Compare commits
6 Commits
PermissionUpdate
...
main
| Author | SHA1 | Date | |
|---|---|---|---|
| 1e97bade5c | |||
| 6e6fbc184b | |||
| 2826fb8353 | |||
| 3114dc8cb4 | |||
| 95d9656793 | |||
| 4688dd73c5 |
@@ -0,0 +1,14 @@
|
||||
# To get started with Dependabot version updates, you'll need to specify which
|
||||
# package ecosystems to update and where the package manifests are located.
|
||||
# Please see the documentation for all configuration options:
|
||||
# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
|
||||
|
||||
version: 2
|
||||
updates:
|
||||
# Enable version updates for GitHub Actions
|
||||
- package-ecosystem: 'github-actions'
|
||||
# Workflow files stored in the default location of `.github/workflows`
|
||||
# You don't need to specify `/.github/workflows` for `directory`. You can use `directory: "/"`.
|
||||
directory: '/'
|
||||
schedule:
|
||||
interval: 'weekly'
|
||||
@@ -24,7 +24,7 @@ on:
|
||||
description: "Optional input to set the version of Node.js used to build the project. The input syntax corresponds to the setup-node's one"
|
||||
required: false
|
||||
type: string
|
||||
default: "20.x"
|
||||
default: "24.x"
|
||||
node-caching:
|
||||
description: "Optional input to set up caching for the setup-node action. The input syntax corresponds to the setup-node's one. Set to an empty string if caching isn't needed"
|
||||
required: false
|
||||
@@ -40,10 +40,10 @@ jobs:
|
||||
operating-systems: ${{fromJson(inputs.operating-systems)}}
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
uses: actions/checkout@v5
|
||||
|
||||
- name: Setup Node.js ${{inputs.node-version}}
|
||||
uses: actions/setup-node@v4
|
||||
uses: actions/setup-node@v6
|
||||
with:
|
||||
node-version: ${{inputs.node-version}}
|
||||
cache: ${{inputs.node-caching}}
|
||||
|
||||
@@ -16,7 +16,7 @@ on:
|
||||
description: "Optional input to set the version of Node.js used to build a project. The input syntax corresponds to the setup-node's one"
|
||||
required: false
|
||||
type: string
|
||||
default: "20.x"
|
||||
default: "24.x"
|
||||
node-caching:
|
||||
description: "Optional input to set up caching for the setup-node action. The input syntax corresponds to the setup-node's one. Set to an empty string if caching isn't needed"
|
||||
required: false
|
||||
@@ -29,10 +29,10 @@ jobs:
|
||||
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
uses: actions/checkout@v5
|
||||
|
||||
- name: Setup Node.js ${{inputs.node-version}}
|
||||
uses: actions/setup-node@v4
|
||||
uses: actions/setup-node@v6
|
||||
with:
|
||||
node-version: ${{inputs.node-version}}
|
||||
cache: ${{inputs.node-caching}}
|
||||
@@ -55,7 +55,7 @@ jobs:
|
||||
# If inners of the dist directory were different than expected, upload the expected version as an artifact
|
||||
- name: Upload artifact
|
||||
if: ${{failure() && steps.diff.conclusion == 'failure'}}
|
||||
uses: actions/upload-artifact@v4
|
||||
uses: actions/upload-artifact@v5
|
||||
with:
|
||||
name: dist
|
||||
path: ${{inputs.dist-path}}
|
||||
|
||||
@@ -37,7 +37,7 @@ jobs:
|
||||
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
uses: actions/checkout@v5
|
||||
|
||||
# Initializes the CodeQL tools for scanning.
|
||||
- name: Initialize CodeQL
|
||||
|
||||
@@ -13,7 +13,7 @@ jobs:
|
||||
steps:
|
||||
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
uses: actions/checkout@v5
|
||||
|
||||
- name: Install dependencies
|
||||
run: npm ci --ignore-scripts
|
||||
|
||||
@@ -32,13 +32,13 @@ jobs:
|
||||
runs-on: "ubuntu-latest"
|
||||
steps:
|
||||
- name: Checkout ${{github.repository}} repository
|
||||
uses: actions/checkout@v4
|
||||
uses: actions/checkout@v5
|
||||
with:
|
||||
ref: "${{inputs.base-pr-branch}}"
|
||||
path: "target"
|
||||
|
||||
- name: Checkout actions/reusable-workflows repository
|
||||
uses: actions/checkout@v4
|
||||
uses: actions/checkout@v5
|
||||
with:
|
||||
repository: "actions/reusable-workflows"
|
||||
ref: "main"
|
||||
@@ -84,9 +84,9 @@ jobs:
|
||||
|
||||
- name: Install Node.js
|
||||
if: ${{ steps.successful-update.outputs.STATUS == 'true' }}
|
||||
uses: actions/setup-node@v4
|
||||
uses: actions/setup-node@v6
|
||||
with:
|
||||
node-version: 20
|
||||
node-version: 24
|
||||
|
||||
- name: Install dependencies
|
||||
if: ${{ steps.successful-update.outputs.STATUS == 'true' }}
|
||||
|
||||
@@ -74,7 +74,15 @@ basic-validation-call:
|
||||
with:
|
||||
enable-audit: false
|
||||
```
|
||||
## Recommended permissions
|
||||
|
||||
When using the `reusable-workflows` in your GitHub Actions workflow, it is recommended to set the following permissions to ensure proper functionality:
|
||||
|
||||
```yaml
|
||||
permissions:
|
||||
contents: read # access to read repository's content
|
||||
actions: read # access to reading actions
|
||||
```
|
||||
## License
|
||||
|
||||
The scripts and documentation in this project are released under the [MIT License](LICENSE.txt)
|
||||
|
||||
Reference in New Issue
Block a user