From February 2021, in order to provide feedback on pull requests, Code Scanning workflows must be configured with both `push` and `pull_request` triggers. This is because Code Scanning compares the results from a pull request against the results for the base branch to tell you only what has changed between the two.
Early in the beta period we supported displaying results on pull requests for workflows with only `push` triggers, but have discontinued support as this proved to be less robust.
See https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#scanning-pull-requests for more information on how best to configure your Code Scanning workflows.
During job run we may fail to resolve actions download info, and this
stack is fully controlled by GitHub actions so it should be counted as
infrastructure failure instead of user failure.
* Use FIPS compliant crypto when required
* Comment cleanup
* Store OAuth signing scheme in credentialData instead of runner setting
Add encryption scheme for job message encyption key to session
Further cleanup of unused crypto code
* Update windows rsa key manager to use crossplat dotnet RSA api
* Undo unneeded ConfigurationManager change
* add `workflow_dispatch`
* Add an environment variable to indicate which repository the currently running Action came from.
* Expose the Action ref as well.
* Move setting `github.action_repository` and `github.action_ref` to `ActionRunner.cs`.
* Don't set `action_repository` and `action_ref` for local Actions.
Co-authored-by: Tingluo Huang <tingluohuang@github.com>
remove 3 "redundant" text and put one text for DRY.
and developers always forget `sudo` and annoying `Need to run with sudo privilege` message.
so, add first.
* Change `ping .. > nul` to `sleep`
The filename `nul` is a Windows-ism that causes the update script to
create such a file in the current working directory. The `ping`
utility is also an dependency not installed by
`installdependencies.sh`, so it seemed easier to change it to the
standard `sleep` command.
* Update dotnet-install script as requested by test
* Update dotnet-install.ps1
Co-authored-by: Tingluo Huang <tingluohuang@github.com>
