Skip to content

Releases: NHSDigital/eps-workflow-quality-checks

v4.0.5

12 Dec 09:48
bf9147b
Compare
Choose a tag to compare

4.0.5 (2024-12-12)

Chore

  • [AEA-4399] - change sonar action to use new action (#13) (bf9147b)

Info

See code diff
Release workflow run

It was initialized by anthony-nhs

v4.0.4

19 Nov 09:21
a83f03a
Compare
Choose a tag to compare

4.0.4 (2024-11-19)

Fix

  • [AEA-0000] - add step to run make lint (#12) (a83f03a)

Info

See code diff
Release workflow run

It was initialized by wildjames

v4.0.3

12 Nov 16:37
3738e97
Compare
Choose a tag to compare

4.0.3 (2024-11-12)

Docs

Info

See code diff
Release workflow run

It was initialized by wildjames

v4.0.2

06 Nov 15:08
18c2e69
Compare
Choose a tag to compare

4.0.2 (2024-11-06)

Fix

  • [AEA-0000] - Fix typo in java sonar (#10) (18c2e69)

Info

See code diff
Release workflow run

It was initialized by wildjames

v4.0.1

06 Nov 14:27
e3120b3
Compare
Choose a tag to compare

4.0.1 (2024-11-06)

Fix

  • [AEA-0000] - Fix sonar for java. Fix release tagging flow (#9) (e3120b3)

Info

See code diff
Release workflow run

It was initialized by wildjames

Add Secret Scanning

06 Nov 10:27
017c8a0
Compare
Choose a tag to compare

Breaking change. This version adds in secret scanning, which does not require any changes to the Github action call, but will almost certainly produce false positive matches to strings that look like secrets, but aren't.

To ignore flagged patterns, please create a .gitallowed file and place regex patterns to ignore there.

This is a reasonably sensible defaut for patterns that look secret-ish, but are okay:

token: ?"?\$\{\{\s*secrets\.GITHUB_TOKEN\s*\}\}"?
github-token: ?"?\$\{\{\s*secrets\.GITHUB_TOKEN\s*\}\}"?
token: ?"?\$\{\{\s*secrets\.DEPENDABOT_TOKEN\s*\}\}"?
id-token: write
--token=\$\{\{\s*steps\.generate-token\.outputs\.token\s*\}\}
--token=\$GITHUB-TOKEN
--token="\$GITHUB-TOKEN"
"accountId": "123456789012"
accountId: "123456789012"
console\.log\(`access token : \${access_token}`\)
.*CidrBlock.*
.*Gemfile\.lock.*
.*\.gitallowed.*
.*nhsd-rules-deny.txt.*
.*\.venv.*
.*node_modules.*

Use this as a jumping-off point, and tweak it for your project.

v3.0.0

22 Oct 09:22
aae365f
Compare
Choose a tag to compare

What's Changed

  • Upgrade: [AEA-4506] - Use main branch for SBOM action by @wildjames in #4

Full Changelog: v2...v3.0.0

Version 2

09 Oct 14:16
f8649dd
Compare
Choose a tag to compare

Some fixes. Should be more robust now, and give nicer feedback.

Version 1

18 Sep 11:55
03c75c5
Compare
Choose a tag to compare
v1

Use dev branch