You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
ci: [SEC-7263] Update dependency-scan workflow to use common-actions (#1775)
* feat: update dependency-scan workflow to use common-actions
Replace launchdarkly/gh-actions with launchdarkly/common-actions for SEC-7263.
Update to use runs-on runner pattern and add proper artifacts configuration.
Co-Authored-By: Patrick Kaeding <[email protected]>
* fix: add permissions to dependency-scan workflow jobs
Add id-token: write and contents: read permissions to both generate-nodejs-sbom
and evaluate-policy jobs to enable access to private launchdarkly/common-actions repository.
Co-Authored-By: Patrick Kaeding <[email protected]>
* fix: add custom GitHub token authentication to dependency-scan workflow
Add CUSTOM_GITHUB_TOKEN retrieval via release-secrets action to both jobs
to enable access to private launchdarkly/common-actions repository.
Co-Authored-By: Patrick Kaeding <[email protected]>
* fix: revert to use launchdarkly/gh-actions for public repo access
Switch from private common-actions to public gh-actions for SEC-7263.
Simplify workflow structure to match working implementation.
Co-Authored-By: Patrick Kaeding <[email protected]>
* fix: use ubuntu-latest runner instead of custom runner spec
Remove custom runs-on configuration that was causing runner resolution
failures. Simplify to standard ubuntu-latest for SEC-7263.
Co-Authored-By: Patrick Kaeding <[email protected]>
---------
Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
![devin-ai-integration[bot]](https://avatars.githubusercontent.com/in/811515?v=4&size=40){kind=avatar}
0 commit comments