feat: add security analysis support for internal compsite GitHub Actions #3593
pr-change-set.yaml
on: pull_request
Matrix: build / Build Macaron
build
/
...
/
Analyzing and comparing different versions of an artifact
1m 29s
build
/
...
/
Detecting malicious packages
2m 23s
build
/
...
/
How to detect vulnerable GitHub Actions
1m 44s
build
/
...
/
Provenance discovery, extraction, and verification
2m 55s
build
/
...
/
Detecting Java dependencies manually uploaded to Maven Central
1m 1s
build
/
...
/
Exclude and include checks in Macaron
5m 48s
build
/
...
/
How to detect vulnerable GitHub Actions
1m 12s
build
/
...
/
How to detect vulnerable GitHub Actions
1m 3s
Annotations
3 errors
|
build / build_docker_image / test-macaron-action / How to detect vulnerable GitHub Actions
Process completed with exit code 1.
|
|
build / build_docker_image / test-macaron-action / How to detect vulnerable GitHub Actions
Process completed with exit code 1.
|
|
build / build_docker_image / test-macaron-action / Analyzing and comparing different versions of an artifact
Process completed with exit code 1.
|
Artifacts
Produced during runtime
| Name | Size | Digest | |
|---|---|---|---|
|
artifact-ubuntu-latest-python-3.11
Expired
|
44.6 MB |
sha256:02c401f5ebe1f74f172ffbc440084c68e64447807ec405a9d561c6f383956d1e
|
|
|
macaron-reports-vulnerable-actions-purl
|
36.2 KB |
sha256:f523b9fb401ab51bd8abd350802c02f764eeed83b896f8c09fedd409e1c93dca
|
|
|
macaron-reports-vulnerable-actions-repo
|
21.5 KB |
sha256:16dbb60df89835c29841d32e6cadc0be0580f544a368a48956b1856ac519cf22
|
|
|
macaron-test-image
Expired
|
378 MB |
sha256:0cbb21d9429304fd2561cddfc0b5d02f3127237e2fd6ddc876bae7414cd04416
|
|
|
macaron-vulnerable-actions-fail-diagnosis
|
22.4 KB |
sha256:25334926e0cff08f3668482bf12db6258d0a163b224134a7044c4172e5f7fa52
|
|