Release v2.3.1 (#281)

step-security · Apr 19, 2023 · 6b3083a · 6b3083a
1 parent 910b327
commit 6b3083a
Show file tree

Hide file tree

Showing 15 changed files with 340 additions and 167 deletions.
diff --git a/README.md b/README.md
@@ -1,7 +1,7 @@
 <p align="center">
 <picture>
   <source media="(prefers-color-scheme: light)" srcset="images/banner.png" width="400">
-  <img src="images/banner.png" width="400">
+  <img alt="Dark Banner" src="images/banner-dark.png" width="400">
 </picture>
 </p>
 
@@ -57,7 +57,7 @@ Read this [case study](https://infosecwriteups.com/detecting-malware-packages-in
       <img src="images/buildlog1.png" alt="Link in build log" >
     </p>
 
-3. Click on the link ([example link](https://app.stepsecurity.io/github/ossf/scorecard/actions/runs/2265028928)). You will see a process monitor view of file and network activities correlated with each step of the job.
+3. Click on the link ([example link](https://app.stepsecurity.io/github/ossf/scorecard/actions/runs/2265028928)). You will see a process monitor view of file and network activities correlated with each step of the job. These insights hold significant value for forensic investigations, proving crucial in the event of an incident.
 
     <p align="left">
       <img src="images/insights2.png" alt="Insights from harden-runner" >

diff --git a/dist/index.js b/dist/index.js
diff --git a/dist/index.js.map b/dist/index.js.map
diff --git a/dist/post/index.js b/dist/post/index.js
diff --git a/dist/post/index.js.map b/dist/post/index.js.map
diff --git a/dist/pre/index.js b/dist/pre/index.js
diff --git a/dist/pre/index.js.map b/dist/pre/index.js.map
diff --git a/images/banner-dark.png b/images/banner-dark.png
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "step-security-harden-runner",
-  "version": "2.3.0",
+  "version": "2.3.1",
   "description": "Security agent for GitHub-hosted runner to monitor the build process",
   "main": "index.js",
   "scripts": {

diff --git a/src/common.test.ts b/src/common.test.ts
@@ -3,8 +3,11 @@ import * as cp from "child_process";
 
 test("adding stepsecurity summary in github_summary", async () => {
   let expected = `<hr>
-<img src="https://github.com/step-security/harden-runner/raw/main/images/banner.png" alt="StepSecurity Harden-Runner" width="200">
-<a href="https://app.stepsecurity.io/github/step-security/test/actions/runs/12345">View security insights and recommended policy</a>
+<p><picture>
+          <source media=\"(prefers-color-scheme: light)\" srcset=\"https://github.com/step-security/harden-runner/raw/main/images/banner.png\" width=\"200\">
+          <img alt=\"Dark Banner\" src=\"https://github.com/step-security/harden-runner/raw/main/images/banner-dark.png\" width=\"200\">
+        </picture></p>
+<a href=\"https://app.stepsecurity.io/github/step-security/test/actions/runs/12345\">View security insights and recommended policy</a>
 <hr>
 `;
 
@@ -22,5 +25,4 @@ test("adding stepsecurity summary in github_summary", async () => {
   cp.execSync(`rm ${github_summary}`);
 
   expect(output).toMatch(expected);
-
-});
+});
diff --git a/src/common.ts b/src/common.ts
@@ -16,10 +16,12 @@ export async function addSummary() {
 
     await core.summary
       .addSeparator()
-      .addImage(
-        "https://github.com/step-security/harden-runner/raw/main/images/banner.png",
-        "StepSecurity Harden-Runner",
-        { width: "200" }
+      .addRaw(
+        `<p><picture>
+          <source media="(prefers-color-scheme: light)" srcset="https://github.com/step-security/harden-runner/raw/main/images/banner.png" width="200">
+          <img alt="Dark Banner" src="https://github.com/step-security/harden-runner/raw/main/images/banner-dark.png" width="200">
+        </picture></p>`,
+        true
       )
       .addLink("View security insights and recommended policy", insights_url)
       .addSeparator()

diff --git a/src/interfaces.ts b/src/interfaces.ts
@@ -9,7 +9,6 @@ export interface Configuration {
   disable_telemetry: boolean;
   disable_sudo: boolean;
   disable_file_monitoring: boolean;
-  private: string;
 }
 
 export interface PolicyResponse {

diff --git a/src/policy-utils.test.ts b/src/policy-utils.test.ts
@@ -18,7 +18,7 @@ test("success: fetching policy", async () => {
     .get(`/github/${owner}/actions/policies/${policyName}`)
     .reply(200, response);
 
-  let idToken = "xyz"; 
+  let idToken = "xyz";
   let policy = await fetchPolicy(owner, policyName, idToken);
   console.log(policy);
   expect(policy).toStrictEqual(response);
@@ -36,7 +36,6 @@ test("merge configs", async () => {
     disable_telemetry: false,
     disable_sudo: false,
     disable_file_monitoring: false,
-    private: "true",
   };
   let policyResponse: PolicyResponse = {
     owner: "h0x0er",
@@ -59,7 +58,6 @@ test("merge configs", async () => {
     disable_telemetry: false,
     disable_sudo: false,
     disable_file_monitoring: false,
-    private: "true",
   };
 
   localConfig = mergeConfigs(localConfig, policyResponse);

diff --git a/src/setup.ts b/src/setup.ts
@@ -50,7 +50,6 @@ import * as utils from '@actions/cache/lib/internal/cacheUtils'
       disable_telemetry: core.getBooleanInput("disable-telemetry"),
       disable_sudo: core.getBooleanInput("disable-sudo"),
       disable_file_monitoring: core.getBooleanInput("disable-file-monitoring"),
-      private: context.payload.repository.private,
     };
 
     let policyName = core.getInput("policy");