fix(deps): update dependency path-to-regexp to v8 [security] #5966
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Automate changeset feedback | |
on: | |
pull_request_target: | |
branches: ['main'] | |
permissions: | |
pull-requests: write | |
actions: none | |
checks: none | |
contents: none | |
deployments: none | |
issues: none | |
packages: none | |
pages: none | |
repository-projects: none | |
security-events: none | |
statuses: none | |
jobs: | |
changeset-feedback: | |
name: Generate Changeset Feedback | |
# prevent running towards forks and version packages | |
if: github.repository == 'backstage/community-plugins' && github.event.pull_request.user.login != 'backstage-service' | |
runs-on: ubuntu-latest | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 | |
with: | |
egress-policy: audit | |
- uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3 | |
with: | |
# Fetch the commit that's merged into the base rather than the target ref | |
# This will let us diff only the contents of the PR, without fetching more history | |
ref: 'refs/pull/${{ github.event.pull_request.number }}/merge' | |
- name: fetch base | |
run: git fetch --depth 1 origin ${{ github.base_ref }} | |
- uses: backstage/actions/changeset-feedback@v0.6.10 | |
name: Generate feedback | |
with: | |
diff-ref: 'origin/main' | |
marker: <!-- changeset-feedback --> | |
issue-number: ${{ github.event.pull_request.number }} | |
bot-username: backstage-goalie[bot] | |
app-id: ${{ secrets.BACKSTAGE_GOALIE_APPLICATION_ID }} | |
private-key: ${{ secrets.BACKSTAGE_GOALIE_PRIVATE_KEY }} | |
installation-id: ${{ secrets.BACKSTAGE_GOALIE_INSTALLATION_ID }} | |
multiple-workspaces: true |