From f9a1d229ca2416549f37639a43ca592c0d08abbd Mon Sep 17 00:00:00 2001 From: "Jonathan D.A. Jewell" <6759885+hyperpolymath@users.noreply.github.com> Date: Wed, 18 Mar 2026 17:11:37 +0000 Subject: [PATCH] chore(ci): maximize ci/cd values via dependabot and permissions --- .github/dependabot.yml | 10 ++++++++++ .github/workflows/boj-build.yml | 6 ++---- .github/workflows/test.yml | 3 +-- 3 files changed, 13 insertions(+), 6 deletions(-) create mode 100644 .github/dependabot.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..b00bfd0 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,10 @@ +version: 2 +updates: + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "daily" + groups: + actions: + patterns: + - "*" diff --git a/.github/workflows/boj-build.yml b/.github/workflows/boj-build.yml index b59be5f..610a8d6 100644 --- a/.github/workflows/boj-build.yml +++ b/.github/workflows/boj-build.yml @@ -1,19 +1,17 @@ name: BoJ Server Build Trigger - on: push: - branches: [ main, master ] + branches: [main, master] workflow_dispatch: - jobs: trigger-boj: runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v4 - - name: Trigger BoJ Server (Casket/ssg-mcp) run: | # Send a secure trigger to boj-server to build this repository curl -X POST "http://boj-server.local:7700/cartridges/ssg-mcp/invoke" -H "Content-Type: application/json" -d "{\"repo\": \"${{ github.repository }}\", \"branch\": \"${{ github.ref_name }}\", \"engine\": \"casket\\"}"} continue-on-error: true +permissions: read-all diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 9821961..de47922 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -1,12 +1,10 @@ name: test - on: push: branches: - master - main pull_request: - jobs: test: runs-on: ubuntu-latest @@ -21,3 +19,4 @@ jobs: - run: gleam deps download - run: gleam test - run: gleam format --check src test +permissions: read-all