bitwarden_workflow_linter 1.1.2__tar.gz → 1.1.4__tar.gz

{bitwarden_workflow_linter-1.1.2 → bitwarden_workflow_linter-1.1.4}/.github/workflows/bwwl_operations.yml

@@ -18,6 +18,9 @@ jobs:
   actions-operation:
     name: "Approved actions operations"
     runs-on: ubuntu-24.04
+    permissions:
+      contents: write
+      pull-requests: write
     env:
       _ACTION: ${{ inputs.action }}
     steps:
@@ -78,10 +81,14 @@ jobs:
 
       - name: Run bwwl update
         if: ${{ github.event_name == 'schedule' || inputs.operation == 'update' }}
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Avoid rate limiting
         run: bwwl actions update -o src/bitwarden_workflow_linter/default_actions.json
 
       - name: Run bwwl add
         if: ${{ inputs.operation == 'add' }}
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Avoid rate limiting
         run: bwwl actions add -o src/bitwarden_workflow_linter/default_actions.json "$_ACTION"
 
       - name: Check for changes to commit

{bitwarden_workflow_linter-1.1.2 → bitwarden_workflow_linter-1.1.4}/.github/workflows/ci.yml

@@ -36,6 +36,9 @@ jobs:
       - name: Check type hinting
         run: pipenv run pytype src
 
+      - name: Install local bwwl binary
+        run: pipenv run pip install -e .
+
       - name: Test against example workflows
         # run notes:
         # - Changing directories will help catch any repo specific paths in the linter
@@ -43,7 +46,17 @@ jobs:
         # - Changing directories utilizes the default_settings.yaml rather than this repos
         #   settings.yaml, which better simulates running from another repository
         # - Using strict to ensure that our examples pass all checks including warnings
-        run: |
-          pipenv run pip install -e .
-          cd .github/workflows
-          pipenv run bwwl lint --strict -f ./examples
+        working-directory: .github/workflows
+        run: pipenv run bwwl lint --strict -f ./examples
+
+      - name: Test bwwl actions - add
+        env:
+          _ACTION: bitwarden/gh-actions
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Avoid rate limiting
+        run: pipenv run bwwl actions add -o src/bitwarden_workflow_linter/default_actions.json "$_ACTION"
+
+      # TODO: Add this test back in and added related error logging to fix the underlying issue
+      # - name: Test bwwl actions - update
+      #   env:
+      #     GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Avoid rate limiting
+      #   run: pipenv run bwwl actions update -o src/bitwarden_workflow_linter/default_actions.json

{bitwarden_workflow_linter-1.1.2 → bitwarden_workflow_linter-1.1.4}/.github/workflows/examples/scan.yaml

@@ -7,10 +7,6 @@
 
 name: Scan
 
-permissions:
-    read-all # Sets permissions of the GITHUB_TOKEN
-    # More info: https://docs.github.com/en/actions/writing-workflows/workflow-syntax-for-github-actions#permissions
-
 on:
     # Controls when the workflow will run
 
@@ -31,6 +27,8 @@ on:
         types: [opened, synchronize] # Options include labeled, unlabeled, reopened
         branches: "main"
 
+permissions: {}
+
 # A workflow run is made up of one or more jobs that can run sequentially or in
 # parallel
 jobs:
@@ -41,6 +39,8 @@ jobs:
         name: Check PR run # Human readable descriptor
         # location and branch of bitwarden-owned action being used
         uses: bitwarden/gh-actions/.github/workflows/check-run.yml@main
+        permissions:
+            contents: read
 
     sast:
         # A more complex job that has multiple actions as steps described below

{bitwarden_workflow_linter-1.1.2 → bitwarden_workflow_linter-1.1.4}/.github/workflows/scan.yml

@@ -16,10 +16,14 @@ on:
     branches:
       - "main"
 
+permissions: {}
+
 jobs:
   check-run:
     name: Check PR run
     uses: bitwarden/gh-actions/.github/workflows/check-run.yml@main
+    permissions:
+      contents: read
 
   sast:
     name: SAST scan

{bitwarden_workflow_linter-1.1.2 → bitwarden_workflow_linter-1.1.4}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: bitwarden_workflow_linter
-Version: 1.1.2
+Version: 1.1.4
 Summary: Custom GitHub Action Workflow Linter
 Project-URL: Homepage, https://github.com/bitwarden/workflow-linter
 Project-URL: Issues, https://github.com/bitwarden/workflow-linter/issues

{bitwarden_workflow_linter-1.1.2 → bitwarden_workflow_linter-1.1.4}/src/bitwarden_workflow_linter/__about__.py

@@ -1,3 +1,3 @@
 """Metadata for Workflow Linter."""
 
-__version__ = "1.1.2"
+__version__ = "1.1.4"

{bitwarden_workflow_linter-1.1.2 → bitwarden_workflow_linter-1.1.4}/src/bitwarden_workflow_linter/cli.py

@@ -36,9 +36,9 @@ def main(input_args: Optional[List[str]] = None) -> int:
         raise SystemExit(parser.print_help())
 
     args = parser.parse_args(input_args)
-    if len(args.files) > 1:
-      raise parser.error("Only one -f / --files flag must be specified")
     if args.command == "lint":
+        if len(args.files) > 1:
+            raise parser.error("Only one -f / --files flag must be specified")
         return linter_cmd.run(args.files[0], args.strict)
 
     if args.command == "actions":