chore(ci): Fix dependabot code scanning errors #121
Conversation
Dependabot pushes a branch to the repo and opens a pull request. The pull request workflow runs properly, but the push workflow fails because dependabot doesn't have access to a read/write GITHUB_TOKEN and doesn't have access to the repo secrets. The quick fix is telling CI not to run the push event workflow for branches that start with `dependabot/`.
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## master #121 +/- ##
=======================================
Coverage 92.18% 92.18%
=======================================
Files 1 1
Lines 64 64
=======================================
Hits 59 59
Misses 5 5 ☔ View full report in Codecov by Sentry. |
|
This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation. |
Motivation and Context
Dependabot pushes a branch to the repo and opens a pull request. The pull request workflow runs properly, but the push workflow fails because dependabot doesn't have access to a read/write GITHUB_TOKEN and doesn't have access to the repo secrets.
Description
The quick fix is telling CI not to run the push event workflow for branches that start with
dependabot/.