Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Docs: Pin versions and add GHA for testing build failures #12038

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 5 commits into from
Mar 20, 2025
Merged

Docs: Pin versions and add GHA for testing build failures #12038

merged 5 commits into from
Mar 20, 2025

Conversation

Maffooch
Copy link
Contributor

@Maffooch Maffooch commented Mar 17, 2025
edited
Loading

The deployment of the docs have been breaking recently. This PR pins the version of the dependencies, and adds a unit tests to determine if dependency updates will break the build

[sc-10568]

@github-actions github-actions bot added the docs label Mar 17, 2025
@dryrunsecurity DryRunSecurity
Copy link

dryrunsecurity bot commented Mar 17, 2025
edited
Loading

DryRun Security Summary

GitHub Actions workflow for documentation build validation was updated with improved security measures, including action version pinning, path-specific triggers, dependency version updates, and Node.js version upgrade to 22.14.0.

Expand for full summary
  1. Summary: GitHub Actions workflow update for documentation build validation, with dependency version updates in package.json and package-lock.json, including Node.js version upgrade to 22.14.0.

Security Findings:

  • Workflow uses specific, pinned action version hashes, improving supply chain security
  • Workflow trigger limited to docs/ path changes, reducing unnecessary workflow runs
  • Dependency version pinning in package.json and package-lock.json reduces risk of unexpected updates
  • Node.js version update to 22.14.0 may introduce newer security patches
  • No sensitive environment variables or credentials exposed in the workflow

View PR in the DryRun Dashboard.

@Maffooch Maffooch merged commit 0cafc3c into master Mar 20, 2025
79 of 80 checks passed
@Maffooch Maffooch deleted the docs-pinning-and-testing branch March 20, 2025 17:12
valentijnscholten pushed a commit to valentijnscholten/django-DefectDojo that referenced this pull request Mar 20, 2025
@Maffooch @valentijnscholten
Docs: Pin versions and add GHA for testing build failures (DefectDojo…
83b3607 
…#12038)

* Docs: Pin versions and add GHA for testing build failures

* update action

* Pin doks theme

* Silly typo

* Update lock file
iago-r pushed a commit to iago-r/django-DefectDojo that referenced this pull request Mar 27, 2025
@Maffooch
Docs: Pin versions and add GHA for testing build failures (DefectDojo…
7da8c0c 
…#12038)

* Docs: Pin versions and add GHA for testing build failures

* update action

* Pin doks theme

* Silly typo

* Update lock file
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cneill cneill cneill approved these changes

@valentijnscholten valentijnscholten valentijnscholten approved these changes

@dogboat dogboat dogboat approved these changes

@hblankenship hblankenship hblankenship approved these changes

Assignees
No one assigned
Labels
docs
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@Maffooch @cneill @valentijnscholten @dogboat @hblankenship