You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: .github/workflows/pull-request.yml
+15-4Lines changed: 15 additions & 4 deletions
Original file line number
Diff line number
Diff line change
@@ -18,7 +18,7 @@ jobs:
18
18
node-version: 20
19
19
20
20
- name: Get yarn cache
21
-
uses: actions/cache@v2
21
+
uses: actions/cache@v4
22
22
id: yarn-cache
23
23
with:
24
24
path: |
@@ -45,6 +45,9 @@ jobs:
45
45
deploy-preview:
46
46
runs-on: ubuntu-latest
47
47
name: deploy-preview
48
+
permissions:
49
+
contents: read
50
+
id-token: write
48
51
steps:
49
52
- name: Check out Git repository
50
53
uses: actions/checkout@v3
@@ -55,7 +58,7 @@ jobs:
55
58
node-version: 20
56
59
57
60
- name: Get yarn cache
58
-
uses: actions/cache@v2
61
+
uses: actions/cache@v4
59
62
id: yarn-cache
60
63
with:
61
64
path: |
@@ -82,12 +85,20 @@ jobs:
82
85
- run: yarn add -W @typeform/jarvis
83
86
- run: git checkout HEAD -- package.json # do not save jarvis dependency to package.json because it is private (the file is committed by semantic-release to bump version)
Copy file name to clipboardExpand all lines: .github/workflows/release.yml
+15-3Lines changed: 15 additions & 3 deletions
Original file line number
Diff line number
Diff line change
@@ -8,6 +8,10 @@ jobs:
8
8
release:
9
9
name: Release
10
10
runs-on: ubuntu-latest
11
+
permissions:
12
+
contents: write
13
+
id-token: write
14
+
packages: write
11
15
steps:
12
16
- name: Check out Git repository
13
17
uses: actions/checkout@v3
@@ -18,7 +22,7 @@ jobs:
18
22
node-version: 20
19
23
20
24
- name: Get yarn cache
21
-
uses: actions/cache@v3
25
+
uses: actions/cache@v4
22
26
id: yarn-cache
23
27
with:
24
28
path: |
@@ -47,12 +51,20 @@ jobs:
47
51
- run: yarn add -W @typeform/jarvis
48
52
- run: git checkout HEAD -- package.json # do not save jarvis dependency to package.json because it is private (the file is committed by semantic-release to bump version)
0 commit comments