Skip to content

Commit

Permalink
fix(ci): disable dependency review in forks (#560)
Browse files Browse the repository at this point in the history
Correction to ensure that the “Dependency Review” job is only run in
the project's original repository.

Fix: 8cb9fc2.
Fix: 9fe355a.

Signed-off-by: Claudio André <[email protected]>
  • Loading branch information
claudioandre-br committed Nov 15, 2024
1 parent 886e499 commit 3445733
Showing 1 changed file with 11 additions and 5 deletions.
16 changes: 11 additions & 5 deletions .github/workflows/dependency-review.yml
Original file line number Diff line number Diff line change
Expand Up @@ -38,10 +38,10 @@ permissions:

jobs:
dependency-review:
if: ${{ github.repository == 'openwall/john-packages' }}
runs-on: ubuntu-latest
name: dependency-review

# if: github.actor == 'claudioandre-br' || github.actor == 'solardiz'
steps:
- name: Harden Runner
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
Expand All @@ -54,7 +54,13 @@ jobs:
api.securityscorecards.dev:443
github.com:443
- name: "Checkout Repository"
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: "Dependency Review"
uses: actions/dependency-review-action@4081bf99e2866ebe428fc0477b69eb4fcda7220a # v4.4.0
- name: Dump GitHub context
env:
GITHUB_CONTEXT: ${{ toJson(github) }}
run: |
echo ${{ github.event.pull_request.head.repo.full_name }}
# - name: "Checkout Repository"
# uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
# - name: "Dependency Review"
# uses: actions/dependency-review-action@4081bf99e2866ebe428fc0477b69eb4fcda7220a # v4.4.0

0 comments on commit 3445733

Please sign in to comment.