build(deps): bump actions/checkout from 6 to 7 #243
ci.yml
on: pull_request
✅ Validate YAML Syntax
13s
🧹 Lint YAML Files
4s
🔍 Validate Workflow Structure
4s
🔒 Security Scan
25s
📚 Validate Documentation
6s
🏷️ Validate Naming Conventions
3s
🔍 Actionlint
19s
📝 Generate Documentation Index
0s
⚠️ Check Deprecated Actions
4s
🔐 Validate Permissions
5s
📊 CI Summary
6s
🩺 Diagnose failure (naoru)
0s
Annotations
14 errors, 3 warnings, and 1 notice
|
🧹 Lint YAML Files
Process completed with exit code 1.
|
|
🔍 Actionlint:
.github/workflows/registry-webhook-sync.yml#L78
[actionlint] reported by reviewdog 🐶
shellcheck reported issue in this script: SC2129:style:60:1: Consider using { cmd1; cmd2; } >> file instead of individual redirects [shellcheck]
Raw Output:
e:.github/workflows/registry-webhook-sync.yml:78:9: shellcheck reported issue in this script: SC2129:style:60:1: Consider using { cmd1; cmd2; } >> file instead of individual redirects [shellcheck]
|
|
🔍 Actionlint:
.github/workflows/pr-auto-merge.yml#L109
[actionlint] reported by reviewdog 🐶
property "static-checks" is not defined in object type {static-checks-azure: {outputs: {}; result: string}} [expression]
Raw Output:
e:.github/workflows/pr-auto-merge.yml:109:10: property "static-checks" is not defined in object type {static-checks-azure: {outputs: {}; result: string}} [expression]
|
|
🔍 Actionlint:
.github/workflows/pr-auto-merge.yml#L85
[actionlint] reported by reviewdog 🐶
property "static-checks-azure" is not defined in object type {static-checks: {outputs: {}; result: string}} [expression]
Raw Output:
e:.github/workflows/pr-auto-merge.yml:85:53: property "static-checks-azure" is not defined in object type {static-checks: {outputs: {}; result: string}} [expression]
|
|
🔒 Security Scan
CKV2_GHA_1: "Ensure top-level permissions are not set to write-all"
|
|
🔒 Security Scan
CKV2_GHA_1: "Ensure top-level permissions are not set to write-all"
|
|
🔒 Security Scan
CKV2_GHA_1: "Ensure top-level permissions are not set to write-all"
|
|
🔒 Security Scan
CKV2_GHA_1: "Ensure top-level permissions are not set to write-all"
|
|
🔒 Security Scan
CKV2_GHA_1: "Ensure top-level permissions are not set to write-all"
|
|
🔒 Security Scan
CKV2_GHA_1: "Ensure top-level permissions are not set to write-all"
|
|
🔒 Security Scan
CKV_GHA_2: "Ensure run commands are not vulnerable to shell injection"
|
|
🔒 Security Scan
CKV_GHA_2: "Ensure run commands are not vulnerable to shell injection"
|
|
🔒 Security Scan
CKV_GHA_7: "The build output cannot be affected by user parameters other than the build entry point and the top-level source location. GitHub Actions workflow_dispatch inputs MUST be empty. "
|
|
🔒 Security Scan
CKV_GHA_2: "Ensure run commands are not vulnerable to shell injection"
|
|
🔍 Actionlint:
.github/workflows/notify-slack.yml#L81
[actionlint] reported by reviewdog 🐶
shellcheck reported issue in this script: SC2086:info:106:43: Double quote to prevent globbing and word splitting [shellcheck]
Raw Output:
i:.github/workflows/notify-slack.yml:81:9: shellcheck reported issue in this script: SC2086:info:106:43: Double quote to prevent globbing and word splitting [shellcheck]
|
|
🔍 Actionlint:
.github/workflows/cloudrun-rollback.yml#L57
[actionlint] reported by reviewdog 🐶
shellcheck reported issue in this script: SC2086:info:6:30: Double quote to prevent globbing and word splitting [shellcheck]
Raw Output:
i:.github/workflows/cloudrun-rollback.yml:57:9: shellcheck reported issue in this script: SC2086:info:6:30: Double quote to prevent globbing and word splitting [shellcheck]
|
|
🔍 Actionlint
Input 'fail_on_error' has been deprecated with message: Deprecated, use `fail_level` instead.
|
|
GitHub API token
Consider setting a GITHUB_TOKEN to prevent GitHub api rate limits
|