Skip to content

Bump github/codeql-action from 3.26.10 to 3.28.0 #419

Bump github/codeql-action from 3.26.10 to 3.28.0

Bump github/codeql-action from 3.26.10 to 3.28.0 #419

---
name: Enforce Version Pinning
on:
pull_request:
branches:
- main
permissions: {}
jobs:
enforce-version-pinning:
name: Enforce Version Pinning
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Check for pinned versions in requirements.txt
run: |
if grep -q -v '==' requirements.txt; then
echo "Unpinned dependencies found in requirements.txt"
echo "❌ Unpinned dependencies found in requirements.txt"
exit 1
else
echo "✅ All dependencies are correctly pinned."
fi
- name: Check for pinned versions in package.json
run: |
UNPINNED=$(grep -E '"[^"]+": "\^|~' package.json || true)
if [ -n "$UNPINNED" ]; then
echo "❌ Unpinned dependencies found in package.json:"
echo "$UNPINNED"
exit 1
else
echo "✅ All dependencies are correctly pinned."
fi