Sync bug fixes for release v2025.8 #86
Conversation
* added action file for soc2 scan report * Update security-scan.yml with creation of report PR only on push event
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| name: Shared Setup | ||
| runs-on: ubuntu-latest | ||
| outputs: | ||
| go-version: '1.22' | ||
| steps: | ||
| - name: Checkout Code | ||
| uses: actions/checkout@v3 | ||
| - name: Export Go Version | ||
| run: echo "go-version=1.22" >> $GITHUB_OUTPUT | ||
|
|
||
| gosec_scan: |
Check warning
Code scanning / CodeQL
Workflow does not contain permissions Medium
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 3 months ago
To fix this problem, add an explicit permissions key with the minimum required privileges to the setup job of the workflow. Since setup only checks out code and writes simple outputs (does not make pull requests or repository modifications), it only requires contents: read at most. This is best done by adding a permissions: block right under the runs-on line in the setup job definition. No other functional changes are required, and this will not alter the behavior of the job.
| @@ -11,6 +11,8 @@ | ||
| setup: | ||
| name: Shared Setup | ||
| runs-on: ubuntu-latest | ||
| permissions: | ||
| contents: read | ||
| outputs: | ||
| go-version: '1.22' | ||
| steps: |
|
Bito Automatic Review Skipped - Files Excluded |
3 participants
Add scan for SOC2 audit in main. (#82)
added action file for soc2 scan report
Update security-scan.yml with creation of report PR only on push event
What this PR does / why we need it:
Which issue(s) this PR fixes (optional, in
fixes #<issue number>(, fixes #<issue_number>, ...)format, will close the issue(s) when PR gets merged):Fixes #
Additional information
Special notes for your reviewer