filamentphp/plugin-skeleton
Template
1
0
Fork 0
mirror of https://github.com/filamentphp/plugin-skeleton.git synced 2026-06-21 04:09:48 +08:00
Code Issues Packages Projects Releases Wiki Activity

Update security config

Browse Source
This commit is contained in:
Dan Harrin
2026-06-13 18:19:11 +01:00
parent 6b3e05614b
commit 43160e3947
8 changed files with 34 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
.github/dependabot.yml vendored
View File

@@ -1,16 +1,31 @@
# Please see the documentation for all configuration options:
# https://help.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
version: 2 version: 2
updates: updates:
- package-ecosystem: github-actions
- package-ecosystem: "github-actions" directory: /
directory: "/"
schedule: schedule:
interval: "weekly" interval: weekly
open-pull-requests-limit: 10 open-pull-requests-limit: 10
cooldown: cooldown:
default-days: 7 default-days: 7
labels: labels:
- "dependencies" - dependencies
- "github_actions"
- package-ecosystem: composer
directory: /
schedule:
interval: weekly
open-pull-requests-limit: 0
cooldown:
default-days: 7
labels:
- dependencies
- package-ecosystem: npm
directory: /
schedule:
interval: weekly
open-pull-requests-limit: 0
cooldown:
default-days: 7
labels:
- dependencies

4
.github/workflows/fix-code-style.yml vendored
View File

@@ -15,7 +15,7 @@ jobs:
# persist-credentials: true is required so `git-auto-commit-action` below # persist-credentials: true is required so `git-auto-commit-action` below
# can push the reformatted files back to the branch. # can push the reformatted files back to the branch.
- name: Checkout code - name: Checkout code
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 # zizmor: ignore[artipacked] uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 # zizmor: ignore[artipacked]
- name: Cache Composer dependencies - name: Cache Composer dependencies
uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5 uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
@@ -26,7 +26,7 @@ jobs:
composer-cs- composer-cs-
- name: Setup PHP - name: Setup PHP
uses: shivammathur/setup-php@accd6127cb78bee3e8082180cb391013d204ef9f # 2.37.0 uses: shivammathur/setup-php@7c071dfe9dc99bdf297fa79cb49ea005b9fcadbc # 2.37.1
with: with:
php-version: 8.3 php-version: 8.3

4
.github/workflows/phpstan.yml vendored
View File

@@ -30,7 +30,7 @@ jobs:
php: 8.1 php: 8.1
name: P${{ matrix.php }} - L${{ matrix.laravel }} - ${{ matrix.stability }} name: P${{ matrix.php }} - L${{ matrix.laravel }} - ${{ matrix.stability }}
steps: steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
with: with:
persist-credentials: false persist-credentials: false
@@ -52,7 +52,7 @@ jobs:
phpstan-${{ matrix.php }}-${{ matrix.laravel }}- phpstan-${{ matrix.php }}-${{ matrix.laravel }}-
- name: Setup PHP - name: Setup PHP
uses: shivammathur/setup-php@accd6127cb78bee3e8082180cb391013d204ef9f # 2.37.0 uses: shivammathur/setup-php@7c071dfe9dc99bdf297fa79cb49ea005b9fcadbc # 2.37.1
with: with:
php-version: ${{ matrix.php }} php-version: ${{ matrix.php }}
extensions: mbstring, pdo, pdo_sqlite extensions: mbstring, pdo, pdo_sqlite

4
.github/workflows/tests.yml vendored
View File

@@ -35,7 +35,7 @@ jobs:
name: P${{ matrix.php }} - L${{ matrix.laravel }} - ${{ matrix.stability }} - ${{ matrix.os }} name: P${{ matrix.php }} - L${{ matrix.laravel }} - ${{ matrix.stability }} - ${{ matrix.os }}
steps: steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
with: with:
persist-credentials: false persist-credentials: false
@@ -49,7 +49,7 @@ jobs:
composer-${{ matrix.os }}-${{ matrix.php }}- composer-${{ matrix.os }}-${{ matrix.php }}-
- name: Setup PHP - name: Setup PHP
uses: shivammathur/setup-php@accd6127cb78bee3e8082180cb391013d204ef9f # 2.37.0 uses: shivammathur/setup-php@7c071dfe9dc99bdf297fa79cb49ea005b9fcadbc # 2.37.1
with: with:
php-version: ${{ matrix.php }} php-version: ${{ matrix.php }}
extensions: dom, curl, libxml, mbstring, zip, pcntl, pdo, sqlite, pdo_sqlite, bcmath, soap, intl, gd, exif, iconv, imagick, fileinfo extensions: dom, curl, libxml, mbstring, zip, pcntl, pdo, sqlite, pdo_sqlite, bcmath, soap, intl, gd, exif, iconv, imagick, fileinfo

2
.github/workflows/update-changelog.yml vendored
View File

@@ -15,7 +15,7 @@ jobs:
# persist-credentials: true is required so `git-auto-commit-action` below # persist-credentials: true is required so `git-auto-commit-action` below
# can push the CHANGELOG update. # can push the CHANGELOG update.
- name: Checkout code - name: Checkout code
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 # zizmor: ignore[artipacked] uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 # zizmor: ignore[artipacked]
with: with:
ref: main ref: main

4
.github/workflows/zizmor.yml vendored
View File

@@ -19,10 +19,10 @@ jobs:
permissions: permissions:
contents: read contents: read
steps: steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
with: with:
persist-credentials: false persist-credentials: false
- uses: zizmorcore/zizmor-action@b1d7e1fb5de872772f31590499237e7cce841e8e # v0.5.3 - uses: zizmorcore/zizmor-action@5f14fd08f7cf1cb1609c1e344975f152c7ee938d # v0.5.6
with: with:
advanced-security: false advanced-security: false

1
.gitignore vendored
View File

@@ -3,7 +3,6 @@
.phpunit.result.cache .phpunit.result.cache
.vscode .vscode
build build
composer.lock
coverage coverage
docs docs
node_modules node_modules

1
.npmrc Normal file
View File

@@ -0,0 +1 @@
min-release-age=7