Skip to content
Dependencies

Dependencies #205

Sign in to view logs

Dependencies

Dependencies #205

Workflow file for this run

.github/workflows/dependencies.yml at 951bf3f
name: Dependencies
on:
schedule:
- cron: "47 18 * * *"
workflow_dispatch:
concurrency:
# Pushing new changes to a branch will cancel any in-progress CI runs
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
# Restrict jobs in this workflow to have no permissions by default; permissions
# should be granted per job as needed using a dedicated `permissions` block
permissions: {}
jobs:
update:
permissions:
contents: write # to fetch and commit code
actions: write # to manually dispatch checks on the pull request
pull-requests: write # Create pull requests
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
- uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0
with:
go-version-file: "go.mod"
check-latest: true
- run: |
latest_commit=$(git ls-remote https://github.com/google/osv-scalibr.git HEAD | cut -f1)
echo "updating osv-scalibr to $latest_commit"
go get github.com/google/osv-scalibr@"$latest_commit"
echo "latest_scalibr_commit=$latest_commit" >> "$GITHUB_ENV"
go mod tidy
- run: go test ./cmd/osv-scanner/ -run 'Test_run$' || true
env:
TEST_ACCEPTANCE: true
TEST_VCR_MODE: replaywithnewepisodes
UPDATE_SNAPS: always
- uses: peter-evans/create-pull-request@c0f553fe549906ede9cf27b5156039d195d2ece0 # v8.1.0
with:
token: ${{ secrets.PR_TOKEN_BOT }}
title: "feat: update osv-scalibr"
body: >
This updates `osv-scalibr` to https://github.com/google/osv-scalibr/commit/${{ env.latest_scalibr_commit }}
branch: "bot/update-scalibr"
author: "osv-robot <[email protected]>"
commit-message: "feat: update osv-scalibr to ${{ env.latest_scalibr_commit }}"
delete-branch: true