Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .github/workflows/codeql.yml
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ jobs:

steps:
- name: Checkout repository
uses: actions/checkout@v4
uses: actions/checkout@v7

# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/docker-image.yml
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,6 @@ jobs:
runs-on: ubuntu-latest

steps:
- uses: actions/checkout@v4
- uses: actions/checkout@v7
- name: Build the Docker image
run: docker build . --file Dockerfile --tag aiassistant:$(date +%s)
2 changes: 1 addition & 1 deletion .github/workflows/google.yml
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@

steps:
- name: Checkout
uses: actions/checkout@v4
uses: actions/checkout@v7

- name: Run OSSAR
uses: github/ossar-action@v1
Expand All @@ -47,7 +47,7 @@

- id: 'auth'
name: 'Authenticate to Google Cloud'
uses: 'google-github-actions/auth@v2'

Check failure on line 50 in .github/workflows/google.yml

View check run for this annotation

SonarQubeCloud / SonarCloud Code Analysis

Use full commit SHA hash for this dependency.

See more on https://sonarcloud.io/project/issues?id=dnprogramming_ai-assistant&issues=AZ8-P9Aou724IOtYABbE&open=AZ8-P9Aou724IOtYABbE&pullRequest=429
with:
credentials_json: ${{ secrets.GOOGLE_CREDENTIALS_JSON }}

Expand Down Expand Up @@ -85,7 +85,7 @@
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}

- name: Authenticate to Snyk
run: snyk auth ${{ secrets.SNYK_TOKEN }}

Check warning on line 88 in .github/workflows/google.yml

View check run for this annotation

SonarQubeCloud / SonarCloud Code Analysis

Avoid expanding secrets in a run block.

See more on https://sonarcloud.io/project/issues?id=dnprogramming_ai-assistant&issues=AZ8-P9Aou724IOtYABbD&open=AZ8-P9Aou724IOtYABbD&pullRequest=429

- name: Run Snyk to check Docker image for vulnerabilities
continue-on-error: true
Expand Down Expand Up @@ -122,7 +122,7 @@
echo "DIGEST=$digest" >> $GITHUB_ENV

- name: Set up GKE credentials
uses: google-github-actions/get-gke-credentials@v2

Check failure on line 125 in .github/workflows/google.yml

View check run for this annotation

SonarQubeCloud / SonarCloud Code Analysis

Use full commit SHA hash for this dependency.

See more on https://sonarcloud.io/project/issues?id=dnprogramming_ai-assistant&issues=AZ8-P9Aou724IOtYABbF&open=AZ8-P9Aou724IOtYABbF&pullRequest=429
with:
cluster_name: ${{ env.GKE_CLUSTER }}
location: ${{ env.GAR_LOCATION }}
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/lint.yml
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ jobs:
matrix:
python-version: ["3.12"]
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@v7
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v5
with:
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/semgrep.yml
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@
env:
SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }}
container:
image: returntocorp/semgrep

Check warning on line 21 in .github/workflows/semgrep.yml

View check run for this annotation

SonarQubeCloud / SonarCloud Code Analysis

Use a specific version tag for the image.

See more on https://sonarcloud.io/project/issues?id=dnprogramming_ai-assistant&issues=AZ8-P9O6u724IOtYABbG&open=AZ8-P9O6u724IOtYABbG&pullRequest=429
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@v7
- run: semgrep ci
Loading