File tree Expand file tree Collapse file tree 5 files changed +8
-6
lines changed Expand file tree Collapse file tree 5 files changed +8
-6
lines changed Original file line number Diff line number Diff line change 9
9
- name : Checkout
10
10
uses : actions/checkout@v4
11
11
- name : Checkmarx AST CLI Action
12
- uses : checkmarx/ast-github-action@main
12
+ uses : checkmarx/ast-github-action@831a8d51a8a0535c0399f9c12728d8d3cc22d850 # main (currently 2.0.28)
13
13
with :
14
14
base_uri : ${{ secrets.BASE_URI }}
15
15
cx_tenant : ${{ secrets.TENANT }}
Original file line number Diff line number Diff line change 41
41
42
42
- name : Delete releases and tags
43
43
continue-on-error : true
44
- uses :
dev-drprasad/[email protected]
44
+ uses : dev-drprasad/delete-older-releases@dfbe6be2a006e9475dfcbe5b8d201f1824c2a9fe # v0.3.4
45
45
env :
46
46
GITHUB_TOKEN : ${{ secrets.PERSONAL_ACCESS_TOKEN }}
47
47
with :
Original file line number Diff line number Diff line change 11
11
steps :
12
12
- name : Dependabot metadata
13
13
id : metadata
14
- uses :
dependabot/[email protected]
14
+ uses : dependabot/fetch-metadata@5e5f99653a5b510e8555840e80cbf1514ad4af38 # v2.1.0
15
15
with :
16
16
github-token : " ${{ secrets.PERSONAL_ACCESS_TOKEN }}"
17
17
- name : Enable auto-merge for Dependabot PRs
20
20
GITHUB_TOKEN : ${{secrets.PERSONAL_ACCESS_TOKEN }}
21
21
run : gh pr merge --auto --merge "$PR_URL"
22
22
- name : Auto approve dependabot PRs
23
- uses : hmarr/auto-approve-action@v4
23
+ uses : hmarr/auto-approve-action@f0939ea97e9205ef24d872e76833fa908a770363 # v4
24
24
with :
25
25
github-token : ${{ secrets.PERSONAL_ACCESS_TOKEN }}
Original file line number Diff line number Diff line change @@ -92,11 +92,13 @@ jobs:
92
92
npm ci
93
93
npm run build
94
94
95
+
95
96
# PUSH TAGS IF IT IS A RELEASE
96
97
- name : Push tag if release
97
98
if : inputs.dev == false
98
99
run : git push && git push --tags
99
100
101
+
100
102
# PUBLISH NPM PACKAGE
101
103
- name : Publish npm package
102
104
run : |
@@ -110,7 +112,7 @@ jobs:
110
112
111
113
# CREATE RELEASE
112
114
- name : Create Release
113
- uses : softprops/action-gh-release@v2
115
+ uses : softprops/action-gh-release@a6c7483a42ee9d5daced968f6c217562cd680f7f # v2
114
116
with :
115
117
name : ${{env.TAG_NAME}}
116
118
tag_name : ${{env.TAG_NAME}}
Original file line number Diff line number Diff line change 29
29
./.github/scripts/update_cli.sh ${{ steps.checkmarx-ast-cli.outputs.release_tag }}
30
30
- name : Create Pull Request
31
31
if : steps.checkmarx-ast-cli.outputs.current_tag != steps.checkmarx-ast-cli.outputs.release_tag
32
- uses : peter-evans/create-pull-request@v6
32
+ uses : peter-evans/create-pull-request@b1ddad2c994a25fbc81a28b3ec0e368bb2021c50 # v6
33
33
with :
34
34
token : ${{ secrets.PERSONAL_ACCESS_TOKEN }}
35
35
commit-message : Update checkmarx-ast-cli to ${{ steps.checkmarx-ast-cli.outputs.release_tag }}
You can’t perform that action at this time.
0 commit comments