Compare commits
5 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| c3a97fc26a | |||
| 2826fb8353 | |||
| 3114dc8cb4 | |||
| 95d9656793 | |||
| 4688dd73c5 |
@@ -0,0 +1,14 @@
|
|||||||
|
# To get started with Dependabot version updates, you'll need to specify which
|
||||||
|
# package ecosystems to update and where the package manifests are located.
|
||||||
|
# Please see the documentation for all configuration options:
|
||||||
|
# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
|
||||||
|
|
||||||
|
version: 2
|
||||||
|
updates:
|
||||||
|
# Enable version updates for GitHub Actions
|
||||||
|
- package-ecosystem: 'github-actions'
|
||||||
|
# Workflow files stored in the default location of `.github/workflows`
|
||||||
|
# You don't need to specify `/.github/workflows` for `directory`. You can use `directory: "/"`.
|
||||||
|
directory: '/'
|
||||||
|
schedule:
|
||||||
|
interval: 'weekly'
|
||||||
@@ -24,7 +24,7 @@ on:
|
|||||||
description: "Optional input to set the version of Node.js used to build the project. The input syntax corresponds to the setup-node's one"
|
description: "Optional input to set the version of Node.js used to build the project. The input syntax corresponds to the setup-node's one"
|
||||||
required: false
|
required: false
|
||||||
type: string
|
type: string
|
||||||
default: "20.x"
|
default: "24.x"
|
||||||
node-caching:
|
node-caching:
|
||||||
description: "Optional input to set up caching for the setup-node action. The input syntax corresponds to the setup-node's one. Set to an empty string if caching isn't needed"
|
description: "Optional input to set up caching for the setup-node action. The input syntax corresponds to the setup-node's one. Set to an empty string if caching isn't needed"
|
||||||
required: false
|
required: false
|
||||||
@@ -40,7 +40,7 @@ jobs:
|
|||||||
operating-systems: ${{fromJson(inputs.operating-systems)}}
|
operating-systems: ${{fromJson(inputs.operating-systems)}}
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout
|
- name: Checkout
|
||||||
uses: actions/checkout@v4
|
uses: actions/checkout@v5
|
||||||
|
|
||||||
- name: Setup Node.js ${{inputs.node-version}}
|
- name: Setup Node.js ${{inputs.node-version}}
|
||||||
uses: actions/setup-node@v4
|
uses: actions/setup-node@v4
|
||||||
|
|||||||
@@ -16,7 +16,7 @@ on:
|
|||||||
description: "Optional input to set the version of Node.js used to build a project. The input syntax corresponds to the setup-node's one"
|
description: "Optional input to set the version of Node.js used to build a project. The input syntax corresponds to the setup-node's one"
|
||||||
required: false
|
required: false
|
||||||
type: string
|
type: string
|
||||||
default: "20.x"
|
default: "24.x"
|
||||||
node-caching:
|
node-caching:
|
||||||
description: "Optional input to set up caching for the setup-node action. The input syntax corresponds to the setup-node's one. Set to an empty string if caching isn't needed"
|
description: "Optional input to set up caching for the setup-node action. The input syntax corresponds to the setup-node's one. Set to an empty string if caching isn't needed"
|
||||||
required: false
|
required: false
|
||||||
@@ -29,7 +29,7 @@ jobs:
|
|||||||
|
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout
|
- name: Checkout
|
||||||
uses: actions/checkout@v4
|
uses: actions/checkout@v5
|
||||||
|
|
||||||
- name: Setup Node.js ${{inputs.node-version}}
|
- name: Setup Node.js ${{inputs.node-version}}
|
||||||
uses: actions/setup-node@v4
|
uses: actions/setup-node@v4
|
||||||
|
|||||||
@@ -37,11 +37,11 @@ jobs:
|
|||||||
|
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout
|
- name: Checkout
|
||||||
uses: actions/checkout@v4
|
uses: actions/checkout@v5
|
||||||
|
|
||||||
# Initializes the CodeQL tools for scanning.
|
# Initializes the CodeQL tools for scanning.
|
||||||
- name: Initialize CodeQL
|
- name: Initialize CodeQL
|
||||||
uses: github/codeql-action/init@v3
|
uses: github/codeql-action/init@v4
|
||||||
with:
|
with:
|
||||||
languages: ${{matrix.language}}
|
languages: ${{matrix.language}}
|
||||||
config-file: ${{inputs.codeql-cfg-path}}
|
config-file: ${{inputs.codeql-cfg-path}}
|
||||||
@@ -50,7 +50,7 @@ jobs:
|
|||||||
# If this step fails, configure a build command manually using build-command input. This command will be executed in the corresponding step.
|
# If this step fails, configure a build command manually using build-command input. This command will be executed in the corresponding step.
|
||||||
- name: Autobuild
|
- name: Autobuild
|
||||||
if: ${{!inputs.build-command}}
|
if: ${{!inputs.build-command}}
|
||||||
uses: github/codeql-action/autobuild@v3
|
uses: github/codeql-action/autobuild@v4
|
||||||
|
|
||||||
- name: Manual build
|
- name: Manual build
|
||||||
if: ${{inputs.build-command}}
|
if: ${{inputs.build-command}}
|
||||||
@@ -58,4 +58,4 @@ jobs:
|
|||||||
${{inputs.build-command}}
|
${{inputs.build-command}}
|
||||||
|
|
||||||
- name: Perform CodeQL Analysis
|
- name: Perform CodeQL Analysis
|
||||||
uses: github/codeql-action/analyze@v3
|
uses: github/codeql-action/analyze@v4
|
||||||
|
|||||||
@@ -13,7 +13,7 @@ jobs:
|
|||||||
steps:
|
steps:
|
||||||
|
|
||||||
- name: Checkout
|
- name: Checkout
|
||||||
uses: actions/checkout@v4
|
uses: actions/checkout@v5
|
||||||
|
|
||||||
- name: Install dependencies
|
- name: Install dependencies
|
||||||
run: npm ci --ignore-scripts
|
run: npm ci --ignore-scripts
|
||||||
|
|||||||
@@ -32,13 +32,13 @@ jobs:
|
|||||||
runs-on: "ubuntu-latest"
|
runs-on: "ubuntu-latest"
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout ${{github.repository}} repository
|
- name: Checkout ${{github.repository}} repository
|
||||||
uses: actions/checkout@v4
|
uses: actions/checkout@v5
|
||||||
with:
|
with:
|
||||||
ref: "${{inputs.base-pr-branch}}"
|
ref: "${{inputs.base-pr-branch}}"
|
||||||
path: "target"
|
path: "target"
|
||||||
|
|
||||||
- name: Checkout actions/reusable-workflows repository
|
- name: Checkout actions/reusable-workflows repository
|
||||||
uses: actions/checkout@v4
|
uses: actions/checkout@v5
|
||||||
with:
|
with:
|
||||||
repository: "actions/reusable-workflows"
|
repository: "actions/reusable-workflows"
|
||||||
ref: "main"
|
ref: "main"
|
||||||
@@ -86,7 +86,7 @@ jobs:
|
|||||||
if: ${{ steps.successful-update.outputs.STATUS == 'true' }}
|
if: ${{ steps.successful-update.outputs.STATUS == 'true' }}
|
||||||
uses: actions/setup-node@v4
|
uses: actions/setup-node@v4
|
||||||
with:
|
with:
|
||||||
node-version: 20
|
node-version: 24
|
||||||
|
|
||||||
- name: Install dependencies
|
- name: Install dependencies
|
||||||
if: ${{ steps.successful-update.outputs.STATUS == 'true' }}
|
if: ${{ steps.successful-update.outputs.STATUS == 'true' }}
|
||||||
|
|||||||
@@ -74,7 +74,15 @@ basic-validation-call:
|
|||||||
with:
|
with:
|
||||||
enable-audit: false
|
enable-audit: false
|
||||||
```
|
```
|
||||||
|
## Recommended permissions
|
||||||
|
|
||||||
|
When using the `reusable-workflows` in your GitHub Actions workflow, it is recommended to set the following permissions to ensure proper functionality:
|
||||||
|
|
||||||
|
```yaml
|
||||||
|
permissions:
|
||||||
|
contents: read # access to read repository's content
|
||||||
|
actions: read # access to reading actions
|
||||||
|
```
|
||||||
## License
|
## License
|
||||||
|
|
||||||
The scripts and documentation in this project are released under the [MIT License](LICENSE.txt)
|
The scripts and documentation in this project are released under the [MIT License](LICENSE.txt)
|
||||||
|
|||||||
Reference in New Issue
Block a user