Skip to content

Commit e61b7f8

Browse files
zkoppertzkoppert
authored
Merge pull request #2048 from github/fix/code-scanning-supply-chain-hardening
fix: resolve supply chain security code scanning alerts
2 parents 84dae8a + 15d84a1 commit e61b7f8

4 files changed

Lines changed: 2 additions & 53 deletions

File tree

.dockerignore

Lines changed: 0 additions & 1 deletion
This file was deleted.

.github/dependabot.yaml

Lines changed: 1 addition & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -25,15 +25,4 @@ updates:
2525
update-types:
2626
- 'minor'
2727
- 'patch'
28-
- package-ecosystem: 'docker'
29-
directory: '/'
30-
schedule:
31-
interval: 'weekly'
32-
commit-message:
33-
prefix: 'chore(deps)'
34-
groups:
35-
dependencies:
36-
applies-to: version-updates
37-
update-types:
38-
- 'minor'
39-
- 'patch'
28+

.github/workflows/ci.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -54,7 +54,7 @@ jobs:
5454
- name: Install Python dependencies
5555
run: |
5656
echo 'docutils==0.22.4 --hash=sha256:d0013f540772d1420576855455d050a2180186c91c15779301ac2ccb3eeb68de' > /tmp/requirements.txt
57-
python -m pip install -r /tmp/requirements.txt
57+
python -m pip install --require-hashes --no-deps -r /tmp/requirements.txt
5858
5959
- name: Run rake
6060
run: |

Dockerfile

Lines changed: 0 additions & 39 deletions
This file was deleted.

0 commit comments

Comments
 (0)