-
Notifications
You must be signed in to change notification settings - Fork 106
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Custom GitHub Actions, or actions not within the Marketplace are not …
…automatically updated by dependabot (#2023)
- Loading branch information
1 parent
da03508
commit 8fabcfa
Showing
10 changed files
with
14 additions
and
13 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -21,7 +21,7 @@ jobs: | |
| with: | ||
| egress-policy: audit | ||
|
|
||
| - uses: dotnet/docs-tools/actions/status-checker@691b5550e4b848ac76bd61a3d135754b029884be # main | ||
| - uses: dotnet/docs-tools/actions/status-checker@main | ||
|
Check warning Code scanning / Scorecard Pinned-Dependencies Medium
score is 6: third-party GitHubAction not pinned by hash
Remediation tip: update your workflow using https://app.stepsecurity.io Click Remediation section below for further remediation help |
||
| with: | ||
| repo_token: ${{ secrets.GITHUB_TOKEN }} | ||
| docs_path: "docs" | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -27,7 +27,7 @@ jobs: | |
| # Call clean repo | ||
| - name: Clean repo | ||
| id: clean-repo-step | ||
| uses: dotnet/docs-tools/cleanrepo@2a815a6c0976e888a49264f513dc230008b4a1f2 | ||
| uses: dotnet/docs-tools/cleanrepo@main | ||
|
Check warning Code scanning / Scorecard Pinned-Dependencies Medium
score is 6: third-party GitHubAction not pinned by hash
Remediation tip: update your workflow using https://app.stepsecurity.io Click Remediation section below for further remediation help |
||
| with: | ||
| docfx_directory: "." | ||
| articles_directory: "docs" | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -44,7 +44,7 @@ jobs: | |
| # Run the .NET dependabot-bot tool | ||
| - name: dependabot-bot | ||
| id: dependabot-bot | ||
| uses: dotnet/docs-tools/actions/dependabot-bot@cf581edfb9f8bbccc3f0476ce1b8369689fb0290 # main | ||
| uses: dotnet/docs-tools/actions/dependabot-bot@main | ||
|
Check warning Code scanning / Scorecard Pinned-Dependencies Medium
score is 6: third-party GitHubAction not pinned by hash
Remediation tip: update your workflow using https://app.stepsecurity.io Click Remediation section below for further remediation help |
||
| env: | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| with: | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -24,7 +24,7 @@ jobs: | |
| with: | ||
| egress-policy: audit | ||
|
|
||
| - uses: lee-dohm/no-response@9bb0a4b5e6a45046f00353d5de7d90fb8bd773bb | ||
| - uses: lee-dohm/no-response@main | ||
|
Check warning Code scanning / Scorecard Pinned-Dependencies Medium
score is 6: third-party GitHubAction not pinned by hash
Remediation tip: update your workflow using https://app.stepsecurity.io Click Remediation section below for further remediation help |
||
| with: | ||
| token: ${{ github.token }} | ||
| responseRequiredLabel: needs-more-info | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -27,7 +27,7 @@ jobs: | |
|
|
||
| - name: Profanity filter | ||
| if: ${{ github.actor != 'dependabot[bot]' && github.actor != 'github-actions[bot]' }} | ||
| uses: IEvangelist/profanity-filter@840020b719c619d953959e59c47185689e831a27 # main | ||
| uses: IEvangelist/profanity-filter@main | ||
|
Check warning Code scanning / Scorecard Pinned-Dependencies Medium
score is 6: third-party GitHubAction not pinned by hash
Remediation tip: update your workflow using https://app.stepsecurity.io Click Remediation section below for further remediation help |
||
| id: profanity-filter | ||
| with: | ||
| token: ${{ secrets.GITHUB_TOKEN }} | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -38,15 +38,15 @@ jobs: | |
| - name: Azure OpenID Connect | ||
| id: azure-oidc-auth | ||
| uses: dotnet/docs-tools/.github/actions/oidc-auth-flow@cf581edfb9f8bbccc3f0476ce1b8369689fb0290 # main | ||
| uses: dotnet/docs-tools/.github/actions/oidc-auth-flow@main | ||
|
Check warning Code scanning / Scorecard Pinned-Dependencies Medium
score is 6: third-party GitHubAction not pinned by hash
Remediation tip: update your workflow using https://app.stepsecurity.io Click Remediation section below for further remediation help |
||
| with: | ||
| client-id: ${{ secrets.CLIENT_ID }} | ||
| tenant-id: ${{ secrets.TENANT_ID }} | ||
| audience: ${{ secrets.OSMP_API_AUDIENCE }} | ||
|
|
||
| - name: bulk-sequester | ||
| id: bulk-sequester | ||
| uses: dotnet/docs-tools/actions/sequester@cf581edfb9f8bbccc3f0476ce1b8369689fb0290 # main | ||
| uses: dotnet/docs-tools/actions/sequester@main | ||
|
Check warning Code scanning / Scorecard Pinned-Dependencies Medium
score is 6: third-party GitHubAction not pinned by hash
Remediation tip: update your workflow using https://app.stepsecurity.io Click Remediation section below for further remediation help |
||
| env: | ||
| ImportOptions__ApiKeys__GitHubToken: ${{ secrets.GITHUB_TOKEN }} | ||
| ImportOptions__ApiKeys__AzureAccessToken: ${{ steps.azure-oidc-auth.outputs.access-token }} | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -41,7 +41,7 @@ jobs: | |
| - name: Azure OpenID Connect | ||
| id: azure-oidc-auth | ||
| uses: dotnet/docs-tools/.github/actions/oidc-auth-flow@cf581edfb9f8bbccc3f0476ce1b8369689fb0290 # main | ||
| uses: dotnet/docs-tools/.github/actions/oidc-auth-flow@main | ||
|
Check warning Code scanning / Scorecard Pinned-Dependencies Medium
score is 6: third-party GitHubAction not pinned by hash
Remediation tip: update your workflow using https://app.stepsecurity.io Click Remediation section below for further remediation help |
||
| with: | ||
| client-id: ${{ secrets.CLIENT_ID }} | ||
| tenant-id: ${{ secrets.TENANT_ID }} | ||
|
|
@@ -51,7 +51,7 @@ jobs: | |
| - name: manual-sequester | ||
| if: ${{ github.event_name == 'workflow_dispatch' }} | ||
| id: manual-sequester | ||
| uses: dotnet/docs-tools/actions/sequester@cf581edfb9f8bbccc3f0476ce1b8369689fb0290 # main | ||
| uses: dotnet/docs-tools/actions/sequester@main | ||
|
Check warning Code scanning / Scorecard Pinned-Dependencies Medium
score is 6: third-party GitHubAction not pinned by hash
Remediation tip: update your workflow using https://app.stepsecurity.io Click Remediation section below for further remediation help |
||
| env: | ||
| ImportOptions__ApiKeys__GitHubToken: ${{ secrets.GITHUB_TOKEN }} | ||
| ImportOptions__ApiKeys__AzureAccessToken: ${{ steps.azure-oidc-auth.outputs.access-token }} | ||
|
|
@@ -67,7 +67,7 @@ jobs: | |
| - name: auto-sequester | ||
| if: ${{ github.event_name != 'workflow_dispatch' }} | ||
| id: auto-sequester | ||
| uses: dotnet/docs-tools/actions/sequester@cf581edfb9f8bbccc3f0476ce1b8369689fb0290 # main | ||
| uses: dotnet/docs-tools/actions/sequester@main | ||
|
Check warning Code scanning / Scorecard Pinned-Dependencies Medium
score is 6: third-party GitHubAction not pinned by hash
Remediation tip: update your workflow using https://app.stepsecurity.io Click Remediation section below for further remediation help |
||
| env: | ||
| ImportOptions__ApiKeys__GitHubToken: ${{ secrets.GITHUB_TOKEN }} | ||
| ImportOptions__ApiKeys__AzureAccessToken: ${{ steps.azure-oidc-auth.outputs.access-token }} | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -39,7 +39,7 @@ jobs: | |
|
|
||
| - name: .NET version updater | ||
| id: dotnet-version-updater | ||
| uses: dotnet/docs-tools/actions/dotnet-version-updater@cf581edfb9f8bbccc3f0476ce1b8369689fb0290 # main | ||
| uses: dotnet/docs-tools/actions/dotnet-version-updater@main | ||
|
Check warning Code scanning / Scorecard Pinned-Dependencies Medium
score is 6: third-party GitHubAction not pinned by hash
Remediation tip: update your workflow using https://app.stepsecurity.io Click Remediation section below for further remediation help |
||
| with: | ||
| support: ${{ github.event.inputs.support }} | ||
| token: ${{ secrets.GITHUB_TOKEN }} | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -36,13 +36,13 @@ jobs: | |
| - name: Azure OpenID Connect | ||
| id: azure-oidc-auth | ||
| uses: dotnet/docs-tools/.github/actions/oidc-auth-flow@cf581edfb9f8bbccc3f0476ce1b8369689fb0290 # main | ||
| uses: dotnet/docs-tools/.github/actions/oidc-auth-flow@main | ||
|
Check warning Code scanning / Scorecard Pinned-Dependencies Medium
score is 6: third-party GitHubAction not pinned by hash
Remediation tip: update your workflow using https://app.stepsecurity.io Click Remediation section below for further remediation help |
||
| with: | ||
| client-id: ${{ secrets.CLIENT_ID }} | ||
| tenant-id: ${{ secrets.TENANT_ID }} | ||
| audience: ${{ secrets.OSMP_API_AUDIENCE }} | ||
|
|
||
| - uses: dotnet/docs-tools/WhatsNew.Cli@cf581edfb9f8bbccc3f0476ce1b8369689fb0290 # main | ||
| - uses: dotnet/docs-tools/WhatsNew.Cli@main | ||
|
Check warning Code scanning / Scorecard Pinned-Dependencies Medium
score is 6: third-party GitHubAction not pinned by hash
Remediation tip: update your workflow using https://app.stepsecurity.io Click Remediation section below for further remediation help |
||
| env: | ||
| GitHubKey: ${{ secrets.GITHUB_TOKEN }} | ||
| AZURE_ACCESS_TOKEN: ${{ steps.azure-oidc-auth.outputs.access-token }} | ||
|
|
||