phoedos/pmd
1
1
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #4130 from sashashura:patch-1

Browse Source 
[ci] GitHub Workflows security hardening #4130
This commit is contained in:
Andreas Dangel 2022-09-30 11:27:31 +02:00
commit a46bea27f0
No known key found for this signature in database
GPG Key ID: 93450DF2DF9A3FA3
5 changed files with 128 additions and 104 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
.all-contributorsrc
View File

@ -6862,6 +6862,15 @@
"contributions": [
"code"
]
},
{
"login": "sashashura",
"name": "Alex",
"avatar_url": "https://avatars.githubusercontent.com/u/93376818?v=4",
"profile": "https://github.com/sashashura",
"contributions": [
"code"
]
}
],
"contributorsPerLine": 7,

8
.github/workflows/build.yml vendored
View File

@ -14,9 +14,17 @@ on:
- cron: '0 4 1 * *'
workflow_dispatch:
permissions:
contents: read # to fetch code (actions/checkout)
jobs:
build:
runs-on: ${{ matrix.os }}
permissions:
# read to fetch code (actions/checkout)
# write to push code to gh-pages, create releases
# note: forked repositories will have maximum read access
contents: write
continue-on-error: false
strategy:
matrix:

3
.github/workflows/git-repo-sync.yml vendored
View File

@ -9,6 +9,9 @@ on:
- '**'
workflow_dispatch:
permissions:
contents: read # to fetch code (actions/checkout)
jobs:
build:
runs-on: ubuntu-latest

211
docs/pages/pmd/projectdocs/credits.md
View File

File diff suppressed because it is too large Load Diff

1
docs/pages/release_notes.md
View File

@ -71,6 +71,7 @@ Many thanks to our sponsors:
* [#4116](https://github.com/pmd/pmd/pull/4116): \[core] Fix missing --file arg in TreeExport CLI example - [mohan-chinnappan-n](https://github.com/mohan-chinnappan-n) (@mohan-chinnappan-n)
* [#4124](https://github.com/pmd/pmd/pull/4124): \[doc] Fix typos in Java rule docs - [Piotrek Żygieło](https://github.com/pzygielo) (@pzygielo)
* [#4128](https://github.com/pmd/pmd/pull/4128): \[java] Fix False-positive UnnecessaryFullyQualifiedName when nested and non-nest… #4103 - [Oleg Andreych](https://github.com/OlegAndreych) (@OlegAndreych)
* [#4130](https://github.com/pmd/pmd/pull/4130): \[ci] GitHub Workflows security hardening - [Alex](https://github.com/sashashura) (@sashashura)
* [#4131](https://github.com/pmd/pmd/pull/4131): \[doc] TooFewBranchesForASwitchStatement - Use "if-else" instead of "if-then" - [Suvashri](https://github.com/Suvashri) (@Suvashri)
* [#4137](https://github.com/pmd/pmd/pull/4137): \[java] Fixes 3859: Exclude junit5 test methods from the commentDefaultAccessModifierRule - [Luis Alcantar](https://github.com/lfalcantar) (@lfalcantar)