github-advanced-security[bot] commented on code in PR #10261: URL: https://github.com/apache/ozone/pull/10261#discussion_r3234648236
########## .github/workflows/pr-diff-coverage.yml: ########## @@ -0,0 +1,53 @@ +name: PR Diff Coverage Verification + +on: + pull_request: + types: [opened, synchronize, reopened] + +permissions: + pull-requests: write + contents: read + +jobs: + analyze-diff-coverage: + runs-on: ubuntu-latest + + steps: + # Step 1: Checkout the repo with full git history (depth: 0) + # This is crucial so the action can compare the PR branch against the target branch + - name: Checkout Codebase + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + with: + fetch-depth: 0 + + # Step 2: Provision Java Runtime Environment + - name: Set up JDK 17 + uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 + with: + java-version: '17' + distribution: 'temurin' + cache: 'maven' # Swap to 'gradle' if using Gradle + + # Step 3: Compile and run tests to generate target/site/jacoco/jacoco.xml + - name: Execute Tests and Generate Reports + run: mvn clean test + # If using Gradle, use: ./gradlew test jacocoTestReport + + # Step 4: Run the Madrapps Action to find and match the git diff + - name: Generate and Post Diff Coverage Report + uses: madrapps/jacoco-report@d5e305e917d0577fb739d486aa78dc4769068b6b Review Comment: ## zizmor / commit with no history in referenced repository [Show more details](https://github.com/apache/ozone/security/code-scanning/6) ########## .github/workflows/pr-diff-coverage.yml: ########## @@ -0,0 +1,53 @@ +name: PR Diff Coverage Verification + +on: + pull_request: + types: [opened, synchronize, reopened] + +permissions: + pull-requests: write + contents: read + +jobs: + analyze-diff-coverage: + runs-on: ubuntu-latest + + steps: + # Step 1: Checkout the repo with full git history (depth: 0) + # This is crucial so the action can compare the PR branch against the target branch + - name: Checkout Codebase + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + with: + fetch-depth: 0 + + # Step 2: Provision Java Runtime Environment Review Comment: ## zizmor / credential persistence through GitHub Actions artifacts [Show more details](https://github.com/apache/ozone/security/code-scanning/5) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
