mirror of
https://github.com/bisq-network/bisq.git
synced 2025-02-24 15:10:44 +01:00
Merge pull request #5943 from dbast/master
CI Security: Use Github actions via sha1 (not tags) and keep them updated via dependabot
This commit is contained in:
Christoph Atteneder
GitHub
commit
ec42d104de
2 changed files with 9 additions and 3 deletions
6
.github/dependabot.yml
vendored
Normal file
6
.github/dependabot.yml
vendored
Normal file
|
|
@ -0,0 +1,6 @@
|
|||
version: 2
|
||||
updates:
|
||||
- package-ecosystem: "github-actions"
|
||||
directory: "/"
|
||||
schedule:
|
||||
interval: "weekly"
|
||||
6
.github/workflows/build.yml
vendored
6
.github/workflows/build.yml
vendored
|
|
@ -15,14 +15,14 @@ jobs:
|
|||
java: [ '11', '11.0.3', '15', '15.0.5']
|
||||
name: Test Java ${{ matrix.Java }}, ${{ matrix.os }}
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- uses: actions/checkout@1e204e9a9253d643386038d443f96446fa156a97
|
||||
with:
|
||||
fetch-depth: 0
|
||||
ref: ${{ github.event.pull_request.head.sha }}
|
||||
lfs: true
|
||||
|
||||
- name: Set up JDK
|
||||
uses: actions/setup-java@v2
|
||||
uses: actions/setup-java@5f00602cd1b2819185d88dc7a1b1985f598c6705
|
||||
with:
|
||||
java-version: ${{ matrix.java }}
|
||||
distribution: 'zulu'
|
||||
|
|
@ -31,7 +31,7 @@ jobs:
|
|||
run: chmod +x gradlew
|
||||
|
||||
- name: Validate Gradle Wrapper JAR files
|
||||
uses: gradle/wrapper-validation-action@v1
|
||||
uses: gradle/wrapper-validation-action@e6e38bacfdf1a337459f332974bb2327a31aaf4b
|
||||
|
||||
- name: Build with Gradle
|
||||
run: ./gradlew build
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue