Update xss-example.js #47
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| on: [pull_request] | |
| jobs: | |
| Checkmarx-Mobb-example: | |
| runs-on: ubuntu-latest | |
| name: Fix Checkmarx findings with Mobb | |
| steps: | |
| - name: Checkout repo to get code | |
| uses: actions/checkout@v3 | |
| - name: Setup Node on this machine | |
| uses: actions/[email protected] | |
| with: | |
| node-version: 18 | |
| - name: Download and configure Checkmarx CLI | |
| run: | | |
| wget https://github.com/Checkmarx/ast-cli/releases/download/2.0.54/ast-cli_2.0.54_linux_x64.tar.gz -O checkmarx.tar.gz | |
| tar -xf checkmarx.tar.gz | |
| ./cx configure set --prop-name cx_apikey --prop-value ${{ secrets.CX_API_KEY }} | |
| ./cx configure set --prop-name cx_base_auth_uri --prop-value ${{ secrets.CX_BASE_AUTH_URI }} | |
| ./cx configure set --prop-name cx_base_uri --prop-value ${{ secrets.CX_BASE_URI }} | |
| ./cx configure set --prop-name cx_tenant --prop-value ${{ secrets.CX_TENANT }} | |
| shell: bash -l {0} | |
| - name: Run Checkmarx SAST scan | |
| run: ./cx scan create --project-name tomer-test-project -s ./ --report-format json --scan-types sast --branch nobranch --threshold "sast-high=1" | |
| shell: bash -l {0} | |
| # - name: Run Mobb on the findings and get fixes | |
| # if: always() | |
| # uses: mobb-dev/action@v1 | |
| # with: | |
| # report-file: "cx_result.json" | |
| # api-key: ${{ secrets.MOBB_API_TOKEN }} | |
| # github-token: ${{ secrets.GITHUB_TOKEN }} |