frmscoe · scott45 · Dec 6, 2024 · Sep 2, 2024 · Sep 2, 2024 · Sep 2, 2024
@@ -0,0 +1,4 @@
+# Please do not attempt to edit this file without the direct consent from the DevOps team. This file is managed centrally.
+# Contact @scott45
+
+* @scott45
@@ -13,6 +13,8 @@
 # For more information on Codacy Analysis CLI in general, see
 # https://github.com/codacy/codacy-analysis-cli.
 
+# Please do not attempt to edit this flow without the direct consent from the DevOps team. This file is managed centrally.
+
 name: Codacy Security Scan
 
 on:
@@ -29,6 +31,7 @@ permissions:
 
 jobs:
   codacy-security-scan:
+    if: github.actor != 'dependabot[bot]' && github.actor != 'dependabot-preview[bot]'
     permissions:
       contents: read # for actions/checkout to fetch code
       security-events: write # for github/codeql-action/upload-sarif to upload SARIF results

@@ -11,6 +11,9 @@
 # the `language` matrix defined below to confirm you have the correct set of
 # supported CodeQL languages.
 #
+
+# Please do not attempt to edit this flow without the direct consent from the DevOps team. This file is managed centrally.
+
 name: "CodeQL"
 
 on:
@@ -24,6 +27,7 @@ on:
 
 jobs:
   analyze:
+    if: github.actor != 'dependabot[bot]' && github.actor != 'dependabot-preview[bot]'
     name: Analyze
     runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }}
     permissions:

@@ -7,6 +7,8 @@
 
 # This GitHub Actions workflow validates the title of pull requests (PRs) to ensure they follow conventional commit standards.
 
+# Please do not attempt to edit this flow without the direct consent from the DevOps team. This file is managed centrally.
+
 name: PR Conventional Commit Validation
 
 on:
@@ -16,6 +18,7 @@ on:
 
 jobs:
   validate-pr-title:
+    if: github.actor != 'dependabot[bot]' && github.actor != 'dependabot-preview[bot]'
     runs-on: ubuntu-latest  # Use the latest Ubuntu runner for the job
     steps:
       - name: Checkout code

@@ -2,13 +2,16 @@
 
 # This GitHub Actions workflow checks that all commits in a pull request (PR) have a "Signed-off-by" line to ensure Developer Certificate of Origin (DCO) compliance.
 
+# Please do not attempt to edit this flow without the direct consent from the DevOps team. This file is managed centrally.
+
 name: DCO
 
 # Trigger the workflow on pull request events
 on: [pull_request]
 
 jobs:
   dco:
+    if: github.actor != 'dependabot[bot]' && github.actor != 'dependabot-preview[bot]'
     # Define the runner environment
     runs-on: ubuntu-latest
 

@@ -6,6 +6,10 @@
 #
 # Source repository: https://github.com/actions/dependency-review-action
 # Public documentation: https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review#dependency-review-enforcement
+
+
+# Please do not attempt to edit this flow without the direct consent from the DevOps team. This file is managed centrally.
+
 name: 'Dependency Review'
 on: [pull_request]
 

@@ -2,12 +2,15 @@
 
 # This GitHub Actions workflow checks that all commits in a pull request (PR) have been verified with GPG signatures.
 
+# Please do not attempt to edit this flow without the direct consent from the DevOps team. This file is managed centrally.
+
 name: GPG Verify
 
 on: [pull_request]  # Trigger this workflow on pull request events
 
 jobs:
   gpg-verify:
+    if: github.actor != 'dependabot[bot]' && github.actor != 'dependabot-preview[bot]'
     runs-on: ubuntu-latest  # Use the latest Ubuntu runner for the job
     steps:
     - uses: actions/checkout@v4  # Checkout the repository code using the actions/checkout action

@@ -2,6 +2,8 @@
 
 # This GitHub Actions workflow is designed to close a milestone and trigger a release workflow.
 
+# Please do not attempt to edit this flow without the direct consent from the DevOps team. This file is managed centrally.
+
 name: Milestone Workflow
 
 # This workflow can be manually triggered with a specified milestone ID.
@@ -15,6 +17,7 @@ on:
 
 jobs:
   close_milestone:
+    if: github.actor != 'dependabot[bot]' && github.actor != 'dependabot-preview[bot]'
     runs-on: ubuntu-latest
 
     steps:

@@ -8,6 +8,8 @@
 # This workflow integrates njsscan with GitHub's Code Scanning feature
 # nodejsscan is a static security code scanner that finds insecure code patterns in your Node.js applications
 
+# Please do not attempt to edit this flow without the direct consent from the DevOps team. This file is managed centrally.
+
 name: njsscan sarif
 
 on:
@@ -24,6 +26,7 @@ permissions:
 
 jobs:
   njsscan:
+    if: github.actor != 'dependabot[bot]' && github.actor != 'dependabot-preview[bot]'
     permissions:
       contents: read # for actions/checkout to fetch code
       security-events: write # for github/codeql-action/upload-sarif to upload SARIF results

@@ -3,6 +3,8 @@
 # This workflow will do a clean installation of node dependencies, cache/restore them, build the source code and run tests across different versions of node
 # For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-nodejs
 
+# Please do not attempt to edit this flow without the direct consent from the DevOps team. This file is managed centrally.
+
 name: Node.js CI
 
 env:
@@ -19,6 +21,7 @@ on:
     branches: [ "dev", "main" ]
 jobs:
   build:
+    if: github.actor != 'dependabot[bot]' && github.actor != 'dependabot-preview[bot]'
     runs-on: ubuntu-latest
     name: run build
     strategy:
@@ -39,6 +42,7 @@ jobs:
         run: npm run build
 
   lint:
+    if: github.actor != 'dependabot[bot]' && github.actor != 'dependabot-preview[bot]'
     runs-on: ubuntu-latest
     name: check style
     strategy:
@@ -60,6 +64,7 @@ jobs:
         run: npm run lint
 
   test:
+    if: github.actor != 'dependabot[bot]' && github.actor != 'dependabot-preview[bot]'
     runs-on: ubuntu-latest
     name: check tests
     strategy: