GitHub Actions linter
MIT License
Bot releases are visible (Hide)
Pull Requests | Issues | https://github.com/suzuki-shunsuke/ghalint/compare/v0.2.8...v0.2.9
#281 Add a policy action_shell_is_required
Published by github-actions[bot] 11 months ago
Pull Requests | Issues | https://github.com/suzuki-shunsuke/ghalint/compare/v0.2.7...v0.2.8
#275 #280 Support validating action.ya?ml
#279 Refactoring
Published by github-actions[bot] 11 months ago
Pull Requests | Issues | https://github.com/suzuki-shunsuke/ghalint/compare/v0.2.6...v0.2.7
#252 Add a global option -log-color
#203 #253 support changing log level
#254 Add links to document to error logs
#255 Add a global option -config (-c)
#256 add a new policy github_app_should_limit_repositories
#257 add a new policy github_app_should_limit_permissions
Published by github-actions[bot] 11 months ago
Pull Requests | Issues | https://github.com/suzuki-shunsuke/ghalint/compare/v0.2.5...v0.2.6
#244 Add links to policy document to logs
e.g.
ERRO[0000] action ref should be full length SHA1 document="https://github.com/suzuki-shunsuke/ghalint/blob/main/docs/policies/008.md" job_name=release policy_name=action_ref_should_be_full_length_commit_sha program=ghalint uses=suzuki-shunsuke/go-release-workflow/.github/workflows/[email protected] version= workflow_file_path=.github/workflows/release.yaml
document="https://github.com/suzuki-shunsuke/ghalint/blob/main/docs/policies/008.md"
Published by github-actions[bot] 11 months ago
Pull Requests | Issues | https://github.com/suzuki-shunsuke/ghalint/compare/v0.2.4...v0.2.5
#240 #241 output errors regarding to configuration files
Published by github-actions[bot] 11 months ago
Pull Requests | Issues | https://github.com/suzuki-shunsuke/ghalint/compare/v0.2.3...v0.2.4
#235 #236 Fix a bug that ghalint couldn't parse workflow files if container
is a string
container: "composer:2.6.5"
When you only specify a container image, you can omit the image keyword.
ghalint should support the format too.
Published by github-actions[bot] 11 months ago
Pull Requests | Issues | https://github.com/suzuki-shunsuke/ghalint/compare/v0.2.2...v0.2.3
Add new policies
#209 #214 secrets: inherit
should not be used
#208 #217 docker image tag should not be latest
#206 #218 action version should be commit hashes
#226 Refactor package structure
#224 #225 #227 Add unit tests
#228 Support Scoop
You can install ghalint with Scoop
scoop bucket add suzuki-shunsuke https://github.com/suzuki-shunsuke/scoop-bucket
scoop install ghalint
Published by github-actions[bot] 11 months ago
Pull Requests | Issues | https://github.com/suzuki-shunsuke/ghalint/compare/v0.2.2...v0.2.3-1
deny_job_container_latest_image
(#217)deny_inherit_secrets
(#214)Published by github-actions[bot] over 1 year ago
Pull Requests | Issues | https://github.com/suzuki-shunsuke/ghalint/compare/v0.2.1...v0.2.2
#64 Add policies to forbid read-all
and write-all
permissions
permissions: read-all|write-all
#64 Fix a bug that ghalint couldn't parse a workflow using permissions: read-all
or permissions: write-all
permissions: read-all|write-all
ERRO[0000] read a workflow file error="parse a workflow file as YAML: yaml: unmarshal errors:\n line 13: cannot unmarshal !!str `read-all` into map[string]string" program=ghalint version=0.2.1 workflow_file_path=.github/workflows/release.yml
Published by github-actions[bot] over 1 year ago
Pull Requests | Issues | https://github.com/suzuki-shunsuke/ghalint/compare/v0.2.0...v0.2.1
#35 Support configuring log color mode by environment variable GHALINT_LOG_COLOR
💡 If you want to enable log color in GitHub Actions, please try GHALINT_LOG_COLOR=always
env:
GHALINT_LOG_COLOR: always
AS IS
TO BE
Published by github-actions[bot] over 1 year ago
Pull Requests | Issues | https://github.com/suzuki-shunsuke/ghalint/compare/v0.2.0...v0.2.1-1
Published by github-actions[bot] over 1 year ago
Pull Requests | Issues | https://github.com/suzuki-shunsuke/ghalint/compare/v0.1.2...v0.2.0
#27 #29 Support configuration file
#28 #29 Add a policy job_secrets
#26 workflow_permissions
: Allow a workflow to have permissions
if the workflow has only one job
#26 workflow_secrets
: Allow a workflow to have secrets in env
if the workflow has only one job
Published by github-actions[bot] over 1 year ago
Pull Requests | Issues | https://github.com/suzuki-shunsuke/ghalint/compare/v0.1.1...v0.1.2
#10 Allow a job doesn't have permissions if a workflow has empty permissions
⭕
permissions: {} # Set permissions
jobs:
hello:
runs-on: ubuntu-latest
steps:
- run: echo hello
❌
permissions: # Not empty
contents: read
jobs:
hello:
runs-on: ubuntu-latest
steps:
- run: echo hello
Published by github-actions[bot] over 1 year ago
Pull Requests | Issues | https://github.com/suzuki-shunsuke/ghalint/compare/v0.1.0...v0.1.1
#6 Clean up error logs
Published by github-actions[bot] over 1 year ago
Published by github-actions[bot] over 1 year ago
Pull Requests | Issues | https://github.com/suzuki-shunsuke/ghalint/compare/v0.1.0-1...v0.1.0-2
Published by github-actions[bot] over 1 year ago
Pull Requests | Issues | https://github.com/suzuki-shunsuke/ghalint/compare/...v0.1.0-1