tsai
/
ant-design-pro
mirror of https://github.com/ant-design/ant-design-pro
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

chore: pin GitHub Actions to commit SHAs and configure dependabot for actions (#11803) 

Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com>
pull/11804/head
afc163 5 days ago
committed by GitHub
parent
5dc6208688
commit
e4d15a02ff
No known key found for this signature in database GPG Key ID: B5690EEEBB952194
10 changed files with 40 additions and 31 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 11
      .github/dependabot.yml
  2. 10
      .github/workflows/ci.yml
  3. 8
      .github/workflows/coverage.yml
  4. 6
      .github/workflows/deploy.yml
  5. 2
      .github/workflows/emoji-helper.yml
  6. 4
      .github/workflows/issue-labeled.yml
  7. 8
      .github/workflows/preview-build.yml
  8. 12
      .github/workflows/preview-deploy.yml
  9. 2
      .github/workflows/preview-start.yml
  10. 8
      .github/workflows/react-doctor.yml

11
.github/dependabot.yml
View File

@ -10,4 +10,13 @@ updates:
groups:
dependencies:
patterns:
- '*'
- '*'
- package-ecosystem: 'github-actions'
directory: '/'
schedule:
interval: 'weekly'
groups:
github-actions:
patterns:
- '*'

10
.github/workflows/ci.yml
View File

@ -9,8 +9,8 @@ jobs:
lint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- uses: actions/setup-node@v5
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
- uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5
with:
node-version: 20
- run: npm ci
@ -23,13 +23,13 @@ jobs:
node_version: [20]
os: [ubuntu-latest, windows-latest, macOS-latest]
steps:
- uses: actions/checkout@v6
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
- name: Use Node.js ${{ matrix.node_version }}
uses: actions/setup-node@v5
uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5
with:
node-version: ${{ matrix.node_version }}
- run: echo ${{github.ref}}
- uses: utooland/setup-utoo@v1
- uses: utooland/setup-utoo@3a51006d0b66afcc32d1b9177a4b200b74f4a8cb # v1
with:
cache-utoo: false
- run: ut

8
.github/workflows/coverage.yml
View File

@ -9,13 +9,13 @@ jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
- name: Use Node.js 20
uses: actions/setup-node@v5
uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5
with:
node-version: 20
- run: echo ${{github.ref}}
- uses: utooland/setup-utoo@v1
- uses: utooland/setup-utoo@3a51006d0b66afcc32d1b9177a4b200b74f4a8cb # v1
- run: ut
- run: ut test:coverage
- uses: codecov/codecov-action@v5
- uses: codecov/codecov-action@75cd11691c0faa626561e295848008c8a7dddffe # v5

6
.github/workflows/deploy.yml
View File

@ -15,16 +15,16 @@ jobs:
steps:
- name: Checkout code
uses: actions/checkout@v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
- uses: utooland/setup-utoo@v1
- uses: utooland/setup-utoo@3a51006d0b66afcc32d1b9177a4b200b74f4a8cb # v1
- run: ut
- name: Set COMMIT_HASH
run: echo "COMMIT_HASH=${{ github.sha }}" >> $GITHUB_ENV
- run: ut build
- name: Deploy to GitHub Pages
uses: peaceiris/actions-gh-pages@v4
uses: peaceiris/actions-gh-pages@4f9cc6602d3f66b9c108549d475ec49e8ef4d45e # v4
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
publish_dir: ./dist

2
.github/workflows/emoji-helper.yml
View File

@ -11,7 +11,7 @@ jobs:
emoji:
runs-on: ubuntu-latest
steps:
- uses: actions-cool/emoji-helper@v1.0.0
- uses: actions-cool/emoji-helper@040b841cb25e2e6f50151c73b5ce12fee57019d2 # v1.0.0
with:
type: 'release'
emoji: '+1, laugh, heart, hooray, rocket, eyes'

4
.github/workflows/issue-labeled.yml
View File

@ -13,7 +13,7 @@ jobs:
steps:
- name: help wanted
if: github.event.label.name == '❤️ help wanted' || github.event.label.name == '🤝Welcome PR'
uses: actions-cool/issues-helper@v1.11
uses: actions-cool/issues-helper@v1.11 # repo blocked, unable to pin to SHA
with:
actions: 'create-comment'
token: ${{ secrets.GITHUB_TOKEN }}
@ -27,7 +27,7 @@ jobs:
- name: Need Reproduce
if: github.event.label.name == '🤔 Need Reproduce'
uses: actions-cool/issues-helper@v1.11
uses: actions-cool/issues-helper@v1.11 # repo blocked, unable to pin to SHA
with:
actions: 'create-comment'
token: ${{ secrets.GITHUB_TOKEN }}

8
.github/workflows/preview-build.yml
View File

@ -12,18 +12,18 @@ jobs:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
with:
ref: ${{ github.event.pull_request.head.sha }}
- uses: utooland/setup-utoo@v1
- uses: utooland/setup-utoo@3a51006d0b66afcc32d1b9177a4b200b74f4a8cb # v1
- run: ut
- name: Set COMMIT_HASH
run: echo "COMMIT_HASH=${{ github.event.pull_request.head.sha }}" >> $GITHUB_ENV
- run: ut build
- name: upload dist artifact
uses: actions/upload-artifact@v4
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4
with:
name: dist
path: dist/
@ -35,7 +35,7 @@ jobs:
- name: Upload PR number
if: ${{ always() }}
uses: actions/upload-artifact@v4
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4
with:
name: pr
path: ./pr-id.txt

12
.github/workflows/preview-deploy.yml
View File

@ -19,7 +19,7 @@ jobs:
if: github.event.workflow_run.event == 'pull_request' && github.event.workflow_run.conclusion == 'success'
steps:
- name: download pr artifact
uses: dawidd6/action-download-artifact@v6
uses: dawidd6/action-download-artifact@bf251b5aa9c2f7eeb574a96ee720e24f801b7c11 # v6
with:
workflow: ${{ github.event.workflow_run.workflow_id }}
name: pr
@ -36,7 +36,7 @@ jobs:
echo "id=$PR_ID" >> "$GITHUB_OUTPUT"
- name: download dist artifact
uses: dawidd6/action-download-artifact@v6
uses: dawidd6/action-download-artifact@bf251b5aa9c2f7eeb574a96ee720e24f801b7c11 # v6
with:
workflow: ${{ github.event.workflow_run.workflow_id }}
workflow_conclusion: success
@ -49,7 +49,7 @@ jobs:
npx surge --project ./ --domain $DEPLOY_DOMAIN --token ${{ secrets.SURGE_TOKEN }}
- name: update status comment
uses: actions-cool/maintain-one-comment@v1.2.1
uses: actions-cool/maintain-one-comment@v1.2.1 # repo blocked, unable to pin to SHA
with:
token: ${{ secrets.GITHUB_TOKEN }}
body: |
@ -63,7 +63,7 @@ jobs:
- name: The job failed
if: ${{ failure() }}
uses: actions-cool/maintain-one-comment@v1.2.1
uses: actions-cool/maintain-one-comment@v1.2.1 # repo blocked, unable to pin to SHA
with:
token: ${{ secrets.GITHUB_TOKEN }}
body: |
@ -84,7 +84,7 @@ jobs:
if: github.event.workflow_run.event == 'pull_request' && github.event.workflow_run.conclusion == 'failure'
steps:
- name: download pr artifact
uses: dawidd6/action-download-artifact@v6
uses: dawidd6/action-download-artifact@bf251b5aa9c2f7eeb574a96ee720e24f801b7c11 # v6
with:
workflow: ${{ github.event.workflow_run.workflow_id }}
name: pr
@ -101,7 +101,7 @@ jobs:
echo "id=$PR_ID" >> "$GITHUB_OUTPUT"
- name: The job failed
uses: actions-cool/maintain-one-comment@v1.2.1
uses: actions-cool/maintain-one-comment@v1.2.1 # repo blocked, unable to pin to SHA
with:
token: ${{ secrets.GITHUB_TOKEN }}
body: |

2
.github/workflows/preview-start.yml
View File

@ -13,7 +13,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: create
uses: actions-cool/maintain-one-comment@v1.2.1
uses: actions-cool/maintain-one-comment@v1.2.1 # repo blocked, unable to pin to SHA
with:
token: ${{ secrets.GITHUB_TOKEN }}
body: |

8
.github/workflows/react-doctor.yml
View File

@ -10,11 +10,11 @@ jobs:
react-doctor:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- uses: actions/setup-node@v5
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
- uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5
with:
node-version: 22
- uses: millionco/react-doctor@main
- uses: millionco/react-doctor@6543a86f9dfe86c894bd71361fc2c46d8d9c967d # main
with:
diff: true
github-token: ${{ secrets.GITHUB_TOKEN }}
github-token: ${{ secrets.GITHUB_TOKEN }}

Write Preview
Loading…
Cancel
Save