mirror of
https://github.com/h5bp/html5-boilerplate.git
synced 2026-01-10 07:08:02 -05:00
a0db7c3c5d
Updated workflow files to use specific commit SHAs for actions/checkout, actions/setup-node, github/codeql-action, and streetsidesoftware/cspell-action. This improves security and reproducibility by preventing unexpected changes from upstream action updates. Also set 'persist-credentials: false' for checkout steps to enhance security.
24 lines
561 B
YAML
24 lines
561 B
YAML
name: "Check spelling"
|
|
on: # rebuild any PRs and main branch changes
|
|
push:
|
|
branches-ignore:
|
|
- "dependabot/**"
|
|
pull_request:
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
jobs:
|
|
spellcheck:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
|
|
with:
|
|
persist-credentials: false
|
|
|
|
- uses: streetsidesoftware/cspell-action@dcd03dc3e8a59ec2e360d0c62db517baa0b4bb6d # v7.2.0
|
|
with:
|
|
inline: warning
|
|
strict: false
|
|
incremental_files_only: true
|