mirror of
https://github.com/actions/setup-java.git
synced 2026-07-12 00:55:39 +00:00
Compare commits
3 Commits
e53e3d0703
...
d2e7a4534e
| Author | SHA1 | Date | |
|---|---|---|---|
|
|
d2e7a4534e | ||
|
|
28b532bcb3 | ||
|
|
2b712ed395 |
22
.github/dependabot.yml
vendored
Normal file
22
.github/dependabot.yml
vendored
Normal file
@ -0,0 +1,22 @@
|
||||
# To get started with Dependabot version updates, you'll need to specify which
|
||||
# package ecosystems to update and where the package manifests are located.
|
||||
# Please see the documentation for all configuration options:
|
||||
# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
|
||||
|
||||
version: 2
|
||||
updates:
|
||||
# Enable version updates for npm
|
||||
- package-ecosystem: 'npm'
|
||||
# Look for `package.json` and `lock` files in the `root` directory
|
||||
directory: '/'
|
||||
# Check the npm registry for updates every day (weekdays)
|
||||
schedule:
|
||||
interval: 'weekly'
|
||||
|
||||
# Enable version updates for GitHub Actions
|
||||
- package-ecosystem: 'github-actions'
|
||||
# Workflow files stored in the default location of `.github/workflows`
|
||||
# You don't need to specify `/.github/workflows` for `directory`. You can use `directory: "/"`.
|
||||
directory: '/'
|
||||
schedule:
|
||||
interval: 'weekly'
|
||||
49
.github/workflows/powershell.yml
vendored
Normal file
49
.github/workflows/powershell.yml
vendored
Normal file
@ -0,0 +1,49 @@
|
||||
# This workflow uses actions that are not certified by GitHub.
|
||||
# They are provided by a third-party and are governed by
|
||||
# separate terms of service, privacy policy, and support
|
||||
# documentation.
|
||||
#
|
||||
# https://github.com/microsoft/action-psscriptanalyzer
|
||||
# For more information on PSScriptAnalyzer in general, see
|
||||
# https://github.com/PowerShell/PSScriptAnalyzer
|
||||
|
||||
name: PSScriptAnalyzer
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: [ "main" ]
|
||||
pull_request:
|
||||
branches: [ "main" ]
|
||||
schedule:
|
||||
- cron: '17 10 * * 6'
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
|
||||
jobs:
|
||||
build:
|
||||
permissions:
|
||||
contents: read # for actions/checkout to fetch code
|
||||
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
|
||||
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
|
||||
name: PSScriptAnalyzer
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
|
||||
- name: Run PSScriptAnalyzer
|
||||
uses: microsoft/psscriptanalyzer-action@6b2948b1944407914a58661c49941824d149734f
|
||||
with:
|
||||
# Check https://github.com/microsoft/action-psscriptanalyzer for more info about the options.
|
||||
# The below set up runs PSScriptAnalyzer to your entire repository and runs some basic security rules.
|
||||
path: .\
|
||||
recurse: true
|
||||
# Include your own basic security rules. Removing this option will run all the rules
|
||||
includeRule: '"PSAvoidGlobalAliases", "PSAvoidUsingConvertToSecureStringWithPlainText"'
|
||||
output: results.sarif
|
||||
|
||||
# Upload the SARIF file generated in the previous step
|
||||
- name: Upload SARIF results file
|
||||
uses: github/codeql-action/upload-sarif@v3
|
||||
with:
|
||||
sarif_file: results.sarif
|
||||
Loading…
Reference in New Issue
Block a user