diff --git a/.github/workflows/docker-image.yml b/.github/workflows/docker-image.yml
index f8b216a..e1191a9 100644
--- a/.github/workflows/docker-image.yml
+++ b/.github/workflows/docker-image.yml
@@ -31,6 +31,7 @@ jobs:
id: changelog
uses: TriPSs/conventional-changelog-action@v5
with:
+ preset: "conventionalcommits"
github-token: ${{ secrets.GITHUB_TOKEN }}
- name: Create Release
@@ -42,9 +43,37 @@ jobs:
body: ${{ steps.changelog.outputs.clean_changelog }}
token: ${{ secrets.GITHUB_TOKEN }}
+ bandit:
+ name: SAST with Bandit
+ runs-on: ubuntu-latest
+
+ steps:
+ - name: Checkout code
+ uses: actions/checkout@v4
+
+ - name: Set up Python
+ uses: actions/setup-python@v4
+ with:
+ python-version: '3.x'
+
+ - name: Install Bandit
+ run: pip install bandit
+
+ - name: Run Bandit
+ id: bandit
+ run: |
+ bandit -r linkedindumper.py --severity-level medium -f html -o bandit_report.html
+
+ - name: Upload Bandit report
+ if: failure()
+ uses: actions/upload-artifact@v3
+ with:
+ name: bandit-report
+ path: bandit_report.html
+
deploy:
name: Deploy Image
- needs: changelog
+ needs: [changelog, bandit]
if: github.event_name != 'pull_request' && needs.changelog.outputs.skipped == 'false'
runs-on: ubuntu-latest
@@ -91,7 +120,7 @@ jobs:
release:
name: Release
- needs: changelog
+ needs: [changelog, bandit]
if: github.event_name != 'pull_request' && needs.changelog.outputs.skipped == 'false'
runs-on: ubuntu-latest
diff --git a/CHANGELOG.md b/CHANGELOG.md
index d30b3ea..5633c7b 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,36 +1,35 @@
-## [0.1.3](https://github.com/l4rm4nd/LinkedInDumper/compare/v0.1.2...v0.1.3) (2024-07-21)
+## [0.1.5](https://github.com/l4rm4nd/LinkedInDumper/compare/v0.1.4...v0.1.5) (2024-07-30)
### Bug Fixes
-* **docker:** upgrade base python image ([3ec72d9](https://github.com/l4rm4nd/LinkedInDumper/commit/3ec72d978df284dcc0b2d47cc3ea436931463c6c))
-
+* **py:** increase timout ([11a07f7](https://github.com/l4rm4nd/LinkedInDumper/commit/11a07f7fece9379011800b87971a39eeb45098bb))
-
-## [0.1.2](https://github.com/l4rm4nd/LinkedInDumper/compare/v0.1.1...v0.1.2) (2024-07-21)
+## [0.1.4](https://github.com/l4rm4nd/LinkedInDumper/compare/v0.1.3...v0.1.4) (2024-07-25)
### Bug Fixes
-* **code:** refactor the py script ([7414673](https://github.com/l4rm4nd/LinkedInDumper/commit/74146730c6003db36c1110900849d7fef9fab9aa))
-
+* **python:** add timeout for requests ([ba2d3d9](https://github.com/l4rm4nd/LinkedInDumper/commit/ba2d3d996827bcb7e8f377991f1e695f0ce7755d))
-
-## [0.1.1](https://github.com/l4rm4nd/LinkedInDumper/compare/v0.1.0...v0.1.1) (2024-07-19)
+## [0.1.3](https://github.com/l4rm4nd/LinkedInDumper/compare/v0.1.2...v0.1.3) (2024-07-21)
### Bug Fixes
-* **ci:** push minor version tags ([c1661da](https://github.com/l4rm4nd/LinkedInDumper/commit/c1661dacff85b94a839ec3a2a91a068bfd209645))
+* **docker:** upgrade base python image ([3ec72d9](https://github.com/l4rm4nd/LinkedInDumper/commit/3ec72d978df284dcc0b2d47cc3ea436931463c6c))
+## [0.1.2](https://github.com/l4rm4nd/LinkedInDumper/compare/v0.1.1...v0.1.2) (2024-07-21)
-# [0.1.0](https://github.com/l4rm4nd/LinkedInDumper/compare/0a5603e2ef094c6187c6e0acb8981882404d72f9...v0.1.0) (2024-07-19)
+### Bug Fixes
+* **code:** refactor the py script ([7414673](https://github.com/l4rm4nd/LinkedInDumper/commit/74146730c6003db36c1110900849d7fef9fab9aa))
-### Features
+## [0.1.1](https://github.com/l4rm4nd/LinkedInDumper/compare/v0.1.0...v0.1.1) (2024-07-19)
-* rework gh ci workflow ([0a5603e](https://github.com/l4rm4nd/LinkedInDumper/commit/0a5603e2ef094c6187c6e0acb8981882404d72f9))
+### Bug Fixes
+* **ci:** push minor version tags ([c1661da](https://github.com/l4rm4nd/LinkedInDumper/commit/c1661dacff85b94a839ec3a2a91a068bfd209645))
diff --git a/README.md b/README.md
index 0f263ea..6411534 100644
--- a/README.md
+++ b/README.md
@@ -2,7 +2,8 @@
LinkedInDumper
Python 3 script to dump company employees from LinkedIn API
- 
+
+ 
diff --git a/linkedindumper.py b/linkedindumper.py
index b0358b4..1a16ab3 100644
--- a/linkedindumper.py
+++ b/linkedindumper.py
@@ -81,14 +81,14 @@ def show_loading_message(stop_event):
def get_company_id(company):
company_encoded = urllib.parse.quote(company)
api1 = f"https://www.linkedin.com/voyager/api/voyagerOrganizationDashCompanies?decorationId=com.linkedin.voyager.dash.deco.organization.MiniCompany-10&q=universalName&universalName={company_encoded}"
- r = requests.get(api1, headers=headers, cookies=cookies_dict)
+ r = requests.get(api1, headers=headers, cookies=cookies_dict, timeout=200)
response1 = r.json()
company_id = response1["elements"][0]["entityUrn"].split(":")[-1]
return company_id
def get_employee_data(company_id, start, count=10):
api2 = f"https://www.linkedin.com/voyager/api/search/dash/clusters?decorationId=com.linkedin.voyager.dash.deco.search.SearchClusterCollection-165&origin=COMPANY_PAGE_CANNED_SEARCH&q=all&query=(flagshipSearchIntent:SEARCH_SRP,queryParameters:(currentCompany:List({company_id}),resultType:List(PEOPLE)),includeFiltersInResponse:false)&count={count}&start={start}"
- r = requests.get(api2, headers=headers, cookies=cookies_dict)
+ r = requests.get(api2, headers=headers, cookies=cookies_dict, timeout=200)
response2 = r.json()
return response2
@@ -269,4 +269,4 @@ def main():
if __name__ == "__main__":
main()
-
\ No newline at end of file
+
diff --git a/package.json b/package.json
index 3026882..9f41116 100644
--- a/package.json
+++ b/package.json
@@ -1,3 +1,3 @@
{
- "version": "0.1.3"
+ "version": "0.1.5"
}
\ No newline at end of file