Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update checkmarx-ts/checkmarx-cxflow-github-action digest to 7d4d015 #94

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Update checkmarx-ts/checkmarx-cxflow-github-action digest to 7d4d015 #94

wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Aug 6, 2024
edited
Loading

This PR contains the following updates:

Package Type Update Change
checkmarx-ts/checkmarx-cxflow-github-action action digest 49d8269 -> 7d4d015

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@dryrunsecurity DryRunSecurity
Copy link

dryrunsecurity bot commented Aug 6, 2024
edited
Loading

DryRun Security Summary

The pull request updates the Checkmarx CxFlow GitHub Action version to enhance application security by integrating static application security testing (SAST) into the GitHub workflow.

Expand for full summary

Summary:

The code change in this pull request updates the version of the Checkmarx CxFlow GitHub Action used in the GitHub workflow. The Checkmarx CxFlow Action is a tool that integrates Checkmarx's static application security testing (SAST) into the GitHub workflow. This update is a positive step towards improving the security of the application, as it can help identify vulnerabilities early in the software development lifecycle.

From an application security perspective, the key points to consider are the version update, the integration of Checkmarx SAST, the handling of sensitive information, the scan filters, and the SARIF report upload. It's important to ensure that the sensitive information is properly secured, the scan filters are configured correctly, and the SARIF report is reviewed and addressed as needed. Overall, this code change appears to be a step in the right direction for improving the security of the application.

Files Changed:

  • .github/workflows/checkmarx.yml: This file updates the version of the Checkmarx CxFlow GitHub Action used in the GitHub workflow. The changes include updating the version of the action, integrating Checkmarx SAST into the workflow, handling sensitive information, configuring scan filters, and uploading the SARIF report to GitHub.

Code Analysis

We ran 9 analyzers against 1 file and 0 analyzers had findings. 9 analyzers had no findings.

View PR in the DryRun Dashboard.

@guardrails GuardRails
Copy link

guardrails bot commented Aug 6, 2024
edited
Loading

⚠️ We detected 1 security issue in this pull request:

Hard-Coded Secrets (1)
Severity Details Docs
Medium Title: Github Key

scsctl/.github/workflows/checkmarx.yml

Line 41 in 757b9b3

uses: checkmarx-ts/checkmarx-cxflow-github-action@21abae31310088c06faf29d1be84374c7e0eee42
📚

More info on how to fix Hard-Coded Secrets in General.

👉 Go to the dashboard for detailed results.

📥 Happy? Share your feedback with us.

@renovate renovate bot changed the title Update checkmarx-ts/checkmarx-cxflow-github-action digest to c272adf Update checkmarx-ts/checkmarx-cxflow-github-action digest to 21abae3 Sep 2, 2024
@renovate renovate bot force-pushed the renovate/checkmarx-ts-checkmarx-cxflow-github-action-digest branch from 6a18118 to 757b9b3 Compare September 2, 2024 09:15
@renovate renovate bot changed the title Update checkmarx-ts/checkmarx-cxflow-github-action digest to 21abae3 Update checkmarx-ts/checkmarx-cxflow-github-action digest to 069b07b Oct 7, 2024
@renovate renovate bot force-pushed the renovate/checkmarx-ts-checkmarx-cxflow-github-action-digest branch from 757b9b3 to 9e51277 Compare October 7, 2024 17:00
@github-actions GitHub Actions
Copy link

github-actions bot commented Dec 7, 2024

Stale pull request message

@renovate renovate bot changed the title Update checkmarx-ts/checkmarx-cxflow-github-action digest to 069b07b Update checkmarx-ts/checkmarx-cxflow-github-action digest to 680f3d2 Dec 13, 2024
@renovate renovate bot force-pushed the renovate/checkmarx-ts-checkmarx-cxflow-github-action-digest branch from 9e51277 to edd330d Compare December 13, 2024 07:30
@renovate renovate bot changed the title Update checkmarx-ts/checkmarx-cxflow-github-action digest to 680f3d2 Update checkmarx-ts/checkmarx-cxflow-github-action digest to bfcb481 Jan 8, 2025
@renovate renovate bot force-pushed the renovate/checkmarx-ts-checkmarx-cxflow-github-action-digest branch from edd330d to 40427c9 Compare January 8, 2025 13:24
@renovate renovate bot changed the title Update checkmarx-ts/checkmarx-cxflow-github-action digest to bfcb481 Update checkmarx-ts/checkmarx-cxflow-github-action digest to 7d4d015 Jan 15, 2025
@renovate renovate bot force-pushed the renovate/checkmarx-ts-checkmarx-cxflow-github-action-digest branch from 40427c9 to 3497679 Compare January 15, 2025 11:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants