mirror/Archipelago
1
0
Fork 1
mirror of https://github.com/ArchipelagoMW/Archipelago.git synced 2026-04-07 21:38:17 -07:00
Code Issues Packages Projects Releases Wiki Activity

CI: set permissions, update and pin actions, CodeQL for actions (#6073)

Browse Source 
* CI: reduce default permissions to minimum

* CI: update pin actions

Most of them. CodeQL and action-gh-release is untouched for now.
Immutable actions and actions/* are pinned to version,
other actions are pinned to hash.

* CI: make use of archive: false in upload-artifact

also set compression level and error behavior for scan-build upload.

* CI: update codeql and enable scanning actions
This commit is contained in:
black-sliver
2026-03-30 19:46:43 +00:00
committed by GitHub
parent c640d2fa24
commit 2ee20a3ac4
10 changed files with 71 additions and 50 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
.github/workflows/analyze-modified-files.yml vendored
View File

@@ -14,6 +14,8 @@ env:
BEFORE: ${{ github.event.before }}
AFTER: ${{ github.event.after }}
permissions: {}
jobs:
flake8-or-mypy:
strategy:
@@ -25,7 +27,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@v6.0.2
- name: "Determine modified files (pull_request)"
if: github.event_name == 'pull_request'
@@ -50,7 +52,7 @@ jobs:
run: |
echo "diff=." >> $GITHUB_ENV
- uses: actions/setup-python@v5
- uses: actions/setup-python@v6.2.0
if: env.diff != ''
with:
python-version: '3.11'