Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Change security scanning so PR pipelines only error on vulnerabilities introduced in the PR #7845

Merged
merged 3 commits into from
Oct 28, 2024

Conversation

rikukissa
Copy link
Member

No description provided.

Copy link

Oops! Looks like you forgot to update the changelog. When updating CHANGELOG.md, please consider the following:

  • Changelog is read by country implementors who might not always be familiar with all technical details of OpenCRVS. Keep language high-level, user friendly and avoid technical references to internals.
  • Answer "What's new?", "Why was the change made?" and "Why should I care?" for each change.
  • If it's a breaking change, include a migration guide answering "What do I need to do to upgrade?".

@rikukissa rikukissa force-pushed the diff-security-scans branch 29 times, most recently from c4a0540 to 9651005 Compare October 28, 2024 09:42
@rikukissa rikukissa force-pushed the diff-security-scans branch 2 times, most recently from a325d8e to 864046f Compare October 28, 2024 09:57
@rikukissa rikukissa force-pushed the diff-security-scans branch 9 times, most recently from 5c3ed26 to 192ddcd Compare October 28, 2024 12:31
@rikukissa rikukissa enabled auto-merge (squash) October 28, 2024 12:41
@rikukissa rikukissa merged commit 32b3e39 into develop Oct 28, 2024
42 of 58 checks passed
Nil20 added a commit that referenced this pull request Oct 29, 2024
* /sendVerifyCode moved to gateway/config/routes.ts; dead code removed (#7763)

* /sendVerifyCode removed to gateway/config/routes.ts; dead code removed

* docs: mention email in description

---------

Co-authored-by: Tameem Bin Haider <[email protected]>

* fix: find office location from current task (#7765)

* fix: hide signature for duplicate record (#7773)

* feat: Update the order of system user add/edit form fields and labels and remove NID field  (#7697)

* Ask surname first in the User details form

we often receive requests from countries to have the surname first in this form, we have decided to satisfy that requirement by putting surname first for ALL countries.

#6830

* Change name and surname labels for User Details form

A request came for the clients to change the labels for "First name(s)" to "User's first name". Also change "Last name" to "User's surname" for clarity and less confussion.

#6830

* Remove NID field from the user details form

Remove the question that asks the user for a national ID number in this form as it is not required

#6830

* Remove lang suffix for FamilyName field

We no longer need the suffixes for the FamilyName field since we not really using it anywhere

#6830

* Add migration to remove NID field from user

A requirement from client to remove the NID field since most of the contries are not really using it.

#6830

* Record changes in the CHANGELOG

To keep track of changes done on this PR

#6830

* Remove Eng suffix for the firstName in user form

We currently don't support milti language support for both surname and
first names so the ENG/EN suffixes are not needed. Also remove EN bits
that were left for the surname field

#6830

---------

Co-authored-by: Siyasanga Mtshokotsha <[email protected]>
Co-authored-by: Siyasanga Mtshokotsha <[email protected]>

* fix: make all triggers which are pointing to the same http request touched on change request state

* chore: add a comment explaining the reason of the change that finds multiple buttons with the same trigger

* chore: show displayName of styled components in devtools (#7830)

* feat(auth): allow issuing single record specific tokens (#7728)

* refactor: move metrics out of authenticate

* feat: initial token exchange endpoint

* chore: update comment to be more specific

* fix: issue with calling metrics environment

* chore: amend changelog

* refactor: improve clarity

* fix: unused import

* chore: add missing schema inputs

* revert: revert mosip code removal to keep PR contained

* chore: add comment about more fine-grained control

* chore: fix test on gateway

* feat: actually check if the record id matches to confirm record

* revert: the confirm registration changes - lets do inanother pr

* refactor: update error messages

* fix: make the no-op simpler

* fix: the query params not passing properly via gateway

* refactor: remove unnecessary gql inputs

* fix: update audiences to include minimum

* fix: update the todo comment

* fix: disable `google translate` extension (#7842)

* chore(deps): update dependency eslint-plugin-import to v2.31.0

* chore(security): add pipeline to mirror trivy dbs

* fix(security): add missing script

* fix: add missing license

* Change security scanning so PR pipelines only error on vulnerabilities introduced in the PR (#7845)

* feat: Action Menu (#7633)

* feat: implement action menu

* chore: export `IProps`

* feat: enable keyboard navigation

* feat: implement `Dropdown` component

* feat: make dropdownMenu keyboard accessible

* feat: make dropdownMenu close on click outside and esc

* fix: make some props optional

* fix: close menu on ouside click

* feat: create actionMenu

* feat: add `Update`, `Print`, `Issue`, `Delete` items

* feat: implement delete declaration

* feat: redirect to home after deleting draft

* feat: add label for assigned to someone else

* refactor: move actionItems

* amend: add missing props

* feat: add scope and other checks for: correct record

* feat: add scope and other checks for: archive declaration

* feat: add scope and other checks for: reinstate declaration

* refactor: restructure types

* feat: add scope and other checks for: review

* chore: add todo

* feat: add scope and other checks for: update declaration

* feat: add scope and other checks for: print declaration

* chore: remove console.log

* feat: add scope and other checks for: issue certificate

* feat: add scope and other checks for: delete declaration

* refactor: change order of items

* wip

* Revert "wip"

This reverts commit b25bfa1.

* feat: implement unassign button

* fix: font and color

* fix: keyDown behaviour

* chore: remove record audit buttons

* refactor: use dropdownMenu to refactor toggleMenu

* chore: remove action from component

* chore: deprecate toggleMenu

* feat: move self unassign to actionMenu

* chore: dont unassign from download button

* chore: remove unused imports

* chore: update changelog

* fix: RA will see "correct record" button

* fix: add id in dropdown menu

* refactor: `isDownloadable` logic

* refactor: remove types from actionMessages

* refactor: use `useIntl` and `useDispatch` hooks instead of props drilling

* refactor: dont pass assignment to unassign comp

* refactor: use `offsetX` and `offsetY` instead of `offset_x` and `offset_y`

* refactor: use `<Button>` instead of `<PrimaryButton>`

* refactor: remove unnecessary `<div>`s

* feat: use `anchor` and `popover` api to toggle the dropdown visivility

* fix: focus

* chore: remove as string

* refactor: early return if condition fails

* refactor: move declaration status logic into declarations/utils

* refactor: change type of status to `SUBMISSION_STATUS`

* fix: handle multiple dropdown

* fix: styles

* fix: position options and story

* fix: close dropdown on action click

* refactor: align EVENT in common with Event in client

* refactor: pass id directly to provider

* test: add unit test for view action

* test: cover all statuses for view action

* test: add tests for review action

* test: add tests for update action

* test: add tests for archive action

* test: add tests for reinstate action

* test: add tests for print action

* test: add tests for issue action

* test: refactor:  centralize scoeps

* test: add test for not having scope

* test: add tests for correct action

* test: add tests for delete action

* test: add tests for unassign action

* test: add tests for assignment text

* fix: unhandled errors

* chore: remove old tests

* fix: use EVENT.Birth instead of "Birth"

* fix: use EVENT.Birth instead of "Birth"

* fix: eventToggle id in test

* fix: eventToggle id in test

* fix: ids in UserList.test

* fix: ids in UserAudit.test

* fix: import Event

* fix: remove unassign test from download button

* fix: ids in ProfileMenu.test

* fix: import Event

* fix: import Event

---------

Co-authored-by: Riku Rouvila <[email protected]>

* remove all fields from trivy result json that are dependent on file paths or image hashes

* fix(build): fix how base branch is resolved for PRs

* chore(renovate): never rebase PR branches automatically, keep only 3 PRs open at one time

* chore(renovate): keep only 3 PRs open at one time

* fix(trivy): fixes to trivy config syntax

* fix: update action menu scopes and role type of user

---------

Co-authored-by: Muhammed Tareq Aziz <[email protected]>
Co-authored-by: Tameem Bin Haider <[email protected]>
Co-authored-by: Siyasanga Mtshokotsha <[email protected]>
Co-authored-by: Siyasanga Mtshokotsha <[email protected]>
Co-authored-by: Siyasanga Mtshokotsha <[email protected]>
Co-authored-by: tahmidrahman-dsi <[email protected]>
Co-authored-by: Tahmid Rahman <[email protected]>
Co-authored-by: Jamil <[email protected]>
Co-authored-by: Pyry Rouvila <[email protected]>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Barry Dwyer <[email protected]>
Co-authored-by: Riku Rouvila <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants