Skip to content

.github/workflows: add check-tidy #26

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Aug 20, 2025
Merged

.github/workflows: add check-tidy #26

merged 1 commit into from
Aug 20, 2025

Conversation

jmank88
Copy link
Contributor

@jmank88 jmank88 commented Aug 16, 2025
edited
Loading

github-advanced-security[bot]
github-advanced-security bot found potential problems Aug 16, 2025
View reviewed changes
jmank88
jmank88 commented Aug 16, 2025
View reviewed changes
@jmank88 jmank88 requested a review from krebernisak August 19, 2025 13:59
github-advanced-security[bot]
github-advanced-security bot found potential problems Aug 20, 2025
View reviewed changes
.github/workflows/relayer-build.yml
Comment on lines +54 to +75
runs-on: ubuntu-latest
steps:
- name: Check out code
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4

- name: Install Nix
uses: cachix/install-nix-action@02a151ada4993995686f9ed4f1be7cfbb229e56f # v31
with:
nix_path: nixpkgs=channel:nixos-unstable

- name: Ensure modules are tidy
run: |
nix develop -c go run github.com/jmank88/[email protected] tidy
git add --all
git diff --minimal --cached --exit-code
- name: Ensure mockery has been run
run: |
nix develop -c grep -rl "^// Code generated by mockery" | grep .go$ | xargs -r rm
nix develop -c go run github.com/jmank88/[email protected] -go generate ./...
git add --all
git diff --stat --cached --exit-code

Check warning

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {contents: read}

Copilot Autofix

AI 2 months ago

To fix the problem, add a permissions block to the workflow file .github/workflows/relayer-build.yml. The block should be placed at the top level (before jobs:) to apply to all jobs, unless a job requires different permissions. Based on the workflow, none of the jobs appear to require write access to repository contents, so the minimal starting point is contents: read. If in the future a job needs additional permissions (e.g., to create pull requests or write to issues), those can be added at the job level. The change involves inserting the following block after the name: and before the on: section:

permissions:
  contents: read

No additional imports, methods, or definitions are required.

Suggested changeset 1
.github/workflows/relayer-build.yml

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/.github/workflows/relayer-build.yml b/.github/workflows/relayer-build.yml
--- a/.github/workflows/relayer-build.yml
+++ b/.github/workflows/relayer-build.yml
@@ -1,5 +1,8 @@
 name: TRON - Relayer
 
+permissions:
+  contents: read
+
 on:
   push:
     branches:
EOF
@@ -1,5 +1,8 @@
name: TRON - Relayer

permissions:
contents: read

on:
push:
branches:
Copilot is powered by AI and may make mistakes. Always verify output.
@jmank88 jmank88 requested a review from archseer August 20, 2025 12:27
@jmank88 jmank88 mentioned this pull request Aug 20, 2025
Merged
@jmank88 jmank88 marked this pull request as ready for review August 20, 2025 12:41
@jmank88 jmank88 enabled auto-merge (squash) August 20, 2025 12:41
@jmank88 jmank88 merged commit 70950d1 into main Aug 20, 2025
13 checks passed
This was referenced Aug 21, 2025
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@KodeyThomas KodeyThomas KodeyThomas approved these changes

@krebernisak krebernisak Awaiting requested review from krebernisak

@archseer archseer Awaiting requested review from archseer

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@jmank88 @KodeyThomas