Skip to content

chore(deps): bump actions/checkout from 6.0.2 to 6.0.3 #58

chore(deps): bump actions/checkout from 6.0.2 to 6.0.3

chore(deps): bump actions/checkout from 6.0.2 to 6.0.3 #58

# Run Macaron's policies and generate Verification Summary Attestation reports.
# See https://github.com/oracle/macaron
name: Run Macaron to check supply chain security issues
on:
push:
branches:
- main
paths:
- .github/workflows/**
pull_request:
paths:
- .github/workflows/**
permissions:
contents: read
jobs:
run_macaron:
runs-on: ubuntu-latest
steps:
- name: Check out repository
uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
with:
fetch-depth: 0
# Check the GitHub Actions workflows in the repository for vulnerabilities.
- name: Run Macaron action
uses: oracle/macaron@4ddb55e3c9ef2c77b548be55c557078c4476fd9c # v0.24.0
with:
repo_path: ./
policy_file: check-github-actions
policy_purl: pkg:github.com/jenstroeger/python-package-template@.*
reports_retention_days: 90