Refactor around GHA and npm pinning #154
Conversation
🦙 MegaLinter status:
|
| Descriptor | Linter | Files | Fixed | Errors | Elapsed time |
|---|---|---|---|---|---|
| ✅ ACTION | actionlint | 4 | 0 | 0.06s | |
| scss-lint | 2 | 1 | 2.97s | ||
| ✅ JAVASCRIPT | prettier | 6 | 0 | 0 | 1.11s |
| ✅ JSON | jsonlint | 7 | 0 | 0.21s | |
| ✅ JSON | npm-package-json-lint | yes | no | 0.5s | |
| ✅ JSON | prettier | 7 | 0 | 0 | 1.53s |
| ✅ JSON | v8r | 7 | 0 | 10.49s | |
| ✅ MARKDOWN | markdownlint | 20 | 0 | 0 | 2.07s |
| ✅ MARKDOWN | markdown-link-check | 20 | 0 | 11.99s | |
| ✅ MARKDOWN | markdown-table-formatter | 20 | 0 | 0 | 0.39s |
| ✅ REPOSITORY | checkov | yes | no | 15.79s | |
| ✅ REPOSITORY | gitleaks | yes | no | 0.3s | |
| ✅ REPOSITORY | git_diff | yes | no | 0.23s | |
| grype | yes | 2 | 14.49s | ||
| ✅ REPOSITORY | secretlint | yes | no | 2.66s | |
| trivy | yes | 1 | 8.97s | ||
| ✅ REPOSITORY | trivy-sbom | yes | no | 1.65s | |
| ✅ REPOSITORY | trufflehog | yes | no | 4.16s | |
| cspell | 20 | 1 | 3.15s | ||
| ✅ YAML | prettier | 14 | 0 | 0 | 1.36s |
| ✅ YAML | v8r | 11 | 0 | 13.37s | |
| ✅ YAML | yamllint | 14 | 0 | 0.7s |
See detailed report in MegaLinter reports
MegaLinter is graciously provided by
Pa11y testing results``` Welcome to Pa11y
Results for URL: https://federalist-a2423046-fe43-4e75-a2ef-2651e5e123ca.sites.pages.cloud.gov/preview/gsa-tts/tts.gsa.gov//pin-gha/ • Error: This element has insufficient contrast at this conformance level. Expected a contrast ratio of at least 4.5:1, but text in this element has a contrast ratio of 3.68:1. Recommendation: change background to #63686c. For over 50 years, GSA has been... • Error: Duplicate id attribute value "svg-bedding" found on the web page. • Error: Duplicate id attribute value "svg-camping" found on the web page. • Error: Duplicate id attribute value "svg-chevron_left" found on the web page. • Error: Duplicate id attribute value "svg-chevron_right" found on the web page. • Error: Duplicate id attribute value "svg-clothes" found on the web page. • Error: Duplicate id attribute value "svg-construction_worker" found on the web page. • Error: Duplicate id attribute value "svg-flickr" found on the web page. • Error: Duplicate id attribute value "svg-flooding" found on the web page. • Error: Duplicate id attribute value "svg-github" found on the web page. • Error: Duplicate id attribute value "svg-hospital" found on the web page. • Error: Duplicate id attribute value "svg-hurricane" found on the web page. • Error: Duplicate id attribute value "svg-identification" found on the web page. • Error: Duplicate id attribute value "svg-instagram" found on the web page. • Error: Duplicate id attribute value "svg-linkedin" found on the web page. • Error: Duplicate id attribute value "svg-navigate_far_before" found on the web page. • Error: Duplicate id attribute value "svg-navigate_far_next" found on the web page. • Error: Duplicate id attribute value "svg-rain" found on the web page. • Error: Duplicate id attribute value "svg-severe_weather" found on the web page. • Error: Duplicate id attribute value "svg-snow" found on the web page. • Error: Duplicate id attribute value "svg-sort_arrow" found on the web page. • Error: Duplicate id attribute value "svg-tornado" found on the web page. • Error: Duplicate id attribute value "svg-twitter" found on the web page. • Error: Duplicate id attribute value "svg-x" found on the web page. • Error: Duplicate id attribute value "svg-youtube" found on the web page. 25 Errors |
Pa11y testing results``` Welcome to Pa11y
Results for URL: https://federalist-a2423046-fe43-4e75-a2ef-2651e5e123ca.sites.pages.cloud.gov/preview/gsa-tts/tts.gsa.gov//pin-gha/ • Error: This element has insufficient contrast at this conformance level. Expected a contrast ratio of at least 4.5:1, but text in this element has a contrast ratio of 3.68:1. Recommendation: change background to #63686c. For over 50 years, GSA has been... • Error: Duplicate id attribute value "svg-bedding" found on the web page. • Error: Duplicate id attribute value "svg-camping" found on the web page. • Error: Duplicate id attribute value "svg-chevron_left" found on the web page. • Error: Duplicate id attribute value "svg-chevron_right" found on the web page. • Error: Duplicate id attribute value "svg-clothes" found on the web page. • Error: Duplicate id attribute value "svg-construction_worker" found on the web page. • Error: Duplicate id attribute value "svg-flickr" found on the web page. • Error: Duplicate id attribute value "svg-flooding" found on the web page. • Error: Duplicate id attribute value "svg-github" found on the web page. • Error: Duplicate id attribute value "svg-hospital" found on the web page. • Error: Duplicate id attribute value "svg-hurricane" found on the web page. • Error: Duplicate id attribute value "svg-identification" found on the web page. • Error: Duplicate id attribute value "svg-instagram" found on the web page. • Error: Duplicate id attribute value "svg-linkedin" found on the web page. • Error: Duplicate id attribute value "svg-navigate_far_before" found on the web page. • Error: Duplicate id attribute value "svg-navigate_far_next" found on the web page. • Error: Duplicate id attribute value "svg-rain" found on the web page. • Error: Duplicate id attribute value "svg-severe_weather" found on the web page. • Error: Duplicate id attribute value "svg-snow" found on the web page. • Error: Duplicate id attribute value "svg-sort_arrow" found on the web page. • Error: Duplicate id attribute value "svg-tornado" found on the web page. • Error: Duplicate id attribute value "svg-twitter" found on the web page. • Error: Duplicate id attribute value "svg-x" found on the web page. • Error: Duplicate id attribute value "svg-youtube" found on the web page. 25 Errors |
This pins a few missing GitHub Actions dependencies and instructs the Pa11y workflow to grab the
dedDepenedencies(which includespa11y-ci).security considerations
This ought to resolve the remaining warnings about unpinned dependencies.