Merge remote-tracking branch 'origin' into fix/DX-87-removing-okio-tx…

…tmark-folder
contentstack · May 21, 2024 · 5ad4ae7 · 5ad4ae7
2 parents 1e89280 + 79edbc2
commit 5ad4ae7
Show file tree

Hide file tree

Showing 6 changed files with 28 additions and 63 deletions.
diff --git a/.github/workflows/jira.yml b/.github/workflows/jira.yml
@@ -3,7 +3,7 @@ on:
   pull_request:
     types: [opened]
 jobs:
-  security:
+  security-jira:
     if: ${{ github.actor == 'dependabot[bot]' || github.actor == 'snyk-bot' || contains(github.event.pull_request.head.ref, 'snyk-fix-')  || contains(github.event.pull_request.head.ref, 'snyk-upgrade-')}}
     runs-on: ubuntu-latest
     steps:
@@ -26,3 +26,8 @@ jobs:
             PR: ${{ github.event.pull_request.html_url }}
 
           fields: "${{ secrets.JIRA_FIELDS }}"
+      - name: Transition issue
+        uses: atlassian/gajira-transition@v3
+        with:
+          issue: ${{ steps.create.outputs.issue }}
+          transition: ${{ secrets.JIRA_TRANSITION }}
diff --git a/.github/workflows/publish-snapshot.yml b/.github/workflows/publish-snapshot.yml
diff --git a/.github/workflows/sast-scan.yml b/.github/workflows/sast-scan.yml
@@ -0,0 +1,11 @@
+name: SAST Scan
+on:
+  pull_request:
+    types: [opened, synchronize, reopened]
+jobs:
+  security-sast:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - name: Semgrep Scan
+        run: docker run -v /var/run/docker.sock:/var/run/docker.sock -v "${PWD}:/src" returntocorp/semgrep semgrep scan --config auto
diff --git a/.github/workflows/sca-scan.yml b/.github/workflows/sca-scan.yml
@@ -3,22 +3,13 @@ on:
   pull_request:
     types: [opened, synchronize, reopened]
 jobs:
-  security:
+  security-sca:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@master
-      - name: Setup local.properties
-        run: |
-          cat << EOF >> local.properties
-          sdk.dir=$ANDROID_HOME
-          host="${{ secrets.HOST }}"
-          APIKey="${{ secrets.API_KEY }}"
-          deliveryToken="${{ secrets.DELIVERY_TOKEN }}"
-          environment="${{ secrets.ENVIRONMENT }}"
-          contentType="${{ secrets.CONTENT_TYPE }}"
-          assetUid="${{ secrets.ASSET_UID }}"
-          EOF
-      - uses: snyk/actions/setup@master
-      - run: snyk test
+      - name: Run Snyk to check for vulnerabilities
+        uses: snyk/actions/gradle@master
         env:
           SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+        with:
+          args: --fail-on=all --all-sub-projects
diff --git a/.gitignore b/.gitignore
@@ -26,8 +26,8 @@ build/
 
 # Local configuration file (sdk path, etc)
 local.properties
-gradle.properties
-/gradle.properties
+# gradle.properties
+# /gradle.properties
 
 
 # Proguard folder generated by Eclipse

diff --git a/gradle.properties b/gradle.properties
@@ -0,0 +1,4 @@
+android.useAndroidX=true
+android.enableJetifier=true
+android.enableR8.fullMode=false
+org.gradle.jvmargs=-XX:MaxMetaspaceSize=512m