File tree Expand file tree Collapse file tree 3 files changed +53
-5
lines changed
Expand file tree Collapse file tree 3 files changed +53
-5
lines changed Original file line number Diff line number Diff line change 88 branches :
99 - main
1010
11+ permissions : {}
12+
1113jobs :
1214 build :
1315 name : Deploy docs
1416 runs-on : ubuntu-latest
17+ permissions :
18+ contents : write
1519 steps :
1620 - name : Checkout main
17- uses : actions/checkout@v5
21+ uses : actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5
22+ with :
23+ persist-credentials : true
1824
1925 - name : Install uv
20- uses : astral-sh/setup-uv@v7
26+ uses : astral-sh/setup-uv@37802adc94f370d6bfd71619e3f0bf239e1f3b78 # v7
2127 with :
2228 version : " 0.9.*"
2329 enable-cache : true
2430
2531 - name : Deploy docs
2632 run : uv run mkdocs gh-deploy --force --strict
33+ env :
34+ GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
Original file line number Diff line number Diff line change 1212 - ' reports/pyproject.toml'
1313 workflow_dispatch :
1414
15+ permissions : {}
16+
1517jobs :
1618 update-reports :
1719 runs-on : ubuntu-latest
20+ environment : gh-stats
1821 permissions :
1922 contents : write
2023 pull-requests : write
2124
2225 steps :
2326 - name : Checkout repository
24- uses : actions/checkout@v5
27+ uses : actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5
28+ with :
29+ persist-credentials : false
2530
2631 - name : Get current date
2732 id : date
2833 run : echo "date=$(date +'%Y-%m-%d')" >> $GITHUB_OUTPUT
2934
3035 - name : Install uv
31- uses : astral-sh/setup-uv@v7
36+ uses : astral-sh/setup-uv@37802adc94f370d6bfd71619e3f0bf239e1f3b78 # v7
3237 with :
3338 version : " 0.9.*"
3439 enable-cache : true
5661 run : uv run generate_docs.py
5762
5863 - name : Create Pull Request
59- uses : peter-evans/create-pull-request@v7.0.11
64+ uses : peter-evans/create-pull-request@22a9089034f40e5a961c8808d113e2c98fb63676 # v7.0.11
6065 with :
6166 commit-message : " Update reports for ${{ github.run_id }}"
6267 title : " Update reports (${{ steps.date.outputs.date }})"
Original file line number Diff line number Diff line change 1+ name : GitHub Actions Security Analysis
2+
3+ on :
4+ push :
5+ branches : [main]
6+ paths :
7+ - ' .github/workflows/**'
8+ - ' .github/actions/**'
9+ pull_request :
10+ branches : ["**"]
11+ paths :
12+ - ' .github/workflows/**'
13+ - ' .github/actions/**'
14+ workflow_dispatch :
15+
16+ permissions : {}
17+
18+ concurrency :
19+ group : ${{ github.workflow }}-${{ github.ref }}
20+ cancel-in-progress : true
21+
22+ jobs :
23+ zizmor :
24+ name : Run zizmor
25+ runs-on : ubuntu-latest
26+ permissions :
27+ security-events : write # Required by zizmor-action to upload SARIF files
28+ steps :
29+ - name : Checkout repository
30+ uses : actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
31+ with :
32+ persist-credentials : false
33+
34+ - name : Run zizmor
35+ uses : zizmorcore/zizmor-action@71321a20a9ded102f6e9ce5718a2fcec2c4f70d8 # v0.5.2
You can’t perform that action at this time.
0 commit comments