chore(deps): bump intl-messageformat from 11.2.9 to 11.2.11 #287
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CLA Assistant | |
| on: | |
| issue_comment: | |
| types: [created] | |
| pull_request_target: | |
| types: [opened, closed, synchronize] | |
| # Least-privilege default: read-only at the top level. The cla job escalates to | |
| # the writes it needs. pull_request_target runs in the base repo's context, so | |
| # the signature file can be written back from there. | |
| permissions: | |
| contents: read | |
| jobs: | |
| cla: | |
| name: check / record signature | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 10 | |
| # Scoped to this job only (not the whole workflow) so the elevated token is | |
| # never exposed to any future job added here. | |
| permissions: | |
| actions: write | |
| contents: write | |
| pull-requests: write | |
| statuses: write | |
| steps: | |
| - name: CLA Assistant | |
| if: > | |
| (github.event.comment.body == 'recheck' || | |
| github.event.comment.body == 'I have read the CLA Document and I hereby sign the CLA') || | |
| github.event_name == 'pull_request_target' | |
| # OpenMapX fork of the (archived) contributor-assistant/github-action, | |
| # bumped to the Node 24 runtime. See OpenMapX/cla-assistant-action. | |
| uses: OpenMapX/cla-assistant-action@3e864d0e9c7ec7a7fc4eb36e78ff857b1db7978c # v2.6.1-node24 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| # A classic PAT (repo scope) or fine-grained token with Contents:write | |
| # on the signatures repo. Store it as the CLA_SIGNATURES_TOKEN secret. | |
| PERSONAL_ACCESS_TOKEN: ${{ secrets.CLA_SIGNATURES_TOKEN }} | |
| with: | |
| path-to-document: https://github.com/OpenMapX/openmapx/blob/main/CLA.md | |
| # Where accepted signatures are recorded. Defaults to this repo; set | |
| # remote-organization-name / remote-repository-name to use a private | |
| # repo instead. | |
| path-to-signatures: signatures/cla/v1.json | |
| branch: cla-signatures | |
| create-file-commit-message: "chore(cla): create signature file" | |
| signed-commit-message: "chore(cla): $contributorName signed the CLA in #$pullRequestNo" | |
| custom-pr-sign-comment: I have read the CLA Document and I hereby sign the CLA | |
| custom-allsigned-prcomment: All contributors have signed the CLA. ✅ | |
| # Bots and the maintainer never need to sign. web-flow is GitHub's | |
| # committer identity for GPG-signed/web commits (e.g. dependabot's | |
| # signed commits), which the action checks alongside the author. | |
| allowlist: Medformatik,dependabot[bot],renovate[bot],web-flow,*[bot] |