fix: do not persist credentials in checkout action #1271
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This workflow will check our code for having a proper format, as well as the commit message to meet the expected ones | |
| name: Lint | |
| on: | |
| push: | |
| branches: ["main"] | |
| pull_request: | |
| branches: ["main"] | |
| jobs: | |
| lint: | |
| runs-on: ubuntu-latest | |
| if: "!startsWith(github.event.head_commit.message, 'bump:')" | |
| steps: | |
| - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 | |
| - name: Install uv | |
| uses: astral-sh/setup-uv@61cb8a9741eeb8a550a1b8544337180c0fc8476b # v7.2.0 | |
| - name: Install the project | |
| run: uv sync --locked --group dev --python 3.10 | |
| - name: Cache mypy cache | |
| uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v4.2.1 | |
| with: | |
| path: .mypy_cache | |
| key: mypy-${{ runner.os }} | |
| restore-keys: | | |
| mypy-${{ runner.os }} | |
| - name: Lint | |
| run: | | |
| uv run ruff format --check src tests | |
| uv run ruff check src tests | |
| uv run mypy src tests | |
| lint-commit: | |
| runs-on: ubuntu-latest | |
| if: "!startsWith(github.event.head_commit.message, 'bump:')" | |
| name: "Lint commit message" | |
| container: | |
| image: commitizen/commitizen:4.8.3@sha256:08a078c52b368f85f34257a66e10645ee74d8cbe9b471930b80b2b4e95a9bd4a | |
| steps: | |
| - name: Check out | |
| uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 | |
| - name: Check commit message | |
| run: | | |
| git config --global --add safe.directory /__w/twyn/twyn | |
| cz check --rev-range HEAD |