Skip to content

my-pull-java #39

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
shashitiwary wants to merge 337 commits into
base: feature-1
Choose a base branch
from
Open

my-pull-java #39

shashitiwary wants to merge 337 commits into from

Conversation

@shashitiwary
Copy link

@shashitiwary shashitiwary commented Sep 4, 2019

this is to see jenkins file example

javahometech and others added 30 commits November 16, 2018 07:49
Create nov-2018-7am-devops
c71863c
Update Dockerfile
6ecb98e
Update Jenkinsfile
e0b3246
Update Dockerfile
ffc6108
Update Dockerfile
54b4fdc
Update index.html
2f29e54
Update pom.xml
4f4e0e6
Create docker-swarm-ci-cd
50d6579
Update pom.xml
8856957
Update Jenkinsfile
d248623
Update Jenkinsfile
da17df9
Update Calculator.java
8d77a88
Update function-demo
87558d7
Update pom.xml
6bf0055
Update deploy-to-tomcat
3e6bb77
Update index.html
0bd79fe
ssh demo
e0df037
Update Jenkinsfile
d1b6f4d
Update Jenkinsfile
c4c18b9
@javahomehari
Integrating with sonar qube
a769a8f
Merge pull request #33 from javahometech/feature/sonar-integration
70b434b 
Integrating with sonar qube
Create Chart.yml
e5ad45c
Update index.html
f3c9582
Update web.xml
00bf3bf
Update web.xml
350d5aa
Update index.html
91f2737
Update index.html
3691faf
Update index.html
bbb06aa
Update Calculator.java
5d7665c
Update Calculator.java
d0e4ed6
@github-advanced-security
Copy link

github-advanced-security bot commented Mar 18, 2024

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

@github-advanced-security
Copy link

github-advanced-security bot commented Jul 21, 2025

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

github-advanced-security[bot]
github-advanced-security bot found potential problems Jul 21, 2025
View reviewed changes
.github/workflows/maven.yml
Comment on lines +8 to +18
runs-on: ubuntu-latest

steps:
- uses: actions/checkout@v1
- name: Set up JDK 1.8
uses: actions/setup-java@v1
with:
java-version: 1.8
- name: Build with Maven
run: mvn -B package --file pom.xml

Check warning

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {contents: read}

Copilot Autofix

AI 5 months ago

To fix the problem, we should explicitly set the permissions key in the workflow to restrict the GITHUB_TOKEN to the least privilege necessary. For a typical CI build workflow like this, read-only access to repository contents (contents: read) is sufficient, as the workflow only checks out code and builds it, without making any changes to the repository or interacting with pull requests, issues, or releases. The best place to add this is at the workflow root (top-level), so it applies to all jobs unless overridden.

Edit .github/workflows/maven.yml and add a permissions: block with contents: read at the top level, just after the name: and before on:.

Suggested changeset 1
.github/workflows/maven.yml

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/.github/workflows/maven.yml b/.github/workflows/maven.yml
--- a/.github/workflows/maven.yml
+++ b/.github/workflows/maven.yml
@@ -1,3 +1,5 @@
+permissions:
+  contents: read
 name: Java CI
 
 on: [push]
EOF
@@ -1,3 +1,5 @@
permissions:
contents: read
name: Java CI

on: [push]
Copilot is powered by AI and may make mistakes. Always verify output.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@shashitiwary @Vikas3123 @rahulv1997 @javahomehari @javahometech