From 9744b8f3b58f39e65faa4bf117a3f0efeb9748b3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?C=C3=A9dric=20Fabianski?= <cfabianski@me.com>
Date: Mon, 17 Jul 2023 15:24:07 +0200
Subject: [PATCH] feat: add Bearer code scanning option

---
 code-scanning/bearer.yml                      | 39 ++++++++++++++
 .../properties/bearer.properties.json         |  7 +++
 icons/bearer.svg                              | 53 +++++++++++++++++++
 3 files changed, 99 insertions(+)
 create mode 100644 code-scanning/bearer.yml
 create mode 100644 code-scanning/properties/bearer.properties.json
 create mode 100644 icons/bearer.svg

diff --git a/code-scanning/bearer.yml b/code-scanning/bearer.yml
new file mode 100644
index 0000000000..a62494a45e
--- /dev/null
+++ b/code-scanning/bearer.yml
@@ -0,0 +1,39 @@
+# This workflow file requires a free account on Bearer.com to manage findings, notifications and more.
+#
+# See https://docs.bearer.com/guides/bearer-cloud/
+
+name: Bearer
+
+on:
+  push:
+    branches: [$default-branch, $protected-branches]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [$default-branch]
+  schedule:
+    - cron: $cron-weekly
+
+permissions:
+  contents: read # for actions/checkout to fetch code
+  security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
+  actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
+
+jobs:
+  bearer:
+    runs-on: ubuntu-latest
+    steps:
+      # Checkout project source
+      - uses: actions/checkout@v3
+      # Scan code using Bearer CLI
+      - name: Run Report
+        id: report
+        uses: bearer/bearer-action@v2
+        with:
+          api-key: ${{ secrets.BEARER_TOKEN }}
+          format: sarif
+          output: results.sarif
+      # Upload SARIF file generated in previous step
+      - name: Upload SARIF file
+        uses: github/codeql-action/upload-sarif@v2
+        with:
+          sarif_file: results.sarif
diff --git a/code-scanning/properties/bearer.properties.json b/code-scanning/properties/bearer.properties.json
new file mode 100644
index 0000000000..05b02c2718
--- /dev/null
+++ b/code-scanning/properties/bearer.properties.json
@@ -0,0 +1,7 @@
+{
+  "name": "Bearer",
+  "creator": "Bearer",
+  "description": "Continuously run Bearer code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.",
+  "iconName": "bearer",
+  "categories": ["Code Scanning", "JavaScript", "TypeScript", "Java", "Ruby"]
+}
diff --git a/icons/bearer.svg b/icons/bearer.svg
new file mode 100644
index 0000000000..64cb93a74b
--- /dev/null
+++ b/icons/bearer.svg
@@ -0,0 +1,53 @@
+<svg width="59" height="49" viewBox="0 0 59 49" fill="none" xmlns="http://www.w3.org/2000/svg">
+<path d="M9.01245 24.3045L10.0255 25.3367C10.2155 25.5244 10.4371 25.6183 10.6903 25.6183C10.722 25.6183 10.7537 25.6183 10.7853 25.6183C10.9753 25.587 11.1652 25.5244 11.3235 25.368C11.5135 25.2116 11.6084 24.9614 11.6084 24.7424C11.6084 24.4922 11.5135 24.2732 11.3552 24.0855L10.3104 23.022C9.93054 23.5225 9.48733 23.9604 9.01245 24.3045Z" fill="url(#paint0_linear_418_482)"/>
+<path d="M22.3977 12.9808L23.4424 15.8399C23.5691 16.1855 23.9173 16.4369 24.2972 16.4369C24.3922 16.4369 24.5188 16.4055 24.6138 16.3741C25.0887 16.217 25.3419 15.6828 25.152 15.2115L24.1073 12.3838C23.5691 12.6666 22.9992 12.8551 22.3977 12.9808Z" fill="url(#paint1_linear_418_482)"/>
+<path d="M38.5796 12.1466L37.3644 15.5037C37.2045 15.9788 37.4284 16.5172 37.908 16.6755C38.004 16.7072 38.1319 16.7389 38.2278 16.7389H38.2598C38.6435 16.7389 38.9633 16.4855 39.0912 16.1371L40.3064 12.8117C39.9227 12.7167 39.5389 12.6217 39.1552 12.4633C38.9633 12.3366 38.7715 12.2416 38.5796 12.1466Z" fill="url(#paint2_linear_418_482)"/>
+<path d="M50.0997 28.799C50.163 28.799 50.1947 28.799 50.258 28.799C50.5429 28.799 50.7962 28.671 50.9861 28.4471L52.0942 27.0715C51.556 26.7516 51.0811 26.3357 50.7012 25.8239L49.5298 27.2634C49.2133 27.6473 49.2766 28.2551 49.6565 28.5751C49.7831 28.703 49.9414 28.767 50.0997 28.799Z" fill="url(#paint3_linear_418_482)"/>
+<path d="M50.4269 33.2722C49.3073 32.8548 48.0918 32.6943 46.9082 32.7906C45.7247 32.8869 44.5411 33.2722 43.4535 33.8501C43.3255 33.9143 43.1656 33.8822 43.1016 33.7538C43.0376 33.6254 43.0696 33.497 43.1656 33.4006C43.6134 33.0475 44.0933 32.7585 44.6051 32.5017V31.0569C44.6051 23.4799 38.4633 17.3155 30.9141 17.3155C24.5805 17.3155 19.1425 21.5856 17.6071 27.6858C18.0549 27.8463 18.5027 28.0389 18.9186 28.2637C19.7503 28.681 20.518 29.2268 21.2217 29.869C21.8935 30.5111 22.5013 31.2174 22.9811 32.0201C23.109 32.2448 23.0451 32.5017 22.8211 32.6301C22.6292 32.7585 22.3733 32.6943 22.2454 32.5338C21.7016 31.8595 21.1258 31.2816 20.454 30.7679C19.8143 30.2542 19.0785 29.8048 18.3428 29.4837C16.8394 28.8095 15.176 28.4884 13.5446 28.6168C11.9132 28.7131 10.3138 29.2911 8.9383 30.1579C8.26655 30.6074 7.62678 31.1532 7.08299 31.7632C6.5072 32.3732 6.05937 33.0475 5.67551 33.7859C4.17207 36.7076 4.23604 40.3998 5.99539 43.193C6.82708 44.6057 8.04263 45.7615 9.45011 46.5962C10.8576 47.431 12.489 47.8484 14.1524 47.8805L47.8039 48.041C50.139 48.041 52.4422 46.9173 53.8176 45.023C55.2571 43.1609 55.673 40.6245 55.0332 38.345C54.4254 36.0333 52.6661 34.0749 50.4269 33.2722Z" fill="url(#paint4_linear_418_482)"/>
+<path d="M18.6067 11.1024C19.3161 11.3927 20.0255 11.554 20.7671 11.554C23.0565 11.554 25.1201 10.1669 26.023 8.07023C27.216 5.16708 25.8617 1.84458 22.9597 0.651064C22.2826 0.360749 21.541 0.199463 20.7993 0.199463C18.51 0.199463 16.4463 1.58652 15.5435 3.68324C14.9631 5.07031 14.9631 6.61865 15.5435 8.03797C16.1239 9.42503 17.2202 10.5218 18.6067 11.1024Z" fill="#9DACE3"/>
+<path d="M39.7305 11.1024C40.4399 11.3927 41.1493 11.554 41.8909 11.554C44.1802 11.554 46.2439 10.1669 47.1468 8.07023C48.3398 5.16708 46.9855 1.84458 44.0835 0.651064C43.3741 0.360749 42.6648 0.199463 41.9231 0.199463C39.6338 0.199463 37.5701 1.58652 36.6673 3.68324C35.4742 6.5864 36.8285 9.90889 39.7305 11.1024Z" fill="#9DACE3"/>
+<path d="M57.8705 20.545C57.3546 19.7063 56.5485 19.0934 55.5811 18.8354C55.2909 18.7709 54.9685 18.7064 54.6783 18.7064C52.9693 18.7064 51.4861 19.8676 51.0669 21.5127C50.5832 23.5127 51.7763 25.5126 53.7754 26.0288C54.0656 26.0933 54.3881 26.1578 54.6783 26.1578C56.3872 26.1578 57.8705 24.9965 58.2897 23.3514C58.5476 22.4159 58.3864 21.416 57.8705 20.545Z" fill="#9DACE3"/>
+<path d="M9.94213 20.5627C10.5548 18.0789 9.03928 15.5306 6.55645 14.9177C6.16951 14.8209 5.78257 14.7886 5.42788 14.7886C3.29974 14.7886 1.42955 16.2402 0.913636 18.3047C0.623435 19.4982 0.816903 20.7562 1.42955 21.8207C2.07444 22.8852 3.07403 23.6594 4.29932 23.9497C4.68626 24.0465 5.07319 24.0787 5.42788 24.0787C7.58827 24.111 9.42622 22.6594 9.94213 20.5627Z" fill="#9DACE3"/>
+<defs>
+<linearGradient id="paint0_linear_418_482" x1="9.00004" y1="24.3372" x2="11.5922" y2="24.3372" gradientUnits="userSpaceOnUse">
+<stop stop-color="#00A9E2"/>
+<stop offset="0.1882" stop-color="#1981D7"/>
+<stop offset="0.4572" stop-color="#394DC8"/>
+<stop offset="0.6919" stop-color="#5027BE"/>
+<stop offset="0.8802" stop-color="#5F10B7"/>
+<stop offset="0.9987" stop-color="#6408B5"/>
+</linearGradient>
+<linearGradient id="paint1_linear_418_482" x1="22.3865" y1="14.415" x2="25.221" y2="14.415" gradientUnits="userSpaceOnUse">
+<stop stop-color="#00A9E2"/>
+<stop offset="0.1882" stop-color="#1981D7"/>
+<stop offset="0.4572" stop-color="#394DC8"/>
+<stop offset="0.6919" stop-color="#5027BE"/>
+<stop offset="0.8802" stop-color="#5F10B7"/>
+<stop offset="0.9987" stop-color="#6408B5"/>
+</linearGradient>
+<linearGradient id="paint2_linear_418_482" x1="37.2961" y1="14.4342" x2="40.3298" y2="14.4342" gradientUnits="userSpaceOnUse">
+<stop stop-color="#00A9E2"/>
+<stop offset="0.1882" stop-color="#1981D7"/>
+<stop offset="0.4572" stop-color="#394DC8"/>
+<stop offset="0.6919" stop-color="#5027BE"/>
+<stop offset="0.8802" stop-color="#5F10B7"/>
+<stop offset="0.9987" stop-color="#6408B5"/>
+</linearGradient>
+<linearGradient id="paint3_linear_418_482" x1="49.3302" y1="27.3266" x2="52.0876" y2="27.3266" gradientUnits="userSpaceOnUse">
+<stop stop-color="#00A9E2"/>
+<stop offset="0.1882" stop-color="#1981D7"/>
+<stop offset="0.4572" stop-color="#394DC8"/>
+<stop offset="0.6919" stop-color="#5027BE"/>
+<stop offset="0.8802" stop-color="#5F10B7"/>
+<stop offset="0.9987" stop-color="#6408B5"/>
+</linearGradient>
+<linearGradient id="paint4_linear_418_482" x1="4.64949" y1="32.6548" x2="55.3627" y2="32.6548" gradientUnits="userSpaceOnUse">
+<stop stop-color="#00A9E2"/>
+<stop offset="0.1882" stop-color="#1981D7"/>
+<stop offset="0.4572" stop-color="#394DC8"/>
+<stop offset="0.6919" stop-color="#5027BE"/>
+<stop offset="0.8802" stop-color="#5F10B7"/>
+<stop offset="0.9987" stop-color="#6408B5"/>
+</linearGradient>
+</defs>
+</svg>