-
Notifications
You must be signed in to change notification settings - Fork 21
Move scripts to their own directory #33
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Changes from 5 commits
c518603
51dd8dd
263712d
8e2ec44
9f8fc90
434df1c
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,16 @@ | ||
| #!/bin/bash | ||
| # SPDX-FileCopyrightText: 2025 GitHub | ||
| # SPDX-License-Identifier: MIT | ||
|
|
||
| set -e | ||
|
|
||
| if [ -z "$1" ]; then | ||
| echo "Usage: $0 <repo>"; | ||
| exit 1; | ||
| fi | ||
|
|
||
| python -m seclab_taskflow_agent -t seclab_taskflows.taskflows.audit.fetch_source_code -g repo=$1 | ||
| python -m seclab_taskflow_agent -t seclab_taskflows.taskflows.audit.identify_applications -g repo=$1 | ||
| python -m seclab_taskflow_agent -t seclab_taskflows.taskflows.audit.gather_web_entry_point_info -g repo=$1 | ||
| python -m seclab_taskflow_agent -t seclab_taskflows.taskflows.audit.classify_application_local -g repo=$1 | ||
| python -m seclab_taskflow_agent -t seclab_taskflows.taskflows.audit.audit_issue_local_iter -g repo=$1 | ||
|
kevinbackhouse marked this conversation as resolved.
|
||
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,18 @@ | ||
| #!/bin/bash | ||
| # SPDX-FileCopyrightText: 2025 GitHub | ||
|
kevinbackhouse marked this conversation as resolved.
|
||
| # SPDX-License-Identifier: MIT | ||
|
|
||
|
||
| if [ ! -f ".env" ]; then | ||
| touch ".env" | ||
| fi | ||
|
|
||
| mkdir -p logs | ||
|
kevinbackhouse marked this conversation as resolved.
|
||
|
|
||
| # Note: this uses the trick described [here](https://unix.stackexchange.com/a/646335) | ||
| # to pass extra command line arguments into `bash -c`. | ||
| docker run -i \ | ||
|
kevinbackhouse marked this conversation as resolved.
|
||
| --mount type=bind,src="$PWD",dst=/app \ | ||
| --mount type=bind,src="./logs",dst=/root/.local \ | ||
| -e GH_TOKEN="$GH_TOKEN" -e AI_API_TOKEN="$AI_API_TOKEN" --entrypoint /bin/bash \ | ||
| "ghcr.io/githubsecuritylab/seclab-taskflow-agent" \ | ||
| -c 'pip install -q -e /app && exec "$@"' this-is-bash-dollar-zero "$@" | ||
This file was deleted.
This file was deleted.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The PR description suggests running the audit script directly in Codespaces as
/scripts/audit/run_audit.sh github/cmark-gfm, but the script is added atscripts/audit/run_audit.shwithin the repo, so the correct usage from the repo root would be./scripts/audit/run_audit.sh github/cmark-gfm(or similar). Please align the description and any user-facing examples with the actual relative path so users don’t try to call a non-existent absolute/scripts/...path.