build(deps): bump path-to-regexp from 0.1.7 to 0.1.12 in /lib/rhema-express #9
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This workflow uses actions that are not certified by GitHub. | |
| # They are provided by a third-party and are governed by | |
| # separate terms of service, privacy policy, and support | |
| # documentation. | |
| # Frogbot Scan Pull Request does the following: | |
| # Automatically scans new pull requests for security vulnerabilities. | |
| # Uses JFrog Xray to scan the project. | |
| # Read more about Frogbot here - https://github.com/jfrog/frogbot#frogbot | |
| # Frogbot uses a frogbot-config.yml file to run. The following article will guide you through the process of creating this file: | |
| # https://github.com/jfrog/frogbot/blob/master/docs/frogbot-config.md | |
| name: "Frogbot Scan Pull Request" | |
| on: | |
| pull_request_target: | |
| types: [ opened, synchronize ] | |
| permissions: | |
| pull-requests: write | |
| contents: read | |
| jobs: | |
| scan-pull-request: | |
| runs-on: ubuntu-latest | |
| # A pull request needs to be approved, before Frogbot scans it. Any GitHub user who is associated with the | |
| # "frogbot" GitHub environment can approve the pull request to be scanned. | |
| # Read more here (Install Frogbot Using GitHub Actions): https://github.com/jfrog/frogbot/blob/master/docs/install-github.md | |
| environment: frogbot | |
| steps: | |
| - uses: actions/checkout@v2 | |
| with: | |
| ref: ${{ github.event.pull_request.head.sha }} | |
| # IMPORTANT: | |
| # 1. See the following link for information about the tools that need to be installed for Frogbot to work - https://github.com/jfrog/frogbot/tree/master/docs/templates/github-actions/scan-and-fix | |
| # 2. Frogbot requires a frogbot-config.yml to run. Read more about in the following link - https://github.com/jfrog/frogbot/blob/master/docs/frogbot-config.md | |
| - uses: jfrog/frogbot@8daba7e9515dbc898012367c71c1018449cd7716 | |
| env: | |
| # [Mandatory] | |
| # JFrog platform URL | |
| JF_URL: ${{ secrets.JF_URL }} | |
| # [Mandatory if JF_USER and JF_PASSWORD are not provided] | |
| # JFrog access token with 'read' permissions on Xray service | |
| JF_ACCESS_TOKEN: ${{ secrets.JF_ACCESS_TOKEN }} | |
| # [Mandatory] | |
| # The GitHub token automatically generated for the job | |
| JF_GIT_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| # [Mandatory if JF_ACCESS_TOKEN is not provided] | |
| # JFrog username with 'read' permissions for Xray. Must be provided with JF_PASSWORD | |
| # JF_USER: ${{ secrets.JF_USER }} | |
| # [Mandatory if JF_ACCESS_TOKEN is not provided] | |
| # JFrog password. Must be provided with JF_USER | |
| # JF_PASSWORD: ${{ secrets.JF_PASSWORD }} |