build(deps): bump actions/checkout from 3.6.0 to 4.2.0 #240

Workflow file for this run

.github/workflows/auto-pr-review.yml at e8d151d

	name: Auto PR Review

	on:
	pull_request:

	permissions: read-all

	jobs:
	review-dependabot:
	runs-on: ubuntu-latest
	permissions:
	contents: write
	if: ${{ github.actor == 'dependabot[bot]' }}
	steps:
	- name: Get Dependabot metadata
	id: metadata
	uses: dependabot/fetch-metadata@8348ea7f5d949b08c7f125a44b569c9626b05db3
	with:
	github-token: "${{ secrets.GITHUB_TOKEN }}"

	- name: Enable auto merge for Dependabot PRs
	if: ${{ steps.metadata.outputs.update-type == 'version-update:semver-patch' \|\| steps.metadata.outputs.update-type == 'version-update:semver-minor' }}
	run: gh pr merge --auto --merge "$PR_URL"
	env:
	PR_URL: ${{github.event.pull_request.html_url}}
	GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}

	review-snyk:
	runs-on: ubuntu-latest
	permissions:
	contents: write
	if: ${{ github.actor == 'snyk-bot' }}
	steps:
	- name: Enable auto merge for Snyk PRs
	run: gh pr merge --auto --merge "$PR_URL"
	env:
	PR_URL: ${{github.event.pull_request.html_url}}
	GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}

	review-license:
	runs-on: ubuntu-latest
	permissions:
	contents: read
	steps:
	- name: Checkout repository
	uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938

	- name: Review license
	uses: actions/dependency-review-action@94145f3150bfabdc97540cbd5f7e926306ea7744
	with:
	fail-on-severity: high
	deny-licenses: AGPL-1.0-only, AGPL-1.0-or-later, AGPL-3.0-only, AGPL-3.0-or-later, GPL-1.0-only, GPL-1.0-or-later, GPL-2.0-only, GPL-2.0-or-later, GPL-3.0-only, GPL-3.0-or-later, LGPL-2.0-only, LGPL-2.0-or-later, LGPL-2.1-only, LGPL-2.1-or-later, LGPL-3.0-only, LGPL-3.0-or-later

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

build(deps): bump actions/checkout from 3.6.0 to 4.2.0 #240

Workflow file

build(deps): bump actions/checkout from 3.6.0 to 4.2.0 #240

Jobs

Run details

Workflow file for this run