aaf-mdqt 0.8.7 → 0.8.8

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 7d77a3520e2c7fc553d49ca134930089a8199dcec9e0c1e359e0f6808455e7d8
4
- data.tar.gz: 5fbc069dfac952678993093732f892ad1ca671b5b10e1ed1fcb6e2b1a0d0fb99
3
+ metadata.gz: e7f884d01697f865d55c804cdcdc6effe83d1f80023de88cd5e557d395a34aba
4
+ data.tar.gz: a6bc73de15949019ccfae61edb365bd4633db5f77f1c7729126f35ff4fae982a
5
5
  SHA512:
6
- metadata.gz: 4bc4ce18932cf42b731c9ab5f1d9cbc9e2e0bb574a90b762f426b712cc2b0322378bcac68af3e4088f57b765f1654ba77f544be29ecf87a080f4bf9304d67873
7
- data.tar.gz: c0c20c4b17732e2e7090c04bc30228f93d661f6ffbf5513c54c8339c81f6ce5c27ea42939fcf92e01829259d2b542814abde465a88404e530d18b0b224f355c0
6
+ metadata.gz: f2dd7c004d066083182426d878b421611713c29d847ea483787770e59bfa64c84c6ede5e15d6d8942370f76c66c9c8416126c23bb66ed65d293252370296075d
7
+ data.tar.gz: 7979f13e2252926ecd6a76e9921cce791ea825b13e555a91fdb3765770667efdb9b97af07794e08ff81caa8069d7ecdae2c56f0146936fd1e21a3efea0b2d285
data/README.md CHANGED
@@ -1,6 +1,8 @@
1
+ # NOTE: forked from <https://github.com/Digital-Identity-Labs/mdqt>
2
+
1
3
  # MDQT - A Metadata Query Tool
2
4
 
3
- [![Gem Version](https://badge.fury.io/rb/mdqt.svg)](https://badge.fury.io/rb/mdqt) [![Maintainability](https://api.codeclimate.com/v1/badges/111c46aaebfe25e4a4a9/maintainability)](https://codeclimate.com/github/Digital-Identity-Labs/mdqt/maintainability) [![Test Coverage](https://api.codeclimate.com/v1/badges/111c46aaebfe25e4a4a9/test_coverage)](https://codeclimate.com/github/Digital-Identity-Labs/mdqt/test_coverage) [![Build Status](https://travis-ci.org/Digital-Identity-Labs/mdqt.svg?branch=master)](https://travis-ci.org/Digital-Identity-Labs/mdqt)
5
+ [![Gem Version](https://badge.fury.io/rb/aaf-mdqt.svg)](https://badge.fury.io/rb/aaf-mdqt)
4
6
 
5
7
  MDQT is small library and commandline tool to query MDQ services for SAML metadata.
6
8
  You could do this with `curl` and `xmlsec1` but it's a little more convenient to use `mdqt` instead.
@@ -9,17 +11,16 @@ MDQT also has features for managing local metadata files, to help when running a
9
11
 
10
12
  MDQ currently provides these features:
11
13
 
12
- - Downloading single entities, lists or aggregates
13
- - Signature verification
14
- - Validating metadata against SAML2 schema
15
- - Saving metadata to disk
16
- - Extracting entity IDs from both aggregate and individual metadata files
17
- - Renaming metadata files to their entity ID sha1 hashes (for use with LocalDynamicMetadataProvider)
18
- - Creating sha1 hash symlinks to metadata files (also for use with Local Dynamic Metadata)
19
- - Listing the entity IDs of downloaded metadata files
20
- - Showing the full URL of an entity
21
- - Caching entity metadata and using Gzip compression
22
-
14
+ - Downloading single entities, lists or aggregates
15
+ - Signature verification
16
+ - Validating metadata against SAML2 schema
17
+ - Saving metadata to disk
18
+ - Extracting entity IDs from both aggregate and individual metadata files
19
+ - Renaming metadata files to their entity ID sha1 hashes (for use with LocalDynamicMetadataProvider)
20
+ - Creating sha1 hash symlinks to metadata files (also for use with Local Dynamic Metadata)
21
+ - Listing the entity IDs of downloaded metadata files
22
+ - Showing the full URL of an entity
23
+ - Caching entity metadata and using Gzip compression
23
24
 
24
25
  ## MDQ?
25
26
 
@@ -39,11 +40,11 @@ MDQT is tested on recent MacOS and Linux, and should work with
39
40
 
40
41
  To install system-wide on your default Ruby, use
41
42
 
42
- $ sudo gem install mdqt
43
+ sudo gem install mdqt
43
44
 
44
45
  If using a per-user Ruby via `rbenv`, `asdf` or similar, you'll need
45
46
 
46
- $ gem install mdqt
47
+ gem install mdqt
47
48
 
48
49
  ### As part of a Ruby project
49
50
 
@@ -55,7 +56,7 @@ gem 'mdqt'
55
56
 
56
57
  and then execute:
57
58
 
58
- $ bundle
59
+ bundle
59
60
 
60
61
  ### As a Docker container
61
62
 
@@ -71,39 +72,39 @@ signature. Some MDQ services use unencrypted HTTP connections and rely
71
72
  MDQT supports signature verification but requires a Ruby library called
72
73
  Nokogiri to do the hard work. Nokogiri is fast and useful but can sometimes
73
74
  be awkward to install for non-developers (it can sometimes require a C development
74
- environment and various XML libraries). In most cases Nokogiri will install
75
- automatically, without problems, when you install MDQT, but if you encounter any
75
+ environment and various XML libraries). In most cases Nokogiri will install
76
+ automatically, without problems, when you install MDQT, but if you encounter any
76
77
  problems installing Nokogiri the [Installing Nokogiri](http://www.nokogiri.org/tutorials/installing_nokogiri.html) documentation is very helpful.
77
78
 
78
79
  ## Commandline Usage as an MDQ client
79
80
 
80
81
  You can see a list of commandline options by typing:
81
82
 
82
- $ mdqt help
83
+ mdqt help
83
84
 
84
85
  To see more information about a command, use the `--help` option after the command or type `help <command>`:
85
86
 
86
- $ mdqt help get
87
+ mdqt help get
87
88
 
88
89
  ### Selecting an MDQ service to access
89
90
 
90
91
  You can specify the MDQ service with a commandline option:
91
92
 
92
- $ mdqt get --service https://mdq.example.com/mdq http://entity.ac.uk/shibboleth
93
+ mdqt get --service https://mdq.example.com/mdq http://entity.ac.uk/shibboleth
93
94
 
94
95
  It's more convenient to set an environment variable to specify a default MDQ
95
96
  service. Set `MDQT_SERVICE` or `MDQ_BASE_URL` to the base URL of your MDQ service.
96
97
 
97
- $ export MDQT_SERVICE=https://mdq.example.com/mdq
98
- $ mdqt get http://entity.ac.uk/shibboleth
99
- $ mdqt get http://example.org/service
98
+ export MDQT_SERVICE=https://mdq.example.com/mdq
99
+ mdqt get http://entity.ac.uk/shibboleth
100
+ mdqt get http://example.org/service
100
101
 
101
102
  Finally, if you don't specify an MDQ service with `--service` or `MDQT_SERVICE` then `mdqt` *might* be
102
103
  able to guess your local NREN's MDQ service. Do not do this in production!
103
104
 
104
105
  If an MDQ service is known to MDQT it can be selected using an alias:
105
106
 
106
- $ mdqt get --service incommon http://entity.edu/shibboleth
107
+ mdqt get --service incommon http://entity.edu/shibboleth
107
108
 
108
109
  You can see known services and their aliases using `mdqt services`
109
110
 
@@ -111,20 +112,19 @@ You can see known services and their aliases using `mdqt services`
111
112
 
112
113
  Downloading entity metadata to STDOUT:
113
114
 
114
- $ mdqt get https://test-idp.ukfederation.org.uk/idp/shibboleth
115
+ mdqt get https://test-idp.ukfederation.org.uk/idp/shibboleth
115
116
 
116
117
  Using the sha1 hashed version of entity IDs requires quotes or escaping in some shells:
117
118
 
118
- $ mdqt get "{sha1}52e2065fc0d53744e8d4ee2c2f30696ebfc5def9"
119
+ mdqt get "{sha1}52e2065fc0d53744e8d4ee2c2f30696ebfc5def9"
119
120
 
120
- $ mdqt get \{sha1\}52e2065fc0d53744e8d4ee2c2f30696ebfc5def9
121
+ mdqt get \{sha1\}52e2065fc0d53744e8d4ee2c2f30696ebfc5def9
121
122
 
122
- $ mdqt get [sha1]52e2065fc0d53744e8d4ee2c2f30696ebfc5def9
123
+ mdqt get [sha1]52e2065fc0d53744e8d4ee2c2f30696ebfc5def9
123
124
 
124
125
  Requesting all metadata from an MDQ endpoint is done by specifying `--all`:
125
126
 
126
- $ mdqt get --all
127
-
127
+ mdqt get --all
128
128
 
129
129
  ### Caching metadata
130
130
 
@@ -132,16 +132,15 @@ Caching can be enabled using `--cache`. At the moment the `mdqt` executable
132
132
  only supports caching to disk. It will create a cache directory in your temporary
133
133
  directory.
134
134
 
135
- $ mdqt get --cache --service https://mdq.example.com/mdq http://entity.ac.uk/shibboleth
135
+ mdqt get --cache --service https://mdq.example.com/mdq http://entity.ac.uk/shibboleth
136
136
 
137
137
  Caching is now on by default. To force a single command to *not* use the cache, include `--reset`
138
138
 
139
- $ mdqt get --reset --service https://mdq.example.com/mdq http://entity.ac.uk/shibboleth
139
+ mdqt get --reset --service https://mdq.example.com/mdq http://entity.ac.uk/shibboleth
140
140
 
141
141
  You can clear the cache by using the `reset` command:
142
142
 
143
- $ mdqt reset
144
-
143
+ mdqt reset
145
144
 
146
145
  ### Verifying metadata
147
146
 
@@ -149,22 +148,22 @@ If you have enabled verification by installing `xmldsig` (and have downloaded an
149
148
  certificate for your MDQ server) you can require verification by passing
150
149
  they `verify-with` flag with the path of your certificate.
151
150
 
152
- $ mdqt get --verify-with myfederation.pem https://indiid.net/idp/shibboleth
151
+ mdqt get --verify-with myfederation.pem https://indiid.net/idp/shibboleth
153
152
 
154
153
  It's possible to pass more than one certificate by separating them with commas
155
154
 
156
- $ mdqt get --verify-with myfederation.pem,previous.pem https://indiid.net/idp/shibboleth
155
+ mdqt get --verify-with myfederation.pem,previous.pem https://indiid.net/idp/shibboleth
157
156
 
158
157
  Basic XML correctness and validation against SAML2 Metadata schema can be enabled with the
159
158
  `--validate` switch:
160
159
 
161
- $ mdqt get --validate https://indiid.net/idp/shibboleth
160
+ mdqt get --validate https://indiid.net/idp/shibboleth
162
161
 
163
162
  If you need to check metadata that has already been downloaded then try the `check`
164
163
  command:
165
164
 
166
- $ mdqt check metadata.xml # Just validate
167
- $ mdqt check --verify-with myfederation.pem metadata.xml # Verify signature too
165
+ mdqt check metadata.xml # Just validate
166
+ mdqt check --verify-with myfederation.pem metadata.xml # Verify signature too
168
167
 
169
168
  You shouldn't need to *validate* XML from a trusted MDQ service such as one run by a
170
169
  national federation. You should however always *verify* the signature of XML sent over an unencrypyted HTTP connection,
@@ -175,11 +174,11 @@ or debugging your own MDQ service.
175
174
 
176
175
  The simplest way to save metadata is to redirect output from the `get` command:
177
176
 
178
- $ mdqt get http://entity.ac.uk/shibboleth > metadata.xml
177
+ mdqt get http://entity.ac.uk/shibboleth > metadata.xml
179
178
 
180
179
  MDQT also offers the `--save-to` option to write all metadata into a directory
181
180
 
182
- $ mdqt get http://entity.ac.uk/shibboleth --save-to metadata_directory
181
+ mdqt get http://entity.ac.uk/shibboleth --save-to metadata_directory
183
182
 
184
183
  The `--save-to` option requires a directory to be specified. All files will be saved
185
184
  with a name based on their transformed identifier (sha1 hash) such as
@@ -194,55 +193,55 @@ For more information about current settings, download results, and so on, add
194
193
 
195
194
  To convert normal URI entity IDs into MDQ SHA1 hashed transformed identifiers use the `transform` command:
196
195
 
197
- $ mdqt transform http://example.org/service
196
+ mdqt transform http://example.org/service
198
197
 
199
198
  Transforming identifiers that have already been transformed should not re-transform them.
200
199
 
201
200
  To see more details of what is being sent and received by a `get` command add the `--explain` flag
202
201
 
203
- $ mdqt get --explain --service https://mdq.example.com/mdq http://entity.ac.uk/shibboleth
202
+ mdqt get --explain --service https://mdq.example.com/mdq http://entity.ac.uk/shibboleth
204
203
 
205
204
  MDQT will then show a table of sent and received headers which may be useful when debugging servers.
206
205
 
207
206
  To extract a list of all entity IDs from a file:
208
207
 
209
- $ mdqt entities metadata.xml
208
+ mdqt entities metadata.xml
210
209
 
211
- $ mdqt entities --sha1 metadata.xml
210
+ mdqt entities --sha1 metadata.xml
212
211
 
213
212
  To create sha1 symlinks to a metadata file:
214
213
 
215
- $ mdqt ln example_idp.xml
214
+ mdqt ln example_idp.xml
216
215
 
217
216
  To rename a file to its entity ID sha1 has:
218
217
 
219
- $ mdqt rename example_idp.xml
218
+ mdqt rename example_idp.xml
220
219
 
221
220
  To list the entity IDs of files in a directory:
222
221
 
223
- $ mdqt ls
222
+ mdqt ls
224
223
 
225
224
  To list all entities available at an MDQ service:
226
225
 
227
- $ mdqt list
226
+ mdqt list
228
227
 
229
228
  To show the MDQ services known to MDQT, and their aliases:
230
229
 
231
- $ mdqt services
230
+ mdqt services
232
231
 
233
232
  To show the full MDQ URL of an entity
234
233
 
235
- $ mdqt url http://entity.ac.uk/shibboleth
234
+ mdqt url http://entity.ac.uk/shibboleth
236
235
 
237
236
  MDQT can accept input on stdin, allowing composition and pipelining
238
237
 
239
- $ cat list_of_ids.txt | mdqt url
238
+ cat list_of_ids.txt | mdqt url
240
239
 
241
- $ mdqt list | grep cern.ch | mdqt get --save-to cern_metadata/ --list | mdqt ls
240
+ mdqt list | grep cern.ch | mdqt get --save-to cern_metadata/ --list | mdqt ls
242
241
 
243
242
  ## Alternatives
244
243
 
245
- * [SAML Library](https://github.com/trscavo/saml-library) is a set of scripts to help with metadata-related tasks, written
244
+ - [SAML Library](https://github.com/trscavo/saml-library) is a set of scripts to help with metadata-related tasks, written
246
245
  by Tom Scavo of Internet2. Some of the scripts provide similar functionality to MDQT, and are designed to be piped together.
247
246
 
248
247
  ## Library Usage
@@ -260,7 +259,7 @@ To install this gem onto your local machine, run `bundle exec rake install`.
260
259
 
261
260
  ## Contributing
262
261
 
263
- Bug reports and pull requests are welcome on GitHub at https://github.com/Digital-Identity-Labs/mdqt.
262
+ Bug reports and pull requests are welcome on GitHub at <https://github.com/Digital-Identity-Labs/mdqt>.
264
263
  This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [Contributor Covenant](http://contributor-covenant.org) code of conduct.
265
264
 
266
265
  ## License
data/aaf-mdqt.gemspec CHANGED
@@ -23,17 +23,17 @@ Gem::Specification.new do |spec|
23
23
  spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
24
24
  spec.require_paths = ["lib"]
25
25
 
26
- spec.add_dependency 'commander', "~>4.6"
27
- spec.add_dependency 'faraday', "~>2.9.0"
28
- spec.add_dependency 'faraday-http-cache', "~>2.5.0"
29
- spec.add_dependency 'faraday-follow_redirects', "~>0.3.0"
30
- spec.add_dependency 'httpx', "~>1.2.0"
26
+ spec.add_dependency 'commander', "~>4"
27
+ spec.add_dependency 'faraday', "~>2"
28
+ spec.add_dependency 'faraday-http-cache', "~>2"
29
+ spec.add_dependency 'faraday-follow_redirects', "~>0.3"
30
+ spec.add_dependency 'httpx', "~>1"
31
31
  spec.add_dependency 'activesupport', "~>7"
32
- spec.add_dependency 'dalli', "~>3.2"
32
+ spec.add_dependency 'dalli', "~>3"
33
33
  spec.add_dependency 'pastel', "~>0.8"
34
- spec.add_dependency 'terminal-table', "~>3.0"
34
+ spec.add_dependency 'terminal-table', "~>3"
35
35
  spec.add_dependency 'concurrent-ruby-ext', "~>1"
36
- spec.add_dependency 'xmldsig', "~>0.7.0"
36
+ spec.add_dependency 'xmldsig', "~>0.7"
37
37
 
38
38
  # spec.add_development_dependency "bundler", "~>2"
39
39
  # spec.add_development_dependency "rake", ">= 13.1.0"
data/lib/mdqt/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module MDQT
2
- VERSION = "0.8.7"
2
+ VERSION = "0.8.8"
3
3
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: aaf-mdqt
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.8.7
4
+ version: 0.8.8
5
5
  platform: ruby
6
6
  authors:
7
7
  - Pete Birkinshaw
@@ -17,70 +17,70 @@ dependencies:
17
17
  requirements:
18
18
  - - "~>"
19
19
  - !ruby/object:Gem::Version
20
- version: '4.6'
20
+ version: '4'
21
21
  type: :runtime
22
22
  prerelease: false
23
23
  version_requirements: !ruby/object:Gem::Requirement
24
24
  requirements:
25
25
  - - "~>"
26
26
  - !ruby/object:Gem::Version
27
- version: '4.6'
27
+ version: '4'
28
28
  - !ruby/object:Gem::Dependency
29
29
  name: faraday
30
30
  requirement: !ruby/object:Gem::Requirement
31
31
  requirements:
32
32
  - - "~>"
33
33
  - !ruby/object:Gem::Version
34
- version: 2.9.0
34
+ version: '2'
35
35
  type: :runtime
36
36
  prerelease: false
37
37
  version_requirements: !ruby/object:Gem::Requirement
38
38
  requirements:
39
39
  - - "~>"
40
40
  - !ruby/object:Gem::Version
41
- version: 2.9.0
41
+ version: '2'
42
42
  - !ruby/object:Gem::Dependency
43
43
  name: faraday-http-cache
44
44
  requirement: !ruby/object:Gem::Requirement
45
45
  requirements:
46
46
  - - "~>"
47
47
  - !ruby/object:Gem::Version
48
- version: 2.5.0
48
+ version: '2'
49
49
  type: :runtime
50
50
  prerelease: false
51
51
  version_requirements: !ruby/object:Gem::Requirement
52
52
  requirements:
53
53
  - - "~>"
54
54
  - !ruby/object:Gem::Version
55
- version: 2.5.0
55
+ version: '2'
56
56
  - !ruby/object:Gem::Dependency
57
57
  name: faraday-follow_redirects
58
58
  requirement: !ruby/object:Gem::Requirement
59
59
  requirements:
60
60
  - - "~>"
61
61
  - !ruby/object:Gem::Version
62
- version: 0.3.0
62
+ version: '0.3'
63
63
  type: :runtime
64
64
  prerelease: false
65
65
  version_requirements: !ruby/object:Gem::Requirement
66
66
  requirements:
67
67
  - - "~>"
68
68
  - !ruby/object:Gem::Version
69
- version: 0.3.0
69
+ version: '0.3'
70
70
  - !ruby/object:Gem::Dependency
71
71
  name: httpx
72
72
  requirement: !ruby/object:Gem::Requirement
73
73
  requirements:
74
74
  - - "~>"
75
75
  - !ruby/object:Gem::Version
76
- version: 1.2.0
76
+ version: '1'
77
77
  type: :runtime
78
78
  prerelease: false
79
79
  version_requirements: !ruby/object:Gem::Requirement
80
80
  requirements:
81
81
  - - "~>"
82
82
  - !ruby/object:Gem::Version
83
- version: 1.2.0
83
+ version: '1'
84
84
  - !ruby/object:Gem::Dependency
85
85
  name: activesupport
86
86
  requirement: !ruby/object:Gem::Requirement
@@ -101,14 +101,14 @@ dependencies:
101
101
  requirements:
102
102
  - - "~>"
103
103
  - !ruby/object:Gem::Version
104
- version: '3.2'
104
+ version: '3'
105
105
  type: :runtime
106
106
  prerelease: false
107
107
  version_requirements: !ruby/object:Gem::Requirement
108
108
  requirements:
109
109
  - - "~>"
110
110
  - !ruby/object:Gem::Version
111
- version: '3.2'
111
+ version: '3'
112
112
  - !ruby/object:Gem::Dependency
113
113
  name: pastel
114
114
  requirement: !ruby/object:Gem::Requirement
@@ -129,14 +129,14 @@ dependencies:
129
129
  requirements:
130
130
  - - "~>"
131
131
  - !ruby/object:Gem::Version
132
- version: '3.0'
132
+ version: '3'
133
133
  type: :runtime
134
134
  prerelease: false
135
135
  version_requirements: !ruby/object:Gem::Requirement
136
136
  requirements:
137
137
  - - "~>"
138
138
  - !ruby/object:Gem::Version
139
- version: '3.0'
139
+ version: '3'
140
140
  - !ruby/object:Gem::Dependency
141
141
  name: concurrent-ruby-ext
142
142
  requirement: !ruby/object:Gem::Requirement
@@ -157,14 +157,14 @@ dependencies:
157
157
  requirements:
158
158
  - - "~>"
159
159
  - !ruby/object:Gem::Version
160
- version: 0.7.0
160
+ version: '0.7'
161
161
  type: :runtime
162
162
  prerelease: false
163
163
  version_requirements: !ruby/object:Gem::Requirement
164
164
  requirements:
165
165
  - - "~>"
166
166
  - !ruby/object:Gem::Version
167
- version: 0.7.0
167
+ version: '0.7'
168
168
  - !ruby/object:Gem::Dependency
169
169
  name: rspec
170
170
  requirement: !ruby/object:Gem::Requirement
@@ -242,7 +242,6 @@ executables:
242
242
  extensions: []
243
243
  extra_rdoc_files: []
244
244
  files:
245
- - ".github/workflows/codeql-analysis.yml"
246
245
  - ".github/workflows/ruby.yml"
247
246
  - ".gitignore"
248
247
  - ".rspec"
@@ -1,70 +0,0 @@
1
- # For most projects, this workflow file will not need changing; you simply need
2
- # to commit it to your repository.
3
- #
4
- # You may wish to alter this file to override the set of languages analyzed,
5
- # or to provide custom queries or build logic.
6
- #
7
- # ******** NOTE ********
8
- # We have attempted to detect the languages in your repository. Please check
9
- # the `language` matrix defined below to confirm you have the correct set of
10
- # supported CodeQL languages.
11
- #
12
- name: "CodeQL"
13
-
14
- on:
15
- push:
16
- branches: [ master ]
17
- pull_request:
18
- # The branches below must be a subset of the branches above
19
- branches: [ master ]
20
- schedule:
21
- - cron: '17 4 * * 0'
22
-
23
- jobs:
24
- analyze:
25
- name: Analyze
26
- runs-on: ubuntu-latest
27
- permissions:
28
- actions: read
29
- contents: read
30
- security-events: write
31
-
32
- strategy:
33
- fail-fast: false
34
- matrix:
35
- language: [ 'ruby' ]
36
- # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
37
- # Learn more about CodeQL language support at https://git.io/codeql-language-support
38
-
39
- steps:
40
- - name: Checkout repository
41
- uses: actions/checkout@v2
42
-
43
- # Initializes the CodeQL tools for scanning.
44
- - name: Initialize CodeQL
45
- uses: github/codeql-action/init@v1
46
- with:
47
- languages: ${{ matrix.language }}
48
- # If you wish to specify custom queries, you can do so here or in a config file.
49
- # By default, queries listed here will override any specified in a config file.
50
- # Prefix the list here with "+" to use these queries and those in the config file.
51
- # queries: ./path/to/local/query, your-org/your-repo/queries@main
52
-
53
- # Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
54
- # If this step fails, then you should remove it and run the build manually (see below)
55
- - name: Autobuild
56
- uses: github/codeql-action/autobuild@v1
57
-
58
- # ℹ️ Command-line programs to run using the OS shell.
59
- # 📚 https://git.io/JvXDl
60
-
61
- # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
62
- # and modify them (or add more) to build your code if your project
63
- # uses a compiled language
64
-
65
- #- run: |
66
- # make bootstrap
67
- # make release
68
-
69
- - name: Perform CodeQL Analysis
70
- uses: github/codeql-action/analyze@v1