fix: requirements.txt to reduce vulnerabilities #18
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| - name: Checkout | ||
| uses: actions/[email protected] | ||
| - uses: actions/checkout@v3 | ||
| with: | ||
| # Repository name with owner. For example, actions/checkout | ||
| # Default: ${{ github.repository }} | ||
| repository: '' | ||
| # The branch, tag or SHA to checkout. When checking out the repository that | ||
| # triggered a workflow, this defaults to the reference or SHA for that event. | ||
| # Otherwise, uses the default branch. | ||
| ref: '' | ||
| # Personal access token (PAT) used to fetch the repository. The PAT is configured | ||
| # with the local git config, which enables your scripts to run authenticated git | ||
| # commands. The post-job step removes the PAT. | ||
| # | ||
| # We recommend using a service account with the least permissions necessary. Also | ||
| # when generating a new PAT, select the least scopes necessary. | ||
| # | ||
| # [Learn more about creating and using encrypted secrets](https://help.github.com/en/actions/automating-your-workflow-with-github-actions/creating-and-using-encrypted-secrets) | ||
| # | ||
| # Default: ${{ github.token }} | ||
| token: '' | ||
| # SSH key used to fetch the repository. The SSH key is configured with the local | ||
| # git config, which enables your scripts to run authenticated git commands. The | ||
| # post-job step removes the SSH key. | ||
| # | ||
| # We recommend using a service account with the least permissions necessary. | ||
| # | ||
| # [Learn more about creating and using encrypted secrets](https://help.github.com/en/actions/automating-your-workflow-with-github-actions/creating-and-using-encrypted-secrets) | ||
| ssh-key: '' | ||
| # Known hosts in addition to the user and global host key database. The public SSH | ||
| # keys for a host may be obtained using the utility `ssh-keyscan`. For example, | ||
| # `ssh-keyscan github.com`. The public key for github.com is always implicitly | ||
| # added. | ||
| ssh-known-hosts: '' | ||
| # Whether to perform strict host key checking. When true, adds the options | ||
| # `StrictHostKeyChecking=yes` and `CheckHostIP=no` to the SSH command line. Use | ||
| # the input `ssh-known-hosts` to configure additional hosts. | ||
| # Default: true | ||
| ssh-strict: '' | ||
| # Whether to configure the token or SSH key with the local git config | ||
| # Default: true | ||
| persist-credentials: '' | ||
| # Relative path under $GITHUB_WORKSPACE to place the repository | ||
| path: '' | ||
| # Whether to execute `git clean -ffdx && git reset --hard HEAD` before fetching | ||
| # Default: true | ||
| clean: 'false' | ||
| # Number of commits to fetch. 0 indicates all history for all branches and tags. | ||
| # Default: 1 | ||
| fetch-depth: '0' | ||
| # Whether to download Git-LFS files | ||
| # Default: false | ||
| lfs: '' | ||
| # Whether to checkout submodules: `true` to checkout submodules or `recursive` to | ||
| # recursively checkout submodules. | ||
| # | ||
| # When the `ssh-key` input is not provided, SSH URLs beginning with | ||
| # `[email protected]:` are converted to HTTPS. | ||
| # | ||
| # Default: false | ||
| submodules: 'true' | ||
| # Add repository path as safe.directory for Git global config by running `git | ||
| # config --global --add safe.directory <path>` | ||
| # Default: true | ||
| set-safe-directory: '' | ||
| # The base URL for the GitHub instance that you are trying to clone from, will use | ||
| # environment defaults to fetch from the same instance that the workflow is | ||
| # running from unless specified. Example URLs are https://github.com or | ||
| # https://my-ghes-server.example.com | ||
| github-server-url: '' | ||
| - uses: actions/checkout@v3 | ||
| with: | ||
| fetch-depth: 0 | ||
| - uses: actions/checkout@v3 | ||
| with: | ||
| fetch-depth: 2 | ||
| - run: git checkout HEAD^ | ||
| on: push | ||
| jobs: | ||
| build: | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - uses: actions/checkout@v3 | ||
| - run: | | ||
| date > generated.txt | ||
| git config user.name github-actions | ||
| git config user.email [email protected] | ||
| git add . | ||
| git commit -m "generated" | ||
| git push | ||
| name: 'Checkout' | ||
| description: 'Checkout a Git repository at a particular version' | ||
| inputs: | ||
| repository: | ||
| description: 'Repository name with owner. For example, actions/checkout' | ||
| default: ${{ github.repository }} | ||
| ref: | ||
| description: > | ||
| The branch, tag or SHA to checkout. When checking out the repository that | ||
| triggered a workflow, this defaults to the reference or SHA for that | ||
| event. Otherwise, uses the default branch. | ||
| token: | ||
| description: > | ||
| Personal access token (PAT) used to fetch the repository. The PAT is configured | ||
| with the local git config, which enables your scripts to run authenticated git | ||
| commands. The post-job step removes the PAT. | ||
| We recommend using a service account with the least permissions necessary. | ||
| Also when generating a new PAT, select the least scopes necessary. | ||
| [Learn more about creating and using encrypted secrets](https://help.github.com/en/actions/automating-your-workflow-with-github-actions/creating-and-using-encrypted-secrets) | ||
| default: ${{ github.token }} | ||
| ssh-key: | ||
| description: > | ||
| SSH key used to fetch the repository. The SSH key is configured with the local | ||
| git config, which enables your scripts to run authenticated git commands. | ||
| The post-job step removes the SSH key. | ||
| We recommend using a service account with the least permissions necessary. | ||
| [Learn more about creating and using | ||
| encrypted secrets](https://help.github.com/en/actions/automating-your-workflow-with-github-actions/creating-and-using-encrypted-secrets) | ||
| ssh-known-hosts: | ||
| description: > | ||
| Known hosts in addition to the user and global host key database. The public | ||
| SSH keys for a host may be obtained using the utility `ssh-keyscan`. For example, | ||
| `ssh-keyscan github.com`. The public key for github.com is always implicitly added. | ||
| ssh-strict: | ||
| description: > | ||
| Whether to perform strict host key checking. When true, adds the options `StrictHostKeyChecking=yes` | ||
| and `CheckHostIP=no` to the SSH command line. Use the input `ssh-known-hosts` to | ||
| configure additional hosts. | ||
| default: true | ||
| persist-credentials: | ||
| description: 'Whether to configure the token or SSH key with the local git config' | ||
| default: true | ||
| path: | ||
| description: 'Relative path under $GITHUB_WORKSPACE to place the repository' | ||
| clean: | ||
| description: 'Whether to execute `git clean -ffdx && git reset --hard HEAD` before fetching' | ||
| default: false | ||
| fetch-depth: | ||
| description: 'Number of commits to fetch. 0 indicates all history for all branches and tags.' | ||
| default: 0 | ||
| lfs: | ||
| description: 'Whether to download Git-LFS files' | ||
| default: false | ||
| submodules: true | ||
| description: > | ||
| Whether to checkout submodules: `true` to checkout submodules or `recursive` to | ||
| recursively checkout submodules. | ||
| When the `ssh-key` input is not provided, SSH URLs beginning with `[email protected]:` are | ||
| converted to HTTPS. | ||
| default: false | ||
| set-safe-directory: | ||
| description: Add repository path as safe.directory for Git global config by running `git config --global --add safe.directory <path>` | ||
| default: true | ||
| github-server-url: | ||
| description: The base URL for the GitHub instance that you are trying to clone from, will use environment defaults to fetch from the same instance that the workflow is running from unless specified. Example URLs are https://github.com or https://my-ghes-server.example.com | ||
| required: false | ||
| runs: | ||
| using: node16 | ||
| main: dist/index.js | ||
| post: dist/index.js | ||
