sentenz / devops Goto Github PK
View Code? Open in Web Editor NEWA service for DevOps operations.
License: Apache License 2.0
A service for DevOps operations.
License: Apache License 2.0
grype is a vulnerability scanner for container images and filesystems.
Copy/paste is a common technical debt on a lot of projects. The jscpd gives the ability to find duplicated blocks implemented on more than 150 programming languages and digital formats of documents. The jscpd tool implements Rabin-Karp algorithm for searching duplications.
The execution of the installation command npm install -g markdownlint-cli
fails because the required node version is not supported by the development environment.
npm WARN EBADENGINE Unsupported engine {
npm WARN EBADENGINE package: '[email protected]',
npm WARN EBADENGINE required: { node: '>=14' },
npm WARN EBADENGINE current: { node: 'v12.22.9', npm: '8.5.1' }
npm WARN EBADENGINE }
npm WARN EBADENGINE Unsupported engine {
npm WARN EBADENGINE package: '[email protected]',
npm WARN EBADENGINE required: { node: '>=14.18.0' },
npm WARN EBADENGINE current: { node: 'v12.22.9', npm: '8.5.1' }
npm WARN EBADENGINE }
Semgrep is a fast, open-source, static analysis engine for finding bugs, detecting vulnerabilities in third-party dependencies, and enforcing code standards.
dotenv-linterdotenv-linter can check / fix / compare .env files for problems that may cause the application to malfunction.
Fix Ubuntu version by updating from hirsute
to jammy
.
Modify codname version of ubuntu focal
to hirsute
in the containers.
Secretlint is that Pluggable linting tool to prevent committing credential.
NOTE Test if the hack can be detected.
On protected branch with PR requirement prevents release with semantic-release.
See issue 175
The feature
option in devcontainer.json does not work with make
.
Revert git hooks pre-push
from commit 7f6418f.
In the continuous integration setup script, the apt packages must be run first.
Since the last pr`s the nodejs version changed from 12 to 10.
editorconfig-checker is a tool to verify that your files are in harmony with your .editorconfig
.
# The "pre-rebase" hook is run just before "git rebase" starts doing its job, and can prevent the command from running by exiting with non-zero status.
#
# Arguments:
#
# $1 - the upstream the series was forked from
# $2 - the branch being rebased (or empty when rebasing the current branch)
#
# This sample shows how to prevent topic branches that are already
# merged to 'next' branch from getting rebased, because allowing it
# would result in rebasing already published history.
Modify relative path of the service, e.g.:
From:
setup-devops: ## Setup dependencies and tools for the devops service
cd scripts && chmod +x setup.sh && ./setup.sh
.PHONY: setup-devops
To:
setup-devops: ## Setup dependencies and tools for the devops service
cd tools/devops/scripts && chmod +x setup.sh && ./setup.sh
.PHONY: setup-devops
Gitleaks is a SAST tool for detecting and preventing hardcoded secrets like passwords, api keys, and tokens in git repos.
Trivy is a comprehensive and versatile security scanner. Trivy has scanners that look for security issues, and targets where it can find those issues.
Targets (what Trivy can scan):
Scanners (what Trivy can find there):
NOTE Test if the hack can be detected.
The dependency checker finds an npm install of the mounted windows at /mnt/../
.
Add missing npm
dependency in setup scripts.
In semantic-release v20 node v18 is now the minimum required version!
BREAKING CHANGES
syft is a CLI tool and Go library for generating a Software Bill of Materials (SBOM) from container images and filesystems.
Google sanitizers to detect address sanitizer, memory sanitizer, thread sanitizer, or leak sanitizer.
If the target file does not exist the merg_file
function does not create the file and merge the content.
OSV-Scanner is a vulnerability scanner which uses the data provided by osv
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.