Skip to content

Initialize pre-commit, GitHub CI/CD, and Dependabot standards#9

Merged
GianRomani merged 1 commit into
mainfrom
feature/ci-standards
Jul 14, 2026
Merged

Initialize pre-commit, GitHub CI/CD, and Dependabot standards#9
GianRomani merged 1 commit into
mainfrom
feature/ci-standards

Conversation

@GianRomani

Copy link
Copy Markdown
Owner

No description provided.

@netlify

netlify Bot commented Jul 14, 2026

Copy link
Copy Markdown

Deploy Preview for gianfree-notes ready!

Name Link
🔨 Latest commit 495daaa
🔍 Latest deploy log https://app.netlify.com/projects/gianfree-notes/deploys/6a5624ddf0c137000715a941
😎 Deploy Preview https://deploy-preview-9--gianfree-notes.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify project configuration.

@github-advanced-security

Copy link
Copy Markdown

You are seeing this message because GitHub Code Scanning has recently been set up for this repository, or this pull request contains the workflow file for the Code Scanning tool.

What Enabling Code Scanning Means:

  • The 'Security' tab will display more code scanning analysis results (e.g., for the default branch).
  • Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results.
  • You will be able to see the analysis results for the pull request's branch on this overview once the scans have completed and the checks have passed.

For more information about GitHub Code Scanning, check out the documentation.

Comment thread .github/dependabot.yml
Comment on lines +4 to +11
- package-ecosystem: "github-actions"
directory: "/"
schedule:
interval: "weekly"
groups:
actions-group:
patterns:
- "*"
Comment thread .github/dependabot.yml
Comment on lines +14 to +25
- package-ecosystem: "pip"
directory: "/"
schedule:
interval: "weekly"
# Groups minor/patch updates to prevent Pull Request fatigue
groups:
python-dependencies:
patterns:
- "*"
update-types:
- "patch"
- "minor"
Comment thread .github/workflows/ci.yml
runs-on: ubuntu-latest
steps:
- name: Checkout Code
uses: actions/checkout@v4
Comment thread .github/workflows/ci.yml
uses: actions/checkout@v4

- name: Lint GitHub Workflows (Prevents runner vulnerabilities)
uses: devops-actions/actionlint@v0.1.3
Comment thread .github/workflows/ci.yml
uses: devops-actions/actionlint@v0.1.3

- name: Set up Python (Using uv for ultra-fast package caching)
uses: astral-sh/setup-uv@v5
Comment thread .github/workflows/ci.yml
python-version: "3.12"

- name: Run Pre-Commit Hooks in CI
uses: pre-commit/action@v3.0.1
Comment thread .github/workflows/ci.yml
image: semgrep/semgrep:latest
steps:
- name: Checkout Code
uses: actions/checkout@v4
Comment thread .github/workflows/ci.yml
run: semgrep scan --config auto --sarif --output=semgrep-results.sarif .

- name: Upload Semgrep results to GitHub Security
uses: github/codeql-action/upload-sarif@v3
Comment thread .github/workflows/ci.yml
runs-on: ubuntu-latest
steps:
- name: Checkout Code
uses: actions/checkout@v4
Comment thread .github/workflows/ci.yml
severity: 'CRITICAL,HIGH'

- name: Upload Trivy results to GitHub Security
uses: github/codeql-action/upload-sarif@v3
@GianRomani
GianRomani force-pushed the feature/ci-standards branch from 4afd72d to 495daaa Compare July 14, 2026 12:00
@GianRomani
GianRomani merged commit 54cfb52 into main Jul 14, 2026
1 of 3 checks passed
@GianRomani
GianRomani deleted the feature/ci-standards branch July 14, 2026 12:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants