Bump actions/dependency-review-action from 4.1.1 to 4.1.2 #25
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: First Pull Request | |
on: | |
pull_request_target: | |
types: | |
- opened | |
permissions: | |
contents: read | |
jobs: | |
welcome: | |
name: Welcome | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
pull-requests: write | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 | |
with: | |
disable-sudo: true | |
egress-policy: block | |
allowed-endpoints: > | |
api.github.com:443 | |
- uses: actions/[email protected] | |
with: | |
script: | | |
// Get a list of all issues created by the PR opener | |
// See: https://octokit.github.io/rest.js/#pagination | |
const creator = context.payload.sender.login | |
const opts = github.rest.issues.listForRepo.endpoint.merge({ | |
...context.issue, | |
creator, | |
state: 'all' | |
}) | |
const issues = await github.paginate(opts) | |
for (const issue of issues) { | |
if (issue.number === context.issue.number) { | |
continue | |
} | |
if (issue.pull_request) { | |
return // Creator is already a contributor. | |
} | |
} | |
await github.rest.issues.createComment({ | |
issue_number: context.issue.number, | |
owner: context.repo.owner, | |
repo: context.repo.repo, | |
body: `**Welcome**, new contributor! | |
It appears that this is your first Pull Request. To give credit where it's due, we ask that you add your information to the \`AUTHORS.rst\` and \`.zenodo.json\`: | |
- [ ] The relevant author information has been added to \`AUTHORS.rst\` and \`.zenodo.json\`. | |
Please make sure you've read our [contributing guide](CONTRIBUTING.rst). We look forward to reviewing your Pull Request shortly ✨` | |
}) |