From ff568b8b4990a828ccfc9207a62f9ecef39e0578 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 24 Jan 2025 01:14:41 +0000 Subject: [PATCH 1/4] chore(deps): update all non-major dependencies in .github/workflows/regression.yml (#1295) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/codeql-analysis.yml | 6 +++--- .github/workflows/regression.yml | 8 ++++---- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 7d4759e5..c402c427 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -13,12 +13,12 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - name: Initialize CodeQL - uses: github/codeql-action/init@dd196fa9ce80b6bacc74ca1c32bd5b0ba22efca7 # v3 + uses: github/codeql-action/init@ee117c905ab18f32fa0f66c2fe40ecc8013f3e04 # v3 with: languages: go - name: Autobuild - uses: github/codeql-action/autobuild@dd196fa9ce80b6bacc74ca1c32bd5b0ba22efca7 # v3 + uses: github/codeql-action/autobuild@ee117c905ab18f32fa0f66c2fe40ecc8013f3e04 # v3 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@dd196fa9ce80b6bacc74ca1c32bd5b0ba22efca7 # v3 + uses: github/codeql-action/analyze@ee117c905ab18f32fa0f66c2fe40ecc8013f3e04 # v3 diff --git a/.github/workflows/regression.yml b/.github/workflows/regression.yml index b6ddfbf8..d3569438 100644 --- a/.github/workflows/regression.yml +++ b/.github/workflows/regression.yml @@ -48,28 +48,28 @@ jobs: export BUILD_TAGS=${{ matrix.build-flag }} go run mage.go coverage - name: "Codecov: General" - uses: codecov/codecov-action@5a605bd92782ce0810fa3b8acc235c921b497052 # v5 + uses: codecov/codecov-action@0da7aa657d958d32c117fc47e1f977e7524753c7 # v5 if: ${{ matrix.go-version == '1.22.x' }} with: files: build/coverage.txt flags: default,${{ matrix.build-flag }} token: ${{ secrets.CODECOV_TOKEN }} - name: "Codecov: Examples" - uses: codecov/codecov-action@5a605bd92782ce0810fa3b8acc235c921b497052 # v5 + uses: codecov/codecov-action@0da7aa657d958d32c117fc47e1f977e7524753c7 # v5 if: ${{ matrix.go-version == '1.22.x' }} with: files: build/coverage-examples.txt flags: examples+${{ matrix.build-flag }} token: ${{ secrets.CODECOV_TOKEN }} - name: "Codecov: FTW" - uses: codecov/codecov-action@5a605bd92782ce0810fa3b8acc235c921b497052 # v5 + uses: codecov/codecov-action@0da7aa657d958d32c117fc47e1f977e7524753c7 # v5 if: ${{ matrix.go-version == '1.22.x' }} with: files: build/coverage-ftw.txt flags: ftw,${{ matrix.build-flag }} token: ${{ secrets.CODECOV_TOKEN }} - name: "Codecov: Tinygo" - uses: codecov/codecov-action@5a605bd92782ce0810fa3b8acc235c921b497052 # v5 + uses: codecov/codecov-action@0da7aa657d958d32c117fc47e1f977e7524753c7 # v5 # only if coverage-tinygo.txt exists if: ${{ matrix.go-version == '1.22.x' && hashFiles('build/coverage-tinygo.txt') != '' }} with: From 077bde8d53ddcad8670ba9ca22e8c845febaa59f Mon Sep 17 00:00:00 2001 From: Matteo Pace Date: Fri, 24 Jan 2025 17:44:55 +0100 Subject: [PATCH 2/4] fix(ci): ignore codecov tests from wait-for-status-checks (#1292) * ignore codecov from wait-for-status-checks * tidy --- .github/workflows/regression.yml | 1 + examples/http-server/go.mod | 2 +- examples/http-server/go.sum | 8 ++++---- go.sum | 4 ---- testing/coreruleset/go.sum | 8 -------- 5 files changed, 6 insertions(+), 17 deletions(-) diff --git a/.github/workflows/regression.yml b/.github/workflows/regression.yml index d3569438..b357cb05 100644 --- a/.github/workflows/regression.yml +++ b/.github/workflows/regression.yml @@ -86,4 +86,5 @@ jobs: uses: poseidon/wait-for-status-checks@899c768d191b56eef585c18f8558da19e1f3e707 # v0.6.0 with: token: ${{ secrets.GITHUB_TOKEN }} + ignore: "codecov/patch,codecov/project" \ No newline at end of file diff --git a/examples/http-server/go.mod b/examples/http-server/go.mod index 1b0fef49..480fd7b5 100644 --- a/examples/http-server/go.mod +++ b/examples/http-server/go.mod @@ -11,7 +11,7 @@ require ( github.com/tidwall/gjson v1.18.0 // indirect github.com/tidwall/match v1.1.1 // indirect github.com/tidwall/pretty v1.2.1 // indirect - golang.org/x/net v0.33.0 // indirect + golang.org/x/net v0.34.0 // indirect golang.org/x/sync v0.10.0 // indirect golang.org/x/tools v0.22.0 // indirect rsc.io/binaryregexp v0.2.0 // indirect diff --git a/examples/http-server/go.sum b/examples/http-server/go.sum index 1a3cbd01..05299a64 100644 --- a/examples/http-server/go.sum +++ b/examples/http-server/go.sum @@ -19,12 +19,12 @@ github.com/tidwall/pretty v1.2.1 h1:qjsOFOWWQl+N3RsoF5/ssm1pHmJJwhjlSbZ51I6wMl4= github.com/tidwall/pretty v1.2.1/go.mod h1:ITEVvHYasfjBbM0u2Pg8T2nJnzm8xPwvNhhsoaGGjNU= golang.org/x/mod v0.18.0 h1:5+9lSbEzPSdWkH32vYPBwEpX8KwDbM52Ud9xBUvNlb0= golang.org/x/mod v0.18.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= -golang.org/x/net v0.33.0 h1:74SYHlV8BIgHIFC/LrYkOGIwL19eTYXQ5wc6TBuO36I= -golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4= +golang.org/x/net v0.34.0 h1:Mb7Mrk043xzHgnRM88suvJFwzVrRfHEHJEl5/71CKw0= +golang.org/x/net v0.34.0/go.mod h1:di0qlW3YNM5oh6GqDGQr92MyTozJPmybPK4Ev/Gm31k= golang.org/x/sync v0.10.0 h1:3NQrjDixjgGwUOCaF8w2+VYHv0Ve/vGYSbdkTa98gmQ= golang.org/x/sync v0.10.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= -golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA= -golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.29.0 h1:TPYlXGxvx1MGTn2GiZDhnjPA9wZzZeGKHHmKhHYvgaU= +golang.org/x/sys v0.29.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/tools v0.22.0 h1:gqSGLZqv+AI9lIQzniJ0nZDRG5GBPsSi+DRNHWNz6yA= golang.org/x/tools v0.22.0/go.mod h1:aCwcsjqvq7Yqt6TNyX7QMU2enbQ/Gt0bo6krSeEri+c= rsc.io/binaryregexp v0.2.0 h1:HfqmD5MEmC0zvwBuF187nq9mdnXjXsSivRiXN7SmRkE= diff --git a/go.sum b/go.sum index d31bf04d..813c8fbe 100644 --- a/go.sum +++ b/go.sum @@ -53,8 +53,6 @@ golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= golang.org/x/net v0.15.0/go.mod h1:idbUs1IY1+zTqbi8yxTbhexhEEk5ur9LInksu6HrEpk= golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= golang.org/x/net v0.18.0/go.mod h1:/czyP5RqHAH4odGYxBJ1qz0+CE5WZ+2j1YgoEo8F2jQ= -golang.org/x/net v0.33.0 h1:74SYHlV8BIgHIFC/LrYkOGIwL19eTYXQ5wc6TBuO36I= -golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4= golang.org/x/net v0.34.0 h1:Mb7Mrk043xzHgnRM88suvJFwzVrRfHEHJEl5/71CKw0= golang.org/x/net v0.34.0/go.mod h1:di0qlW3YNM5oh6GqDGQr92MyTozJPmybPK4Ev/Gm31k= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -75,8 +73,6 @@ golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.14.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA= -golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/sys v0.29.0 h1:TPYlXGxvx1MGTn2GiZDhnjPA9wZzZeGKHHmKhHYvgaU= golang.org/x/sys v0.29.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= diff --git a/testing/coreruleset/go.sum b/testing/coreruleset/go.sum index 5e76e919..4b091523 100644 --- a/testing/coreruleset/go.sum +++ b/testing/coreruleset/go.sum @@ -4,8 +4,6 @@ github.com/Masterminds/semver v1.5.0 h1:H65muMkzWKEuNDnfl9d70GUjFniHKHRbFPGBuZ3Q github.com/Masterminds/semver v1.5.0/go.mod h1:MB6lktGJrhw8PrUyiEoblNEGEQ+RzHPF078ddwwvV3Y= github.com/Masterminds/sprig v2.22.0+incompatible h1:z4yfnGrZ7netVz+0EDJ0Wi+5VZCSYp4Z0m2dk6cEM60= github.com/Masterminds/sprig v2.22.0+incompatible/go.mod h1:y6hNFY5UBTIWBxnzTeuNhlNS5hqE0NB0E6fgfo2Br3o= -github.com/bmatcuk/doublestar/v4 v4.7.1 h1:fdDeAqgT47acgwd9bd9HxJRDmc9UAmPpc+2m0CXv75Q= -github.com/bmatcuk/doublestar/v4 v4.7.1/go.mod h1:xBQ8jztBU6kakFMg+8WGxn0c6z1fTSPVIjEY1Wr7jzc= github.com/bmatcuk/doublestar/v4 v4.8.0 h1:DSXtrypQddoug1459viM9X9D3dp1Z7993fw36I2kNcQ= github.com/bmatcuk/doublestar/v4 v4.8.0/go.mod h1:xBQ8jztBU6kakFMg+8WGxn0c6z1fTSPVIjEY1Wr7jzc= github.com/corazawaf/coraza-coreruleset v0.0.0-20240226094324-415b1017abdc h1:OlJhrgI3I+FLUCTI3JJW8MoqyM78WbqJjecqMnqG+wc= @@ -99,14 +97,10 @@ github.com/valllabh/ocsf-schema-golang v1.0.3 h1:eR8k/3jP/OOqB8LRCtdJ4U+vlgd/gk5 github.com/valllabh/ocsf-schema-golang v1.0.3/go.mod h1:sZ3as9xqm1SSK5feFWIR2CuGeGRhsM7TR1MbpBctzPk= github.com/yargevad/filepathx v1.0.0 h1:SYcT+N3tYGi+NvazubCNlvgIPbzAk7i7y2dwg3I5FYc= github.com/yargevad/filepathx v1.0.0/go.mod h1:BprfX/gpYNJHJfc35GjRRpVcwWXS89gGulUIU5tK3tA= -golang.org/x/crypto v0.31.0 h1:ihbySMvVjLAeSH1IbfcRTkD/iNscyz8rGzjF/E5hV6U= -golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk= golang.org/x/crypto v0.32.0 h1:euUpcYgM8WcP71gNpTqQCn6rC2t6ULUPiOzfWaXVVfc= golang.org/x/crypto v0.32.0/go.mod h1:ZnnJkOaASj8g0AjIduWNlq2NRxL0PlBrbKVyZ6V/Ugc= golang.org/x/mod v0.18.0 h1:5+9lSbEzPSdWkH32vYPBwEpX8KwDbM52Ud9xBUvNlb0= golang.org/x/mod v0.18.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= -golang.org/x/net v0.33.0 h1:74SYHlV8BIgHIFC/LrYkOGIwL19eTYXQ5wc6TBuO36I= -golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4= golang.org/x/net v0.34.0 h1:Mb7Mrk043xzHgnRM88suvJFwzVrRfHEHJEl5/71CKw0= golang.org/x/net v0.34.0/go.mod h1:di0qlW3YNM5oh6GqDGQr92MyTozJPmybPK4Ev/Gm31k= golang.org/x/sync v0.10.0 h1:3NQrjDixjgGwUOCaF8w2+VYHv0Ve/vGYSbdkTa98gmQ= @@ -114,8 +108,6 @@ golang.org/x/sync v0.10.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA= -golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/sys v0.29.0 h1:TPYlXGxvx1MGTn2GiZDhnjPA9wZzZeGKHHmKhHYvgaU= golang.org/x/sys v0.29.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/time v0.8.0 h1:9i3RxcPv3PZnitoVGMPDKZSq1xW1gK1Xy3ArNOGZfEg= From 761cd64a81c2bf607ada81cf06f2175492d3218a Mon Sep 17 00:00:00 2001 From: Roman Date: Fri, 24 Jan 2025 18:00:19 +0100 Subject: [PATCH 3/4] feat: add hexDecode transformation (#1275) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * with commented code * go sum update * simple implementation * add comment * add unit tests * change names in tests, remove redundant * grammar fix * updated hex method and tests --------- Co-authored-by: Roman Suvorov Co-authored-by: José Carlos Chávez Co-authored-by: Felipe Zipitría <3012076+fzipi@users.noreply.github.com> --- internal/transformations/hex_decode.go | 16 +++ internal/transformations/hex_decode_test.go | 98 +++++++++++++++++++ .../transformations/testdata/hexDecode.json | 77 +++++++-------- internal/transformations/transformations.go | 1 + 4 files changed, 150 insertions(+), 42 deletions(-) create mode 100644 internal/transformations/hex_decode.go create mode 100644 internal/transformations/hex_decode_test.go diff --git a/internal/transformations/hex_decode.go b/internal/transformations/hex_decode.go new file mode 100644 index 00000000..3e0aff39 --- /dev/null +++ b/internal/transformations/hex_decode.go @@ -0,0 +1,16 @@ +package transformations + +import ( + "encoding/hex" + + "github.com/corazawaf/coraza/v3/internal/strings" +) + +func hexDecode(data string) (string, bool, error) { + dst, err := hex.DecodeString(data) + if err != nil { + return "", false, err + } + + return strings.WrapUnsafe(dst), true, nil +} diff --git a/internal/transformations/hex_decode_test.go b/internal/transformations/hex_decode_test.go new file mode 100644 index 00000000..9b145968 --- /dev/null +++ b/internal/transformations/hex_decode_test.go @@ -0,0 +1,98 @@ +package transformations + +import ( + "testing" +) + +func TestHexDecode(t *testing.T) { + tests := []struct { + name string + input string + expectedOutput string + expectedValid bool + expectError bool + }{ + { + name: "valid hexadecimal string", + input: "48656c6c6f", + expectedOutput: "Hello", + expectedValid: true, + expectError: false, + }, + { + name: "odd length", + input: "48656c6c6f7", + expectedOutput: "", + expectedValid: false, + expectError: true, + }, + { + name: "invalid with non hex characters", + input: "YyYy", + expectedOutput: "", + expectedValid: false, + expectError: true, + }, + { + name: "invalid with extra characters", + input: "123G", + expectedOutput: "", + expectedValid: false, + expectError: true, + }, + { + name: "empty input", + input: "", + expectedOutput: "", + expectedValid: true, + expectError: false, + }, + { + name: "uppercase hex string", + input: "48454C4C4F", + expectedOutput: "HELLO", + expectedValid: true, + expectError: false, + }, + { + name: "mixed case", + input: "48454c4C4f", + expectedOutput: "HELLO", + expectedValid: true, + expectError: false, + }, + { + name: "special characters", + input: "21402324255E262A28", + expectedOutput: "!@#$%^&*(", + expectedValid: true, + expectError: false, + }, + { + name: "odd length with invalid character", + input: "48656c6c6fZ", + expectedOutput: "", + expectedValid: false, + expectError: true, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + t.Parallel() + output, valid, err := hexDecode(tt.input) + + if (err != nil) != tt.expectError { + t.Errorf("hexDecode(%q): expected error=%v, got error=%v", tt.input, tt.expectError, err) + } + + if output != tt.expectedOutput { + t.Errorf("hexDecode(%q): expected output=%q, got output=%q", tt.input, tt.expectedOutput, output) + } + + if valid != tt.expectedValid { + t.Errorf("hexDecode(%q): expected valid=%v, got valid=%v", tt.input, tt.expectedValid, valid) + } + }) + } +} diff --git a/internal/transformations/testdata/hexDecode.json b/internal/transformations/testdata/hexDecode.json index 664fbd81..99345b22 100644 --- a/internal/transformations/testdata/hexDecode.json +++ b/internal/transformations/testdata/hexDecode.json @@ -1,44 +1,37 @@ [ - { - "ret" : 1, - "input" : "", - "type" : "tfn", - "name" : "hexDecode", - "output" : "" - }, - { - "output" : "TestCase", - "ret" : 1, - "name" : "hexDecode", - "input" : "5465737443617365", - "type" : "tfn" - }, - { - "type" : "tfn", - "input" : "546573740043617365", - "name" : "hexDecode", - "ret" : 1, - "output" : "Test\\u0000Case" - }, - { - "output" : "\\x01#Eg\\x89\\x0a#\\x01#Eg\\x89\\x0a", - "type" : "tfn", - "input" : "01234567890a0z01234567890a", - "name" : "hexDecode", - "ret" : 1 - }, - { - "type" : "tfn", - "name" : "hexDecode", - "input" : "01234567890az", - "output" : "\\x01#Eg\\x89\\x0a", - "ret" : 1 - }, - { - "type" : "tfn", - "name" : "hexDecode", - "input" : "01234567890a0", - "output" : "\\x01#Eg\\x89\\x0a", - "ret" : 1 - } + { + "ret": 1, + "input": "", + "type": "tfn", + "name": "hexDecode", + "output": "" + }, + { + "output": "TestCase", + "ret": 1, + "name": "hexDecode", + "input": "5465737443617365", + "type": "tfn" + }, + { + "type": "tfn", + "input": "546573740043617365", + "name": "hexDecode", + "ret": 1, + "output": "Test\\u0000Case" + }, + { + "type": "tfn", + "name": "invalidCharacter", + "input": "01234567890z", + "output": "", + "ret": 0 + }, + { + "type": "tfn", + "name": "invalidLen", + "input": "54657374004", + "output": "", + "ret": 0 + } ] diff --git a/internal/transformations/transformations.go b/internal/transformations/transformations.go index 69aad6a1..78cdda25 100644 --- a/internal/transformations/transformations.go +++ b/internal/transformations/transformations.go @@ -35,6 +35,7 @@ func init() { Register("compressWhitespace", compressWhitespace) Register("cssDecode", cssDecode) Register("escapeSeqDecode", escapeSeqDecode) + Register("hexDecode", hexDecode) Register("hexEncode", hexEncode) Register("htmlEntityDecode", htmlEntityDecode) Register("jsDecode", jsDecode) From 7c6d46419cff2c350f2e15723609a0a534e6f4cf Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sat, 25 Jan 2025 00:44:40 +0000 Subject: [PATCH 4/4] chore(deps): update all non-major dependencies in .github/workflows/regression.yml (#1296) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/codeql-analysis.yml | 6 +++--- .github/workflows/regression.yml | 8 ++++---- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index c402c427..7bc9a02e 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -13,12 +13,12 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - name: Initialize CodeQL - uses: github/codeql-action/init@ee117c905ab18f32fa0f66c2fe40ecc8013f3e04 # v3 + uses: github/codeql-action/init@f6091c0113d1dcf9b98e269ee48e8a7e51b7bdd4 # v3 with: languages: go - name: Autobuild - uses: github/codeql-action/autobuild@ee117c905ab18f32fa0f66c2fe40ecc8013f3e04 # v3 + uses: github/codeql-action/autobuild@f6091c0113d1dcf9b98e269ee48e8a7e51b7bdd4 # v3 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@ee117c905ab18f32fa0f66c2fe40ecc8013f3e04 # v3 + uses: github/codeql-action/analyze@f6091c0113d1dcf9b98e269ee48e8a7e51b7bdd4 # v3 diff --git a/.github/workflows/regression.yml b/.github/workflows/regression.yml index b357cb05..6ae71611 100644 --- a/.github/workflows/regression.yml +++ b/.github/workflows/regression.yml @@ -48,28 +48,28 @@ jobs: export BUILD_TAGS=${{ matrix.build-flag }} go run mage.go coverage - name: "Codecov: General" - uses: codecov/codecov-action@0da7aa657d958d32c117fc47e1f977e7524753c7 # v5 + uses: codecov/codecov-action@13ce06bfc6bbe3ecf90edbbf1bc32fe5978ca1d3 # v5 if: ${{ matrix.go-version == '1.22.x' }} with: files: build/coverage.txt flags: default,${{ matrix.build-flag }} token: ${{ secrets.CODECOV_TOKEN }} - name: "Codecov: Examples" - uses: codecov/codecov-action@0da7aa657d958d32c117fc47e1f977e7524753c7 # v5 + uses: codecov/codecov-action@13ce06bfc6bbe3ecf90edbbf1bc32fe5978ca1d3 # v5 if: ${{ matrix.go-version == '1.22.x' }} with: files: build/coverage-examples.txt flags: examples+${{ matrix.build-flag }} token: ${{ secrets.CODECOV_TOKEN }} - name: "Codecov: FTW" - uses: codecov/codecov-action@0da7aa657d958d32c117fc47e1f977e7524753c7 # v5 + uses: codecov/codecov-action@13ce06bfc6bbe3ecf90edbbf1bc32fe5978ca1d3 # v5 if: ${{ matrix.go-version == '1.22.x' }} with: files: build/coverage-ftw.txt flags: ftw,${{ matrix.build-flag }} token: ${{ secrets.CODECOV_TOKEN }} - name: "Codecov: Tinygo" - uses: codecov/codecov-action@0da7aa657d958d32c117fc47e1f977e7524753c7 # v5 + uses: codecov/codecov-action@13ce06bfc6bbe3ecf90edbbf1bc32fe5978ca1d3 # v5 # only if coverage-tinygo.txt exists if: ${{ matrix.go-version == '1.22.x' && hashFiles('build/coverage-tinygo.txt') != '' }} with: