build: add vulnerability scan to PR build #715
bestbeforetodaypr.yml
on: pull_request
Build and Test Java
scan
/
sbom
Check editorconfig
Dry-run release
Lint commits for semantic-release
Security validation
Matrix: Build Isthmus Native Image
Waiting for pending jobs
Matrix: scan / scan
Waiting for pending jobs
Annotations
1 error
|
Invalid workflow file:
.github/workflows/pr.yml#L27
The workflow is not valid. substrait-io/substrait-java/.github/workflows/vulnerability-scan.yml@618a681a1bf50d9b0d4f6b9fb8801c6de09ef336 (Line: 27, Col: 3): Error calling workflow 'google/osv-scanner-action/.github/workflows/[email protected]'. The workflow is requesting 'contents: read', but is only allowed 'contents: none'.
|