Conversation
Codecov ReportPatch and project coverage have no change.
❗ Your organization is not using the GitHub App Integration. As a result you may experience degraded service beginning May 15th. Please install the Github App Integration for your organization. Read more. Additional details and impacted files@@ Coverage Diff @@
## main #332 +/- ##
=======================================
Coverage 60.15% 60.15%
=======================================
Files 3 3
Lines 128 128
Branches 30 30
=======================================
Hits 77 77
Misses 46 46
Partials 5 5 ☔ View full report in Codecov by Sentry. |
step-security-bot
left a comment
step-security-bot
left a comment
There was a problem hiding this comment.
Please find StepSecurity AI-CodeWise code comments inline or below.
dist/pre/index.js
Please refer to 1 inline comments.
package.json
Please refer to 1 inline comments.
Feedback
We appreciate your feedback in helping us improve the service! To provide feedback, please use emojis on this comment. If you find a comment helpful, give it a 👍. If they aren't useful, kindly express that with a 👎. If you have questions or detailed feedback, please create n GitHub issue in StepSecurity/AI-CodeWise.
| .update(fileBuffer) | ||
| .digest("hex"); // checksum of downloaded file | ||
| const expectedChecksum = "79cc2df62f6eba9ab4ceadbbdfca4d20ef5b14e1439a98eaa559142b8dd61aac"; // checksum for v0.13.4 | ||
| const expectedChecksum = "ceb925c78e5c79af4f344f08f59bbdcf3376d20d15930a315f9b24b6c4d0328a"; // checksum for v0.13.5 |
There was a problem hiding this comment.
[Medium]Update expectedChecksum for v0.13.5
The expectedChecksum variable appears to still be set for version v0.13.4, which may cause issues in the future as versions are updated. Update the value of the expectedChecksum variable to match the checksum for version v0.13.5.
| { | ||
| "name": "step-security-harden-runner", | ||
| "version": "2.4.1", | ||
| "version": "2.5.1", |
There was a problem hiding this comment.
[High]Use semantic versioning in version field
The version field in package.json does not use semantic versioning, which makes it difficult to determine the type of changes made in a new version. Semantic versioning should be used to make releases more transparent. Change the version field from '2.5.1' to a semantic versioning format, i.e. 'MAJOR.MINOR.PATCH'
4 participants
No description provided.