python-pillow/Pillow
1
1
Fork 0
mirror of https://github.com/python-pillow/Pillow.git synced 2025-02-04 13:40:54 +03:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #8526 from hugovk/zizmor

Browse Source 
Apply security fixes to GitHub Actions
This commit is contained in:
Andrew Murray 2024-11-04 16:34:23 +11:00 committed by GitHub
commit 89735266ad
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
10 changed files with 28 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/docs.yml vendored
View File

@ -33,6 +33,8 @@ jobs:
steps:
- uses: actions/checkout@v4
with:
persist-credentials: false
- name: Set up Python
uses: actions/setup-python@v5

2
.github/workflows/lint.yml vendored
View File

@ -21,6 +21,8 @@ jobs:
steps:
- uses: actions/checkout@v4
with:
persist-credentials: false
- name: pre-commit cache
uses: actions/cache@v4

4
.github/workflows/stale.yml vendored
View File

@ -6,7 +6,7 @@ on:
workflow_dispatch:
permissions:
issues: write
contents: read
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
@ -15,6 +15,8 @@ concurrency:
jobs:
stale:
if: github.repository_owner == 'python-pillow'
permissions:
issues: write
runs-on: ubuntu-latest

2
.github/workflows/test-cygwin.yml vendored
View File

@ -48,6 +48,8 @@ jobs:
- name: Checkout Pillow
uses: actions/checkout@v4
with:
persist-credentials: false
- name: Install Cygwin
uses: cygwin/cygwin-install-action@v4

2
.github/workflows/test-docker.yml vendored
View File

@ -65,6 +65,8 @@ jobs:
steps:
- uses: actions/checkout@v4
with:
persist-credentials: false
- name: Build system information
run: python3 .github/workflows/system-info.py

2
.github/workflows/test-mingw.yml vendored
View File

@ -46,6 +46,8 @@ jobs:
steps:
- name: Checkout Pillow
uses: actions/checkout@v4
with:
persist-credentials: false
- name: Set up shell
run: echo "C:\msys64\usr\bin\" >> $env:GITHUB_PATH

2
.github/workflows/test-valgrind.yml vendored
View File

@ -40,6 +40,8 @@ jobs:
steps:
- uses: actions/checkout@v4
with:
persist-credentials: false
- name: Build system information
run: python3 .github/workflows/system-info.py

4
.github/workflows/test-windows.yml vendored
View File

@ -44,16 +44,20 @@ jobs:
steps:
- name: Checkout Pillow
uses: actions/checkout@v4
with:
persist-credentials: false
- name: Checkout cached dependencies
uses: actions/checkout@v4
with:
persist-credentials: false
repository: python-pillow/pillow-depends
path: winbuild\depends
- name: Checkout extra test images
uses: actions/checkout@v4
with:
persist-credentials: false
repository: python-pillow/test-images
path: Tests\test-images

2
.github/workflows/test.yml vendored
View File

@ -63,6 +63,8 @@ jobs:
steps:
- uses: actions/checkout@v4
with:
persist-credentials: false
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v5

7
.github/workflows/wheels.yml vendored
View File

@ -61,6 +61,7 @@ jobs:
steps:
- uses: actions/checkout@v4
with:
persist-credentials: false
submodules: true
- uses: actions/setup-python@v5
@ -132,6 +133,7 @@ jobs:
steps:
- uses: actions/checkout@v4
with:
persist-credentials: false
submodules: true
- uses: actions/setup-python@v5
@ -173,10 +175,13 @@ jobs:
- cibw_arch: ARM64
steps:
- uses: actions/checkout@v4
with:
persist-credentials: false
- name: Checkout extra test images
uses: actions/checkout@v4
with:
persist-credentials: false
repository: python-pillow/test-images
path: Tests\test-images
@ -253,6 +258,8 @@ jobs:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
persist-credentials: false
- name: Set up Python
uses: actions/setup-python@v5