4031041a4b
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.4 to 4.1.5. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p> <blockquote> <h2>v4.1.5</h2> <h2>What's Changed</h2> <ul> <li>Update NPM dependencies by <a href="https://github.com/cory-miller"><code>@âcory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1703">actions/checkout#1703</a></li> <li>Bump github/codeql-action from 2 to 3 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1694">actions/checkout#1694</a></li> <li>Bump actions/setup-node from 1 to 4 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1696">actions/checkout#1696</a></li> <li>Bump actions/upload-artifact from 2 to 4 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1695">actions/checkout#1695</a></li> <li>README: Suggest <code>user.email</code> to be <code>41898282+github-actions[bot]@users.noreply.github.com</code> by <a href="https://github.com/cory-miller"><code>@âcory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1707">actions/checkout#1707</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v4.1.4...v4.1.5">https://github.com/actions/checkout/compare/v4.1.4...v4.1.5</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="44c2b7a8a4"><code>44c2b7a</code></a> README: Suggest <code>user.email</code> to be `41898282+github-actions[bot]<a href="https://github.com/users"><code>@âusers</code></a>.norepl...</li> <li><a href="8459bc0c7e"><code>8459bc0</code></a> Bump actions/upload-artifact from 2 to 4 (<a href="https://redirect.github.com/actions/checkout/issues/1695">#1695</a>)</li> <li><a href="3f603f6d5e"><code>3f603f6</code></a> Bump actions/setup-node from 1 to 4 (<a href="https://redirect.github.com/actions/checkout/issues/1696">#1696</a>)</li> <li><a href="fd084cde18"><code>fd084cd</code></a> Bump github/codeql-action from 2 to 3 (<a href="https://redirect.github.com/actions/checkout/issues/1694">#1694</a>)</li> <li><a href="9c1e94e0ad"><code>9c1e94e</code></a> Update NPM dependencies (<a href="https://redirect.github.com/actions/checkout/issues/1703">#1703</a>)</li> <li>See full diff in <a href="0ad4b8fada...44c2b7a8a4">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
43 lines
1.2 KiB
YAML
43 lines
1.2 KiB
YAML
# Copyright 2023 The Flutter Authors. All rights reserved.
|
|
# Use of this source code is governed by a BSD-style license that can be
|
|
# found in the LICENSE file.
|
|
|
|
name: Minimal workflow to test github action token
|
|
|
|
on:
|
|
workflow_dispatch
|
|
|
|
permissions: write-all
|
|
|
|
jobs:
|
|
minimal_token_test:
|
|
name: minimal_token_test
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
contents: write
|
|
pull-requests: write
|
|
steps:
|
|
- name: Checkout Flutter Repo
|
|
uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b
|
|
with:
|
|
repository: flutter/flutter
|
|
token: ${{ github.token }}
|
|
path: flutter
|
|
ref: master
|
|
fetch-depth: 0
|
|
- name: Write a random file
|
|
run: |
|
|
cd flutter
|
|
touch empty.json
|
|
- name: Create Pull Request
|
|
uses: peter-evans/create-pull-request@6d6857d36972b65feb161a90e484f2984215f83e
|
|
with:
|
|
path: flutter
|
|
commit-message: blah
|
|
committer: GitHub <noreply@github.com>
|
|
token: ${{ secrets.FLUTTERACTIONSBOT_CP_TOKEN }}
|
|
labels: |
|
|
cp: review
|
|
title: '[github actions] testing purposes'
|
|
reviewers: xilaizhang
|