Skip to content

chore(deps): update actions/upload-artifact action to v4 #563

chore(deps): update actions/upload-artifact action to v4

chore(deps): update actions/upload-artifact action to v4 #563

---
name: Lint (Github Actions workflows)
on: # yamllint disable-line rule:truthy
pull_request:
types: [opened, synchronize]
paths: [.github/workflows/**]
jobs:
# CI harden security tries to keep your github actions secure by following these simple rules:
# - Check if no issues are found on your Github Action
# - Ensure that all action and reusable workflow are pinned using directly a commit SHA
ci_harden_security:
name: Github Action security hardening
runs-on: ubuntu-latest
permissions:
security-events: write
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Lint your Github Actions
run: |
curl -O https://raw.githubusercontent.com/rhysd/actionlint/main/.github/actionlint-matcher.json
echo "::add-matcher::.github/actionlint-matcher.json"
bash <(curl https://raw.githubusercontent.com/rhysd/actionlint/main/scripts/download-actionlint.bash)
./actionlint -color
- name: Ensure SHA pinned actions
uses: zgosalvez/github-actions-ensure-sha-pinned-actions@b88cd0aad2c36a63e42c71f81cb1958fed95ac87 # v3.0.10