mirror of
https://github.com/jdx/mise-action.git
synced 2026-06-28 15:50:45 +00:00
23d8611f95
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/checkout](https://redirect.github.com/actions/checkout) | action | major | `v6.0.3` → `v7.0.0` | --- ### Release Notes <details> <summary>actions/checkout (actions/checkout)</summary> ### [`v7.0.0`](https://redirect.github.com/actions/checkout/blob/HEAD/CHANGELOG.md#v700) [Compare Source](https://redirect.github.com/actions/checkout/compare/v7.0.0...v7.0.0) - Block checking out fork PR for pull\_request\_target and workflow\_run by [@​aiqiaoy](https://redirect.github.com/aiqiaoy) in [#​2454](https://redirect.github.com/actions/checkout/pull/2454) - Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 in the minor-actions-dependencies group across 1 directory by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2458](https://redirect.github.com/actions/checkout/pull/2458) - Bump flatted from 3.3.1 to 3.4.2 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2460](https://redirect.github.com/actions/checkout/pull/2460) - Bump js-yaml from 4.1.0 to 4.2.0 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2461](https://redirect.github.com/actions/checkout/pull/2461) - Bump [@​actions/core](https://redirect.github.com/actions/core) and [@​actions/tool-cache](https://redirect.github.com/actions/tool-cache) and Remove uuid by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2459](https://redirect.github.com/actions/checkout/pull/2459) - upgrade module to esm and update dependencies by [@​aiqiaoy](https://redirect.github.com/aiqiaoy) in [#​2463](https://redirect.github.com/actions/checkout/pull/2463) - Bump the minor-npm-dependencies group across 1 directory with 3 updates by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2462](https://redirect.github.com/actions/checkout/pull/2462) ### [`v7`](https://redirect.github.com/actions/checkout/blob/HEAD/CHANGELOG.md#v700) [Compare Source](https://redirect.github.com/actions/checkout/compare/v6.0.3...v7.0.0) - Block checking out fork PR for pull\_request\_target and workflow\_run by [@​aiqiaoy](https://redirect.github.com/aiqiaoy) in [#​2454](https://redirect.github.com/actions/checkout/pull/2454) - Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 in the minor-actions-dependencies group across 1 directory by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2458](https://redirect.github.com/actions/checkout/pull/2458) - Bump flatted from 3.3.1 to 3.4.2 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2460](https://redirect.github.com/actions/checkout/pull/2460) - Bump js-yaml from 4.1.0 to 4.2.0 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2461](https://redirect.github.com/actions/checkout/pull/2461) - Bump [@​actions/core](https://redirect.github.com/actions/core) and [@​actions/tool-cache](https://redirect.github.com/actions/tool-cache) and Remove uuid by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2459](https://redirect.github.com/actions/checkout/pull/2459) - upgrade module to esm and update dependencies by [@​aiqiaoy](https://redirect.github.com/aiqiaoy) in [#​2463](https://redirect.github.com/actions/checkout/pull/2463) - Bump the minor-npm-dependencies group across 1 directory with 3 updates by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2462](https://redirect.github.com/actions/checkout/pull/2462) </details> --- ### Configuration 📅 **Schedule**: (in timezone America/Chicago) - Branch creation - Only on Friday (`* * * * 5`) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/jdx/mise-action). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4yNDIuMiIsInVwZGF0ZWRJblZlciI6IjQzLjI0Mi4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
54 lines
1.2 KiB
YAML
54 lines
1.2 KiB
YAML
name: CodeQL
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- main
|
|
pull_request:
|
|
branches:
|
|
- main
|
|
schedule:
|
|
- cron: '31 7 * * 3'
|
|
|
|
concurrency:
|
|
group: ${{ github.workflow }}-${{ github.ref_name }}
|
|
cancel-in-progress: true
|
|
|
|
jobs:
|
|
analyze:
|
|
name: Analyze
|
|
runs-on: ubuntu-latest
|
|
|
|
permissions:
|
|
actions: read
|
|
checks: write
|
|
contents: read
|
|
security-events: write
|
|
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
language:
|
|
- TypeScript
|
|
|
|
steps:
|
|
- name: Checkout
|
|
id: checkout
|
|
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
|
|
with:
|
|
persist-credentials: false
|
|
|
|
- name: Initialize CodeQL
|
|
id: initialize
|
|
uses: github/codeql-action/init@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2
|
|
with:
|
|
languages: ${{ matrix.language }}
|
|
source-root: src
|
|
|
|
- name: Autobuild
|
|
id: autobuild
|
|
uses: github/codeql-action/autobuild@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2
|
|
|
|
- name: Perform CodeQL Analysis
|
|
id: analyze
|
|
uses: github/codeql-action/analyze@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2
|