Jean-Baptiste Bellet
|
87ed23211e
|
Use the last version of github/codeql-action/upload-sarif
|
2022-10-20 17:42:22 +02:00 |
|
Jean-Baptiste Bellet
|
053af8416b
|
Previous setup-ruby action was deprecated. Use ruby/setup-ruby@v1
|
2022-10-20 16:14:14 +02:00 |
|
Jean-Baptiste Bellet
|
642938afe0
|
Upgrade "actions/checkout" to non-deprecated version
|
2022-10-19 11:28:31 +02:00 |
|
neilnaveen
|
5c1bdc7698
|
chore: Set permissions for GitHub actions
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.
- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)
Signed-off-by: neilnaveen <42328488+neilnaveen@users.noreply.github.com>
|
2022-06-16 01:08:27 +00:00 |
|
Pau Perez
|
8c1e222788
|
Upgrade Ruby and Ubuntu to latest in GH action
It was asked for in
https://github.com/openfoodfoundation/openfoodnetwork/pull/6163/ to use
the latest stable Ruby version. It's also better to use Ubuntu's latest
as well.
|
2020-11-30 09:11:41 +01:00 |
|
Luis Ramos
|
dbd41e9d31
|
Use ruby 2.4 as github actions do not support ruby 2.3.
|
2020-10-13 10:31:26 +01:00 |
|
Luis Ramos
|
87327dcf57
|
Add brakeman config
|
2020-10-13 10:31:13 +01:00 |
|