Skip to content
Open
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
75 changes: 14 additions & 61 deletions .github/workflows/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -79,69 +79,22 @@ jobs:

echo "NEW_TAG=$NEW_TAG" >> $GITHUB_ENV

- name: Create GitHub Release
id: create_release
if: github.event_name == 'push'
uses: actions/create-release@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
tag_name: ${{ env.NEW_TAG }}
release_name: TCASVS ${{ env.NEW_TAG }}
draft: false
prerelease: false

- name: Upload PDF
if: github.event_name == 'push'
uses: actions/upload-release-asset@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
upload_url: ${{ steps.create_release.outputs.upload_url }}
asset_path: ./5.0/dist/OWASP_Thick_Client_Application_Security_Verification_Standard_5.0.0_en.pdf
asset_name: TCASVS-${{ env.NEW_TAG }}.pdf
asset_content_type: application/pdf

- name: Upload DOCX
if: github.event_name == 'push'
uses: actions/upload-release-asset@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
upload_url: ${{ steps.create_release.outputs.upload_url }}
asset_path: ./5.0/dist/OWASP_Thick_Client_Application_Security_Verification_Standard_5.0.0_en.docx
asset_name: TCASVS-${{ env.NEW_TAG }}.docx
asset_content_type: application/vnd.openxmlformats-officedocument.wordprocessingml.document

- name: Upload JSON
if: github.event_name == 'push'
uses: actions/upload-release-asset@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
upload_url: ${{ steps.create_release.outputs.upload_url }}
asset_path: ./5.0/dist/OWASP_Thick_Client_Application_Security_Verification_Standard_5.0.0_en.json
asset_name: TCASVS-${{ env.NEW_TAG }}.json
asset_content_type: application/json

- name: Upload CSV
- name: Stage release assets
if: github.event_name == 'push'
uses: actions/upload-release-asset@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
upload_url: ${{ steps.create_release.outputs.upload_url }}
asset_path: ./5.0/dist/OWASP_Thick_Client_Application_Security_Verification_Standard_5.0.0_en.csv
asset_name: TCASVS-${{ env.NEW_TAG }}.csv
asset_content_type: text/csv
run: |
mkdir -p release-assets
cp ./5.0/dist/OWASP_Thick_Client_Application_Security_Verification_Standard_5.0.0_en.pdf release-assets/TCASVS-${{ env.NEW_TAG }}.pdf
cp ./5.0/dist/OWASP_Thick_Client_Application_Security_Verification_Standard_5.0.0_en.docx release-assets/TCASVS-${{ env.NEW_TAG }}.docx
cp ./5.0/dist/OWASP_Thick_Client_Application_Security_Verification_Standard_5.0.0_en.json release-assets/TCASVS-${{ env.NEW_TAG }}.json
cp ./5.0/dist/OWASP_Thick_Client_Application_Security_Verification_Standard_5.0.0_en.csv release-assets/TCASVS-${{ env.NEW_TAG }}.csv
cp ./5.0/dist/OWASP_Thick_Client_Application_Security_Verification_Standard_5.0.0_en.cdx.json release-assets/TCASVS-${{ env.NEW_TAG }}.cdx.json
Comment on lines +86 to +90

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@matreurai - I was concerned about this interpolation too, so asked for a Copilot review.

Could you take a look and see what you think of it's suggestion please. I'm asking as IDK if you had to do it the way that you did in the PR or not?

Plus, my feeling is that even if risk is low, we should tighten up anyway (as a general rule)?


- name: Upload CycloneDX
- name: Create GitHub Release
if: github.event_name == 'push'
uses: actions/upload-release-asset@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
upload_url: ${{ steps.create_release.outputs.upload_url }}
asset_path: ./5.0/dist/OWASP_Thick_Client_Application_Security_Verification_Standard_5.0.0_en.cdx.json
asset_name: TCASVS-${{ env.NEW_TAG }}.cdx.json
asset_content_type: application/json
run: |
gh release create "${{ env.NEW_TAG }}" \
--title "TCASVS ${{ env.NEW_TAG }}" \
--notes "Automated release ${{ env.NEW_TAG }}" \
release-assets/*
Comment on lines +97 to +100