6e7352b6f7
Create Release / version-check (push) Has been cancelled
Create Release / release-gate (push) Has been cancelled
Create Release / ci-gate (push) Has been cancelled
Create Release / test-gate (push) Has been cancelled
Create Release / e2e-test-gate (push) Has been cancelled
Create Release / responsive-test-gate (push) Has been cancelled
Create Release / compat-test-gate (push) Has been cancelled
Create Release / compose-integration-gate (push) Has been cancelled
Create Release / vulture-gate (push) Has been cancelled
Create Release / build (push) Has been cancelled
Create Release / provenance (push) Has been cancelled
Create Release / prerelease-docker (push) Has been cancelled
Create Release / publish-docker (push) Has been cancelled
Create Release / create-release (push) Has been cancelled
Create Release / cleanup-changelog (push) Has been cancelled
Create Release / trigger-pypi (push) Has been cancelled
Create Release / monitor-pypi (push) Has been cancelled
Create Release / Clean up orphan prerelease tags and signatures (push) Has been cancelled
OSSF Scorecard / OSSF Security Scorecard Analysis (push) Failing after 0s
OSV-Scanner (Scheduled) / scan-scheduled (push) Failing after 0s
Version Auto-Bump / version-bump (push) Failing after 0s
Backwards Compatibility / Verify Encryption Constants (push) Failing after 1s
Backwards Compatibility / PyPI Version Compatibility (push) Failing after 1s
Backwards Compatibility / Database Migration Tests (push) Failing after 0s
CodeQL Advanced / Analyze (javascript-typescript) (push) Failing after 1s
CodeQL Advanced / Analyze (python) (push) Failing after 1s
Docker Tests (Consolidated) / detect-changes (push) Failing after 1s
Docker Tests (Consolidated) / Build Test Image (push) Failing after 1s
Sync repo labels / sync-labels (push) Failing after 0s
MCP Server Tests / MCP Server Tests (push) Failing after 1s
Docker Tests (Consolidated) / All Pytest Tests + Coverage (push) Has been skipped
Docker Tests (Consolidated) / UI Tests (Puppeteer) (push) Has been cancelled
Docker Tests (Consolidated) / Production Image Smoke Test (push) Has been cancelled
Docker Tests (Consolidated) / UI Tests (Puppeteer) [history-news] (push) Has been cancelled
Docker Tests (Consolidated) / UI Tests (Puppeteer) [link-analytics] (push) Has been cancelled
Docker Tests (Consolidated) / UI Tests (Puppeteer) [library] (push) Has been cancelled
Docker Tests (Consolidated) / UI Tests (Puppeteer) [settings-core] (push) Has been cancelled
Docker Tests (Consolidated) / UI Tests (Puppeteer) [settings-pages] (push) Has been cancelled
Docker Tests (Consolidated) / UI Tests (Puppeteer) [mobile] (push) Has been cancelled
Docker Tests (Consolidated) / UI Tests (Puppeteer) [auth-pages] (push) Has been cancelled
Docker Tests (Consolidated) / Accessibility Tests (push) Has been cancelled
Docker Tests (Consolidated) / UI Tests (Puppeteer) [chat-core] (push) Has been cancelled
Docker Tests (Consolidated) / UI Tests (Puppeteer) [chat-lifecycle] (push) Has been cancelled
Docker Tests (Consolidated) / UI Tests (Puppeteer) [error-benchmark] (push) Has been cancelled
Docker Tests (Consolidated) / UI Tests (Puppeteer) [research-form] (push) Has been cancelled
Docker Tests (Consolidated) / UI Tests (Puppeteer) [research-metrics] (push) Has been cancelled
Docker Tests (Consolidated) / UI Tests (Puppeteer) [research-workflow] (push) Has been cancelled
Docker Tests (Consolidated) / LLM Unit Tests (push) Has been cancelled
Docker Tests (Consolidated) / LLM Example Tests (push) Has been cancelled
Docker Tests (Consolidated) / Infrastructure Tests (push) Has been cancelled
Docker Tests (Consolidated) / UI Tests (Puppeteer) [auth-register] (push) Has been cancelled
Docker Tests (Consolidated) / UI Tests (Puppeteer) [accessibility] (push) Has been cancelled
Docker Tests (Consolidated) / UI Tests (Puppeteer) [api-crud] (push) Has been cancelled
Docker Tests (Consolidated) / UI Tests (Puppeteer) [auth-login] (push) Has been cancelled
36 lines
1.1 KiB
YAML
36 lines
1.1 KiB
YAML
# This workflow uses actions that are not certified by GitHub.
|
|
# They are provided by a third-party and are governed by
|
|
# separate terms of service, privacy policy, and support
|
|
# documentation.
|
|
|
|
# Scheduled OSV-Scanner scanning for vulnerabilities.
|
|
# Runs on push to main and weekly schedule.
|
|
# Split from osv-scanner.yml to prevent "skipped" noise on PRs.
|
|
#
|
|
# For more examples and options, including how to ignore specific vulnerabilities,
|
|
# see https://google.github.io/osv-scanner/github-action/
|
|
|
|
name: OSV-Scanner (Scheduled)
|
|
|
|
on:
|
|
push:
|
|
branches: [ "main" ] # Create baseline for Code Scanning comparison
|
|
schedule:
|
|
- cron: '41 21 * * 1' # Weekly on Monday at 21:41 UTC
|
|
workflow_dispatch:
|
|
|
|
permissions: {} # Minimal top-level for OSSF Scorecard Token-Permissions
|
|
|
|
jobs:
|
|
scan-scheduled:
|
|
permissions:
|
|
security-events: write
|
|
contents: read
|
|
actions: read
|
|
uses: "google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml@9a498708959aeaef5ef730655706c5a1df1edbc2" # v2.3.8
|
|
with:
|
|
scan-args: |-
|
|
-r
|
|
--skip-git
|
|
./
|