Skip to content

Commit 0e86ccf

Browse files
authored
Merge pull request #33 from htmlhint/dev/coliff/gh-action-hardening
Update workflows and configs for dependency and action versions
2 parents d182c4d + da5e223 commit 0e86ccf

File tree

6 files changed

+12
-8
lines changed

6 files changed

+12
-8
lines changed

.astro/types.d.ts

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1 +1,2 @@
11
/// <reference types="astro/client" />
2+
/// <reference path="content.d.ts" />

.cspell.json

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,7 @@
66
"Merbivore",
77
"Monokai",
88
"SARIF",
9+
"withastro",
910
"ZIZMOR"
1011
],
1112
"allowCompoundWords": true,

.github/copilot-instructions.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,7 @@
55
- All code should be formatted with Prettier.
66
- Use ESLint v8.57.1 to check for JavaScript errors.
77
- Node v22 is used for development.
8-
- Use Bootstrap v5.3.7 for styling.
8+
- Use Bootstrap v5.3.8 for styling.
99
- Use latest Astro for building the website.
1010
- Locally host JS/CSS - don't use third-party CDNs.
1111
- All HTML must be accessible.

.github/workflows/build.yml

Lines changed: 6 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -18,9 +18,12 @@ jobs:
1818
runs-on: ubuntu-latest
1919
steps:
2020
- name: ⬇️ Checkout
21-
uses: actions/checkout@v5
21+
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
22+
with:
23+
persist-credentials: false
24+
2225
- name: Install, build, and upload your site
23-
uses: withastro/action@v4
26+
uses: withastro/action@77fad83745446cf039d76af7037b782f1af80749 # v4.1.0
2427

2528
deploy:
2629
needs: build
@@ -31,4 +34,4 @@ jobs:
3134
steps:
3235
- name: Deploy to GitHub Pages
3336
id: deployment
34-
uses: actions/deploy-pages@v4
37+
uses: actions/deploy-pages@d6db90164ac5ed86f2b6aed7e0febac5b3c0c03e # v4.0.5

.github/workflows/codeql-analysis.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -27,10 +27,10 @@ jobs:
2727
persist-credentials: false
2828

2929
- name: Initialize CodeQL
30-
uses: github/codeql-action/init@v3
30+
uses: github/codeql-action/init@f1f6e5f6af878fb37288ce1c627459e94dbf7d01 # v3.30.1
3131
with:
3232
languages: 'javascript'
3333
queries: +security-and-quality
3434

3535
- name: Perform CodeQL Analysis
36-
uses: github/codeql-action/analyze@v3
36+
uses: github/codeql-action/analyze@f1f6e5f6af878fb37288ce1c627459e94dbf7d01 # v3.30.1

.github/workflows/super-linter.yml

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -30,7 +30,7 @@ jobs:
3030
persist-credentials: false
3131

3232
- name: Super-linter
33-
uses: super-linter/super-linter/slim@v8.1.0
33+
uses: super-linter/super-linter/slim@ffde3b2b33b745cb612d787f669ef9442b1339a6 # v8.1.0.1.0
3434
env:
3535
DEFAULT_BRANCH: main
3636
FILTER_REGEX_EXCLUDE: '/test/'
@@ -45,7 +45,6 @@ jobs:
4545
VALIDATE_CSS: false
4646
VALIDATE_EDITORCONFIG: false
4747
VALIDATE_GIT_COMMITLINT: false
48-
VALIDATE_GITHUB_ACTIONS_ZIZMOR: false
4948
VALIDATE_HTML_PRETTIER: false
5049
VALIDATE_JAVASCRIPT_PRETTIER: false
5150
VALIDATE_JSON_PRETTIER: false

0 commit comments

Comments
 (0)