From fd7f37071e268b4e8e6f3e1d1af27604b201c2d4 Mon Sep 17 00:00:00 2001 From: ssousa-mwb <74931194+SecurityAndStuff@users.noreply.github.com> Date: Wed, 24 May 2023 12:10:47 +0100 Subject: [PATCH 1/3] use different default filename Signed-off-by: ssousa-mwb <74931194+SecurityAndStuff@users.noreply.github.com> --- src/ghas_cli/utils/repositories.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/ghas_cli/utils/repositories.py b/src/ghas_cli/utils/repositories.py index b5f160c..4d28244 100644 --- a/src/ghas_cli/utils/repositories.py +++ b/src/ghas_cli/utils/repositories.py @@ -493,7 +493,7 @@ def create_codeql_pr( "content": template, "branch": target_branch, "sha": get_file_sha( - organization, repository, headers, ".github/workflows/codeql.yml" + organization, repository, headers, ".github/workflows/codeql-analysis-default.yml" ), } @@ -501,7 +501,7 @@ def create_codeql_pr( workflow_commit_payload["message"] = "Update CodeQL analysis workflow" workflow_commit_resp = network.put( - url=f"https://api.github.com/repos/{organization}/{repository}/contents/.github/workflows/codeql.yml", + url=f"https://api.github.com/repos/{organization}/{repository}/contents/.github/workflows/codeql-analysis-default.yml", headers=headers, json=workflow_commit_payload, ) From 94fc892d47a54991c63e56d1293107be143db91f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 22 May 2023 20:10:40 +0000 Subject: [PATCH 2/3] Bump requests from 2.30.0 to 2.31.0 Bumps [requests](https://github.com/psf/requests) from 2.30.0 to 2.31.0. - [Release notes](https://github.com/psf/requests/releases) - [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md) - [Commits](https://github.com/psf/requests/compare/v2.30.0...v2.31.0) --- updated-dependencies: - dependency-name: requests dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Signed-off-by: ssousa-mwb <74931194+SecurityAndStuff@users.noreply.github.com> --- poetry.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/poetry.lock b/poetry.lock index 6cc5639..b36d1c5 100644 --- a/poetry.lock +++ b/poetry.lock @@ -188,14 +188,14 @@ files = [ [[package]] name = "requests" -version = "2.30.0" +version = "2.31.0" description = "Python HTTP for Humans." category = "main" optional = false python-versions = ">=3.7" files = [ - {file = "requests-2.30.0-py3-none-any.whl", hash = "sha256:10e94cc4f3121ee6da529d358cdaeaff2f1c409cd377dbc72b825852f2f7e294"}, - {file = "requests-2.30.0.tar.gz", hash = "sha256:239d7d4458afcb28a692cdd298d87542235f4ca8d36d03a15bfc128a6559a2f4"}, + {file = "requests-2.31.0-py3-none-any.whl", hash = "sha256:58cd2187c01e70e6e26505bca751777aa9f2ee0b7f4300988b709f44e013003f"}, + {file = "requests-2.31.0.tar.gz", hash = "sha256:942c5a758f98d790eaed1a29cb6eefc7ffb0d1cf7af05c3d2791656dbd6ad1e1"}, ] [package.dependencies] From 495f59af1819088d5e4412ed1b786db2113fe295 Mon Sep 17 00:00:00 2001 From: ssousa-mwb <74931194+SecurityAndStuff@users.noreply.github.com> Date: Wed, 24 May 2023 12:41:05 +0100 Subject: [PATCH 3/3] small typo Signed-off-by: ssousa-mwb <74931194+SecurityAndStuff@users.noreply.github.com> --- src/ghas_cli/utils/repositories.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/ghas_cli/utils/repositories.py b/src/ghas_cli/utils/repositories.py index 4d28244..fd7ce31 100644 --- a/src/ghas_cli/utils/repositories.py +++ b/src/ghas_cli/utils/repositories.py @@ -402,7 +402,7 @@ def load_codeql_base64_template( ) -> str: with open(f"./templates/codeql-analysis-default.yml", "r") as f: data = "".join(f.readlines()) - data = data.replace("""branches: [ ]""", f"""branches: [{', '.join(f"'branch'" for branch in branches) }]""") + data = data.replace("""branches: [ ]""", f"""branches: [{', '.join(f"'{branch}'" for branch in branches) }]""") data = data.replace("""language: [ ]""", f"""language: {languages}""") return base64.b64encode(data.encode("utf-8")).decode("utf-8")