Skip to content

ci: bump step-security/harden-runner from 2.16.0 to 2.16.1 in the actions group #47

ci: bump step-security/harden-runner from 2.16.0 to 2.16.1 in the actions group

ci: bump step-security/harden-runner from 2.16.0 to 2.16.1 in the actions group #47

Workflow file for this run

name: Grippy Review
on:
pull_request:
types: [opened, synchronize, reopened]
concurrency:
group: grippy-${{ github.ref }}
cancel-in-progress: true
permissions:
contents: read
pull-requests: write
jobs:
review:
name: Grippy Code Review
if: github.event.pull_request.head.repo.full_name == github.repository
runs-on: ubuntu-latest
steps:
- uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1
with:
egress-policy: audit
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
- uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
with:
python-version: '3.12'
- name: Install Grippy
run: pip install "grippy-mcp @ git+https://github.com/Project-Navi/grippy-code-review.git@5f62e5b58554c4a84baa52ad29de941970f550f2"
- name: Run review
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GITHUB_EVENT_PATH: ${{ github.event_path }}
OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
GRIPPY_TRANSPORT: openai
GRIPPY_MODEL_ID: gpt-4.1
GRIPPY_EMBEDDING_MODEL: text-embedding-3-large
GRIPPY_DATA_DIR: ./grippy-data
GRIPPY_TIMEOUT: 300
run: python -I -m grippy