From 8e12a46ddcfc2a8b35c2b7f7067475fe30c62aba Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 13 Feb 2022 02:48:50 +0000 Subject: [PATCH 1/2] Bump follow-redirects from 1.9.0 to 1.14.8 Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.9.0 to 1.14.8. - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](https://github.com/follow-redirects/follow-redirects/compare/v1.9.0...v1.14.8) --- updated-dependencies: - dependency-name: follow-redirects dependency-type: indirect ... Signed-off-by: dependabot[bot] --- package-lock.json | 28 ++++------------------------ 1 file changed, 4 insertions(+), 24 deletions(-) diff --git a/package-lock.json b/package-lock.json index 97b8c96..b872e1c 100644 --- a/package-lock.json +++ b/package-lock.json @@ -3954,30 +3954,10 @@ } }, "follow-redirects": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.9.0.tgz", - "integrity": "sha512-CRcPzsSIbXyVDl0QI01muNDu69S8trU4jArW9LpOt2WtC6LyUJetcIrmfHsRBx7/Jb6GHJUiuqyYxPooFfNt6A==", - "dev": true, - "requires": { - "debug": "^3.0.0" - }, - "dependencies": { - "debug": { - "version": "3.2.6", - "resolved": "https://registry.npmjs.org/debug/-/debug-3.2.6.tgz", - "integrity": "sha512-mel+jf7nrtEl5Pn1Qx46zARXKDpBbvzezse7p7LqINmdoIk8PYP5SySaxEmYv6TZ0JyEKA1hsCId6DIhgITtWQ==", - "dev": true, - "requires": { - "ms": "^2.1.1" - } - }, - "ms": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", - "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", - "dev": true - } - } + "version": "1.14.8", + "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.14.8.tgz", + "integrity": "sha512-1x0S9UVJHsQprFcEC/qnNzBLcIxsjAV905f/UkQxbclCsoTWlacCNOpQa/anodLl2uaEKFhfWOvM2Qg77+15zA==", + "dev": true }, "for-in": { "version": "1.0.2", From e57e41549277e0d6c52d1bd5e5c6d02ab7425d6f Mon Sep 17 00:00:00 2001 From: VinothKumar-Ganesan <121218063+VinothKumar-Ganesan@users.noreply.github.com> Date: Mon, 6 Feb 2023 16:40:19 +0530 Subject: [PATCH 2/2] Gitleaks action file added --- .github/workflows/gitleaks.yaml | 38 +++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) create mode 100644 .github/workflows/gitleaks.yaml diff --git a/.github/workflows/gitleaks.yaml b/.github/workflows/gitleaks.yaml new file mode 100644 index 0000000..d9a8e36 --- /dev/null +++ b/.github/workflows/gitleaks.yaml @@ -0,0 +1,38 @@ +name: Secret Value found! +on: + push: + public: +jobs: + scan: + name: gitleaks + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v3 + - name: Install the gitleaks + run: wget https://github.com/zricethezav/gitleaks/releases/download/v8.15.2/gitleaks_8.15.2_linux_x64.tar.gz + shell: pwsh + - name: Extract the tar file + run: tar xzvf gitleaks_8.15.2_linux_x64.tar.gz + - name: Generate the report + id: gitleaks + run: $GITHUB_WORKSPACE/gitleaks detect -s $GITHUB_WORKSPACE -f json -r $GITHUB_WORKSPACE/leaksreport.json + shell: bash + continue-on-error: true + - name: Setup NuGet.exe + if: steps.gitleaks.outcome != 'success' + uses: nuget/setup-nuget@v1 + with: + nuget-version: latest + - name: Install the dotnet + if: steps.gitleaks.outcome != 'success' + uses: actions/setup-dotnet@v3 + with: + dotnet-version: '3.1.x' + - name: Install the report tool packages + if: steps.gitleaks.outcome != 'success' + run: | + nuget install "Syncfusion.Email" -source "https://nexus.syncfusion.com/repository/nuget-hosted/" + dir $GITHUB_WORKSPACE/Syncfusion.Email.1.0.0/lib/netcoreapp3.1 + dotnet $GITHUB_WORKSPACE/Syncfusion.Email.1.0.0/lib/netcoreapp3.1/Email.dll "citeam@syncfusion.com" "$GITHUB_REF_NAME" ${{ secrets.NETWORKCREDENTIALS }} ${{ secrets.NETWORKKEY }} "$GITHUB_WORKSPACE" + exit 1 \ No newline at end of file