Skip to content

Commit

Permalink
chore(dev): apply ci security updates
Browse files Browse the repository at this point in the history
[StepSecurity] Apply security best practices

Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
  • Loading branch information
step-security-bot committed Aug 14, 2023
1 parent 57b2ac0 commit 754c4fd
Show file tree
Hide file tree
Showing 4 changed files with 16 additions and 6 deletions.
10 changes: 10 additions & 0 deletions .github/dependabot.yml
Original file line number Diff line number Diff line change
Expand Up @@ -9,3 +9,13 @@ updates:
directory: /
schedule:
interval: daily

- package-ecosystem: gomod
directory: /
schedule:
interval: daily

- package-ecosystem: maven
directory: /
schedule:
interval: daily
8 changes: 4 additions & 4 deletions .github/workflows/module.build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -134,14 +134,14 @@ jobs:
with:
egress-policy: audit
- name: "Setup: Checkout"
uses: actions/checkout@v3
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
- name: "Setup: msbuild"
uses: microsoft/setup-msbuild@v1.1
uses: microsoft/setup-msbuild@34cfbaee7f672c76950673338facd8a73f637506 # v1.1.3
if: ${{ contains(inputs.runner, 'windows') }}
- name: "Setup: Bazel"
uses: bazelbuild/setup-bazelisk@v2
uses: bazelbuild/setup-bazelisk@95c9bf48d0c570bb3e28e57108f3450cd67c1a44 # v2.0.0
- name: "Setup: Cache"
uses: actions/cache@v3
uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3.3.1
with:
path: "~/.cache/bazel"
key: bazel-v2
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/on.pr.yml
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ jobs:
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
- name: "Report: Dependency Graph"
continue-on-error: true
uses: advanced-security/maven-dependency-submission-action@v3
uses: advanced-security/maven-dependency-submission-action@d682d5d68a398c90e9b35f8c564cd8e1918d6a24 # v3.0.1

dependency-review:
name: "Dependency Review"
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/on.push.yml
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ jobs:
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
- name: "Report: Dependency Graph"
continue-on-error: true
uses: advanced-security/maven-dependency-submission-action@v3
uses: advanced-security/maven-dependency-submission-action@d682d5d68a398c90e9b35f8c564cd8e1918d6a24 # v3.0.1

build:
name: "Build (${{ matrix.label }})"
Expand Down

0 comments on commit 754c4fd

Please sign in to comment.