- Dec 02, 2023
-
-
David Bauer authored
Pin the GitHub runner version used to Ubuntu 22.04. This endures stability in the runner behavior once GitHub switches to the next Ubuntu release for the latest tag. Signed-off-by:
David Bauer <mail@david-bauer.net>
-
- Oct 01, 2023
-
-
dependabot[bot] authored
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v3...v4 ) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by:
dependabot[bot] <support@github.com>
-
- May 08, 2022
-
-
naveen authored
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much. - Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs [Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ ) Signed-off-by:
naveen <172697+naveensrinivasan@users.noreply.github.com>
-
- Apr 01, 2022
-
-
dependabot[bot] authored
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v2...v3 ) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by:
dependabot[bot] <support@github.com> Co-authored-by:
dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
-
- Aug 10, 2021
-
-
Martin Weinelt authored
-
- Jan 02, 2021
-
-
Martin Weinelt authored
-
- Oct 20, 2020
-
-
David Bauer authored
Add a workflow to verify all patches to OpenWrt and the packages feeds are refreshed. If they are not, the workflow fails.
-