alteropen/streamyfin
1
0
Fork 0
mirror of https://github.com/streamyfin/streamyfin.git synced 2026-06-16 19:00:28 +01:00
Code Issues Actions 8 Packages Projects Releases Wiki Activity

ci: ARM Android runners, slimmer APK artifacts, Renovate-pinned tool versions (#1733)
Some checks are pending
🏗️ Build Apps / 🤖 Build Android APK (Phone) (push) Waiting to run
Details
🏗️ Build Apps / 🤖 Build Android APK (TV) (push) Waiting to run
Details
🏗️ Build Apps / 🍎 Build iOS IPA (Phone) (push) Waiting to run
Details
🏗️ Build Apps / 🍎 Build iOS IPA (Phone - Unsigned) (push) Waiting to run
Details
🏗️ Build Apps / 🍎 Build tvOS IPA (push) Waiting to run
Details
🏗️ Build Apps / 🍎 Build tvOS IPA (Unsigned) (push) Waiting to run
Details
🔒 Lockfile Consistency Check / 🔍 Check bun.lock and package.json consistency (push) Waiting to run
Details
🛡️ CodeQL Analysis / 🔎 Analyze with CodeQL (actions) (push) Waiting to run
Details
🛡️ CodeQL Analysis / 🔎 Analyze with CodeQL (javascript-typescript) (push) Waiting to run
Details
🏷️🔀Merge Conflict Labeler / 🏷️ Labeling Merge Conflicts (push) Waiting to run
Details
🌐 Translation Sync / sync-translations (push) Waiting to run
Details
🚦 Security & Quality Gate / 📝 Validate PR Title (push) Waiting to run
Details
🚦 Security & Quality Gate / 🔍 Vulnerable Dependencies (push) Waiting to run
Details
🚦 Security & Quality Gate / 🚑 Expo Doctor Check (push) Waiting to run
Details
🚦 Security & Quality Gate / 🔍 Lint & Test (check) (push) Waiting to run
Details
🚦 Security & Quality Gate / 🔍 Lint & Test (format) (push) Waiting to run
Details
🚦 Security & Quality Gate / 🔍 Lint & Test (i18n:check) (push) Waiting to run
Details
🚦 Security & Quality Gate / 🔍 Lint & Test (lint) (push) Waiting to run
Details
🚦 Security & Quality Gate / 🔍 Lint & Test (typecheck) (push) Waiting to run
Details
🛡️ Trivy Security Scan / 🔎 Filesystem scan (push) Waiting to run
Details

Browse Source
This commit is contained in:
Gauvain
2026-06-16 17:12:32 +02:00
committed by GitHub
parent 7a6daa011d
commit 434cb3bd39
15 changed files with 135 additions and 83 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
.github/workflows/trivy-scan.yml vendored
View File

@@ -21,7 +21,7 @@ concurrency:
jobs:
trivy:
name: 🔎 Filesystem scan
runs-on: ubuntu-24.04
runs-on: ubuntu-26.04
permissions:
contents: read
security-events: write # upload SARIF to code scanning
@@ -29,19 +29,9 @@ jobs:
- name: 📥 Checkout repository
uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
# Rotate the DB cache weekly (matches the scheduled scan): cache hits within the week
# instead of a fresh immutable entry per run, still refreshing the DB every week.
- name: 🗓️ Compute weekly Trivy cache key
id: trivy-cache-key
run: echo "value=trivy-db-${{ runner.os }}-$(date -u +%G-%V)" >> "$GITHUB_OUTPUT"
- name: 💾 Cache Trivy vulnerability DB
uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
with:
path: ~/.cache/trivy
key: ${{ steps.trivy-cache-key.outputs.value }}
restore-keys: trivy-db-${{ runner.os }}-
# Trivy's own action caches the vulnerability DB + binary internally
# (cache-trivy-* / trivy-binary-* entries), so no manual ~/.cache/trivy
# step is needed — it only duplicated the cache.
- name: 🔎 Run Trivy filesystem scan
uses: aquasecurity/trivy-action@ed142fd0673e97e23eac54620cfb913e5ce36c25 # v0.36.0
with: