From 9af5fb32b22637619ba44157e712afd9de1f2850 Mon Sep 17 00:00:00 2001 From: Raj Kumar Panda Date: Thu, 13 Feb 2025 23:36:32 +0530 Subject: [PATCH 01/24] ignoring test vulnerabilities --- .github/workflows/coverage.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml index a181c6b..11a997f 100644 --- a/.github/workflows/coverage.yml +++ b/.github/workflows/coverage.yml @@ -19,7 +19,7 @@ jobs: uses: step-security/jest-coverage-report-action@fix_RemoveVuln with: github-token: ${{ secrets.GITHUB_TOKEN }} - output: report-markdown # Generate markdown output without attaching a comment + output: report-markdown # Generate markdown output without attaching a comment - name: Output Jest Coverage Result - run: echo "${{ steps.coverage.outputs.report }}" # Output the coverage report in markdown format + run: echo "${{ steps.coverage.outputs.report }}" # Output the coverage report in markdown format From aa401a66e560698b1f0295ed05d0e850a1ee4d7e Mon Sep 17 00:00:00 2001 From: Raj Kumar Panda Date: Fri, 14 Feb 2025 00:00:08 +0530 Subject: [PATCH 02/24] ignoring test vulnerabilities --- __tests__/example.test.js | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/__tests__/example.test.js b/__tests__/example.test.js index b4bb767..0357c25 100644 --- a/__tests__/example.test.js +++ b/__tests__/example.test.js @@ -2,4 +2,9 @@ test('adds 1 + 2 to equal 3', () => { expect(1 + 2).toBe(3); }); + + +test('adds 1 + 2 to equal 4', () => { + expect(2 + 2).toBe(4); + }); \ No newline at end of file From 8f95de54104ae90f9801f91c287314d72a2233c5 Mon Sep 17 00:00:00 2001 From: Raj Kumar Panda Date: Fri, 14 Feb 2025 00:02:12 +0530 Subject: [PATCH 03/24] ignoring test vulnerabilities --- .github/workflows/a.yml | 0 1 file changed, 0 insertions(+), 0 deletions(-) delete mode 100644 .github/workflows/a.yml diff --git a/.github/workflows/a.yml b/.github/workflows/a.yml deleted file mode 100644 index e69de29..0000000 From 20477bebd272f480fb22009d4e13918b59b2967a Mon Sep 17 00:00:00 2001 From: Raj Kumar Panda Date: Fri, 14 Feb 2025 00:09:00 +0530 Subject: [PATCH 04/24] ignoring test vulnerabilities --- .github/workflows/coverage.yml | 13 +++---------- 1 file changed, 3 insertions(+), 10 deletions(-) diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml index 11a997f..6a696cb 100644 --- a/.github/workflows/coverage.yml +++ b/.github/workflows/coverage.yml @@ -1,25 +1,18 @@ name: 'coverage' - on: pull_request: branches: - main - jobs: coverage: runs-on: ubuntu-latest - permissions: - contents: read - checks: write steps: - name: Checkout code uses: actions/checkout@v3 - - name: Run Jest Coverage Report - uses: step-security/jest-coverage-report-action@fix_RemoveVuln + uses: step-security/jest-coverage-report-action@v2 with: github-token: ${{ secrets.GITHUB_TOKEN }} - output: report-markdown # Generate markdown output without attaching a comment - + output: report-markdown # Generate markdown output without attaching a comment - name: Output Jest Coverage Result - run: echo "${{ steps.coverage.outputs.report }}" # Output the coverage report in markdown format + run: echo "${{ steps.coverage.outputs.report }}" # Output the coverage report in markdown format \ No newline at end of file From 05c20fdd4fc95e435f1a3b385161bef44fa036ce Mon Sep 17 00:00:00 2001 From: Raj Kumar Panda Date: Fri, 14 Feb 2025 00:17:38 +0530 Subject: [PATCH 05/24] ignoring test vulnerabilities --- .github/workflows/coverage.yml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml index 6a696cb..94d4ce8 100644 --- a/.github/workflows/coverage.yml +++ b/.github/workflows/coverage.yml @@ -6,13 +6,16 @@ on: jobs: coverage: runs-on: ubuntu-latest + permissions: + contents: read + checks: write steps: - name: Checkout code uses: actions/checkout@v3 - name: Run Jest Coverage Report - uses: step-security/jest-coverage-report-action@v2 + uses: step-security/jest-coverage-report-action@fix_RemoveVuln with: github-token: ${{ secrets.GITHUB_TOKEN }} output: report-markdown # Generate markdown output without attaching a comment - name: Output Jest Coverage Result - run: echo "${{ steps.coverage.outputs.report }}" # Output the coverage report in markdown format \ No newline at end of file + run: echo "${{ steps.coverage.outputs.report }}" # Output the coverage report in markdown format From bc3d17dd65439b3cf19128a6d6f7c6b9947e5992 Mon Sep 17 00:00:00 2001 From: Raj Kumar Panda Date: Fri, 14 Feb 2025 00:19:49 +0530 Subject: [PATCH 06/24] ignoring test vulnerabilities --- .github/workflows/coverage.yml | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml index 94d4ce8..7479612 100644 --- a/.github/workflows/coverage.yml +++ b/.github/workflows/coverage.yml @@ -3,19 +3,20 @@ on: pull_request: branches: - main + jobs: coverage: runs-on: ubuntu-latest - permissions: - contents: read - checks: write + steps: - name: Checkout code uses: actions/checkout@v3 + - name: Run Jest Coverage Report uses: step-security/jest-coverage-report-action@fix_RemoveVuln - with: + with: github-token: ${{ secrets.GITHUB_TOKEN }} output: report-markdown # Generate markdown output without attaching a comment + - name: Output Jest Coverage Result run: echo "${{ steps.coverage.outputs.report }}" # Output the coverage report in markdown format From 5533a28e588bb4a349e8fef41829e515bd3544f7 Mon Sep 17 00:00:00 2001 From: Raj Kumar Panda Date: Fri, 14 Feb 2025 00:23:53 +0530 Subject: [PATCH 07/24] ignoring test vulnerabilities --- .github/workflows/coverage.yml | 9 +++++---- __tests__/example.test.js | 4 ++-- 2 files changed, 7 insertions(+), 6 deletions(-) diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml index 7479612..c37a77c 100644 --- a/.github/workflows/coverage.yml +++ b/.github/workflows/coverage.yml @@ -7,16 +7,17 @@ on: jobs: coverage: runs-on: ubuntu-latest - + permissions: + contents: read + checks: write + steps: - name: Checkout code uses: actions/checkout@v3 - - name: Run Jest Coverage Report uses: step-security/jest-coverage-report-action@fix_RemoveVuln - with: + with: github-token: ${{ secrets.GITHUB_TOKEN }} output: report-markdown # Generate markdown output without attaching a comment - - name: Output Jest Coverage Result run: echo "${{ steps.coverage.outputs.report }}" # Output the coverage report in markdown format diff --git a/__tests__/example.test.js b/__tests__/example.test.js index 0357c25..18367af 100644 --- a/__tests__/example.test.js +++ b/__tests__/example.test.js @@ -4,7 +4,7 @@ test('adds 1 + 2 to equal 3', () => { }); -test('adds 1 + 2 to equal 4', () => { - expect(2 + 2).toBe(4); +test('adds 2 + 2 to equal 4', () => { + expect(2 + 2).toBe(3); }); \ No newline at end of file From 6b46f518e5031c51094a0ffd7b4264eae55c4677 Mon Sep 17 00:00:00 2001 From: Raj Kumar Panda Date: Fri, 14 Feb 2025 00:24:52 +0530 Subject: [PATCH 08/24] ignoring test vulnerabilities --- __tests__/example.test.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/__tests__/example.test.js b/__tests__/example.test.js index 18367af..06e1b1a 100644 --- a/__tests__/example.test.js +++ b/__tests__/example.test.js @@ -5,6 +5,6 @@ test('adds 1 + 2 to equal 3', () => { test('adds 2 + 2 to equal 4', () => { - expect(2 + 2).toBe(3); + expect(2 + 2).toBe(4); }); \ No newline at end of file From 1d00d58760ee4ae3ac3319f3ddb720f7e2e91347 Mon Sep 17 00:00:00 2001 From: Raj Kumar Panda Date: Fri, 14 Feb 2025 01:35:04 +0530 Subject: [PATCH 09/24] ignoring test vulnerabilities --- .github/workflows/coverage.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml index c37a77c..70c2f9e 100644 --- a/.github/workflows/coverage.yml +++ b/.github/workflows/coverage.yml @@ -15,7 +15,7 @@ jobs: - name: Checkout code uses: actions/checkout@v3 - name: Run Jest Coverage Report - uses: step-security/jest-coverage-report-action@fix_RemoveVuln + uses: step-security/jest-coverage-report-action@v2 with: github-token: ${{ secrets.GITHUB_TOKEN }} output: report-markdown # Generate markdown output without attaching a comment From 9faeed9cd7987466247eeedbe4b8300a44967b0e Mon Sep 17 00:00:00 2001 From: Raj Kumar Panda Date: Fri, 14 Feb 2025 01:37:13 +0530 Subject: [PATCH 10/24] ignoring test vulnerabilities --- .github/workflows/coverage.yml | 27 ++++++++++++--------------- 1 file changed, 12 insertions(+), 15 deletions(-) diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml index 70c2f9e..584e452 100644 --- a/.github/workflows/coverage.yml +++ b/.github/workflows/coverage.yml @@ -1,23 +1,20 @@ -name: 'coverage' +name: CI + on: + push: + branches: [ "main" ] pull_request: - branches: - - main + branches: [ "main" ] + workflow_dispatch: jobs: - coverage: + build: runs-on: ubuntu-latest permissions: - contents: read checks: write - + pull-requests: write + contents: write + steps: - - name: Checkout code - uses: actions/checkout@v3 - - name: Run Jest Coverage Report - uses: step-security/jest-coverage-report-action@v2 - with: - github-token: ${{ secrets.GITHUB_TOKEN }} - output: report-markdown # Generate markdown output without attaching a comment - - name: Output Jest Coverage Result - run: echo "${{ steps.coverage.outputs.report }}" # Output the coverage report in markdown format + - uses: actions/checkout@v4 + - uses: step-security/jest-coverage-report-action@v2 \ No newline at end of file From a8eae16b85042f6203c9814acdc27a1b3cb18c97 Mon Sep 17 00:00:00 2001 From: Raj Kumar Panda Date: Fri, 14 Feb 2025 01:38:20 +0530 Subject: [PATCH 11/24] ignoring test vulnerabilities --- .github/workflows/coverage.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml index 584e452..27cfebe 100644 --- a/.github/workflows/coverage.yml +++ b/.github/workflows/coverage.yml @@ -17,4 +17,4 @@ jobs: steps: - uses: actions/checkout@v4 - - uses: step-security/jest-coverage-report-action@v2 \ No newline at end of file + - uses: step-security/jest-coverage-report-action@fix_RemoveVuln \ No newline at end of file From 3ff2254abdc49331c37aa00559989d5dbf0b51cb Mon Sep 17 00:00:00 2001 From: Raj Kumar Panda Date: Fri, 14 Feb 2025 01:39:32 +0530 Subject: [PATCH 12/24] ignoring test vulnerabilities --- __tests__/example.test.js | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/__tests__/example.test.js b/__tests__/example.test.js index 06e1b1a..b108130 100644 --- a/__tests__/example.test.js +++ b/__tests__/example.test.js @@ -7,4 +7,8 @@ test('adds 1 + 2 to equal 3', () => { test('adds 2 + 2 to equal 4', () => { expect(2 + 2).toBe(4); }); + +test('adds 2 + 2 to equal 4', () => { + expect(2 + 3).toBe(5); + }); \ No newline at end of file From 675e838e964a8f4eedf28dfb9e77fdf0df73c87f Mon Sep 17 00:00:00 2001 From: Raj Kumar Panda Date: Fri, 14 Feb 2025 01:45:52 +0530 Subject: [PATCH 13/24] j --- __tests__/example.test.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/__tests__/example.test.js b/__tests__/example.test.js index b108130..6635d06 100644 --- a/__tests__/example.test.js +++ b/__tests__/example.test.js @@ -8,7 +8,7 @@ test('adds 2 + 2 to equal 4', () => { expect(2 + 2).toBe(4); }); -test('adds 2 + 2 to equal 4', () => { +test('adds 2 + 2 to equal 5', () => { expect(2 + 3).toBe(5); }); \ No newline at end of file From 9fe2efe162e12504371a7a80b1503a950a32020d Mon Sep 17 00:00:00 2001 From: Raj Kumar Panda Date: Fri, 14 Feb 2025 01:46:43 +0530 Subject: [PATCH 14/24] j --- __tests__/example.test.js | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/__tests__/example.test.js b/__tests__/example.test.js index 6635d06..d1ccb11 100644 --- a/__tests__/example.test.js +++ b/__tests__/example.test.js @@ -11,4 +11,8 @@ test('adds 2 + 2 to equal 4', () => { test('adds 2 + 2 to equal 5', () => { expect(2 + 3).toBe(5); }); + +test('adds 2 + 4 to equal 6', () => { + expect(2 + 4).toBe(6); + }); \ No newline at end of file From 37c81e56474c318c637252a96add6aa92379b4ff Mon Sep 17 00:00:00 2001 From: Raj Kumar Panda Date: Fri, 14 Feb 2025 10:25:09 +0530 Subject: [PATCH 15/24] j --- .github/workflows/coverage.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml index 27cfebe..fcb7e58 100644 --- a/.github/workflows/coverage.yml +++ b/.github/workflows/coverage.yml @@ -17,4 +17,4 @@ jobs: steps: - uses: actions/checkout@v4 - - uses: step-security/jest-coverage-report-action@fix_RemoveVuln \ No newline at end of file + - uses: step-security/jest-coverage-report-action@main \ No newline at end of file From be5fd7d8de73bb32b36eea5026c87a75b89d25d9 Mon Sep 17 00:00:00 2001 From: Raj Kumar Panda Date: Thu, 27 Feb 2025 12:37:38 +0530 Subject: [PATCH 16/24] upgrade requirements 3.7 --- __tests__/example.test.js | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/__tests__/example.test.js b/__tests__/example.test.js index d1ccb11..b45211b 100644 --- a/__tests__/example.test.js +++ b/__tests__/example.test.js @@ -15,4 +15,7 @@ test('adds 2 + 2 to equal 5', () => { test('adds 2 + 4 to equal 6', () => { expect(2 + 4).toBe(6); }); - \ No newline at end of file + + test('adds 2 + 5 to equal 7', () => { + expect(2 + 5).toBe(7); + }); \ No newline at end of file From 08c5df13c38eec73ff5dc3c797b7a1e90502e81e Mon Sep 17 00:00:00 2001 From: Raj Kumar Panda Date: Thu, 27 Feb 2025 14:32:32 +0530 Subject: [PATCH 17/24] temp --- .github/workflows/audit-package.yml | 2 +- .github/workflows/coverage.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/audit-package.yml b/.github/workflows/audit-package.yml index 9c2f076..fcb0e98 100644 --- a/.github/workflows/audit-package.yml +++ b/.github/workflows/audit-package.yml @@ -25,7 +25,7 @@ on: jobs: audit-fix: - uses: step-security/reusable-workflows/.github/workflows/npm_audit_fix.yml@fix_Build-As-Per-Input + uses: step-security/reusable-workflows/.github/workflows/npm_audit_fix.yml@v1 with: force: ${{ inputs.force }} base_branch: ${{ inputs.base_branch }} diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml index fcb7e58..a12f53c 100644 --- a/.github/workflows/coverage.yml +++ b/.github/workflows/coverage.yml @@ -17,4 +17,4 @@ jobs: steps: - uses: actions/checkout@v4 - - uses: step-security/jest-coverage-report-action@main \ No newline at end of file + - uses: step-security/jest-coverage-report-action@temp-audit \ No newline at end of file From 158fb110b7d43fa657227d2530be8d9be594bd71 Mon Sep 17 00:00:00 2001 From: Raj Kumar Panda Date: Thu, 27 Feb 2025 14:33:47 +0530 Subject: [PATCH 18/24] temp --- .github/workflows/audit-package.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/audit-package.yml b/.github/workflows/audit-package.yml index fcb0e98..9c2f076 100644 --- a/.github/workflows/audit-package.yml +++ b/.github/workflows/audit-package.yml @@ -25,7 +25,7 @@ on: jobs: audit-fix: - uses: step-security/reusable-workflows/.github/workflows/npm_audit_fix.yml@v1 + uses: step-security/reusable-workflows/.github/workflows/npm_audit_fix.yml@fix_Build-As-Per-Input with: force: ${{ inputs.force }} base_branch: ${{ inputs.base_branch }} From ddecdf375f1d707e03efbb5f9919f65b13e07d78 Mon Sep 17 00:00:00 2001 From: Raj Kumar Panda Date: Thu, 27 Feb 2025 14:45:36 +0530 Subject: [PATCH 19/24] temp --- .github/workflows/coverage.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml index a12f53c..b8f40a0 100644 --- a/.github/workflows/coverage.yml +++ b/.github/workflows/coverage.yml @@ -17,4 +17,4 @@ jobs: steps: - uses: actions/checkout@v4 - - uses: step-security/jest-coverage-report-action@temp-audit \ No newline at end of file + - uses: step-security/jest-coverage-report-action@npm-audit-fix-force \ No newline at end of file From 1a4189b4f4634560ed7d6d598eeda21186e361e1 Mon Sep 17 00:00:00 2001 From: Raj Kumar Panda Date: Fri, 28 Feb 2025 13:03:43 +0530 Subject: [PATCH 20/24] manually fixed vulnerabilities --- .github/workflows/coverage.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml index b8f40a0..31d2c4a 100644 --- a/.github/workflows/coverage.yml +++ b/.github/workflows/coverage.yml @@ -17,4 +17,4 @@ jobs: steps: - uses: actions/checkout@v4 - - uses: step-security/jest-coverage-report-action@npm-audit-fix-force \ No newline at end of file + - uses: step-security/jest-coverage-report-action@fix_Manual-npm-audit-fix \ No newline at end of file From ea8acc9f2982c8a3ce99182cdf228db0cefb92e5 Mon Sep 17 00:00:00 2001 From: Raj Kumar Panda Date: Mon, 3 Mar 2025 12:02:53 +0530 Subject: [PATCH 21/24] manually fixed vulnerabilities --- .github/workflows/coverage.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml index 31d2c4a..fcb7e58 100644 --- a/.github/workflows/coverage.yml +++ b/.github/workflows/coverage.yml @@ -17,4 +17,4 @@ jobs: steps: - uses: actions/checkout@v4 - - uses: step-security/jest-coverage-report-action@fix_Manual-npm-audit-fix \ No newline at end of file + - uses: step-security/jest-coverage-report-action@main \ No newline at end of file From 7a4a47331235885bc7ead472eb89920c90250e78 Mon Sep 17 00:00:00 2001 From: Raj Kumar Panda Date: Mon, 10 Mar 2025 10:44:03 +0530 Subject: [PATCH 22/24] Bump axios to 1.8.2 --- .github/workflows/coverage.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml index fcb7e58..e61b4b1 100644 --- a/.github/workflows/coverage.yml +++ b/.github/workflows/coverage.yml @@ -17,4 +17,4 @@ jobs: steps: - uses: actions/checkout@v4 - - uses: step-security/jest-coverage-report-action@main \ No newline at end of file + - uses: step-security/jest-coverage-report-action@fix_Vulnerabilities-Manually-After-Weekly-Cron \ No newline at end of file From 07e6532d8b0a4e9f495e632548f7e0fb0907d034 Mon Sep 17 00:00:00 2001 From: Raj Kumar Panda Date: Mon, 10 Mar 2025 13:27:09 +0530 Subject: [PATCH 23/24] ci --- .github/workflows/coverage.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml index e61b4b1..fcb7e58 100644 --- a/.github/workflows/coverage.yml +++ b/.github/workflows/coverage.yml @@ -17,4 +17,4 @@ jobs: steps: - uses: actions/checkout@v4 - - uses: step-security/jest-coverage-report-action@fix_Vulnerabilities-Manually-After-Weekly-Cron \ No newline at end of file + - uses: step-security/jest-coverage-report-action@main \ No newline at end of file From 4648e19e9613e21b2881f7a6c2ed28456a5e2569 Mon Sep 17 00:00:00 2001 From: Raj-StepSecurity Date: Mon, 4 Aug 2025 11:38:59 +0530 Subject: [PATCH 24/24] Update coverage.yml --- .github/workflows/coverage.yml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml index fcb7e58..0c6b738 100644 --- a/.github/workflows/coverage.yml +++ b/.github/workflows/coverage.yml @@ -17,4 +17,8 @@ jobs: steps: - uses: actions/checkout@v4 - - uses: step-security/jest-coverage-report-action@main \ No newline at end of file + - name: Harden Runner + uses: step-security/harden-runner@rc + with: + egress-policy: audit + - uses: step-security/jest-coverage-report-action@main