0
Fork 0
mirror of https://github.com/verdaccio/verdaccio.git synced 2025-01-06 22:40:26 -05:00
Commit graph

17 commits

Author SHA1 Message Date
dependabot[bot]
06d6c82d61
chore(deps): bump github/codeql-action from 1 to 2 (#3150)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 1 to 2.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v1...v2)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Juan Picado <juanpicado19@gmail.com>
2022-05-05 20:56:04 +02:00
Naveen
1a605054a8
chore: Set permissions for GitHub actions (#3145)
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.

- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)

Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
2022-04-28 18:06:00 +02:00
dependabot[bot]
31050ee369
chore(deps): bump actions/checkout from 2 to 3 (#3045)
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-07 20:44:27 +01:00
renovate[bot]
a73b0a9d1c
chore(deps): update actions/checkout action to v2.4.0 (#2641) 2021-11-06 15:58:24 +01:00
renovate[bot]
ef6c7d9f0e
chore(deps): update actions/checkout action to v2.3.5 (#2477)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-10-16 10:19:59 +02:00
Juan Picado
8020936758 chore: improve ci settings 2021-04-11 09:05:27 +02:00
Juan Picado
40e125fd2d chore: update ci scripts 2021-04-10 11:55:38 +02:00
Juan Picado
8f578f88f5 chore: update to 6.x 2021-04-09 17:54:39 +02:00
Juan Picado
821bd776f3 refactor: enable e2e for UI (#2036)
* refactor: enable e2e for UI

* refactor: enable e2e for UI

* refactor: enable e2e for UI

* refactor: enable e2e for UI

* refactor: enable e2e for UI

* refactor: enable e2e for UI
2021-04-09 17:54:29 +02:00
Abraham Schilling
5e28d40f77 build: add missing os matrix (#1928) 2021-04-09 17:54:18 +02:00
Abraham Schilling
d981c1d435 5.x tests on windows (#1919) 2021-04-09 17:54:18 +02:00
Juan Picado @jotadeveloper
a280340e09 chore: ci include release pr 2021-04-09 17:54:17 +02:00
Juan Picado @jotadeveloper
c707aee713 chore: ignore codeql analysis
I shutdown this temporary while is in development
2021-04-09 17:54:13 +02:00
dependabot[bot]
22b85de14d
build(deps): bump actions/checkout from v2.3.2 to v2.3.3 (#1954)
Bumps [actions/checkout](https://github.com/actions/checkout) from v2.3.2 to v2.3.3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2.3.2...a81bbbf8298c0fa03ea29cdc473d45769f953675)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-10-03 14:53:41 +02:00
dependabot[bot]
f82a32ae34
build(deps): bump actions/checkout from v2.3.1 to v2.3.2 (#1903)
Bumps [actions/checkout](https://github.com/actions/checkout) from v2.3.1 to v2.3.2.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2.3.1...2036a08e25fa78bbd946711a407b529a0a1204bf)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-08-12 23:22:50 +02:00
dependabot[bot]
4de5d9f9b6
build(deps): update actions/checkout requirement to v2.3.1 (#1855)
Updates the requirements on [actions/checkout](https://github.com/actions/checkout) to permit the latest version.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/master/CHANGELOG.md)
- [Commits](28c7f3d2b5)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-06-24 11:39:48 +02:00
Daniel Ruf
1352246d80
chore: test code scanning (#1833)
Co-authored-by: Juan Picado <juanpicado19@gmail.com>
2020-06-07 18:29:52 +02:00