|
66 | 66 | steps: |
67 | 67 | # Git Checkout |
68 | 68 | - name: Checkout Code |
69 | | - uses: actions/checkout@v4 |
| 69 | + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 |
70 | 70 | with: |
71 | 71 | token: ${{ secrets.PAT || secrets.GITHUB_TOKEN }} |
| 72 | + persist-credentials: false |
72 | 73 |
|
73 | 74 | # If you use VALIDATE_ALL_CODEBASE = true, you can remove this line to |
74 | 75 | # improve performance |
|
85 | 86 |
|
86 | 87 | # You can override MegaLinter flavor used to have faster performances |
87 | 88 | # More info at https://megalinter.io/latest/flavors/ |
88 | | - # The below commit hash is v8.8.0 |
89 | | - uses: oxsecurity/megalinter@e08c2b05e3dbc40af4c23f41172ef1e068a7d651 |
| 89 | + # The below commit hash is v9.5.0 |
| 90 | + uses: oxsecurity/megalinter@0e3ce9b9c8c10effb9b269509cc47ca17cae31c7 |
90 | 91 |
|
91 | 92 | id: ml |
92 | 93 |
|
@@ -114,7 +115,7 @@ jobs: |
114 | 115 |
|
115 | 116 | # Upload MegaLinter artifacts |
116 | 117 | - name: Archive production artifacts |
117 | | - uses: actions/upload-artifact@v4 |
| 118 | + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4 |
118 | 119 | if: success() || failure() |
119 | 120 | with: |
120 | 121 | name: MegaLinter reports |
@@ -158,9 +159,12 @@ jobs: |
158 | 159 | github.event.pull_request.head.repo.full_name == github.repository |
159 | 160 | ) && |
160 | 161 | !contains(github.event.head_commit.message, 'skip fix') |
| 162 | + env: |
| 163 | + PR_NUMBER: ${{ steps.cpr.outputs.pull-request-number }} |
| 164 | + PR_URL: ${{ steps.cpr.outputs.pull-request-url }} |
161 | 165 | run: | |
162 | | - echo "PR Number - ${{ steps.cpr.outputs.pull-request-number }}" |
163 | | - echo "PR URL - ${{ steps.cpr.outputs.pull-request-url }}" |
| 166 | + echo "PR Number - $PR_NUMBER" |
| 167 | + echo "PR URL - $PR_URL" |
164 | 168 |
|
165 | 169 | # Push new commit if applicable |
166 | 170 | # (for now works only on PR from same repository, not from forks) |
|
0 commit comments