Bump actions/checkout from 6 to 7 in the actions group #2
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This workflow automatically posts a guidance comment on new pull requests. | |
| # It welcomes contributors and provides a brief message to acknowledge their | |
| # contribution to EngineScript Site Exporter. | |
| # The workflow is triggered whenever a new pull request is opened. | |
| name: New Pull Request Guidance | |
| on: | |
| # pull_request_target is used only so the workflow can post this static | |
| # guidance comment on forked PRs. Do not add checkout, build, or script steps | |
| # here because this event has access to repository-scoped credentials. | |
| pull_request_target: | |
| types: [opened] | |
| permissions: read-all | |
| env: | |
| PLUGIN_SLUG: enginescript-site-exporter | |
| jobs: | |
| guide: | |
| runs-on: ubuntu-latest | |
| # Explicitly define permissions required by the job | |
| permissions: | |
| pull-requests: write | |
| steps: | |
| - name: Post guidance comment on new PR | |
| uses: peter-evans/create-or-update-comment@v5 | |
| with: | |
| issue-number: ${{ github.event.pull_request.number }} | |
| body: | | |
| Thanks for contributing to EngineScript Site Exporter! | |
| **Before we review:** | |
| - [ ] Have you tested your changes with WordPress 6.8+? | |
| - [ ] Are your changes compatible with PHP 8.2+? | |
| - [ ] Have you followed WordPress coding standards? | |
| - [ ] Did you update the CHANGELOG.md if needed? | |
| **Security Reminder** | |
| This plugin creates site export archives, so please ensure: | |
| - All user input is properly sanitized | |
| - All output is properly escaped | |
| - No security vulnerabilities are introduced | |
| We'll review your PR soon. |