-
Notifications
You must be signed in to change notification settings - Fork 527
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[ci] Use compliance stage template (#7818)
Context: https://github.com/xamarin/yaml-templates/blob/b186f6181c088c34bbf5dd210a343598f3e45489/security/full/v0.yml Updates our compliance stage to use the universal compliance template, ensuring that we run all required tasks and their latest versions. The `policheck-rules-db.mdb` file has been replaced with `.gdnsuppress` files, which are generated by the compliance build. These files provide a more convenient way to exclude specific "invalid" PoliCheck failures. If a new PoliCheck failure arises in the future that should be excluded, we can copy the entry for it from the `.gdnsuppress` file produced by the build and add it to the file we have in our sources.
- Loading branch information
Showing
8 changed files
with
312 additions
and
64 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
{ | ||
"version": "latest", | ||
"suppressionSets": { | ||
"default": { | ||
"name": "default", | ||
"createdDate": "2023-02-24 00:05:39Z", | ||
"lastUpdatedDate": "2023-02-24 00:05:39Z" | ||
} | ||
}, | ||
"results": { | ||
"04910d714a13bf4523ffa77350f654f52114fa4fa3d760c9f63186d41716c019": { | ||
"signature": "04910d714a13bf4523ffa77350f654f52114fa4fa3d760c9f63186d41716c019", | ||
"alternativeSignatures": [], | ||
"target": "Localize/loc/zh-Hant/src/Xamarin.Android.Build.Tasks/Properties/Resources.resx.lcl", | ||
"memberOf": [ | ||
"default" | ||
], | ||
"tool": "policheck", | ||
"ruleId": "64550", | ||
"justification": "Reference to the Android package format APK.", | ||
"createdDate": "2023-02-24 00:05:39Z", | ||
"expirationDate": null, | ||
"type": null | ||
} | ||
} | ||
} |
File renamed without changes.
7 changes: 5 additions & 2 deletions
7
...-tools/automation/PoliCheckExclusions.xml → ...omation/guardian/PoliCheck.Exclusions.xml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,10 +1,13 @@ | ||
<PoliCheckExclusions> | ||
<!-- Each of these exclusions is a folder name - if \[name]\ exists in the file path, it will be skipped --> | ||
<Exclusion Type="FolderPathFull">NREFACTORY</Exclusion> | ||
<Exclusion Type="FolderPathFull">LICENSE-DATA|NREFACTORY|LOCALIZE</Exclusion> | ||
<!-- Each of these exclusions is a folder name - if any folder or file starts with "\[name]", it will be skipped --> | ||
<!--<Exclusion Type="FolderPathStart">ABC|XYZ</Exclusion>--> | ||
<!-- Each of these file types will be completely skipped for the entire scan --> | ||
<!--<Exclusion Type="FileType">.ABC|.XYZ</Exclusion>--> | ||
<!-- The specified file names will be skipped during the scan regardless which folder they are in --> | ||
<Exclusion Type="FileName">REMAINING-INT-CONSTS.TXT|TAIWANCALENDAR.XML|XAMARIN-ANDROID-SDK-9.XML|SQLITE3.C|MAP.CSV</Exclusion> | ||
<Exclusion Type="FileName">REMAINING-INT-CONSTS.TXT|TAIWANCALENDAR.XML|XAMARIN-ANDROID-SDK-9.XML|SQLITE3.C|MAP.CSV|METHODMAP.EXT.CSV|EXTERNALWHITELIST.CSV|SYMBOLARCHIVEWHITELIST.CSV|POLICHECK.EXCLUSIONS.xml | ||
|API-10.PARAMS.TXT|API-15.PARAMS.TXT|API-16.PARAMS.TXT|API-17.PARAMS.TXT|API-18.PARAMS.TXT|API-19.PARAMS.TXT|API-20.PARAMS.TXT|API-21.PARAMS.TXT|API-22.PARAMS.TXT|API-23.PARAMS.TXT|API-24.PARAMS.TXT | ||
|API-25.PARAMS.TXT|API-26.PARAMS.TXT|API-27.PARAMS.TXT|API-28.PARAMS.TXT|API-29.PARAMS.TXT|API-30.PARAMS.TXT|API-31.PARAMS.TXT|API-32.PARAMS.TXT|API-33.PARAMS.TXT | ||
</Exclusion> | ||
</PoliCheckExclusions> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,236 @@ | ||
{ | ||
"version": "latest", | ||
"suppressionSets": { | ||
"default": { | ||
"name": "default", | ||
"createdDate": "2023-02-22 23:55:29Z", | ||
"lastUpdatedDate": "2023-02-22 23:55:29Z" | ||
} | ||
}, | ||
"results": { | ||
"5a0a8690d8a06dfdbf6002c67fa64a60a94f3fc77a594034cce20382e88002aa": { | ||
"signature": "5a0a8690d8a06dfdbf6002c67fa64a60a94f3fc77a594034cce20382e88002aa", | ||
"alternativeSignatures": [], | ||
"target": "src/Xamarin.Android.Build.Tasks/Xamarin.Android.Build.Tasks.csproj", | ||
"memberOf": [ | ||
"default" | ||
], | ||
"tool": "policheck", | ||
"ruleId": "79459", | ||
"justification": "Reference to an external source file.", | ||
"createdDate": "2023-02-22 23:55:29Z", | ||
"expirationDate": null, | ||
"type": null | ||
}, | ||
"1b319055b8e507b220d0dab341e67e20f49632fd1844a08a4fcc6d4493930ac5": { | ||
"signature": "1b319055b8e507b220d0dab341e67e20f49632fd1844a08a4fcc6d4493930ac5", | ||
"alternativeSignatures": [], | ||
"target": "src/Xamarin.Android.Build.Tasks/Xamarin.Android.Build.Tasks.csproj", | ||
"memberOf": [ | ||
"default" | ||
], | ||
"tool": "policheck", | ||
"ruleId": "79459", | ||
"justification": "Reference to an external source file.", | ||
"createdDate": "2023-02-22 23:55:29Z", | ||
"expirationDate": null, | ||
"type": null | ||
}, | ||
"6789cab1bdc97b0cc3ad057b7fdd21d63cdf8bc2679391923803fa240ef81292": { | ||
"signature": "6789cab1bdc97b0cc3ad057b7fdd21d63cdf8bc2679391923803fa240ef81292", | ||
"alternativeSignatures": [], | ||
"target": "Documentation/guides/building-apps/build-properties.md", | ||
"memberOf": [ | ||
"default" | ||
], | ||
"tool": "policheck", | ||
"ruleId": "185843", | ||
"justification": "Reference to an ISCII term.", | ||
"createdDate": "2023-02-22 23:55:29Z", | ||
"expirationDate": null, | ||
"type": null | ||
}, | ||
"bbaf5f946cb72748567e41f0df5f1bae05550f4ba7381e21ec6b26d6c3ecec9f": { | ||
"signature": "bbaf5f946cb72748567e41f0df5f1bae05550f4ba7381e21ec6b26d6c3ecec9f", | ||
"alternativeSignatures": [], | ||
"target": "Documentation/guides/building-apps/build-properties.md", | ||
"memberOf": [ | ||
"default" | ||
], | ||
"tool": "policheck", | ||
"ruleId": "185837", | ||
"justification": "Reference to an ISCII term.", | ||
"createdDate": "2023-02-22 23:55:29Z", | ||
"expirationDate": null, | ||
"type": null | ||
}, | ||
"db8916a0f0cdca4082c540921dd362e09a9ff413862ab826308411b76ee35789": { | ||
"signature": "db8916a0f0cdca4082c540921dd362e09a9ff413862ab826308411b76ee35789", | ||
"alternativeSignatures": [], | ||
"target": "src/Mono.Android/Android.Util/Log.cs", | ||
"memberOf": [ | ||
"default" | ||
], | ||
"tool": "policheck", | ||
"ruleId": "80418", | ||
"justification": "Reference to an Android logging function.", | ||
"createdDate": "2023-02-22 23:55:29Z", | ||
"expirationDate": null, | ||
"type": null | ||
}, | ||
"58fab4dfef38677720e955e546a6af108332c65daafb0d043ad9d93442300a30": { | ||
"signature": "58fab4dfef38677720e955e546a6af108332c65daafb0d043ad9d93442300a30", | ||
"alternativeSignatures": [], | ||
"target": "src/Mono.Android/Android.Util/Log.cs", | ||
"memberOf": [ | ||
"default" | ||
], | ||
"tool": "policheck", | ||
"ruleId": "80418", | ||
"justification": "Reference to an Android logging function.", | ||
"createdDate": "2023-02-22 23:55:29Z", | ||
"expirationDate": null, | ||
"type": null | ||
}, | ||
"b07e75fc8a506b94690dbd06877da06c1228e40e7deda3967f6b882b842f726d": { | ||
"signature": "b07e75fc8a506b94690dbd06877da06c1228e40e7deda3967f6b882b842f726d", | ||
"alternativeSignatures": [], | ||
"target": "src/Mono.Android/Android.Util/Log.cs", | ||
"memberOf": [ | ||
"default" | ||
], | ||
"tool": "policheck", | ||
"ruleId": "80418", | ||
"justification": "Reference to an Android logging function.", | ||
"createdDate": "2023-02-22 23:55:29Z", | ||
"expirationDate": null, | ||
"type": null | ||
}, | ||
"87d8313310c2dd42021844b95bdcb9121bf10036fea5b212b945e0732a456e5a": { | ||
"signature": "87d8313310c2dd42021844b95bdcb9121bf10036fea5b212b945e0732a456e5a", | ||
"alternativeSignatures": [], | ||
"target": "src/Mono.Android/Android.Util/Log.cs", | ||
"memberOf": [ | ||
"default" | ||
], | ||
"tool": "policheck", | ||
"ruleId": "80418", | ||
"justification": "Reference to an Android logging function.", | ||
"createdDate": "2023-02-22 23:55:29Z", | ||
"expirationDate": null, | ||
"type": null | ||
}, | ||
"8e5400e0233c8d887ad48bd8a48e8a7be5a579f9eefad521419b6df0828bbfac": { | ||
"signature": "8e5400e0233c8d887ad48bd8a48e8a7be5a579f9eefad521419b6df0828bbfac", | ||
"alternativeSignatures": [], | ||
"target": "src/Mono.Android/Android.Util/Log.cs", | ||
"memberOf": [ | ||
"default" | ||
], | ||
"tool": "policheck", | ||
"ruleId": "80418", | ||
"justification": "Reference to an Android logging function.", | ||
"createdDate": "2023-02-22 23:55:29Z", | ||
"expirationDate": null, | ||
"type": null | ||
}, | ||
"06af52be6b6f87455b1db2eb6e631e783f1dacaf607c9b5f34cdee669992c8b5": { | ||
"signature": "06af52be6b6f87455b1db2eb6e631e783f1dacaf607c9b5f34cdee669992c8b5", | ||
"alternativeSignatures": [], | ||
"target": "src/Mono.Android/Android.Util/Log.cs", | ||
"memberOf": [ | ||
"default" | ||
], | ||
"tool": "policheck", | ||
"ruleId": "80418", | ||
"justification": "Reference to an Android logging function.", | ||
"createdDate": "2023-02-22 23:55:29Z", | ||
"expirationDate": null, | ||
"type": null | ||
}, | ||
"a2b4d032c59a9d1211d218c3cd550cf8febb369941d70284d07d03ebee855bc0": { | ||
"signature": "a2b4d032c59a9d1211d218c3cd550cf8febb369941d70284d07d03ebee855bc0", | ||
"alternativeSignatures": [], | ||
"target": "src/monodroid/jni/logger.cc", | ||
"memberOf": [ | ||
"default" | ||
], | ||
"tool": "policheck", | ||
"ruleId": "79668", | ||
"justification": "Reference to find first set bit function.", | ||
"createdDate": "2023-02-22 23:55:29Z", | ||
"expirationDate": null, | ||
"type": null | ||
}, | ||
"1c87b45a6044d205dc3f3562f349c238f7cabe22b4609da762df9dc44151e9fb": { | ||
"signature": "1c87b45a6044d205dc3f3562f349c238f7cabe22b4609da762df9dc44151e9fb", | ||
"alternativeSignatures": [], | ||
"target": "src/monodroid/jni/logger.cc", | ||
"memberOf": [ | ||
"default" | ||
], | ||
"tool": "policheck", | ||
"ruleId": "79668", | ||
"justification": "Reference to find first set bit function.", | ||
"createdDate": "2023-02-22 23:55:29Z", | ||
"expirationDate": null, | ||
"type": null | ||
}, | ||
"a6639098c4785509a4215c9e2fc10f82c06fce461915dc11a00227ddec558845": { | ||
"signature": "a6639098c4785509a4215c9e2fc10f82c06fce461915dc11a00227ddec558845", | ||
"alternativeSignatures": [], | ||
"target": "src/monodroid/jni/logger.cc", | ||
"memberOf": [ | ||
"default" | ||
], | ||
"tool": "policheck", | ||
"ruleId": "79668", | ||
"justification": "Reference to find first set bit function.", | ||
"createdDate": "2023-02-22 23:55:29Z", | ||
"expirationDate": null, | ||
"type": null | ||
}, | ||
"d6b3df0b1d35cb4acec6a954acc145c9ec22041cd463b94ff080682c65a9bd62": { | ||
"signature": "d6b3df0b1d35cb4acec6a954acc145c9ec22041cd463b94ff080682c65a9bd62", | ||
"alternativeSignatures": [], | ||
"target": "src/monodroid/jni/logger.cc", | ||
"memberOf": [ | ||
"default" | ||
], | ||
"tool": "policheck", | ||
"ruleId": "79668", | ||
"justification": "Reference to find first set bit function.", | ||
"createdDate": "2023-02-22 23:55:29Z", | ||
"expirationDate": null, | ||
"type": null | ||
}, | ||
"b34b42aa41018376a31460c142f2ae910704725d9e9a4470f92b587df682369b": { | ||
"signature": "b34b42aa41018376a31460c142f2ae910704725d9e9a4470f92b587df682369b", | ||
"alternativeSignatures": [], | ||
"target": "src/Xamarin.Android.Build.Tasks/Tasks/Aapt2.cs", | ||
"memberOf": [ | ||
"default" | ||
], | ||
"tool": "policheck", | ||
"ruleId": "80411", | ||
"justification": "Reference to output from an external tool.", | ||
"createdDate": "2023-02-22 23:55:29Z", | ||
"expirationDate": null, | ||
"type": null | ||
}, | ||
"75474fa652dbbf8f96826100a5fe37ba686a032ca07d61ef68a79c8e4412c150": { | ||
"signature": "75474fa652dbbf8f96826100a5fe37ba686a032ca07d61ef68a79c8e4412c150", | ||
"alternativeSignatures": [], | ||
"target": "src/Xamarin.Android.Build.Tasks/Linker/MonoDroid.Tuner/Linker.cs", | ||
"memberOf": [ | ||
"default" | ||
], | ||
"tool": "policheck", | ||
"ruleId": "79459", | ||
"justification": "Reference to an external source file.", | ||
"createdDate": "2023-02-22 23:55:29Z", | ||
"expirationDate": null, | ||
"type": null | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
{ | ||
"codebaseName": "xamarin.android_main", | ||
"notificationAliases": [ | ||
"dotnet-android-eng@microsoft.com" | ||
], | ||
"instanceUrl": "https://devdiv.visualstudio.com/", | ||
"projectName": "DevDiv", | ||
"areaPath": "DevDiv\\VS Client - Runtime SDKs\\Android", | ||
"iterationPath": "DevDiv", | ||
"allTools": true | ||
} |
Binary file not shown.
Oops, something went wrong.