feature/match #5
							
								
								
									
										32
									
								
								.github/actions/Auto_check_backdoor/action.yml
									
									
									
									
										vendored
									
									
										Normal file
									
								
							
							
						
						
									
										32
									
								
								.github/actions/Auto_check_backdoor/action.yml
									
									
									
									
										vendored
									
									
										Normal file
									
								
							| @@ -0,0 +1,32 @@ | ||||
| name: "Backdoor Detection" | ||||
| description: "Perform backdoor and vulnerability detection on your code and dependencies." | ||||
| inputs: | ||||
|   code_path: | ||||
|     description: "Path to the code directory to be analyzed." | ||||
|     required: true | ||||
|   requirements_file: | ||||
|     description: "Path to the requirements.txt file." | ||||
|     required: true | ||||
|   output_format: | ||||
|     description: "Output format for the detection results (html, md, txt)." | ||||
|     required: true | ||||
|     default: "txt" | ||||
| runs: | ||||
|   using: "composite" | ||||
|   steps: | ||||
|     - name: Checkout code | ||||
|       uses: actions/checkout@v2 | ||||
|     - name: Set up Python | ||||
|       uses: actions/setup-python@v2 | ||||
|       with: | ||||
|         python-version: "3.x" | ||||
|     - name: Install dependencies | ||||
|       run: | | ||||
|         python -m pip install --upgrade pip | ||||
|         pip install packaging | ||||
|     - name: Run Backdoor Detection | ||||
|       run: python ${{ github.workspace }}/detection/backdoor_detection.py ${{ inputs.code_path }} ${{ inputs.output_format }} | ||||
|       shell: bash | ||||
|     - name: Run Requirements Detection | ||||
|       run: python ${{ github.workspace }}/detection/requirements_detection.py ${{ github.workspace }}/crawler/trans_extracted_data.txt ${{ inputs.requirements_file }} ${{ inputs.output_format }} | ||||
|       shell: bash | ||||
							
								
								
									
										33
									
								
								.github/workflows/detection.yml
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										33
									
								
								.github/workflows/detection.yml
									
									
									
									
										vendored
									
									
								
							| @@ -7,24 +7,25 @@ on: | ||||
|     branches: [main] | ||||
|  | ||||
| jobs: | ||||
|   build: | ||||
|     runs-on: ubuntu-latest | ||||
|     steps: | ||||
|       - uses: actions/checkout@v2 | ||||
|       - name: Install dependencies | ||||
|         run: pip install -r requirements.txt -i https://pypi.tuna.tsinghua.edu.cn/simple | ||||
|       - name: Run tests | ||||
|         run: python -m unittest discover -s tests | ||||
|   # build: | ||||
|   #   runs-on: ubuntu-latest | ||||
|   #   steps: | ||||
|   #     - uses: actions/checkout@v2 | ||||
|   #     - name: Install dependencies | ||||
|   #       run: pip install -r requirements.txt -i https://pypi.tuna.tsinghua.edu.cn/simple | ||||
|   #     - name: Run tests | ||||
|   #       run: python -m unittest discover -s tests | ||||
|  | ||||
|   security_check: | ||||
|     runs-on: ubuntu-latest | ||||
|     needs: build # 确保安全检查在构建后执行 | ||||
|     # needs: build # 确保安全检查在构建后执行 | ||||
|     steps: | ||||
|       - uses: actions/checkout@v2 | ||||
|       - name: Install dependencies | ||||
|         run: pip install -r requirements.txt -i https://pypi.tuna.tsinghua.edu.cn/simple | ||||
|       # - uses: ./ # 使用当前仓库的根目录下的 action.yml | ||||
|       #   with: | ||||
|       #     code_path: "./tests" | ||||
|       #     requirements_file: "./requirements.txt" | ||||
|       #     output_format: "txt" | ||||
|       # - name: Install dependencies | ||||
|       #   run: pip install -r requirements.txt -i https://pypi.tuna.tsinghua.edu.cn/simple | ||||
|       - name: Run Backdoor and Vulnerability Detection | ||||
|       - uses: sangge/BackDoorBuster/.github/actions/Auto_check_backdoor/ # 使用当前仓库的根目录下的 action.yml | ||||
|         with: | ||||
|           code_path: "./tests" | ||||
|           requirements_file: "./requirements.txt" | ||||
|           output_format: "txt" | ||||
|   | ||||
		Reference in New Issue
	
	Block a user