Skip to content

Commit a1e0259

Browse files
bbhttbbhtt
committed
node: Harden the CI
1 parent 8507c07 commit a1e0259

File tree

1 file changed

+16
-2
lines changed

1 file changed

+16
-2
lines changed

.github/workflows/node.yaml

Lines changed: 16 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,9 @@ defaults:
1616

1717
jobs:
1818
node:
19+
permissions:
20+
contents: read
21+
timeout-minutes: 60
1922
strategy:
2023
fail-fast: false
2124
matrix:
@@ -27,26 +30,37 @@ jobs:
2730
- '3.13'
2831
runs-on: ubuntu-latest
2932
steps:
30-
- uses: actions/checkout@v4
33+
# 4.2.2
34+
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
35+
with:
36+
persist-credentials: false
37+
3138
- name: Configure git
3239
run: |
3340
git config --global user.name 'github-actions[bot]'
3441
git config --global user.email '41898282+github-actions[bot]@users.noreply.github.com'
35-
- uses: actions/setup-python@v4
42+
43+
# 5.6.0
44+
- uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065
3645
with:
3746
python-version: ${{ matrix.python-version }}
47+
3848
- name: Setup Poetry
3949
run: |
4050
curl -sSL https://install.python-poetry.org | python3 -
4151
sudo ln -s /github/home/.local/bin/poetry /usr/bin/poetry
52+
4253
- name: Install OS dependencies
4354
run: sudo apt-get update && sudo apt-get install -y flatpak-builder
55+
4456
- name: Install Flatpak dependencies
4557
run: |
4658
flatpak --user remote-add flathub https://flathub.org/repo/flathub.flatpakrepo
4759
flatpak --user install -y flathub \
4860
org.freedesktop.{Platform,Sdk{,.Extension.node{14,16,18}}}//22.08
61+
4962
- name: Install dependencies
5063
run: poetry install --with=dev
64+
5165
- name: Run checks
5266
run: poetry run poe check

0 commit comments

Comments
 (0)