From 3f612dcc92a90d270a6918a0ed6d2c97bb2c5473 Mon Sep 17 00:00:00 2001 From: github-actions Date: Tue, 28 May 2024 10:00:14 +0000 Subject: [PATCH 1/2] 0.7.1 Automatically generated by python-semantic-release --- CHANGELOG.md | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 1a197dd..f15f16f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,23 @@ +## v0.7.1 (2024-05-28) + +### Fix + +* fix: Updated github action versions to latest ([`44b46ad`](https://github.com/tattle-made/feluda/commit/44b46ad84d4b651a0f4ca264c21eab23d7defd4f)) + +### Unknown + +* Merge pull request #342 from tattle-made/hotfix + +Hotfix ([`eecc55f`](https://github.com/tattle-made/feluda/commit/eecc55f07d397142f8980c3cc2fedecd15a186a5)) + +* Merge pull request #341 from duggalsu/update_scorecard_workflow + +Update scorecard workflow ([`b2e2aa8`](https://github.com/tattle-made/feluda/commit/b2e2aa852f3377490f6cebd679706678b89e5c50)) + + ## v0.7.0 (2024-05-28) ### Chore From fe9c26a3e61babbae170d855196a4d47e1b45235 Mon Sep 17 00:00:00 2001 From: Aurora <5505558+duggalsu@users.noreply.github.com> Date: Tue, 28 May 2024 15:59:35 +0530 Subject: [PATCH 2/2] fix: Updated pr-security workflow fix: Removed ignored vulnerabilities that were fixed --- .github/workflows/pr-security.yml | 28 ++++------------------------ 1 file changed, 4 insertions(+), 24 deletions(-) diff --git a/.github/workflows/pr-security.yml b/.github/workflows/pr-security.yml index e1c076f..fa26697 100644 --- a/.github/workflows/pr-security.yml +++ b/.github/workflows/pr-security.yml @@ -24,10 +24,10 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 - name: Setup Python version - uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c # v5.0.0 + uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0 with: python-version: '3.11' @@ -50,8 +50,6 @@ jobs: no-deps: true inputs: | ./src/requirements.txt - ignore-vulns: | - GHSA-84pr-m4jr-85g5 - name: pip audit install setup 2 run: | @@ -82,7 +80,7 @@ jobs: ./src/core/operators/vid_vec_rep_resnet_requirements.txt - name: Run Trivy vulnerability scanner in repo mode - uses: aquasecurity/trivy-action@062f2592684a31eb3aa050cc61e7ca1451cecd3d # v0.18.0 + uses: aquasecurity/trivy-action@fd25fed6972e341ff0007ddb61f77e88103953c2 # v0.21.0 with: scan-type: 'fs' ignore-unfixed: true @@ -94,25 +92,7 @@ jobs: skip-dirs: '.vscode,docs' exit-code: '1' - name: Upload Trivy scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@9e39a05578dd315aad814d3c71bd03472cc5b815 # v.3.24.7 + uses: github/codeql-action/upload-sarif@9fdb3e49720b44c48891d036bb502feb25684276 # v.3.25.6 if: always() with: sarif_file: 'trivy-results.sarif' - -# - name: Bandit Scan -# uses: shundor/python-bandit-scan@9cc5aa4a006482b8a7f91134412df6772dbda22c # v1.0 -# with: # optional arguments -# # exit with 0, even with results found -# exit_zero: false # optional, default is DEFAULT -# # File or directory to run bandit on -# path: ./src/ # optional, default is . -# # Report only issues of a given severity level or higher. Can be LOW, MEDIUM or HIGH. Default is UNDEFINED (everything) -# # level: HIGH # optional, default is UNDEFINED -# # Report only issues of a given confidence level or higher. Can be LOW, MEDIUM or HIGH. Default is UNDEFINED (everything) -# # confidence: # optional, default is UNDEFINED -# # comma-separated list of paths (glob patterns supported) to exclude from scan (note that these are in addition to the excluded paths provided in the config file) (default: .svn,CVS,.bzr,.hg,.git,__pycache__,.tox,.eggs,*.egg) -# # excluded_paths: # optional, default is DEFAULT -# # comma-separated list of test IDs to skip -# # skips: # optional, default is DEFAULT -# # path to a .bandit file that supplies command line arguments -# # ini_path: # optional, default is DEFAULT