Google Git
Sign in
dart/external/github.com/flutter/buildroot/e256f5c0153dbde76c210a2715015c2ea5fe4cd2^!/.
commit
e256f5c0153dbde76c210a2715015c2ea5fe4cd2
[log]
author
Zachary Anderson <zanderso@users.noreply.github.com>
Mon Oct 14 11:00:24 2024 -0700
committer
GitHub <noreply@github.com>
Mon Oct 14 11:00:24 2024 -0700
tree
fd19885ff7c99b3980614232520e3b9e6eb03597
parent
c8f93f25a19cefaaeb64d4323e2fc8c9ccd20479 [diff]
Remove github actions from buildroot (#913)

Scorecard analysis doesn't make sense for this repo as this repo is only
functional when checked out together with the engine repo. We should
re-evaluate scorecard analysis after la grande fusion. This PR also
deletes the depandabot stuff since it was only being used to update the
scorecard analysis github action.
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
deleted file mode 100644
index e8b3e6c..0000000
--- a/.github/dependabot.yml
+++ /dev/null

@@ -1,11 +0,0 @@
-# See Dependabot documentation for all configuration options:
-# https://help.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
-
-version: 2
-updates:
-  - package-ecosystem: "github-actions"
-    directory: "/"
-    schedule:
-      interval: "daily"
-    labels:
-      - "autosubmit"

diff --git a/.github/workflows/scorecards-analysis.yml b/.github/workflows/scorecards-analysis.yml
deleted file mode 100644
index 5e8a2f7..0000000
--- a/.github/workflows/scorecards-analysis.yml
+++ /dev/null

@@ -1,56 +0,0 @@
-name: Scorecards supply-chain security
-on:
-  # Only the default branch is supported.
-  branch_protection_rule:
-  push:
-    branches: [ master ]
-
-# Declare default permissions as read only.
-permissions: read-all
-
-jobs:
-  analysis:
-    name: Scorecards analysis
-    runs-on: ubuntu-latest
-    if: ${{ github.repository == 'flutter/buildroot' }}
-    permissions:
-      # Needed to upload the results to code-scanning dashboard.
-      security-events: write
-      actions: read
-      contents: read
-      # Needed to access OIDC token.
-      id-token: write
-
-    steps:
-      - name: "Checkout code"
-        uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871
-        with:
-          persist-credentials: false
-
-      - name: "Run analysis"
-        uses: ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46
-        with:
-          results_file: results.sarif
-          results_format: sarif
-          # Read-only PAT token. To create it,
-          # follow the steps in https://github.com/ossf/scorecard-action#pat-token-creation.
-          repo_token: ${{ secrets.SCORECARD_READ_TOKEN }}
-          # Publish the results to enable scorecard badges. For more details, see
-          # https://github.com/ossf/scorecard-action#publishing-results.
-          # For private repositories, `publish_results` will automatically be set to `false`,
-          # regardless of the value entered here.
-          publish_results: true
-
-      # Upload the results as artifacts (optional).
-      - name: "Upload artifact"
-        uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882
-        with:
-          name: SARIF file
-          path: results.sarif
-          retention-days: 5
-
-      # Upload the results to GitHub's code scanning dashboard.
-      - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@c36620d31ac7c881962c3d9dd939c40ec9434f2b
-        with:
-          sarif_file: results.sarif