From 1907bca23a4bac1a30945589fc2332b78a9c63ea Mon Sep 17 00:00:00 2001 From: Marcel Hibbe Date: Mon, 17 Mar 2025 11:09:50 +0100 Subject: [PATCH] update workflows see https://github.com/nextcloud/.github?tab=readme-ov-file#update-workflows-with-a-script Signed-off-by: Marcel Hibbe --- .github/workflows/pr-feedback.yml | 2 +- .github/workflows/renovate-approve-merge.yml | 6 +++--- .github/workflows/reuse.yml | 3 +++ 3 files changed, 7 insertions(+), 4 deletions(-) diff --git a/.github/workflows/pr-feedback.yml b/.github/workflows/pr-feedback.yml index 7d4966907..98e9fada7 100644 --- a/.github/workflows/pr-feedback.yml +++ b/.github/workflows/pr-feedback.yml @@ -36,7 +36,7 @@ jobs: blocklist=$(curl https://raw.githubusercontent.com/nextcloud/.github/master/non-community-usernames.txt | paste -s -d, -) echo "blocklist=$blocklist" >> "$GITHUB_OUTPUT" - - uses: marcelklehr/pr-feedback-action@1883b38a033fb16f576875e0cf45f98b857655c4 + - uses: nextcloud/pr-feedback-action@1883b38a033fb16f576875e0cf45f98b857655c4 # main with: feedback-message: | Hello there, diff --git a/.github/workflows/renovate-approve-merge.yml b/.github/workflows/renovate-approve-merge.yml index 48b98e91a..ccfed3974 100644 --- a/.github/workflows/renovate-approve-merge.yml +++ b/.github/workflows/renovate-approve-merge.yml @@ -9,7 +9,7 @@ name: Auto approve renovate PRs on: - pull_request_target: + pull_request_target: # zizmor: ignore[dangerous-triggers] branches: - main - master @@ -24,7 +24,7 @@ concurrency: jobs: auto-approve-merge: - if: github.actor == 'renovate[bot]' + if: github.event.pull_request.user.login == 'renovate[bot]' runs-on: ubuntu-latest permissions: # for hmarr/auto-approve-action to approve PRs @@ -52,7 +52,7 @@ jobs: # Enable GitHub auto merge - name: Auto merge - uses: alexwilson/enable-github-automerge-action@main + uses: alexwilson/enable-github-automerge-action@56e3117d1ae1540309dc8f7a9f2825bc3c5f06ff # v2.0.0 if: startsWith(steps.branchname.outputs.branch, 'renovate/') with: github-token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/reuse.yml b/.github/workflows/reuse.yml index b6828556a..0d8e1962a 100644 --- a/.github/workflows/reuse.yml +++ b/.github/workflows/reuse.yml @@ -11,6 +11,9 @@ name: REUSE Compliance Check on: [pull_request] +permissions: + contents: read + jobs: reuse-compliance-check: runs-on: ubuntu-latest