From fda3b444482204a67e37b3a6f47c4199c7061671 Mon Sep 17 00:00:00 2001 From: Kiril Kartunov Date: Fri, 24 Oct 2025 11:08:53 +0300 Subject: [PATCH 1/3] adds Trivy workflow --- .github/workflows/trivy.yaml | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 .github/workflows/trivy.yaml diff --git a/.github/workflows/trivy.yaml b/.github/workflows/trivy.yaml new file mode 100644 index 0000000..85b3cad --- /dev/null +++ b/.github/workflows/trivy.yaml @@ -0,0 +1,30 @@ +name: Trivy Scanner +on: + push: + branches: + - main + - dev + pull_request: +jobs: + trivy-scan: + name: Use Trivy + runs-on: ubuntu-24.04 + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Run Trivy scanner in repo mode + uses: aquasecurity/trivy-action@0.33.1 + with: + scan-type: 'fs' + ignore-unfixed: true + format: 'sarif' + output: 'trivy-results.sarif' + severity: 'CRITICAL,HIGH,UNKNOWN' + scanners: vuln,secret,misconfig,license + github-pat: ${{ secrets.GITHUB_TOKEN }} + + - name: Upload Trivy scan results to GitHub Security tab + uses: github/codeql-action/upload-sarif@v3 + with: + sarif_file: 'trivy-results.sarif' \ No newline at end of file From 0153de2ed581fea16dcdd7693b906194e75e81c5 Mon Sep 17 00:00:00 2001 From: Vasilica Olariu Date: Mon, 27 Oct 2025 07:35:59 +0200 Subject: [PATCH 2/3] PS-429 - Use custom date format when updating dates in legacy system --- src/api/admin/admin.service.ts | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/src/api/admin/admin.service.ts b/src/api/admin/admin.service.ts index 56b36af..72bd34b 100644 --- a/src/api/admin/admin.service.ts +++ b/src/api/admin/admin.service.ts @@ -19,6 +19,16 @@ import { } from 'src/shared/topcoder/challenges.service'; import { Logger } from 'src/shared/global'; +function formatDate(date = new Date()) { + const pad = (n, z = 2) => String(n).padStart(z, '0'); + + return ( + `${date.getFullYear()}-${pad(date.getMonth() + 1)}-${pad(date.getDate())} ` + + `${pad(date.getHours())}:${pad(date.getMinutes())}:${pad(date.getSeconds())}.` + + `${pad(date.getMilliseconds(), 3)}` + ); +} + /** * The admin winning service. */ @@ -322,7 +332,7 @@ export class AdminService { userId: +winning.winner_id, status: body.paymentStatus, amount: body.paymentAmount, - releaseDate: body.releaseDate, + releaseDate: formatDate(new Date(body.releaseDate)), }; await this.tcChallengesService.updateLegacyPayments( From 177965eba53d575584df4cd3a048eadace8c1739 Mon Sep 17 00:00:00 2001 From: Kiril Kartunov Date: Mon, 27 Oct 2025 09:39:36 +0200 Subject: [PATCH 3/3] update Trivy action permissions --- .github/workflows/trivy.yaml | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/.github/workflows/trivy.yaml b/.github/workflows/trivy.yaml index 85b3cad..7b9fa48 100644 --- a/.github/workflows/trivy.yaml +++ b/.github/workflows/trivy.yaml @@ -1,4 +1,8 @@ name: Trivy Scanner + +permissions: + contents: read + security-events: write on: push: branches: @@ -16,15 +20,15 @@ jobs: - name: Run Trivy scanner in repo mode uses: aquasecurity/trivy-action@0.33.1 with: - scan-type: 'fs' + scan-type: "fs" ignore-unfixed: true - format: 'sarif' - output: 'trivy-results.sarif' - severity: 'CRITICAL,HIGH,UNKNOWN' + format: "sarif" + output: "trivy-results.sarif" + severity: "CRITICAL,HIGH,UNKNOWN" scanners: vuln,secret,misconfig,license github-pat: ${{ secrets.GITHUB_TOKEN }} - name: Upload Trivy scan results to GitHub Security tab uses: github/codeql-action/upload-sarif@v3 with: - sarif_file: 'trivy-results.sarif' \ No newline at end of file + sarif_file: "trivy-results.sarif"