Initial commit

[brondani]

Ground work. Infrastructure and workflows based on https://github.com/Open-CMSIS-Pack/cbuild.

[github-actions]

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ⚠️ 5 package(s) with unknown licenses.

See the Details below.

License Issues

.github/workflows/release.yml

Package	Version	License	Issue Type
open-cmsis-pack/cbuild2cmake/.github/workflows/test.yml	main	Null	Unknown License

go.mod

Package	Version	License	Issue Type
golang.org/x/sync	0.5.0	Null	Unknown License
golang.org/x/sys	0.14.0	Null	Unknown License
gopkg.in/yaml.v3	3.0.1	Null	Unknown License
github.com/pmezard/go-difflib	1.0.0	Null	Unknown License

Scanned Manifest Files

.github/workflows/build.yml

• actions/checkout@b4ffde6
• actions/setup-go@93397be
• actions/upload-artifact@a8a3f3a

.github/workflows/codeql.yml

• actions/checkout@b4ffde6
• github/codeql-action@407ffaf
• github/codeql-action@407ffaf

.github/workflows/dependency-review.yml

• actions/checkout@b4ffde6
• actions/dependency-review-action@7bbfa03

.github/workflows/global.yml

• actions/checkout@b4ffde6

.github/workflows/markdown.yml

• actions/checkout@b4ffde6
• avto-dev/markdown-lint@04d43ee
• gaurav-nelson/github-action-markdown-link-check@0f074c8

.github/workflows/release.yml

• open-cmsis-pack/cbuild2cmake/.github/workflows/test.yml@main
• actions/checkout@b4ffde6
• actions/download-artifact@9bc31d5
• actions/setup-go@93397be
• goreleaser/goreleaser-action@7ec5c2b
• svenstaro/upload-release-action@1beeb57

.github/workflows/scorecard.yml

• actions/checkout@b4ffde6
• actions/upload-artifact@a8a3f3a
• github/codeql-action@407ffaf
• ossf/scorecard-action@0864cf1

.github/workflows/test.yml

• EnricoMi/publish-unit-test-result-action@ca89ad0
• actions/checkout@b4ffde6
• actions/download-artifact@9bc31d5
• actions/setup-go@93397be
• actions/upload-artifact@a8a3f3a
• golang/govulncheck-action@7da72f7
• golangci/golangci-lint-action@3a91952
• paambaati/codeclimate-action@4cace24

.github/workflows/tpip-check.yml

• actions/checkout@b4ffde6
• actions/download-artifact@9bc31d5
• actions/setup-go@93397be
• actions/upload-artifact@a8a3f3a
• peter-evans/create-pull-request@1534078

go.mod

• github.com/masterminds/semver/[email protected]
• github.com/open-cmsis-pack/cbuild/[email protected]
• github.com/davecgh/[email protected]
• github.com/inconshreveable/[email protected]
• github.com/otiai10/[email protected]
• github.com/pmezard/[email protected]
• github.com/sirupsen/[email protected]
• github.com/spf13/[email protected]
• github.com/spf13/[email protected]
• github.com/stretchr/[email protected]
• golang.org/x/[email protected]
• golang.org/x/[email protected]
• gopkg.in/[email protected]

[github-advanced-security]

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

[github-actions]

Test Results

  4 files  20 suites   0s ⏱️
  9 tests   9 ✔️ 0 💤 0 ❌
36 runs  36 ✔️ 0 💤 0 ❌

Results for commit 355d153.

♻️ This comment has been updated with latest results.

[soumeh01]

Infrastructure looks good to me. The only thing is the actions versions are outdated but once this change is merged dependabot shall update the versions after that we need to make few updates to release workflow and upload/download actions.