alteropen/streamyfin
1
0
Fork 0
mirror of https://github.com/streamyfin/streamyfin.git synced 2026-06-05 13:38:27 +01:00
Code Issues Actions 6 Packages Projects Releases Wiki Activity
Files
7035c6f85347de2a05a57d86090b9ab42bd7cfa1
streamyfin/.github/workflows/conflict.yml
Gauvino 7035c6f853 chore(security): bump merge-conflict labeler to v3.1.0 and default-deny perms 
Pin eps1lon/actions-label-merge-conflict to v3.1.0 (0273be7) and add a
top-level permissions: {} so the workflow defaults to no permissions and the
job grants only contents:read and pull-requests:write.
2026-06-05 13:16:18 +02:00

32 lines
1.2 KiB
YAML
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

name: 🏷🔀Merge Conflict Labeler
on:
push:
branches: [develop]
# SECURITY: pull_request_target runs with the base repo's write token and secrets.
# This job only labels via the API and is safe ONLY because it never checks out or
# runs the PR head's code. NEVER add `actions/checkout` of the PR head (or any `run:`
# that interpolates PR-controlled data) to this workflow — that would turn it into a
# full repo-compromise vector.
pull_request_target:
branches: [develop]
types: [synchronize]
permissions: {}
jobs:
label:
name: 🏷️ Labeling Merge Conflicts
runs-on: ubuntu-24.04
if: ${{ github.repository == 'streamyfin/streamyfin' }}
permissions:
contents: read
pull-requests: write
steps:
- name: 🚩 Apply merge conflict label
uses: eps1lon/actions-label-merge-conflict@0273be72a0bbd58fcd71d0d6c02c209b50d1e5e1 # v3.1.0
with:
dirtyLabel: '⚔️ merge-conflict'
commentOnDirty: 'This pull request has merge conflicts. Please resolve the conflicts so the PR can be successfully reviewed and merged.'
repoToken: '${{ secrets.GITHUB_TOKEN }}'
Reference in New Issue View Git Blame Copy Permalink