Skip to content

Commit

Permalink
chore: Code scanning
Browse files Browse the repository at this point in the history
  • Loading branch information
@itsmechlark
itsmechlark committed Sep 8, 2023
1 parent 9ad89e4 commit a2f9d1b
Show file tree
Hide file tree
Showing 6 changed files with 150 additions and 38 deletions.
96 changes: 96 additions & 0 deletions .github/workflows/code.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,96 @@
name: "Code Scanning"

on:
push:
branches: [ "main" ]
pull_request:
branches: [ "main" ]
schedule:
- cron: '37 15 * * 3'

jobs:
codeql:
name: CodeQL Scan
runs-on: ubuntu-latest
timeout-minutes: 360
permissions:
actions: read
contents: read
security-events: write

steps:
- name: Checkout repository
uses: actions/checkout@v3

- name: Initialize CodeQL
uses: github/codeql-action/init@v2
with:
languages: ruby

- name: Autobuild
uses: github/codeql-action/autobuild@v2

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2
with:
category: "/language:ruby"

rubocop:
runs-on: ubuntu-latest
strategy:
fail-fast: false

steps:
- name: Checkout repository
uses: actions/checkout@v3

- name: Set up Ruby
uses: ruby/setup-ruby@v1
with:
ruby-version: 3.0

- name: Install dependencies
run: bundle install

- name: Rubocop run
run: |
bash -c "
bundle exec rubocop --require code_scanning --format CodeScanning::SarifFormatter -o rubocop.sarif
[[ $? -ne 2 ]]
"
- name: Upload Sarif output
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: rubocop.sarif

# brakeman-scan:
# name: Brakeman Scan
# runs-on: ubuntu-latest
# permissions:
# contents: read
# security-events: write
# actions: read

# steps:
# - name: Checkout
# uses: actions/checkout@v3

# - name: Setup Ruby
# uses: ruby/setup-ruby@v1
# with:
# ruby-version: '3.0'

# - name: Setup Brakeman
# run: |
# gem install brakeman

# - name: Scan
# continue-on-error: true
# run: |
# brakeman -f sarif -o brakeman.sarif.json .

# - name: Upload SARIF
# uses: github/codeql-action/upload-sarif@v2
# with:
# sarif_file: brakeman.sarif.json
3 changes: 3 additions & 0 deletions .gitignore
View file
Original file line number Diff line number Diff line change
Expand Up @@ -62,3 +62,6 @@ gemfiles/*.lock
/spec/fixtures/rails_app/log/*
/spec/fixtures/rails_app/tmp/*
*.sqlite3

rubocop.sarif
brakeman.sarif.json
1 change: 1 addition & 0 deletions .rubocop.yml
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
require:
- code_scanning
- rubocop-performance
- rubocop-rake
- rubocop-rails
Expand Down
85 changes: 48 additions & 37 deletions Gemfile.lock
View file
Original file line number Diff line number Diff line change
Expand Up @@ -87,7 +87,7 @@ GIT
PATH
remote: .
specs:
devise-auth0 (1.0.0.rc10)
devise-auth0 (1.0.0)
auth0 (~> 5.6)
devise (~> 4.8)
dry-configurable (~> 0.13)
Expand All @@ -109,42 +109,44 @@ GEM
rake
thor (>= 0.14.0)
ast (2.4.2)
auth0 (5.8.0)
auth0 (5.14.1)
addressable (~> 2.8)
jwt (~> 2.2)
jwt (~> 2.7)
rest-client (~> 2.1)
retryable (~> 3.0)
zache (~> 0.12)
base64 (0.1.1)
bcrypt (3.1.18)
bcrypt (3.1.19)
builder (3.2.4)
byebug (11.1.3)
code-scanning-rubocop (0.6.1)
rubocop (~> 1.0)
coderay (1.1.3)
concurrent-ruby (1.2.2)
crack (0.4.5)
rexml
crass (1.0.6)
devise (4.8.1)
devise (4.9.2)
bcrypt (~> 3.0)
orm_adapter (~> 0.1)
railties (>= 4.1.0)
responders
warden (~> 1.2.3)
diff-lcs (1.5.0)
digest (3.1.0)
docile (1.4.0)
domain_name (0.5.20190701)
unf (>= 0.0.5, < 1.0.0)
dotenv (2.7.6)
dry-configurable (0.15.0)
concurrent-ruby (~> 1.0)
dry-configurable (0.16.1)
dry-core (~> 0.6)
dry-core (0.7.1)
zeitwerk (~> 2.6)
dry-core (0.9.1)
concurrent-ruby (~> 1.0)
zeitwerk (~> 2.6)
erubi (1.12.0)
faker (2.21.0)
i18n (>= 1.8.11, < 2)
faraday (1.10.0)
faraday (1.10.3)
faraday-em_http (~> 1.0)
faraday-em_synchrony (~> 1.0)
faraday-excon (~> 1.1)
Expand All @@ -159,11 +161,11 @@ GEM
faraday-em_http (1.0.0)
faraday-em_synchrony (1.0.0)
faraday-excon (1.1.0)
faraday-http-cache (2.3.0)
faraday-http-cache (2.5.0)
faraday (>= 0.8)
faraday-httpclient (1.0.1)
faraday-multipart (1.0.3)
multipart-post (>= 1.2, < 3)
faraday-multipart (1.0.4)
multipart-post (~> 2)
faraday-net_http (1.0.1)
faraday-net_http_persistent (1.2.0)
faraday-patron (1.0.0)
Expand All @@ -179,7 +181,7 @@ GEM
i18n (1.14.1)
concurrent-ruby (~> 1.0)
json (2.6.3)
jwt (2.3.0)
jwt (2.7.1)
language_server-protocol (3.17.0.3)
loofah (2.21.3)
crass (~> 1.0.2)
Expand All @@ -188,23 +190,25 @@ GEM
mini_mime (>= 0.1.1)
marcel (1.0.2)
method_source (1.0.0)
mime-types (3.4.1)
mime-types (3.5.1)
mime-types-data (~> 3.2015)
mime-types-data (3.2022.0105)
mime-types-data (3.2023.0808)
mini_mime (1.1.2)
mini_portile2 (2.8.4)
minitest (5.20.0)
multi_json (1.15.0)
multi_xml (0.6.0)
multipart-parser (0.1.1)
multipart-post (2.1.1)
net-protocol (0.1.3)
multipart-post (2.3.0)
net-protocol (0.2.1)
timeout
net-smtp (0.3.1)
digest
net-smtp (0.3.3)
net-protocol
timeout
netrc (0.11.0)
nio4r (2.5.8)
nokogiri (1.15.4)
mini_portile2 (~> 2.8.2)
racc (~> 1.4)
nokogiri (1.15.4-aarch64-linux)
racc (~> 1.4)
nokogiri (1.15.4-arm64-darwin)
Expand All @@ -213,22 +217,23 @@ GEM
racc (~> 1.4)
nokogiri (1.15.4-x86_64-linux)
racc (~> 1.4)
oauth2 (1.4.9)
oauth2 (2.0.9)
faraday (>= 0.17.3, < 3.0)
jwt (>= 1.0, < 3.0)
multi_json (~> 1.3)
multi_xml (~> 0.5)
rack (>= 1.2, < 3)
omniauth (2.1.0)
rack (>= 1.2, < 4)
snaky_hash (~> 2.0)
version_gem (~> 1.1)
omniauth (2.1.1)
hashie (>= 3.4.6)
rack (>= 2.2.3)
rack-protection
omniauth-auth0 (3.0.0)
omniauth-auth0 (3.1.1)
omniauth (~> 2)
omniauth-oauth2 (~> 1)
omniauth-oauth2 (1.8.0)
oauth2 (>= 1.4, < 3)
omniauth (~> 2.0)
omniauth-oauth2 (~> 1.7)
omniauth-oauth2 (1.7.2)
oauth2 (~> 1.4)
omniauth (>= 1.9, < 3)
omniauth-rails_csrf_protection (1.0.1)
actionpack (>= 4.2)
omniauth (~> 2.0)
Expand All @@ -247,8 +252,8 @@ GEM
public_suffix (4.0.7)
racc (1.7.1)
rack (2.2.8)
rack-protection (2.2.0)
rack
rack-protection (3.1.0)
rack (~> 2.2, >= 2.2.4)
rack-test (2.1.0)
rack (>= 1.3)
rack_session_access (0.2.0)
Expand All @@ -264,9 +269,9 @@ GEM
rainbow (3.1.1)
rake (13.0.6)
regexp_parser (2.8.1)
responders (3.0.1)
actionpack (>= 5.0)
railties (>= 5.0)
responders (3.1.0)
actionpack (>= 5.2)
railties (>= 5.2)
rest-client (2.1.0)
http-accept (>= 1.7.0, < 2.0)
http-cookie (>= 1.0.2, < 2.0)
Expand Down Expand Up @@ -337,6 +342,9 @@ GEM
simplecov_json_formatter (~> 0.1)
simplecov-html (0.12.3)
simplecov_json_formatter (0.1.4)
snaky_hash (2.0.1)
hashie
version_gem (~> 1.1, >= 1.1.1)
sorbet-runtime (0.5.11010)
sprockets (4.0.3)
concurrent-ruby (~> 1.0)
Expand All @@ -350,14 +358,15 @@ GEM
prettier_print (>= 1.2.0)
thor (1.2.2)
timecop (0.9.5)
timeout (0.3.0)
timeout (0.4.0)
tzinfo (2.0.6)
concurrent-ruby (~> 1.0)
unf (0.1.4)
unf_ext
unf_ext (0.0.8.2)
unicode-display_width (2.4.2)
vcr (6.1.0)
version_gem (1.1.3)
warden (1.2.9)
rack (>= 2.0.9)
webmock (3.14.0)
Expand All @@ -368,19 +377,21 @@ GEM
websocket-extensions (>= 0.1.0)
websocket-extensions (0.1.5)
yarp (0.10.0)
zache (0.12.0)
zache (0.13.1)
zeitwerk (2.6.11)

PLATFORMS
aarch64-linux
arm64-darwin-21
ruby
x86_64-darwin-20
x86_64-darwin-21
x86_64-linux

DEPENDENCIES
appraisal (~> 2.4)
bundler (~> 2.0)
code-scanning-rubocop
devise-auth0!
dotenv
faker (~> 2.0)
Expand Down
1 change: 1 addition & 0 deletions devise-auth0.gemspec
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,7 @@ Gem::Specification.new do |s|

s.add_development_dependency("appraisal", "~> 2.4")
s.add_development_dependency("bundler", "~> 2.0")
s.add_development_dependency("code-scanning-rubocop")
s.add_development_dependency("dotenv")
s.add_development_dependency("faker", "~> 2.0")
s.add_development_dependency("multi_json")
Expand Down
2 changes: 1 addition & 1 deletion lib/devise/auth0/version.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

module Devise
module Auth0
VERSION = "1.0.0".freeze
VERSION = "1.0.0"

class << self
def gem_version
Expand Down

0 comments on commit a2f9d1b

Please sign in to comment.