This repository was archived by the owner on Feb 25, 2025. It is now read-only.
Vuln scan github actions permissions #42099
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
drewroengoogle
approved these changes
May 17, 2023
drewroengoogle
added
the
autosubmit
|
Golden file changes have been found for this pull request. Click here to view and triage (e.g. because this is an intentional change). If you are still iterating on this change and are not ready to resolve the images on the Flutter Gold dashboard, consider marking this PR as a draft pull request above. You will still be able to view image results on the dashboard, commenting will be silenced, and the check will not try to resolve itself until marked ready for review. |
engine-flutter-autoroll
added a commit
to engine-flutter-autoroll/flutter
that referenced
this pull request
May 18, 2023
auto-submit bot
pushed a commit
to flutter/flutter
that referenced
this pull request
May 18, 2023
…127126) flutter/engine@237c601...5fb3179 2023-05-18 [email protected] Roll Fuchsia Mac SDK from jNFpQ1gTCMNbzSZCw... to Tl371NrGBEHFYPxHQ... (flutter/engine#42128) 2023-05-18 [email protected] Vuln scan github actions permissions (flutter/engine#42099) 2023-05-18 [email protected] Roll Dart SDK from 1991015ad460 to 7bc022c51215 (1 revision) (flutter/engine#42125) Also rolling transitive DEPS: fuchsia/sdk/core/mac-amd64 from jNFpQ1gTCMNb to Tl371NrGBEHF If this roll has caused a breakage, revert this CL and stop the roller using the controls here: https://autoroll.skia.org/r/flutter-engine-flutter-autoroll Please CC [email protected],[email protected] on the revert to ensure that a human is aware of the problem. To file a bug in Flutter: https://github.com/flutter/flutter/issues/new/choose To report a problem with the AutoRoller itself, please file a bug: https://bugs.chromium.org/p/skia/issues/entry?template=Autoroller+Bug Documentation for the AutoRoller is here: https://skia.googlesource.com/buildbot/+doc/main/autoroll/README.md
CaseyHillers
pushed a commit
to CaseyHillers/flutter
that referenced
this pull request
May 24, 2023
…lutter#127126) flutter/engine@237c601...5fb3179 2023-05-18 [email protected] Roll Fuchsia Mac SDK from jNFpQ1gTCMNbzSZCw... to Tl371NrGBEHFYPxHQ... (flutter/engine#42128) 2023-05-18 [email protected] Vuln scan github actions permissions (flutter/engine#42099) 2023-05-18 [email protected] Roll Dart SDK from 1991015ad460 to 7bc022c51215 (1 revision) (flutter/engine#42125) Also rolling transitive DEPS: fuchsia/sdk/core/mac-amd64 from jNFpQ1gTCMNb to Tl371NrGBEHF If this roll has caused a breakage, revert this CL and stop the roller using the controls here: https://autoroll.skia.org/r/flutter-engine-flutter-autoroll Please CC [email protected],[email protected] on the revert to ensure that a human is aware of the problem. To file a bug in Flutter: https://github.com/flutter/flutter/issues/new/choose To report a problem with the AutoRoller itself, please file a bug: https://bugs.chromium.org/p/skia/issues/entry?template=Autoroller+Bug Documentation for the AutoRoller is here: https://skia.googlesource.com/buildbot/+doc/main/autoroll/README.md
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The lack of permissions on the vulnerability scanning github actions yaml will cause all runs to fail at the upload SARIF to security tab stage. This change adds the permissions for that stage to succeed.
A successful test run is can be seen here: https://github.com/flutter/engine/actions/runs/5006551387/jobs/8971979211
If you had to change anything in the flutter/tests repo, include a link to the migration guide as per the breaking change policy.
Pre-launch Checklist
///).If you need help, consider asking for advice on the #hackers-new channel on Discord.