Skip to content

Bump goreleaser/goreleaser-action from 5.0.0 to 5.1.0 (#107) #81

Bump goreleaser/goreleaser-action from 5.0.0 to 5.1.0 (#107)

Bump goreleaser/goreleaser-action from 5.0.0 to 5.1.0 (#107) #81

Workflow file for this run

name: POP - poutine on poutine
on:
push:
branches: [ main ]
paths:
- .github/workflows/**
- action.yml
pull_request:
branches: [ main ]
paths:
- .github/workflows/**
- action.yml
- '!README.md'
- '!LICENSE'
- '!docs/**'
- '!.github/**'
permissions: {}
jobs:
pop:
runs-on: ubuntu-latest
permissions:
security-events: write
contents: read
steps:
- uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1
with:
disable-sudo: true
egress-policy: audit
allowed-endpoints: >
github.com:443
api.github.com:443
codeload.github.com:443
objects.githubusercontent.com:443
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- uses: boostsecurityio/poutine-action@main # Dogfood the latest action
name: "Run poutine on poutine's own codebase"
id: self-test
- name: Upload SARIF file
uses: github/codeql-action/upload-sarif@d39d31e687223d841ef683f52467bd88e9b21c14 # v3.25.3
with:
sarif_file: results.sarif