diff --git a/.github/workflows/__all-platform-bundle.yml b/.github/workflows/__all-platform-bundle.yml index 4139ede4fe..499b123165 100644 --- a/.github/workflows/__all-platform-bundle.yml +++ b/.github/workflows/__all-platform-bundle.yml @@ -49,6 +49,7 @@ jobs: - os: ubuntu-latest version: nightly-latest name: All-platform bundle + if: github.triggering_actor != 'dependabot[bot]' permissions: contents: read security-events: read diff --git a/.github/workflows/__analyze-ref-input.yml b/.github/workflows/__analyze-ref-input.yml index 8f6208b8e2..2159072adf 100644 --- a/.github/workflows/__analyze-ref-input.yml +++ b/.github/workflows/__analyze-ref-input.yml @@ -53,6 +53,7 @@ jobs: - os: windows-latest version: default name: "Analyze: 'ref' and 'sha' from inputs" + if: github.triggering_actor != 'dependabot[bot]' permissions: contents: read security-events: read diff --git a/.github/workflows/__autobuild-action.yml b/.github/workflows/__autobuild-action.yml index c623ca25f1..c315763391 100644 --- a/.github/workflows/__autobuild-action.yml +++ b/.github/workflows/__autobuild-action.yml @@ -43,6 +43,7 @@ jobs: - os: windows-latest version: linked name: autobuild-action + if: github.triggering_actor != 'dependabot[bot]' permissions: contents: read security-events: read diff --git a/.github/workflows/__autobuild-direct-tracing-with-working-dir.yml b/.github/workflows/__autobuild-direct-tracing-with-working-dir.yml index a0e3d66440..c1de5c19de 100644 --- a/.github/workflows/__autobuild-direct-tracing-with-working-dir.yml +++ b/.github/workflows/__autobuild-direct-tracing-with-working-dir.yml @@ -55,6 +55,7 @@ jobs: - os: windows-latest version: nightly-latest name: Autobuild direct tracing (custom working directory) + if: github.triggering_actor != 'dependabot[bot]' permissions: contents: read security-events: read diff --git a/.github/workflows/__autobuild-direct-tracing.yml b/.github/workflows/__autobuild-direct-tracing.yml index aed873e573..9294edfb84 100644 --- a/.github/workflows/__autobuild-direct-tracing.yml +++ b/.github/workflows/__autobuild-direct-tracing.yml @@ -55,6 +55,7 @@ jobs: - os: windows-latest version: nightly-latest name: Autobuild direct tracing + if: github.triggering_actor != 'dependabot[bot]' permissions: contents: read security-events: read diff --git a/.github/workflows/__build-mode-autobuild.yml b/.github/workflows/__build-mode-autobuild.yml index e24c170cfa..a6e880cf00 100644 --- a/.github/workflows/__build-mode-autobuild.yml +++ b/.github/workflows/__build-mode-autobuild.yml @@ -39,6 +39,7 @@ jobs: - os: ubuntu-latest version: nightly-latest name: Build mode autobuild + if: github.triggering_actor != 'dependabot[bot]' permissions: contents: read security-events: read diff --git a/.github/workflows/__build-mode-manual.yml b/.github/workflows/__build-mode-manual.yml index 398b8a8312..e0dc25f889 100644 --- a/.github/workflows/__build-mode-manual.yml +++ b/.github/workflows/__build-mode-manual.yml @@ -49,6 +49,7 @@ jobs: - os: ubuntu-latest version: nightly-latest name: Build mode manual + if: github.triggering_actor != 'dependabot[bot]' permissions: contents: read security-events: read diff --git a/.github/workflows/__build-mode-none.yml b/.github/workflows/__build-mode-none.yml index 98f3a2d31f..7584f90650 100644 --- a/.github/workflows/__build-mode-none.yml +++ b/.github/workflows/__build-mode-none.yml @@ -41,6 +41,7 @@ jobs: - os: ubuntu-latest version: nightly-latest name: Build mode none + if: github.triggering_actor != 'dependabot[bot]' permissions: contents: read security-events: read diff --git a/.github/workflows/__build-mode-rollback.yml b/.github/workflows/__build-mode-rollback.yml index 64b45fade6..c1f3ccd0c2 100644 --- a/.github/workflows/__build-mode-rollback.yml +++ b/.github/workflows/__build-mode-rollback.yml @@ -39,6 +39,7 @@ jobs: - os: ubuntu-latest version: nightly-latest name: Build mode rollback + if: github.triggering_actor != 'dependabot[bot]' permissions: contents: read security-events: read diff --git a/.github/workflows/__bundle-toolcache.yml b/.github/workflows/__bundle-toolcache.yml index 0e551b4e12..de3826b656 100644 --- a/.github/workflows/__bundle-toolcache.yml +++ b/.github/workflows/__bundle-toolcache.yml @@ -43,6 +43,7 @@ jobs: - os: windows-latest version: linked name: 'Bundle: Caching checks' + if: github.triggering_actor != 'dependabot[bot]' permissions: contents: read security-events: read diff --git a/.github/workflows/__bundle-zstd.yml b/.github/workflows/__bundle-zstd.yml index 4e4ab24738..0139fdc140 100644 --- a/.github/workflows/__bundle-zstd.yml +++ b/.github/workflows/__bundle-zstd.yml @@ -43,6 +43,7 @@ jobs: - os: windows-latest version: linked name: 'Bundle: Zstandard checks' + if: github.triggering_actor != 'dependabot[bot]' permissions: contents: read security-events: read diff --git a/.github/workflows/__cleanup-db-cluster-dir.yml b/.github/workflows/__cleanup-db-cluster-dir.yml index 6bd5f79b6e..dfe53c67ce 100644 --- a/.github/workflows/__cleanup-db-cluster-dir.yml +++ b/.github/workflows/__cleanup-db-cluster-dir.yml @@ -39,6 +39,7 @@ jobs: - os: ubuntu-latest version: linked name: Clean up database cluster directory + if: github.triggering_actor != 'dependabot[bot]' permissions: contents: read security-events: read diff --git a/.github/workflows/__config-export.yml b/.github/workflows/__config-export.yml index 6b4bd49b3d..1b89d3a186 100644 --- a/.github/workflows/__config-export.yml +++ b/.github/workflows/__config-export.yml @@ -49,6 +49,7 @@ jobs: - os: windows-latest version: nightly-latest name: Config export + if: github.triggering_actor != 'dependabot[bot]' permissions: contents: read security-events: read diff --git a/.github/workflows/__config-input.yml b/.github/workflows/__config-input.yml index aa1ed32ec9..30b2cfaec3 100644 --- a/.github/workflows/__config-input.yml +++ b/.github/workflows/__config-input.yml @@ -39,6 +39,7 @@ jobs: - os: ubuntu-latest version: linked name: Config input + if: github.triggering_actor != 'dependabot[bot]' permissions: contents: read security-events: read diff --git a/.github/workflows/__cpp-deptrace-disabled.yml b/.github/workflows/__cpp-deptrace-disabled.yml index 92a7635adb..1221592366 100644 --- a/.github/workflows/__cpp-deptrace-disabled.yml +++ b/.github/workflows/__cpp-deptrace-disabled.yml @@ -43,6 +43,7 @@ jobs: - os: ubuntu-latest version: nightly-latest name: 'C/C++: disabling autoinstalling dependencies (Linux)' + if: github.triggering_actor != 'dependabot[bot]' permissions: contents: read security-events: read diff --git a/.github/workflows/__cpp-deptrace-enabled-on-macos.yml b/.github/workflows/__cpp-deptrace-enabled-on-macos.yml index 1852b43059..b9669b8703 100644 --- a/.github/workflows/__cpp-deptrace-enabled-on-macos.yml +++ b/.github/workflows/__cpp-deptrace-enabled-on-macos.yml @@ -41,6 +41,7 @@ jobs: - os: macos-latest version: nightly-latest name: 'C/C++: autoinstalling dependencies is skipped (macOS)' + if: github.triggering_actor != 'dependabot[bot]' permissions: contents: read security-events: read diff --git a/.github/workflows/__cpp-deptrace-enabled.yml b/.github/workflows/__cpp-deptrace-enabled.yml index 88a79b6a74..bf155a64d2 100644 --- a/.github/workflows/__cpp-deptrace-enabled.yml +++ b/.github/workflows/__cpp-deptrace-enabled.yml @@ -43,6 +43,7 @@ jobs: - os: ubuntu-latest version: nightly-latest name: 'C/C++: autoinstalling dependencies (Linux)' + if: github.triggering_actor != 'dependabot[bot]' permissions: contents: read security-events: read diff --git a/.github/workflows/__diagnostics-export.yml b/.github/workflows/__diagnostics-export.yml index 16a31e3501..f9f29ff4fa 100644 --- a/.github/workflows/__diagnostics-export.yml +++ b/.github/workflows/__diagnostics-export.yml @@ -49,6 +49,7 @@ jobs: - os: windows-latest version: nightly-latest name: Diagnostic export + if: github.triggering_actor != 'dependabot[bot]' permissions: contents: read security-events: read diff --git a/.github/workflows/__export-file-baseline-information.yml b/.github/workflows/__export-file-baseline-information.yml index cc1565b2cf..b2d9b72c74 100644 --- a/.github/workflows/__export-file-baseline-information.yml +++ b/.github/workflows/__export-file-baseline-information.yml @@ -53,6 +53,7 @@ jobs: - os: windows-latest version: nightly-latest name: Export file baseline information + if: github.triggering_actor != 'dependabot[bot]' permissions: contents: read security-events: read diff --git a/.github/workflows/__extractor-ram-threads.yml b/.github/workflows/__extractor-ram-threads.yml index df05dff46a..2d8316f52a 100644 --- a/.github/workflows/__extractor-ram-threads.yml +++ b/.github/workflows/__extractor-ram-threads.yml @@ -39,6 +39,7 @@ jobs: - os: ubuntu-latest version: linked name: Extractor ram and threads options test + if: github.triggering_actor != 'dependabot[bot]' permissions: contents: read security-events: read diff --git a/.github/workflows/__go-custom-queries.yml b/.github/workflows/__go-custom-queries.yml index c124889aaf..1b5b7b9150 100644 --- a/.github/workflows/__go-custom-queries.yml +++ b/.github/workflows/__go-custom-queries.yml @@ -51,6 +51,7 @@ jobs: - os: ubuntu-latest version: nightly-latest name: 'Go: Custom queries' + if: github.triggering_actor != 'dependabot[bot]' permissions: contents: read security-events: read diff --git a/.github/workflows/__go-indirect-tracing-workaround-diagnostic.yml b/.github/workflows/__go-indirect-tracing-workaround-diagnostic.yml index f7efcc894e..061ad42549 100644 --- a/.github/workflows/__go-indirect-tracing-workaround-diagnostic.yml +++ b/.github/workflows/__go-indirect-tracing-workaround-diagnostic.yml @@ -49,6 +49,7 @@ jobs: - os: ubuntu-latest version: default name: 'Go: diagnostic when Go is changed after init step' + if: github.triggering_actor != 'dependabot[bot]' permissions: contents: read security-events: read diff --git a/.github/workflows/__go-indirect-tracing-workaround-no-file-program.yml b/.github/workflows/__go-indirect-tracing-workaround-no-file-program.yml index 978456d8e7..0a347c65c7 100644 --- a/.github/workflows/__go-indirect-tracing-workaround-no-file-program.yml +++ b/.github/workflows/__go-indirect-tracing-workaround-no-file-program.yml @@ -49,6 +49,7 @@ jobs: - os: ubuntu-latest version: default name: 'Go: diagnostic when `file` is not installed' + if: github.triggering_actor != 'dependabot[bot]' permissions: contents: read security-events: read diff --git a/.github/workflows/__go-indirect-tracing-workaround.yml b/.github/workflows/__go-indirect-tracing-workaround.yml index d431981532..bb811d4d51 100644 --- a/.github/workflows/__go-indirect-tracing-workaround.yml +++ b/.github/workflows/__go-indirect-tracing-workaround.yml @@ -49,6 +49,7 @@ jobs: - os: ubuntu-latest version: default name: 'Go: workaround for indirect tracing' + if: github.triggering_actor != 'dependabot[bot]' permissions: contents: read security-events: read diff --git a/.github/workflows/__go-tracing-autobuilder.yml b/.github/workflows/__go-tracing-autobuilder.yml index 582d6e8b5a..6d4cc91cc9 100644 --- a/.github/workflows/__go-tracing-autobuilder.yml +++ b/.github/workflows/__go-tracing-autobuilder.yml @@ -83,6 +83,7 @@ jobs: - os: macos-latest version: nightly-latest name: 'Go: tracing with autobuilder step' + if: github.triggering_actor != 'dependabot[bot]' permissions: contents: read security-events: read diff --git a/.github/workflows/__go-tracing-custom-build-steps.yml b/.github/workflows/__go-tracing-custom-build-steps.yml index a0ecd76a3e..634b074c08 100644 --- a/.github/workflows/__go-tracing-custom-build-steps.yml +++ b/.github/workflows/__go-tracing-custom-build-steps.yml @@ -83,6 +83,7 @@ jobs: - os: macos-latest version: nightly-latest name: 'Go: tracing with custom build steps' + if: github.triggering_actor != 'dependabot[bot]' permissions: contents: read security-events: read diff --git a/.github/workflows/__go-tracing-legacy-workflow.yml b/.github/workflows/__go-tracing-legacy-workflow.yml index 5deabbd06b..8168e3b108 100644 --- a/.github/workflows/__go-tracing-legacy-workflow.yml +++ b/.github/workflows/__go-tracing-legacy-workflow.yml @@ -83,6 +83,7 @@ jobs: - os: macos-latest version: nightly-latest name: 'Go: tracing with legacy workflow' + if: github.triggering_actor != 'dependabot[bot]' permissions: contents: read security-events: read diff --git a/.github/workflows/__init-with-registries.yml b/.github/workflows/__init-with-registries.yml index f570a05e0f..5d98643b09 100644 --- a/.github/workflows/__init-with-registries.yml +++ b/.github/workflows/__init-with-registries.yml @@ -55,6 +55,7 @@ jobs: - os: windows-latest version: nightly-latest name: 'Packaging: Download using registries' + if: github.triggering_actor != 'dependabot[bot]' permissions: contents: read packages: read diff --git a/.github/workflows/__javascript-source-root.yml b/.github/workflows/__javascript-source-root.yml index f0e66bf322..e6c883966e 100644 --- a/.github/workflows/__javascript-source-root.yml +++ b/.github/workflows/__javascript-source-root.yml @@ -43,6 +43,7 @@ jobs: - os: ubuntu-latest version: nightly-latest name: Custom source root + if: github.triggering_actor != 'dependabot[bot]' permissions: contents: read security-events: read diff --git a/.github/workflows/__job-run-uuid-sarif.yml b/.github/workflows/__job-run-uuid-sarif.yml index 50539d5e91..4df3b0d1ca 100644 --- a/.github/workflows/__job-run-uuid-sarif.yml +++ b/.github/workflows/__job-run-uuid-sarif.yml @@ -39,6 +39,7 @@ jobs: - os: ubuntu-latest version: nightly-latest name: Job run UUID added to SARIF + if: github.triggering_actor != 'dependabot[bot]' permissions: contents: read security-events: read diff --git a/.github/workflows/__language-aliases.yml b/.github/workflows/__language-aliases.yml index 99db1af543..5f95caa131 100644 --- a/.github/workflows/__language-aliases.yml +++ b/.github/workflows/__language-aliases.yml @@ -39,6 +39,7 @@ jobs: - os: ubuntu-latest version: linked name: Language aliases + if: github.triggering_actor != 'dependabot[bot]' permissions: contents: read security-events: read diff --git a/.github/workflows/__multi-language-autodetect.yml b/.github/workflows/__multi-language-autodetect.yml index b0f41fcee3..ee5d10c818 100644 --- a/.github/workflows/__multi-language-autodetect.yml +++ b/.github/workflows/__multi-language-autodetect.yml @@ -83,6 +83,7 @@ jobs: - os: ubuntu-latest version: nightly-latest name: Multi-language repository + if: github.triggering_actor != 'dependabot[bot]' permissions: contents: read security-events: read diff --git a/.github/workflows/__overlay-init-fallback.yml b/.github/workflows/__overlay-init-fallback.yml index c1fdaaf0ac..d85e58aa17 100644 --- a/.github/workflows/__overlay-init-fallback.yml +++ b/.github/workflows/__overlay-init-fallback.yml @@ -41,6 +41,7 @@ jobs: - os: ubuntu-latest version: nightly-latest name: Overlay database init fallback + if: github.triggering_actor != 'dependabot[bot]' permissions: contents: read security-events: read diff --git a/.github/workflows/__packaging-codescanning-config-inputs-js.yml b/.github/workflows/__packaging-codescanning-config-inputs-js.yml index 530a5f2c8b..8917e4a0eb 100644 --- a/.github/workflows/__packaging-codescanning-config-inputs-js.yml +++ b/.github/workflows/__packaging-codescanning-config-inputs-js.yml @@ -65,6 +65,7 @@ jobs: - os: windows-latest version: nightly-latest name: 'Packaging: Config and input passed to the CLI' + if: github.triggering_actor != 'dependabot[bot]' permissions: contents: read security-events: read diff --git a/.github/workflows/__packaging-config-inputs-js.yml b/.github/workflows/__packaging-config-inputs-js.yml index aa3587022c..777683b0f3 100644 --- a/.github/workflows/__packaging-config-inputs-js.yml +++ b/.github/workflows/__packaging-config-inputs-js.yml @@ -65,6 +65,7 @@ jobs: - os: windows-latest version: nightly-latest name: 'Packaging: Config and input' + if: github.triggering_actor != 'dependabot[bot]' permissions: contents: read security-events: read diff --git a/.github/workflows/__packaging-config-js.yml b/.github/workflows/__packaging-config-js.yml index 84b7316381..d1abda7e3a 100644 --- a/.github/workflows/__packaging-config-js.yml +++ b/.github/workflows/__packaging-config-js.yml @@ -65,6 +65,7 @@ jobs: - os: windows-latest version: nightly-latest name: 'Packaging: Config file' + if: github.triggering_actor != 'dependabot[bot]' permissions: contents: read security-events: read diff --git a/.github/workflows/__packaging-inputs-js.yml b/.github/workflows/__packaging-inputs-js.yml index c5017c9b4d..711a600bc0 100644 --- a/.github/workflows/__packaging-inputs-js.yml +++ b/.github/workflows/__packaging-inputs-js.yml @@ -65,6 +65,7 @@ jobs: - os: windows-latest version: nightly-latest name: 'Packaging: Action input' + if: github.triggering_actor != 'dependabot[bot]' permissions: contents: read security-events: read diff --git a/.github/workflows/__quality-queries.yml b/.github/workflows/__quality-queries.yml index 229bc33877..1b5cd0c393 100644 --- a/.github/workflows/__quality-queries.yml +++ b/.github/workflows/__quality-queries.yml @@ -91,6 +91,7 @@ jobs: version: nightly-latest analysis-kinds: code-scanning,code-quality name: Quality queries input + if: github.triggering_actor != 'dependabot[bot]' permissions: contents: read security-events: read diff --git a/.github/workflows/__remote-config.yml b/.github/workflows/__remote-config.yml index 04c1038458..fb76dbc676 100644 --- a/.github/workflows/__remote-config.yml +++ b/.github/workflows/__remote-config.yml @@ -51,6 +51,7 @@ jobs: - os: ubuntu-latest version: nightly-latest name: Remote config file + if: github.triggering_actor != 'dependabot[bot]' permissions: contents: read security-events: read diff --git a/.github/workflows/__resolve-environment-action.yml b/.github/workflows/__resolve-environment-action.yml index f7ca252762..7ddd6e663d 100644 --- a/.github/workflows/__resolve-environment-action.yml +++ b/.github/workflows/__resolve-environment-action.yml @@ -55,6 +55,7 @@ jobs: - os: windows-latest version: nightly-latest name: Resolve environment + if: github.triggering_actor != 'dependabot[bot]' permissions: contents: read security-events: read diff --git a/.github/workflows/__rubocop-multi-language.yml b/.github/workflows/__rubocop-multi-language.yml index 200a06b323..48694e902c 100644 --- a/.github/workflows/__rubocop-multi-language.yml +++ b/.github/workflows/__rubocop-multi-language.yml @@ -39,6 +39,7 @@ jobs: - os: ubuntu-latest version: default name: RuboCop multi-language + if: github.triggering_actor != 'dependabot[bot]' permissions: contents: read security-events: read diff --git a/.github/workflows/__ruby.yml b/.github/workflows/__ruby.yml index be9fac76ee..769a119253 100644 --- a/.github/workflows/__ruby.yml +++ b/.github/workflows/__ruby.yml @@ -49,6 +49,7 @@ jobs: - os: macos-latest version: nightly-latest name: Ruby analysis + if: github.triggering_actor != 'dependabot[bot]' permissions: contents: read security-events: read diff --git a/.github/workflows/__rust.yml b/.github/workflows/__rust.yml index c1254ba2ce..d788e5226d 100644 --- a/.github/workflows/__rust.yml +++ b/.github/workflows/__rust.yml @@ -47,6 +47,7 @@ jobs: - os: ubuntu-latest version: nightly-latest name: Rust analysis + if: github.triggering_actor != 'dependabot[bot]' permissions: contents: read security-events: read diff --git a/.github/workflows/__split-workflow.yml b/.github/workflows/__split-workflow.yml index 4302178530..e916b36ccc 100644 --- a/.github/workflows/__split-workflow.yml +++ b/.github/workflows/__split-workflow.yml @@ -59,6 +59,7 @@ jobs: - os: macos-latest version: nightly-latest name: Split workflow + if: github.triggering_actor != 'dependabot[bot]' permissions: contents: read security-events: read diff --git a/.github/workflows/__start-proxy.yml b/.github/workflows/__start-proxy.yml index b42dd061a9..26f1184608 100644 --- a/.github/workflows/__start-proxy.yml +++ b/.github/workflows/__start-proxy.yml @@ -43,6 +43,7 @@ jobs: - os: windows-latest version: linked name: Start proxy + if: github.triggering_actor != 'dependabot[bot]' permissions: contents: read security-events: read diff --git a/.github/workflows/__submit-sarif-failure.yml b/.github/workflows/__submit-sarif-failure.yml index 3bd3e71cfa..7383b52a8d 100644 --- a/.github/workflows/__submit-sarif-failure.yml +++ b/.github/workflows/__submit-sarif-failure.yml @@ -43,6 +43,7 @@ jobs: - os: ubuntu-latest version: nightly-latest name: Submit SARIF after failure + if: github.triggering_actor != 'dependabot[bot]' permissions: contents: read security-events: write # needed to upload the SARIF file diff --git a/.github/workflows/__swift-autobuild.yml b/.github/workflows/__swift-autobuild.yml index 00a47fb546..9d18d0c978 100644 --- a/.github/workflows/__swift-autobuild.yml +++ b/.github/workflows/__swift-autobuild.yml @@ -39,6 +39,7 @@ jobs: - os: macos-latest version: nightly-latest name: Swift analysis using autobuild + if: github.triggering_actor != 'dependabot[bot]' permissions: contents: read security-events: read diff --git a/.github/workflows/__swift-custom-build.yml b/.github/workflows/__swift-custom-build.yml index 3384eb8638..32ce33a7f0 100644 --- a/.github/workflows/__swift-custom-build.yml +++ b/.github/workflows/__swift-custom-build.yml @@ -53,6 +53,7 @@ jobs: - os: macos-latest version: nightly-latest name: Swift analysis using a custom build command + if: github.triggering_actor != 'dependabot[bot]' permissions: contents: read security-events: read diff --git a/.github/workflows/__test-autobuild-working-dir.yml b/.github/workflows/__test-autobuild-working-dir.yml index 853836cbe9..b55018c736 100644 --- a/.github/workflows/__test-autobuild-working-dir.yml +++ b/.github/workflows/__test-autobuild-working-dir.yml @@ -39,6 +39,7 @@ jobs: - os: ubuntu-latest version: linked name: Autobuild working directory + if: github.triggering_actor != 'dependabot[bot]' permissions: contents: read security-events: read diff --git a/.github/workflows/__test-local-codeql.yml b/.github/workflows/__test-local-codeql.yml index 43b3e11275..eee756a2a8 100644 --- a/.github/workflows/__test-local-codeql.yml +++ b/.github/workflows/__test-local-codeql.yml @@ -49,6 +49,7 @@ jobs: - os: ubuntu-latest version: linked name: Local CodeQL bundle + if: github.triggering_actor != 'dependabot[bot]' permissions: contents: read security-events: read diff --git a/.github/workflows/__test-proxy.yml b/.github/workflows/__test-proxy.yml index 92f3330591..8504a44010 100644 --- a/.github/workflows/__test-proxy.yml +++ b/.github/workflows/__test-proxy.yml @@ -41,6 +41,7 @@ jobs: - os: ubuntu-latest version: nightly-latest name: Proxy test + if: github.triggering_actor != 'dependabot[bot]' permissions: contents: read security-events: read diff --git a/.github/workflows/__unset-environment.yml b/.github/workflows/__unset-environment.yml index f47b762423..8b8d156547 100644 --- a/.github/workflows/__unset-environment.yml +++ b/.github/workflows/__unset-environment.yml @@ -51,6 +51,7 @@ jobs: - os: ubuntu-latest version: nightly-latest name: Test unsetting environment variables + if: github.triggering_actor != 'dependabot[bot]' permissions: contents: read security-events: read diff --git a/.github/workflows/__upload-quality-sarif.yml b/.github/workflows/__upload-quality-sarif.yml index 2d88468ccd..15bc871d94 100644 --- a/.github/workflows/__upload-quality-sarif.yml +++ b/.github/workflows/__upload-quality-sarif.yml @@ -53,6 +53,7 @@ jobs: - os: windows-latest version: default name: 'Upload-sarif: code quality endpoint' + if: github.triggering_actor != 'dependabot[bot]' permissions: contents: read security-events: read diff --git a/.github/workflows/__upload-ref-sha-input.yml b/.github/workflows/__upload-ref-sha-input.yml index 11f49b4c8d..d6970ea18d 100644 --- a/.github/workflows/__upload-ref-sha-input.yml +++ b/.github/workflows/__upload-ref-sha-input.yml @@ -53,6 +53,7 @@ jobs: - os: windows-latest version: default name: "Upload-sarif: 'ref' and 'sha' from inputs" + if: github.triggering_actor != 'dependabot[bot]' permissions: contents: read security-events: read diff --git a/.github/workflows/__with-checkout-path.yml b/.github/workflows/__with-checkout-path.yml index 3a7f1c9744..aa6c9651df 100644 --- a/.github/workflows/__with-checkout-path.yml +++ b/.github/workflows/__with-checkout-path.yml @@ -53,6 +53,7 @@ jobs: - os: windows-latest version: linked name: Use a custom `checkout_path` + if: github.triggering_actor != 'dependabot[bot]' permissions: contents: read security-events: read diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index cc157b15f2..1af109a765 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -23,6 +23,7 @@ env: jobs: # Identify the CodeQL tool versions to use in the analysis job. check-codeql-versions: + if: github.triggering_actor != 'dependabot[bot]' runs-on: ubuntu-latest outputs: versions: ${{ steps.compare.outputs.versions }} @@ -75,6 +76,7 @@ jobs: echo "versions=${VERSIONS_JSON}" >> $GITHUB_OUTPUT analyze-javascript: + if: github.triggering_actor != 'dependabot[bot]' needs: [check-codeql-versions] strategy: fail-fast: false @@ -110,6 +112,7 @@ jobs: upload: ${{ (matrix.os == 'ubuntu-24.04' && !matrix.tools && 'always') || 'never' }} analyze-other: + if: github.triggering_actor != 'dependabot[bot]' runs-on: ubuntu-latest strategy: diff --git a/.github/workflows/codescanning-config-cli.yml b/.github/workflows/codescanning-config-cli.yml index 36937b9fb1..c11f479718 100644 --- a/.github/workflows/codescanning-config-cli.yml +++ b/.github/workflows/codescanning-config-cli.yml @@ -28,6 +28,7 @@ defaults: jobs: code-scanning-config-tests: + if: github.triggering_actor != 'dependabot[bot]' continue-on-error: true permissions: diff --git a/.github/workflows/debug-artifacts-failure-safe.yml b/.github/workflows/debug-artifacts-failure-safe.yml index 5a8878a231..c938c51e65 100644 --- a/.github/workflows/debug-artifacts-failure-safe.yml +++ b/.github/workflows/debug-artifacts-failure-safe.yml @@ -24,6 +24,7 @@ defaults: jobs: upload-artifacts: + if: github.triggering_actor != 'dependabot[bot]' strategy: fail-fast: false matrix: @@ -70,6 +71,7 @@ jobs: expect-error: true download-and-check-artifacts: name: Download and check debug artifacts after failure in analyze + if: github.triggering_actor != 'dependabot[bot]' needs: upload-artifacts timeout-minutes: 45 permissions: diff --git a/.github/workflows/debug-artifacts-safe.yml b/.github/workflows/debug-artifacts-safe.yml index 22d32dd4f5..3e7282f820 100644 --- a/.github/workflows/debug-artifacts-safe.yml +++ b/.github/workflows/debug-artifacts-safe.yml @@ -23,6 +23,7 @@ defaults: jobs: upload-artifacts: + if: github.triggering_actor != 'dependabot[bot]' strategy: fail-fast: false matrix: @@ -64,6 +65,7 @@ jobs: id: analysis download-and-check-artifacts: name: Download and check debug artifacts + if: github.triggering_actor != 'dependabot[bot]' needs: upload-artifacts timeout-minutes: 45 permissions: diff --git a/.github/workflows/pr-checks.yml b/.github/workflows/pr-checks.yml index 6c5e639b20..fa80525f90 100644 --- a/.github/workflows/pr-checks.yml +++ b/.github/workflows/pr-checks.yml @@ -15,6 +15,7 @@ defaults: jobs: unit-tests: name: Unit Tests + if: github.triggering_actor != 'dependabot[bot]' strategy: fail-fast: false matrix: @@ -31,7 +32,7 @@ jobs: run: git config --global core.autocrlf false - uses: actions/checkout@v5 - + - name: Set up Node.js uses: actions/setup-node@v5 with: @@ -75,7 +76,7 @@ jobs: category: eslint check-node-version: - if: github.event.pull_request + if: github.event.pull_request && github.triggering_actor != 'dependabot[bot]' name: Check Action Node versions runs-on: ubuntu-latest timeout-minutes: 45 diff --git a/.github/workflows/python312-windows.yml b/.github/workflows/python312-windows.yml index e8b375d9ca..aa2a034200 100644 --- a/.github/workflows/python312-windows.yml +++ b/.github/workflows/python312-windows.yml @@ -18,6 +18,7 @@ defaults: jobs: test-setup-python-scripts: + if: github.triggering_actor != 'dependabot[bot]' env: CODEQL_ACTION_TEST_MODE: true timeout-minutes: 45 diff --git a/.github/workflows/query-filters.yml b/.github/workflows/query-filters.yml index c2182be85a..aabcc144b0 100644 --- a/.github/workflows/query-filters.yml +++ b/.github/workflows/query-filters.yml @@ -22,6 +22,7 @@ defaults: jobs: query-filters: name: Query Filters Tests + if: github.triggering_actor != 'dependabot[bot]' timeout-minutes: 45 runs-on: ubuntu-latest permissions: diff --git a/.github/workflows/test-codeql-bundle-all.yml b/.github/workflows/test-codeql-bundle-all.yml index 3ccfb4e637..4b7fdca817 100644 --- a/.github/workflows/test-codeql-bundle-all.yml +++ b/.github/workflows/test-codeql-bundle-all.yml @@ -28,6 +28,7 @@ jobs: - os: ubuntu-latest version: nightly-latest name: 'CodeQL Bundle All' + if: github.triggering_actor != 'dependabot[bot]' permissions: contents: read security-events: read @@ -46,7 +47,7 @@ jobs: uses: ./../action/init with: # We manually exclude Swift from the languages list here, as it is not supported on Ubuntu - languages: cpp,csharp,go,java,javascript,python,ruby + languages: cpp,csharp,go,java,javascript,python,ruby tools: ${{ steps.prepare-test.outputs.tools-url }} - name: Build code run: ./build.sh diff --git a/pr-checks/sync.py b/pr-checks/sync.py index 565c1ce6fc..550953980a 100755 --- a/pr-checks/sync.py +++ b/pr-checks/sync.py @@ -211,6 +211,7 @@ def writeHeader(checkStream): } }, 'name': checkSpecification['name'], + 'if': 'github.triggering_actor != \'dependabot[bot]\'', 'permissions': { 'contents': 'read', 'security-events': 'read'