From 191def38573c50dfebc3bcb7dcc7306c19acad42 Mon Sep 17 00:00:00 2001 From: CrazyMax Date: Sat, 28 Oct 2023 08:27:29 +0200 Subject: [PATCH 1/2] ci: enable SAST scanning with CodeQL Signed-off-by: CrazyMax --- .github/workflows/codeql.yml | 41 ++++++++++++++++++++++++++++++++++++ 1 file changed, 41 insertions(+) create mode 100644 .github/workflows/codeql.yml diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml new file mode 100644 index 00000000..f5413532 --- /dev/null +++ b/.github/workflows/codeql.yml @@ -0,0 +1,41 @@ +name: codeql + +on: + push: + branches: + - 'main' + pull_request: + +permissions: + actions: read + contents: read + security-events: write + +env: + NODE_VERSION: 20 + +jobs: + analyze: + runs-on: ubuntu-latest + steps: + - + name: Checkout + uses: actions/checkout@v4 + - + name: Set up Node + uses: actions/setup-node@v4 + with: + node-version: ${{ env.NODE_VERSION }} + - + name: Initialize CodeQL + uses: github/codeql-action/init@v2 + with: + languages: javascript-typescript + - + name: Autobuild + uses: github/codeql-action/autobuild@v2 + - + name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v2 + with: + category: "/language:javascript-typescript" From b212b3b35ee7c41c4ec05f873e43d553e9a5e18a Mon Sep 17 00:00:00 2001 From: CrazyMax Date: Sat, 28 Oct 2023 08:38:35 +0200 Subject: [PATCH 2/2] chore: fix incomplete string escaping Signed-off-by: CrazyMax --- src/buildx/builder.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/buildx/builder.ts b/src/buildx/builder.ts index 37ee9c81..833d8190 100644 --- a/src/buildx/builder.ts +++ b/src/buildx/builder.ts @@ -145,7 +145,7 @@ export class Builder { if (value.includes('*')) { for (const platform of value.split(', ')) { if (platform.includes('*')) { - platforms.push(platform.replace('*', '')); + platforms.push(platform.replace(/\*/g, '')); } } } else {