From 4a4ea45a18f780d9e7c4ed47f3449595234ebed1 Mon Sep 17 00:00:00 2001 From: PavelLinearB Date: Tue, 9 May 2023 15:49:34 +0300 Subject: [PATCH 01/13] fix bugs --- Dockerfile | 3 --- introduction/apis.py | 28 +++----------------------- introduction/mitre.py | 5 ----- introduction/static/css/dark-theme.css | 6 ------ introduction/views.py | 2 +- 5 files changed, 4 insertions(+), 40 deletions(-) diff --git a/Dockerfile b/Dockerfile index 5c449c9a2..bf0a3679a 100644 --- a/Dockerfile +++ b/Dockerfile @@ -21,9 +21,6 @@ COPY requirements.txt requirements.txt RUN pip install --no-cache-dir -r requirements.txt -# copy project -COPY . /app/ - # install pygoat EXPOSE 8000 diff --git a/introduction/apis.py b/introduction/apis.py index a434539e0..448c5b751 100644 --- a/introduction/apis.py +++ b/introduction/apis.py @@ -4,7 +4,6 @@ from introduction.playground.A9.main import Log from introduction.playground.A6.utility import check_vuln from django.contrib.auth import login,authenticate -from .utility import * from django.views.decorators.csrf import csrf_exempt import time from .views import authentication_decorator @@ -20,31 +19,10 @@ def ssrf_code_checker(request): if request.method == 'POST': python_code = request.POST['python_code'] html_code = request.POST['html_code'] - if not (ssrf_code_converter(python_code)): - return JsonResponse({"status": "error", "message": "Invalid code"}) - test_bench1 = ssrf_html_input_extractor(html_code) - - if (len(test_bench1) >4): - return JsonResponse({'message':'too many inputs in Html\n Try again'},status = 400) - test_bench2 = ['secret.txt'] - correct_output1 = [{"blog": "blog1-passed"}, {"blog": "blog2-passed"}, {"blog": "blog3-passed"}, {"blog": "blog4-passed"}] - outputs = [] - for inputs in test_bench1: - outputs.append(main.ssrf_lab(inputs)) - if outputs == correct_output1: - outputs = [] - else: - return JsonResponse({'message':'Testbench failed, Code is not working\n Try again'},status = 200) - - correct_output2 = [{"blog": "No blog found"}] - for inputs in test_bench2: - outputs.append(main.ssrf_lab(inputs)) - if outputs == correct_output2: - return JsonResponse({'message':'Congratulation, you have written a secure code.', 'passed':1}, status = 200) return JsonResponse({'message':'Test bench passed but the code is not secure'}, status = 200,safe = False) else: - return JsonResponse({'message':'method not allowed'},status = 405) + return JsonResponse({'message':'1method not allowed'},status = 405) else: return JsonResponse({'message':'UnAuthenticated User'},status = 401) @@ -82,7 +60,7 @@ def log_function_checker(request): f.close() return JsonResponse({"message":"success", "logs": lines},status = 200) else: - return JsonResponse({"message":"method not allowed"},status = 405) + return JsonResponse({"message":"2method not allowed"},status = 405) #a7 codechecking api @csrf_exempt @@ -120,7 +98,7 @@ def A6_disscussion_api(request): @csrf_exempt def A6_disscussion_api_2(request): if request.method != 'POST': - return JsonResponse({"message":"method not allowed"},status = 405) + return JsonResponse({"message":"3method not allowed"},status = 405) try: code = request.POST.get('code') dirname = os.path.dirname(__file__) diff --git a/introduction/mitre.py b/introduction/mitre.py index 419bfb8c9..a7a5a77c9 100644 --- a/introduction/mitre.py +++ b/introduction/mitre.py @@ -210,11 +210,6 @@ def csrf_transfer_monei_api(request,recipent,amount): # @authentication_decorator @csrf_exempt def mitre_lab_25_api(request): - if request.method == "POST": - expression = request.POST.get('expression') - result = eval(expression) - return JsonResponse({'result': result}) - else: return redirect('/mitre/25/lab/') diff --git a/introduction/static/css/dark-theme.css b/introduction/static/css/dark-theme.css index 417fa0360..cdb9a007a 100644 --- a/introduction/static/css/dark-theme.css +++ b/introduction/static/css/dark-theme.css @@ -406,7 +406,6 @@ h2 { padding: 17px; border-radius: 10px; text-align: center; - padding: 13% 0 0 0; } #owasp10_2017 { width: 90%; @@ -417,7 +416,6 @@ h2 { padding: 17px; border-radius: 10px; text-align: center; - padding: 13% 0 0 0; } #sidebar li ul a #owasp10_2021 { @@ -442,7 +440,6 @@ h2 { padding: 17px; border-radius: 10px; text-align: center; - padding: 13% 0 0 0; } #homeSubmenu { @@ -464,7 +461,6 @@ h2 { padding: 17px; border-radius: 10px; text-align: center; - padding: 13% 0% 0% 0%; } #challengeSubmenu { width: 95%; @@ -488,7 +484,6 @@ h2 { padding: 17px; border-radius: 10px; text-align: center; - padding: 13% 0% 0% 0%; } #mitre25 { width: 90%; @@ -499,7 +494,6 @@ h2 { padding: 17px; border-radius: 10px; text-align: center; - padding: 13% 0% 0% 0%; } #stylesheet-toggle{ diff --git a/introduction/views.py b/introduction/views.py index b4ed8cf78..081987d3a 100644 --- a/introduction/views.py +++ b/introduction/views.py @@ -156,7 +156,7 @@ def sql_lab(request): print(sql_query) try: print("\nin try\n") - val=login.objects.raw(sql_query) + val="" except: print("\nin except\n") return render( From f7eb62a53bb418cca807bb4209f60a356e80018a Mon Sep 17 00:00:00 2001 From: PavelLinearB Date: Tue, 9 May 2023 15:56:33 +0300 Subject: [PATCH 02/13] remove redundant code --- introduction/apis.py | 2 -- 1 file changed, 2 deletions(-) diff --git a/introduction/apis.py b/introduction/apis.py index 448c5b751..baa6646da 100644 --- a/introduction/apis.py +++ b/introduction/apis.py @@ -17,8 +17,6 @@ def ssrf_code_checker(request): if request.user.is_authenticated: if request.method == 'POST': - python_code = request.POST['python_code'] - html_code = request.POST['html_code'] return JsonResponse({'message':'Test bench passed but the code is not secure'}, status = 200,safe = False) else: From 6b109a32dfdf100544820bc8eee1478861b014b7 Mon Sep 17 00:00:00 2001 From: PavelLinearB Date: Wed, 17 May 2023 16:53:03 +0300 Subject: [PATCH 03/13] added cm with sonar --- .cm/sonar.cm | 44 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 44 insertions(+) create mode 100644 .cm/sonar.cm diff --git a/.cm/sonar.cm b/.cm/sonar.cm new file mode 100644 index 000000000..f826fef05 --- /dev/null +++ b/.cm/sonar.cm @@ -0,0 +1,44 @@ +manifest: + version: 1.0 + + # Add labels + if: + - {{ sonar.vulnerabilities.count > 0}} + run: + - action: add-label@v1 + args: + label: "{{ sonar.vulnerabilities.count }} vulnerabilities found" + color: {{ fecdca if (sonar.vulnerabilities.rating == 'E') else (f0f593 if (sonar.vulnerabilities.rating >= 'C' ) else d1fadf) }} + if: + - {{ sonar.security_hotspots.count > 0}} + run: + - action: add-label@v1 + args: + label: "{{ sonar.security_hotspots.count }} Security Hotspots found" + color: {{ fecdca if (sonar.security_hotspots.rating == 'E') else (f0f593 if (sonar.security_hotspots.rating >= 'C' ) else d1fadf) }} # Add labels + if: + - {{ sonar.code_smells.count > 0}} + run: + - action: add-label@v1 + args: + label: "{{ sonar.code_smells.count }} code smells found" + color: {{ fecdca if (sonar.code_smells.rating == 'E') else (f0f593 if (sonar.code_smells.rating >= 'C' ) else d1fadf) }} + if: + - {{ sonar.bugs.count > 0}} + run: + - action: add-label@v1 + args: + label: "{{ sonar.bugs.count }} bugs found" + color: {{ fecdca if (sonar.bugs.rating == 'E') else (f0f593 if (sonar.bugs.rating >= 'C' ) else d1fadf) }} + + # Auto assign Security member + if: + - {{ sonar.code_smells.rating > 'B' }} + - {{ sonar.vulnerabilities.rating > 'B'}} + - {{ sonar.security_hotspots.rating > 'B'}} + run: + - action: add-reviewers@v1 + args: + team_reviewers: [app-sec] + +sonar: {{ pr | sonarParser }} \ No newline at end of file From 93af5b187b9596aa107d640c1ac0f43d245c02c3 Mon Sep 17 00:00:00 2001 From: PavelLinearB Date: Wed, 17 May 2023 16:59:09 +0300 Subject: [PATCH 04/13] add automations --- .cm/sonar.cm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.cm/sonar.cm b/.cm/sonar.cm index f826fef05..4a5d14f86 100644 --- a/.cm/sonar.cm +++ b/.cm/sonar.cm @@ -1,6 +1,6 @@ manifest: version: 1.0 - +automations: # Add labels if: - {{ sonar.vulnerabilities.count > 0}} From 831ada17ee3538af53c5da219f5b7b164694cc53 Mon Sep 17 00:00:00 2001 From: PavelLinearB Date: Wed, 17 May 2023 17:37:10 +0300 Subject: [PATCH 05/13] added labels --- .cm/sonar.cm | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/.cm/sonar.cm b/.cm/sonar.cm index 4a5d14f86..ac21db503 100644 --- a/.cm/sonar.cm +++ b/.cm/sonar.cm @@ -2,6 +2,7 @@ manifest: version: 1.0 automations: # Add labels + vulnerabilities: if: - {{ sonar.vulnerabilities.count > 0}} run: @@ -9,6 +10,7 @@ automations: args: label: "{{ sonar.vulnerabilities.count }} vulnerabilities found" color: {{ fecdca if (sonar.vulnerabilities.rating == 'E') else (f0f593 if (sonar.vulnerabilities.rating >= 'C' ) else d1fadf) }} + security_hotspots: if: - {{ sonar.security_hotspots.count > 0}} run: @@ -16,6 +18,7 @@ automations: args: label: "{{ sonar.security_hotspots.count }} Security Hotspots found" color: {{ fecdca if (sonar.security_hotspots.rating == 'E') else (f0f593 if (sonar.security_hotspots.rating >= 'C' ) else d1fadf) }} # Add labels + code_smells: if: - {{ sonar.code_smells.count > 0}} run: @@ -23,6 +26,7 @@ automations: args: label: "{{ sonar.code_smells.count }} code smells found" color: {{ fecdca if (sonar.code_smells.rating == 'E') else (f0f593 if (sonar.code_smells.rating >= 'C' ) else d1fadf) }} + bugs: if: - {{ sonar.bugs.count > 0}} run: @@ -30,7 +34,7 @@ automations: args: label: "{{ sonar.bugs.count }} bugs found" color: {{ fecdca if (sonar.bugs.rating == 'E') else (f0f593 if (sonar.bugs.rating >= 'C' ) else d1fadf) }} - + Assign: # Auto assign Security member if: - {{ sonar.code_smells.rating > 'B' }} From 8423289c53c004a2a3f2e257b281e627c4db8410 Mon Sep 17 00:00:00 2001 From: PavelLinearB Date: Wed, 17 May 2023 17:56:25 +0300 Subject: [PATCH 06/13] added colors --- .cm/sonar.cm | 23 +++++++++++++++-------- 1 file changed, 15 insertions(+), 8 deletions(-) diff --git a/.cm/sonar.cm b/.cm/sonar.cm index ac21db503..92257b54f 100644 --- a/.cm/sonar.cm +++ b/.cm/sonar.cm @@ -9,7 +9,7 @@ automations: - action: add-label@v1 args: label: "{{ sonar.vulnerabilities.count }} vulnerabilities found" - color: {{ fecdca if (sonar.vulnerabilities.rating == 'E') else (f0f593 if (sonar.vulnerabilities.rating >= 'C' ) else d1fadf) }} + color: {{ fecdca if (sonar.vulnerabilities.rating == 'E') else (f0f593 if (sonar.vulnerabilities.rating == 'C' ) else d1fadf) }} security_hotspots: if: - {{ sonar.security_hotspots.count > 0}} @@ -17,7 +17,7 @@ automations: - action: add-label@v1 args: label: "{{ sonar.security_hotspots.count }} Security Hotspots found" - color: {{ fecdca if (sonar.security_hotspots.rating == 'E') else (f0f593 if (sonar.security_hotspots.rating >= 'C' ) else d1fadf) }} # Add labels + color: {{ fecdca if (sonar.security_hotspots.rating == 'E') else (f0f593 if (sonar.security_hotspots.rating == 'C' ) else d1fadf) }} # Add labels code_smells: if: - {{ sonar.code_smells.count > 0}} @@ -25,7 +25,7 @@ automations: - action: add-label@v1 args: label: "{{ sonar.code_smells.count }} code smells found" - color: {{ fecdca if (sonar.code_smells.rating == 'E') else (f0f593 if (sonar.code_smells.rating >= 'C' ) else d1fadf) }} + color: {{ fecdca if (sonar.code_smells.rating == 'E') else (f0f593 if (sonar.code_smells.rating == 'C' ) else d1fadf) }} bugs: if: - {{ sonar.bugs.count > 0}} @@ -33,16 +33,23 @@ automations: - action: add-label@v1 args: label: "{{ sonar.bugs.count }} bugs found" - color: {{ fecdca if (sonar.bugs.rating == 'E') else (f0f593 if (sonar.bugs.rating >= 'C' ) else d1fadf) }} + color: {{ fecdca if (sonar.bugs.rating == 'E') else (f0f593 if (sonar.bugs.rating == 'C' ) else d1fadf) }} Assign: # Auto assign Security member if: - - {{ sonar.code_smells.rating > 'B' }} - - {{ sonar.vulnerabilities.rating > 'B'}} - - {{ sonar.security_hotspots.rating > 'B'}} + - {{ sonar.code_smells.rating != 'B' }} + - {{ sonar.vulnerabilities.rating != 'B'}} + - {{ sonar.security_hotspots.rating != 'B'}} run: - action: add-reviewers@v1 args: team_reviewers: [app-sec] -sonar: {{ pr | sonarParser }} \ No newline at end of file +sonar: {{ pr | sonarParser }} + +colors: + A: 'd1fadf' + B: 'e1f5a8' + C: 'f0f593' + D: 'f5c778' + E: 'fecdca' \ No newline at end of file From f72494e0094498c2ec56eb2e353ae5c425ced526 Mon Sep 17 00:00:00 2001 From: PavelLinearB Date: Wed, 17 May 2023 18:03:49 +0300 Subject: [PATCH 07/13] fixed colors --- .cm/sonar.cm | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.cm/sonar.cm b/.cm/sonar.cm index 92257b54f..6f4662bf9 100644 --- a/.cm/sonar.cm +++ b/.cm/sonar.cm @@ -9,7 +9,7 @@ automations: - action: add-label@v1 args: label: "{{ sonar.vulnerabilities.count }} vulnerabilities found" - color: {{ fecdca if (sonar.vulnerabilities.rating == 'E') else (f0f593 if (sonar.vulnerabilities.rating == 'C' ) else d1fadf) }} + color: {{ 'fecdca' if (sonar.vulnerabilities.rating == 'E') else ('f0f593' if (sonar.vulnerabilities.rating == 'C' ) else 'd1fadf') }} security_hotspots: if: - {{ sonar.security_hotspots.count > 0}} @@ -17,7 +17,7 @@ automations: - action: add-label@v1 args: label: "{{ sonar.security_hotspots.count }} Security Hotspots found" - color: {{ fecdca if (sonar.security_hotspots.rating == 'E') else (f0f593 if (sonar.security_hotspots.rating == 'C' ) else d1fadf) }} # Add labels + color: {{ 'fecdca' if (sonar.security_hotspots.rating == 'E') else ('f0f593' if (sonar.security_hotspots.rating == 'C' ) else 'd1fadf') }} # Add labels code_smells: if: - {{ sonar.code_smells.count > 0}} @@ -25,7 +25,7 @@ automations: - action: add-label@v1 args: label: "{{ sonar.code_smells.count }} code smells found" - color: {{ fecdca if (sonar.code_smells.rating == 'E') else (f0f593 if (sonar.code_smells.rating == 'C' ) else d1fadf) }} + color: {{ 'fecdca' if (sonar.code_smells.rating == 'E') else ('f0f593' if (sonar.code_smells.rating == 'C' ) else 'd1fadf') }} bugs: if: - {{ sonar.bugs.count > 0}} @@ -33,7 +33,7 @@ automations: - action: add-label@v1 args: label: "{{ sonar.bugs.count }} bugs found" - color: {{ fecdca if (sonar.bugs.rating == 'E') else (f0f593 if (sonar.bugs.rating == 'C' ) else d1fadf) }} + color: {{ 'fecdca' if (sonar.bugs.rating == 'E') else ('f0f593' if (sonar.bugs.rating == 'C' ) else 'd1fadf') }} Assign: # Auto assign Security member if: From 58b428e743f80257b80bc256dd8f02c697134650 Mon Sep 17 00:00:00 2001 From: PavelLinearB Date: Wed, 17 May 2023 18:04:59 +0300 Subject: [PATCH 08/13] labels --- .cm/sonar.cm | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.cm/sonar.cm b/.cm/sonar.cm index 6f4662bf9..649650216 100644 --- a/.cm/sonar.cm +++ b/.cm/sonar.cm @@ -8,7 +8,7 @@ automations: run: - action: add-label@v1 args: - label: "{{ sonar.vulnerabilities.count }} vulnerabilities found" + label: "{{ sonar.vulnerabilities.count }} vulnerabilities" color: {{ 'fecdca' if (sonar.vulnerabilities.rating == 'E') else ('f0f593' if (sonar.vulnerabilities.rating == 'C' ) else 'd1fadf') }} security_hotspots: if: @@ -16,7 +16,7 @@ automations: run: - action: add-label@v1 args: - label: "{{ sonar.security_hotspots.count }} Security Hotspots found" + label: "{{ sonar.security_hotspots.count }} Security Hotspots" color: {{ 'fecdca' if (sonar.security_hotspots.rating == 'E') else ('f0f593' if (sonar.security_hotspots.rating == 'C' ) else 'd1fadf') }} # Add labels code_smells: if: @@ -24,7 +24,7 @@ automations: run: - action: add-label@v1 args: - label: "{{ sonar.code_smells.count }} code smells found" + label: "{{ sonar.code_smells.count }} code smells" color: {{ 'fecdca' if (sonar.code_smells.rating == 'E') else ('f0f593' if (sonar.code_smells.rating == 'C' ) else 'd1fadf') }} bugs: if: @@ -32,7 +32,7 @@ automations: run: - action: add-label@v1 args: - label: "{{ sonar.bugs.count }} bugs found" + label: "{{ sonar.bugs.count }} bugs" color: {{ 'fecdca' if (sonar.bugs.rating == 'E') else ('f0f593' if (sonar.bugs.rating == 'C' ) else 'd1fadf') }} Assign: # Auto assign Security member From a26a333ef38d3f2bf6a0c957c447bff6eccd8108 Mon Sep 17 00:00:00 2001 From: PavelLinearB Date: Wed, 17 May 2023 18:09:25 +0300 Subject: [PATCH 09/13] aaaa --- .cm/sonar.cm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.cm/sonar.cm b/.cm/sonar.cm index 649650216..b7e286e0d 100644 --- a/.cm/sonar.cm +++ b/.cm/sonar.cm @@ -17,7 +17,7 @@ automations: - action: add-label@v1 args: label: "{{ sonar.security_hotspots.count }} Security Hotspots" - color: {{ 'fecdca' if (sonar.security_hotspots.rating == 'E') else ('f0f593' if (sonar.security_hotspots.rating == 'C' ) else 'd1fadf') }} # Add labels + color: {{ 'fecdca' if (sonar.security_hotspots.rating == 'E') else ('f0f593' if (sonar.security_hotspots.rating == 'C' ) else 'd1fadf') }} code_smells: if: - {{ sonar.code_smells.count > 0}} @@ -43,7 +43,7 @@ automations: run: - action: add-reviewers@v1 args: - team_reviewers: [app-sec] + reviewers: [linear-b/app-sec] sonar: {{ pr | sonarParser }} From b5bbcee4712021d7d748a81551a2e543b1b7a487 Mon Sep 17 00:00:00 2001 From: PavelLinearB Date: Wed, 17 May 2023 18:17:31 +0300 Subject: [PATCH 10/13] reviewer --- .cm/sonar.cm | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.cm/sonar.cm b/.cm/sonar.cm index b7e286e0d..8e1bd3e74 100644 --- a/.cm/sonar.cm +++ b/.cm/sonar.cm @@ -37,9 +37,9 @@ automations: Assign: # Auto assign Security member if: - - {{ sonar.code_smells.rating != 'B' }} - - {{ sonar.vulnerabilities.rating != 'B'}} - - {{ sonar.security_hotspots.rating != 'B'}} + - {{ sonar.code_smells.rating != 'A' }} + - {{ sonar.vulnerabilities.rating != 'A'}} + - {{ sonar.security_hotspots.rating != 'A'}} run: - action: add-reviewers@v1 args: From 652f0eb3173e2872bc47150eb3b2fc6831d4f2ed Mon Sep 17 00:00:00 2001 From: PavelLinearB Date: Wed, 17 May 2023 18:22:40 +0300 Subject: [PATCH 11/13] change reviewers condition --- .cm/sonar.cm | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/.cm/sonar.cm b/.cm/sonar.cm index 8e1bd3e74..11d9137c6 100644 --- a/.cm/sonar.cm +++ b/.cm/sonar.cm @@ -37,9 +37,7 @@ automations: Assign: # Auto assign Security member if: - - {{ sonar.code_smells.rating != 'A' }} - - {{ sonar.vulnerabilities.rating != 'A'}} - - {{ sonar.security_hotspots.rating != 'A'}} + - {{ sonar.code_smells.rating != 'A' or sonar.vulnerabilities.rating != 'A' or sonar.security_hotspots.rating != 'A'}} run: - action: add-reviewers@v1 args: From 1c7847a76c14be09a64f7ea7af480fe7ce6a1cd3 Mon Sep 17 00:00:00 2001 From: PavelLinearB Date: Wed, 17 May 2023 18:27:18 +0300 Subject: [PATCH 12/13] dudu --- .cm/sonar.cm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.cm/sonar.cm b/.cm/sonar.cm index 11d9137c6..84481f738 100644 --- a/.cm/sonar.cm +++ b/.cm/sonar.cm @@ -41,7 +41,7 @@ automations: run: - action: add-reviewers@v1 args: - reviewers: [linear-b/app-sec] + reviewers: [Dudu-linb] sonar: {{ pr | sonarParser }} From 7463fab918b11e1c048737dc2b7c93e8192153b0 Mon Sep 17 00:00:00 2001 From: PavelLinearB Date: Thu, 18 May 2023 14:09:55 +0300 Subject: [PATCH 13/13] emoj --- .cm/sonar.cm | 21 +++++++++++++++++---- 1 file changed, 17 insertions(+), 4 deletions(-) diff --git a/.cm/sonar.cm b/.cm/sonar.cm index 84481f738..966accc89 100644 --- a/.cm/sonar.cm +++ b/.cm/sonar.cm @@ -8,7 +8,7 @@ automations: run: - action: add-label@v1 args: - label: "{{ sonar.vulnerabilities.count }} vulnerabilities" + label: '{{ sonar.vulnerabilities.count }} 🛡️ Vulnerabilities' color: {{ 'fecdca' if (sonar.vulnerabilities.rating == 'E') else ('f0f593' if (sonar.vulnerabilities.rating == 'C' ) else 'd1fadf') }} security_hotspots: if: @@ -16,7 +16,7 @@ automations: run: - action: add-label@v1 args: - label: "{{ sonar.security_hotspots.count }} Security Hotspots" + label: '{{ sonar.security_hotspots.count }} 🌶️ Security hotspots' color: {{ 'fecdca' if (sonar.security_hotspots.rating == 'E') else ('f0f593' if (sonar.security_hotspots.rating == 'C' ) else 'd1fadf') }} code_smells: if: @@ -24,7 +24,7 @@ automations: run: - action: add-label@v1 args: - label: "{{ sonar.code_smells.count }} code smells" + label: '{{ sonar.code_smells.count }} 💩 Code Smells' color: {{ 'fecdca' if (sonar.code_smells.rating == 'E') else ('f0f593' if (sonar.code_smells.rating == 'C' ) else 'd1fadf') }} bugs: if: @@ -32,8 +32,21 @@ automations: run: - action: add-label@v1 args: - label: "{{ sonar.bugs.count }} bugs" + label: '{{ sonar.bugs.count }} 🐞 Bugs' color: {{ 'fecdca' if (sonar.bugs.rating == 'E') else ('f0f593' if (sonar.bugs.rating == 'C' ) else 'd1fadf') }} + + mark_outstanding_pr: + if: + - {{ sonar.bugs.count == 0 }} + - {{ sonar.code_smells.count == 0 }} + - {{ sonar.vulnerabilities.count == 0 }} + - {{ sonar.security_hotspots.count == 0 }} + - {{ sonar.duplications == null or sonar.duplications == 0.0 }} + run: + - action: add-label@v1 + args: + label: '💯 Sonar' + color: 'd4333f' Assign: # Auto assign Security member if: