Skip to content

Commit f890189

Browse files
Enable Vale pipeline blocking (Velocidex#1263)
Co-authored-by: Mike Cohen <mike@velocidex.com>
1 parent b923b85 commit f890189

6 files changed

Lines changed: 191 additions & 39 deletions

File tree

.github/workflows/vale.yaml

Lines changed: 0 additions & 26 deletions
This file was deleted.
Lines changed: 22 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -1,17 +1,33 @@
1-
name: Spellcheck Action
1+
name: Verify Repo
22
on:
33
push:
44
branches:
55
- master
66
pull_request:
77

88
jobs:
9-
build:
10-
name: Spellcheck
9+
verify:
10+
name: Verify
1111
runs-on: ubuntu-latest
1212
steps:
13-
# The checkout step
14-
- uses: actions/checkout@master
13+
- uses: actions/checkout@v6
14+
- name: Update submodules
15+
run: |
16+
git submodule update --init --recursive --remote
17+
- name: Run Vale
18+
uses: vale-cli/vale-action@reviewdog
19+
with:
20+
# Set to true when we want to start having errors fail the pipeline.
21+
fail_on_error: true
22+
23+
# Only check lines touched by the PR to avoid reviewdog's
24+
# "too many annotations" failures on full-corpus scans.
25+
filter_mode: added
26+
reporter: github-pr-check
27+
28+
# Run vale locally to see all alert levels. In CI we only
29+
# care about errors.
30+
vale_flags: "--minAlertLevel=error"
1531

1632
- name: Download Latest Velociraptor
1733
env:
@@ -36,9 +52,4 @@ jobs:
3652
chmod +x tests/velociraptor
3753
3854
- name: Verify Exchange Artifacts
39-
run: ./tests/velociraptor -v artifacts verify ./content/exchange/artifacts/*.yaml
40-
41-
- uses: rojopolis/spellcheck-github-actions@0.35.0
42-
name: Spellcheck
43-
with:
44-
config_path: .pyspelling.yml
55+
run: ./tests/velociraptor -v artifacts verify ./content/exchange/artifacts/*yaml

.wordlist.txt

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2186,3 +2186,4 @@ lookbehind
21862186
storedQuery
21872187
subexpression
21882188
truthy
2189+
zulp

content/exchange/artifacts/PrintNightmare.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,7 @@ description: |
1919
- Time bounds to select files with a timestamp within time ranges
2020
- FileSize bounds
2121
22-
![Sample output](https://github.com/mgreen27/velociraptor-docs/raw/patch-5/content/exchange/artifacts/PrintNightmare.png)
22+
![Sample output](https://docs.velociraptor.app/exchange/artifacts/PrintNightmare.png)
2323
2424
parameters:
2525
- name: MFTFilename

static/exchange/data.json

Lines changed: 166 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,170 @@
11
[
2+
{
3+
"title": "Windows.Memory.DotnetDumper",
4+
"author": "mgreen27",
5+
"description": "Response artifact to triage Windows .NET processes and collect .NET assemblies from \nmemory using DotnetDumper.",
6+
"link": "/exchange/artifacts/pages/dotnetdumper",
7+
"tags": [],
8+
"author_link": "https://github.com/mgreen27",
9+
"author_avatar": "https://avatars.githubusercontent.com/u/13081800?v=4",
10+
"date": "2026-05-27"
11+
},
12+
{
13+
"title": "Generic.Client.ADStatus",
14+
"author": "misje",
15+
"description": "Get Active Directory join status from a computer.",
16+
"link": "/exchange/artifacts/pages/generic.client.adstatus",
17+
"tags": [
18+
"metadata",
19+
"activedirectory"
20+
],
21+
"author_link": "https://github.com/misje",
22+
"author_avatar": "https://avatars.githubusercontent.com/u/4006538?v=4",
23+
"date": "2026-05-27"
24+
},
25+
{
26+
"title": "Generic.Client.Defender.Health",
27+
"author": "misje",
28+
"description": "Get Microsoft Defender for Endpoint (MDATP) health and configuration.",
29+
"link": "/exchange/artifacts/pages/generic.client.defender.health",
30+
"tags": [
31+
"mdatp",
32+
"metadata"
33+
],
34+
"author_link": "https://github.com/misje",
35+
"author_avatar": "https://avatars.githubusercontent.com/u/4006538?v=4",
36+
"date": "2026-05-27"
37+
},
38+
{
39+
"title": "Generic.Client.HW.Identification",
40+
"author": "misje",
41+
"description": "Extract product serial and other identification strings from the system.",
42+
"link": "/exchange/artifacts/pages/generic.client.hw.identification",
43+
"tags": [
44+
"metadata"
45+
],
46+
"author_link": "https://github.com/misje",
47+
"author_avatar": "https://avatars.githubusercontent.com/u/4006538?v=4",
48+
"date": "2026-05-27"
49+
},
50+
{
51+
"title": "Server.Monitor.StoreClientHWInfo",
52+
"author": "misje",
53+
"description": "Save hardware identification data from client interrogation as\nclient metadata.",
54+
"link": "/exchange/artifacts/pages/server.monitor.storeclienthwinfo",
55+
"tags": [
56+
"metadata",
57+
"automation"
58+
],
59+
"author_link": "https://github.com/misje",
60+
"author_avatar": "https://avatars.githubusercontent.com/u/4006538?v=4",
61+
"date": "2026-05-27"
62+
},
63+
{
64+
"title": "Server.Monitor.StoreClientInfo",
65+
"author": "misje",
66+
"description": "Save data from client interrogation as client metadata.",
67+
"link": "/exchange/artifacts/pages/server.monitor.storeclientinfo",
68+
"tags": [
69+
"metadata",
70+
"automation"
71+
],
72+
"author_link": "https://github.com/misje",
73+
"author_avatar": "https://avatars.githubusercontent.com/u/4006538?v=4",
74+
"date": "2026-05-27"
75+
},
76+
{
77+
"title": "Windows.Applications.Tailscale",
78+
"author": "ogmini",
79+
"description": "Decodes the configuration file, pulls log files, and uploads any partial file transfers for Tailscale.",
80+
"link": "/exchange/artifacts/pages/windows.applications.tailscale",
81+
"tags": [],
82+
"author_link": "https://github.com/ogmini",
83+
"author_avatar": "https://avatars.githubusercontent.com/u/112595633?v=4",
84+
"date": "2026-05-22"
85+
},
86+
{
87+
"title": "Windows.Forensics.OneNoteHunt",
88+
"author": "SwiftSecur",
89+
"description": "Hunt OneNote files, search ASCII and UTF-16LE content,\ndetect embedded image signatures, report keyword hits,\nand optionally upload files.\nNote: the BMP signature uses a 10-byte header pattern to reduce false positives.\n",
90+
"link": "/exchange/artifacts/pages/windows.forensics.onenotehunt",
91+
"tags": [],
92+
"author_link": "https://github.com/SwiftSecur",
93+
"author_avatar": "https://avatars.githubusercontent.com/u/177733389?v=4",
94+
"date": "2026-05-22"
95+
},
96+
{
97+
"title": "Server.Monitor.Alerts.UserMessage",
98+
"author": "misje",
99+
"description": "Send an in-app user notification when an alert is created.",
100+
"link": "/exchange/artifacts/pages/server.monitor.alerts.usermessage",
101+
"tags": [
102+
"monitoring",
103+
"alerts",
104+
"notifications"
105+
],
106+
"author_link": "https://github.com/misje",
107+
"author_avatar": "https://avatars.githubusercontent.com/u/4006538?v=4",
108+
"date": "2026-05-12"
109+
},
110+
{
111+
"title": "Server.Monitor.Alerts",
112+
"author": "misje",
113+
"description": "Send an e-mail when an alert is created.",
114+
"link": "/exchange/artifacts/pages/server.monitor.alerts",
115+
"tags": [
116+
"monitoring",
117+
"alerts",
118+
"notifications"
119+
],
120+
"author_link": "https://github.com/misje",
121+
"author_avatar": "https://avatars.githubusercontent.com/u/4006538?v=4",
122+
"date": "2026-05-12"
123+
},
124+
{
125+
"title": "Server.Monitor.Client.Errors.Alert",
126+
"author": "misje",
127+
"description": "Create alerts from errors logged by client event queries.",
128+
"link": "/exchange/artifacts/pages/server.monitor.client.errors.alert",
129+
"tags": [
130+
"monitoring",
131+
"alerts",
132+
"notifications",
133+
"errors"
134+
],
135+
"author_link": "https://github.com/misje",
136+
"author_avatar": "https://avatars.githubusercontent.com/u/4006538?v=4",
137+
"date": "2026-05-12"
138+
},
139+
{
140+
"title": "Server.Monitor.Errors.Alert",
141+
"author": "misje",
142+
"description": "Create alerts from errors logged by server event queries.",
143+
"link": "/exchange/artifacts/pages/server.monitor.errors.alert",
144+
"tags": [
145+
"monitoring",
146+
"alerts",
147+
"notifications",
148+
"errors"
149+
],
150+
"author_link": "https://github.com/misje",
151+
"author_avatar": "https://avatars.githubusercontent.com/u/4006538?v=4",
152+
"date": "2026-05-12"
153+
},
154+
{
155+
"title": "Server.Monitor.FlowCompletion",
156+
"author": "misje",
157+
"description": "Send an e-mail when a client flow completes (success or failure), with optional\nHTML formatting, result tables, and file attachments.",
158+
"link": "/exchange/artifacts/pages/server.monitor.flowcompletion",
159+
"tags": [
160+
"monitoring",
161+
"notifications",
162+
"email"
163+
],
164+
"author_link": "https://github.com/misje",
165+
"author_avatar": "https://avatars.githubusercontent.com/u/4006538?v=4",
166+
"date": "2026-05-12"
167+
},
2168
{
3169
"title": "Windows.Install.Wazuh.Agent",
4170
"author": "julianghill",

0 commit comments

Comments
 (0)