48 fix code scanning alert workflow does not contain permissions #2074
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Static Check using outdated version of Go.
Added workflow dispatch and updated workflow name.
Use explicit version consistent with release.yml
…inkgo-2.x fix(deps): update module github.com/onsi/ginkgo to v2.22.2
…inkgo-2.x fix(deps): update module github.com/onsi/ginkgo to v2.22.2
…inkgo-2.x fix(deps): update module github.com/onsi/ginkgo to v2.22.2
…inkgo-2.x fix(deps): update module github.com/onsi/ginkgo to v2.22.2
This should prevent the usage of prematurely-released versions. Next valid version will need to be v1.7.10 or higher.
Documentation: https://github.com/andrewslotin/go-proxy-pull-action Ensures update of go.pkg.dev with latest version
fix(Issue): #39 - Correct broken pkg.go.dev versioning
…-docker-27.x fix(deps): update module github.com/docker/docker to v27.5.1+incompatible
…-cli-27.x fix(deps): update module github.com/docker/cli to v27.5.1+incompatible
…pflag-1.x fix(deps): update module github.com/spf13/pflag to v1.0.6
Using updated version of go proxy pull action
Added pinDigests: true explicit setting. Added SHA regex
…inkgo-2.x fix(deps): update digest module github.com/onsi/ginkgo to v2.22.2
…---unpinned-tag-for-a-non-immutable-action-in-workflow (Issue #45) Fix for code scanning alert - Unpinned tags for a non immutable action in workflow
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 2d2cd3c094b82daf4a85daabc9d1aba59a7dde3c to 61d31d2d5425eb33e2c4ece1abd1a27c7b26a48e. - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](codecov/codecov-action@2d2cd3c...61d31d2) --- updated-dependencies: - dependency-name: codecov/codecov-action dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]>
…codecov/codecov-action-61d31d2d5425eb33e2c4ece1abd1a27c7b26a48e chore(deps): bump codecov/codecov-action from 2d2cd3c094b82daf4a85daabc9d1aba59a7dde3c to 61d31d2d5425eb33e2c4ece1abd1a27c7b26a48e
Add permissions. Add indentation.
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
nicholas-fedor
deleted the
48-fix-code-scanning-alert---workflow-does-not-contain-permissions
branch
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.