Skip to content

Fix action rights#199

Merged
dorssel merged 1 commit into
mainfrom
fix_action_rights
Jul 2, 2026
Merged

Fix action rights#199
dorssel merged 1 commit into
mainfrom
fix_action_rights

Conversation

@dorssel

@dorssel dorssel commented Jul 2, 2026

Copy link
Copy Markdown
Owner

No description provided.

@github-actions

github-actions Bot commented Jul 2, 2026

Copy link
Copy Markdown
Contributor

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

Scanned Files

None

@codecov

codecov Bot commented Jul 2, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 100.00%. Comparing base (d48b693) to head (618b52e).
✅ All tests successful. No failed tests found.

Additional details and impacted files
@@            Coverage Diff            @@
##              main      #199   +/-   ##
=========================================
  Coverage   100.00%   100.00%           
=========================================
  Files            4         4           
  Lines           81        81           
  Branches        14        14           
=========================================
  Hits            81        81           

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This pull request updates CI and dependency automation configuration to avoid permission-related failures on forked pull requests while improving Dependabot update batching for GitHub Actions.

Changes:

  • Skip the attestation and dependency-submission steps when the workflow runs for pull requests from forks.
  • Add a Dependabot group to bundle all GitHub Actions updates into a single PR.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.

File Description
.github/workflows/dotnet.yml Adds conditional execution to steps that require elevated permissions so they don’t run on forked PRs.
.github/dependabot.yml Groups all github-actions updates together via a Dependabot group configuration.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@github-actions

github-actions Bot commented Jul 2, 2026

Copy link
Copy Markdown
Contributor

MegaLinter analysis: Success

Descriptor Linter Files Fixed Errors Warnings Elapsed time
✅ ACTION actionlint 8 0 0 0.12s
✅ ACTION zizmor 8 0 0 2.1s
✅ EDITORCONFIG editorconfig-checker 56 0 0 0.09s
✅ JSON jsonlint 3 0 0 0.2s
✅ JSON prettier 3 0 0 0.56s
✅ JSON v8r 3 0 0 2.94s
✅ MARKDOWN markdownlint 2 0 0 0.56s
✅ MARKDOWN markdown-table-formatter 2 0 0 0.24s
✅ REPOSITORY betterleaks yes no no 0.58s
✅ REPOSITORY checkov yes no no 19.97s
✅ REPOSITORY gitleaks yes no no 0.18s
✅ REPOSITORY git_diff yes no no 0.01s
✅ REPOSITORY grype yes no no 49.24s
✅ REPOSITORY osv-scanner yes no no 0.68s
✅ REPOSITORY secretlint yes no no 0.9s
✅ REPOSITORY syft yes no no 2.42s
✅ REPOSITORY trivy-sbom yes no no 5.23s
✅ REPOSITORY trufflehog yes no no 3.83s
✅ XML xmllint 5 0 0 0.3s
✅ YAML prettier 13 0 0 0.57s
✅ YAML v8r 13 0 0 7.82s
✅ YAML yamllint 13 0 0 0.6s

Notices

📣 MegaLinter 9.5.0 is out! Discover the new features and security recommendations in the release announcement. (Skip this info by defining SECURITY_SUGGESTIONS: false)

See detailed reports in MegaLinter artifacts

MegaLinter is graciously provided by OX Security
Show us your support by starring ⭐ the repository

@dorssel dorssel merged commit 8792ce5 into main Jul 2, 2026
10 checks passed
@dorssel dorssel deleted the fix_action_rights branch July 2, 2026 15:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants