chore(deps): bump bandit from 1.5.7 to 1.6.7 #187
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Reviewdog | |
| on: | |
| push: | |
| branches: [ "master" ] | |
| pull_request: | |
| branches: [ "master" ] | |
| env: | |
| ELIXIR_VERSION: '1.16.0' | |
| OTP_VERSION: '26.2.1' | |
| permissions: | |
| contents: read | |
| pull-requests: write | |
| jobs: | |
| opts: | |
| name: Reviewdog options | |
| runs-on: ubuntu-latest | |
| outputs: | |
| reporter: ${{ steps.reporter.outputs.value }} | |
| filter-mode: ${{ steps.filter-mode.outputs.value }} | |
| steps: | |
| - uses: haya14busa/action-cond@v1 | |
| id: reporter | |
| with: | |
| cond: ${{ github.event_name == 'pull_request' }} | |
| if_true: "github-pr-review" | |
| if_false: "github-check" | |
| - uses: haya14busa/action-cond@v1 | |
| id: filter-mode | |
| with: | |
| cond: ${{ github.event_name == 'pull_request' }} | |
| if_true: "file" | |
| if_false: "nofilter" | |
| actionlint: | |
| name: Lint workflows | |
| runs-on: ubuntu-latest | |
| needs: opts | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Run actionlint with reviewdog | |
| uses: reviewdog/action-actionlint@v1 | |
| with: | |
| actionlint_flags: -config-file .github/actionlint.yaml | |
| level: warning | |
| reporter: ${{ needs.opts.outputs.reporter }} | |
| filter_mode: ${{ needs.opts.outputs.filter-mode }} | |
| fail_on_error: true | |
| hadolint: | |
| name: Lint Dockerfile | |
| runs-on: ubuntu-latest | |
| needs: opts | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Run hadolint with reviewdog | |
| uses: reviewdog/action-hadolint@v1 | |
| with: | |
| level: warning | |
| reporter: ${{ needs.opts.outputs.reporter }} | |
| filter_mode: ${{ needs.opts.outputs.filter-mode }} | |
| fail_on_error: true | |
| mix-deps: | |
| name: Install dependencies | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Elixir | |
| uses: erlef/setup-beam@v1 | |
| with: | |
| elixir-version: ${{ env.ELIXIR_VERSION }} | |
| otp-version: ${{ env.OTP_VERSION }} | |
| version-type: strict | |
| - name: Restore dependencies cache | |
| uses: actions/cache@v4 | |
| with: | |
| path: deps | |
| key: ${{ runner.os }}-elixir-lint-deps-${{ hashFiles('**/mix.lock') }} | |
| restore-keys: ${{ runner.os }}-elixir-lint-deps- | |
| - run: mix deps.get --only test | |
| - name: Restore build cache | |
| uses: actions/cache@v4 | |
| with: | |
| path: _build | |
| key: ${{ runner.os }}-elixir-${{ env.ELIXIR_VERSION }}-erlang-${{ env.OTP_VERSION }}-lint-build-${{ hashFiles('**/mix.lock') }}-${{ hashFiles( '**/lib/**/*.{ex,eex}', '**/config/*.exs', '**/mix.exs' ) }} | |
| restore-keys: | | |
| ${{ runner.os }}-elixir-${{ env.ELIXIR_VERSION }}-erlang-${{ env.OTP_VERSION }}-lint-build-${{ hashFiles('**/mix.lock') }}- | |
| ${{ runner.os }}-elixir-${{ env.ELIXIR_VERSION }}-erlang-${{ env.OTP_VERSION }}-lint-build- | |
| - run: mix deps.compile | |
| env: | |
| MIX_ENV: test | |
| mix-format: | |
| name: Formatting | |
| if: github.event_name == 'pull_request' | |
| runs-on: ubuntu-latest | |
| needs: opts | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Elixir | |
| uses: erlef/setup-beam@v1 | |
| with: | |
| elixir-version: ${{ env.ELIXIR_VERSION }} | |
| otp-version: ${{ env.OTP_VERSION }} | |
| version-type: strict | |
| - run: mix format | |
| - name: Reviewdog suggester / mix-format | |
| uses: reviewdog/action-suggester@v1 | |
| with: | |
| tool_name: mix-format | |
| filter_mode: ${{ needs.opts.outputs.filter-mode }} | |
| fail_on_error: true | |
| credo: | |
| name: Code analysis | |
| runs-on: ubuntu-latest | |
| needs: [mix-deps, opts] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Elixir | |
| uses: erlef/setup-beam@v1 | |
| with: | |
| elixir-version: ${{ env.ELIXIR_VERSION }} | |
| otp-version: ${{ env.OTP_VERSION }} | |
| version-type: strict | |
| - name: Restore dependencies cache | |
| uses: actions/cache@v4 | |
| with: | |
| path: deps | |
| key: ${{ runner.os }}-elixir-lint-deps-${{ hashFiles('**/mix.lock') }} | |
| - name: Restore build cache | |
| uses: actions/cache@v4 | |
| with: | |
| path: _build | |
| key: ${{ runner.os }}-elixir-${{ env.ELIXIR_VERSION }}-erlang-${{ env.OTP_VERSION }}-lint-build-${{ hashFiles('**/mix.lock') }}-${{ hashFiles( '**/lib/**/*.{ex,eex}', '**/config/*.exs', '**/mix.exs' ) }} | |
| - uses: reviewdog/action-setup@v1 | |
| with: | |
| reviewdog_version: latest | |
| - name: Run credo with reviewdog | |
| env: | |
| REVIEWDOG_GITHUB_API_TOKEN: ${{ github.token }} | |
| run: | | |
| reviewdog \ | |
| -runners=credo \ | |
| -reporter=${{ needs.opts.outputs.reporter }} \ | |
| -filter-mode=${{ needs.opts.outputs.filter-mode }} \ | |
| -fail-on-error | |
| dialyzer: | |
| name: Type checking | |
| runs-on: ubuntu-latest | |
| needs: [mix-deps, opts] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Elixir | |
| uses: erlef/setup-beam@v1 | |
| with: | |
| elixir-version: ${{ env.ELIXIR_VERSION }} | |
| otp-version: ${{ env.OTP_VERSION }} | |
| version-type: strict | |
| - name: Restore dependencies cache | |
| uses: actions/cache@v4 | |
| with: | |
| path: deps | |
| key: ${{ runner.os }}-elixir-lint-deps-${{ hashFiles('**/mix.lock') }} | |
| - name: Restore build cache | |
| uses: actions/cache@v4 | |
| with: | |
| path: _build | |
| key: ${{ runner.os }}-elixir-${{ env.ELIXIR_VERSION }}-erlang-${{ env.OTP_VERSION }}-lint-build-${{ hashFiles('**/mix.lock') }}-${{ hashFiles( '**/lib/**/*.{ex,eex}', '**/config/*.exs', '**/mix.exs' ) }} | |
| - name: Restore PLT cache | |
| uses: actions/cache@v4 | |
| id: plt_cache | |
| with: | |
| path: priv/plts | |
| key: ${{ runner.os }}-elixir-${{ env.ELIXIR_VERSION }}-erlang-${{ env.OTP_VERSION }}-dialyzer-plt-${{ hashFiles('**/mix.lock') }} | |
| restore-keys: ${{ runner.os }}-elixir-${{ env.ELIXIR_VERSION }}-erlang-${{ env.OTP_VERSION }}-dialyzer-plt- | |
| - name: Create PLTs | |
| if: steps.plt_cache.outputs.cache-hit != 'true' | |
| run: mix dialyzer --plt | |
| - uses: reviewdog/action-setup@v1 | |
| with: | |
| reviewdog_version: latest | |
| - name: Run dialyzer with reviewdog | |
| env: | |
| REVIEWDOG_GITHUB_API_TOKEN: ${{ github.token }} | |
| run: | | |
| reviewdog \ | |
| -runners=dialyzer \ | |
| -reporter=${{ needs.opts.outputs.reporter }} \ | |
| -filter-mode=${{ needs.opts.outputs.filter-mode }} \ | |
| -fail-on-error |