Skip to content

chore: add infra tasks#199

Open
daryapyskwork wants to merge 10 commits intodevelopmentfrom
add-issue-infra-tasks
Open

chore: add infra tasks#199
daryapyskwork wants to merge 10 commits intodevelopmentfrom
add-issue-infra-tasks

Conversation

@daryapyskwork
Copy link
Collaborator

@daryapyskwork daryapyskwork commented Mar 5, 2026

Applicable issues

  • fixes #

Description of changes

Add issues for infrastructure tasks

Checklist

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

@ai-dial-actions
Copy link
Contributor

ai-dial-actions commented Mar 5, 2026

Dependency Review

The following issues were found:
  • ✅ 0 vulnerable package(s)
  • ✅ 0 package(s) with incompatible licenses
  • ✅ 0 package(s) with invalid SPDX license definitions
  • ⚠️ 2 package(s) with unknown licenses.
See the Details below.

License Issues

settings.gradle

PackageVersionLicenseIssue Type
com.gradle:common-custom-user-data-gradle-plugin2.1NullUnknown License
com.gradle:develocity-gradle-plugin4.2NullUnknown License

OpenSSF Scorecard

PackageVersionScoreDetails
maven/com.gradle:common-custom-user-data-gradle-plugin 2.1 UnknownUnknown
maven/com.gradle:develocity-gradle-plugin 4.2 UnknownUnknown

Scanned Files

  • settings.gradle

@ai-dial-actions
Copy link
Contributor

ai-dial-actions commented Mar 10, 2026

Dependency Review

The following issues were found:
  • ✅ 0 vulnerable package(s)
  • ✅ 0 package(s) with incompatible licenses
  • ✅ 0 package(s) with invalid SPDX license definitions
  • ⚠️ 4 package(s) with unknown licenses.
See the Details below.

License Issues

settings.gradle

PackageVersionLicenseIssue Type
com.gradle:common-custom-user-data-gradle-plugin2.1NullUnknown License
com.gradle:develocity-gradle-plugin4.3.1NullUnknown License
com.gradle:common-custom-user-data-gradle-plugin2.1NullUnknown License
com.gradle:develocity-gradle-plugin4.3.1NullUnknown License

OpenSSF Scorecard

PackageVersionScoreDetails
actions/peter-evans/slash-command-dispatch 9bdcd7914ec1b75590b790b844aa3b8eee7c683a 🟢 4.1
Details
CheckScoreReason
Maintained🟢 77 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 7
Code-Review⚠️ 1Found 1/6 approved changesets -- score normalized to 1
Binary-Artifacts🟢 10no binaries found in the repo
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies⚠️ 1dependency not pinned by hash detected -- score normalized to 1
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Fuzzing⚠️ 0project is not fuzzed
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Security-Policy⚠️ 0security policy file not detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
maven/com.gradle:common-custom-user-data-gradle-plugin 2.1 UnknownUnknown
maven/com.gradle:develocity-gradle-plugin 4.3.1 UnknownUnknown
maven/com.gradle:common-custom-user-data-gradle-plugin 2.1 UnknownUnknown
maven/com.gradle:develocity-gradle-plugin 4.3.1 UnknownUnknown

Scanned Files

  • .github/workflows/slash-command-dispatch.yml
  • settings.gradle

@ai-dial-actions
Copy link
Contributor

ai-dial-actions commented Mar 10, 2026

Dependency Review

The following issues were found:
  • ✅ 0 vulnerable package(s)
  • ✅ 0 package(s) with incompatible licenses
  • ✅ 0 package(s) with invalid SPDX license definitions
  • ⚠️ 4 package(s) with unknown licenses.
See the Details below.

License Issues

settings.gradle

PackageVersionLicenseIssue Type
com.gradle:common-custom-user-data-gradle-plugin2.1NullUnknown License
com.gradle:develocity-gradle-plugin4.3.1NullUnknown License
com.gradle:common-custom-user-data-gradle-plugin2.1NullUnknown License
com.gradle:develocity-gradle-plugin4.3.1NullUnknown License

OpenSSF Scorecard

PackageVersionScoreDetails
actions/peter-evans/slash-command-dispatch 9bdcd7914ec1b75590b790b844aa3b8eee7c683a 🟢 4.1
Details
CheckScoreReason
Maintained🟢 77 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 7
Code-Review⚠️ 1Found 1/6 approved changesets -- score normalized to 1
Binary-Artifacts🟢 10no binaries found in the repo
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies⚠️ 1dependency not pinned by hash detected -- score normalized to 1
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Fuzzing⚠️ 0project is not fuzzed
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Security-Policy⚠️ 0security policy file not detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
maven/com.gradle:common-custom-user-data-gradle-plugin 2.1 UnknownUnknown
maven/com.gradle:develocity-gradle-plugin 4.3.1 UnknownUnknown
maven/com.gradle:common-custom-user-data-gradle-plugin 2.1 UnknownUnknown
maven/com.gradle:develocity-gradle-plugin 4.3.1 UnknownUnknown

Scanned Files

  • .github/workflows/slash-command-dispatch.yml
  • settings.gradle

@ai-dial-actions
Copy link
Contributor

ai-dial-actions commented Mar 10, 2026

Dependency Review

The following issues were found:
  • ✅ 0 vulnerable package(s)
  • ✅ 0 package(s) with incompatible licenses
  • ✅ 0 package(s) with invalid SPDX license definitions
  • ⚠️ 4 package(s) with unknown licenses.
See the Details below.

License Issues

settings.gradle

PackageVersionLicenseIssue Type
com.gradle:common-custom-user-data-gradle-plugin2.1NullUnknown License
com.gradle:develocity-gradle-plugin4.3.1NullUnknown License
com.gradle:common-custom-user-data-gradle-plugin2.1NullUnknown License
com.gradle:develocity-gradle-plugin4.3.1NullUnknown License

OpenSSF Scorecard

PackageVersionScoreDetails
actions/peter-evans/slash-command-dispatch 9bdcd7914ec1b75590b790b844aa3b8eee7c683a 🟢 4.1
Details
CheckScoreReason
Maintained🟢 77 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 7
Code-Review⚠️ 1Found 1/6 approved changesets -- score normalized to 1
Binary-Artifacts🟢 10no binaries found in the repo
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies⚠️ 1dependency not pinned by hash detected -- score normalized to 1
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Fuzzing⚠️ 0project is not fuzzed
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Security-Policy⚠️ 0security policy file not detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
maven/com.gradle:common-custom-user-data-gradle-plugin 2.1 UnknownUnknown
maven/com.gradle:develocity-gradle-plugin 4.3.1 UnknownUnknown
maven/com.gradle:common-custom-user-data-gradle-plugin 2.1 UnknownUnknown
maven/com.gradle:develocity-gradle-plugin 4.3.1 UnknownUnknown

Scanned Files

  • .github/workflows/slash-command-dispatch.yml
  • settings.gradle

@daryapyskwork daryapyskwork reopened this Mar 10, 2026
@ai-dial-actions
Copy link
Contributor

ai-dial-actions commented Mar 10, 2026

Dependency Review

The following issues were found:
  • ✅ 0 vulnerable package(s)
  • ✅ 0 package(s) with incompatible licenses
  • ✅ 0 package(s) with invalid SPDX license definitions
  • ⚠️ 2 package(s) with unknown licenses.
See the Details below.

License Issues

settings.gradle

PackageVersionLicenseIssue Type
com.gradle:common-custom-user-data-gradle-plugin2.1NullUnknown License
com.gradle:develocity-gradle-plugin4.3.1NullUnknown License

OpenSSF Scorecard

PackageVersionScoreDetails
maven/com.gradle:common-custom-user-data-gradle-plugin 2.1 UnknownUnknown
maven/com.gradle:develocity-gradle-plugin 4.3.1 UnknownUnknown

Scanned Files

  • settings.gradle

@ai-dial-actions
Copy link
Contributor

ai-dial-actions commented Mar 10, 2026

Dependency Review

The following issues were found:
  • ✅ 0 vulnerable package(s)
  • ✅ 0 package(s) with incompatible licenses
  • ✅ 0 package(s) with invalid SPDX license definitions
  • ⚠️ 2 package(s) with unknown licenses.
See the Details below.

License Issues

settings.gradle

PackageVersionLicenseIssue Type
com.gradle:common-custom-user-data-gradle-plugin2.1NullUnknown License
com.gradle:develocity-gradle-plugin4.3.1NullUnknown License

OpenSSF Scorecard

PackageVersionScoreDetails
maven/com.gradle:common-custom-user-data-gradle-plugin 2.1 UnknownUnknown
maven/com.gradle:develocity-gradle-plugin 4.3.1 UnknownUnknown

Scanned Files

  • settings.gradle

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@nepalevov nepalevov Awaiting requested review from nepalevov nepalevov is a code owner

@alexey-ban alexey-ban Awaiting requested review from alexey-ban alexey-ban is a code owner

@siarhei-fedziukovich siarhei-fedziukovich Awaiting requested review from siarhei-fedziukovich siarhei-fedziukovich is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@daryapyskwork @ai-dial-actions