Fix: フレンドサーバー申請時、ドメインを偽装して無関係のInboxを指定できる脆弱性 #2939
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Ruby Linting | |
| on: | |
| merge_group: | |
| push: | |
| branches: | |
| - 'main' | |
| - 'kb*' | |
| - 'upstream-*' | |
| - 'releases/*' | |
| - 'stable-*' | |
| paths: | |
| - 'Gemfile*' | |
| - '.rubocop*.yml' | |
| - '.ruby-version' | |
| - 'config/brakeman.ignore' | |
| - '**/*.rb' | |
| - '**/*.rake' | |
| - '.github/workflows/lint-ruby.yml' | |
| pull_request: | |
| paths: | |
| - 'Gemfile*' | |
| - '.rubocop*.yml' | |
| - '.ruby-version' | |
| - 'config/brakeman.ignore' | |
| - '**/*.rb' | |
| - '**/*.rake' | |
| - '.github/workflows/lint-ruby.yml' | |
| jobs: | |
| lint: | |
| runs-on: ubuntu-latest | |
| env: | |
| BUNDLE_ONLY: development | |
| steps: | |
| - name: Clone repository | |
| uses: actions/checkout@v4 | |
| - name: Set up Ruby | |
| uses: ruby/setup-ruby@v1 | |
| with: | |
| bundler-cache: true | |
| - name: Set-up RuboCop Problem Matcher | |
| uses: r7kamura/rubocop-problem-matchers-action@v1 | |
| - name: Run rubocop | |
| run: bin/rubocop | |
| - name: Run brakeman | |
| if: always() # Run both checks, even if the first failed | |
| run: bin/brakeman |