PRP: {Software name} {Vuln identifier} {Vuln type} #293
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: prp-issue-workflow | |
| on: | |
| issues: | |
| types: [labeled] | |
| jobs: | |
| on-request-post-welcome: | |
| if: github.event.label.name == 'PRP:Request' | |
| runs-on: ubuntu-latest | |
| permissions: | |
| issues: write | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| GH_REPO: ${{ github.repository }} | |
| GH_OWNER: ${{ github.repository_owner }} | |
| GH_REPO_NAME: ${{ github.event.repository.name }} | |
| NUMBER: ${{ github.event.issue.number }} | |
| AUTHOR: ${{ github.event.issue.user.login }} | |
| steps: | |
| - name: Post comment | |
| run: gh issue comment "$NUMBER" --body "$BODY" | |
| env: | |
| BODY: | | |
| Welcome to the Tsunami patch reward program! | |
| Your issue has been added to our triage queue and will reviewed | |
| shortly. The panel usually takes a decision once per week, so it | |
| can take up to a week before you hear back from us. | |
| Please, do not start the work until the panel has reached a | |
| decision. Although we always welcome contributions, unapproved | |
| work is not eligible for a reward. | |
| *~The Tsunami PRP team* | |
| - name: Assign to author | |
| continue-on-error: true | |
| run: gh issue edit "$NUMBER" --add-assignee "$AUTHOR" | |
| on-accepted-post-doc: | |
| if: github.event.label.name == 'PRP:Accepted' | |
| runs-on: ubuntu-latest | |
| permissions: | |
| issues: write | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| GH_REPO: ${{ github.repository }} | |
| NUMBER: ${{ github.event.issue.number }} | |
| AUTHOR: ${{ github.event.issue.user.login }} | |
| steps: | |
| - name: Post comment | |
| run: gh issue comment "$NUMBER" --body "$BODY" | |
| env: | |
| BODY: | | |
| Congratulations, your request has been approved! 🎉 | |
| This means that you can start working on this contribution. | |
| ❗ Please take a moment to fill the [participation form](https://bughunters.google.com/report/tsunami) | |
| If you are unsure where to start, we have compiled a set of | |
| useful guides in our documentation: | |
| 📖 https://google.github.io/tsunami-security-scanner/howto/ | |
| *Unfortunately, our documentation is not yet complete for | |
| fingerprints, Python plugins and weak credential detectors. For | |
| these, we recommend looking at existing plugins.* | |
| 📢 Read latest announcements on [GitHub pages](https://google.github.io/tsunami-security-scanner/) | |
| *~The Tsunami PRP team* | |
| on-queue-post-explanation: | |
| if: github.event.label.name == 'Contributor queue' | |
| runs-on: ubuntu-latest | |
| permissions: | |
| issues: write | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| GH_REPO: ${{ github.repository }} | |
| NUMBER: ${{ github.event.issue.number }} | |
| AUTHOR: ${{ github.event.issue.user.login }} | |
| steps: | |
| - name: Post comment | |
| run: gh issue comment "$NUMBER" --body "$BODY" | |
| env: | |
| BODY: | | |
| This issue has been put in your contributor queue. This usually | |
| means that you already are working on a contribution and the | |
| panel is waiting for your other contributions to be fully | |
| merged. | |
| An issue in your queue is not pre-approved. Any issue that is | |
| not explicitely approved by the panel will not be eligible for | |
| a reward. | |
| Unless there is an emergency, an issue in your queue cannot be | |
| claimed by another contributor. | |
| *~The Tsunami PRP team* | |
| on-rejected-close-and-post-explanation: | |
| if: github.event.label.name == 'PRP:Rejected' | |
| runs-on: ubuntu-latest | |
| permissions: | |
| issues: write | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| GH_REPO: ${{ github.repository }} | |
| NUMBER: ${{ github.event.issue.number }} | |
| steps: | |
| - name: Post comment | |
| run: gh issue comment "$NUMBER" --body "$BODY" | |
| env: | |
| BODY: | | |
| Thank you for willing to contribute to Tsunami. The PRP panel has decided not to | |
| continue with this contribution. | |
| We always welcome new contribution requests to Tsunami, so please continue suggesting | |
| issues that you would like to work on. | |
| *~The Tsunami PRP team* | |
| - name: Close issue | |
| run: gh issue close "$NUMBER" -r "not planned" |