Bearer integration (#269)

This is a POC for [bearer](https://docs.bearer.com/), which is a static scanner for security/privacy vulnerabilities. While [brakeman](https://brakemanscanner.org/) is Rails-specific, Bearer adds support for vulnerabilities on the language-level and supports the following languages: 1. JavaScript/TypeScript 2. Ruby 3. PHP 4. Java 5. Go 6. Python This PR aims to prove out bearer's effectiveness in the power-tools repo. Example failure: ![Screenshot 2024-11-06 at 9 56 43 AM](https://github.com/user-attachments/assets/6d99c673-26e9-4ce5-b03b-44ea3a5e3525)
powerhome · Dec 27, 2024 · 65d4c6f · 65d4c6f
1 parent 8f1c380
commit 65d4c6f
Showing 1 changed file with 4 additions and 8 deletions.
diff --git a/.github/workflows/reviewdog.yml b/.github/workflows/reviewdog.yml
@@ -1,21 +1,17 @@
 name: Automated Code Reviews
 on: [pull_request]
 
-permissions:
-  contents: read
-  pull-requests: write
-
 jobs:
   bearer:
-    name: Bearer Security Analysis
+    name: Bearer
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
-      - uses: reviewdog/action-setup@v1
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
+      - uses: reviewdog/action-setup@3f401fe1d58fe77e10d665ab713057375e39b887 # v1
         with:
           reviewdog_version: latest
       - name: Bearer
-        uses: bearer/bearer-action@v2
+        uses: bearer/bearer-action@828eeb928ce2f4a7ca5ed57fb8b59508cb8c79bc # v2
         with:
           diff: true
           format: rdjson