1
0
Fork 0
mirror of https://github.com/cisagov/log4j-affected-db.git synced 2024-11-18 14:57:54 +00:00
Commit graph

117 commits

Author SHA1 Message Date
Nicholas McDonnell
6d39743372
Enable Dependabot ignore directives
This enables the Dependabot ignore directives for GitHub Actions.
2022-04-08 16:45:44 -04:00
Nicholas McDonnell
6767ea9d93
Merge github.com:cisagov/skeleton-generic into lineage/skeleton 2022-04-08 16:44:54 -04:00
Nick
14aff9cadc
Merge branch 'develop' into improvement/use_python_3.10_for_gha 2022-04-01 13:13:47 -04:00
dependabot[bot]
c576ef56fb
Bump actions/cache from 2 to 3
Bumps [actions/cache](https://github.com/actions/cache) from 2 to 3.
- [Release notes](https://github.com/actions/cache/releases)
- [Commits](https://github.com/actions/cache/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-04-01 16:22:39 +00:00
Nick
496ea93027
Merge branch 'develop' into improvement/add_dependabot_ignores_for_github_actions 2022-04-01 12:29:17 -04:00
Nick
6869c6830f
Merge branch 'develop' into dependabot/github_actions/actions/checkout-3 2022-04-01 12:16:34 -04:00
Nicholas McDonnell
e22c12cbd4
Use consistent quoting for software versions 2022-03-28 16:35:59 -04:00
Nicholas McDonnell
583992602c
Upgrade from Python 3.9 to 3.10 for the lint job in GHA 2022-03-28 16:29:30 -04:00
Nicholas McDonnell
511a37cf1e
Add Dependabot ignore directives
This adds commented out ignore directives for the following GitHub
Actions:

- action/cache
- action/checkout
- action/setup-python

These should be uncommented downstream to ensure that updates to these
dependencies are pushed from pull requests made in the skeleton.
2022-03-28 16:26:36 -04:00
dependabot[bot]
3406c2d420
Bump actions/checkout from 2 to 3
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-07 18:01:37 +00:00
dependabot[bot]
4ee1bfd96b
Bump actions/setup-python from 2 to 3
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 2 to 3.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](https://github.com/actions/setup-python/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-02-28 18:02:16 +00:00
Nicholas McDonnell
84ca8ff082
Update the workflow for Markdown generation
Update the this workflow to reflect that now individual Markdown files
are generated instead of a single file. This includes renaming the
workflow file, adjusting some step names, and tweaking some other
aspects.
2022-02-28 11:19:56 -05:00
Nicholas McDonnell
acce4c2197
Merge branch 'develop' into improvement/fix-list-displays 2022-02-28 11:19:56 -05:00
Nicholas McDonnell
0d55714fd0
Add new CODEOWNERS directive
Add a directive for the automated update configuration that is stored
in the config/ directory.
2022-02-28 11:19:55 -05:00
Nicholas McDonnell
eef99899dc
Add shell script pre-commit hooks
Now that software updates are handled by a bash script that is stored
in the repository these pre-commit hooks should be re-added to the
pre-commit configuration. This also includes re-adding all of the
scaffolding that installs the shfmt tool in the build.yml workflow.
2022-02-28 11:19:55 -05:00
Nicholas McDonnell
bc0e017b62
Update software list generation
Consolidate all update tasks into a single bash script that is run by
the GitHub Actions workflow. This also switches to generating
individual Markdown files for each data/cisagov_*.yml file.
2022-02-28 11:19:43 -05:00
Nick
398415eb33
Merge branch 'develop' into dependabot/github_actions/lewagon/wait-on-check-action-1.1.1 2022-02-25 12:07:01 -05:00
Nicholas McDonnell
23e1ac4815
Merge github.com:cisagov/skeleton-generic into lineage/skeleton 2022-02-25 10:48:54 -05:00
Nicholas McDonnell
a05b45adf9
Add comment to Dependabot configuration
This comment explains that the configuration may have commented out
ignore directives that should be uncommented in downstream projects.
2022-02-25 08:26:08 -05:00
Nicholas McDonnell
7f11fc634b
Normalize individual cisagov_*.yml files
Add functionality to the update_software_list workflow to normalize the
component files for every push. This will ensure that they are kept in
a manner consistent with how the primary cisagov.yml file stores data.
2022-01-24 15:16:54 -05:00
dependabot[bot]
39dcbc0c60
Bump lewagon/wait-on-check-action from 1.0.0 to 1.1.1
Bumps [lewagon/wait-on-check-action](https://github.com/lewagon/wait-on-check-action) from 1.0.0 to 1.1.1.
- [Release notes](https://github.com/lewagon/wait-on-check-action/releases)
- [Commits](https://github.com/lewagon/wait-on-check-action/compare/v1.0.0...v1.1.1)

---
updated-dependencies:
- dependency-name: lewagon/wait-on-check-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-01-17 07:15:46 +00:00
Nicholas McDonnell
a92c5fbbf6
Remove product status from issue forms
This value is derived from other information in each software product
entry in the YAML file. Since it is now a derived value we should not
prompt submitters to provide one.
2022-01-12 12:59:02 -05:00
Nicholas McDonnell
3e78ba6c4c
Add list updating workflow and configuration
Add the GitHub Actions workflow that will process the YAML files that
contain cisagov controlled software information and generate a final
Markdown file. The required template and Python requirements are
included as well.
2022-01-12 12:59:02 -05:00
Nicholas McDonnell
93411319c9
Add missing cisagov/action-lineage configuration
This configuration will allow testing configuration updates to flow
down automatically.
2022-01-11 14:50:44 -05:00
Nicholas McDonnell
6e6ff55bbc
Revert the migration to a YAML format
Due to unexpected complications for user submissions we are reverting
the transition to a YAML format.
2021-12-30 16:31:50 -05:00
Nick
ed101b9604
Use the long form of a switch for git
We prefer using the long form of switches for command line programs to
improve maintainability and to better convey what is happening even if
someone is unfamiliar with the switches for a given program.

Co-authored-by: dav3r <david.redmin@trio.dhs.gov>
2021-12-30 14:47:14 -05:00
Nicholas McDonnell
1c1d06ef95
Change the list update workflow testing configuration
Update the testing branch for the software list update workflow to
include the SHA of the commit that triggers the workflow. This should
help track down problems if there is a failure in testing/rendering.
2021-12-30 14:04:02 -05:00
Nicholas McDonnell
3ba78f6958
Update requirements for the update software workflow
Update the workflow's requirements to use a specific version at the updated
location of the Python project doing the heavy lifting. Additionally the
requirements file is added to the actions/cache key used.
2021-12-30 12:46:01 -05:00
Nicholas McDonnell
3e54857897
Remove product status from issue forms
This value is derived from other information in each software product
entry in the YAML file. Since it is now a derived value we should not
prompt submitters to provide one.
2021-12-29 17:00:06 -05:00
Nicholas McDonnell
180d9a5e46
Merge branch 'develop' into improvement/add-readme-template 2021-12-29 15:34:36 -05:00
Nick
22346d1676
Update input description in the product submission form
Update the description for the product version input so that it fully
accounts for multiple versions.

Co-authored-by: Shane Frasier <jeremy.frasier@trio.dhs.gov>
2021-12-29 09:54:17 -05:00
Nicholas McDonnell
c5c6c68dc8
Update description for product update link in forms
Update the description for the product update link input in
both the product submission and product update forms.

Co-authored-by: dav3r <david.redmin@trio.dhs.gov>
Co-authored-by: Shane Frasier <jeremy.frasier@trio.dhs.gov>
2021-12-28 14:25:47 -05:00
Nicholas McDonnell
01a719c4c6
Update dropdown in the product update form
Update the product update dropdown's label and options. Mainly focused
on removing usage of Yes/No because these are boolean values in YAML
and thus needed special handling compared to other strings. This mirrors
changes done to the product submission form.
2021-12-28 13:59:16 -05:00
Nicholas McDonnell
90a215e618
Add a placeholder to the product issue forms
Add a placeholder value for the last updated input in both the product
submission and product update issue forms. This will encourage the
appropriate timestamp format.
2021-12-28 12:45:46 -05:00
Nicholas McDonnell
a91ebf78a6
Add missing punctuation in description in product update form 2021-12-28 12:39:38 -05:00
Nicholas McDonnell
df6ac39083
Add inputs to product update form
Add product vendor and product name inputs to the update form. This
will ensure that even if a submitter does not update the title we
capture this information.
2021-12-28 12:21:46 -05:00
Nicholas McDonnell
abc70b1787
Adjust markdown element in product update form
Move the markdown element that explains available statuses down so it
appears close to where a user is selecting the status. Given how form
elements are rendered it has been adjusted to appear after the dropdown
itself. This mirrors changes made in the product submission form.
2021-12-28 10:54:24 -05:00
Nicholas McDonnell
230b4c999e
Add placeholders in the product submission form
Add placeholders for some of the required inputs in the form. This will
be most helpful for the product version, but for completeness they have
also been added for the product vendor and name.

Co-authored-by: dav3r <david.redmin@trio.dhs.gov>
2021-12-28 10:27:14 -05:00
Nicholas McDonnell
0804f1e8e9
Update dropdown in the product submission form
Update the product update dropdown's label and options. Mainly focused
on removing usage of Yes/No because these are boolean values in YAML
and thus needed special handling compared to other strings.

Co-authored-by: dav3r <david.redmin@trio.dhs.gov>
Co-authored-by: Shane Frasier <jeremy.frasier@trio.dhs.gov>
2021-12-28 10:20:14 -05:00
Nicholas McDonnell
b5ab6c3fb9
Adjust a description in the product submission form
Adjust the product name description to be more similar to other
descriptions.
2021-12-28 10:18:59 -05:00
Nicholas McDonnell
41e536e228
Adjust markdown element in product submission form
Move the markdown element that explains available statuses down so it
appears close to where a user is selecting the status. Given how form
elements are rendered it has been adjusted to appear after the dropdown
itself.

Co-authored-by: dav3r <david.redmin@trio.dhs.gov>
2021-12-28 10:08:20 -05:00
Nicholas McDonnell
aa710d2818
Add missing input to issue forms
Added an input to provide information about the date of a product's
last update.
2021-12-26 20:35:19 -05:00
Nicholas McDonnell
20f82c96c0
Rename template files to reflect that they are now forms 2021-12-26 20:27:25 -05:00
Nicholas McDonnell
847a4f248e
Add an issue form for product updates
Provide an issue form for product updates to complement the one for
product submissions. This will encourage people to follow the specific
workflows for submissions and updates.
2021-12-26 20:23:20 -05:00
Nicholas McDonnell
6a09fd70f7
Use an issue form for product submissions
Switch to using a GitHub Issues form for product submission issues. This
will provide a smoother interface for users to submit products to the
database and ensure that certain values are included with a submission.
2021-12-26 20:18:23 -05:00
Nicholas McDonnell
f60b420cb5
Add GitHub Actions workflow to update software list
Add a GitHub Actions workflow and related files to automatically update
SOFTWARE-LIST.md when a push to the develop branch occurs. This
leverages the cisagov/md-table-to-yaml Python library to perform the
conversions.
2021-12-23 13:11:20 -05:00
justmurphy
98a55c77ed
Update .github/CODEOWNERS
Co-authored-by: Nick <50747025+mcdonnnj@users.noreply.github.com>
2021-12-20 15:33:39 -06:00
justmurphy
56559ed10a
Change CODEOWNERS 2021-12-20 16:09:51 -05:00
Nicholas McDonnell
8ce938f3c0
Add VM Fusion dev team as dot-file CODEOWNERS 2021-12-15 15:33:40 -05:00
Nicholas McDonnell
42663be1d0
Update contents to pass pre-commit hooks 2021-12-15 15:30:14 -05:00