ivuorinen/actions
1
0
Fork 0
mirror of https://github.com/ivuorinen/actions.git synced 2026-03-08 09:56:38 +00:00
Code Issues Packages Projects Releases Wiki Activity
364 Commits 2 Branches 141 Tags
40f722ec1840e7300d6faeea3d4e4ee1758e09bc
Commit Graph

11 Commits

Author SHA1 Message Date
copilot-swe-agent[bot]
40f722ec18 fix: harden workflow permissions - set top-level permissions: {} and scope perms to jobs 
Set `permissions: {}` at the top level of all workflow files to deny all
permissions by default, then grant only the minimum required permissions at
the job level. This fixes the Docker push failure caused by missing
`packages: write` permission being scoped incorrectly.

Changes per workflow:
- build-testing-image.yml: add contents: read + packages: write to job
- action-security.yml: consolidate contents: read, actions: read,
  pull-requests: read into the analyze job
- codeql-new.yml: add actions: read to the analyze job
- dependency-review.yml: add contents: read to the dependency-review job
- issue-stats.yml: top-level only (no checkout, existing job perms sufficient)
- new-release.yml: was read-all; job already has contents: write
- pr-lint.yml: was contents: read + packages: read; job already has full perms
- release.yml: job already has contents: write
- security-suite.yml: move all perms to job level
- stale.yml: top-level only (no checkout, existing job perms sufficient)
- sync-labels.yml: was read-all; add contents: read to job for checkout
- version-maintenance.yml: move all perms to job level

Co-authored-by: ivuorinen <11024+ivuorinen@users.noreply.github.com>
 2026-03-05 21:22:44 +00:00
Ismo Vuorinen
a247b78178 fix: markdownlint rules and daily releases (#421) 
* fix: disable markdownlint table alignment rule

* fix(ci): daily release only if changes
 2026-01-09 02:10:00 +02:00
Ismo Vuorinen
abe24f8570 feat(ci): versioning change (#378) 
* chore: remove bylines from actions

* feat: new daily release action

* chore(ci): ignore false positive in codeql, fix others

* fix: cr comments
 2025-11-28 10:56:52 +02:00
Ismo Vuorinen
e58465e5d3 chore(new-release): add prefix v, add security as type (#376) 
* chore(new-release): add prefix v, add security as type

* fix(pr-lint): fix pr-lint workflow

* fix(lint): prettier format
 2025-11-25 14:15:55 +02:00
Ismo Vuorinen
681e0f828a chore(deps): update actions (#346) 2025-11-14 09:36:58 +02:00
renovate[bot]
8a7aa2243b chore(deps): update ncipollo/release-action action (v1.18.0 → v1.20.0) (#243) 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-09-08 15:15:50 +03:00
renovate[bot]
05e171c506 feat(github-action)!: Update actions/checkout (v4.3.0 → v5.0.0) (#209) 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-08-21 14:36:40 +03:00
renovate[bot]
e3b436adb3 feat(github-action): update actions/checkout (v4.2.2 → v4.3.0) (#213) 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-08-18 09:43:18 +00:00
renovate[bot]
c0f919957e feat(github-action): update ncipollo/release-action (v1.16.0 → v1.18.0) (#179) 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-06-30 18:01:33 +00:00
Ismo Vuorinen
eb085adfe2 chore(ci): update GitHub Actions workflow dependencies to latest versions (#78) 2025-03-19 17:26:36 +02:00
Ismo Vuorinen
ebf9a673d0 Feat/ci actions @coderabbitio (#61) 
* feat(ci): create daily releases
* feat(ci): better splitting of security-suite steps
* fix(ci): update new-release workflow
 2025-03-02 00:27:36 +02:00