Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Few workflow fixes #940

Merged
merged 6 commits into from
Dec 20, 2024

Don't reinstall pkg-config on macOS

0edd859
Select commit
Loading
Failed to load commit list.
Merged

Few workflow fixes #940

Don't reinstall pkg-config on macOS
0edd859
Select commit
Loading
Failed to load commit list.
GitHub Advanced Security / Scorecard completed Dec 20, 2024 in 3s

1 configuration not found

Warning: Code scanning may not have found all the alerts introduced by this pull request, because 1 configuration present on refs/heads/main was not found:

Actions workflow (ci.yml)

  • ❓  supply-chain/branch-protection

New alerts in code changed by this pull request

Security Alerts:

  • 10 medium

See annotations below for details.

View all branch alerts.

Annotations

Check warning on line 44 in .github/workflows/ci.yml

See this annotation in the file changed.

Code scanning / Scorecard

Pinned-Dependencies Medium

score is 4: third-party GitHubAction not pinned by hash
Remediation tip: update your workflow using https://app.stepsecurity.io
Click Remediation section below for further remediation help

Check warning on line 49 in .github/workflows/ci.yml

See this annotation in the file changed.

Code scanning / Scorecard

Pinned-Dependencies Medium

score is 4: GitHub-owned GitHubAction not pinned by hash
Remediation tip: update your workflow using https://app.stepsecurity.io
Click Remediation section below for further remediation help

Check warning on line 52 in .github/workflows/ci.yml

See this annotation in the file changed.

Code scanning / Scorecard

Pinned-Dependencies Medium

score is 4: GitHub-owned GitHubAction not pinned by hash
Remediation tip: update your workflow using https://app.stepsecurity.io
Click Remediation section below for further remediation help

Check warning on line 105 in .github/workflows/ci.yml

See this annotation in the file changed.

Code scanning / Scorecard

Pinned-Dependencies Medium

score is 4: third-party GitHubAction not pinned by hash
Remediation tip: update your workflow using https://app.stepsecurity.io
Click Remediation section below for further remediation help

Check warning on line 110 in .github/workflows/ci.yml

See this annotation in the file changed.

Code scanning / Scorecard

Pinned-Dependencies Medium

score is 4: GitHub-owned GitHubAction not pinned by hash
Remediation tip: update your workflow using https://app.stepsecurity.io
Click Remediation section below for further remediation help

Check warning on line 113 in .github/workflows/ci.yml

See this annotation in the file changed.

Code scanning / Scorecard

Pinned-Dependencies Medium

score is 4: GitHub-owned GitHubAction not pinned by hash
Remediation tip: update your workflow using https://app.stepsecurity.io
Click Remediation section below for further remediation help

Check warning on line 218 in .github/workflows/ci.yml

See this annotation in the file changed.

Code scanning / Scorecard

Pinned-Dependencies Medium

score is 4: third-party GitHubAction not pinned by hash
Remediation tip: update your workflow using https://app.stepsecurity.io
Click Remediation section below for further remediation help

Check warning on line 229 in .github/workflows/ci.yml

See this annotation in the file changed.

Code scanning / Scorecard

Pinned-Dependencies Medium

score is 4: GitHub-owned GitHubAction not pinned by hash
Remediation tip: update your workflow using https://app.stepsecurity.io
Click Remediation section below for further remediation help

Check warning on line 299 in .github/workflows/ci.yml

See this annotation in the file changed.

Code scanning / Scorecard

Pinned-Dependencies Medium

score is 4: third-party GitHubAction not pinned by hash
Remediation tip: update your workflow using https://app.stepsecurity.io
Click Remediation section below for further remediation help

Check warning on line 304 in .github/workflows/ci.yml

See this annotation in the file changed.

Code scanning / Scorecard

Pinned-Dependencies Medium

score is 4: GitHub-owned GitHubAction not pinned by hash
Remediation tip: update your workflow using https://app.stepsecurity.io
Click Remediation section below for further remediation help