akanealw/Charon
1
0
Fork 0
Code Issues Pull Requests Actions 9 Packages Projects Releases Wiki Activity

Merge branch 'development' into main

Browse Source
This commit is contained in:
Jeremy
2026-02-02 09:37:27 -05:00
committed by GitHub
parent b27fb306f7 cc92c666d5
commit 28ce642f94
8 changed files with 258 additions and 172 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.github/workflows/renovate.yml
+1 -1
View File
@@ -25,7 +25,7 @@ jobs:
fetch-depth: 1
- name: Run Renovate
uses: renovatebot/github-action@957af03d760b2c87fc65cb95628f6d5f95d9c578 # v46.0.0
uses: renovatebot/github-action@3c68caaa9db5ff24332596591dc7c4fed8de16ce # v46.0.1
with:
configurationFile: .github/renovate.json
token: ${{ secrets.RENOVATE_TOKEN || secrets.GITHUB_TOKEN }}
.github/workflows/security-pr.yml
+2 -2
View File
@@ -234,7 +234,7 @@ jobs:
- name: Upload Trivy SARIF to GitHub Security
if: steps.check-artifact.outputs.artifact_exists == 'true'
# github/codeql-action v4
uses: github/codeql-action/upload-sarif@f985be5b50bd175586d44aac9ac52926adf12893
uses: github/codeql-action/upload-sarif@f52cbc83091da34ce9a8ae0e3db2f977e8d4ecb2
with:
sarif_file: 'trivy-binary-results.sarif'
category: ${{ steps.pr-info.outputs.is_push == 'true' && format('security-scan-{0}', github.event.workflow_run.head_branch) || format('security-scan-pr-{0}', steps.pr-info.outputs.pr_number) }}
@@ -254,7 +254,7 @@ jobs:
- name: Upload scan artifacts
if: always() && steps.check-artifact.outputs.artifact_exists == 'true'
# actions/upload-artifact v4.4.3
uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f
uses: actions/upload-artifact@47309c993abb98030a35d55ef7ff34b7fa1074b5
with:
name: ${{ steps.pr-info.outputs.is_push == 'true' && format('security-scan-{0}', github.event.workflow_run.head_branch) || format('security-scan-pr-{0}', steps.pr-info.outputs.pr_number) }}
path: |
.github/workflows/supply-chain-pr.yml
+2 -2
View File
@@ -296,7 +296,7 @@ jobs:
- name: Upload SARIF to GitHub Security
if: steps.check-artifact.outputs.artifact_found == 'true'
# github/codeql-action v4
uses: github/codeql-action/upload-sarif@f985be5b50bd175586d44aac9ac52926adf12893
uses: github/codeql-action/upload-sarif@f52cbc83091da34ce9a8ae0e3db2f977e8d4ecb2
continue-on-error: true
with:
sarif_file: grype-results.sarif
@@ -305,7 +305,7 @@ jobs:
- name: Upload supply chain artifacts
if: steps.check-artifact.outputs.artifact_found == 'true'
# actions/upload-artifact v4.6.0
uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f
uses: actions/upload-artifact@47309c993abb98030a35d55ef7ff34b7fa1074b5
with:
name: ${{ steps.pr-number.outputs.is_push == 'true' && format('supply-chain-{0}', steps.sanitize.outputs.branch) || format('supply-chain-pr-{0}', steps.pr-number.outputs.pr_number) }}
path: |
.github/workflows/update-geolite2.yml
+2 -1
View File
@@ -96,7 +96,8 @@ jobs:
set -euo pipefail
echo "🔍 Verifying Dockerfile syntax..."
docker build --dry-run -f Dockerfile . || {
# Use BuildKit's --check flag for syntax validation (no actual build)
DOCKER_BUILDKIT=1 docker build --check -f Dockerfile . 2>&1 || {
echo "❌ Dockerfile syntax validation failed"
exit 1
}