Prevent workflows from running on doc-only changes

soumeh01 · soumeh01 · commit c2626c047e50 · 2025-06-25T13:00:07.000+02:00
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -7,6 +7,8 @@ on:
   pull_request:
     branches:
       - main
+    paths-ignore:
+      - '**/*.md'
   workflow_dispatch:
   merge_group:
   release:
@@ -25,7 +27,7 @@ jobs:
     runs-on: [ubuntu-latest]
     steps:
       - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1
+        uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1
         with:
           egress-policy: audit
 
@@ -122,7 +124,7 @@ jobs:
           - darwin-arm64
     steps:
       - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1
+        uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1
         with:
           egress-policy: audit
 
@@ -175,7 +177,7 @@ jobs:
       contents: write  # for softprops/action-gh-release to create a GitHub release
     steps:
       - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1
+        uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1
         with:
           egress-policy: audit
 
@@ -185,6 +187,6 @@ jobs:
           pattern: vsix-package-*
 
       - name: Attach packages
-        uses: softprops/action-gh-release@72f2c25fcb47643c292f7107632f7a47c1df5cd8 # v2.3.2
+        uses: softprops/action-gh-release@72f2c25fcb47643c292f7107632f7a47c1df5cd8 # v2.3.2
         with:
           files: "**/*.vsix"
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -4,9 +4,13 @@ on:
   pull_request:
     branches:
       - main
+    paths-ignore:
+      - '**/*.md'
   push:
     branches:
       - main
+    paths-ignore:
+      - '**/*.md'
 
 permissions:
   contents: read
diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml
@@ -1,5 +1,8 @@
 name: 'Dependency Review'
-on: [pull_request]
+on:
+  pull_request:
+    paths-ignore:
+      - '**/*.md'
 
 permissions:
   contents: read
@@ -15,5 +18,6 @@ jobs:
 
       - name: 'Checkout Repository'
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+
       - name: 'Dependency Review'
         uses: actions/dependency-review-action@da24556b548a50705dd671f47852072ea4c105d9 # v4.7.1
diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
@@ -10,6 +10,8 @@ on:
     - cron: '0 0 * * *'
   push:
     branches: [ "main" ]
+    paths-ignore:
+      - '**/*.md'
 
 permissions:
   contents: read
diff --git a/.github/workflows/tpip.yml b/.github/workflows/tpip.yml
@@ -7,9 +7,9 @@ on:
       - docs/third-party-licenses.json
       - docs/tpip-header.md
       - scripts/tpip-reporter.ts
+      - '!**/*.md'
     branches:
       - main
-    
   workflow_dispatch:
 
 concurrency:
