dependabot[bot]
74e3f967a4
Bump actions/checkout from 3 to 4
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-09-05 00:11:20 +00:00
Dirk
2067ac8123
Fall back to heise.de
...
.. to scan.
It worked in a few examples locally. Other hosts I tried so far weren't
available anymore (like scanme.nmap.org). In order to reduce the burden
we scan now only during PRs.
2023-07-31 16:34:56 +02:00
Dirk
15b7f7b403
Stop using deprecated OS
2023-07-31 14:03:57 +02:00
naveensrinivasan
2d03d82fd9
Set permissions for GitHub actions
...
- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ )
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.
Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
2022-04-15 21:17:06 -05:00
Dirk
db932c2bdc
prevent CI from running in doc dir s/docs/doc/
2022-04-01 14:14:59 +02:00
dependabot[bot]
85f67f93e9
Bump actions/checkout from 2 to 3
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-03-02 00:34:23 +00:00
Dirk Wetter
fbe04164d3
Also run GHA for PRs
...
(don't know whether this works.)
2021-12-11 19:40:29 +01:00
Dirk
2af7860a3c
Remove mac osx
...
... apt is probably not the right thing ;-)
2021-06-19 11:17:52 +02:00
Dirk
247d08882e
GHA: Fix push + PR
...
see https://github.community/t/how-to-factor-paths-in-common-for-push-and-pull-request/115967/2
TL;DR: There is no way to specify the common paths for two events
2021-06-19 11:12:00 +02:00
Dirk
5cd97ddcb9
Correct YAML error in GHA + add macOS
...
- yamllint to the rescue. Still shows an error though:
4:3 error syntax error: expected <block end>, but found '<block mapping start>' (syntax)
- added macos, see https://docs.github.com/en/actions/using-github-hosted-runners/about-github-hosted-runners
2021-06-19 10:45:08 +02:00
Dirk
b8a9b9c6db
Github actions modifications
...
- define deny list of files when modified not to run GHA
- specRitfy OS to be ubuntu-20.04 (is there a debian at all?)
- only use perl 5.26
While researching I stumbled over mac.osx as an OS one can specify. If anybody
knows whether this is really macosx (license?) please let me know. That
would be a great addition for CI. (Couldn't find BSD yet...)
See #1920
2021-06-19 09:20:48 +02:00
Mikel Olasagasti Uranga
ebcd3105c8
Add GitHub Actions testing
2021-06-06 21:06:58 +02:00