Merge branch 'dev-midi-generator' into fix-midi-generator-cli

SleepyLGod · Nov 3, 2022 · 4e3bc5b · 4e3bc5b
2 parents 4442e70 + c931807
commit 4e3bc5b
Show file tree

Hide file tree

Showing 19 changed files with 102,716 additions and 36,983 deletions.
diff --git a/.github/workflows/contrast-scan.yml b/.github/workflows/contrast-scan.yml
@@ -0,0 +1,53 @@
+# This workflow uses actions that are not certified by GitHub.
+# They are provided by a third-party and are governed by
+# separate terms of service, privacy policy, and support
+# documentation.
+
+# This workflow will initiate a Contrast Scan on your built artifact, and subsequently upload the results SARIF to Github.
+# Because Contrast Scan is designed to run against your deployable artifact, you need to build an artifact that will be passed to the Contrast Scan Action.
+# Contrast Scan currently supports Java, JavaScript and .NET artifacts.
+# For more information about the Contrast Scan GitHub Action see here: https://github.com/Contrast-Security-OSS/contrastscan-action
+
+# Pre-requisites: 
+# All Contrast related account secrets should be configured as GitHub secrets to be passed as inputs to the Contrast Scan Action.
+# The required secrets are CONTRAST_API_KEY, CONTRAST_ORGANIZATION_ID and CONTRAST_AUTH_HEADER.
+
+on:
+ push:
+ branches: [ "main" ]
+ pull_request:
+ # The branches below must be a subset of the branches above
+ branches: [ "main" ]
+ schedule:
+ - cron: '16 6 * * 2'
+
+permissions:
+ contents: read
+
+name: Scan analyze workflow
+jobs:
+ build-and-scan:
+ permissions:
+ contents: read # for actions/checkout
+ security-events: write # for github/codeql-action/upload-sarif
+ actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status 
+ runs-on: ubuntu-latest
+ # check out project
+ steps:
+ - uses: actions/checkout@v3
+ # Since Contrast Scan is designed to run against your deployable artifact, the steps to build your artifact should go here.
+ # -name: Build Project
+ # ...
+ # Scan Artifact 
+ - name: Contrast Scan Action
+ uses: Contrast-Security-OSS/contrastscan-action@7352a45d9678ec8a434cf061b07ffb51c1e351a1
+ with:
+ artifact: mypath/target/myartifact.jar # replace this path with the path to your built artifact
+ apiKey: ${{ secrets.CONTRAST_API_KEY }}
+ orgId: ${{ secrets.CONTRAST_ORGANIZATION_ID }}
+ authHeader: ${{ secrets.CONTRAST_AUTH_HEADER }}
+ #Upload the results to GitHub 
+ - name: Upload SARIF file
+ uses: github/codeql-action/upload-sarif@v2
+ with:
+ sarif_file: results.sarif # The file name must be 'results.sarif', as this is what the Github Action will output
diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml
@@ -0,0 +1,20 @@
+# Dependency Review Action
+#
+# This Action will scan dependency manifest files that change as part of a Pull Request, surfacing known-vulnerable versions of the packages declared or updated in the PR. Once installed, if the workflow run is marked as required, PRs introducing known-vulnerable packages will be blocked from merging.
+#
+# Source repository: https://github.com/actions/dependency-review-action
+# Public documentation: https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review#dependency-review-enforcement
+name: 'Dependency Review'
+on: [pull_request]
+
+permissions:
+ contents: read
+
+jobs:
+ dependency-review:
+ runs-on: ubuntu-latest
+ steps:
+ - name: 'Checkout Repository'
+ uses: actions/checkout@v3
+ - name: 'Dependency Review'
+ uses: actions/dependency-review-action@v2
diff --git a/.github/workflows/mayhem-for-api.yml b/.github/workflows/mayhem-for-api.yml
@@ -0,0 +1,66 @@
+# This workflow uses actions that are not certified by GitHub.
+# They are provided by a third-party and are governed by
+# separate terms of service, privacy policy, and support
+# documentation.
+#
+# This workflow starts your API and fuzzes it with ForAllSecure Mayhem for API
+# to find reliability, performance and security issues before they reach
+# production.
+#
+# To use this workflow, you will need to:
+#
+# 1. Create a Mayhem for API account at
+# https://mayhem4api.forallsecure.com/signup
+#
+# 2. Create a service account token `mapi organization service-account create
+# <org-name> <service-account-name>`
+#
+# 3. Add the service account token as a secret in GitHub called "MAPI_TOKEN"
+#
+# 4. Update the "Start your API" step to run your API in the background before
+# starting the Mayhem for API scan, and update the `api-url` & `api-spec`
+# field.
+#
+# If you have any questions, please contact us at [email protected]
+
+name: "Mayhem for API"
+
+on:
+ push:
+ branches: [ "main" ]
+ pull_request:
+ # The branches below must be a subset of the branches above
+ branches: [ "main" ]
+
+jobs:
+ mayhem-for-api:
+ name: Mayhem for API
+ # Mayhem for API runs on linux, mac and windows
+ runs-on: ubuntu-latest
+ permissions:
+ actions: read
+ contents: read
+ security-events: write
+ steps:
+ - uses: actions/checkout@v3
+
+ # Run your API in the background. Ideally, the API would run in debug
+ # mode & send stacktraces back on "500 Internal Server Error" responses
+ # (don't do this in production though!)
+ - name: Start your API
+ run: ./run_your_api.sh & # <- ✏️ update this
+
+ - name: Mayhem for API
+ uses: ForAllSecure/mapi-action@193b709971cc377675e33284aecbf9229853e010
+ continue-on-error: true
+ with:
+ mapi-token: ${{ secrets.MAPI_TOKEN }}
+ api-url: http:https://localhost:8080 # <- ✏️ update this
+ api-spec: http:https://localhost:8080/openapi.json # <- ✏️ update this
+ duration: 60
+ sarif-report: mapi.sarif
+
+ - name: Upload SARIF file
+ uses: github/codeql-action/upload-sarif@v2
+ with:
+ sarif_file: mapi.sarif
diff --git a/OmgPianoPlayer/README.md b/OmgPianoPlayer/README.md
@@ -1,19 +1,21 @@
-# 🎼 OmgPianoPlayer
----
+<h3 align="center">
+ <img src="https://readme-typing-svg.herokuapp.com/?font=Roboto+Mono&size=30&width=350&color=46BEA3duration=3000&lines=🎼+OmgPianoPlayer🎼" height="80"/></br>
+ 🌃 A web applet uses three.js and MIDI.js
+</h3>
+</br>
 
-🌃 OmgPianoPlayer is a web applet uses three.js and MIDI.js
-
-# How to run:
-+ Add git submodules:
+## 🔧 Build & Run
+**Add git submodules:**
  ```shell
  git submodule
  git submodule init
  git submodule update
+ # P.S. These actions must be done after you clone the whole project.
  ```
- **P.S.** These actions must be done after you clone the whole project.
-+ Load third-party libraries:
+
+**Load third-party libraries:**
  ```shell
  cd ./res/MIDI
  npm i -g cnpm --registry=https://registry.npm.taobao.org
  cnpm i
- ```
+ ```
diff --git a/OmgPianoPlayer/Untitled-1.html b/OmgPianoPlayer/Untitled-1.html
@@ -0,0 +1,25 @@
+
+<html>
+
+<head>
+ <title>hi</title>
+</head>
+
+<body>
+ <script>
+ var xhr = new XMLHttpRequest();
+ xhr.open("POST", "http:https://localhost:8084/transcription/mp3ToMidi", true);
+ xhr.setRequestHeader('content-type', 'application/json');
+
+ var sendData = {
+ "isAbsolute": "false",
+ "resourcePath": "\\pianotranscriptioncli\\src\\main\\resources\\",
+ "outPath": "\\pianotranscriptioncli\\src\\main\\resources\\output",
+ "songName": "雨的印记"
+ };
+ //将用户输入值序列化成字符串
+ xhr.send(JSON.stringify(sendData));
+
+
+ </script>
+</body>
diff --git a/OmgPianoPlayer/Untitled-1.js b/OmgPianoPlayer/Untitled-1.js
@@ -0,0 +1,32 @@
+var a=["1","2","3","4","5"];
+var b=["a","b","c","d","e"];
+var c={};
+var d=new Array();
+var g=new Array();
+var e=new Array();
+for (i=0;i<5;i++){
+ d.push({"s":a[i],"z":b[i]});
+ g.push({"z":a[4-i],"m":b[4-i]});
+}
+c["d"]=d;
+c["g"]=g;
+e.push(d);
+e.push(g);
+for (i=0;i<c.d.length;i++){
+ var f=c.d[i];
+ console.log(f.s)
+}
+
+$.ajax({
+ url:"addJson",
+ data:JSON.stringify(c),
+ contentType :"application/json;charsetset=UTF-8",//必须
+ dataType:"json",//必须
+ type:"post",
+ success:function (data) {
+ alert(data)
+ },error:function () {
+ alert(222)
+ }
+
+})