Compare commits
11 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
 renovate-bot
|
b83aa96a93 | ||
 JonKazama-Hellion
|
32f4c92f1b | ||
|
renovate-bot
|
4c7a33a6fa | ||
|
JonKazama-Hellion
|
9eb0bc1c3e | ||
|
renovate-bot
|
0fb0eec7df | ||
|
JonKazama-Hellion
|
0d4708bf11 | ||
|
renovate-bot
|
f2b070e201 | ||
|
JonKazama-Hellion
|
8176f91d4c | ||
|
JonKazama-Hellion
|
d68bb35e7a | ||
|
renovate-bot
|
10c70f8bf9 | ||
|
JonKazama-Hellion
|
28b9061756 |
@@ -0,0 +1,13 @@
|
||||
name: Security
|
||||
on:
|
||||
push:
|
||||
branches: [main, master]
|
||||
pull_request:
|
||||
schedule:
|
||||
- cron: '0 6 * * 1'
|
||||
workflow_dispatch:
|
||||
|
||||
jobs:
|
||||
scan:
|
||||
uses: JonKazama-Hellion/security-workflows/.gitea/workflows/security-scan.yml@main
|
||||
|
||||
@@ -16,7 +16,7 @@ jobs:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4
|
||||
|
||||
- name: Projektstruktur prüfen
|
||||
run: |
|
||||
|
||||
@@ -15,7 +15,7 @@ jobs:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4
|
||||
|
||||
- name: Extract version from tag
|
||||
id: version
|
||||
@@ -53,7 +53,7 @@ jobs:
|
||||
cat checksums-sha256.txt
|
||||
|
||||
- name: Create GitHub Release
|
||||
uses: softprops/action-gh-release@v2
|
||||
uses: softprops/action-gh-release@3bb12739c298aeb8a4eeaf626c5b8d85266b0e65 # v2
|
||||
with:
|
||||
name: "Hellion NewTab ${{ steps.version.outputs.tag }}"
|
||||
body: |
|
||||
|
||||
@@ -20,15 +20,15 @@ jobs:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4
|
||||
|
||||
- name: Initialize CodeQL
|
||||
uses: github/codeql-action/init@v3
|
||||
uses: github/codeql-action/init@68bde559dea0fdcac2102bfdf6230c5f70eb485e # v4
|
||||
with:
|
||||
languages: javascript
|
||||
|
||||
- name: Run CodeQL Analysis
|
||||
uses: github/codeql-action/analyze@v3
|
||||
uses: github/codeql-action/analyze@68bde559dea0fdcac2102bfdf6230c5f70eb485e # v4
|
||||
|
||||
dependency-review:
|
||||
name: Dependency Review
|
||||
@@ -36,7 +36,7 @@ jobs:
|
||||
if: github.event_name == 'pull_request'
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4
|
||||
|
||||
- name: Dependency Review
|
||||
uses: actions/dependency-review-action@v4
|
||||
uses: actions/dependency-review-action@a1d282b36b6f3519aa1f3fc636f609c47dddb294 # v5.0.0
|
||||
|
||||
+5
-3
@@ -26,8 +26,10 @@
|
||||
},
|
||||
{
|
||||
"description": "TypeScript type definitions stay grouped with each other",
|
||||
"matchPackagePrefixes": ["@types/"],
|
||||
"groupName": "type definitions"
|
||||
"groupName": "type definitions",
|
||||
"matchPackageNames": [
|
||||
"@types/{/,}**"
|
||||
]
|
||||
},
|
||||
{
|
||||
"description": "Dev dependencies in their own group",
|
||||
@@ -51,4 +53,4 @@
|
||||
"commitMessageAction": "Refresh"
|
||||
},
|
||||
"osvVulnerabilityAlerts": true
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user