Skip to content

chore: [StepSecurity] Apply security best practices #1054

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
rbarker-dev merged 1 commit into from
May 29, 2025
Merged

chore: [StepSecurity] Apply security best practices #1054

rbarker-dev merged 1 commit into from
May 29, 2025

Conversation

@stepsecurity-app
Copy link
Contributor

@stepsecurity-app stepsecurity-app bot commented May 29, 2025

Summary

This pull request has been generated by StepSecurity as part of your enterprise subscription to ensure compliance with recommended security best practices. Please review and merge the pull request to apply these security enhancements.

Security Fixes

Pinned Dependencies

Pinning GitHub Actions to specific versions or commit SHAs ensures that your workflows remain consistent and secure.
Unpinned actions can lead to unexpected changes or vulnerabilities caused by upstream updates.

StepSecurity Maintained Actions

Risky GitHub Actions can expose your project to potential security risks. Risky actions have been replaced with StepSecurity maintained actions, that are secure drop-in replacements.

Feedback

For bug reports, feature requests, and general feedback; please create an issue in step-security/secure-repo or contact us via our website.

@stepsecurity-app stepsecurity-app bot requested review from a team as code owners May 29, 2025 14:58
@github-actions
Copy link

github-actions bot commented May 29, 2025

Unit Test Results

 26 files  ±0   26 suites  ±0   42s ⏱️ -1s
109 tests ±0  105 ✅ ±0  4 💤 ±0  0 ❌ ±0 
110 runs  ±0  106 ✅ ±0  4 💤 ±0  0 ❌ ±0 

Results for commit 5486630. ± Comparison against base commit b953105.

@codecov
Copy link

codecov bot commented May 29, 2025
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 67.36%. Comparing base (b953105) to head (5486630).
Report is 1 commits behind head on main.

Additional details and impacted files

Impacted file tree graph

@@            Coverage Diff            @@
##               main    #1054   +/-   ##
=========================================
  Coverage     67.36%   67.36%           
  Complexity      339      339           
=========================================
  Files            64       64           
  Lines          1336     1336           
  Branches        157      157           
=========================================
  Hits            900      900           
  Misses          373      373           
  Partials         63       63

Impacted file tree graph

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@sonarqubecloud
Copy link

sonarqubecloud bot commented May 29, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@rbarker-dev rbarker-dev merged commit 825be1e into main May 29, 2025
18 checks passed
@rbarker-dev rbarker-dev deleted the chore/GHA-291458-stepsecurity-remediation branch May 29, 2025 15:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rbarker-dev rbarker-dev rbarker-dev approved these changes

@nathanklick nathanklick Awaiting requested review from nathanklick nathanklick is a code owner automatically assigned from hashgraph/release-engineering-managers

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@rbarker-dev