mirror of
https://github.com/ivuorinen/actions.git
synced 2026-03-09 17:57:10 +00:00
Ismo Vuorinen
34372bcd36
* feat(pr-lint): consolidate dependency review into pr-lint action Move dependency review from standalone workflow into the pr-lint composite action. Adds repository visibility check via GitHub API and runs dependency-review-action only on public repos during pull_request events, before MegaLinter. * fix(pr-lint): harden dependency review visibility check Address PR review feedback from Copilot and CodeRabbit: - Skip visibility check on non-PR events (if: pull_request) - Add continue-on-error so API failures don't block MegaLinter - Use curl --fail --show-error to surface HTTP errors in logs - Use github.token directly instead of inputs.token fallback - Add Accept header for GitHub API versioning - Validate jq output type to fail closed on bad API responses * fix(pr-lint): use event payload for visibility, unblock MegaLinter on dep review Replace curl API call with local jq read from $GITHUB_EVENT_PATH for the repository visibility check — simpler, faster, no auth needed. Add continue-on-error to dependency review so MegaLinter always runs, with a re-fail step after artifacts upload to preserve the failure signal.