From 1ac2f1c1c4bcc8a4e52bbf7ecbd9d7f0ea773f44 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Guillaume=20Desv=C3=A9?= Date: Wed, 9 Oct 2024 17:41:14 +0200 Subject: [PATCH 1/3] Reuse Aqua workflow from alma/actions (#140) --- .github/workflows/aqua.yml | 26 +++++--------------------- 1 file changed, 5 insertions(+), 21 deletions(-) diff --git a/.github/workflows/aqua.yml b/.github/workflows/aqua.yml index 633e7bc4..34e3e65f 100644 --- a/.github/workflows/aqua.yml +++ b/.github/workflows/aqua.yml @@ -1,4 +1,5 @@ name: Aqua + on: pull_request: branches: @@ -8,24 +9,7 @@ on: jobs: aqua: name: Aqua scanner - runs-on: ubuntu-22.04 - steps: - - name: Checkout code - uses: actions/checkout@v4 - - - name: Run Aqua scanner - uses: docker://aquasec/aqua-scanner - with: - args: trivy fs --sast --reachability --scanners misconfig,vuln,secret . - # To customize which severities add the following flag: --severity UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL - # To enable SAST scanning, add: --sast - # To enable reachability scanning, add: --reachability - # To enable npm/dotnet non-lock file scanning, add: --package-json / --dotnet-proj - env: - AQUA_KEY: ${{ secrets.AQUA_KEY }} - AQUA_SECRET: ${{ secrets.AQUA_SECRET }} - GITHUB_TOKEN: ${{ github.token }} - AQUA_URL: https://api.eu-1.supply-chain.cloud.aquasec.com - CSPM_URL: https://eu-1.api.cloudsploit.com - TRIVY_RUN_AS_PLUGIN: "aqua" - # For http/https proxy configuration add env vars: HTTP_PROXY/HTTPS_PROXY, CA-CRET (path to CA certificate) + uses: alma/actions/.github/workflows/aqua.yml@v3 + secrets: inherit + with: + service-account: github-gar-alma-php-client@lyrical-carver-335213.iam.gserviceaccount.com From 37495b016e26345aa11024473fb241cbf565f57e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Guillaume=20Desv=C3=A9?= Date: Thu, 10 Oct 2024 09:45:43 +0200 Subject: [PATCH 2/3] Reintroduce full Aqua workflow due to repository privacy issues (#141) --- .github/workflows/aqua.yml | 45 +++++++++++++++++++++++++++++++++----- 1 file changed, 40 insertions(+), 5 deletions(-) diff --git a/.github/workflows/aqua.yml b/.github/workflows/aqua.yml index 34e3e65f..7b4b1520 100644 --- a/.github/workflows/aqua.yml +++ b/.github/workflows/aqua.yml @@ -8,8 +8,43 @@ on: jobs: aqua: - name: Aqua scanner - uses: alma/actions/.github/workflows/aqua.yml@v3 - secrets: inherit - with: - service-account: github-gar-alma-php-client@lyrical-carver-335213.iam.gserviceaccount.com + name: Code scanning + runs-on: ubuntu-24.04 + + permissions: + contents: read + id-token: write + + steps: + - name: Checkout code + uses: actions/checkout@v4 + with: + show-progress: false + + - name: Authenticate to Google Cloud + id: gcloud-auth + uses: google-github-actions/auth@v2 + with: + token_format: access_token + workload_identity_provider: projects/699052769907/locations/global/workloadIdentityPools/github-identity-pool-shared/providers/github-identity-provider-shared # yamllint disable-line + service_account: github-gar-alma-php-client@lyrical-carver-335213.iam.gserviceaccount.com + + - name: Authenticate to Artifact Registry + uses: docker/login-action@v3 + with: + registry: europe-docker.pkg.dev + username: oauth2accesstoken + password: ${{ steps.gcloud-auth.outputs.access_token }} + + - name: Run Aqua scanner + uses: docker://aquasec/aqua-scanner + env: + AQUA_KEY: ${{ secrets.AQUA_KEY }} + AQUA_SECRET: ${{ secrets.AQUA_SECRET }} + GITHUB_TOKEN: ${{ github.token }} + AQUA_URL: https://api.eu-1.supply-chain.cloud.aquasec.com + CSPM_URL: https://eu-1.api.cloudsploit.com + TRIVY_RUN_AS_PLUGIN: aqua + TRIVY_DB_REPOSITORY: europe-docker.pkg.dev/lyrical-carver-335213/ghcr-remote-cache/aquasecurity/trivy-db:2 + with: + args: trivy fs --sast --reachability --scanners misconfig,vuln,secret . From 9c267c48cc55590ceca016226102c0b8a5ab7af8 Mon Sep 17 00:00:00 2001 From: joyet-simon <43644110+joyet-simon@users.noreply.github.com> Date: Mon, 4 Nov 2024 09:11:57 +0000 Subject: [PATCH 3/3] chore: update version --- CHANGELOG.md | 19 +++++++++++++++++++ composer.json | 2 +- src/Client.php | 2 +- 3 files changed, 21 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index b75e4d03..e884bb0a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,23 @@ # CHANGELOG +## v2.3.0 - 2024-11-04 + +### Changes + +- chore(deps): update pre-commit hook returntocorp/semgrep to v1.92.0 (#116) + +### 🚀 New Features + +- feat: replace payment validator hmac verification by request hmac val… (#147) +- Change CmsInfo themes to theme_name and theme_version (#146) +- Add isUrlRefreshRequired function (#145) +- Make nullable for all attributes in CmsInfo and CmsFeatures (#143) +- Create endpoint and formatter for gather cms data (#142) + +#### Contributors + +@Benjamin-Freoua-Alma, @Francois-Gomis, @alma-renovate-bot, @alma-renovate-bot[bot], @github-actions, @hyahiaoui, @joyet-simon and @remi-zuffinetti + ## v2.2.0 - 2024-09-05 ### Changes @@ -162,6 +180,7 @@ } + ``` * Add fields and docs to the Payment entity * Add a Refund entity and extract refunds data within the Payment entity constructor diff --git a/composer.json b/composer.json index f9c14f5e..24fe5eeb 100644 --- a/composer.json +++ b/composer.json @@ -1,7 +1,7 @@ { "name": "alma/alma-php-client", "description": "PHP API client for the Alma payments API", - "version": "2.2.0", + "version": "2.3.0", "type": "library", "require": { "php": "^5.6 || ~7.0 || ~7.1 || ~7.2 || ~7.3 || ~7.4 || ~8.0 || ~8.1 || ~8.2 || ~8.3", diff --git a/src/Client.php b/src/Client.php index 5176acb3..010c3280 100644 --- a/src/Client.php +++ b/src/Client.php @@ -30,7 +30,7 @@ class Client { - const VERSION = '2.2.0'; + const VERSION = '2.3.0'; const LIVE_MODE = 'live'; const TEST_MODE = 'test';