Skip to content
Static Analysis

deps: update actions/setup-node digest to 49933ea #19896

Sign in to view logs

deps: update actions/setup-node digest to 49933ea

deps: update actions/setup-node digest to 49933ea #19896

Workflow file for this run

.github/workflows/static-analysis.yml at ed88c16
name: Static Analysis
on:
pull_request:
branches:
- main
push:
branches:
- main
env:
GRADLE_OPTS: -Dorg.gradle.daemon=false
jobs:
commit-lint:
runs-on: ubuntu-24.04
steps:
- name: Checkout Repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
fetch-depth: 0
- name: Check Commit Messages
uses: wagoid/commitlint-github-action@b948419dd99f3fd78a6548d48f94e3df7f6bf3ed # v6
with:
configFile: .commitlintrc.yml
code-base-checks:
runs-on: ubuntu-24.04
steps:
- name: Checkout Repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
- name: Setup Gradle
uses: gradle/actions/setup-gradle@06832c7b30a0129d7fb559bcc6e43d26f6374244 # v4
- name: Check copyrights, license headers, and .gitattributes
run: ./gradlew checkCopyrightsInNoticeFile checkLicenseHeaders checkGitAttributes
completions:
runs-on: ubuntu-24.04
steps:
- name: Checkout Repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
- name: Setup Java
uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # v4
with:
distribution: temurin
java-version: 21
- name: Setup Gradle
uses: gradle/actions/setup-gradle@06832c7b30a0129d7fb559bcc6e43d26f6374244 # v4
- name: Generate completions
run: |
./scripts/generate_completion_scripts.sh
- name: Check if completions are up-to-date
run: |
if git diff --exit-code; then
echo "Completions are up-to-date."
else
echo "Completions are not up-to-date."
echo "Please always run the script below when changing CLI commands:"
echo "./scripts/generate_completion_scripts.sh"
exit 1
fi
detekt-issues:
runs-on: ubuntu-24.04
permissions:
# Needed for SARIF scanning upload.
security-events: write
steps:
- name: Checkout Repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
- name: Setup Gradle
uses: gradle/actions/setup-gradle@06832c7b30a0129d7fb559bcc6e43d26f6374244 # v4
- name: Check for Detekt Issues
run: ./gradlew detektAll
- name: Upload SARIF File
uses: github/codeql-action/upload-sarif@45775bd8235c68ba998cffa5171334d58593da47 # v3
if: always() # Upload even if the previous step failed.
with:
sarif_file: build/reports/detekt/merged.sarif
markdown-links:
runs-on: ubuntu-24.04
steps:
- name: Checkout Repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
- name: Check Links
uses: umbrelladocs/action-linkspector@a0567ce1c7c13de4a2358587492ed43cab5d0102 # v1
with:
fail_on_error: true
markdownlint:
runs-on: ubuntu-24.04
steps:
- name: Checkout Repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
fetch-depth: 0
- name: Setup Node
uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4
- name: Check for Markdown issues
run: |
npm install -g [email protected]
npx markdownlint-cli2
qodana-scan:
if: ${{ github.event_name == 'pull_request' }}
runs-on: ubuntu-24.04
permissions:
# Needed for SARIF scanning upload.
security-events: write
steps:
- name: Checkout Repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
fetch-depth: 0
- name: Qodana Scan
uses: JetBrains/qodana-action@b60a4b9259f448dd00f2ca4763db5677d69ba868 # v2024.3.4
with:
post-pr-comment: false
use-caches: false
- name: Upload Code Scanning Results
uses: github/codeql-action/upload-sarif@45775bd8235c68ba998cffa5171334d58593da47 # v3
with:
sarif_file: ${{ runner.temp }}/qodana/results/qodana.sarif.json
reuse-tool:
runs-on: ubuntu-24.04
steps:
- name: Checkout Repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
- name: Check REUSE Compliance
run: |
pipx install reuse
reuse lint