44 lines
1.1 KiB
YAML
44 lines
1.1 KiB
YAML
name: Dependency Checks
|
|
|
|
on:
|
|
pull_request:
|
|
paths:
|
|
- frontend/pnpm-lock.yaml
|
|
- desktop/pnpm-lock.yaml
|
|
|
|
permissions:
|
|
contents: read
|
|
pull-requests: write
|
|
|
|
jobs:
|
|
diff_dependencies:
|
|
runs-on: ubuntu-latest
|
|
strategy:
|
|
matrix:
|
|
directory: [frontend, desktop]
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
|
|
with:
|
|
fetch-depth: 0
|
|
- name: Create Diff
|
|
uses: e18e/action-dependency-diff@8e9b8c1957ab066d36235a43f4c1ff1522e1bdbc # v1.6.1
|
|
with:
|
|
working-directory: ${{ matrix.directory }}
|
|
|
|
check-provenance:
|
|
runs-on: ubuntu-latest
|
|
strategy:
|
|
matrix:
|
|
directory: [frontend, desktop]
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
|
|
with:
|
|
fetch-depth: 0
|
|
- name: Check provenance downgrades
|
|
uses: danielroe/provenance-action@81568f71211c1839d6d3583c6a93037f5348c816 # main
|
|
with:
|
|
workspace-path: ${{ matrix.directory }}
|
|
fail-on-provenance-change: true
|