Arian van Putten
af9a980c7d
Lock third-party actions
...
A caller of this action can lock this action to a specific commit. However because the action itself does not lock its dependent actions to a specific commit this opens the end-user up to possible supply-chain attacks if the dependent actions rewrite their tags.
This PR changes all third party actions to be explicitly locked.
Dependabot will still work and update these hashes for you
I also suggest installing https://github.com/ossf/scorecard in this repo. It will report about these kind of issues.
Note that you should in turn have to audit all the third party deps of the actions that your action depends on. In general this is all a bit of a mess and GitHub's security model is very meh
e.g. see https://github.com/ossf/scorecard/issues/2189
2024-06-18 09:17:15 -07:00
Luc Perkins
ed0fe829d8
Merge pull request #115 from detsys-pr-bot/detsys-ts-update-bc45b6c0a6318ae30192c4bf23a73dc879bdb632
...
Update `detsys-ts`:
2024-06-05 16:19:34 -07:00
Luc Perkins
278b2c0e02
Merge pull request #114 from detsys-pr-bot/detsys-ts-update-515d00bc192ae4460e2122572ebc24020c58ea95
...
Update detsys-ts: Merge pull request #51 from DeterminateSystems/add-missing-actions-to-update-matrix
Add missing Actions to update matrix
2024-06-05 15:48:14 -07:00
Luc Perkins
1b00b724a5
Regenerate dist
2024-06-05 15:46:52 -07:00
Graham Christensen
23e86b41e2
Merge pull request #116 from detsys-pr-bot/detsys-ts-update-856a75af22949b76e23f6e54a1b4d27d8816cea4
...
Update `detsys-ts`: Merge pull request #113 from DeterminateSystems/update-detsys-ts-status-page
2024-06-05 18:06:07 -04:00
lucperkins
b8b46eb7bb
Update detsys-ts
for: Merge pull request
#113 from DeterminateSystems/update-detsys-ts-status-page (856a75af22949b76e23f6e54a1b4d27d8816cea4
)
2024-06-05 21:59:53 +00:00
lucperkins
50c97e1435
Update detsys-ts
for: ` (
bc45b6c0a6318ae30192c4bf23a73dc879bdb632`)
2024-06-05 21:32:11 +00:00
lucperkins
d777dd2ba4
Update detsys-ts for: Merge pull request #51 from DeterminateSystems/add-missing-actions-to-update-matrix
...
Add missing Actions to update matrix (515d00bc192ae4460e2122572ebc24020c58ea95)
2024-06-05 21:06:52 +00:00
Luc Perkins
bba6a453b7
Merge pull request #113 from DeterminateSystems/update-detsys-ts-status-page
...
Update detsys-ts (status page changes)
2024-06-03 09:18:41 -07:00
Luc Perkins
aecc58b9ac
Update detsys-ts (status page changes)
2024-06-03 09:12:51 -07:00
Graham Christensen
41c8f7e1b5
Merge pull request #112 from DeterminateSystems/srv
...
Update detsys-ts for srv
2024-05-31 12:05:22 -04:00
Graham Christensen
be77a56766
eslint stricter
2024-05-31 11:40:33 -04:00
Graham Christensen
d98ea6576b
Update detsys-ts for srv
2024-05-31 11:34:46 -04:00
Luc Perkins
2b0d863d87
Merge pull request #111 from DeterminateSystems/update-detsys-ts
...
Update detsys-ts
2024-05-29 15:20:23 -03:00
Luc Perkins
559c3e249c
Update detsys-ts
2024-05-29 15:18:32 -03:00
Luc Perkins
222f041780
Merge pull request #108 from DeterminateSystems/strict-mode-env-var
...
Add environment variable for strict mode input
2024-05-23 12:26:35 -03:00
Luc Perkins
0e2a61b1f3
Add environment variable for strict mode input
2024-05-23 12:23:56 -03:00
Luc Perkins
ede634b2c8
Merge pull request #107 from DeterminateSystems/strict-mode-not-required
...
Make strict mode input not required
2024-05-23 12:05:47 -03:00
Luc Perkins
7a7f13f9b5
Make strict mode input not required
2024-05-23 12:03:54 -03:00
Luc Perkins
e0fe1f8e46
Merge pull request #105 from DeterminateSystems/detsys-ts-update
...
Update detsys-ts
2024-05-22 20:27:21 -03:00
Luc Perkins
7ce3b51a1d
Update detsys-ts
2024-05-22 15:40:01 -03:00
Graham Christensen
4f21d96ab3
Merge pull request #103 from DeterminateSystems/space-sep
...
Split flake inputs on spaces instead of commas
2024-05-09 18:14:58 -04:00
Graham Christensen
165ae6e270
space-sep'd inputs
2024-05-09 18:13:24 -04:00
Graham Christensen
bcabaab2f1
Merge pull request #101 from DeterminateSystems/detsys-ts
...
Convert the Action into TypeScript
2024-05-09 15:50:34 -04:00
Graham Christensen
406a429015
Regenerate
2024-05-09 15:48:13 -04:00
Graham Christensen
28eac596e7
nits on the nits
2024-05-09 15:47:03 -04:00
Graham Christensen
da64c8c904
nits
2024-05-09 15:45:38 -04:00
Graham Christensen
3fa85bcf4c
nit: run line
2024-05-09 15:44:43 -04:00
Graham Christensen
d021735a89
space separated options
2024-05-09 15:35:58 -04:00
Graham Christensen
d978837d43
Expose all inputs
2024-05-09 15:35:53 -04:00
Graham Christensen
fc5dacd10b
Use nix flake update if no inputs are specified
2024-05-09 14:15:38 -04:00
Graham Christensen
7352b7f36b
lockfile-summary, d'oh
2024-05-07 23:03:21 -04:00
Graham Christensen
6d82bce8ec
Update detsys-ts
2024-05-07 23:03:12 -04:00
Graham Christensen
8363f28293
Call the node action instead directly
2024-05-07 23:02:56 -04:00
Graham Christensen
1752965d0b
Don't cd separately
2024-05-06 16:13:34 -04:00
Luc Perkins
21663d562d
Rename workflow
2024-04-29 10:15:25 -03:00
Luc Perkins
6318aa12c1
Remove now-unnecessary shellcheck check
2024-04-26 14:23:24 -03:00
Luc Perkins
239b4c9810
Add JS-specific bits to Actions
2024-04-26 14:19:53 -03:00
Luc Perkins
539b7a6481
Remove Bash script and do more TS streamlining
2024-04-26 12:10:07 -03:00
Luc Perkins
dde5487502
Finish initial rework into TS
2024-04-26 11:55:19 -03:00
Luc Perkins
502daa7e5e
Construct Nix command
2024-04-21 19:50:32 -03:00
Luc Perkins
b1f8684b21
Update Nix shell and add envrc
2024-04-21 19:42:23 -03:00
Luc Perkins
cf6776dfd1
Add initial JS setup
2024-04-21 19:17:03 -03:00
Ian Cleary
cc5f064749
Update README.md to use actions/checkout@v4
2024-04-08 09:21:10 -07:00
Cole Helbling
a3ccb8f597
Update pedrolamas/handlebars-action to 2.4.0
2024-02-29 07:07:00 -08:00
Cole Helbling
56b3507bfe
Update DamianReeves/write-file-action to v1.3
2024-02-28 15:06:00 -08:00
dependabot[bot]
70d01ca550
build(deps): bump pedrolamas/handlebars-action from 2.2.0 to 2.3.0
...
Bumps [pedrolamas/handlebars-action](https://github.com/pedrolamas/handlebars-action ) from 2.2.0 to 2.3.0.
- [Release notes](https://github.com/pedrolamas/handlebars-action/releases )
- [Commits](https://github.com/pedrolamas/handlebars-action/compare/v2.2.0...v2.3.0 )
---
updated-dependencies:
- dependency-name: pedrolamas/handlebars-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-02-28 14:55:32 -08:00
dependabot[bot]
96c74d26ed
build(deps): bump actions/checkout from 2 to 4
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 2 to 4.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v2...v4 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-02-28 14:55:13 -08:00
dependabot[bot]
0631a12d9a
build(deps): bump crazy-max/ghaction-import-gpg from 5 to 6
...
Bumps [crazy-max/ghaction-import-gpg](https://github.com/crazy-max/ghaction-import-gpg ) from 5 to 6.
- [Release notes](https://github.com/crazy-max/ghaction-import-gpg/releases )
- [Commits](https://github.com/crazy-max/ghaction-import-gpg/compare/v5...v6 )
---
updated-dependencies:
- dependency-name: crazy-max/ghaction-import-gpg
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-02-28 14:54:51 -08:00
Morgan Helton
a72d3c5880
update peter-evans/create-pull-request to v6
2024-02-28 14:54:06 -08:00