name: 'Append PR extra infos'
on:
pull_request:
types:
- opened
- synchronize
jobs:
main:
name: "Composer package updates"
runs-on: ubuntu-latest
permissions:
contents: read
pull-requests: write
steps:
- name: "Check composer packages versions"
uses: yoanm/[email protected]
with:
gh-token: ${{ secrets.GITHUB_TOKEN }}
# manager: composer # Default value
force: true: to be sure to always have the diffpost-results: false: Not required, just in case you don't care about results comment
name: 'Append PR extra infos'
on:
pull_request:
types:
- opened
- synchronize
jobs:
main:
name: "Composer package updates"
runs-on: ubuntu-latest
permissions:
contents: read
pull-requests: read
steps:
- name: "Check composer packages versions"
uses: yoanm/[email protected]
id: 'diff'
with:
gh-token: ${{ secrets.GITHUB_TOKEN }}
# manager: composer # Default value
force: true
post-results: false
- name: Print diff
run: echo "${{ steps.diff.outputs.diff }}"Action requires at least following permissions:
contents: read: Used to fetch old and current package manager filespull-requests: write: Used to know if lock file has been updated or not and manage result comment- In case you set
post-resultsatfalse, read access is enough (pull-requests: read)
- In case you set
It's not mandatory to define permissions, but it increases your repository security. At least, be sure required permissions match current ones
Check action.yml file for more information about inputs
gh-tokenRequired- Github token used for API calls, be sure required permissions are granted
managerDefault tocomposerpost-resultsDefault totrueforceDefault tofalse
diff