From f029729cbf023797dfb73c1044d3314c75070f86 Mon Sep 17 00:00:00 2001
From: carmith <carmith@jfrog.com>
Date: Wed, 22 May 2024 12:25:35 +0300
Subject: [PATCH] removed older frogbot script

---
 .github/workflows/scan-pull-request.yml | 150 ------------------------
 1 file changed, 150 deletions(-)
 delete mode 100644 .github/workflows/scan-pull-request.yml

diff --git a/.github/workflows/scan-pull-request.yml b/.github/workflows/scan-pull-request.yml
deleted file mode 100644
index f1ca98c..0000000
--- a/.github/workflows/scan-pull-request.yml
+++ /dev/null
@@ -1,150 +0,0 @@
-name: "Frogbot Scan Pull Request"
-on:
- # pull_request_target:
- #   types: [opened, synchronize]
-permissions:
-  pull-requests: write
-  contents: read
-  id-token: write
-jobs:
-  scan-pull-request:
-    runs-on: ubuntu-latest
-    # A pull request needs to be approved before Frogbot scans it. Any GitHub user who is associated with the
-    # "frogbot" GitHub environment can approve the pull request to be scanned.
-    environment: frogbot
-    steps:
-      - uses: jfrog/frogbot@v2
-        with:
-          oidc-provider-name: jfrog-github-oidc
-        env:
-          JFROG_CLI_LOG_LEVEL: DEBUG
-          # [Mandatory]
-          # JFrog platform URL
-          JF_URL: https://${{ vars.JF_URL }}/
-          # [Mandatory if JF_USER and JF_PASSWORD are not provided]
-          # JFrog access token with 'read' permissions on Xray service
-          # JF_ACCESS_TOKEN: ${{ secrets.JF_ACCESS_TOKEN }}
-          # [Mandatory if JF_ACCESS_TOKEN is not provided]
-          # JFrog username with 'read' permissions for Xray. Must be provided with JF_PASSWORD
-          # JF_USER: ${{ secrets.JF_USER }}
-
-          # [Mandatory if JF_ACCESS_TOKEN is not provided]
-          # JFrog password. Must be provided with JF_USER
-          # JF_PASSWORD: ${{ secrets.JF_PASSWORD }}
-
-          # [Mandatory]
-          # The GitHub token is automatically generated for the job
-          JF_GIT_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-
-          # [Optional, default: https://api.github.com]
-          # API endpoint to GitHub
-          # JF_GIT_API_ENDPOINT: https://github.example.com
-
-          # [Optional]
-          # By default, the Frogbot workflows download the Frogbot executable as well as other tools
-          # needed from https://releases.jfrog.io
-          # If the machine that runs Frogbot has no access to the internet, follow these steps to allow the
-          # executable to be downloaded from an Artifactory instance, which the machine has access to:
-          #
-          # 1. Login to the Artifactory UI, with a user who has admin credentials.
-          # 2. Create a Remote Repository with the following properties set.
-          #    Under the 'Basic' tab:
-          #       Package Type: Generic
-          #       URL: https://releases.jfrog.io
-          #    Under the 'Advanced' tab:
-          #       Uncheck the 'Store Artifacts Locally' option
-          # 3. Set the value of the 'JF_RELEASES_REPO' variable with the Repository Key you created.
-          # JF_RELEASES_REPO: ""
-
-          # [Optional]
-          # Configure the SMTP server to enable Frogbot to send emails with detected secrets in pull request scans.
-          # SMTP server URL including should the relevant port: (Example: smtp.server.com:8080)
-          # JF_SMTP_SERVER: ""
-
-          # [Mandatory if JF_SMTP_SERVER is set]
-          # The username required for authenticating with the SMTP server.
-          # JF_SMTP_USER: ""
-
-          # [Mandatory if JF_SMTP_SERVER is set]
-          # The password associated with the username required for authentication with the SMTP server.
-          # JF_SMTP_PASSWORD: ""
-
-          ##########################################################################
-          ##   If your project uses a 'frogbot-config.yml' file, you can define   ##
-          ##   the following variables inside the file, instead of here.          ##
-          ##########################################################################
-
-          # [Mandatory if the two conditions below are met]
-          # 1. The project uses yarn 2, NuGet or .NET Core to download its dependencies
-          # 2. The `installCommand` variable isn't set in your frogbot-config.yml file.
-          #
-          # The command that installs the project dependencies (e.g "nuget restore")
-          # JF_INSTALL_DEPS_CMD: ""
-
-          # [Optional, default: "."]
-          # Relative path to the root of the project in the Git repository. If left empty (without providing "." yourself as default), a recursive scan is triggered from the root directory of the project.
-          # JF_WORKING_DIR: path/to/project/dir
-
-          # [Default: "*git*;*node_modules*;*target*;*venv*;*test*"]
-          # List of exclusion patterns (utilizing wildcards) for excluding paths in the source code of the Git repository during SCA scans.
-          # JF_PATH_EXCLUSIONS: "*git*;*node_modules*;*target*;*venv*;*test*"
-
-          # [Optional]
-          # Xray Watches. Learn more about them here: https://www.jfrog.com/confluence/display/JFROG/Configuring+Xray+Watches
-          # JF_WATCHES: <watch-1>,<watch-2>...<watch-n>
-
-          # [Optional]
-          # JFrog project. Learn more about it here: https://www.jfrog.com/confluence/display/JFROG/Projects
-          JF_PROJECT: ${{ vars.JF_PROJECT }}
-
-          # [Optional, default: "FALSE"]
-          # Displays all existing vulnerabilities, including the ones that were added by the pull request.
-          JF_INCLUDE_ALL_VULNERABILITIES: "TRUE" # to remove to see ALL XXX
-
-          # [Optional, default: "FALSE"]
-          # When adding new comments on pull requests, keep old comments that were added by previous scans.
-          # JF_AVOID_PREVIOUS_PR_COMMENTS_DELETION: "TRUE"
-
-          # [Optional, default: "TRUE"]
-          # Fails the Frogbot task if any security issue is found.
-          JF_FAIL: "FALSE"
-
-          # [Optional]
-          # Frogbot will download the project dependencies if they're not cached locally. To download the
-          # dependencies from a virtual repository in Artifactory, set the name of the repository. There's no
-          # need to set this value, if it is set in the frogbot-config.yml file.
-          JF_DEPS_REPO: "python-virtual"
-
-          # [Optional, Default: "FALSE"]
-          # If TRUE, Frogbot creates a single pull request with all the fixes.
-          # If false, Frogbot creates a separate pull request for each fix.
-          # JF_GIT_AGGREGATE_FIXES: "FALSE"
-
-          # [Optional, Default: "FALSE"]
-          # Handle vulnerabilities with fix versions only
-          # JF_FIXABLE_ONLY: "TRUE"
-
-          # [Optional]
-          # Set the minimum severity for vulnerabilities that should be fixed and commented on in pull requests
-          # The following values are accepted: Low, Medium, High or Critical
-          # JF_MIN_SEVERITY: ""
-
-          # [Optional]
-          # List of comma-separated(,) email addresses to receive email notifications about secrets
-          # detected during pull request scanning. The notification is also sent to the email set
-          # in the committer git profile regardless of whether this variable is set or not.
-          # JF_EMAIL_RECEIVERS: ""
-
-          # [Optional]
-          # Set the list of allowed licenses
-          # The full list of licenses can be found in:
-          # https://github.com/jfrog/frogbot/blob/master/docs/licenses.md
-          # JF_ALLOWED_LICENSES: "MIT, Apache-2.0"
-
-          # [Optional]
-          # Avoid adding extra info to pull request comments. that isn't related to the scan findings.
-          # JF_AVOID_EXTRA_MESSAGES: "TRUE"
-
-          # [Optional]
-          # Add a title to pull request comments generated by Frogbot.
-          # JF_PR_COMMENT_TITLE: ""