re/gorm - gorm - dev.cvsck.ru

Commit Graph

Author	SHA1	Message	Date
Naveen	5c9ef9a843	Set permissions for GitHub actions (#5237 ) Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much. - Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs [Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/) Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>	2022-04-10 09:38:43 +08:00
Jinzhu	e0b4e0ec8f	Update auto stale days	2022-02-19 17:11:23 +08:00
Matthieu MOREL	cbe72751ac	Update Dependencies (#4582 ) * Create dependabot.yml * Bump reviewdog/action-golangci-lint from 1 to 2 (#1) Bumps [reviewdog/action-golangci-lint](https://github.com/reviewdog/action-golangci-lint) from 1 to 2. - [Release notes](https://github.com/reviewdog/action-golangci-lint/releases) - [Commits](https://github.com/reviewdog/action-golangci-lint/compare/v1...v2) --- updated-dependencies: - dependency-name: reviewdog/action-golangci-lint dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump actions/stale from 3.0.7 to 4 (#2) Bumps [actions/stale](https://github.com/actions/stale) from 3.0.7 to 4. - [Release notes](https://github.com/actions/stale/releases) - [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/stale/compare/v3.0.7...v4) --- updated-dependencies: - dependency-name: actions/stale dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump gorm.io/gorm from 1.21.9 to 1.21.12 in /tests (#3) Bumps [gorm.io/gorm](https://github.com/go-gorm/gorm) from 1.21.9 to 1.21.12. - [Release notes](https://github.com/go-gorm/gorm/releases) - [Commits](https://github.com/go-gorm/gorm/compare/v1.21.9...v1.21.12) --- updated-dependencies: - dependency-name: gorm.io/gorm dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump gorm.io/driver/mysql from 1.0.5 to 1.1.1 in /tests (#4) Bumps [gorm.io/driver/mysql](https://github.com/go-gorm/mysql) from 1.0.5 to 1.1.1. - [Release notes](https://github.com/go-gorm/mysql/releases) - [Commits](https://github.com/go-gorm/mysql/compare/v1.0.5...v1.1.1) --- updated-dependencies: - dependency-name: gorm.io/driver/mysql dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump github.com/lib/pq from 1.6.0 to 1.10.2 in /tests (#5) Bumps [github.com/lib/pq](https://github.com/lib/pq) from 1.6.0 to 1.10.2. - [Release notes](https://github.com/lib/pq/releases) - [Commits](https://github.com/lib/pq/compare/v1.6.0...v1.10.2) --- updated-dependencies: - dependency-name: github.com/lib/pq dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump github.com/google/uuid from 1.2.0 to 1.3.0 in /tests (#6) Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.2.0 to 1.3.0. - [Release notes](https://github.com/google/uuid/releases) - [Commits](https://github.com/google/uuid/compare/v1.2.0...v1.3.0) --- updated-dependencies: - dependency-name: github.com/google/uuid dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2021-08-09 13:16:25 +08:00
Jinzhu	c091cd6aa4	Update stale action	2020-07-09 22:14:11 +08:00
Jinzhu	d04984323f	Add stale for v1 action	2020-07-09 22:02:29 +08:00
Jinzhu	322c6a36ee	Fix .github config	2020-07-01 19:52:16 +08:00

6 Commits