Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ci: add workflow for cosmos/gosec #13311

Merged
merged 6 commits into from
Sep 16, 2022
Merged

ci: add workflow for cosmos/gosec #13311

merged 6 commits into from
Sep 16, 2022

Conversation

kirbyquerby
Copy link
Contributor

Description

Fixes #10572

This workflow is based on evmos's workflow: https://github.com/evmos/evmos/blob/main/.github/workflows/security.yml

Author Checklist

All items are required. Please add a note to the item if the item is not applicable and
please add links to any relevant follow up issues.

I have...

  • included the correct type prefix in the PR title
  • added ! to the type prefix if API or client breaking change
  • targeted the correct branch (see PR Targeting)
  • provided a link to the relevant issue or specification
  • followed the guidelines for building modules
  • included the necessary unit and integration tests
  • added a changelog entry to CHANGELOG.md
  • included comments for documenting Go code
  • updated the relevant documentation or specification
  • reviewed "Files changed" and left comments if necessary
  • confirmed all CI checks have passed

Reviewers Checklist

All items are required. Please add a note if the item is not applicable and please add
your handle next to the items reviewed if you only reviewed selected items.

I have...

  • confirmed the correct type prefix in the PR title
  • confirmed ! in the type prefix if API or client breaking change
  • confirmed all author checklist items have been addressed
  • reviewed state machine logic
  • reviewed API design and naming
  • reviewed documentation is accurate
  • reviewed tests and test coverage
  • manually tested (if applicable)

@kirbyquerby kirbyquerby mentioned this pull request Sep 15, 2022
Closed
4 tasks
@kirbyquerby
Revert "force gosec run"
3f0c661 
This reverts commit eaf3ee9.
@kirbyquerby kirbyquerby marked this pull request as ready for review September 15, 2022 22:05
@kirbyquerby kirbyquerby requested a review from a team as a code owner September 15, 2022 22:05
@kirbyquerby
Copy link
Contributor Author

/cc @odeke-em @marbar3778

@julienrbrt julienrbrt enabled auto-merge (squash) September 16, 2022 10:06
@julienrbrt julienrbrt merged commit 254c8f1 into cosmos:main Sep 16, 2022
tac0turtle
tac0turtle reviewed Sep 16, 2022
View reviewed changes
Copy link
Member

@tac0turtle tac0turtle left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

where are the results pushed?

@odeke-em
Copy link
Collaborator

odeke-em commented Sep 16, 2022
edited
Loading

where are the results pushed?

@marbar3778 they are reported online in the PR but for the case of ensuring this is merged in before opening the floodgates otherwise the issue would be stapled forever; thus we've disabled reporting until we have breathing space for Q4 2022 but for example please see https://github.com/cosmos/cosmos-sdk/pull/13311/checks?check_run_id=8382756626

image

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tac0turtle tac0turtle tac0turtle left review comments

@odeke-em odeke-em odeke-em approved these changes

@julienrbrt julienrbrt julienrbrt approved these changes

Assignees
No one assigned
Labels
Type: CI
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

qa: add informalsystems/gosec static analysis passes to be a part of the build process.
4 participants
@kirbyquerby @odeke-em @tac0turtle @julienrbrt