chore(ci): consolidate Dependabot directories and pin GitHub Actions in workflow automation (#6172)

This commit is contained in:
Ludy
2026-04-23 13:30:10 +01:00
committed by GitHub
parent c5d07e23bf
commit 27ccf6afdd
4 changed files with 33 additions and 43 deletions
+11 -3
View File
@@ -5,6 +5,9 @@ on:
branches: [main]
pull_request:
permissions:
contents: read
jobs:
engine:
runs-on: ubuntu-latest
@@ -12,11 +15,16 @@ jobs:
contents: read
pull-requests: write
steps:
- name: Harden the runner (Audit all outbound calls)
uses: step-security/harden-runner@8d3c67de8e2fe68ef647c8db1e6a09f647780f40 # v2.19.0
with:
egress-policy: audit
- name: Checkout code
uses: actions/checkout@v4
uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
- name: Install uv
uses: astral-sh/setup-uv@v4
uses: astral-sh/setup-uv@38f3f104447c67c051c4a08e39b64a148898af3a # v4.2.0
with:
enable-cache: true
@@ -60,7 +68,7 @@ jobs:
- name: Comment on fixer failures
if: steps.fixer_changes.outcome == 'failure' && github.event_name == 'pull_request'
continue-on-error: true
uses: actions/github-script@v7
uses: actions/github-script@f28e40c7f34bde8b3046d885e986cb6290c5673b # v7.1.0
with:
script: |
const marker = '<!-- engine-check -->';