Skip to content

Commit bb9563b

Browse files
2 parents aa2b074 + 89f0f2f commit bb9563b

7 files changed

Lines changed: 250 additions & 11 deletions

File tree

.env.example

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
# Telegram - Use Aminskid_bot token
22
# Get your token from @BotFather by creating/accessing Aminskid_bot
3-
TELEGRAM_BOT_TOKEN=8547609157:AAEmCtlmISRfmZSnWpCDR-En8W0XLAprNLs
3+
TELEGRAM_BOT_TOKEN=your_aminskid_bot_token_here
44

55
# Plaid
66
PLAID_CLIENT_ID=693c9227bce2ad001d7edc38

.github/agents/my-agent.agent.md

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,13 @@
1+
---
2+
# Fill in the fields below to create a basic custom agent for your repository.
3+
# The Copilot CLI can be used for local testing: https://gh.io/customagents/cli
4+
# To make this agent available, merge this file into the default repository branch.
5+
# For format details, see: https://gh.io/customagents/config
6+
7+
name:
8+
description:
9+
---
10+
11+
# My Agent
12+
13+
Describe what your agent does here...

.github/workflows/aminskid

Lines changed: 101 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,101 @@
1+
# For most projects, this workflow file will not need changing; you simply need
2+
# to commit it to your repository.
3+
#
4+
# You may wish to alter this file to override the set of languages analyzed,
5+
# or to provide custom queries or build logic.
6+
#
7+
# ******** NOTE ********
8+
# We have attempted to detect the languages in your repository. Please check
9+
# the `language` matrix defined below to confirm you have the correct set of
10+
# supported CodeQL languages.
11+
#
12+
name: "CodeQL Advanced"
13+
14+
on:
15+
push:
16+
branches: [ "Main" ]
17+
pull_request:
18+
branches: [ "Main" ]
19+
schedule:
20+
- cron: '21 5 * * 2'
21+
22+
jobs:
23+
analyze:
24+
name: Analyze (${{ matrix.language }})
25+
# Runner size impacts CodeQL analysis time. To learn more, please see:
26+
# - https://gh.io/recommended-hardware-resources-for-running-codeql
27+
# - https://gh.io/supported-runners-and-hardware-resources
28+
# - https://gh.io/using-larger-runners (GitHub.com only)
29+
# Consider using larger runners or machines with greater resources for possible analysis time improvements.
30+
runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }}
31+
permissions:
32+
# required for all workflows
33+
security-events: write
34+
35+
# required to fetch internal or private CodeQL packs
36+
packages: read
37+
38+
# only required for workflows in private repositories
39+
actions: read
40+
contents: read
41+
42+
strategy:
43+
fail-fast: false
44+
matrix:
45+
include:
46+
- language: actions
47+
build-mode: none
48+
- language: javascript-typescript
49+
build-mode: none
50+
# CodeQL supports the following values keywords for 'language': 'actions', 'c-cpp', 'csharp', 'go', 'java-kotlin', 'javascript-typescript', 'python', 'ruby', 'rust', 'swift'
51+
# Use `c-cpp` to analyze code written in C, C++ or both
52+
# Use 'java-kotlin' to analyze code written in Java, Kotlin or both
53+
# Use 'javascript-typescript' to analyze code written in JavaScript, TypeScript or both
54+
# To learn more about changing the languages that are analyzed or customizing the build mode for your analysis,
55+
# see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning.
56+
# If you are analyzing a compiled language, you can modify the 'build-mode' for that language to customize how
57+
# your codebase is analyzed, see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages
58+
steps:
59+
- name: Checkout repository
60+
uses: actions/checkout@v4
61+
62+
# Add any setup steps before running the `github/codeql-action/init` action.
63+
# This includes steps like installing compilers or runtimes (`actions/setup-node`
64+
# or others). This is typically only required for manual builds.
65+
# - name: Setup runtime (example)
66+
# uses: actions/setup-example@v1
67+
68+
# Initializes the CodeQL tools for scanning.
69+
- name: Initialize CodeQL
70+
uses: github/codeql-action/init@v4
71+
with:
72+
languages: ${{ matrix.language }}
73+
build-mode: ${{ matrix.build-mode }}
74+
# If you wish to specify custom queries, you can do so here or in a config file.
75+
# By default, queries listed here will override any specified in a config file.
76+
# Prefix the list here with "+" to use these queries and those in the config file.
77+
78+
# For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
79+
# queries: security-extended,security-and-quality
80+
81+
# If the analyze step fails for one of the languages you are analyzing with
82+
# "We were unable to automatically build your code", modify the matrix above
83+
# to set the build mode to "manual" for that language. Then modify this step
84+
# to build your code.
85+
# ℹ️ Command-line programs to run using the OS shell.
86+
# 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
87+
- name: Run manual build steps
88+
if: matrix.build-mode == 'manual'
89+
shell: bash
90+
run: |
91+
echo 'If you are using a "manual" build mode for one or more of the' \
92+
'languages you are analyzing, replace this with the commands to build' \
93+
'your code, for example:'
94+
echo ' make bootstrap'
95+
echo ' make release'
96+
exit 1
97+
98+
- name: Perform CodeQL Analysis
99+
uses: github/codeql-action/analyze@v4
100+
with:
101+
category: "/language:${{matrix.language}}"
Lines changed: 86 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,86 @@
1+
# This workflow will build and push a Docker container to an Azure Web App when a commit is pushed to your default branch.
2+
#
3+
# This workflow assumes you have already created the target Azure App Service web app.
4+
# For instructions see https://docs.microsoft.com/en-us/azure/app-service/quickstart-custom-container?tabs=dotnet&pivots=container-linux
5+
#
6+
# To configure this workflow:
7+
#
8+
# 1. Download the Publish Profile for your Azure Web App. You can download this file from the Overview page of your Web App in the Azure Portal.
9+
# For more information: https://docs.microsoft.com/en-us/azure/app-service/deploy-github-actions?tabs=applevel#generate-deployment-credentials
10+
#
11+
# 2. Create a secret in your repository named AZURE_WEBAPP_PUBLISH_PROFILE, paste the publish profile contents as the value of the secret.
12+
# For instructions on obtaining the publish profile see: https://docs.microsoft.com/azure/app-service/deploy-github-actions#configure-the-github-secret
13+
#
14+
# 3. Create a GitHub Personal access token with "repo" and "read:packages" permissions.
15+
#
16+
# 4. Create three app settings on your Azure Web app:
17+
# DOCKER_REGISTRY_SERVER_URL: Set this to "https://ghcr.io"
18+
# DOCKER_REGISTRY_SERVER_USERNAME: Set this to the GitHub username or organization that owns the repository
19+
# DOCKER_REGISTRY_SERVER_PASSWORD: Set this to the value of your PAT token from the previous step
20+
#
21+
# 5. Change the value for the AZURE_WEBAPP_NAME.
22+
#
23+
# For more information on GitHub Actions for Azure: https://github.com/Azure/Actions
24+
# For more information on the Azure Web Apps Deploy action: https://github.com/Azure/webapps-deploy
25+
# For more samples to get started with GitHub Action workflows to deploy to Azure: https://github.com/Azure/actions-workflow-samples
26+
27+
name: Build and deploy a container to an Azure Web App
28+
29+
env:
30+
AZURE_WEBAPP_NAME: your-app-name # set this to the name of your Azure Web App
31+
32+
on:
33+
push:
34+
branches: [ "Main" ]
35+
workflow_dispatch:
36+
37+
permissions:
38+
contents: read
39+
40+
jobs:
41+
build:
42+
runs-on: ubuntu-latest
43+
44+
steps:
45+
- uses: actions/checkout@v4
46+
47+
- name: Set up Docker Buildx
48+
uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0
49+
50+
- name: Log in to GitHub container registry
51+
uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0
52+
with:
53+
registry: ghcr.io
54+
username: ${{ github.actor }}
55+
password: ${{ github.token }}
56+
57+
- name: Lowercase the repo name and username
58+
run: echo "REPO=${GITHUB_REPOSITORY,,}" >>${GITHUB_ENV}
59+
60+
- name: Build and push container image to registry
61+
uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09 # v5.0.0
62+
with:
63+
push: true
64+
tags: ghcr.io/${{ env.REPO }}:${{ github.sha }}
65+
file: ./Dockerfile
66+
67+
deploy:
68+
permissions:
69+
contents: none
70+
runs-on: ubuntu-latest
71+
needs: build
72+
environment:
73+
name: 'Development'
74+
url: ${{ steps.deploy-to-webapp.outputs.webapp-url }}
75+
76+
steps:
77+
- name: Lowercase the repo name and username
78+
run: echo "REPO=${GITHUB_REPOSITORY,,}" >>${GITHUB_ENV}
79+
80+
- name: Deploy to Azure Web App
81+
id: deploy-to-webapp
82+
uses: azure/webapps-deploy@v2
83+
with:
84+
app-name: ${{ env.AZURE_WEBAPP_NAME }}
85+
publish-profile: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE }}
86+
images: 'ghcr.io/${{ env.REPO }}:${{ github.sha }}'
Lines changed: 39 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,39 @@
1+
# Dependency Review Action
2+
#
3+
# This Action will scan dependency manifest files that change as part of a Pull Request,
4+
# surfacing known-vulnerable versions of the packages declared or updated in the PR.
5+
# Once installed, if the workflow run is marked as required, PRs introducing known-vulnerable
6+
# packages will be blocked from merging.
7+
#
8+
# Source repository: https://github.com/actions/dependency-review-action
9+
# Public documentation: https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review#dependency-review-enforcement
10+
name: 'Dependency review'
11+
on:
12+
pull_request:
13+
branches: [ "Main" ]
14+
15+
# If using a dependency submission action in this workflow this permission will need to be set to:
16+
#
17+
# permissions:
18+
# contents: write
19+
#
20+
# https://docs.github.com/en/enterprise-cloud@latest/code-security/supply-chain-security/understanding-your-software-supply-chain/using-the-dependency-submission-api
21+
permissions:
22+
contents: read
23+
# Write permissions for pull-requests are required for using the `comment-summary-in-pr` option, comment out if you aren't using this option
24+
pull-requests: write
25+
26+
jobs:
27+
dependency-review:
28+
runs-on: ubuntu-latest
29+
steps:
30+
- name: 'Checkout repository'
31+
uses: actions/checkout@v4
32+
- name: 'Dependency Review'
33+
uses: actions/dependency-review-action@v4
34+
# Commonly enabled options, see https://github.com/actions/dependency-review-action#configuration-options for all available options.
35+
with:
36+
comment-summary-in-pr: always
37+
# fail-on-severity: moderate
38+
# deny-licenses: GPL-1.0-or-later, LGPL-2.0-or-later
39+
# retry-on-snapshot-warnings: true

package-lock.json

Lines changed: 9 additions & 9 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

package.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -27,7 +27,7 @@
2727
"helmet": "^7.1.0",
2828
"cors": "^2.8.5",
2929
"winston": "^3.11.0",
30-
"axios": "^1.12.0",
30+
"axios": "^1.13.5",
3131
"stripe": "^14.10.0"
3232
},
3333
"devDependencies": {

0 commit comments

Comments
 (0)