feature/match #5

Merged
Tritium merged 63 commits from feature/match into main 2024-04-25 21:30:29 +08:00
2 changed files with 49 additions and 16 deletions
Showing only changes of commit 4ea3685635 - Show all commits

View File

@@ -0,0 +1,32 @@
name: "Backdoor Detection"
description: "Perform backdoor and vulnerability detection on your code and dependencies."
inputs:
code_path:
description: "Path to the code directory to be analyzed."
required: true
requirements_file:
description: "Path to the requirements.txt file."
required: true
output_format:
description: "Output format for the detection results (html, md, txt)."
required: true
default: "txt"
runs:
using: "composite"
steps:
- name: Checkout code
uses: actions/checkout@v2
- name: Set up Python
uses: actions/setup-python@v2
with:
python-version: "3.x"
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install packaging
- name: Run Backdoor Detection
run: python ${{ github.workspace }}/detection/backdoor_detection.py ${{ inputs.code_path }} ${{ inputs.output_format }}
shell: bash
- name: Run Requirements Detection
run: python ${{ github.workspace }}/detection/requirements_detection.py ${{ github.workspace }}/crawler/trans_extracted_data.txt ${{ inputs.requirements_file }} ${{ inputs.output_format }}
shell: bash

View File

@@ -7,24 +7,25 @@ on:
branches: [main]
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Install dependencies
run: pip install -r requirements.txt -i https://pypi.tuna.tsinghua.edu.cn/simple
- name: Run tests
run: python -m unittest discover -s tests
# build:
# runs-on: ubuntu-latest
# steps:
# - uses: actions/checkout@v2
# - name: Install dependencies
# run: pip install -r requirements.txt -i https://pypi.tuna.tsinghua.edu.cn/simple
# - name: Run tests
# run: python -m unittest discover -s tests
security_check:
runs-on: ubuntu-latest
needs: build # 确保安全检查在构建后执行
# needs: build # 确保安全检查在构建后执行
steps:
- uses: actions/checkout@v2
- name: Install dependencies
run: pip install -r requirements.txt -i https://pypi.tuna.tsinghua.edu.cn/simple
# - uses: ./ # 使用当前仓库的根目录下的 action.yml
# with:
# code_path: "./tests"
# requirements_file: "./requirements.txt"
# output_format: "txt"
# - name: Install dependencies
# run: pip install -r requirements.txt -i https://pypi.tuna.tsinghua.edu.cn/simple
- name: Run Backdoor and Vulnerability Detection
- uses: sangge/BackDoorBuster/.github/actions/Auto_check_backdoor/ # 使用当前仓库的根目录下的 action.yml
with:
code_path: "./tests"
requirements_file: "./requirements.txt"
output_format: "txt"