|
494dfabc
|
2022-06-13T09:42:22
|
|
Bump actions/setup-node from 1 to 3 (#3472)
|
|
0291bf3e
|
2022-06-13T11:40:13
|
|
Bump actions/checkout from 1 to 3 (#3471)
Bumps [actions/checkout](https://github.com/actions/checkout) from 1 to 3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v1...v3)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
9561a9ab
|
2022-06-13T03:24:09
|
|
chore: Included githubactions in the dependabot config (#3470)
This should help with keeping the GitHub actions updated on new releases. This will also help with keeping it secure.
Dependabot helps in keeping the supply chain secure https://docs.github.com/en/code-security/dependabot
GitHub actions up to date https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot
https://github.com/ossf/scorecard/blob/main/docs/checks.md#dependency-update-tool
Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
|
|
b85e1ada
|
2022-06-12T02:59:43
|
|
Set permissions for GitHub actions (#3468)
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.
- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)
Signed-off-by: nathannaveen <42319948+nathannaveen@users.noreply.github.com>
|
|
5333e281
|
2021-10-19T19:34:41
|
|
Added regex coverage (#3138)
|
|
b77317c5
|
2021-05-17T16:40:06
|
|
CI: Run tests with NodeJS 16.x (#2888)
|
|
bb1eca94
|
2021-04-17T22:21:15
|
|
ESLint: Fail CI if there are warnings (#2847)
|
|
772d42be
|
2021-03-26T13:16:16
|
|
Added ESLint with minimal config (#2831)
|
|
7cd9e794
|
2021-03-26T12:59:04
|
|
Added link to Q&A to issue templates (#2834)
|
|
b5f4f10e
|
2020-12-22T17:27:14
|
|
Test page: Added "Share" option (#2575)
This adds a link and a small popup to share the current state of the test page via a compact link.
|
|
7f23ef3d
|
2020-12-22T10:17:05
|
|
Fixed Danger CI for forks (#2638)
|
|
9df20c5e
|
2020-11-09T09:33:41
|
|
Added Dangerfile and provide bundle size info (#2608)
|
|
69132045
|
2020-10-24T18:08:21
|
|
Migrate from TravisCI -> GitHub Actions (#2606)
This moves the test suite from Travis -> GitHub Actions. The Workflow
is essentially the same as what we had on Travis, but split into two
jobs.
|
|
53f07b1b
|
2019-09-26T16:46:43
|
|
Issue template improvements (#2069)
This fixes a typo in the issue templates and comments out some instruction to make them invisible in the issue.
|
|
2f9c9261
|
2019-03-31T09:50:19
|
|
Clearer description for the highlighting bug report template (#1850)
This makes the description of the plugins info in the highlighting bug report template a little clearer.
|
|
dedb475f
|
2019-03-14T13:49:47
|
|
Added issue templates (#1805)
This adds issue templates for the prism project after #1802.
|