: write - checks-reason: to create check/test results - #Reference: https://github.com/mikepenz/action-junit-report/blob/7e977792727942c3091dd66d60469d9944b43b97/src/main.ts - #https://github.com/mikepenz/action-junit-report/blob/0e0c47752e7b85a02bf53a5dda077d6b013bcff8/README.md From d088d56e8c59ff5106cbf720a6c3d46f082f3b46 Mon Sep 17 00:00:00 2001 From: Rohit Date: Thu, 15 Sep 2022 23:20:06 +0530 Subject: [PATCH 08/19] Add KBs for actions --- .../eberlitz/lcov-reporter-action/action-security.yml | 2 +- .../actions/irongut/editrelease/action-security.yml | 9 --------- 2 files changed, 1 insertion(+), 10 deletions(-) delete mode 100644 knowledge-base/actions/irongut/editrelease/action-security.yml diff --git a/knowledge-base/actions/eberlitz/lcov-reporter-action/action-security.yml b/knowledge-base/actions/eberlitz/lcov-reporter-action/action-security.yml index 7ae595157..303e29ef5 100644 --- a/knowledge-base/actions/eberlitz/lcov-reporter-action/action-security.yml +++ b/knowledge-base/actions/eberlitz/lcov-reporter-action/action-security.yml @@ -7,6 +7,6 @@ github-token: actions: write actions-reson: to comment PRs with code coverage report pull_requests: write - pull-requests-reasons: to commit the comment + pull-requests-reason: to commit the comment #Reference: https://github.com/eberlitz/lcov-reporter-action #https://github.com/romeovs/lcov-reporter-action diff --git a/knowledge-base/actions/irongut/editrelease/action-security.yml b/knowledge-base/actions/irongut/editrelease/action-security.yml deleted file mode 100644 index 40e2c4f4c..000000000 --- a/knowledge-base/actions/irongut/editrelease/action-security.yml +++ /dev/null @@ -1,9 +0,0 @@ -name: "Edit Release" -# irongut/EditRelease -github-token: - action-input: - input: token - is-default: false - permissions: - contents: write - contents-reason: to edit release details From 6957b3663bc648d6c8c8fb4ddd71fa1e31621626 Mon Sep 17 00:00:00 2001 From: Rohit Kumar Singh <95624394+RksRocks@users.noreply.github.com> Date: Thu, 15 Sep 2022 23:27:52 +0530 Subject: [PATCH 09/19] Update action-security.yml --- .../actions/alexellis/upload-assets/action-security.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/knowledge-base/actions/alexellis/upload-assets/action-security.yml b/knowledge-base/actions/alexellis/upload-assets/action-security.yml index 4e5835d7c..8337fe2c2 100644 --- a/knowledge-base/actions/alexellis/upload-assets/action-security.yml +++ b/knowledge-base/actions/alexellis/upload-assets/action-security.yml @@ -6,4 +6,6 @@ github-token: contents: write contents-reason: Upload release assets #Reference: https://github.com/alexellis/upload-assets/blob/9e94dcf277d4c86fdac84b857a6b4ea08f077f1e/dist/index.js - #https://github.com/alexellis/upload-assets/blob/9e94dcf277d4c86fdac84b857a6b4ea08f077f1e/src/lib.js \ No newline at end of file + #https://github.com/alexellis/upload-assets/blob/9e94dcf277d4c86fdac84b857a6b4ea08f077f1e/src/lib.js + + From 057fdb0d76d15c2971963c5feda1431afcb58194 Mon Sep 17 00:00:00 2001 From: Rohit Kumar Singh <95624394+RksRocks@users.noreply.github.com> Date: Thu, 15 Sep 2022 23:28:21 +0530 Subject: [PATCH 10/19] Update action-security.yml --- .../actions/eberlitz/lcov-reporter-action/action-security.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/knowledge-base/actions/eberlitz/lcov-reporter-action/action-security.yml b/knowledge-base/actions/eberlitz/lcov-reporter-action/action-security.yml index 303e29ef5..3ee0a3315 100644 --- a/knowledge-base/actions/eberlitz/lcov-reporter-action/action-security.yml +++ b/knowledge-base/actions/eberlitz/lcov-reporter-action/action-security.yml @@ -5,7 +5,7 @@ github-token: is-default: true permissions: actions: write - actions-reson: to comment PRs with code coverage report + actions-reason: to comment PRs with code coverage report pull_requests: write pull-requests-reason: to commit the comment #Reference: https://github.com/eberlitz/lcov-reporter-action From af7e0db0c9fd0e8c66aff528dc6d7ec700eb8f07 Mon Sep 17 00:00:00 2001 From: Rohit Date: Thu, 15 Sep 2022 23:31:43 +0530 Subject: [PATCH 11/19] Add KBs for actions --- .../actions/eberlitz/lcov-reporter-action/action-security.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/knowledge-base/actions/eberlitz/lcov-reporter-action/action-security.yml b/knowledge-base/actions/eberlitz/lcov-reporter-action/action-security.yml index 303e29ef5..3ee0a3315 100644 --- a/knowledge-base/actions/eberlitz/lcov-reporter-action/action-security.yml +++ b/knowledge-base/actions/eberlitz/lcov-reporter-action/action-security.yml @@ -5,7 +5,7 @@ github-token: is-default: true permissions: actions: write - actions-reson: to comment PRs with code coverage report + actions-reason: to comment PRs with code coverage report pull_requests: write pull-requests-reason: to commit the comment #Reference: https://github.com/eberlitz/lcov-reporter-action From a8733812b9af4f8334f0d9cc4be6366a763ccefb Mon Sep 17 00:00:00 2001 From: Rohit Kumar Singh <95624394+RksRocks@users.noreply.github.com> Date: Fri, 16 Sep 2022 17:02:50 +0530 Subject: [PATCH 12/19] Update action-security.yml --- .../actions/eberlitz/lcov-reporter-action/action-security.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/knowledge-base/actions/eberlitz/lcov-reporter-action/action-security.yml b/knowledge-base/actions/eberlitz/lcov-reporter-action/action-security.yml index 3ee0a3315..dc71c362c 100644 --- a/knowledge-base/actions/eberlitz/lcov-reporter-action/action-security.yml +++ b/knowledge-base/actions/eberlitz/lcov-reporter-action/action-security.yml @@ -6,7 +6,7 @@ github-token: permissions: actions: write actions-reason: to comment PRs with code coverage report - pull_requests: write + pull-requests: write pull-requests-reason: to commit the comment #Reference: https://github.com/eberlitz/lcov-reporter-action #https://github.com/romeovs/lcov-reporter-action From 65cdf4bacf5e8a7f2928cbc71cd5f8974ce5b954 Mon Sep 17 00:00:00 2001 From: Rohit Kumar Singh <95624394+RksRocks@users.noreply.github.com> Date: Fri, 16 Sep 2022 17:33:01 +0530 Subject: [PATCH 13/19] Update action-security.yml --- .../actions/alexellis/upload-assets/action-security.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/knowledge-base/actions/alexellis/upload-assets/action-security.yml b/knowledge-base/actions/alexellis/upload-assets/action-security.yml index 8337fe2c2..7911a0c92 100644 --- a/knowledge-base/actions/alexellis/upload-assets/action-security.yml +++ b/knowledge-base/actions/alexellis/upload-assets/action-security.yml @@ -1,7 +1,6 @@ name: 'Upload Release Assets' github-token: - environment-variable-name: GITHUB_TOKEN - is-default: false + environment-variable-name: GITHUB_TOKEN permissions: contents: write contents-reason: Upload release assets From 05265fef3ea5744eb9cd4981a724ce6cf4c35463 Mon Sep 17 00:00:00 2001 From: Rohit Kumar Singh <95624394+RksRocks@users.noreply.github.com> Date: Fri, 16 Sep 2022 17:36:00 +0530 Subject: [PATCH 14/19] Update action-security.yml --- .../actions/alexellis/upload-assets/action-security.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/knowledge-base/actions/alexellis/upload-assets/action-security.yml b/knowledge-base/actions/alexellis/upload-assets/action-security.yml index 7911a0c92..3741afdcd 100644 --- a/knowledge-base/actions/alexellis/upload-assets/action-security.yml +++ b/knowledge-base/actions/alexellis/upload-assets/action-security.yml @@ -3,7 +3,7 @@ github-token: environment-variable-name: GITHUB_TOKEN permissions: contents: write - contents-reason: Upload release assets + contents-reason: to upload release assets #Reference: https://github.com/alexellis/upload-assets/blob/9e94dcf277d4c86fdac84b857a6b4ea08f077f1e/dist/index.js #https://github.com/alexellis/upload-assets/blob/9e94dcf277d4c86fdac84b857a6b4ea08f077f1e/src/lib.js From d2d724d1c5e251f197fd0af70ef325c0df525da6 Mon Sep 17 00:00:00 2001 From: Rohit Kumar Singh <95624394+RksRocks@users.noreply.github.com> Date: Mon, 19 Sep 2022 22:16:24 +0530 Subject: [PATCH 15/19] Update action-security.yml --- .../actions/chrnorm/deployment-status/action-security.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/knowledge-base/actions/chrnorm/deployment-status/action-security.yml b/knowledge-base/actions/chrnorm/deployment-status/action-security.yml index a60b1b0f6..3559437cd 100644 --- a/knowledge-base/actions/chrnorm/deployment-status/action-security.yml +++ b/knowledge-base/actions/chrnorm/deployment-status/action-security.yml @@ -4,6 +4,6 @@ github-token: input: token is-default: false permissions: - contents: write - contents-reason: to update status of Deployments + deployments: write + seployments-reasons: to update status of deployments #Reference: https://github.com/chrnorm/deployment-status/blob/8a81fd4d7b467e95818f2c6a1b5b228de211e90c/src/main.ts From c510a7d3c94313689423acff278eddec51aa3971 Mon Sep 17 00:00:00 2001 From: Rohit Kumar Singh <95624394+RksRocks@users.noreply.github.com> Date: Mon, 19 Sep 2022 22:19:45 +0530 Subject: [PATCH 16/19] Update action-security.yml --- .../eberlitz/lcov-reporter-action/action-security.yml | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/knowledge-base/actions/eberlitz/lcov-reporter-action/action-security.yml b/knowledge-base/actions/eberlitz/lcov-reporter-action/action-security.yml index dc71c362c..9487af20b 100644 --- a/knowledge-base/actions/eberlitz/lcov-reporter-action/action-security.yml +++ b/knowledge-base/actions/eberlitz/lcov-reporter-action/action-security.yml @@ -2,11 +2,10 @@ name: "Code Coverage Report" github-token: action-input: input: github_token - is-default: true + is-default: false permissions: - actions: write - actions-reason: to comment PRs with code coverage report - pull-requests: write - pull-requests-reason: to commit the comment + contents: write + contents-reason: to create commit comment with code coverage + issues: write + issues-reason: to comment code coverage on pr #Reference: https://github.com/eberlitz/lcov-reporter-action - #https://github.com/romeovs/lcov-reporter-action From bb1798caafa47e9d39d1508ecd941f1ba8692528 Mon Sep 17 00:00:00 2001 From: Rohit Date: Tue, 20 Sep 2022 20:45:50 +0530 Subject: [PATCH 17/19] Add KBs for actions --- .../actions/irongut/editrelease/action-security.yml | 9 +++++++++ 1 file changed, 9 insertions(+) create mode 100644 knowledge-base/actions/irongut/editrelease/action-security.yml diff --git a/knowledge-base/actions/irongut/editrelease/action-security.yml b/knowledge-base/actions/irongut/editrelease/action-security.yml new file mode 100644 index 000000000..40e2c4f4c --- /dev/null +++ b/knowledge-base/actions/irongut/editrelease/action-security.yml @@ -0,0 +1,9 @@ +name: "Edit Release" +# irongut/EditRelease +github-token: + action-input: + input: token + is-default: false + permissions: + contents: write + contents-reason: to edit release details From cf3958a937acf572068353c964234979f23c66d6 Mon Sep 17 00:00:00 2001 From: Rohit Kumar Singh <95624394+RksRocks@users.noreply.github.com> Date: Tue, 20 Sep 2022 20:51:41 +0530 Subject: [PATCH 18/19] Update action-security.yml --- .../actions/chrnorm/deployment-status/action-security.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/knowledge-base/actions/chrnorm/deployment-status/action-security.yml b/knowledge-base/actions/chrnorm/deployment-status/action-security.yml index 3559437cd..55996fcdb 100644 --- a/knowledge-base/actions/chrnorm/deployment-status/action-security.yml +++ b/knowledge-base/actions/chrnorm/deployment-status/action-security.yml @@ -5,5 +5,5 @@ github-token: is-default: false permissions: deployments: write - seployments-reasons: to update status of deployments + deployments-reasons: to update status of deployments #Reference: https://github.com/chrnorm/deployment-status/blob/8a81fd4d7b467e95818f2c6a1b5b228de211e90c/src/main.ts From 44b193129478c9c4be0d6c5d85904ce6bf256500 Mon Sep 17 00:00:00 2001 From: Rohit Kumar Singh <95624394+RksRocks@users.noreply.github.com> Date: Tue, 20 Sep 2022 20:57:01 +0530 Subject: [PATCH 19/19] Update action-security.yml --- .../actions/chrnorm/deployment-status/action-security.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/knowledge-base/actions/chrnorm/deployment-status/action-security.yml b/knowledge-base/actions/chrnorm/deployment-status/action-security.yml index 55996fcdb..db4223e07 100644 --- a/knowledge-base/actions/chrnorm/deployment-status/action-security.yml +++ b/knowledge-base/actions/chrnorm/deployment-status/action-security.yml @@ -5,5 +5,5 @@ github-token: is-default: false permissions: deployments: write - deployments-reasons: to update status of deployments + deployments-reason: to update status of deployments #Reference: https://github.com/chrnorm/deployment-status/blob/8a81fd4d7b467e95818f2c6a1b5b228de211e90c/src/main.ts