chore: add github action for semgrep to run security scans in monitoring mode #264
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
SokratisVidros
approved these changes
Feb 23, 2024
|
@zythosec Would you be able to open a similar PR against the Pretty soon Thanks! |
braden-clerk
pushed a commit
that referenced
this pull request
Jan 7, 2025
* chore: Remove the Github PR template (#211) (#212) The PR template is probably not needed. * feat: Ability to configure a SAML Connection via IdP Metadata URL Some IdP providers, expose a metadata url which contains all their necessary information in order to configure an integration. We update our SAML Connection Create & Update operations to accept this new url as the 'idp_metadata_url' property * fix: Add URL to actor token responses (#217) Added the ActorTokenResponse.URL field. * feat: Support define SAML Connection Attribute mapping As part of the SAML Connection Create and Update operations, allow to define the attribute mapping of IdP properties to Clerk's user properties * feat: Add create session token given a template slug endpoint * feat: Introduce 'allow_subdomains' SAML Connection property We now expose a new property 'allow_subdomains' as part of the SAML Connection response. You can also define it during the Update operation. Default value is false * feat: Introduce 'allow_idp_initiated' SAML Connection property We now expose a new property 'allow_idp_initiated' as part of the SAML Connection response. You can also define it during the Update operation. Default value is false * chore: add github action for semgrep to run security scans in monitoring mode (#264) * feat: Allow SAML Connection configuration with IdP Metadata Our SAML Connection Create/Update operations now accepts a new optional property 'IdpMetadata' which you can use in order to configure an IdP using the metadata file. If provided, we also include it in the response as well * feat: Add `external_account_id` to OAuth access token response (#274) * feat: Support reply to email name for templates * chore: Update CODEOWNERS * docs: changing clerk hiring page * Add IgnoreDotsForGmailAddresses on SDK restriction resource (#291) * feat: add IgnoreDotsForGmailAddresses restriction on sdk * test: IgnoreDotsForGmailAddresses restriction * feat: Add SAMLAccounts for users (#299) Backporting the SAMLAccounts field on the User struct for v1. * sessions.go: Fix typo in tokens url for CreateTokenFromTemplate This URL can be found here: https://clerk.com/docs/reference/backend-api/tag/Sessions#operation/CreateSessionTokenFromTemplate * sessions_test.go: Update CreateTokenFromTemplate URL for integration tests * chore: merge * chore(commerce): revert accidental merge with wrong branch * chore(commerce): more reverts for bad merge * feat(commerce): add features to plan * feat(commerce): feature responses * feat(commerce): feature inputs * fix(commerce): add missing fields * feat(commerce): delete plan feature ids * fix(commerce): update params name * fix for deleting PlanFeatures * feat(commerce): add payee types * fix(commerce): fix payees package name * update some payee types * feat(commerce): add payers * feat(commerce): add payment sources * feat(commerce): payment source params * fix(commerce): single feature create * fix(commerce): change to payer * add is_free to plan * feat(commerce): missing fields * feat(commerce): string dates to ms --------- Co-authored-by: Giannis Katsanos <[email protected]> Co-authored-by: Haris Chaniotakis <[email protected]> Co-authored-by: Roberto Garcia Navarro <[email protected]> Co-authored-by: Ross Nanopoulos <[email protected]> Co-authored-by: Konstantinos Pittas <[email protected]> Co-authored-by: Mary Zhong <[email protected]> Co-authored-by: pedroimpulcetto <[email protected]> Co-authored-by: nicolas lopes <[email protected]> Co-authored-by: Shashank Verma <[email protected]> Co-authored-by: Michael Osuna Jr <[email protected]> Co-authored-by: Keiran Flanigan <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Add semgrep in monitoring mode to scan for security issues in the background such as: