Naveen
|
5c9ef9a843
|
Set permissions for GitHub actions (#5237)
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.
- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)
Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
|
2022-04-10 09:38:43 +08:00 |
Jinzhu
|
e0b4e0ec8f
|
Update auto stale days
|
2022-02-19 17:11:23 +08:00 |
Matthieu MOREL
|
cbe72751ac
|
Update Dependencies (#4582)
* Create dependabot.yml
* Bump reviewdog/action-golangci-lint from 1 to 2 (#1)
Bumps [reviewdog/action-golangci-lint](https://github.com/reviewdog/action-golangci-lint) from 1 to 2.
- [Release notes](https://github.com/reviewdog/action-golangci-lint/releases)
- [Commits](https://github.com/reviewdog/action-golangci-lint/compare/v1...v2)
---
updated-dependencies:
- dependency-name: reviewdog/action-golangci-lint
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Bump actions/stale from 3.0.7 to 4 (#2)
Bumps [actions/stale](https://github.com/actions/stale) from 3.0.7 to 4.
- [Release notes](https://github.com/actions/stale/releases)
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/stale/compare/v3.0.7...v4)
---
updated-dependencies:
- dependency-name: actions/stale
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Bump gorm.io/gorm from 1.21.9 to 1.21.12 in /tests (#3)
Bumps [gorm.io/gorm](https://github.com/go-gorm/gorm) from 1.21.9 to 1.21.12.
- [Release notes](https://github.com/go-gorm/gorm/releases)
- [Commits](https://github.com/go-gorm/gorm/compare/v1.21.9...v1.21.12)
---
updated-dependencies:
- dependency-name: gorm.io/gorm
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Bump gorm.io/driver/mysql from 1.0.5 to 1.1.1 in /tests (#4)
Bumps [gorm.io/driver/mysql](https://github.com/go-gorm/mysql) from 1.0.5 to 1.1.1.
- [Release notes](https://github.com/go-gorm/mysql/releases)
- [Commits](https://github.com/go-gorm/mysql/compare/v1.0.5...v1.1.1)
---
updated-dependencies:
- dependency-name: gorm.io/driver/mysql
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Bump github.com/lib/pq from 1.6.0 to 1.10.2 in /tests (#5)
Bumps [github.com/lib/pq](https://github.com/lib/pq) from 1.6.0 to 1.10.2.
- [Release notes](https://github.com/lib/pq/releases)
- [Commits](https://github.com/lib/pq/compare/v1.6.0...v1.10.2)
---
updated-dependencies:
- dependency-name: github.com/lib/pq
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Bump github.com/google/uuid from 1.2.0 to 1.3.0 in /tests (#6)
Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.2.0 to 1.3.0.
- [Release notes](https://github.com/google/uuid/releases)
- [Commits](https://github.com/google/uuid/compare/v1.2.0...v1.3.0)
---
updated-dependencies:
- dependency-name: github.com/google/uuid
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2021-08-09 13:16:25 +08:00 |
Jinzhu
|
1d5f910b6e
|
Update workflows template
|
2020-09-14 15:30:55 +08:00 |
Jinzhu
|
ff3880292d
|
Update missing playground template
|
2020-09-03 11:48:44 +08:00 |
Jinzhu
|
d04984323f
|
Add stale for v1 action
|
2020-07-09 22:02:29 +08:00 |