151a6d5cab
Removed the "Debug Git Config" step from all workflows as it could potentially expose the GITHUB_TOKEN in logs (shown in git URL rewrites). Now that the workflows are passing with the HTTPS libsignal fix, this debug output is no longer needed. Addresses security concern raised by Copilot AI in PR #170. https://claude.ai/code/session_015R3U3kiprQiNTTNNt31Sg6
55 lines
1.5 KiB
YAML
55 lines
1.5 KiB
YAML
name: Build Project
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- master
|
|
pull_request:
|
|
|
|
jobs:
|
|
build:
|
|
runs-on: ubuntu-latest
|
|
timeout-minutes: 10
|
|
|
|
steps:
|
|
- uses: actions/checkout@v3
|
|
|
|
- name: Setup Node and Corepack
|
|
uses: actions/setup-node@v3.6.0
|
|
with:
|
|
node-version: 20.x
|
|
|
|
- name: Enable Corepack and Set Yarn Version
|
|
run: |
|
|
corepack enable
|
|
corepack prepare yarn@4.x --activate
|
|
|
|
- name: Configure Git for HTTPS
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
run: |
|
|
# Force git to use HTTPS with token instead of SSH for GitHub repositories
|
|
git config --global url."https://x-access-token:${GITHUB_TOKEN}@github.com/".insteadOf "ssh://git@github.com/"
|
|
git config --global url."https://x-access-token:${GITHUB_TOKEN}@github.com/".insteadOf "git@github.com:"
|
|
git config --global url."https://x-access-token:${GITHUB_TOKEN}@github.com/".insteadOf "https://github.com/"
|
|
|
|
- name: Restore Yarn Cache
|
|
uses: actions/cache@v4
|
|
id: yarn-cache
|
|
with:
|
|
path: |
|
|
node_modules
|
|
.yarn/install-state.gz
|
|
key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
|
|
restore-keys: |
|
|
${{ runner.os }}-yarn-
|
|
|
|
- name: Install dependencies
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
GIT_TERMINAL_PROMPT: 0
|
|
run: yarn install --immutable
|
|
|
|
- name: Build project
|
|
run: yarn build
|