mirror of
https://github.com/pomerium/pomerium.git
synced 2025-08-04 01:09:36 +02:00
1ed7b519fa
Bumps the github-actions group with 11 updates: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `4.2.0` | `4.2.2` | | [actions/setup-go](https://github.com/actions/setup-go) | `5.0.2` | `5.1.0` | | [actions/setup-node](https://github.com/actions/setup-node) | `4.0.4` | `4.1.0` | | [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `3.6.1` | `3.7.1` | | [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) | `6.1.0` | `6.1.1` | | [google-github-actions/auth](https://github.com/google-github-actions/auth) | `2.1.5` | `2.1.7` | | [google-github-actions/setup-gcloud](https://github.com/google-github-actions/setup-gcloud) | `2.1.1` | `2.1.2` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.4.0` | `4.4.3` | | [jandelgado/gcov2lcov-action](https://github.com/jandelgado/gcov2lcov-action) | `1.0.9` | `1.1.1` | | [coverallsapp/github-action](https://github.com/coverallsapp/github-action) | `2.3.0` | `2.3.4` | | [actions/setup-python](https://github.com/actions/setup-python) | `5.2.0` | `5.3.0` | Updates `actions/checkout` from 4.2.0 to 4.2.2 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](d632683dd7...11bd71901b) Updates `actions/setup-go` from 5.0.2 to 5.1.0 - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](0a12ed9d6a...41dfa10bad) Updates `actions/setup-node` from 4.0.4 to 4.1.0 - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](0a44ba7841...39370e3970) Updates `docker/setup-buildx-action` from 3.6.1 to 3.7.1 - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](988b5a0280...c47758b77c) Updates `golangci/golangci-lint-action` from 6.1.0 to 6.1.1 - [Release notes](https://github.com/golangci/golangci-lint-action/releases) - [Commits](aaa42aa062...971e284b60) Updates `google-github-actions/auth` from 2.1.5 to 2.1.7 - [Release notes](https://github.com/google-github-actions/auth/releases) - [Changelog](https://github.com/google-github-actions/auth/blob/main/CHANGELOG.md) - [Commits](62cf5bd3e4...6fc4af4b14) Updates `google-github-actions/setup-gcloud` from 2.1.1 to 2.1.2 - [Release notes](https://github.com/google-github-actions/setup-gcloud/releases) - [Changelog](https://github.com/google-github-actions/setup-gcloud/blob/main/CHANGELOG.md) - [Commits](f0990588f1...6189d56e40) Updates `actions/upload-artifact` from 4.4.0 to 4.4.3 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](50769540e7...b4b15b8c7c) Updates `jandelgado/gcov2lcov-action` from 1.0.9 to 1.1.1 - [Release notes](https://github.com/jandelgado/gcov2lcov-action/releases) - [Changelog](https://github.com/jandelgado/gcov2lcov-action/blob/master/CHANGELOG.md) - [Commits](c680c0f7c7...4e19897678) Updates `coverallsapp/github-action` from 2.3.0 to 2.3.4 - [Release notes](https://github.com/coverallsapp/github-action/releases) - [Commits](643bc377ff...cfd0633edb) Updates `actions/setup-python` from 5.2.0 to 5.3.0 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](f677139bbe...0b93645e9f) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: actions/setup-go dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/setup-node dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: docker/setup-buildx-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: golangci/golangci-lint-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: google-github-actions/auth dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: google-github-actions/setup-gcloud dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: jandelgado/gcov2lcov-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: coverallsapp/github-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
56 lines
1.7 KiB
YAML
56 lines
1.7 KiB
YAML
name: "CodeQL"
|
|
|
|
on:
|
|
push:
|
|
branches: ["main", "[0-9]-*"]
|
|
pull_request:
|
|
branches: ["main", "[0-9]-*"]
|
|
|
|
jobs:
|
|
analyze:
|
|
name: Analyze (${{ matrix.language }})
|
|
# Runner size impacts CodeQL analysis time. To learn more, please see:
|
|
# - https://gh.io/recommended-hardware-resources-for-running-codeql
|
|
# - https://gh.io/supported-runners-and-hardware-resources
|
|
# - https://gh.io/using-larger-runners (GitHub.com only)
|
|
# Consider using larger runners or machines with greater resources for possible analysis time improvements.
|
|
runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }}
|
|
permissions:
|
|
# required for all workflows
|
|
security-events: write
|
|
|
|
# required to fetch internal or private CodeQL packs
|
|
packages: read
|
|
|
|
# only required for workflows in private repositories
|
|
actions: read
|
|
contents: read
|
|
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
include:
|
|
- language: go
|
|
build-mode: manual
|
|
- language: javascript-typescript
|
|
build-mode: none
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
|
|
|
|
# Initializes the CodeQL tools for scanning.
|
|
- name: Initialize CodeQL
|
|
uses: github/codeql-action/init@5c02493ebfd65b28fd3b082c65e5af2cd745d91f
|
|
with:
|
|
languages: ${{ matrix.language }}
|
|
build-mode: ${{ matrix.build-mode }}
|
|
|
|
- if: matrix.build-mode == 'manual'
|
|
shell: bash
|
|
run: |
|
|
make build
|
|
|
|
- name: Perform CodeQL Analysis
|
|
uses: github/codeql-action/analyze@5c02493ebfd65b28fd3b082c65e5af2cd745d91f
|
|
with:
|
|
category: "/language:${{matrix.language}}"
|