From ad64a3286fd43e33522f69bffc27de3a9ad84fc4 Mon Sep 17 00:00:00 2001 From: Filipe Casal Date: Mon, 16 Dec 2024 17:06:48 +0000 Subject: [PATCH] Do not persist credentials on code checkout (#64) * chore: do not persist credentials on gh actions * Add color to lint --- .github/workflows/lint_and_format.yml | 8 +++++++- .github/workflows/publish.yml | 2 ++ package.json | 2 +- 3 files changed, 10 insertions(+), 2 deletions(-) diff --git a/.github/workflows/lint_and_format.yml b/.github/workflows/lint_and_format.yml index aa7bb16..8a283fb 100644 --- a/.github/workflows/lint_and_format.yml +++ b/.github/workflows/lint_and_format.yml @@ -11,13 +11,19 @@ jobs: security-events: write steps: - uses: actions/checkout@v4 + with: + persist-credentials: false + - uses: actions/setup-node@v4 + - name: Install modules run: npm install + - name: Run prettier run: npx prettier --check . + - name: Run ESLint - run: npx eslint --color -c .eslintrc.json . + run: npx eslint --ext ts --color -c .eslintrc.json src # GH's SARIF viewer does not support suppression directives so we get too many false positives # - name: SARIF diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 8ec67b3..ec02170 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -11,6 +11,8 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 + with: + persist-credentials: false - uses: actions/setup-node@v4 - name: Install dependencies diff --git a/package.json b/package.json index 092c10c..208c193 100644 --- a/package.json +++ b/package.json @@ -506,7 +506,7 @@ "compile": "node ./esbuild.js", "package": "NODE_ENV=production node ./esbuild.js", "watch": "node ./esbuild.js --watch", - "lint": "eslint src --ext ts", + "lint": "eslint --ext ts --color -c .eslintrc.json src", "prettier": "prettier --write ." }, "devDependencies": {