mirror of
https://github.com/veeso/termscp.git
synced 2026-07-12 02:41:32 +02:00
ci: pin all actions to verified SHAs and clear zizmor findings
Pin every action to a commit SHA whose tag comment matches (verified via gh api), add least-privilege permissions, set persist-credentials: false, and replace the archived actions-rs/cargo with a plain cargo test. zizmor clean at default persona.
This commit is contained in:
10
.github/workflows/website.yml
vendored
10
.github/workflows/website.yml
vendored
@@ -32,13 +32,15 @@ jobs:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v3
|
||||
uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6
|
||||
with:
|
||||
persist-credentials: false
|
||||
- name: Setup Pages
|
||||
uses: actions/configure-pages@v5
|
||||
uses: actions/configure-pages@983d7736d9b0ae728b81ab479565c72886d7745b # v5
|
||||
- name: Upload artifact
|
||||
uses: actions/upload-pages-artifact@v3
|
||||
uses: actions/upload-pages-artifact@56afc609e74202658d3ffba0e8f6dda462b719fa # v3
|
||||
with:
|
||||
path: "./site/"
|
||||
- name: Deploy to GitHub Pages
|
||||
id: deployment
|
||||
uses: actions/deploy-pages@v4
|
||||
uses: actions/deploy-pages@d6db90164ac5ed86f2b6aed7e0febac5b3c0c03e # v4
|
||||
|
||||
Reference in New Issue
Block a user