Add ReversingLabs Workflow (Don't Merge) #782
Conversation
|
/hold |
2 similar comments
|
/hold |
|
/hold |
|
/hold |
1 similar comment
|
/hold |
By submitting a PR to this repository, you agree to the terms within the [Auth0 Code of Conduct](https://github.com/auth0/open-source-template/blob/master/CODE-OF-CONDUCT.md). Please see the [contributing guidelines](https://github.com/auth0/.github/blob/master/CONTRIBUTING.md) for how to create and submit a high-quality PR for this repo. ### Description > Describe the purpose of this PR along with any background information and the impacts of the proposed change. For the benefit of the community, please do not assume prior context. > > Provide details that support your chosen implementation, including: breaking changes, alternatives considered, changes to the API, etc. > > If the UI is being changed, please provide screenshots. ### References > Include any links supporting this change such as a: > > - GitHub Issue/PR number addressed or fixed > - Auth0 Community post > - StackOverflow post > - Support forum thread > - Related pull requests/issues from other repos > > If there are no references, simply delete this section. ### Testing > Describe how this can be tested by reviewers. Be specific about anything not tested and reasons why. If this library has unit and/or integration testing, tests should be added for new functionality and existing tests should complete without errors. > > Please include any manual steps for testing end-to-end or functionality not covered by unit/integration tests. > > Also include details of the environment this PR was developed in (language/platform/browser version). - [ ] This change adds test coverage for new/changed/fixed functionality ### Checklist - [ ] I have added documentation for new/changed functionality in this PR or in auth0.com/docs - [ ] All active GitHub checks for tests, formatting, and security are passing - [ ] The correct base branch is being used, if not the default branch
| --artifact "${{ inputs.artifact-path }}" \ | ||
| --name "${{ github.event.repository.name }}" \ | ||
| --version "${{ inputs.version }}" \ | ||
| --repository "${{ inputs.repository }}" \ |
There was a problem hiding this comment.
Rather than requiring this to be passed in via a param, would it make sense just to use the default Actions var GITHUB_REPOSITORY ?
assuming this is a local action, so effectively it will only ever be publishing for auth0-react.
| - name: Install Python dependencies | ||
| shell: bash | ||
| run: | | ||
| pip install --upgrade pip |
There was a problem hiding this comment.
this should not be necessary, considering you just ran the install with the Python actions. You'll see your workflow also indicates,
Requirement already satisfied: pip in /opt/hostedtoolcache/Python/3.10.15/x64/lib/python3.10/site-packages (24.2)
So I'd suggest to remove this.
| rl-scanner: | ||
| uses: ./.github/workflows/rl-secure.yml | ||
| with: | ||
| node-version: 18 |
There was a problem hiding this comment.
dont think the scanner uses Node at all, does it? doesn't look like that action needs to do any building of the React SDK at all, just points the scanner to the artifact?
There was a problem hiding this comment.
we are just passing node-version for npm build.
By submitting a PR to this repository, you agree to the terms within the Auth0 Code of Conduct. Please see the contributing guidelines for how to create and submit a high-quality PR for this repo.
Description
References
Testing
Checklist