Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add workflow for Security Code Scanner #5333

Merged
merged 5 commits into from
Feb 5, 2025
Merged

Add workflow for Security Code Scanner #5333

merged 5 commits into from
Feb 5, 2025

Conversation

gonzaloriestra
Copy link
Contributor

@gonzaloriestra gonzaloriestra commented Jan 31, 2025
edited
Loading

WHAT is this pull request doing?

Adds the recommended security analysis tool by Shopify: https://github.com/Shopify/security-code-scanner/blob/main/docs/high-level.md

How to test your changes?

CI

Measuring impact

How do we know this change was effective? Please choose one:

  • n/a - this doesn't need measurement, e.g. a linting rule or a bug-fix
  • Existing analytics will cater for this addition
  • PR includes analytics changes to measure impact

Checklist

  • I've considered possible cross-platform impacts (Mac, Linux, Windows)
  • I've considered possible documentation changes

@gonzaloriestra gonzaloriestra mentioned this pull request Jan 31, 2025
Merged
5 tasks
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Jan 31, 2025
edited
Loading

Coverage report

St.
 Category Percentage Covered / Total
🟡 Statements 75.45% 9011/11943
🟡 Branches 70.64% 4395/6222
🟡 Functions 75.26% 2364/3141
🟡 Lines
75.98% (+0.01% 🔼)
 8513/11205
Show files with reduced coverage 🔻
St.
 File Statements Branches Functions Lines
🟢
... / app-event-watcher.ts
95.18% (-1.2% 🔻)
86.49% (-2.7% 🔻)
 95.45% 100%

Test suite run success

2035 tests passing in 909 suites.

Report generated by 🧪jest coverage report action from 4f2848f

@gonzaloriestra gonzaloriestra marked this pull request as ready for review January 31, 2025 13:21
@gonzaloriestra gonzaloriestra requested a review from a team as a code owner January 31, 2025 13:21
gonzaloriestra
gonzaloriestra commented Feb 3, 2025
View reviewed changes
.github/workflows/changelog-reminder.yml
@@ -1,7 +1,7 @@
on:
pull_request:
types: [opened, synchronize, reopened, ready_for_review]
paths: ['packages/*/src/**']
types: [ opened, synchronize, reopened, ready_for_review ]
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These changes were made by pin-github-actions.js

@gonzaloriestra gonzaloriestra added this pull request to the merge queue Feb 5, 2025
Merged via the queue into main with commit 0cfc771 Feb 5, 2025
26 checks passed
@gonzaloriestra gonzaloriestra deleted the security-code-scanner-workflow branch February 5, 2025 10:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@amcaplan amcaplan amcaplan approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@gonzaloriestra @amcaplan