Skip to content

build: bump actions/upload-artifact from 4.4.3 to 4.5.0 #720

build: bump actions/upload-artifact from 4.4.3 to 4.5.0

build: bump actions/upload-artifact from 4.4.3 to 4.5.0 #720

# This is a workflow for analyzing dependency files
# in this repository with Phylum during pull requests.
---
name: Phylum_analyze
on: pull_request
jobs:
Analyze_PR_with_Phylum:
name: Analyze PR with phylum
permissions: # Ensure least privilege of actions
contents: read # For actions/checkout
pull-requests: write # For phylum-dev/phylum-analyze-pr-action
runs-on: ubuntu-latest
steps:
- name: Checkout the repo
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
fetch-depth: 0
- name: Analyze poetry.lock file
uses: phylum-dev/phylum-analyze-pr-action@f428af5c1ee8a705740d51b67424106012740f38 # v2.2.0
with:
phylum_token: ${{ secrets.PHYLUM_TOKEN }}