determinate-nix-action/.github/workflows/ci.yml
dependabot[bot] 9a374e7be5
ci: bump the actions group with 2 updates
Bumps the actions group with 2 updates: [actions/checkout](https://github.com/actions/checkout) and [zizmorcore/zizmor-action](https://github.com/zizmorcore/zizmor-action).


Updates `actions/checkout` from 6.0.3 to 7.0.0
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](df4cb1c069...9c091bb21b)

Updates `zizmorcore/zizmor-action` from 0.5.6 to 0.5.7
- [Release notes](https://github.com/zizmorcore/zizmor-action/releases)
- [Commits](5f14fd08f7...192e21d79a)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: 7.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
- dependency-name: zizmorcore/zizmor-action
  dependency-version: 0.5.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-06-28 21:32:33 +00:00

31 lines
904 B
YAML

on:
pull_request:
push:
branches: [main]
jobs:
lints:
name: Build
runs-on: ubuntu-latest
permissions:
id-token: "write"
contents: "read"
steps:
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
with:
persist-credentials: false
- uses: ./.
- run: nix develop -c typos
if: success() || failure()
- run: nix develop -c ruff check
if: success() || failure()
- run: nix develop -c ruff format --diff
if: success() || failure()
- run: nix develop -c shellcheck ./tools/*.sh
if: success() || failure()
- name: Regenerate the README to make sure it is unchanged
run: nix develop -c ./tools/generate.sh
if: success() || failure()
- name: Assert no changes were made
run: git diff --exit-code
if: success() || failure()