Skip to content

Commit 76ede92

Browse files
authored
Group dependencies in Dependabot (#363)
* Group dependencies in Dependabot * Pin workflow action versions
1 parent 1679125 commit 76ede92

5 files changed

Lines changed: 53 additions & 49 deletions

File tree

.github/dependabot.yml

Lines changed: 32 additions & 28 deletions
Original file line numberDiff line numberDiff line change
@@ -7,33 +7,37 @@
77

88
version: 2
99
updates:
10+
# Maintain dependencies for GitHub Actions
11+
- package-ecosystem: 'github-actions'
12+
directory: '/'
13+
schedule:
14+
interval: 'daily'
15+
labels:
16+
- 'ci-quality'
17+
reviewers:
18+
- 'azure/psdocs-azure'
1019

11-
# Maintain dependencies for GitHub Actions
12-
- package-ecosystem: 'github-actions'
13-
directory: '/'
14-
schedule:
15-
interval: 'daily'
16-
labels:
17-
- 'ci-quality'
18-
reviewers:
19-
- 'azure/psdocs-azure'
20+
# Maintain dependencies for NuGet
21+
- package-ecosystem: 'nuget'
22+
directory: '/'
23+
schedule:
24+
interval: 'daily'
25+
labels:
26+
- 'dependencies'
27+
reviewers:
28+
- 'azure/psdocs-azure'
2029

21-
# Maintain dependencies for NuGet
22-
- package-ecosystem: 'nuget'
23-
directory: '/'
24-
schedule:
25-
interval: 'daily'
26-
labels:
27-
- 'dependencies'
28-
reviewers:
29-
- 'azure/psdocs-azure'
30-
31-
# Maintain dependencies for Python
32-
- package-ecosystem: 'pip'
33-
directory: '/'
34-
schedule:
35-
interval: 'daily'
36-
labels:
37-
- 'ci-quality'
38-
reviewers:
39-
- 'azure/psdocs-azure'
30+
# Maintain dependencies for Python
31+
- package-ecosystem: 'pip'
32+
directory: '/'
33+
schedule:
34+
interval: 'daily'
35+
groups:
36+
dev:
37+
dependency-type: development
38+
release:
39+
dependency-type: production
40+
labels:
41+
- 'ci-quality'
42+
reviewers:
43+
- 'azure/psdocs-azure'

.github/workflows/analyze.yaml

Lines changed: 9 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -29,10 +29,10 @@ jobs:
2929
contents: read
3030
steps:
3131
- name: Checkout
32-
uses: actions/checkout@v4
32+
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
3333

3434
- name: Run PSRule analysis
35-
uses: microsoft/ps-rule@main
35+
uses: microsoft/ps-rule@46451b8f5258c41beb5ae69ed7190ccbba84112c # v2.9.0
3636
with:
3737
modules: PSRule.Rules.MSFT.OSS
3838
prerelease: true
@@ -46,15 +46,15 @@ jobs:
4646
security-events: write
4747
steps:
4848
- name: Checkout
49-
uses: actions/checkout@v4
49+
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
5050

5151
- name: Run DevSkim scanner
52-
uses: microsoft/DevSkim-Action@v1
52+
uses: microsoft/DevSkim-Action@a6b6966a33b497cd3ae2ebc406edf8f4cc2feec6 # v1.0.15
5353
with:
5454
directory-to-scan: src/
5555

5656
- name: Upload results to security tab
57-
uses: github/codeql-action/upload-sarif@v2
57+
uses: github/codeql-action/upload-sarif@5f8171a638ada777af81d42b55959a643bb29017 # v3.28.12
5858
with:
5959
sarif_file: devskim-results.sarif
6060

@@ -67,15 +67,15 @@ jobs:
6767
security-events: write
6868
steps:
6969
- name: Checkout
70-
uses: actions/checkout@v4
70+
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
7171

7272
- name: Initialize CodeQL
73-
uses: github/codeql-action/init@v2
73+
uses: github/codeql-action/init@5f8171a638ada777af81d42b55959a643bb29017 # v3.28.12
7474
with:
7575
languages: 'csharp'
7676

7777
- name: Autobuild
78-
uses: github/codeql-action/autobuild@v2
78+
uses: github/codeql-action/autobuild@5f8171a638ada777af81d42b55959a643bb29017 # v3.28.12
7979

8080
- name: Perform CodeQL Analysis
81-
uses: github/codeql-action/analyze@v2
81+
uses: github/codeql-action/analyze@5f8171a638ada777af81d42b55959a643bb29017 # v3.28.12

.github/workflows/build.yaml

Lines changed: 8 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -28,10 +28,10 @@ jobs:
2828

2929
steps:
3030
- name: Checkout
31-
uses: actions/checkout@v4
31+
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
3232

3333
- name: Setup .NET
34-
uses: actions/setup-dotnet@v4
34+
uses: actions/setup-dotnet@67a3573c9a986a3f9c594539f4ab511d57bb3ce9 # v4.3.1
3535
with:
3636
dotnet-version: 6.x
3737

@@ -46,15 +46,15 @@ jobs:
4646
run: Invoke-Build -Configuration Release -AssertStyle GitHubActions
4747

4848
- name: Upload module
49-
uses: actions/upload-artifact@v3
49+
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
5050
with:
5151
name: Module
5252
path: ./out/modules/PSDocs.Azure/*
5353
retention-days: 3
5454
if-no-files-found: error
5555

5656
# - name: Upload Test Results
57-
# uses: actions/upload-artifact@v3
57+
# uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
5858
# if: always()
5959
# with:
6060
# name: Module.DotNet.TestResults
@@ -63,7 +63,7 @@ jobs:
6363
# if-no-files-found: error
6464

6565
- name: Upload PSRule Results
66-
uses: actions/upload-artifact@v3
66+
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
6767
if: always()
6868
with:
6969
name: Module.PSRule.TestResults
@@ -105,10 +105,10 @@ jobs:
105105

106106
steps:
107107
- name: Checkout
108-
uses: actions/checkout@v4
108+
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
109109

110110
- name: Setup .NET
111-
uses: actions/setup-dotnet@v4
111+
uses: actions/setup-dotnet@67a3573c9a986a3f9c594539f4ab511d57bb3ce9 # v4.3.1
112112
with:
113113
dotnet-version: 6.x
114114

@@ -125,7 +125,7 @@ jobs:
125125
run: ./scripts/pipeline-deps.ps1
126126

127127
- name: Download module
128-
uses: actions/download-artifact@v3
128+
uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1
129129
with:
130130
name: Module
131131
path: ./out/modules/PSDocs.Azure

.github/workflows/docs.yaml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -10,7 +10,7 @@ on:
1010
push:
1111
branches:
1212
- main
13-
workflow_dispatch:
13+
workflow_dispatch: {}
1414

1515
permissions: {}
1616

@@ -22,7 +22,7 @@ jobs:
2222
contents: write
2323
steps:
2424
- name: Checkout
25-
uses: actions/checkout@v4
25+
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
2626
with:
2727
fetch-depth: 0
2828

@@ -39,7 +39,7 @@ jobs:
3939
prerelease: true
4040

4141
- name: Setup Python
42-
uses: actions/setup-python@v4
42+
uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38 # v5.4.0
4343
with:
4444
python-version: '3.9'
4545
architecture: 'x64'

.github/workflows/stale.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -22,7 +22,7 @@ jobs:
2222
issues: write
2323
pull-requests: write
2424
steps:
25-
- uses: actions/stale@v8
25+
- uses: actions/stale@5bef64f19d7facfb25b37b414482c7164d639639 # v9.1.0
2626
with:
2727
stale-issue-message: >
2828
This issue has been automatically marked as stale because it has not had

0 commit comments

Comments
 (0)