ivuorinen/gh-action-readme
1
0
Fork 0
mirror of https://github.com/ivuorinen/gh-action-readme.git synced 2026-01-26 11:14:04 +00:00
Code Issues Packages Projects Releases Wiki Activity

chore(deps): pin dependencies (#25)

Browse Source 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
This commit is contained in:
renovate[bot]
2025-08-07 16:06:38 +03:00
committed by GitHub
parent 0f70388d93
commit 51940e9094
2 changed files with 14 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
.github/workflows/ci.yml vendored
View File

@@ -9,13 +9,13 @@ jobs:
test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4 # v4.2.2
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
- name: Set up Go
uses: actions/setup-go@v5 # v5.5.0
uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5
- name: Install dependencies
run: go mod tidy
- name: Setup Node.js for EditorConfig tools
uses: actions/setup-node@v4 # v4.4.0
uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4
with:
node-version: '22'
- name: Install EditorConfig tools
@@ -56,7 +56,7 @@ jobs:
echo "Verifying generated documentation files..."
ls -la docs/
- name: Upload Generated Documentation
uses: actions/upload-artifact@v4 # v4.4.3
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4
if: always()
with:
name: generated-documentation

20
.github/workflows/security.yml vendored
View File

@@ -29,10 +29,10 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4 # v4.2.2
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
- name: Set up Go
uses: actions/setup-go@v5 # v5.5.0
uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5
with:
go-version-file: 'go.mod'
check-latest: true
@@ -48,7 +48,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4 # v4.2.2
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
- name: Run Trivy vulnerability scanner in repo mode
uses: aquasecurity/trivy-action@master # 0.32.0
@@ -60,7 +60,7 @@ jobs:
severity: 'CRITICAL,HIGH,MEDIUM'
- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v3 # v3.29.5
uses: github/codeql-action/upload-sarif@51f77329afa6477de8c49fc9c7046c15b9a4e79d # v3
if: always()
with:
sarif_file: 'trivy-results.sarif'
@@ -79,12 +79,12 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4 # v4.2.2
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
fetch-depth: 0 # Full history for gitleaks
- name: Run gitleaks to detect secrets
uses: gitleaks/gitleaks-action@v2 # v2.4.0
uses: gitleaks/gitleaks-action@ff98106e4c7b2bc287b24eaf42907196329070c7 # v2
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GITLEAKS_LICENSE: ${{ secrets.GITLEAKS_LICENSE}} # Only required for gitleaks-action pro
@@ -95,7 +95,7 @@ jobs:
if: github.event_name != 'pull_request' # Skip on PRs to avoid building images unnecessarily
steps:
- name: Checkout repository
uses: actions/checkout@v4 # v4.2.2
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
- name: Build Docker image
run: docker build -t gh-action-readme:test .
@@ -108,7 +108,7 @@ jobs:
output: 'trivy-docker-results.sarif'
- name: Upload Docker Trivy scan results
uses: github/codeql-action/upload-sarif@v3 # v3.29.5
uses: github/codeql-action/upload-sarif@51f77329afa6477de8c49fc9c7046c15b9a4e79d # v3
if: always()
with:
sarif_file: 'trivy-docker-results.sarif'
@@ -119,10 +119,10 @@ jobs:
if: github.event_name == 'pull_request'
steps:
- name: Checkout repository
uses: actions/checkout@v4 # v4.2.2
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
- name: Dependency Review
uses: actions/dependency-review-action@v4 # v4.7.1
uses: actions/dependency-review-action@da24556b548a50705dd671f47852072ea4c105d9 # v4
with:
fail-on-severity: high
comment-summary-in-pr: always