caddyserver/caddy GitHub Actions scorecardPublic GitHub Actions data, last 30 days. Updated 7/1/2026, 10:27:09 PM.
Data sourced from public GitHub. GitSpider is not affiliated with or endorsed by this repository's owners. Request removal.
Biggest wins first, each with the exact config fix.
TestsPushing to a branch and opening a PR triggers two runs. Pick one (usually `pull_request`) and exclude branch pushes for non-default branches.
on:
push:
branches: [main]
pull_request:TestsAdd a `concurrency:` block keyed on branch to cancel superseded runs when devs push twice quickly.
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: trueLintPushing to a branch and opening a PR triggers two runs. Pick one (usually `pull_request`) and exclude branch pushes for non-default branches.
on:
push:
branches: [main]
pull_request:Cross-BuildPushing to a branch and opening a PR triggers two runs. Pick one (usually `pull_request`) and exclude branch pushes for non-default branches.
on:
push:
branches: [main]
pull_request:LintAdd a `concurrency:` block keyed on branch to cancel superseded runs when devs push twice quickly.
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: trueCross-BuildAdd a `concurrency:` block keyed on branch to cancel superseded runs when devs push twice quickly.
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: trueOpenSSF Scorecard supply-chain securityPushing to a branch and opening a PR triggers two runs. Pick one (usually `pull_request`) and exclude branch pushes for non-default branches.
on:
push:
branches: [main]
pull_request:OpenSSF Scorecard supply-chain securityAdd a `concurrency:` block keyed on branch to cancel superseded runs when devs push twice quickly.
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: trueAI ModeratorAdd a `concurrency:` block keyed on branch to cancel superseded runs when devs push twice quickly.
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: trueRelease Proposal Approval TrackerAdd a `concurrency:` block keyed on branch to cancel superseded runs when devs push twice quickly.
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: trueAI ModeratorNo job sets `timeout-minutes`, so a hung step can run to GitHub's 6-hour default. Add `timeout-minutes` to each job.
jobs:
build:
runs-on: ubuntu-latest
timeout-minutes: 15Release Proposal Approval TrackerNo job sets `timeout-minutes`, so a hung step can run to GitHub's 6-hour default. Add `timeout-minutes` to each job.
jobs:
build:
runs-on: ubuntu-latest
timeout-minutes: 15Release Proposal Approval TrackerRuns on every push/PR with no `paths:` filter, so docs-only changes still trigger full CI. Add a `paths:` filter if that's common.
on:
pull_request:
paths:
- 'src/**'
- 'package.json'TestsNo job sets `timeout-minutes`, so a hung step can run to GitHub's 6-hour default. Add `timeout-minutes` to each job.
jobs:
build:
runs-on: ubuntu-latest
timeout-minutes: 15Tests`upload-artifact` has no `retention-days`, so artifacts keep up to 90 days (storage cost). Set e.g. `retention-days: 7`.
- uses: actions/upload-artifact@v4
with:
name: build
path: dist/
retention-days: 7TestsRuns on every push/PR with no `paths:` filter, so docs-only changes still trigger full CI. Add a `paths:` filter if that's common.
on:
pull_request:
paths:
- 'src/**'
- 'package.json'TestsmacOS bills ~10× and Windows ~2× a Linux minute. The cost estimate above assumes Linux, so your real spend is higher. Move any job that doesn't need them to `ubuntu-latest`.
jobs:
build:
runs-on: ubuntu-latest # ~10x cheaper than macos-latestCross-BuildNo job sets `timeout-minutes`, so a hung step can run to GitHub's 6-hour default. Add `timeout-minutes` to each job.
jobs:
build:
runs-on: ubuntu-latest
timeout-minutes: 15Cross-BuildRuns on every push/PR with no `paths:` filter, so docs-only changes still trigger full CI. Add a `paths:` filter if that's common.
on:
pull_request:
paths:
- 'src/**'
- 'package.json'LintNo job sets `timeout-minutes`, so a hung step can run to GitHub's 6-hour default. Add `timeout-minutes` to each job.
jobs:
build:
runs-on: ubuntu-latest
timeout-minutes: 15LintRuns on every push/PR with no `paths:` filter, so docs-only changes still trigger full CI. Add a `paths:` filter if that's common.
on:
pull_request:
paths:
- 'src/**'
- 'package.json'LintmacOS bills ~10× and Windows ~2× a Linux minute. The cost estimate above assumes Linux, so your real spend is higher. Move any job that doesn't need them to `ubuntu-latest`.
jobs:
build:
runs-on: ubuntu-latest # ~10x cheaper than macos-latestOpenSSF Scorecard supply-chain securityNo job sets `timeout-minutes`, so a hung step can run to GitHub's 6-hour default. Add `timeout-minutes` to each job.
jobs:
build:
runs-on: ubuntu-latest
timeout-minutes: 15OpenSSF Scorecard supply-chain securityRuns on every push/PR with no `paths:` filter, so docs-only changes still trigger full CI. Add a `paths:` filter if that's common.
on:
pull_request:
paths:
- 'src/**'
- 'package.json'This scorecard is a one-time snapshot. Install the free GitHub App to track this repo continuously: new regressions caught as they land, trends over time, on your public and private repos. Team adds the offending commit on the PR + Slack alerts.
Install & monitor this repo →Not ready to install? Get this report by email. No spam, unsubscribe anytime.