Add 'persist-credentials: false' to all Github checkout actions (#367)
diff --git a/.github/workflows/abi-compatibility.yml b/.github/workflows/abi-compatibility.yml
index e323e66..5fbdecf 100644
--- a/.github/workflows/abi-compatibility.yml
+++ b/.github/workflows/abi-compatibility.yml
@@ -34,6 +34,7 @@
steps:
- uses: actions/checkout@v2
with:
+ persist-credentials: false # do not persist auth token in the local git config
path: main
- name: 'Configure Dependencies - Ubuntu'
diff --git a/.github/workflows/log4cxx-cpp11.yml b/.github/workflows/log4cxx-cpp11.yml
index 23f9721..0474ca5 100644
--- a/.github/workflows/log4cxx-cpp11.yml
+++ b/.github/workflows/log4cxx-cpp11.yml
@@ -24,6 +24,7 @@
steps:
- uses: actions/checkout@v3
with:
+ persist-credentials: false # do not persist auth token in the local git config
path: main
- name: 'Configure Dependencies - Ubuntu'
diff --git a/.github/workflows/log4cxx-macos.yml b/.github/workflows/log4cxx-macos.yml
index 456a191..2df5822 100644
--- a/.github/workflows/log4cxx-macos.yml
+++ b/.github/workflows/log4cxx-macos.yml
@@ -40,6 +40,7 @@
steps:
- uses: actions/checkout@v3
with:
+ persist-credentials: false # do not persist auth token in the local git config
path: main
- name: 'configure and build'
diff --git a/.github/workflows/log4cxx-ubuntu.yml b/.github/workflows/log4cxx-ubuntu.yml
index be9e022..7df025b 100644
--- a/.github/workflows/log4cxx-ubuntu.yml
+++ b/.github/workflows/log4cxx-ubuntu.yml
@@ -62,6 +62,7 @@
steps:
- uses: actions/checkout@v3
with:
+ persist-credentials: false # do not persist auth token in the local git config
path: main
- name: 'Configure Dependencies'
diff --git a/.github/workflows/log4cxx-windows-static.yml b/.github/workflows/log4cxx-windows-static.yml
index 009f28e..2285dae 100644
--- a/.github/workflows/log4cxx-windows-static.yml
+++ b/.github/workflows/log4cxx-windows-static.yml
@@ -34,6 +34,7 @@
steps:
- uses: actions/checkout@v3
with:
+ persist-credentials: false # do not persist auth token in the local git config
path: main
- name: 'Restore Prebuilt Dependencies'
diff --git a/.github/workflows/log4cxx-windows.yml b/.github/workflows/log4cxx-windows.yml
index c942670..38625ca 100644
--- a/.github/workflows/log4cxx-windows.yml
+++ b/.github/workflows/log4cxx-windows.yml
@@ -34,6 +34,7 @@
steps:
- uses: actions/checkout@v3
with:
+ persist-credentials: false # do not persist auth token in the local git config
path: main
- name: 'Restore Prebuilt Dependencies'
diff --git a/.github/workflows/package_code.yml b/.github/workflows/package_code.yml
index 31b4849..bfa1518 100644
--- a/.github/workflows/package_code.yml
+++ b/.github/workflows/package_code.yml
@@ -33,6 +33,7 @@
steps:
- uses: actions/checkout@v2
with:
+ persist-credentials: false # do not persist auth token in the local git config
path: clean-checkout
# Consider using CPack when it supports a white-list for included files
diff --git a/.github/workflows/sonarcloud.yml b/.github/workflows/sonarcloud.yml
index 442deb0..41945fa 100644
--- a/.github/workflows/sonarcloud.yml
+++ b/.github/workflows/sonarcloud.yml
@@ -34,6 +34,7 @@
steps:
- uses: actions/checkout@v2
with:
+ persist-credentials: false # do not persist auth token in the local git config
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
path: main
