Software - Update version and security info #1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "Software - Update version and security info" | |
| on: | |
| schedule: | |
| # https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#onschedule | |
| # * is a special character in YAML so you have to quote this string | |
| - cron: '30 8 14,28 * *' | |
| # push: | |
| # paths: | |
| # - 'software-sources.json' | |
| # - '**update-software.yml' | |
| # - '**verify_result.py' | |
| # - 'update_software.py' | |
| # - 'SAMPLE-software-rules.json' | |
| jobs: | |
| build: | |
| runs-on: ${{ matrix.os }} | |
| strategy: | |
| matrix: | |
| os: [windows-latest] | |
| config: ["SOFTWARE_GITHUB_ADADVISORY_DATABASE_PATH=advisory_database"] | |
| steps: | |
| - name: Check out repository code | |
| uses: actions/checkout@v4 | |
| - name: Setup python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: '3.x' # Version range or exact version of a Python version to use, using SemVer's version range syntax | |
| architecture: 'x64' # optional x64 or x86. Defaults to x64 if not specified | |
| - name: Setup dependencies using pip | |
| run: pip install -r requirements.txt | |
| - name: Setup config (using SAMPLE-config.py as config.py) | |
| run: python .github\workflows\verify_result.py -c ${{ matrix.config }},GITHUB_API_KEY=${{ secrets.GITHUB_TOKEN }} | |
| - name: Checkout advisory-database repo | |
| uses: actions/checkout@v4 | |
| with: | |
| repository: github/advisory-database | |
| ref: main | |
| path: | |
| advisory_database | |
| sparse-checkout: | | |
| advisories | |
| - name: Verifing Software(s) | |
| run: python update_software.py | |
| - name: Create pull request | |
| uses: peter-evans/create-pull-request@v6 | |
| with: | |
| commit-message: Update software and license definitions | |
| branch: software-definition-updates | |
| title: Scheduled Software Definition Update | |
| body: | | |
| This pull request is used to make it easier to keep the software definitions up to date. | |
| Following files may be touched: | |
| - software-sources.json | |
| - software-full.json | |
| - SAMPLE-software-rules.json | |
| assignees: 7h3Rabbit | |
| reviewers: 7h3Rabbit | |
| add-paths: | | |
| software-sources.json | |
| software-full.json | |
| SAMPLE-software-rules.json |