This repository has been archived by the owner on Jan 31, 2025. It is now read-only.
github: prevent script injections via PR branch names #709
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Checks | |
| # yamllint disable-line rule:truthy | |
| on: [pull_request, push] | |
| jobs: | |
| codespell: | |
| name: "Spell check" | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v2 | |
| - uses: codespell-project/actions-codespell@master | |
| with: | |
| ignore_words_list: msdos, pullrequest | |
| skip: ./.git | |
| mypy: | |
| name: "Mypy check" | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Clone repository | |
| uses: actions/checkout@v2 | |
| with: | |
| path: manifest-db | |
| - name: Check files with mypy | |
| run: | | |
| sudo apt install python3-pip -y | |
| sudo pip install mypy | |
| sudo pip install types-PyYAML | |
| for i in manifest-db/tools/*; do mypy --ignore-missing-imports "${i}"; done | |
| for i in manifest-db/test/cases/*; do mypy --ignore-missing-imports "${i}"; done |