Two changes to the github_advisory_sync.rb script to avoid post-processing of new GHSA advisory data #1565
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| push: | |
| branches: [ master ] | |
| pull_request: | |
| branches: ['**'] | |
| permissions: {} | |
| jobs: | |
| lint-actions: | |
| name: GitHub Actions audit | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| with: | |
| persist-credentials: false | |
| - name: Run actionlint | |
| uses: rhysd/actionlint@914e7df21a07ef503a81201c76d2b11c789d3fca # v1.7.12 | |
| - name: Run zizmor | |
| uses: zizmorcore/zizmor-action@5f14fd08f7cf1cb1609c1e344975f152c7ee938d # v0.5.6 | |
| with: | |
| advanced-security: false | |
| tests: | |
| runs-on: ubuntu-latest | |
| name: Linter | |
| steps: | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| with: | |
| persist-credentials: false | |
| - name: Set up Python | |
| uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 | |
| with: | |
| python-version: 3.8 | |
| - name: Install yamllint | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install yamllint | |
| - name: Lint YAML files | |
| run: yamllint gems rubies | |
| - name: Set up Ruby | |
| uses: ruby/setup-ruby@afeafc3d1ab54a631816aba4c914a0081c12ff2f # v1.310.0 | |
| with: | |
| ruby-version: 4.0 | |
| - name: Install ruby dependencies | |
| run: bundle install --jobs 4 --retry 3 | |
| - name: Validate YAML | |
| run: bundle exec rake lint |