mirror of
https://github.com/mikefarah/yq.git
synced 2026-07-05 12:10:37 +00:00
Pinning using hashes
This commit is contained in:
parent
f9b0d7e45d
commit
91a166e8d8
6
.github/workflows/release.yml
vendored
6
.github/workflows/release.yml
vendored
@ -29,7 +29,7 @@ jobs:
|
|||||||
run: echo "VERSION=${GITHUB_REF##*/}" >> "${GITHUB_OUTPUT}"
|
run: echo "VERSION=${GITHUB_REF##*/}" >> "${GITHUB_OUTPUT}"
|
||||||
|
|
||||||
- name: Generate man page
|
- name: Generate man page
|
||||||
uses: docker://pandoc/core:2.14.2
|
uses: docker://pandoc/core:2.14.2@sha256:04e127c6642a2b9d447c26fe0ac6a5932efa8f508eda9f07da51b6e621dd7c19
|
||||||
id: gen-man-page
|
id: gen-man-page
|
||||||
with:
|
with:
|
||||||
args: >-
|
args: >-
|
||||||
@ -43,12 +43,12 @@ jobs:
|
|||||||
man.md
|
man.md
|
||||||
|
|
||||||
- name: Install cosign
|
- name: Install cosign
|
||||||
uses: sigstore/cosign-installer@v3
|
uses: sigstore/cosign-installer@7e8b541eb2e61bf99390e1afd4be13a184e9ebc5 # v3.10.1
|
||||||
|
|
||||||
- name: Cross compile
|
- name: Cross compile
|
||||||
run: |
|
run: |
|
||||||
sudo apt-get install rhash -y
|
sudo apt-get install rhash -y
|
||||||
go install github.com/goreleaser/goreleaser/v2@latest
|
go install github.com/goreleaser/goreleaser/v2@v2.16.0
|
||||||
./scripts/xcompile.sh
|
./scripts/xcompile.sh
|
||||||
|
|
||||||
- name: Sign checksums
|
- name: Sign checksums
|
||||||
|
|||||||
2
.github/workflows/scorecard.yml
vendored
2
.github/workflows/scorecard.yml
vendored
@ -73,6 +73,6 @@ jobs:
|
|||||||
# Upload the results to GitHub's code scanning dashboard (optional).
|
# Upload the results to GitHub's code scanning dashboard (optional).
|
||||||
# Commenting out will disable upload of results to your repo's Code Scanning dashboard
|
# Commenting out will disable upload of results to your repo's Code Scanning dashboard
|
||||||
- name: "Upload to code-scanning"
|
- name: "Upload to code-scanning"
|
||||||
uses: github/codeql-action/upload-sarif@v4
|
uses: github/codeql-action/upload-sarif@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4.35.2
|
||||||
with:
|
with:
|
||||||
sarif_file: results.sarif
|
sarif_file: results.sarif
|
||||||
|
|||||||
@ -2,7 +2,7 @@ FROM golang:1.26.4@sha256:68cb6d68bed024785b69195b89af7ac7a444f27791435f98647edf
|
|||||||
|
|
||||||
RUN apt-get update && \
|
RUN apt-get update && \
|
||||||
apt-get install -y npm && \
|
apt-get install -y npm && \
|
||||||
npm install -g npx cspell@latest
|
npm install -g npx cspell@10.0.1
|
||||||
|
|
||||||
COPY scripts/devtools.sh /opt/devtools.sh
|
COPY scripts/devtools.sh /opt/devtools.sh
|
||||||
|
|
||||||
|
|||||||
@ -1,5 +1,5 @@
|
|||||||
---
|
---
|
||||||
$schema: https://raw.githubusercontent.com/streetsidesoftware/cspell/main/cspell.schema.json
|
$schema: https://raw.githubusercontent.com/streetsidesoftware/cspell/0f43abf29e5da0ecbcb08214055cdc1e3267c3ea/cspell.schema.json
|
||||||
version: '0.2'
|
version: '0.2'
|
||||||
language: en-GB
|
language: en-GB
|
||||||
dictionaryDefinitions:
|
dictionaryDefinitions:
|
||||||
|
|||||||
@ -23,7 +23,7 @@
|
|||||||
// release artifacts are signed with cosign keyless signing (Sigstore)
|
// release artifacts are signed with cosign keyless signing (Sigstore)
|
||||||
// users can verify with:
|
// users can verify with:
|
||||||
// cosign verify-blob --bundle checksums.bundle checksums
|
// cosign verify-blob --bundle checksums.bundle checksums
|
||||||
// install cosign: brew install cosign OR go install github.com/sigstore/cosign/v2/cmd/cosign@latest
|
// install cosign: brew install cosign OR go install github.com/sigstore/cosign/v2/cmd/cosign@v2.6.1
|
||||||
|
|
||||||
|
|
||||||
- snapcraft
|
- snapcraft
|
||||||
|
|||||||
@ -1,5 +1,5 @@
|
|||||||
#!/bin/sh
|
#!/bin/sh
|
||||||
set -ex
|
set -ex
|
||||||
go mod download golang.org/x/tools@latest
|
go mod download golang.org/x/tools@v0.44.0
|
||||||
curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/6008b81b81c690c046ffc3fd5bce896da715d5fd/install.sh | sh -s -- -b $(go env GOPATH)/bin v2.11.3
|
curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/6008b81b81c690c046ffc3fd5bce896da715d5fd/install.sh | sh -s -- -b $(go env GOPATH)/bin v2.11.3
|
||||||
curl -sSfL https://raw.githubusercontent.com/securego/gosec/424fc4cd9c82ea0fd6bee9cd49c2db2c3cc0c93f/install.sh | sh -s v2.22.11
|
curl -sSfL https://raw.githubusercontent.com/securego/gosec/424fc4cd9c82ea0fd6bee9cd49c2db2c3cc0c93f/install.sh | sh -s v2.22.11
|
||||||
@ -2,7 +2,7 @@
|
|||||||
|
|
||||||
set -eo pipefail
|
set -eo pipefail
|
||||||
|
|
||||||
# You may need to go install github.com/goreleaser/goreleaser/v2@latest first
|
# You may need to go install github.com/goreleaser/goreleaser/v2@v2.16.0 first
|
||||||
GORELEASER="goreleaser build --clean"
|
GORELEASER="goreleaser build --clean"
|
||||||
if [ -z "$CI" ] || [[ "${GITHUB_REF_NAME:-}" == draft-* ]]; then
|
if [ -z "$CI" ] || [[ "${GITHUB_REF_NAME:-}" == draft-* ]]; then
|
||||||
GORELEASER+=" --snapshot"
|
GORELEASER+=" --snapshot"
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user