Skip to content

fix: cve

fix: cve #8118

Workflow file for this run

name: "CLA Assistant"
on:
issue_comment:
types: [created]
pull_request_target:
types: [opened, closed, synchronize]
permissions:
actions: write
contents: write
pull-requests: write
statuses: write
jobs:
ContributorLicenseAgreement:
runs-on: ubuntu-latest
steps:
- name: "CLA Assistant"
if: (github.event.comment.body == 'recheck' || github.event.comment.body == 'I have read the CLA Document and I hereby sign the CLA') || github.event_name == 'pull_request_target'
# Alpha Release
uses: contributor-assistant/[email protected]
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# the below token should have repo scope and must be manually added by you in the repository's secret
PERSONAL_ACCESS_TOKEN: ${{ secrets.PAT_CLATOOL }}
with:
path-to-signatures: "signatures/version1/cla.json"
path-to-document: "https://github.com/splunk/cla-agreement/blob/main/CLA.md" # e.g. a CLA or a DCO document
# branch should not be protected
branch: "main"
allowlist: renovate[bot],semantic-release-bot
#below are the optional inputs - If the optional inputs are not given, then default values will be taken
remote-organization-name: splunk
remote-repository-name: cla-agreement
#create-file-commit-message: 'For example: Creating file for storing CLA Signatures'
#signed-commit-messag e: 'For example: $contributorName has signed the CLA in #$pullRequestNo'
#custom-notsigned-prcomment: 'pull request comment with Introductory message to ask new contributors to sign'
#custom-pr-sign-comment: 'The signature to be committed in order to sign the CLA'
#custom-allsigned-prcomment: 'pull request comment when all contributors has signed, defaults to **CLA Assistant Lite bot** All Contributors have signed the CLA.'
CodeOfConduct:
runs-on: ubuntu-latest
steps:
- name: "COC Assistant"
if: (github.event.comment.body == 'recheck' || github.event.comment.body == 'I have read the Code of Conduct and I hereby accept the Terms') || github.event_name == 'pull_request_target'
# Alpha Release
uses: contributor-assistant/[email protected]
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# the below token should have repo scope and must be manually added by you in the repository's secret
PERSONAL_ACCESS_TOKEN: ${{ secrets.PAT_CLATOOL }}
with:
path-to-signatures: "signatures/version1/coc.json"
path-to-document: "https://github.com/splunk/cla-agreement/blob/main/CODE_OF_CONDUCT.md" # e.g. a COC or a DCO document
# branch should not be protected
branch: "main"
allowlist: renovate[bot],semantic-release-bot
#below are the optional inputs - If the optional inputs are not given, then default values will be taken
remote-organization-name: splunk
remote-repository-name: cla-agreement
custom-pr-sign-comment: "I have read the Code of Conduct and I hereby accept the Terms"
create-file-commit-message: "For example: Creating file for storing COC Signatures"
signed-commit-message: "$contributorName has signed the COC in #$pullRequestNo"
custom-notsigned-prcomment: "All contributors have NOT signed the COC Document"
custom-allsigned-prcomment: "****CLA Assistant Lite bot**** All contributors have signed the COC ✍️ ✅"