Commit these

Trial with corepack
2026-05-25 09:19:15 -04:00 · 2024-09-29 07:47:53 +00:00 · 2024-09-29 07:30:11 +00:00 · 2024-09-29 07:24:27 +00:00 · 2024-09-29 07:16:29 +00:00 · 2024-09-29 07:10:06 +00:00
8 changed files with 3302 additions and 1743 deletions
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -13,4 +13,3 @@ updates:
    interval: daily
    time: "07:00"
  open-pull-requests-limit: 10
-
--- a/.github/workflows/brakeman-analysis.yml
+++ b/.github/workflows/brakeman-analysis.yml
@@ -0,0 +1,40 @@
+# This workflow integrates Brakeman with GitHub's Code Scanning feature
+# Brakeman is a static analysis security vulnerability scanner for Ruby on Rails applications
+
+name: Brakeman Scan
+
+# This section configures the trigger for the workflow. Feel free to customize depending on your convention
+on:
+  pull_request:
+    branches: [ dev ]
+
+jobs:
+  brakeman-scan:
+    name: Brakeman Scan
+    runs-on: ubuntu-latest
+    steps:
+    # Checkout the repository to the GitHub Actions runner
+    - name: Checkout
+      uses: actions/checkout@v4
+
+    # Customize the ruby version depending on your needs
+    - name: Setup Ruby
+      uses: ruby/setup-ruby@v1
+
+    - name: Setup Brakeman
+      env:
+        BRAKEMAN_VERSION: '5.1.1' # SARIF support is provided in Brakeman version 4.10+
+      run: |
+        gem install brakeman --version $BRAKEMAN_VERSION
+
+    # Execute Brakeman CLI and generate a SARIF output with the security issues identified during the analysis
+    - name: Scan
+      continue-on-error: true
+      run: |
+        brakeman -f sarif -o output.sarif.json .
+
+    # Upload the SARIF file generated in the previous step
+    - name: Upload SARIF
+      uses: github/codeql-action/upload-sarif@v3
+      with:
+        sarif_file: output.sarif.json
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -72,6 +72,8 @@ jobs:
      #
      # See https://github.com/actions/cache/blob/master/examples.md#node---yarn for details
      #
+      - name: Enable Corepack
+        run: corepack enable
      - name: Get yarn cache directory path
        id: yarn-cache-dir-path
        run: echo "::set-output name=dir::$(yarn cache dir)"
--- a/.yarn/install-state.gz
+++ b/.yarn/install-state.gz
--- a/.yarn/releases/yarn-4.5.0.cjs
+++ b/.yarn/releases/yarn-4.5.0.cjs
--- a/.yarnrc.yml
+++ b/.yarnrc.yml
@@ -0,0 +1,3 @@
+nodeLinker: node-modules
+
+yarnPath: .yarn/releases/yarn-4.5.0.cjs
--- a/package.json
+++ b/package.json
@@ -27,5 +27,6 @@
  "bugs": {
    "url": "https://github.com/growstuff/growstuff/issues"
  },
-  "homepage": "https://github.com/growstuff/growstuff#readme"
+  "homepage": "https://github.com/growstuff/growstuff#readme",
+  "packageManager": "yarn@4.5.0"
 }
--- a/yarn.lock
+++ b/yarn.lock
Author	SHA1	Message	Date
Daniel O'Connor	08b63b372a	Commit these	2024-09-29 07:47:53 +00:00
Daniel O'Connor	98c9456065	Trial with corepack	2024-09-29 07:30:11 +00:00
Daniel O'Connor	33b0f743a5	Trial with corepack	2024-09-29 07:24:27 +00:00
Daniel O'Connor	3b1add686b	Update yarn	2024-09-29 07:16:29 +00:00
Daniel O'Connor	723d62bf41	Update percy	2024-09-29 07:10:06 +00:00
Daniel O'Connor	68e4a32cff	Update jshint	2024-09-29 07:09:21 +00:00