Skip to content

Commit

Permalink
chore(payloads): add code scanning examples (#371)
Browse files Browse the repository at this point in the history
Co-authored-by: Gregor Martynus <[email protected]>
Co-authored-by: wolfy1339 <[email protected]>
  • Loading branch information
3 people authored Feb 25, 2021
1 parent 64c3afb commit 8b38156
Show file tree
Hide file tree
Showing 11 changed files with 1,286 additions and 12 deletions.
599 changes: 599 additions & 0 deletions index.json

Large diffs are not rendered by default.

Original file line number Diff line number Diff line change
@@ -0,0 +1,206 @@
{
"action": "closed_by_user",
"alert": {
"number": 10,
"created_at": "2021-02-11T02:49:18Z",
"url": "https://api.github.com/repos/Codertocat/Hello-World/code-scanning/alerts/10",
"html_url": "https://github.com/Codertocat/Hello-World/security/code-scanning/10",
"state": "dismissed",
"dismissed_by": {
"login": "Codertocat",
"id": 21031067,
"node_id": "MDQ6VXNlcjQwMDcxMjg=",
"avatar_url": "https://avatars.githubusercontent.com/u/4007128?v=4",
"gravatar_id": "",
"url": "https://api.github.com/users/Codertocat",
"html_url": "https://github.com/Codertocat",
"followers_url": "https://api.github.com/users/Codertocat/followers",
"following_url": "https://api.github.com/users/Codertocat/following{/other_user}",
"gists_url": "https://api.github.com/users/Codertocat/gists{/gist_id}",
"starred_url": "https://api.github.com/users/Codertocat/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/Codertocat/subscriptions",
"organizations_url": "https://api.github.com/users/Codertocat/orgs",
"repos_url": "https://api.github.com/users/Codertocat/repos",
"events_url": "https://api.github.com/users/Codertocat/events{/privacy}",
"received_events_url": "https://api.github.com/users/Codertocat/received_events",
"type": "User",
"site_admin": true
},
"dismissed_at": "2021-02-11T02:59:08Z",
"dismissed_reason": "false positive",
"rule": {
"id": "ANCHOREVULN_CVE-2020-27218_java-archive_http2-hpack_9.4.27.v20200227",
"severity": "error",
"description": "CVE-2020-27218 Severity=Medium Package=http2-hpack Version=9.4.27.v20200227",
"name": "",
"full_description": "CVE-2020-27218 Severity=Medium Package=http2-hpack Version=9.4.27.v20200227",
"tags": null,
"help": null
},
"tool": {
"name": "Anchore Container Vulnerability Report (T0)",
"guid": null,
"version": null
},
"instances": [
{
"ref": "refs/heads/master",
"analysis_key": ".github/workflows/container_scan.yml:container-scan",
"environment": "{}",
"state": "dismissed",
"commit_sha": "b30b5f3b935825766a22ab1bce14788bf9627f6c",
"message": {
"text": ""
},
"location": {
"path": "/usr/local/jetty/lib/http2/http2-hpack-9.4.27.v20200227.jar",
"start_line": 1,
"end_line": 1,
"start_column": 1,
"end_column": 1
},
"classifications": ["library"]
}
]
},
"ref": "",
"commit_oid": "",
"repository": {
"id": 337911632,
"node_id": "MDEwOlJlcG9zaXRvcnkzMzc5MTE2MzI=",
"name": "Hello-World",
"full_name": "Codertocat/Hello-World",
"private": true,
"owner": {
"login": "Codertocat",
"id": 38940897,
"node_id": "MDEyOk9yZ2FuaXphdGlvbjM4OTQwODk3",
"avatar_url": "https://avatars.githubusercontent.com/u/38940897?v=4",
"gravatar_id": "",
"url": "https://api.github.com/users/Codertocat",
"html_url": "https://github.com/Codertocat",
"followers_url": "https://api.github.com/users/Codertocat/followers",
"following_url": "https://api.github.com/users/Codertocat/following{/other_user}",
"gists_url": "https://api.github.com/users/Codertocat/gists{/gist_id}",
"starred_url": "https://api.github.com/users/Codertocat/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/Codertocat/subscriptions",
"organizations_url": "https://api.github.com/users/Codertocat/orgs",
"repos_url": "https://api.github.com/users/Codertocat/repos",
"events_url": "https://api.github.com/users/Codertocat/events{/privacy}",
"received_events_url": "https://api.github.com/users/Codertocat/received_events",
"type": "Organization",
"site_admin": false
},
"html_url": "https://github.com/Codertocat/Hello-World",
"description": "",
"fork": false,
"url": "https://api.github.com/repos/Codertocat/Hello-World",
"forks_url": "https://api.github.com/repos/Codertocat/Hello-World/forks",
"keys_url": "https://api.github.com/repos/Codertocat/Hello-World/keys{/key_id}",
"collaborators_url": "https://api.github.com/repos/Codertocat/Hello-World/collaborators{/collaborator}",
"teams_url": "https://api.github.com/repos/Codertocat/Hello-World/teams",
"hooks_url": "https://api.github.com/repos/Codertocat/Hello-World/hooks",
"issue_events_url": "https://api.github.com/repos/Codertocat/Hello-World/issues/events{/number}",
"events_url": "https://api.github.com/repos/Codertocat/Hello-World/events",
"assignees_url": "https://api.github.com/repos/Codertocat/Hello-World/assignees{/user}",
"branches_url": "https://api.github.com/repos/Codertocat/Hello-World/branches{/branch}",
"tags_url": "https://api.github.com/repos/Codertocat/Hello-World/tags",
"blobs_url": "https://api.github.com/repos/Codertocat/Hello-World/git/blobs{/sha}",
"git_tags_url": "https://api.github.com/repos/Codertocat/Hello-World/git/tags{/sha}",
"git_refs_url": "https://api.github.com/repos/Codertocat/Hello-World/git/refs{/sha}",
"trees_url": "https://api.github.com/repos/Codertocat/Hello-World/git/trees{/sha}",
"statuses_url": "https://api.github.com/repos/Codertocat/Hello-World/statuses/{sha}",
"languages_url": "https://api.github.com/repos/Codertocat/Hello-World/languages",
"stargazers_url": "https://api.github.com/repos/Codertocat/Hello-World/stargazers",
"contributors_url": "https://api.github.com/repos/Codertocat/Hello-World/contributors",
"subscribers_url": "https://api.github.com/repos/Codertocat/Hello-World/subscribers",
"subscription_url": "https://api.github.com/repos/Codertocat/Hello-World/subscription",
"commits_url": "https://api.github.com/repos/Codertocat/Hello-World/commits{/sha}",
"git_commits_url": "https://api.github.com/repos/Codertocat/Hello-World/git/commits{/sha}",
"comments_url": "https://api.github.com/repos/Codertocat/Hello-World/comments{/number}",
"issue_comment_url": "https://api.github.com/repos/Codertocat/Hello-World/issues/comments{/number}",
"contents_url": "https://api.github.com/repos/Codertocat/Hello-World/contents/{+path}",
"compare_url": "https://api.github.com/repos/Codertocat/Hello-World/compare/{base}...{head}",
"merges_url": "https://api.github.com/repos/Codertocat/Hello-World/merges",
"archive_url": "https://api.github.com/repos/Codertocat/Hello-World/{archive_format}{/ref}",
"downloads_url": "https://api.github.com/repos/Codertocat/Hello-World/downloads",
"issues_url": "https://api.github.com/repos/Codertocat/Hello-World/issues{/number}",
"pulls_url": "https://api.github.com/repos/Codertocat/Hello-World/pulls{/number}",
"milestones_url": "https://api.github.com/repos/Codertocat/Hello-World/milestones{/number}",
"notifications_url": "https://api.github.com/repos/Codertocat/Hello-World/notifications{?since,all,participating}",
"labels_url": "https://api.github.com/repos/Codertocat/Hello-World/labels{/name}",
"releases_url": "https://api.github.com/repos/Codertocat/Hello-World/releases{/id}",
"deployments_url": "https://api.github.com/repos/Codertocat/Hello-World/deployments",
"created_at": "2021-02-11T02:36:00Z",
"updated_at": "2021-02-11T02:46:41Z",
"pushed_at": "2021-02-11T02:47:04Z",
"git_url": "git://github.com/Codertocat/Hello-World.git",
"ssh_url": "[email protected]:Codertocat/Hello-World.git",
"clone_url": "https://github.com/Codertocat/Hello-World.git",
"svn_url": "https://github.com/Codertocat/Hello-World",
"homepage": "",
"size": 0,
"stargazers_count": 0,
"watchers_count": 0,
"language": "Java",
"has_issues": true,
"has_projects": false,
"has_downloads": false,
"has_wiki": false,
"has_pages": false,
"forks_count": 0,
"mirror_url": null,
"archived": false,
"disabled": false,
"open_issues_count": 10,
"license": {
"key": "mit",
"name": "MIT License",
"spdx_id": "MIT",
"url": "https://api.github.com/licenses/mit",
"node_id": "MDc6TGljZW5zZTEz"
},
"forks": 0,
"open_issues": 10,
"watchers": 0,
"default_branch": "master"
},
"organization": {
"login": "Codertocat",
"id": 38940897,
"node_id": "MDEyOk9yZ2FuaXphdGlvbjM4OTQwODk3",
"url": "https://api.github.com/orgs/Codertocat",
"repos_url": "https://api.github.com/orgs/Codertocat/repos",
"events_url": "https://api.github.com/orgs/Codertocat/events",
"hooks_url": "https://api.github.com/orgs/Codertocat/hooks",
"issues_url": "https://api.github.com/orgs/Codertocat/issues",
"members_url": "https://api.github.com/orgs/Codertocat/members{/member}",
"public_members_url": "https://api.github.com/orgs/Codertocat/public_members{/member}",
"avatar_url": "https://avatars.githubusercontent.com/u/38940897?v=4",
"description": "A collection of all demos managed by GitHub"
},
"sender": {
"login": "Codertocat",
"id": 21031067,
"node_id": "MDQ6VXNlcjIxMDMxMDY3",
"avatar_url": "https://avatars1.githubusercontent.com/u/21031067?v=4",
"gravatar_id": "",
"url": "https://api.github.com/users/Codertocat",
"html_url": "https://github.com/Codertocat",
"followers_url": "https://api.github.com/users/Codertocat/followers",
"following_url": "https://api.github.com/users/Codertocat/following{/other_user}",
"gists_url": "https://api.github.com/users/Codertocat/gists{/gist_id}",
"starred_url": "https://api.github.com/users/Codertocat/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/Codertocat/subscriptions",
"organizations_url": "https://api.github.com/users/Codertocat/orgs",
"repos_url": "https://api.github.com/users/Codertocat/repos",
"events_url": "https://api.github.com/users/Codertocat/events{/privacy}",
"received_events_url": "https://api.github.com/users/Codertocat/received_events",
"type": "User",
"site_admin": false
},
"installation": {
"id": 14662836,
"node_id": "MDIzOkludGVncmF0aW9uSW5zdGFsbGF0aW9uMTQ2NjI4MzY="
}
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,187 @@
{
"action": "created",
"alert": {
"number": 10,
"created_at": "2021-02-11T03:10:43Z",
"url": "https://api.github.com/repos/Codertocat/Hello-World/code-scanning/alerts/10",
"html_url": "https://github.com/Codertocat/Hello-World/security/code-scanning/10",
"state": "open",
"dismissed_by": null,
"dismissed_at": null,
"dismissed_reason": null,
"rule": {
"id": "java/sql-injection",
"severity": "error",
"description": "Query built from user-controlled sources",
"name": "",
"full_description": "Building a SQL or Java Persistence query from user-controlled sources is vulnerable to insertion of malicious code by the user.",
"tags": null,
"help": null
},
"tool": {
"name": "CodeQL",
"guid": null,
"version": null
},
"instances": [
{
"ref": "refs/heads/code-feature",
"analysis_key": ".github/workflows/code-scanning.yml:build",
"environment": "{}",
"state": "open",
"commit_sha": "788437584c2522f27feab10d8e631bab3e9e783a",
"message": {
"text": ""
},
"location": {
"path": "src/main/java/com/github/demo/service/BookService.java",
"start_line": 84,
"end_line": 84,
"start_column": 51,
"end_column": 56
},
"classifications": []
}
]
},
"ref": "refs/heads/code-feature",
"commit_oid": "788437584c2522f27feab10d8e631bab3e9e783a",
"repository": {
"id": 337911632,
"node_id": "MDEwOlJlcG9zaXRvcnkzMzc5MTE2MzI=",
"name": "Hello-World",
"full_name": "Codertocat/Hello-World",
"private": true,
"owner": {
"login": "Codertocat",
"id": 21031067,
"node_id": "MDEyOk9yZ2FuaXphdGlvbjM4OTQwODk3",
"avatar_url": "https://avatars.githubusercontent.com/u/38940897?v=4",
"gravatar_id": "",
"url": "https://api.github.com/users/Codertocat",
"html_url": "https://github.com/Codertocat",
"followers_url": "https://api.github.com/users/Codertocat/followers",
"following_url": "https://api.github.com/users/Codertocat/following{/other_user}",
"gists_url": "https://api.github.com/users/Codertocat/gists{/gist_id}",
"starred_url": "https://api.github.com/users/Codertocat/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/Codertocat/subscriptions",
"organizations_url": "https://api.github.com/users/Codertocat/orgs",
"repos_url": "https://api.github.com/users/Codertocat/repos",
"events_url": "https://api.github.com/users/Codertocat/events{/privacy}",
"received_events_url": "https://api.github.com/users/Codertocat/received_events",
"type": "Organization",
"site_admin": false
},
"html_url": "https://github.com/Codertocat/Hello-World",
"description": "",
"fork": false,
"url": "https://api.github.com/repos/Codertocat/Hello-World",
"forks_url": "https://api.github.com/repos/Codertocat/Hello-World/forks",
"keys_url": "https://api.github.com/repos/Codertocat/Hello-World/keys{/key_id}",
"collaborators_url": "https://api.github.com/repos/Codertocat/Hello-World/collaborators{/collaborator}",
"teams_url": "https://api.github.com/repos/Codertocat/Hello-World/teams",
"hooks_url": "https://api.github.com/repos/Codertocat/Hello-World/hooks",
"issue_events_url": "https://api.github.com/repos/Codertocat/Hello-World/issues/events{/number}",
"events_url": "https://api.github.com/repos/Codertocat/Hello-World/events",
"assignees_url": "https://api.github.com/repos/Codertocat/Hello-World/assignees{/user}",
"branches_url": "https://api.github.com/repos/Codertocat/Hello-World/branches{/branch}",
"tags_url": "https://api.github.com/repos/Codertocat/Hello-World/tags",
"blobs_url": "https://api.github.com/repos/Codertocat/Hello-World/git/blobs{/sha}",
"git_tags_url": "https://api.github.com/repos/Codertocat/Hello-World/git/tags{/sha}",
"git_refs_url": "https://api.github.com/repos/Codertocat/Hello-World/git/refs{/sha}",
"trees_url": "https://api.github.com/repos/Codertocat/Hello-World/git/trees{/sha}",
"statuses_url": "https://api.github.com/repos/Codertocat/Hello-World/statuses/{sha}",
"languages_url": "https://api.github.com/repos/Codertocat/Hello-World/languages",
"stargazers_url": "https://api.github.com/repos/Codertocat/Hello-World/stargazers",
"contributors_url": "https://api.github.com/repos/Codertocat/Hello-World/contributors",
"subscribers_url": "https://api.github.com/repos/Codertocat/Hello-World/subscribers",
"subscription_url": "https://api.github.com/repos/Codertocat/Hello-World/subscription",
"commits_url": "https://api.github.com/repos/Codertocat/Hello-World/commits{/sha}",
"git_commits_url": "https://api.github.com/repos/Codertocat/Hello-World/git/commits{/sha}",
"comments_url": "https://api.github.com/repos/Codertocat/Hello-World/comments{/number}",
"issue_comment_url": "https://api.github.com/repos/Codertocat/Hello-World/issues/comments{/number}",
"contents_url": "https://api.github.com/repos/Codertocat/Hello-World/contents/{+path}",
"compare_url": "https://api.github.com/repos/Codertocat/Hello-World/compare/{base}...{head}",
"merges_url": "https://api.github.com/repos/Codertocat/Hello-World/merges",
"archive_url": "https://api.github.com/repos/Codertocat/Hello-World/{archive_format}{/ref}",
"downloads_url": "https://api.github.com/repos/Codertocat/Hello-World/downloads",
"issues_url": "https://api.github.com/repos/Codertocat/Hello-World/issues{/number}",
"pulls_url": "https://api.github.com/repos/Codertocat/Hello-World/pulls{/number}",
"milestones_url": "https://api.github.com/repos/Codertocat/Hello-World/milestones{/number}",
"notifications_url": "https://api.github.com/repos/Codertocat/Hello-World/notifications{?since,all,participating}",
"labels_url": "https://api.github.com/repos/Codertocat/Hello-World/labels{/name}",
"releases_url": "https://api.github.com/repos/Codertocat/Hello-World/releases{/id}",
"deployments_url": "https://api.github.com/repos/Codertocat/Hello-World/deployments",
"created_at": "2021-02-11T02:36:00Z",
"updated_at": "2021-02-11T02:46:41Z",
"pushed_at": "2021-02-11T03:08:42Z",
"git_url": "git://github.com/Codertocat/Hello-World.git",
"ssh_url": "[email protected]:Codertocat/Hello-World.git",
"clone_url": "https://github.com/Codertocat/Hello-World.git",
"svn_url": "https://github.com/Codertocat/Hello-World",
"homepage": "",
"size": 0,
"stargazers_count": 0,
"watchers_count": 0,
"language": "Java",
"has_issues": true,
"has_projects": false,
"has_downloads": false,
"has_wiki": false,
"has_pages": false,
"forks_count": 0,
"mirror_url": null,
"archived": false,
"disabled": false,
"open_issues_count": 11,
"license": {
"key": "mit",
"name": "MIT License",
"spdx_id": "MIT",
"url": "https://api.github.com/licenses/mit",
"node_id": "MDc6TGljZW5zZTEz"
},
"forks": 0,
"open_issues": 11,
"watchers": 0,
"default_branch": "master"
},
"organization": {
"login": "Codertocat",
"id": 38940897,
"node_id": "MDEyOk9yZ2FuaXphdGlvbjM4OTQwODk3",
"url": "https://api.github.com/orgs/Codertocat",
"repos_url": "https://api.github.com/orgs/Codertocat/repos",
"events_url": "https://api.github.com/orgs/Codertocat/events",
"hooks_url": "https://api.github.com/orgs/Codertocat/hooks",
"issues_url": "https://api.github.com/orgs/Codertocat/issues",
"members_url": "https://api.github.com/orgs/Codertocat/members{/member}",
"public_members_url": "https://api.github.com/orgs/Codertocat/public_members{/member}",
"avatar_url": "https://avatars.githubusercontent.com/u/38940897?v=4",
"description": "A collection of all demos managed by GitHub"
},
"sender": {
"login": "github",
"id": 9919,
"node_id": "MDEyOk9yZ2FuaXphdGlvbjk5MTk=",
"avatar_url": "https://avatars.githubusercontent.com/u/9919?v=4",
"gravatar_id": "",
"url": "https://api.github.com/users/github",
"html_url": "https://github.com/github",
"followers_url": "https://api.github.com/users/github/followers",
"following_url": "https://api.github.com/users/github/following{/other_user}",
"gists_url": "https://api.github.com/users/github/gists{/gist_id}",
"starred_url": "https://api.github.com/users/github/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/github/subscriptions",
"organizations_url": "https://api.github.com/users/github/orgs",
"repos_url": "https://api.github.com/users/github/repos",
"events_url": "https://api.github.com/users/github/events{/privacy}",
"received_events_url": "https://api.github.com/users/github/received_events",
"type": "Organization",
"site_admin": false
},
"installation": {
"id": 14662836,
"node_id": "MDIzOkludGVncmF0aW9uSW5zdGFsbGF0aW9uMTQ2NjI4MzY="
}
}
Loading

0 comments on commit 8b38156

Please sign in to comment.