Bearer · cfabianski · Aug 16, 2023 · Aug 16, 2023 · Aug 16, 2023
diff --git a/docs/.eleventy.js b/docs/.eleventy.js
@@ -1,62 +1,61 @@
-const syntaxHighlight = require("@11ty/eleventy-plugin-syntaxhighlight");
+const syntaxHighlight = require("@11ty/eleventy-plugin-syntaxhighlight")
 
 const {
   EleventyHtmlBasePlugin,
   EleventyRenderPlugin,
-} = require("@11ty/eleventy");
-
-const yaml = require("js-yaml");
-const markdownIt = require("markdown-it");
-const markdownItEmoji = require("markdown-it-emoji");
-const markdownItAnchor = require("markdown-it-anchor");
-const pluginTOC = require("eleventy-plugin-toc");
-const htmlencode = require("htmlencode");
-const now = String(Date.now());
-const path = require("path");
-const mermaid = require("./_src/_plugins/mermaid");
+} = require("@11ty/eleventy")
+
+const yaml = require("js-yaml")
+const markdownIt = require("markdown-it")
+const markdownItEmoji = require("markdown-it-emoji")
+const markdownItAnchor = require("markdown-it-anchor")
+const pluginTOC = require("eleventy-plugin-toc")
+const now = String(Date.now())
+const path = require("path")
+const mermaid = require("./_src/_plugins/mermaid")
 
 const mdSetup = markdownIt({ html: true })
   .use(markdownItEmoji)
-  .use(markdownItAnchor);
+  .use(markdownItAnchor)
 
 mdSetup.renderer.rules.code_inline = (tokens, idx, { langPrefix = "" }) => {
-  const token = tokens[idx];
+  const token = tokens[idx]
   return `<code class="${langPrefix}">${mdSetup.utils.escapeHtml(
     token.content
-  )}</code>`;
-};
+  )}</code>`
+}
 
 module.exports = function (eleventyConfig) {
-  eleventyConfig.addWatchTarget("./_src/styles/tailwind.config.js");
-  eleventyConfig.addWatchTarget("./_src/styles/tailwind.css");
-  eleventyConfig.addWatchTarget("./_src/js/*.js");
-  eleventyConfig.addPassthroughCopy("assets/img");
-  eleventyConfig.addPassthroughCopy("assets/fonts");
+  eleventyConfig.addWatchTarget("./_src/styles/tailwind.config.js")
+  eleventyConfig.addWatchTarget("./_src/styles/tailwind.css")
+  eleventyConfig.addWatchTarget("./_src/js/*.js")
+  eleventyConfig.addPassthroughCopy("assets/img")
+  eleventyConfig.addPassthroughCopy("assets/fonts")
   eleventyConfig.addPassthroughCopy({
     "./_src/styles/prism-theme.css": "./prism-theme.css",
-  });
+  })
   eleventyConfig.addPassthroughCopy({
     "./_src/styles/callout.css": "./callout.css",
-  });
-  eleventyConfig.addPassthroughCopy({ "./_src/js/app.js": "./app.js" });
+  })
+  eleventyConfig.addPassthroughCopy({ "./_src/js/app.js": "./app.js" })
   eleventyConfig.addPassthroughCopy({
     "./_src/js/rule-search.js": "./rule-search.js",
-  });
-  eleventyConfig.addPassthroughCopy({ "./_tmp/style.css": "./style.css" });
-  eleventyConfig.addPassthroughCopy({ "./robots.txt": "./robots.txt" });
-  eleventyConfig.addPassthroughCopy({ "./_redirects": "./_redirects" });
-  eleventyConfig.addDataExtension("yaml", (contents) => yaml.load(contents));
+  })
+  eleventyConfig.addPassthroughCopy({ "./_tmp/style.css": "./style.css" })
+  eleventyConfig.addPassthroughCopy({ "./robots.txt": "./robots.txt" })
+  eleventyConfig.addPassthroughCopy({ "./_redirects": "./_redirects" })
+  eleventyConfig.addDataExtension("yaml", (contents) => yaml.load(contents))
   eleventyConfig.addShortcode("version", function () {
-    return now;
-  });
-  eleventyConfig.setLibrary("md", mdSetup);
+    return now
+  })
+  eleventyConfig.setLibrary("md", mdSetup)
   eleventyConfig.addPlugin(EleventyHtmlBasePlugin, {
     baseHref: "/",
-  });
+  })
+
+  eleventyConfig.addPlugin(EleventyRenderPlugin)
+  eleventyConfig.addPlugin(syntaxHighlight)
 
-  eleventyConfig.addPlugin(EleventyRenderPlugin);
-  eleventyConfig.addPlugin(syntaxHighlight);
-
   // mermaid rendering
   eleventyConfig.addPlugin(mermaid, {
     themeVariables: {
@@ -71,30 +70,30 @@ module.exports = function (eleventyConfig) {
       clusterBkg: "transparent",
       secondaryColor: "hsl(243,27%,35%)",
     },
-  });
+  })
 
   eleventyConfig.addPlugin(pluginTOC, {
     wrapper: "nav",
-  });
+  })
 
   eleventyConfig.addFilter("sortById", (arr) => {
-    arr.sort((a, b) => (a.metadata.id > b.metadata.id ? 1 : -1));
-    return arr;
-  });
+    arr.sort((a, b) => (a.metadata.id > b.metadata.id ? 1 : -1))
+    return arr
+  })
   eleventyConfig.addFilter("setAttribute", (obj, key, value) => {
-    obj[key] = value;
-    return obj;
-  });
+    obj[key] = value
+    return obj
+  })
   eleventyConfig.addFilter("deduplicate", (arr) => {
     const result = arr.filter(
       (value, index, self) => index === self.findIndex((t) => t.id === value.id)
-    );
-    return result;
-  });
+    )
+    return result
+  })
 
   eleventyConfig.addFilter("keysToArr", (data) => {
-    return Object.keys(data);
-  });
+    return Object.keys(data)
+  })
   eleventyConfig.addFilter("rewriteFrameworks", (word) => {
     function updatePhrase(word) {
       const dictionary = {
@@ -103,84 +102,94 @@ module.exports = function (eleventyConfig) {
         express: "ExpressJS",
         react: "React",
         third_parties: "Third party",
-      };
+      }
 
       if (dictionary[word]) {
-        return dictionary[word];
+        return dictionary[word]
       }
-      return word;
+      return word
     }
 
     if (typeof word === "string") {
-      return updatePhrase(word);
+      return updatePhrase(word)
     } else if (Array.isArray(word)) {
-      let cleaned = word.filter((w) => w !== "third_parties");
-      return cleaned.map((w) => updatePhrase(w));
+      let cleaned = word.filter((w) => w !== "third_parties")
+      return cleaned.map((w) => updatePhrase(w))
     } else if (typeof word === "object") {
-      let cleaned = Object.keys(word).filter((w) => w !== "third_parties");
-      return cleaned.map((w) => updatePhrase(w));
+      let cleaned = Object.keys(word).filter((w) => w !== "third_parties")
+      return cleaned.map((w) => updatePhrase(w))
     }
-    return word;
-  });
+    return word
+  })
 
   eleventyConfig.addNunjucksFilter("packageMap", (name, manager, group) => {
     switch (manager) {
       case "rubygems":
-        return `https://rubygems.org/gems/${name}`;
+        return `https://rubygems.org/gems/${name}`
       case "packagist":
-        return `https://packagist.org/packages/${name}`;
+        return `https://packagist.org/packages/${name}`
       case "go":
-        return `https://${name}`;
+        return `https://${name}`
       case "npm":
-        return `https://www.npmjs.com/package/${name}`;
+        return `https://www.npmjs.com/package/${name}`
       case "pypi":
-        return `https://pypi.org/project/${name}`;
+        return `https://pypi.org/project/${name}`
       case "maven":
-        return `https://mvnrepository.com/artifact/${group}/${name}`;
+        return `https://mvnrepository.com/artifact/${group}/${name}`
       case "nuget":
-        return `https://www.nuget.org/packages/${name}`;
+        return `https://www.nuget.org/packages/${name}`
       default:
-        return "/";
+        return "/"
     }
-  });
+  })
 
   eleventyConfig.addNunjucksGlobal("navHighlight", (parent, child) => {
-    const target = parent.split(path.sep).slice(1, -1);
-    const check = child.split(path.sep).slice(1, -1);
+    const target = parent.split(path.sep).slice(1, -1)
+    const check = child.split(path.sep).slice(1, -1)
     // handles individual rule pages highlighting "rule" in side nav
     const isRule =
-      target.includes("rules") && check[check.length - 2] === "rules";
+      target.includes("rules") && check[check.length - 2] === "rules"
     if (child === parent || isRule) {
-      return true;
+      return true
     } else {
-      return false;
+      return false
+    }
+  })
+
+  eleventyConfig.addPairedShortcode(
+    "callout",
+    function (content, level = "", format = "html", customLabel = "") {
+      if (format === "md") {
+        content = mdIt.renderInline(content)
+      } else if (format === "md-block") {
+        content = mdIt.render(content)
+      }
+      let label = ""
+      if (customLabel) {
+        label = customLabel
+      } else if (level === "info" || level === "error") {
+        label = level.toUpperCase()
+      } else if (level === "warn") {
+        label = "WARNING"
+      }
+      let labelHtml = label
+        ? `<div class="elv-callout-label">${customLabel || label}</div>`
+        : ""
+      let contentHtml =
+        (content || "").trim().length > 0
+          ? `<div class="elv-callout-c">${content}</div>`
+          : ""
+
+      return `<div class="elv-callout${
+        level ? ` elv-callout-${level}` : ""
+      }">${labelHtml}${contentHtml}</div>`
     }
-  });
-
-  eleventyConfig.addPairedShortcode("callout", function(content, level = "", format = "html", customLabel = "") {
-		if( format === "md" ) {
-			content = mdIt.renderInline(content);
-		} else if( format === "md-block" ) {
-			content = mdIt.render(content);
-		}
-		let label = "";
-		if(customLabel) {
-			label = customLabel;
-		} else if(level === "info" || level === "error") {
-			label = level.toUpperCase();
-		} else if(level === "warn") {
-			label = "WARNING"
-		}
-		let labelHtml = label ? `<div class="elv-callout-label">${customLabel || label}</div>` : "";
-		let contentHtml = (content || "").trim().length > 0 ? `<div class="elv-callout-c">${content}</div>` : "";
-
-		return `<div class="elv-callout${level ? ` elv-callout-${level}` : ""}">${labelHtml}${contentHtml}</div>`;
-	});
+  )
 
   return {
     dir: {
       includes: "_src/_includes",
       output: "_site",
     },
-  };
-};
+  }
+}
diff --git a/docs/guides/bearer-cloud.md b/docs/guides/bearer-cloud.md
@@ -49,7 +49,7 @@ bearer scan project-folder --api-key=XXXXXXXX
 
 Using the same setup process found in [the GitHub action guide](/guides/github-action/), configure the action to run `with` the `api-key` option. For example:
 
-```yml
+```yaml
 # .github/workflows/bearer.yml
 name: Bearer
 on:
@@ -67,7 +67,7 @@ jobs:
         id: report
         uses: bearer/bearer-action@v2
         with:
-          api-key: ${{ secrets.BEARER_TOKEN }}
+          api-key: {% raw %}${{ secrets.BEARER_TOKEN }}{% endraw %}
 ```
 
 We highly recommend using GitHub's [encrypted secrets](https://docs.github.com/en/actions/security-guides/encrypted-secrets). In the example above, the secret is named `BEARER_TOKEN`.
@@ -76,7 +76,7 @@ We highly recommend using GitHub's [encrypted secrets](https://docs.github.com/e
 
 Set up the [GitLab CI/CD configuration](/guides/gitlab), then adjust your settings to include the `--api-key` flag with the `scan` command:
 
-```yml
+```yaml
 # .gitlab-ci.yml
 bearer:
   image:

diff --git a/docs/guides/github-action.njk b/docs/guides/github-action.njk
@@ -15,7 +15,7 @@ Actions live in the `.github/workflows/` directory within your repository. Start
 
 We recommend the following config in `.github/workflows/bearer.yml` to run Bearer's security report:
 
-```yml
+```yaml
 name: Bearer
 
 on:
@@ -42,7 +42,7 @@ This will run the [security report](/explanations/reports), display the results
 
 Just as with the CLI app, you can configure the action to meet the needs of your project. Set custom inputs and outputs using the `with` key. Here's an example using the `config-file`, `skip-path`, and `only-rule` flags:
 
-```yml
+```yaml
 steps:
   - uses: actions/checkout@v3
   - name: Bearer
@@ -89,7 +89,7 @@ Bearer CLI supports [GitHub code scanning](https://docs.github.com/en/code-secur
 
 To enable this feature, update your action configuration to include new permissions, new format and outputs, and an additional step. Here's an example configuration:
 
-```diff-yml
+```diff-yaml
 name: Bearer
 
 on:
@@ -162,7 +162,7 @@ Bearer CLI supports [Reviewdog](https://github.com/reviewdog/reviewdog) rdjson f
 
 ![Bearer CLI results in Github PR](/assets/img/gh-pr-review.png)
 
-```yaml
+```diff-yaml
 name: Bearer PR Check
 
 on: