From 191b06dd5b247c9c106de57cd82082011d64acba Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 14 Mar 2024 04:06:50 +0000 Subject: [PATCH 1/3] chore(deps): update super-linter/super-linter action to v6 --- .github/workflows/linter.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/linter.yml b/.github/workflows/linter.yml index bb9f8c2..eabef8b 100644 --- a/.github/workflows/linter.yml +++ b/.github/workflows/linter.yml @@ -36,7 +36,7 @@ jobs: - name: Lint Code Base id: super-linter - uses: super-linter/super-linter/slim@a8150b40c89574adb5f68bf9502b890a236a06b3 # v5.7.2 + uses: super-linter/super-linter/slim@e0fc164bba85f4b58c6cd17ba1dfd435d01e8a06 # v6.3.0 env: DEFAULT_BRANCH: main GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} From cda2eaa0a34b85aec1dedfe6cc8f1dd90f0506eb Mon Sep 17 00:00:00 2001 From: Matthew Scharley Date: Thu, 14 Mar 2024 15:35:03 +1100 Subject: [PATCH 2/3] ci: fix superlinter --- .github/workflows/linter.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/linter.yml b/.github/workflows/linter.yml index eabef8b..37ea00f 100644 --- a/.github/workflows/linter.yml +++ b/.github/workflows/linter.yml @@ -22,6 +22,10 @@ jobs: - name: Checkout id: checkout uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + with: + # super-linter needs the full git history to get the + # list of files that changed across commits + fetch-depth: 0 - name: Setup Node.js id: setup-node From 27490ce05bea9f1b649edd369897b29df9143f87 Mon Sep 17 00:00:00 2001 From: Matthew Scharley Date: Thu, 14 Mar 2024 15:43:22 +1100 Subject: [PATCH 3/3] ci: disable all permissions by default --- .github/workflows/check-dist.yml | 2 ++ .github/workflows/ci.yml | 2 ++ .github/workflows/codeql-analysis.yml | 2 ++ .github/workflows/linter.yml | 2 ++ .github/workflows/stale.yml | 2 ++ 5 files changed, 10 insertions(+) diff --git a/.github/workflows/check-dist.yml b/.github/workflows/check-dist.yml index e1472fd..19e2895 100644 --- a/.github/workflows/check-dist.yml +++ b/.github/workflows/check-dist.yml @@ -19,6 +19,8 @@ on: - '**.md' workflow_dispatch: +permissions: {} + jobs: check-dist: name: Check dist/ diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 91eac76..d8ac898 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -7,6 +7,8 @@ on: - main - 'releases/*' +permissions: {} + jobs: test-typescript: name: TypeScript Tests diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 2a04f6a..fd9d815 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -10,6 +10,8 @@ on: schedule: - cron: '31 7 * * 3' +permissions: {} + jobs: analyze: name: Analyze diff --git a/.github/workflows/linter.yml b/.github/workflows/linter.yml index 37ea00f..792d239 100644 --- a/.github/workflows/linter.yml +++ b/.github/workflows/linter.yml @@ -8,6 +8,8 @@ on: branches-ignore: - main +permissions: {} + jobs: lint: name: Lint Code Base diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index 886e32f..88805a3 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -4,6 +4,8 @@ on: - cron: '30 1 * * *' workflow_dispatch: +permissions: {} + jobs: stale: uses: mscharley/.github/.github/workflows/stale.yml@main