Shiloh/remnantchat
Shiloh/remnantchat
1
0
Fork 1
Code Issues Pull Requests Packages Projects 4 Releases Wiki Activity

Add Security Label to Security Report (#199)

Browse Source
This commit is contained in:
Audiosutras 2023-11-10 11:37:10 -05:00 committed by GitHub
parent 3a97ee2cbf
commit a3c7e93cdb
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 27 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
.github/workflows/security.yml vendored
View File

@ -12,7 +12,7 @@ on:
workflow_dispatch:
jobs:
zap_scan: # https://github.com/zaproxy/action-full-scan
zap_scan:
runs-on: ubuntu-latest
name: Scan Production Site
steps:
@ -21,15 +21,25 @@ jobs:
run: |
echo "NOW=$(date +'%Y-%m-%d')" >> "$GITHUB_OUTPUT"
- name: Checkout Main Branch for .zap/rules.tsv
- name: Checkout Repo for .zap/rules.tsv
uses: actions/checkout@v4
with:
ref: 'main'
ref: main
- name: ZAP Scan
- name: ZAP Full Scan
# https://github.com/zaproxy/action-full-scan
uses: zaproxy/action-full-scan@v0.7.0
with:
target: 'https://chitchatter.im/'
rules_file_name: '.zap/rules.tsv'
issue_title: 'Security Report - ${{ steps.set-now.outputs.NOW }}'
artifact_name: 'zap_scan_${{ steps.set-now.outputs.NOW }}'
- name: Add Security Label to Security Report - ${{ steps.set-now.outputs.NOW }}
# https://github.com/actions-ecosystem/action-add-labels
uses: actions-ecosystem/action-add-labels@v1
if: ${{ startsWith('Security Report - ${{ steps.set-now.outputs.NOW }}', '/add-labels')}}
with:
labels: |
security
reports

4
README.md
View File

@ -231,6 +231,10 @@ Chitchatter works on iOS Safari, but browser-level bugs often prevent peers from
Per [#36](https://github.com/jeremyckahn/chitchatter/issues/36), check your `about:config` settings and ensure that `media.peerconnection.enabled` is **enabled**.
##### Security
Chitchatter undergoes [weekly security audits](https://github.com/jeremyckahn/chitchatter/blob/develop/.github/workflows/security.yml) to identify and address potential vulnerabilities. Reports from all audits can be found in [the **Issues** section filtered by the `security` label](https://github.com/jeremyckahn/chitchatter/issues?q=is%3Aissue+is%3Aopen+label%3Asecurity).
### Contributors
<p align="center">