1
0
mirror of https://github.com/Unleash/unleash.git synced 2024-12-28 00:06:53 +01:00
Commit Graph

15 Commits

Author SHA1 Message Date
Gastón Fournier
05c6f42f7b
fix: avoid expression injection (#4157)
## About the changes
Using toJSON should escape any potentially harmful content from the
username and email input
2023-07-06 07:52:50 +00:00
Gastón Fournier
1f7a948f6d
chore: avoids code injection through git commit (#4147)
## About the changes
Avoids code injection via the committer name or email

Also removes pushing to s3 on `main` folder as it's not used and we're
already pushing to `commits` folder
2023-07-05 13:35:12 +02:00
Gastón Fournier
661cbf2b91
fix: some security vulnerabilities (#4143)
## About the changes
This should address:
https://github.com/Unleash/unleash/security/code-scanning/1,
https://github.com/Unleash/unleash/security/code-scanning/49 and
https://github.com/Unleash/unleash/security/code-scanning/52

Refs:
-
https://securitylab.github.com/research/github-actions-untrusted-input/
-
https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS
- https://datatracker.ietf.org/doc/html/rfc5321#section-4.5.3.1.1

---------

Co-authored-by: Christopher Kolstad <chriswk@getunleash.ai>
2023-07-05 11:51:27 +02:00
Gastón Fournier
28cafd6e06
fix: change to the proper author (#4141)
## About the changes
Based on the information displayed here
https://github.com/Unleash/unleash/actions/runs/5456442710/jobs/9929252672#step:3:11
this is how we should get the email and name of the committer
2023-07-04 19:44:10 +02:00
Gastón Fournier
148842e867
chore: Add debug information (#4140)
## About the changes
Debug information to get the best way of fetching the commit author and
use that to trigger a workflow
2023-07-04 17:34:35 +02:00
renovate[bot]
6ab62d5bfa
chore(deps): update aws-actions/configure-aws-credentials action to v2 (#3893)
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
|
[aws-actions/configure-aws-credentials](https://togithub.com/aws-actions/configure-aws-credentials)
| action | major | `v1` -> `v2` |

---

### Release Notes

<details>
<summary>aws-actions/configure-aws-credentials</summary>

###
[`v2`](https://togithub.com/aws-actions/configure-aws-credentials/releases/tag/v2)

[Compare
Source](https://togithub.com/aws-actions/configure-aws-credentials/compare/v1...v2)

This tag tracks the latest v2.x.x release.

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://app.renovatebot.com/dashboard#github/Unleash/unleash).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNS4xMDIuMTAiLCJ1cGRhdGVkSW5WZXIiOiIzNS4xMDIuMTAiLCJ0YXJnZXRCcmFuY2giOiJtYWluIn0=-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2023-06-06 15:03:11 +02:00
Gastón Fournier
a7bd91d621
fix: Remove repository which is no longer needed (#3900)
## About the changes
Sync fails
https://github.com/Unleash/unleash/actions/runs/5174602051/jobs/9321118800#step:3:23
due to https://github.com/ivarconr/unleash-enterprise/pull/562 because
we now assume the repository is Unleash/unleash

This removes the repository from the payload
2023-06-05 08:03:16 +00:00
Gastón Fournier
64f212fdda
fix: author and email should be for PRs (#3899)
## About the changes
Previous PR https://github.com/Unleash/unleash/pull/3871 we were
supposed to change this for PRs but the change was made on
`release.yaml` file. This fixes the issue
2023-06-05 09:47:20 +02:00
Gastón Fournier
08cf5e3041
chore: delay static asset generation (#3848)
## About the changes
Delay static asset generation to speed up the CI/CD pipeline.
Next, we should add a validation step before deployment to validate that
the static assets were properly published
2023-05-23 23:27:44 +02:00
Gastón Fournier
9f6e885830
fix: new workflow name (#3845)
Adopt the new workflow name:
https://github.com/ivarconr/unleash-enterprise/pull/529
2023-05-23 15:55:59 +02:00
Gastón Fournier
2152a04a85
fix: Use the correct actor (#3842)
Use the right author name as tested here
https://github.com/Unleash/unleash/actions/runs/5056589150/jobs/9074236865#step:6:833
2023-05-23 12:57:14 +01:00
Gastón Fournier
868df5d941
test: Add debug logs (#3841)
These logs will help us identify what should we use instead of
e55e7feed3/.github/workflows/notify_enterprise.yaml (L56)
which is being set to web-flow
https://github.com/Unleash/unleash/actions/runs/5055463116/jobs/9071696845#step:7:12
2023-05-23 13:15:11 +02:00
Jaanus Sellin
e075d46f79
fix: change commit hash step name (#3784) 2023-05-16 13:36:17 +03:00
Jaanus Sellin
a7751dfbdd
feat: set commit hash as static asset version (#3783) 2023-05-16 11:44:50 +03:00
Jaanus Sellin
0a3cf646be
feat: new notify enterprise workflow (#3781) 2023-05-16 11:06:07 +03:00