nathannaveen
|
4471e9f322
|
Set permissions for GitHub actions (#2752)
- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.
Signed-off-by: nathannaveen <42319948+nathannaveen@users.noreply.github.com>
|
2022-04-11 14:52:49 -05:00 |
|
dependabot[bot]
|
e1fbcef13d
|
Bump actions/stale from 4 to 5 (#2760)
Bumps [actions/stale](https://github.com/actions/stale) from 4 to 5.
- [Release notes](https://github.com/actions/stale/releases)
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/stale/compare/v4...v5)
---
updated-dependencies:
- dependency-name: actions/stale
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2022-04-11 12:56:39 -05:00 |
|
Lukas Gravley
|
7ebba234e3
|
Update CODEOWNERS
|
2022-04-05 13:15:31 -05:00 |
|
dependabot[bot]
|
2feab4440c
|
Bump githubocto/repo-visualizer from 0.7.1 to 0.8.1 (#2727)
Bumps [githubocto/repo-visualizer](https://github.com/githubocto/repo-visualizer) from 0.7.1 to 0.8.1.
- [Release notes](https://github.com/githubocto/repo-visualizer/releases)
- [Commits](https://github.com/githubocto/repo-visualizer/compare/0.7.1...0.8.1)
---
updated-dependencies:
- dependency-name: githubocto/repo-visualizer
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2022-04-04 09:02:51 -05:00 |
|
Lukas Gravley
|
60e7787217
|
manual trigger (#2681)
|
2022-03-25 10:20:52 -05:00 |
|
Lukas Gravley
|
9bf6767260
|
Update deploy-release.yml
|
2022-03-25 10:04:38 -05:00 |
|
Lukas Gravley
|
b70e0b55d0
|
Update deploy-release.yml
|
2022-03-25 09:57:00 -05:00 |
|
Lukas Gravley
|
33dfb2b624
|
weekly (#2679)
|
2022-03-25 08:56:31 -05:00 |
|
dependabot[bot]
|
053b37bbf5
|
Bump docker/build-push-action from 2.9.0 to 2.10.0 (#2646)
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 2.9.0 to 2.10.0.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v2.9.0...v2.10.0)
---
updated-dependencies:
- dependency-name: docker/build-push-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2022-03-24 16:20:58 -05:00 |
|
Lukas Gravley
|
aee503c133
|
trying to create diagram (#2674)
* trying to create diagram
* typo
* typo
* typo
* typo
* typo
* typo
* dope code
|
2022-03-24 13:46:42 -05:00 |
|
Masaya Suzuki
|
e277edca06
|
Use ts-standard instead of standard as TYPESCRIPT_STANDARD (#2614)
* Use ts-standard instead of standard as TYPESCRIPT_STANDARD
* Add ts-standard
* Update test case
* Update test case
* Add tsconfig.json
* Add tsconfig.json environment value
* Fix "TypeScript"
* Fix package version
* Fix package version
* Fix package version
* Fix package version
* Fix settings
* Remove config file env
* Fix version
* Fix eslintrc
* Fix project path
* Fix project path
* Fix setting
* Fix env
* Add .eslintrc.yml for ts-standard
* Fix README
* Fix settings
* Change include paths
* Change include paths
* Change include paths
* Change include paths
* Fix dependencies
* Fix dependencies
* Fix dependence versions
|
2022-03-16 10:21:57 -05:00 |
|
Masaya Suzuki
|
ed275dd57d
|
Add parameter env to step Update deployment status (#2639)
|
2022-03-15 09:54:31 +01:00 |
|
Marco Ferrari
|
4b16b5b473
|
Lint the whole Ansible directory (#2576)
|
2022-03-14 20:47:04 +01:00 |
|
dependabot[bot]
|
5d5ae35998
|
Bump actions/checkout from 2.4.0 to 3
Bumps [actions/checkout](https://github.com/actions/checkout) from 2.4.0 to 3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2.4.0...v3)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-03-07 12:53:35 -05:00 |
|
dependabot[bot]
|
d90e4a4b72
|
Bump bobheadxi/deployments from 0.6.2 to 1.1.0
Bumps [bobheadxi/deployments](https://github.com/bobheadxi/deployments) from 0.6.2 to 1.1.0.
- [Release notes](https://github.com/bobheadxi/deployments/releases)
- [Commits](https://github.com/bobheadxi/deployments/compare/v0.6.2...v1.1.0)
---
updated-dependencies:
- dependency-name: bobheadxi/deployments
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-03-07 12:53:26 -05:00 |
|
dependabot[bot]
|
6fcca170d2
|
Bump docker/login-action from 1.14.0 to 1.14.1
Bumps [docker/login-action](https://github.com/docker/login-action) from 1.14.0 to 1.14.1.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/v1.14.0...v1.14.1)
---
updated-dependencies:
- dependency-name: docker/login-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-03-07 12:53:12 -05:00 |
|
dependabot[bot]
|
98b3da2de8
|
Bump docker/login-action from 1.13.0 to 1.14.0
Bumps [docker/login-action](https://github.com/docker/login-action) from 1.13.0 to 1.14.0.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/v1.13.0...v1.14.0)
---
updated-dependencies:
- dependency-name: docker/login-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-02-28 09:30:14 -05:00 |
|
Brett Logan
|
b63b914b06
|
Disable bin/activate
|
2022-02-22 11:47:16 -05:00 |
|
Brett Logan
|
9e853793eb
|
Add timeout
|
2022-02-22 10:51:12 -05:00 |
|
Brett Logan
|
90427e7ed6
|
Add job name
|
2022-02-22 10:40:43 -05:00 |
|
Brett Logan
|
07e93a4d33
|
Fix base branch
|
2022-02-22 10:36:08 -05:00 |
|
Brett Logan
|
7e9696340d
|
Run shfmt
|
2022-02-22 10:34:46 -05:00 |
|
Brett Logan
|
5a6f3796e1
|
Ignore unbound variable
|
2022-02-22 10:34:16 -05:00 |
|
Brett Logan
|
6b23c0aab1
|
Pass token into script
|
2022-02-22 10:33:03 -05:00 |
|
Brett Logan
|
42221dee4c
|
Authorize CLI
|
2022-02-22 10:30:26 -05:00 |
|
Brett Logan
|
6c1bd98be5
|
Remove commit signing
|
2022-02-22 10:26:50 -05:00 |
|
Brett Logan
|
f71367133f
|
Change venv path
|
2022-02-22 10:24:08 -05:00 |
|
Brett Logan
|
4a938c367e
|
Add workflow for Python updates
|
2022-02-22 10:21:01 -05:00 |
|
Colwyn Fritze-Moor
|
ecb6625a21
|
fix: enable tflint module mode
|
2022-02-22 01:19:52 -05:00 |
|
Brett Logan
|
366889a844
|
Update Docker
|
2022-02-21 13:49:41 -05:00 |
|
Brett Logan
|
e0b4385cd4
|
Ignore global var
|
2022-02-21 11:52:37 -05:00 |
|
Brett Logan
|
5f2fc46fcc
|
Add logic
|
2022-02-21 11:16:27 -05:00 |
|
Brett Logan
|
86c82e43f7
|
Add loggin
|
2022-02-21 10:50:54 -05:00 |
|
Brett Logan
|
69ac257acc
|
Set git config
|
2022-02-21 10:41:13 -05:00 |
|
Brett Logan
|
cee39d9ac7
|
Remove auditing
|
2022-02-21 10:34:16 -05:00 |
|
Brett Logan
|
6e6d1348a6
|
Add Actions names
|
2022-02-21 10:17:34 -05:00 |
|
Brett Logan
|
443bae5b6f
|
Fix path to script
|
2022-02-21 10:07:36 -05:00 |
|
Brett Logan
|
c93ce43156
|
Remove npm-update
|
2022-02-21 10:06:44 -05:00 |
|
Brett Logan
|
57f668c175
|
Add weekly NPM automation
|
2022-02-21 10:05:10 -05:00 |
|
dependabot[bot]
|
7f33bdd27c
|
Bump docker/build-push-action from 2.7.0 to 2.9.0 (#2429)
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 2.7.0 to 2.9.0.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v2.7.0...v2.9.0)
---
updated-dependencies:
- dependency-name: docker/build-push-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2022-02-15 08:57:35 -06:00 |
|
dependabot[bot]
|
d9b89bc3db
|
Bump docker/login-action from 1.10.0 to 1.12.0 (#2406)
Bumps [docker/login-action](https://github.com/docker/login-action) from 1.10.0 to 1.12.0.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/v1.10.0...v1.12.0)
---
updated-dependencies:
- dependency-name: docker/login-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2022-02-15 08:57:01 -06:00 |
|
dependabot[bot]
|
815fb15a53
|
Bump bobheadxi/deployments from 0.6.1 to 0.6.2 (#2403)
Bumps [bobheadxi/deployments](https://github.com/bobheadxi/deployments) from 0.6.1 to 0.6.2.
- [Release notes](https://github.com/bobheadxi/deployments/releases)
- [Commits](https://github.com/bobheadxi/deployments/compare/v0.6.1...v0.6.2)
---
updated-dependencies:
- dependency-name: bobheadxi/deployments
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2022-02-14 15:20:48 -06:00 |
|
dependabot[bot]
|
720ba1244f
|
Bump actions/github-script from 5 to 6 (#2465)
Bumps [actions/github-script](https://github.com/actions/github-script) from 5 to 6.
- [Release notes](https://github.com/actions/github-script/releases)
- [Commits](https://github.com/actions/github-script/compare/v5...v6)
---
updated-dependencies:
- dependency-name: actions/github-script
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2022-02-14 15:20:29 -06:00 |
|
Lukas Gravley
|
5c109b745e
|
fix codacy and remove cache as its prone to fail (#2503)
|
2022-02-14 14:47:36 -06:00 |
|
Brett Logan
|
37e8faefef
|
Update NPM deps with using ncu and npm audit (#2447)
* Update NPM deps with using ncu and npm audit
* Set fail-fast to false
|
2022-02-07 10:28:48 -06:00 |
|
Lukas Gravley
|
d1fceae857
|
cant do load and push, skipping for prod (#2394)
|
2022-01-26 12:00:55 -06:00 |
|
Marco Ferrari
|
c0f47d0eff
|
De-duplicate workflows (#2220)
* De-duplicate deploy-DEV workflows
* Add $
* Fix build target
* Fix standard target
* Consolidate workflows in a single one
* more clean
* add changes
* fix spaces
* fix release
Co-authored-by: Admiral Awkbar <admiralawkbar@github.com>
|
2022-01-26 09:17:59 -06:00 |
|
dependabot[bot]
|
0c8db9f614
|
Bump docker/build-push-action from 2.7.0 to 2.8.0 (#2368)
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 2.7.0 to 2.8.0.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v2.7.0...v2.8.0)
---
updated-dependencies:
- dependency-name: docker/build-push-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2022-01-24 09:48:57 -06:00 |
|
dependabot[bot]
|
481637c121
|
Bump codacy/codacy-coverage-reporter-action from 1.2 to 1.3 (#2367)
Bumps [codacy/codacy-coverage-reporter-action](https://github.com/codacy/codacy-coverage-reporter-action) from 1.2 to 1.3.
- [Release notes](https://github.com/codacy/codacy-coverage-reporter-action/releases)
- [Commits](https://github.com/codacy/codacy-coverage-reporter-action/compare/v1.2...v1.3)
---
updated-dependencies:
- dependency-name: codacy/codacy-coverage-reporter-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2022-01-24 09:48:41 -06:00 |
|
Barry Pollard
|
19abf45423
|
Correct SQLFluff config filename (#2366)
|
2022-01-24 09:01:37 -06:00 |
|