chore(deps): bump the npm_and_yarn group with 2 updates #864
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This GitHub Actions workflow is named "black-formatter" and is triggered on push and pull request events. | |
| # It has read permissions for repository contents. | |
| # | |
| # The workflow defines a single job named "black-linter" that runs on the latest Ubuntu runner. | |
| # | |
| # Steps: | |
| # 1. Harden Runner: | |
| # - Uses the "step-security/harden-runner" action (specific commit) to enhance security. | |
| # - Disables sudo, blocks egress traffic, and allows specific endpoints (files.pythonhosted.org, github.com, pypi.org). | |
| # | |
| # 2. Checkout Code: | |
| # - Uses the "actions/checkout" action (specific commit) to check out the repository code. | |
| # | |
| # 3. Run Black Formatter: | |
| # - Uses the "psf/black" action (specific commit) to run the Black code formatter on the repository. | |
| name: black-formatter | |
| # Define the events that trigger this workflow | |
| on: | |
| push: # Trigger on push events | |
| pull_request: # Trigger on pull request events | |
| # Define permissions required for the workflow | |
| permissions: | |
| contents: read # Required to fetch repository contents | |
| concurrency: | |
| group: black-${{ github.ref }} | |
| cancel-in-progress: false | |
| jobs: | |
| black-linter: | |
| # Specify the runner to use (ubuntu-latest) | |
| runs-on: ubuntu-latest | |
| steps: | |
| # Step to harden the runner for security purposes | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911 # v2.13.0 | |
| with: | |
| disable-sudo: true # Disable sudo to prevent privilege escalation | |
| egress-policy: block # Block all egress traffic | |
| allowed-endpoints: > # Allow specific endpoints for necessary traffic | |
| files.pythonhosted.org:443 | |
| github.com:443 | |
| pypi.org:443 | |
| # Step to checkout the repository code | |
| - name: Checkout Code | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| # Step to run the Black code formatter | |
| - name: Run Black Formatter | |
| uses: psf/black@8a737e727ac5ab2f1d4cf5876720ed276dc8dc4b # stable |