ci: configure zizmor GHA security checks, fix findings #238
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Welcome Message | |
| on: | |
| pull_request_target: | |
| branches: [main] | |
| types: [opened] | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} | |
| cancel-in-progress: true | |
| permissions: {} | |
| jobs: | |
| greeting: | |
| name: Greet First-Time Contributors | |
| if: github.repository == 'npmx-dev/npmx.dev' | |
| runs-on: ubuntu-latest | |
| permissions: | |
| pull-requests: write # post first-time contributor greeting comments | |
| steps: | |
| - uses: zephyrproject-rtos/action-first-interaction@58853996b1ac504b8e0f6964301f369d2bb22e5c | |
| with: | |
| repo-token: ${{ secrets.GITHUB_TOKEN }} | |
| pr-opened-message: | | |
| Hello! Thank you for opening your **first PR** to npmx, @${{ github.event.pull_request.user.login }}! 🚀 | |
| Here’s what will happen next: | |
| 1. Our GitHub bots will run to check your changes. | |
| If they spot any issues you will see some error messages on this PR. | |
| Don’t hesitate to ask any questions if you’re not sure what these mean! | |
| 2. In a few minutes, you’ll be able to see a preview of your changes on Vercel | |
| 3. One or more of our maintainers will take a look and may ask you to make changes. | |
| We try to be responsive, but don’t worry if this takes a few days. |