diff --git a/.github/workflows/linter.yml b/.github/workflows/linter.yml index 4573e30..53c517d 100644 --- a/.github/workflows/linter.yml +++ b/.github/workflows/linter.yml @@ -1,10 +1,6 @@ name: Linter on: - push: - branches: - - main - - develop pull_request: branches: - main diff --git a/.github/workflows/zarn.yml b/.github/workflows/zarn.yml index 5f077c2..ebe7464 100644 --- a/.github/workflows/zarn.yml +++ b/.github/workflows/zarn.yml @@ -1,12 +1,8 @@ name: ZARN SAST on: - push: - branches: [ "main", "develop" ] pull_request: branches: [ "main", "develop" ] - schedule: - - cron: '28 23 * * 1' jobs: zarn: diff --git a/.perlcriticrc b/.perlcriticrc index efe23bc..510b783 100644 --- a/.perlcriticrc +++ b/.perlcriticrc @@ -1,4 +1,4 @@ -severity = 2 +severity = 3 [-TestingAndDebugging::RequireUseStrict] [-TestingAndDebugging::RequireUseWarnings] diff --git a/cpanfile b/cpanfile index 13ccd9a..fa884d9 100644 --- a/cpanfile +++ b/cpanfile @@ -1,6 +1,6 @@ requires "Getopt::Long", "2.54"; requires "Mojo::UserAgent"; -requires "Mojo::JSON"; +requires "JSON"; requires "DateTime"; requires "DateTime::Format::ISO8601"; diff --git a/lib/Sentra/Engine/DependabotMetrics.pm b/lib/Sentra/Engine/DependabotMetrics.pm index 4628e2a..40267c6 100644 --- a/lib/Sentra/Engine/DependabotMetrics.pm +++ b/lib/Sentra/Engine/DependabotMetrics.pm @@ -11,13 +11,12 @@ package Sentra::Engine::DependabotMetrics { my $userAgent = Sentra::Utils::UserAgent -> new($token); my @repositories_list = Sentra::Utils::Repositories_List -> new($org, $token); - my $output = ""; - my $total_alerts = 0; - + my $output = ""; + my $total_alerts = 0; my %severity_count = ( - low => 0, - medium => 0, - high => 0, + low => 0, + medium => 0, + high => 0, critical => 0 ); diff --git a/lib/Sentra/Engine/SearchFiles.pm b/lib/Sentra/Engine/SearchFiles.pm index a9156c5..0b1da57 100644 --- a/lib/Sentra/Engine/SearchFiles.pm +++ b/lib/Sentra/Engine/SearchFiles.pm @@ -11,14 +11,17 @@ package Sentra::Engine::SearchFiles { my $output = ''; my $userAgent = Sentra::Utils::UserAgent -> new($token); my @repositories_list = Sentra::Utils::Repositories_List -> new($org, $token); - + my @files = (".github/dependabot.yml"); + foreach my $repository (@repositories_list) { - my $dependabot_url = "https://api.github.com/repos/$repository/contents/.github/dependabot.yaml"; - my $request = $userAgent -> get($dependabot_url); - - if ($request -> code == 404) { - $output .= "The dependabot.yml file was not found in this repository: https://github.com/$repository\n"; - } + foreach my $file (@files) { + my $dependabot_url = "https://api.github.com/repos/$repository/contents/$file"; + my $request = $userAgent -> get($dependabot_url); + + if ($request -> code == 404) { + $output .= "The $file file was not found in this repository: https://github.com/$repository\n"; + } + } } return $output; diff --git a/lib/Sentra/Engine/SlackWebhook.pm b/lib/Sentra/Engine/SlackWebhook.pm index 04fd86d..0d0dc2a 100644 --- a/lib/Sentra/Engine/SlackWebhook.pm +++ b/lib/Sentra/Engine/SlackWebhook.pm @@ -2,13 +2,13 @@ package Sentra::Engine::SlackWebhook { use strict; use warnings; use Mojo::UserAgent; - use Mojo::JSON qw(encode_json); + use JSON; sub new { my ($class, $message, $webhook) = @_; my $userAgent = Mojo::UserAgent -> new(); - my $payload = encode_json({text => $message}); + my $payload = encode_json({ text => $message }); my $text = $userAgent -> post($webhook => { 'Content-Type' => 'application/json' diff --git a/lib/Sentra/Utils/Helper.pm b/lib/Sentra/Utils/Helper.pm index efeff35..9233ca6 100644 --- a/lib/Sentra/Utils/Helper.pm +++ b/lib/Sentra/Utils/Helper.pm @@ -3,19 +3,21 @@ package Sentra::Utils::Helper { use warnings; sub new { - return " - \rSentra v0.0.3 - \rCore Commands - \r============== - \r\tCommand Description - \r\t------- ----------- - \r\t-o, --org Specify the name of the organization - \r\t-t, --token Set the GitHub Token to use during actions - \r\t-mt, --maintained Get alerts about repositories with a last commit date greater than 90 days old - \r\t-d, --dependency Check if repositories has dependabot.yaml file - \r\t-M, --metrics See some metrics based on GHAS - \r\t-w, --webhook Set the webhook address for Slack - \r\t-m, --message Message to send via Slack webhook\n\n"; + return join("\n", + "Sentra v0.0.3", + "Core Commands", + " ==============", + " Command Description", + " ------- -----------", + " -o, --org Specify the name of the organization", + " -t, --token Set the GitHub Token to use during actions", + " -mt, --maintained Get alerts about repositories with a last commit date greater than 90 days old", + " -d, --dependency Check if repositories has dependabot.yaml file", + " -M, --metrics See some metrics based on GHAS", + " -w, --webhook Set the webhook address for Slack", + " -m, --message Message to send via Slack webhook", + "" + ); } } diff --git a/sentra.pl b/sentra.pl index 350e0a7..7bc4305 100644 --- a/sentra.pl +++ b/sentra.pl @@ -40,7 +40,11 @@ sub main { } if ($webhook && $message) { - return Sentra::Engine::SlackWebhook -> new($message, $webhook) -> send(); + my $send = Sentra::Engine::SlackWebhook -> new($message, $webhook); + + if ($send) { + return 0; + } } if ($help) {