diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000000..90ca761682 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,13 @@ +# To get started with Dependabot version updates, you'll need to specify which +# package ecosystems to update and where the package manifests are located. +# Please see the documentation for all configuration options: +# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file + +version: 2 +updates: + - package-ecosystem: "gradle" # See documentation for possible values + directories: + - "/utbot-intellij" + - "/utbot-framework" + schedule: + interval: "weekly" diff --git a/.github/workflows/build-and-run-tests-from-branch.yml b/.github/workflows/build-and-run-tests-from-branch.yml index 0d7155d9fb..f93be3be31 100644 --- a/.github/workflows/build-and-run-tests-from-branch.yml +++ b/.github/workflows/build-and-run-tests-from-branch.yml @@ -1,5 +1,7 @@ name: "[M] UTBot Java: build and run tests" +permissions: read-all + on: workflow_dispatch: inputs: @@ -42,6 +44,7 @@ env: jobs: prepare-matrices: + permissions: read-all runs-on: ubuntu-latest # Outputs are used for passing data to dependent jobs. outputs: @@ -72,6 +75,7 @@ jobs: framework-tests: + permissions: read-all needs: prepare-matrices # Using matrices let create multiple jobs runs based on the combinations of the variables from matrices. # https://docs.github.com/en/actions/using-jobs/using-a-matrix-for-your-jobs @@ -161,6 +165,7 @@ jobs: spring-tests: + permissions: read-all runs-on: ubuntu-20.04 container: image: unittestbot/java-env:java17-zulu-jdk-gradle7.6.1-kotlinc1.8.0 diff --git a/.github/workflows/build-and-run-tests.yml b/.github/workflows/build-and-run-tests.yml index 0779d05638..51d5a8b330 100644 --- a/.github/workflows/build-and-run-tests.yml +++ b/.github/workflows/build-and-run-tests.yml @@ -1,5 +1,7 @@ name: "UTBot Java: build and run tests" +permissions: read-all + on: push: branches: diff --git a/.github/workflows/collect-statistics.yml b/.github/workflows/collect-statistics.yml index ff10bd2906..e330927f95 100644 --- a/.github/workflows/collect-statistics.yml +++ b/.github/workflows/collect-statistics.yml @@ -1,5 +1,7 @@ name: "[M] UTBot Java: collect statistics" +permissions: read-all + on: workflow_call: inputs: diff --git a/.github/workflows/issue-to-project.yml b/.github/workflows/issue-to-project.yml index 3a0b7edb3a..fc53eb2da5 100644 --- a/.github/workflows/issue-to-project.yml +++ b/.github/workflows/issue-to-project.yml @@ -1,5 +1,7 @@ name: Add issues to UTBot Java project +permissions: read-all + on: issues: types: diff --git a/.github/workflows/night-statistics-monitoring.yml b/.github/workflows/night-statistics-monitoring.yml index 99af44d6ac..b0b134521f 100644 --- a/.github/workflows/night-statistics-monitoring.yml +++ b/.github/workflows/night-statistics-monitoring.yml @@ -1,5 +1,7 @@ name: "UTBot Java: night statistics monitoring" +permissions: read-all + on: schedule: - cron: '0 0 * * *' diff --git a/.github/workflows/public-rider-plugin.yml b/.github/workflows/public-rider-plugin.yml index a2f28de7ea..587a7cf7bb 100644 --- a/.github/workflows/public-rider-plugin.yml +++ b/.github/workflows/public-rider-plugin.yml @@ -2,6 +2,8 @@ name: Publish Rider plugin +permissions: read-all + # Controls when the action will run. Workflow runs when manually triggered using the UI # or API. on: diff --git a/.github/workflows/publish-cli-from-branch.yml b/.github/workflows/publish-cli-from-branch.yml index 0f2256a242..217407d92e 100644 --- a/.github/workflows/publish-cli-from-branch.yml +++ b/.github/workflows/publish-cli-from-branch.yml @@ -1,5 +1,7 @@ name: "[M] CLI: publish as archive" +permissions: read-all + on: workflow_call: inputs: diff --git a/.github/workflows/publish-cli-image-from-branch.yml b/.github/workflows/publish-cli-image-from-branch.yml index 1c01fb85ff..d53b47dd87 100644 --- a/.github/workflows/publish-cli-image-from-branch.yml +++ b/.github/workflows/publish-cli-image-from-branch.yml @@ -1,5 +1,7 @@ name: "[M] CLI: publish docker image" +permissions: read-all + on: workflow_call: workflow_dispatch: diff --git a/.github/workflows/publish-on-github-packages.yml b/.github/workflows/publish-on-github-packages.yml index ff3becd8f9..31bbbfd47f 100644 --- a/.github/workflows/publish-on-github-packages.yml +++ b/.github/workflows/publish-on-github-packages.yml @@ -1,5 +1,7 @@ name: "[M] Publish on GitHub Packages" +permissions: read-all + on: workflow_dispatch: inputs: diff --git a/.github/workflows/publish-plugin-from-branch.yml b/.github/workflows/publish-plugin-from-branch.yml index 755ade4a60..7fcb8c56c6 100644 --- a/.github/workflows/publish-plugin-from-branch.yml +++ b/.github/workflows/publish-plugin-from-branch.yml @@ -1,5 +1,7 @@ name: "[M] Plugin: publish as archive" +permissions: read-all + on: workflow_call: inputs: diff --git a/.github/workflows/run-chosen-tests-from-branch.yml b/.github/workflows/run-chosen-tests-from-branch.yml index e1304d5c5e..2e24f6fbd1 100644 --- a/.github/workflows/run-chosen-tests-from-branch.yml +++ b/.github/workflows/run-chosen-tests-from-branch.yml @@ -1,5 +1,7 @@ name: "[M] Run chosen tests" +permissions: read-all + on: workflow_dispatch: inputs: