File tree Expand file tree Collapse file tree
Expand file tree Collapse file tree Original file line number Diff line number Diff line change @@ -11,6 +11,8 @@ concurrency:
1111 group : ${{ github.workflow }}-${{ github.event_name == 'pull_request_target' && github.head_ref || github.ref }}
1212 cancel-in-progress : true
1313
14+ permissions : {}
15+
1416env :
1517 NODE_OPTIONS : " --max_old_space_size=8192"
1618
Original file line number Diff line number Diff line change 55 - cron : ' 0 3 * * SUN'
66 workflow_dispatch :
77
8+ permissions : {}
9+
810jobs :
911 contributors :
1012 name : docs_contributors
Original file line number Diff line number Diff line change 44 push :
55 branches : [main]
66
7+ permissions : {}
8+
79jobs :
810 congrats :
911 name : congratsbot
Original file line number Diff line number Diff line change 55 - cron : ' 0 10 * * TUE'
66 workflow_dispatch :
77
8+ permissions : {}
9+
810jobs :
911 translation :
1012 name : translation_tuesday
Original file line number Diff line number Diff line change 55 branches :
66 - main
77
8+ permissions : {}
9+
810jobs :
911 format :
1012 runs-on : ubuntu-latest
Original file line number Diff line number Diff line change 1111 - ' src/content/docs/ja/**'
1212 - ' .textlintrc.ja.json'
1313
14+ permissions : {}
15+
1416# Automatically cancel in-progress actions on the same branch
1517concurrency :
1618 group : ${{ github.workflow }}-${{ github.event_name == 'pull_request_target' && github.head_ref || github.ref }}
Original file line number Diff line number Diff line change @@ -2,6 +2,7 @@ name: Lunaria
22
33on :
44 # Trigger the workflow every time a pull request is opened or synchronized at the target `main` branch
5+ # zizmor: ignore[dangerous-triggers]
56 pull_request_target :
67 types : [opened, synchronize]
78
Original file line number Diff line number Diff line change 55 - cron : ' 0 12 * * *'
66 workflow_dispatch :
77
8+ permissions : {}
9+
810jobs :
911 docgen :
1012 name : Generate Reference Docs
Original file line number Diff line number Diff line change 11name : WelcomeBot
22
33on :
4+ # zizmor: ignore[dangerous-triggers]
45 pull_request_target :
56 branches : [main]
67 types : [opened]
78
8- permissions :
9- pull-requests : write
9+ permissions : {}
1010
1111jobs :
1212 welcome :
1313 name : Welcome First Time Contributors
1414 runs-on : ubuntu-latest
15+ permissions :
16+ pull-requests : write
1517 steps :
1618 - uses : actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
1719 - uses : zephyrproject-rtos/action-first-interaction@58853996b1ac504b8e0f6964301f369d2bb22e5c
Original file line number Diff line number Diff line change 1+ name : GitHub Actions Security Analysis with zizmor 🌈
2+
3+ on :
4+ push :
5+ branches : ["main"]
6+ pull_request :
7+ branches : ["**"]
8+
9+ permissions : {}
10+
11+ jobs :
12+ zizmor :
13+ name : Run zizmor 🌈
14+ runs-on : ubuntu-latest
15+ permissions :
16+ security-events : write # Required for upload-sarif (used by zizmor-action) to upload SARIF files.
17+ contents : read # Only needed for private repos. Needed to clone the repo.
18+ actions : read # Only needed for private repos. Needed for upload-sarif to read workflow run info.
19+ steps :
20+ - name : Checkout repository
21+ uses : actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
22+ with :
23+ persist-credentials : false
24+
25+ - name : Run zizmor 🌈
26+ uses : zizmorcore/zizmor-action@5f14fd08f7cf1cb1609c1e344975f152c7ee938d # v0.5.6
27+ with :
28+ inputs : ' .github/workflows/'
29+ min-confidence : medium
30+ min-severity : medium
You can’t perform that action at this time.
0 commit comments