Require an API key for github_workflows #2316
Draft
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…ract_internal_module New internal module "unarchive"
…anternsecurity/bbot into paramminer-finish-bug-fix
…y/paramminer-finish-bug-fix Fix paramminer finish() repeating checks bug
…y/update-docs Daily Docs Update
…y/upload-artifact-update Bump upload-artifact to v4 in github action
…idate_postman_workspaces Validate postman workspaces
…y/python-3.13 Add Python 3.13 support
…dumper New Module: Gitdumper
…ible Remove Ansible but keep ansible-core
Bumps [psutil](https://github.com/giampaolo/psutil) from 6.1.1 to 7.0.0. - [Changelog](https://github.com/giampaolo/psutil/blob/master/HISTORY.rst) - [Commits](giampaolo/psutil@release-6.1.1...release-7.0.0) --- updated-dependencies: - dependency-name: psutil dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
…y/update-trufflehog Update trufflehog to 3.88.12
…y/dependabot/pip/dev/psutil-7.0.0 Bump psutil from 6.1.1 to 7.0.0
Bumps [setproctitle](https://github.com/dvarrazzo/py-setproctitle) from 1.3.4 to 1.3.5. - [Changelog](https://github.com/dvarrazzo/py-setproctitle/blob/master/HISTORY.rst) - [Commits](dvarrazzo/py-setproctitle@version-1.3.4...version-1.3.5) --- updated-dependencies: - dependency-name: setproctitle dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
…y/update-docs Automated Docs Update
Bumps [ruff](https://github.com/astral-sh/ruff) from 0.9.6 to 0.9.7. - [Release notes](https://github.com/astral-sh/ruff/releases) - [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md) - [Commits](astral-sh/ruff@0.9.6...0.9.7) --- updated-dependencies: - dependency-name: ruff dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [cachetools](https://github.com/tkem/cachetools) from 5.5.1 to 5.5.2. - [Changelog](https://github.com/tkem/cachetools/blob/master/CHANGELOG.rst) - [Commits](tkem/cachetools@v5.5.1...v5.5.2) --- updated-dependencies: - dependency-name: cachetools dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
…y/dependabot/pip/dev/setproctitle-1.3.5 Bump setproctitle from 1.3.4 to 1.3.5
…y/dependabot/pip/dev/cachetools-5.5.2 Bump cachetools from 5.5.1 to 5.5.2
…y/dependabot/pip/dev/ruff-0.9.7 Bump ruff from 0.9.6 to 0.9.7
…y/ffuf-rate Add rate limit option to ffuf modules
…y/fix-portfilter-priority Fix portfilter priority
…y/crt-postgres CRT.sh - Use direct Postgres db connection
…ges to be more helpful
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## dev #2316 +/- ##
=====================================
- Coverage 93% 93% -0%
=====================================
Files 380 380
Lines 29781 29777 -4
=====================================
- Hits 27537 27529 -8
- Misses 2244 2248 +4 ☔ View full report in Codecov by Sentry. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
#2313 got me thinking that maybe the github_workflows module should hard-fail if its not supplied with an API key...
After documenting what github APIs are in use #2315 I found that
github_workflowsis using two endpoints that require an API key even for public repos, I have also updated the warning messages to be more helpful on what permissions are needed.Keeping this as a draft for now incase I need to make some more changes based on @Sh4d0wHunt3rX's feedback to #2313