fix: update Projects table — visibility and integrations row #4
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Template: copy this to .github/workflows/contributor-check.yml in each repo. | |
| # Calls the org-level composite action from agentrust-io/.github so scripts | |
| # only need updating in one place. | |
| name: Contributor Reputation Check | |
| on: | |
| pull_request_target: | |
| types: [opened] | |
| issues: | |
| types: [opened] | |
| workflow_dispatch: | |
| inputs: | |
| username: | |
| description: "GitHub username to check" | |
| required: true | |
| run_cluster: | |
| description: "Run cluster detection (API-heavy, opt-in)" | |
| required: false | |
| default: "false" | |
| type: choice | |
| options: | |
| - "false" | |
| - "true" | |
| concurrency: | |
| group: contributor-check-${{ github.event.issue.number || github.event.pull_request.number || github.run_id }} | |
| cancel-in-progress: false | |
| permissions: | |
| contents: read | |
| jobs: | |
| check: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| issues: write | |
| pull-requests: write | |
| if: >- | |
| github.event_name == 'workflow_dispatch' || | |
| (github.actor != 'dependabot[bot]' && | |
| github.actor != 'github-actions[bot]' && | |
| github.actor != 'copilot-swe-agent[bot]' && | |
| github.actor != 'claude-code[bot]' && | |
| github.actor != 'imran-siddique') | |
| steps: | |
| - name: Checkout org action | |
| uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 | |
| with: | |
| repository: agentrust-io/.github | |
| # Pinned to a specific commit of agentrust-io/.github: this workflow | |
| # runs on pull_request_target with a write-capable token, so the | |
| # code it pulls in must not be a mutable ref. Bump this SHA | |
| # deliberately (after review) when the org action changes. | |
| ref: 8a2b77bc35057566fd675f0a24e814564cf5322f # main as of 2026-06-10 | |
| persist-credentials: false | |
| sparse-checkout: | | |
| scripts | |
| .github/actions/contributor-check | |
| - name: Run contributor reputation check | |
| id: reputation | |
| uses: ./.github/actions/contributor-check | |
| with: | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| checks: ${{ github.event_name == 'workflow_dispatch' && github.event.inputs.run_cluster == 'true' && 'profile,credential,cluster' || 'profile,credential' }} | |
| - name: Log results | |
| if: always() | |
| run: | | |
| echo "Overall risk: ${{ steps.reputation.outputs.risk }}" | |
| echo "Profile risk: ${{ steps.reputation.outputs.profile-risk }}" | |
| echo "Credential risk: ${{ steps.reputation.outputs.credential-risk }}" | |
| echo "Cluster risk: ${{ steps.reputation.outputs.cluster-risk }}" |