diff --git a/.github/dependency-review-config.yml b/.github/dependency-review-config.yml index ad43fd92..b7a2f486 100644 --- a/.github/dependency-review-config.yml +++ b/.github/dependency-review-config.yml @@ -8,9 +8,5 @@ allow-licenses: - MIT - Apache-2.0 -deny-licenses: - - LGPL-2.0 - - BSD-2-Clause - allow-ghsas: [] diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index a873e237..5ae04b36 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -1,21 +1,9 @@ -# For most projects, this workflow file will not need changing; you simply need -# to commit it to your repository. -# -# You may wish to alter this file to override the set of languages analyzed, -# or to provide custom queries or build logic. -# -# ******** NOTE ******** -# We have attempted to detect the languages in your repository. Please check -# the `language` matrix defined below to confirm you have the correct set of -# supported CodeQL languages. -# name: "CodeQL" on: push: branches: ["main"] pull_request: - # The branches below must be a subset of the branches above branches: ["main"] schedule: - cron: "0 0 * * 1" diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml deleted file mode 100644 index d7cee7d9..00000000 --- a/.github/workflows/dependency-review.yml +++ /dev/null @@ -1,27 +0,0 @@ -# Dependency Review Action -# -# This Action will scan dependency manifest files that change as part of a Pull Request, -# surfacing known-vulnerable versions of the packages declared or updated in the PR. -# Once installed, if the workflow run is marked as required, -# PRs introducing known-vulnerable packages will be blocked from merging. -# -# Source repository: https://github.com/actions/dependency-review-action -name: 'Dependency Review' -on: [pull_request] - -permissions: - contents: read - -jobs: - dependency-review: - runs-on: ubuntu-latest - steps: - - name: Harden Runner - uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 - with: - egress-policy: audit - - - name: 'Checkout Repository' - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - - name: 'Dependency Review' - uses: actions/dependency-review-action@0efb1d1d84fc9633afcdaad14c485cbbc90ef46c # v2.5.1 diff --git a/.github/workflows/module.test.yml b/.github/workflows/module.test.yml index eb85c17c..e34da542 100644 --- a/.github/workflows/module.test.yml +++ b/.github/workflows/module.test.yml @@ -96,7 +96,7 @@ jobs: strategy: fail-fast: false matrix: - label: ["Bzlmod"] + label: ["BCR"] target: ["//sample"] action: ["build"] directory: ["./example/integration_tests/bzlmod"] @@ -127,3 +127,4 @@ jobs: bazel \ ${{ matrix.action || 'build' }} \ ${{ matrix.target || '//...' }} + diff --git a/.github/workflows/on.push.yml b/.github/workflows/on.push.yml index ae5be6c1..17a0c2fb 100644 --- a/.github/workflows/on.push.yml +++ b/.github/workflows/on.push.yml @@ -47,7 +47,7 @@ jobs: label: Ubuntu labs: false - runner: ubuntu-latest - label: Ubuntu / Bzlmod + label: Ubuntu - Bzlmod bzlmod: true labs: true - runner: windows-latest diff --git a/MODULE.bazel.lock b/MODULE.bazel.lock index 0c9a8757..34d65ab4 100644 --- a/MODULE.bazel.lock +++ b/MODULE.bazel.lock @@ -1,6 +1,6 @@ { "lockFileVersion": 1, - "moduleFileHash": "618d7112f0da53485db4528465e4f51516c4653069d5247a66abbaf819446878", + "moduleFileHash": "889d5d36f6ec6ef087890dadaa513fe5d42792efa4bdec349d1c6567226d9416", "flags": { "cmdRegistries": [ "https://bcr.bazel.build/" @@ -30,7 +30,7 @@ "usingModule": "", "location": { "file": "@@//:MODULE.bazel", - "line": 124, + "line": 125, "column": 22 }, "imports": { @@ -45,7 +45,7 @@ "devDependency": false, "location": { "file": "@@//:MODULE.bazel", - "line": 126, + "line": 127, "column": 14 } } @@ -59,7 +59,7 @@ "usingModule": "", "location": { "file": "@@//:MODULE.bazel", - "line": 139, + "line": 140, "column": 20 }, "imports": { @@ -73,7 +73,7 @@ "devDependency": false, "location": { "file": "@@//:MODULE.bazel", - "line": 141, + "line": 142, "column": 12 } }