Skip to content

feat: added banner and update subscription check to make maintained actions free for public repos #208

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
anurag-stepsecurity wants to merge 1 commit into from
Closed

feat: added banner and update subscription check to make maintained actions free for public repos #208

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 7 additions & 2 deletions .github/workflows/actions_release.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,11 @@ on:
description: "Script to run for the release"
required: false
default: "yarn build"

node_version:
description: "Specify Node.js version (e.g., '18', '20', 'lts/*')"
required: false
default: "24"

permissions:
contents: read

Expand All @@ -23,4 +27,5 @@ jobs:
uses: step-security/reusable-workflows/.github/workflows/actions_release.yaml@v1
with:
tag: "${{ github.event.inputs.tag }}"
script: "${{ github.event.inputs.script }}"
script: "${{ github.event.inputs.script }}"
node_version: "${{ github.event.inputs.node_version }}"
7 changes: 6 additions & 1 deletion .github/workflows/audit_package.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,11 @@ on:
description: "Specify a script to run after audit fix"
required: false
default: "yarn build"

node_version:
description: "Specify Node.js version (e.g., '18', '20', 'lts/*')"
required: false
default: "24"

schedule:
- cron: "0 0 * * 1"

Expand All @@ -26,6 +30,7 @@ jobs:
base_branch: ${{ inputs.base_branch || 'main' }}
package_manager: "yarn"
script: ${{ inputs.script || 'yarn build' }}
node_version: "${{ inputs.node_version || '24' }}"

permissions:
contents: write
Expand Down
5 changes: 5 additions & 0 deletions .github/workflows/auto_cherry_pick.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,10 @@ on:
description: "Run mode: cherry-pick or verify"
required: false
default: "cherry-pick"
node_version:
description: "Specify Node.js version (e.g., '18', '20', 'lts/*')"
required: false
default: "24"

pull_request:
types: [labeled, opened, synchronize]
Expand All @@ -41,3 +45,4 @@ jobs:
package_manager: "yarn"
script: ${{ inputs.script || 'yarn run all' }}
mode: ${{ github.event_name == 'pull_request' && 'verify' || inputs.mode }}
node_version: "${{ inputs.node_version || '24' }}"
2 changes: 2 additions & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,5 @@
[![StepSecurity Maintained Action](https://raw.githubusercontent.com/step-security/maintained-actions-assets/main/assets/maintained-action-banner.png)](https://docs.stepsecurity.io/actions/stepsecurity-maintained-actions)

# StepSecurity Maintained changed-files Action

[StepSecurity Maintained Actions](https://docs.stepsecurity.io/actions/stepsecurity-actions) are usually exclusive to StepSecurity enterprise customers. However, in an effort to help the community with [the tj-actions/changed-files security incident](https://www.stepsecurity.io/blog/harden-runner-detection-tj-actions-changed-files-action-is-compromised), we are making this StepSecurity Maintained Action **freely available to everyone**.
Expand Down
Loading
Loading