Skip to content

update gems, rails 7.0.8, puma 6.4, latest rubocops #905

update gems, rails 7.0.8, puma 6.4, latest rubocops

update gems, rails 7.0.8, puma 6.4, latest rubocops #905

Workflow file for this run

# This is a simple GitHub Actions CI workflow.
name: CI
# Limit permissions. See:
# https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
# https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions#permissions
# https://github.com/actions/first-interaction/issues/10#issuecomment-1041402989
# Since we set "permissions", anything unset has access "none".
permissions:
contents: read
checks: write
# Controls when the action will run. Triggers the workflow on push or pull
# request events but only for the main branch (formerly the master branch)
on:
push:
branches: [ main ]
pull_request:
branches: [ main ]
# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
# This workflow contains a single job called "build"
build:
# The type of runner that the job will run on
runs-on: ubuntu-latest
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
# Use harden-runner https://github.com/step-security/harden-runner
# presented at OpenSSF Best Practices WG 2022-03-15
- uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1
with:
egress-policy: audit
# Checks-out your repository under $GITHUB_WORKSPACE,
# so your job can access it.
# As required by OpenSSF Scorecard,
# we pin this to a specific hash value to prevent use of an unknown
# (and possibly subverted) version.
# Update by consulting: https://github.com/actions/checkout/releases
# We include the hash after '@', and comment "pin @SIMPLE-NAME"; this is
# the naming convention of https://github.com/mheap/pin-github-action
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # pin @v3.5.3
# Runs a single command using the runners shell
- name: Run a one-line script
run: echo Hello, world!