mirror of
https://github.com/neovim/neovim.git
synced 2026-04-04 22:59:36 +00:00
ed767a6a69
This avoids false positives from existing uses of `GITHUB_ENV` and `pull_request_target` that are safe, as well as from cache usage in a workflow that doesn't produce release artifacts.
16 lines
286 B
YAML
16 lines
286 B
YAML
rules:
|
|
cache-poisoning:
|
|
ignore:
|
|
- test.yml
|
|
dangerous-triggers:
|
|
ignore:
|
|
- backport.yml
|
|
- labeler_pr.yml
|
|
- reviewers_add.yml
|
|
- reviewers_remove.yml
|
|
unpinned-uses:
|
|
config:
|
|
policies:
|
|
actions/*: ref-pin
|
|
github/*: ref-pin
|