build(deps): bump github/codeql-action from 3.25.14 to 3.25.15 #274
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "CLA Assistant" | |
| on: | |
| issue_comment: | |
| types: [created] | |
| pull_request_target: | |
| types: [opened, closed, synchronize] | |
| # explicitly configure permissions, in case your GITHUB_TOKEN workflow permissions are set to read-only in repository settings | |
| permissions: | |
| actions: write | |
| contents: write | |
| pull-requests: write | |
| statuses: write | |
| jobs: | |
| CLAAssistant: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0 | |
| with: | |
| egress-policy: audit | |
| - name: "CLA Assistant" | |
| if: (github.event.comment.body == 'recheck' || github.event.comment.body == 'I have read the CLA Document and I hereby sign the CLA') || github.event_name == 'pull_request_target' | |
| uses: contributor-assistant/github-action@9340315624c6e16cef1f2c63bdeb0f0c49c6f474 # v2.4.0 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| # the below token should have repo scope and must be manually added by you in the repository's secret | |
| # This token is required only if you have configured to store the signatures in a remote repository/organization | |
| PERSONAL_ACCESS_TOKEN: ${{ secrets.PERSONAL_ACCESS_TOKEN }} | |
| with: | |
| path-to-signatures: "signatures/version1/cla.json" | |
| path-to-document: "https://github.com/exeme-project/.github/blob/main/CLA.md" | |
| # branch should not be protected | |
| branch: "main" | |
| allowlist: dependabot[bot], step-security-bot, pre-commit-ci[bot] | |
| # the followings are the optional inputs - If the optional inputs are not given, then default values will be taken | |
| remote-organization-name: "exeme-project" | |
| remote-repository-name: ".github" | |
| #create-lima-commit-message: 'For example: Creating lima for storing CLA Signatures' | |
| #signed-commit-message: 'For example: $contributorName has signed the CLA in $owner/$repo#$pullRequestNo' | |
| #custom-notsigned-prcomment: 'pull request comment with Introductory message to ask new contributors to sign' | |
| #custom-pr-sign-comment: 'The signature to be committed in order to sign the CLA' | |
| #custom-allsigned-prcomment: 'pull request comment when all contributors has signed, defaults to **CLA Assistant Lite bot** All Contributors have signed the CLA.' | |
| lock-pullrequest-aftermerge: true | |
| #use-dco-flag: true - If you are using DCO instead of CLA |