Skip to content

build(deps): bump github/codeql-action in the github-actions group #129

build(deps): bump github/codeql-action in the github-actions group

build(deps): bump github/codeql-action in the github-actions group #129

## %CopyrightBegin%
##
## Copyright Ericsson AB 2024. All Rights Reserved.
##
## Licensed under the Apache License, Version 2.0 (the "License");
## you may not use this file except in compliance with the License.
## You may obtain a copy of the License at
##
## http://www.apache.org/licenses/LICENSE-2.0
##
## Unless required by applicable law or agreed to in writing, software
## distributed under the License is distributed on an "AS IS" BASIS,
## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
## See the License for the specific language governing permissions and
## limitations under the License.
##
## %CopyrightEnd%
## To fix issues with this run:
##
## bash -c "shopt -s nullglob; docker run --rm -e GITHUB_TOKEN=$(cat ~/.githubtoken) -v \"${PWD}:${PWD}\" -w \"${PWD}\" ghcr.io/sethvargo/ratchet:latest pin .github/actions/*/*.{yaml,yml} .github/*/*.{yaml,yml}"
## git diff --ignore-all-space > .github/actions_patch && git checkout . && git apply --ignore-space-change .github/actions_patch && rm -f .github/actions_patch && git add -u
## git commit -m "Pin all dependencies"
name: Check github actions
on:
push:
pull_request:
jobs:
check-version-pinning:
runs-on: 'ubuntu-latest'
name: 'ratchet'
steps:
- uses: 'actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683' # ratchet:actions/[email protected]
- id: files
run: |
FILES=$(find .github/ -name "*.yml" -o -name "*.yaml" -printf "%p ")
echo "${FILES}"
echo "files=${FILES}" >> $GITHUB_OUTPUT
- uses: 'docker://ghcr.io/sethvargo/ratchet:latest@sha256:2946723648d429c1939025f7e4b140d874b9d9a07a01c379b1eccd61b5fd28a5' # ratchet:docker://ghcr.io/sethvargo/ratchet:latest
with:
args: 'check ${{ steps.files.outputs.files }}'