Fix #204 #518

# to view logs

Workflow file for this run

.github/workflows/dotnet-core.yml at 9494697

	name: .NET Core

	on:
	push:
	branches: [ master ]
	pull_request:
	branches: [ master ]

	jobs:
	Build:
	runs-on: ubuntu-latest
	steps:
	- name: Initial Checkout
	uses: actions/checkout@v2.3.3
	with:
	path: ./NuGetDefense
	fetch-depth: 0

	- name: Checkout NVD Feed Impoorter
	uses: actions/checkout@v2.3.3
	with:
	repository: digitalcoyote/NuGetDefense.NVD
	path: ./NuGetDefense.NVD

	- name: Install Dependencies
	run: \|
	dotnet nuget add source "https://nuget.pkg.github.com/digitalcoyote/index.json" --name github --username digitalcoyote --password ${{ secrets.GITHUB_TOKEN }} --store-password-in-clear-text
	dotnet restore ./NuGetDefense.NVD/Src/NuGetDefense.NVD.sln
	dotnet restore ./NuGetDefense/Src/NuGetDefense.sln
	dotnet tool install Nuke.GlobalTool --global
	dotnet tool install GitVersion.Tool --global


	- name: Generate VulnerabilityData.bin
	run: \|
	dotnet build ./NuGetDefense.NVD/Src/NuGetDefense.NVD.sln -property:GeneratePackageOnBuild=false --configuration Release -v m
	mkdir -p ./NuGetDefense/Src/NuGetDefense/bin/Release/netcoreapp3.1
	dotnet ./NuGetDefense.NVD/Src/NVDFeedImporter/bin/Release/netcoreapp3.1/NVDFeedImporter.dll "./NuGetDefense/Src/NuGetDefense/bin/Release/netcoreapp3.1/"

	- name: Build NuGetDefense
	working-directory: NuGetDefense
	run: nuke --root ./

	- name: Test
	run: dotnet test ./NuGetDefense/Src/NuGetDefense.sln --no-restore --verbosity normal

	- name: Publish to GitHub Package Repository
	working-directory: ./NuGetDefense/Src/NuGetDefense/bin/Release/
	shell: pwsh
	run: \|
	$nupkg = Get-ChildItem -Filter *.nupkg -Name \| Select-Object -First 1
	&curl -X PUT -u "digitalcoyote:${{ secrets.GITHUB_TOKEN }}" -F package=@"$nupkg" https://nuget.pkg.github.com/digitalcoyote/

	Bogus_Net:
	needs: Build
	runs-on: windows-latest
	steps:
	- name: Checkout
	uses: actions/checkout@v2.3.3
	with:
	repository: bchavez/Bogus

	- name: Install Dependencies
	run: \|
	dotnet restore ./Source/Bogus/Bogus.csproj
	dotnet restore ./Source/Bogus.Tests/Bogus.Tests.csproj
	dotnet nuget add source "https://nuget.pkg.github.com/digitalcoyote/index.json" --username digitalcoyote --password ${{ secrets.GITHUB_TOKEN }} --store-password-in-clear-text
	dotnet add ./Source/Bogus/Bogus.csproj package NuGetDefense --version 1.- -s https://nuget.pkg.github.com/digitalcoyote/index.json

	dotnet add ./Source/Bogus.Tests/Bogus.Tests.csproj package NuGetDefense --version 1.- -s https://nuget.pkg.github.com/digitalcoyote/index.json


	- name: Build Bogus
	run: dotnet build ./Source/Bogus/Bogus.csproj

	- name: Build Bogus.Tests
	run: dotnet build ./Source/Bogus.Tests/Bogus.Tests.csproj


	GitExtensions:
	needs: Build
	runs-on: windows-latest
	steps:
	- name: Checkout
	uses: actions/checkout@v2.3.3
	with:
	repository: gitextensions/gitextensions
	submodules: true

	- name: Add msbuild to PATH
	uses: microsoft/setup-msbuild@v1.0.2

	- name: Install Dependencies
	shell: pwsh
	run: \|
	dotnet restore ./GitExtensions.sln
	dotnet nuget add source "https://nuget.pkg.github.com/digitalcoyote/index.json" --name github --username digitalcoyote --password ${{ secrets.GITHUB_TOKEN }} --store-password-in-clear-text
	'./GitExtensions/GitExtensions.csproj',
	'./GitUI/GitUI.csproj',
	'./GitCommands/GitCommands.csproj',
	'./Plugins/GitUIPluginInterfaces/GitUIPluginInterfaces.csproj',
	'./Plugins/Statistics/GitStatistics/GitStatistics.csproj',
	'./ResourceManager/ResourceManager.csproj',
	'./Plugins/Gource/Gource.csproj',
	'./Plugins/DeleteUnusedBranches/DeleteUnusedBranches.csproj',
	'./NetSpell.SpellChecker/SpellChecker.csproj',
	'./Plugins/Statistics/GitImpact/GitImpact.csproj',
	'./Plugins/CreateLocalBranches/CreateLocalBranches.csproj',
	'./Plugins/FindLargeFiles/FindLargeFiles.csproj',
	'./Plugins/GitHub3/GitHub3.csproj',
	'./Plugins/ProxySwitcher/ProxySwitcher.csproj',
	'./Plugins/ReleaseNotesGenerator/ReleaseNotesGenerator.csproj',
	'./TranslationApp/TranslationApp.csproj',
	'./Plugins/BackgroundFetch/BackgroundFetch.csproj',
	'./Plugins/AutoCompileSubmodules/AutoCompileSubmodules.csproj',
	'./Plugins/GitFlow/GitFlow.csproj',
	'./Plugins/BuildServerIntegration/TeamCityIntegration/TeamCityIntegration.csproj',
	'./Externals/Git.hub/Git.hub/Git.hub.csproj',
	'./Plugins/Bitbucket/Bitbucket.csproj',
	'./Plugins/BuildServerIntegration/JenkinsIntegration/JenkinsIntegration.csproj',
	'./Plugins/BuildServerIntegration/TfsIntegration/TfsIntegration.csproj',
	'./Plugins/BuildServerIntegration/TfsInterop.Vs2012/TfsInterop.Vs2012.csproj',
	'./Plugins/BuildServerIntegration/TfsInterop.Vs2013/TfsInterop.Vs2013.csproj',
	'./GitExtUtils/GitExtUtils.csproj',
	'./Plugins/BuildServerIntegration/TfsInterop.Vs2015/TfsInterop.Vs2015.csproj',
	'./Externals/conemu-inside/ConEmuWinForms/ConEmuWinForms.csproj',
	'./Plugins/BuildServerIntegration/AppVeyorIntegration/AppVeyorIntegration.csproj',
	'./UnitTests/GitCommands.Tests/GitCommands.Tests.csproj',
	'./UnitTests/GitUI.Tests/GitUI.Tests.csproj',
	'./UnitTests/Plugins/ReleaseNotesGenerator.Tests/ReleaseNotesGenerator.Tests.csproj',
	'./UnitTests/ResourceManager.Tests/ResourceManager.Tests.csproj',
	'./Plugins/JiraCommitHintPlugin/JiraCommitHintPlugin.csproj',
	'./UnitTests/CommonTestUtils/CommonTestUtils.csproj',
	'./Plugins/BuildServerIntegration/AzureDevOpsIntegration/AzureDevOpsIntegration.csproj',
	'./UnitTests/GitExtUtils.Tests/GitExtUtils.Tests.csproj',
	'./Externals/ICSharpCode.TextEditor/Project/ICSharpCode.TextEditor.csproj',
	'./UnitTests/Plugins/GitUIPluginInterfaces.Tests/GitUIPluginInterfaces.Tests.csproj',
	'./UnitTests/Plugins/BuildServerIntegration/AzureDevOpsIntegration.Tests/AzureDevOpsIntegration.Tests.csproj',
	'./UnitTests/Plugins/BuildServerIntegration/AppVeyorIntegration.Tests/AppVeyorIntegration.Tests.csproj',
	'./UnitTests/Plugins/DeleteUnusedBranches.Tests/DeleteUnusedBranches.Tests.csproj',
	'./IntegrationTests/UI.IntegrationTests/UI.IntegrationTests.csproj' \|
	ForEach-Object -Process {
	Set-Content -Path (Join-Path ([System.IO.Path]::GetDirectoryName($_)) "NuGetDefense.json") -Value "{
	`"WarnOnly`": false,
	`"SensitivePackages`": [
	`"Newtonsoft.Json`"
	],
	`"VulnerabilityReports`": {
	`"JsonReportPath`": `"./NuGetDefense.json`"
	},
	`"Logs`": [
	{
	`"OutPut`": `"./logs/{project}.NuGetDefense.log`",
	`"LogLevel`": `"Information`",
	`"RollingInterval`": `"Infinite`"
	},
	{
	`"OutPut`": `"{project}.NuGetDefense.log`",
	`"LogLevel`": `"Verbose`",
	`"RollingInterval`": `"Day`"
	}
	],
	`"CheckTransitiveDependencies`": true,
	`"ErrorSettings`": {
	`"ErrorSeverityThreshold`": 5,
	`"Cvss3Threshold`": -1,
	`"IgnoredPackages`": [],
	`"IgnoredCvEs`": [],
	`"AllowedPackages`": [],
	`"BlockedPackages`": []
	},
	`"OssIndex`": {
	`"Enabled`": true,
	`"BreakIfCannotRun`": true,
	`"Username`": `"${{ secrets.OSSINDEX_USERNAME }}`",
	`"ApiToken`": `"${{ secrets.OSSINDEX_API_TOKEN }}`"
	},
	`"NVD`": {
	`"SelfUpdate`": false,
	`"TimeoutInSeconds`": 15,
	`"Enabled`": true,
	`"BreakIfCannotRun`": true
	}
	}";
	dotnet add $_ package NuGetDefense --version 1.- -s https://nuget.pkg.github.com/digitalcoyote/index.json;
	}


	- name: Build GitExtensions
	run: MSBuild ./GitExtensions.sln -property:Configuration=Release

	NodaTime:
	needs: Build
	runs-on: ${{ matrix.os }}
	strategy:
	matrix:
	os: [ windows-latest, ubuntu-latest, macos-latest ]
	steps:
	- name: Checkout
	uses: actions/checkout@v2.3.3
	with:
	repository: nodatime/nodatime

	- name: Install Dependencies
	run: \|
	dotnet restore ./src/NodaTime.sln
	dotnet nuget add source "https://nuget.pkg.github.com/digitalcoyote/index.json" --username digitalcoyote --password ${{ secrets.GITHUB_TOKEN }} --store-password-in-clear-text
	dotnet add ./src/NodaTime.Benchmarks/NodaTime.Benchmarks.csproj package NuGetDefense --version 1.- -s https://nuget.pkg.github.com/digitalcoyote/index.json
	dotnet add ./src/NodaTime.Demo/NodaTime.Demo.csproj package NuGetDefense --version 1.- -s https://nuget.pkg.github.com/digitalcoyote/index.json
	dotnet add ./src/NodaTime.NzdPrinter/NodaTime.NzdPrinter.csproj package NuGetDefense --version 1.- -s https://nuget.pkg.github.com/digitalcoyote/index.json
	dotnet add ./src/NodaTime.Test/NodaTime.Test.csproj package NuGetDefense --version 1.- -s https://nuget.pkg.github.com/digitalcoyote/index.json
	dotnet add ./src/NodaTime.Testing/NodaTime.Testing.csproj package NuGetDefense --version 1.- -s https://nuget.pkg.github.com/digitalcoyote/index.json
	dotnet add ./src/NodaTime.Tools.Common/NodaTime.Tools.Common.csproj package NuGetDefense --version 1.- -s https://nuget.pkg.github.com/digitalcoyote/index.json
	dotnet add ./src/NodaTime.Tools.DumpTimeZoneInfo/NodaTime.Tools.DumpTimeZoneInfo.csproj package NuGetDefense --version 1.- -s https://nuget.pkg.github.com/digitalcoyote/index.json
	dotnet add ./src/NodaTime.Tools.ValidateHistoricalNzd/NodaTime.Tools.ValidateHistoricalNzd.csproj package NuGetDefense --version 1.- -s https://nuget.pkg.github.com/digitalcoyote/index.json
	dotnet add ./src/NodaTime.TzValidate.NodaDump/NodaTime.TzValidate.NodaDump.csproj package NuGetDefense --version 1.- -s https://nuget.pkg.github.com/digitalcoyote/index.json
	dotnet add ./src/NodaTime.TzValidate.NzdCompatibility/NodaTime.TzValidate.NzdCompatibility.csproj package NuGetDefense --version 1.- -s https://nuget.pkg.github.com/digitalcoyote/index.json
	dotnet add ./src/NodaTime.TzdbCompiler.Test/NodaTime.TzdbCompiler.Test.csproj package NuGetDefense --version 1.- -s https://nuget.pkg.github.com/digitalcoyote/index.json
	dotnet add ./src/NodaTime.TzdbCompiler/NodaTime.TzdbCompiler.csproj package NuGetDefense --version 1.- -s https://nuget.pkg.github.com/digitalcoyote/index.json
	dotnet add ./src/NodaTime/NodaTime.csproj package NuGetDefense --version 1.- -s https://nuget.pkg.github.com/digitalcoyote/index.json


	- name: Build Noda Time
	run: dotnet build ./src/NodaTime.sln

	NuGetDefenseDocs:
	needs: Build
	runs-on: ubuntu-latest
	steps:
	- name: Checkout
	uses: actions/checkout@v2.3.3
	with:
	repository: digitalcoyote/NuGetDefenseDocs

	- name: Install Dependencies
	shell: pwsh
	run: \|
	dotnet restore ./NuGetDefenseDocs.sln
	dotnet nuget add source "https://nuget.pkg.github.com/digitalcoyote/index.json" --name github --username digitalcoyote --password ${{ secrets.GITHUB_TOKEN }} --store-password-in-clear-text
	dotnet add ./NuGetDefenseDocs/NuGetDefenseDocs.csproj package NuGetDefense --version 1.- -s https://nuget.pkg.github.com/digitalcoyote/index.json
	Set-Content -Path "./NuGetDefenseDocs/NuGetDefense.json" -Value "{
	`"WarnOnly`": false,
	`"VulnerabilityReports`": {
	`"XmlReportPath`": `"./NuGetDefenseDocs/logs/{project}.NuGetDefense.xml`",
	`"JsonReportPath`": `"./NuGetDefenseDocs/logs/{project}.NuGetDefense.json`",
	`"OutputTextReportPath`": false
	},
	`"Logs`": [
	{
	`"OutPut`": `"./NuGetDefenseDocs/logs/{project}.NuGetDefense.log`",
	`"LogLevel`": `"Information`",
	`"RollingInterval`": `"Infinite`"
	},
	{
	`"OutPut`": `"./NuGetDefenseDocs/logs/{project}.NuGetDefense2.log`",
	`"LogLevel`": `"Verbose`",
	`"RollingInterval`": `"Day`"
	}
	],
	`"ErrorSettings`": {
	`"ErrorSeverityThreshold`": 1,
	`"CVSS3Threshold`": -1,
	`"IgnoredPackages`": [
	{
	`"Id`": `"NugetDefense`"
	}
	],
	`"IgnoredCvEs`": [],
	`"AllowedPackages`": [],
	`"BlockedPackages`": []
	},
	`"OssIndex`": {
	`"Enabled`": true,
	`"BreakIfCannotRun`": true
	},
	`"NVD`": {
	`"SelfUpdate`": false,
	`"Enabled`": true,
	`"BreakIfCannotRun`": true
	}
	}";

	- name: Build NuGetDefenseDocs
	run: dotnet build ./NuGetDefenseDocs.sln

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Fix #204 #518

Workflow file

Fix #204 #518

Jobs

Run details

Workflow file for this run