From 27e71485a280fe66917ab24aa2f0ee076cf0838e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Er=C3=A7etinG=C3=BCler?= <93947784+starerco@users.noreply.github.com> Date: Sat, 13 Nov 2021 04:12:43 +0200 Subject: [PATCH 01/10] Create v.2.4.0.yml --- kodlama/git/v.2.4.0.yml | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 kodlama/git/v.2.4.0.yml diff --git a/kodlama/git/v.2.4.0.yml b/kodlama/git/v.2.4.0.yml new file mode 100644 index 0000000..bec49c6 --- /dev/null +++ b/kodlama/git/v.2.4.0.yml @@ -0,0 +1,2 @@ +- isim: Git Sürümü + kullanır: kodacy/git-version@2.4.0 From df18760f277b2f0771bb8f2a0b38a673b2d2a297 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?DijitalYa=C5=9Fam?= <93947784+biyonik-ci@users.noreply.github.com> Date: Fri, 4 Mar 2022 08:47:20 +0300 Subject: [PATCH 02/10] Create SECURITY.md --- SECURITY.md | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) create mode 100644 SECURITY.md diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 0000000..034e848 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,21 @@ +# Security Policy + +## Supported Versions + +Use this section to tell people about which versions of your project are +currently being supported with security updates. + +| Version | Supported | +| ------- | ------------------ | +| 5.1.x | :white_check_mark: | +| 5.0.x | :x: | +| 4.0.x | :white_check_mark: | +| < 4.0 | :x: | + +## Reporting a Vulnerability + +Use this section to tell people how to report a vulnerability. + +Tell them where to go, how often they can expect to get an update on a +reported vulnerability, what to expect if the vulnerability is accepted or +declined, etc. From 7dc0f08dd161ccc29c82e142dd159299c9634f4a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?DijitalYa=C5=9Fam?= <93947784+biyonik-ci@users.noreply.github.com> Date: Fri, 4 Mar 2022 08:47:40 +0300 Subject: [PATCH 03/10] Create codacy.yml --- .github/workflows/codacy.yml | 60 ++++++++++++++++++++++++++++++++++++ 1 file changed, 60 insertions(+) create mode 100644 .github/workflows/codacy.yml diff --git a/.github/workflows/codacy.yml b/.github/workflows/codacy.yml new file mode 100644 index 0000000..6303a87 --- /dev/null +++ b/.github/workflows/codacy.yml @@ -0,0 +1,60 @@ +# This workflow uses actions that are not certified by GitHub. +# They are provided by a third-party and are governed by +# separate terms of service, privacy policy, and support +# documentation. + +# This workflow checks out code, performs a Codacy security scan +# and integrates the results with the +# GitHub Advanced Security code scanning feature. For more information on +# the Codacy security scan action usage and parameters, see +# https://github.com/codacy/codacy-analysis-cli-action. +# For more information on Codacy Analysis CLI in general, see +# https://github.com/codacy/codacy-analysis-cli. + +name: Codacy Security Scan + +on: + push: + branches: [ master ] + pull_request: + # The branches below must be a subset of the branches above + branches: [ master ] + schedule: + - cron: '41 20 * * 6' + +permissions: + contents: read + +jobs: + codacy-security-scan: + permissions: + contents: read # for actions/checkout to fetch code + security-events: write # for github/codeql-action/upload-sarif to upload SARIF results + name: Codacy Security Scan + runs-on: ubuntu-latest + steps: + # Checkout the repository to the GitHub Actions runner + - name: Checkout code + uses: actions/checkout@v2 + + # Execute Codacy Analysis CLI and generate a SARIF output with the security issues identified during the analysis + - name: Run Codacy Analysis CLI + uses: codacy/codacy-analysis-cli-action@d840f886c4bd4edc059706d09c6a1586111c540b + with: + # Check https://github.com/codacy/codacy-analysis-cli#project-token to get your project token from your Codacy repository + # You can also omit the token and run the tools that support default configurations + project-token: ${{ secrets.CODACY_PROJECT_TOKEN }} + verbose: true + output: results.sarif + format: sarif + # Adjust severity of non-security issues + gh-code-scanning-compat: true + # Force 0 exit code to allow SARIF file generation + # This will handover control about PR rejection to the GitHub side + max-allowed-issues: 2147483647 + + # Upload the SARIF file generated in the previous step + - name: Upload SARIF results file + uses: github/codeql-action/upload-sarif@v1 + with: + sarif_file: results.sarif From ba797d39ab220a61ce29bf336b682ee45f3944ab Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Er=C3=A7etinG=C3=BCler?= <93947784+ErcetinGuler@users.noreply.github.com> Date: Tue, 8 Mar 2022 05:27:02 +0300 Subject: [PATCH 04/10] Create codeql.yml --- .github/workflows/codeql.yml | 70 ++++++++++++++++++++++++++++++++++++ 1 file changed, 70 insertions(+) create mode 100644 .github/workflows/codeql.yml diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml new file mode 100644 index 0000000..9dff84d --- /dev/null +++ b/.github/workflows/codeql.yml @@ -0,0 +1,70 @@ +# For most projects, this workflow file will not need changing; you simply need +# to commit it to your repository. +# +# You may wish to alter this file to override the set of languages analyzed, +# or to provide custom queries or build logic. +# +# ******** NOTE ******** +# We have attempted to detect the languages in your repository. Please check +# the `language` matrix defined below to confirm you have the correct set of +# supported CodeQL languages. +# +name: "CodeQL" + +on: + push: + branches: [ master ] + pull_request: + # The branches below must be a subset of the branches above + branches: [ master ] + schedule: + - cron: '23 5 * * 3' + +jobs: + analyze: + name: Analyze + runs-on: ubuntu-latest + permissions: + actions: read + contents: read + security-events: write + + strategy: + fail-fast: false + matrix: + language: [ ] + # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ] + # Learn more about CodeQL language support at https://git.io/codeql-language-support + + steps: + - name: Checkout repository + uses: actions/checkout@v2 + + # Initializes the CodeQL tools for scanning. + - name: Initialize CodeQL + uses: github/codeql-action/init@v1 + with: + languages: ${{ matrix.language }} + # If you wish to specify custom queries, you can do so here or in a config file. + # By default, queries listed here will override any specified in a config file. + # Prefix the list here with "+" to use these queries and those in the config file. + # queries: ./path/to/local/query, your-org/your-repo/queries@main + + # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). + # If this step fails, then you should remove it and run the build manually (see below) + - name: Autobuild + uses: github/codeql-action/autobuild@v1 + + # ℹ️ Command-line programs to run using the OS shell. + # 📚 https://git.io/JvXDl + + # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines + # and modify them (or add more) to build your code if your project + # uses a compiled language + + #- run: | + # make bootstrap + # make release + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v1 From c8d06ac51fa04a037097cac2fb2649a5c0dc0b9f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Er=C3=A7etin=20G=C3=BCler?= Date: Fri, 24 Jun 2022 16:13:13 +0300 Subject: [PATCH 05/10] Create 2.4.0 --- 2.4.0 | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 2.4.0 diff --git a/2.4.0 b/2.4.0 new file mode 100644 index 0000000..f81c5a7 --- /dev/null +++ b/2.4.0 @@ -0,0 +1,2 @@ +- name: Git Version + uses: codacy/git-version@2.4.0 From 1be6d2bcf5df4d4e88611ddecfafb57348dea3e1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Er=C3=A7etin=20G=C3=BCler?= Date: Fri, 12 Aug 2022 20:12:18 +0300 Subject: [PATCH 06/10] Update action.yml --- action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/action.yml b/action.yml index 62fa241..95f70ab 100644 --- a/action.yml +++ b/action.yml @@ -1,4 +1,4 @@ -name: Git Version +name: CodesExe author: "Codacy" description: 'Semver versioning based on the git history and commit messages of your repository.' branding: From ddf588dae8cea65dd85805b4dab20d16c86dc7f5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Er=C3=A7etin=20G=C3=BCler?= Date: Sat, 13 Aug 2022 00:06:11 +0300 Subject: [PATCH 07/10] Update action.yml --- action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/action.yml b/action.yml index 95f70ab..66db778 100644 --- a/action.yml +++ b/action.yml @@ -1,4 +1,4 @@ -name: CodesExe +name: New Idea author: "Codacy" description: 'Semver versioning based on the git history and commit messages of your repository.' branding: From cfb0b5826b25d8c299dc76fe36f2b6469fd9d868 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Er=C3=A7etin=20G=C3=BCler?= Date: Sat, 13 Aug 2022 00:09:04 +0300 Subject: [PATCH 08/10] Update action.yml --- action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/action.yml b/action.yml index 66db778..2f53efd 100644 --- a/action.yml +++ b/action.yml @@ -1,4 +1,4 @@ -name: New Idea +name: Flow author: "Codacy" description: 'Semver versioning based on the git history and commit messages of your repository.' branding: From 3b15acd846dd0118f3cfd42607b958b3fd088510 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Er=C3=A7etin=20G=C3=BCler?= Date: Sat, 13 Aug 2022 00:10:11 +0300 Subject: [PATCH 09/10] Update action.yml --- action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/action.yml b/action.yml index 2f53efd..2fea462 100644 --- a/action.yml +++ b/action.yml @@ -1,4 +1,4 @@ -name: Flow +name: Trend author: "Codacy" description: 'Semver versioning based on the git history and commit messages of your repository.' branding: From e06ecd61c46443e3ab8b917b6a4dcb87656584c8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Er=C3=A7etin=20G=C3=BCler?= Date: Sat, 13 Aug 2022 00:11:45 +0300 Subject: [PATCH 10/10] Update action.yml --- action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/action.yml b/action.yml index 2fea462..b73899e 100644 --- a/action.yml +++ b/action.yml @@ -1,4 +1,4 @@ -name: Trend +name: Additional Version author: "Codacy" description: 'Semver versioning based on the git history and commit messages of your repository.' branding: