kompiro/karasu GitHub Actions scorecardPublic GitHub Actions data, last 30 days. Updated .
Data sourced from public GitHub. GitSpider is not affiliated with or endorsed by this repository's owners. Request removal.
Biggest wins first, each with the exact config fix.
PagesConcurrency group has no `cancel-in-progress: true`, so superseded runs queue instead of cancelling. Add it to supersede stale runs.
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: trueADR validate (skip)No job sets `timeout-minutes`, so a hung step can run to GitHub's 6-hour default. Add `timeout-minutes` to each job.
jobs:
build:
runs-on: ubuntu-latest
timeout-minutes: 15ADR validateNo job sets `timeout-minutes`, so a hung step can run to GitHub's 6-hour default. Add `timeout-minutes` to each job.
jobs:
build:
runs-on: ubuntu-latest
timeout-minutes: 15AT coverage checkNo job sets `timeout-minutes`, so a hung step can run to GitHub's 6-hour default. Add `timeout-minutes` to each job.
jobs:
build:
runs-on: ubuntu-latest
timeout-minutes: 15CI (docs-only)No job sets `timeout-minutes`, so a hung step can run to GitHub's 6-hour default. Add `timeout-minutes` to each job.
jobs:
build:
runs-on: ubuntu-latest
timeout-minutes: 15CINo job sets `timeout-minutes`, so a hung step can run to GitHub's 6-hour default. Add `timeout-minutes` to each job.
jobs:
build:
runs-on: ubuntu-latest
timeout-minutes: 15DeployNo job sets `timeout-minutes`, so a hung step can run to GitHub's 6-hour default. Add `timeout-minutes` to each job.
jobs:
build:
runs-on: ubuntu-latest
timeout-minutes: 15DeployThis looks like a deploy/release workflow with `cancel-in-progress: true`, which cancels queued runs too — a queued deploy is silently dropped when a newer run arrives. Use a group-only `concurrency:` block on deploys.
concurrency:
group: ${{ github.workflow }}
# queued deploys run in order; none are droppedE2E (skip)No job sets `timeout-minutes`, so a hung step can run to GitHub's 6-hour default. Add `timeout-minutes` to each job.
jobs:
build:
runs-on: ubuntu-latest
timeout-minutes: 15E2EThe cache restores only on an exact key match, so any lockfile change means a full cold download. Add a `restore-keys:` prefix line for partial restores.
key: deps-${{ runner.os }}-${{ hashFiles('**/<lockfile>') }}
restore-keys: |
deps-${{ runner.os }}-PagesNo job sets `timeout-minutes`, so a hung step can run to GitHub's 6-hour default. Add `timeout-minutes` to each job.
jobs:
build:
runs-on: ubuntu-latest
timeout-minutes: 15PreviewNo job sets `timeout-minutes`, so a hung step can run to GitHub's 6-hour default. Add `timeout-minutes` to each job.
jobs:
build:
runs-on: ubuntu-latest
timeout-minutes: 15Reference docs check (skip)No job sets `timeout-minutes`, so a hung step can run to GitHub's 6-hour default. Add `timeout-minutes` to each job.
jobs:
build:
runs-on: ubuntu-latest
timeout-minutes: 15Reference docs checkNo job sets `timeout-minutes`, so a hung step can run to GitHub's 6-hour default. Add `timeout-minutes` to each job.
jobs:
build:
runs-on: ubuntu-latest
timeout-minutes: 15Secret ScanNo job sets `timeout-minutes`, so a hung step can run to GitHub's 6-hour default. Add `timeout-minutes` to each job.
jobs:
build:
runs-on: ubuntu-latest
timeout-minutes: 15Secret ScanRuns on every push/PR with no `paths:` filter, so docs-only changes still trigger full CI. Add a `paths:` filter if that's common.
on:
pull_request:
paths:
- 'src/**'
- 'package.json'Secret ScanThe schedule has no repository guard, so forks that enable Actions inherit the cron and burn their own minutes. Gate the job with `if: github.repository == 'owner/repo'`.
jobs:
nightly:
if: github.repository == 'owner/repo'
runs-on: ubuntu-latestTPL validateNo job sets `timeout-minutes`, so a hung step can run to GitHub's 6-hour default. Add `timeout-minutes` to each job.
jobs:
build:
runs-on: ubuntu-latest
timeout-minutes: 15# Concurrency without cancel-in-progress — applies to: Pages
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
# No job timeout — applies to: ADR validate (skip), ADR validate, AT coverage check, CI (docs-only), CI, Deploy, E2E (skip), Pages, Preview, Reference docs check (skip), Reference docs check, Secret Scan, TPL validate
jobs:
build:
runs-on: ubuntu-latest
timeout-minutes: 15
# cancel-in-progress on a deploy workflow — applies to: Deploy
concurrency:
group: ${{ github.workflow }}
# queued deploys run in order; none are dropped
# Cache without restore-keys — applies to: E2E
key: deps-${{ runner.os }}-${{ hashFiles('**/<lockfile>') }}
restore-keys: |
deps-${{ runner.os }}-
# No path filters on triggers — applies to: Secret Scan
on:
pull_request:
paths:
- 'src/**'
- 'package.json'
# Scheduled workflow runs in forks — applies to: Secret Scan
jobs:
nightly:
if: github.repository == 'owner/repo'
runs-on: ubuntu-latestEach snippet is representative — merge into the named workflow files rather than pasting wholesale.
This scorecard is a one-time snapshot. Install the free GitHub App to track this repo continuously: new regressions caught as they land, trends over time, on your public and private repos. Team adds the offending commit on the PR + Slack alerts.
Install & monitor this repo →Not ready to install? Get this report by email. No spam, unsubscribe anytime.