Skip to content

Bump actions/checkout from 6.0.3 to 7.0.0 in the github-actions group #377

Bump actions/checkout from 6.0.3 to 7.0.0 in the github-actions group

Bump actions/checkout from 6.0.3 to 7.0.0 in the github-actions group #377

Workflow file for this run

# SPDX-FileCopyrightText: 2023 Erlang Ecosystem Foundation
# SPDX-License-Identifier: Apache-2.0
on:
pull_request:
branches:
- "*"
workflow_dispatch: {}
name: "Pull Request"
permissions:
contents: read
jobs:
test:
name: "Test"
permissions:
contents: read
security-events: write
uses: ./.github/workflows/part_test.yml
secrets:
OID_CERTIFICATION_API_TOKEN: ${{ secrets.OID_CERTIFICATION_API_TOKEN }}
license:
name: "License"
permissions:
id-token: write
contents: read
attestations: write
uses: ./.github/workflows/part_license.yml
with:
attest: false
docs:
name: "Docs"
permissions:
id-token: write
contents: read
attestations: write
uses: ./.github/workflows/part_docs.yml
with:
attest: false
dependency-review:
name: "Dependency Review"
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4
with:
egress-policy: audit
- name: 'Checkout Repository'
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
- name: 'Dependency Review'
uses: actions/dependency-review-action@a1d282b36b6f3519aa1f3fc636f609c47dddb294 # v5.0.0