mig5/cspresso
1
0
Fork 0
Code Issues Pull requests Projects Releases 5 Packages Wiki Activity Actions

Compare commits

base: mig5:0.1.4
Branches Tags
mig5:main
mig5:0.1.4
mig5:0.1.3
mig5:0.1.2
mig5:0.1.1
mig5:0.1.0
...
compare: mig5:main
Branches Tags
mig5:main
mig5:0.1.4
mig5:0.1.3
mig5:0.1.2
mig5:0.1.1
mig5:0.1.0

2 commits
0.1.4 ... main

Author SHA1 Message Date
Miguel Jacq
e7faee665f
Remove trivy..
All checks were successful
CI / test (push) Successful in 2m47s
Details
Lint / test (push) Successful in 30s
Details
2026-03-23 11:22:05 +11:00
Miguel Jacq
d853e8ffd5
Update my GPG key
All checks were successful
CI / test (push) Successful in 2m50s
Details
Lint / test (push) Successful in 30s
Details
Trivy / test (push) Successful in 26s
Details
2026-03-11 11:59:26 +11:00
2 changed files with 1 additions and 41 deletions
Download patch file Download diff file Expand all files Collapse all files

40
.forgejo/workflows/trivy.yml
View file

@ -1,40 +0,0 @@
name: Trivy
on:
schedule:
- cron: '0 1 * * *'
push:
jobs:
test:
runs-on: docker
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Install system dependencies
run: |
DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends wget gnupg
wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | gpg --dearmor | tee /usr/share/keyrings/trivy.gpg > /dev/null
echo "deb [signed-by=/usr/share/keyrings/trivy.gpg] https://aquasecurity.github.io/trivy-repo/deb generic main" | tee -a /etc/apt/sources.list.d/trivy.list
apt-get update
DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends trivy
- name: Run trivy
run: |
trivy fs --no-progress --ignore-unfixed --format table --disable-telemetry --skip-version-check --exit-code 1 .
# Notify if any previous step in this job failed
- name: Notify on failure
if: ${{ failure() }}
env:
WEBHOOK_URL: ${{ secrets.NODERED_WEBHOOK_URL }}
REPOSITORY: ${{ forgejo.repository }}
RUN_NUMBER: ${{ forgejo.run_number }}
SERVER_URL: ${{ forgejo.server_url }}
run: |
curl -X POST \
-H "Content-Type: application/json" \
-d "{\"repository\":\"$REPOSITORY\",\"run_number\":\"$RUN_NUMBER\",\"status\":\"failure\",\"url\":\"$SERVER_URL/$REPOSITORY/actions/runs/$RUN_NUMBER\"}" \
"$WEBHOOK_URL"

2
README.md
View file

@ -24,7 +24,7 @@ This is meant as a **starting point**. Review and tighten the resulting policy b
If using my artifacts from the Releases page, you may wish to verify the GPG signatures with the key.
It can be found at https://mig5.net/static/mig5.asc . The fingerprint is `00AE817C24A10C2540461A9C1D7CDE0234DB458D`.
It can be found at https://mig5.net/static/mig5.asc . The fingerprint is `54A91143AE0AB4F7743B01FE888ED1B423A3BC99`.
### Poetry