mirror of
https://github.com/veeso/termscp.git
synced 2026-06-09 23:54:25 +02:00
cdd4c60805
Pin every action to a commit SHA whose tag comment matches (verified via gh api), add least-privilege permissions, set persist-credentials: false, and replace the archived actions-rs/cargo with a plain cargo test. zizmor clean at default persona.
22 lines
580 B
YAML
22 lines
580 B
YAML
name: codeberg-mirror
|
|
on:
|
|
push:
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
jobs:
|
|
mirror:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6
|
|
with:
|
|
fetch-depth: 0
|
|
persist-credentials: false
|
|
- name: "Mirror to Codeberg"
|
|
uses: yesolutions/mirror-action@1708f16cdb28634fd3ba10c5c79abc91f5578a14 # v0.7.0
|
|
with:
|
|
REMOTE: 'ssh://git@codeberg.org/veeso/termscp.git'
|
|
GIT_SSH_PRIVATE_KEY: ${{ secrets.GIT_SSH_PRIVATE_KEY }}
|
|
GIT_SSH_NO_VERIFY_HOST: "true"
|