7171 echo "SM_CLIENT_CERT_FILE=D:\\cert.p12" >> "$GITHUB_ENV"
7272name : Sync cert (Windows)
7373 if : ${{ startsWith(matrix.os, 'windows-') }}
74- shell : cmd
74+ shell : pwsh
7575 env :
7676 CERT_FINGERPRINT : ${{ secrets.CERT_FINGERPRINT }}
7777 KEYPAIR_ALIAS : ${{ secrets.KEYPAIR_ALIAS }}
@@ -81,13 +81,13 @@ jobs:
8181 SM_HOST : ${{ secrets.SM_HOST }}
8282 run : |
8383 smksp_registrar list
84- smctl windows certsync --keypair-alias=% KEYPAIR_ALIAS%
84+ smctl windows certsync --keypair-alias=$env: KEYPAIR_ALIAS
8585name : Build (macOS)
8686 if : ${{ startsWith(matrix.os, 'macos-') }}
8787 env :
8888 APPLE_ID : ${{ secrets.APPLE_ID }}
8989 APPLE_ID_PASSWORD : ${{ secrets.APPLE_ID_PASSWORD }}
90- run : yarn run publish --arch=${{ matrix.arch }} --dry-run
90+ run : yarn run publish --arch=${{ matrix.arch }} --dry-run # zizmor: ignore[use-trusted-publishing]
9191 - name : Build (Windows)
9292 if : ${{ startsWith(matrix.os, 'windows-') }}
9393 env :
@@ -97,10 +97,10 @@ jobs:
9797 SM_CLIENT_CERT_FILE : ${{ env.SM_CLIENT_CERT_FILE }}
9898 SM_CLIENT_CERT_PASSWORD : ${{ secrets.SM_CLIENT_CERT_PASSWORD }}
9999 SM_HOST : ${{ secrets.SM_HOST }}
100- run : yarn run publish --arch=${{ matrix.arch }} --dry-run
100+ run : yarn run publish --arch=${{ matrix.arch }} --dry-run # zizmor: ignore[use-trusted-publishing]
101101 - name : Build (Linux)
102102 if : ${{ startsWith(matrix.os, 'ubuntu-') }}
103- run : yarn run publish --arch=${{ matrix.arch }} --dry-run
103+ run : yarn run publish --arch=${{ matrix.arch }} --dry-run # zizmor: ignore[use-trusted-publishing]
104104 - uses : actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
105105 with :
106106 name : build-artifacts-${{ matrix.os }}-${{ matrix.arch }}
0 commit comments