Skip to content

docs: add a SECURITY.md file #40

docs: add a SECURITY.md file

docs: add a SECURITY.md file #40

Workflow file for this run

name: Continuous Integration
on:
push:
branches:
- main
- next
pull_request:
branches:
- main
- next
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
lint:
name: Lint Lua with Luacheck
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
with:
egress-policy: audit
- name: Checkout code
uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
- name: Luacheck linter
uses: lunarmodules/luacheck@cc089e3f65acdd1ef8716cc73a3eca24a6b845e4 # v1.2.0
format:
name: Check Formatting with StyLua
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
with:
egress-policy: audit
- name: Checkout code
uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
- uses: JohnnyMorganz/stylua-action@b6661824b86c9c33121bed87a778b660ba90cf77 # v4.0.0
with:
token: ${{ secrets.GITHUB_TOKEN }}
version: v0.20.0 # NOTE: we recommend pinning to a specific version in case of formatting changes
# CLI arguments
args: --check lua/
test:
name: Run Neovim Tests
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
neovim_version:
- nightly
- stable
- v0.10.2
- v0.9.5
- v0.8.3
steps:
- name: Harden Runner
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
with:
egress-policy: audit
- name: Checkout code
uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
- uses: rhysd/action-setup-vim@acff3bc31a82af69a26f90af710926fdab04d00e # v1.3.5
with:
neovim: true
version: ${{ matrix.neovim_version}}
- uses: extractions/setup-just@69d82fb0233557aec017ef13706851d0694e0f1d # v1.6.0
with:
just-version: 1.36.0 # optional semver specification, otherwise latest
- name: Run tests
run: just test
release:
needs: [lint, format, test]
runs-on: ubuntu-latest
permissions:
contents: write
issues: write
pull-requests: write
steps:
- name: Harden Runner
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
with:
egress-policy: audit
- name: Checkout repository
uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
with:
fetch-depth: 0
persist-credentials: false
- name: Semantic Release
uses: cycjimmy/semantic-release-action@b1b432f13acb7768e0c8efdec416d363a57546f2 # v4.1.1
id: semantic
with:
semantic_version: 24.0.0
extra_plugins: |
@semantic-release/exec@6
@semantic-release/git@10
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}