Commit graph

140 commits

Author SHA1 Message Date
Pierre Penninckx
b0723e0fae Add instructions for new fine grained GitHub PAT 2024-06-18 09:23:51 -07:00
Arian van Putten
af9a980c7d Lock third-party actions
A caller of this action can lock this action to a specific commit. However because the action itself does not lock its dependent actions to a specific commit this opens the end-user up to possible supply-chain attacks if the dependent actions rewrite their tags.

This PR changes all third party actions to be explicitly locked.

Dependabot will still work and update these hashes for you


I also suggest installing https://github.com/ossf/scorecard in this repo. It will report about these kind of issues.

Note that you should in turn have to audit all the third party deps of the actions that your action depends on. In general this is all a bit of a mess and GitHub's security model is very meh

e.g. see https://github.com/ossf/scorecard/issues/2189
2024-06-18 09:17:15 -07:00
Luc Perkins
ed0fe829d8
Merge pull request #115 from detsys-pr-bot/detsys-ts-update-bc45b6c0a6318ae30192c4bf23a73dc879bdb632
Update `detsys-ts`:
2024-06-05 16:19:34 -07:00
Luc Perkins
278b2c0e02
Merge pull request #114 from detsys-pr-bot/detsys-ts-update-515d00bc192ae4460e2122572ebc24020c58ea95
Update detsys-ts: Merge pull request #51 from DeterminateSystems/add-missing-actions-to-update-matrix

Add missing Actions to update matrix
2024-06-05 15:48:14 -07:00
Luc Perkins
1b00b724a5
Regenerate dist 2024-06-05 15:46:52 -07:00
Graham Christensen
23e86b41e2
Merge pull request #116 from detsys-pr-bot/detsys-ts-update-856a75af22949b76e23f6e54a1b4d27d8816cea4
Update `detsys-ts`: Merge pull request #113 from DeterminateSystems/update-detsys-ts-status-page
2024-06-05 18:06:07 -04:00
lucperkins
b8b46eb7bb Update detsys-ts for: Merge pull request #113 from DeterminateSystems/update-detsys-ts-status-page (856a75af22949b76e23f6e54a1b4d27d8816cea4) 2024-06-05 21:59:53 +00:00
lucperkins
50c97e1435 Update detsys-ts for: ` (bc45b6c0a6318ae30192c4bf23a73dc879bdb632`) 2024-06-05 21:32:11 +00:00
lucperkins
d777dd2ba4 Update detsys-ts for: Merge pull request #51 from DeterminateSystems/add-missing-actions-to-update-matrix
Add missing Actions to update matrix (515d00bc192ae4460e2122572ebc24020c58ea95)
2024-06-05 21:06:52 +00:00
Luc Perkins
bba6a453b7
Merge pull request #113 from DeterminateSystems/update-detsys-ts-status-page
Update detsys-ts (status page changes)
2024-06-03 09:18:41 -07:00
Luc Perkins
aecc58b9ac
Update detsys-ts (status page changes) 2024-06-03 09:12:51 -07:00
Graham Christensen
41c8f7e1b5
Merge pull request #112 from DeterminateSystems/srv
Update detsys-ts for srv
2024-05-31 12:05:22 -04:00
Graham Christensen
be77a56766 eslint stricter 2024-05-31 11:40:33 -04:00
Graham Christensen
d98ea6576b Update detsys-ts for srv 2024-05-31 11:34:46 -04:00
Luc Perkins
2b0d863d87
Merge pull request #111 from DeterminateSystems/update-detsys-ts
Update detsys-ts
2024-05-29 15:20:23 -03:00
Luc Perkins
559c3e249c
Update detsys-ts 2024-05-29 15:18:32 -03:00
Luc Perkins
222f041780
Merge pull request #108 from DeterminateSystems/strict-mode-env-var
Add environment variable for strict mode input
2024-05-23 12:26:35 -03:00
Luc Perkins
0e2a61b1f3
Add environment variable for strict mode input 2024-05-23 12:23:56 -03:00
Luc Perkins
ede634b2c8
Merge pull request #107 from DeterminateSystems/strict-mode-not-required
Make strict mode input not required
2024-05-23 12:05:47 -03:00
Luc Perkins
7a7f13f9b5
Make strict mode input not required 2024-05-23 12:03:54 -03:00
Luc Perkins
e0fe1f8e46
Merge pull request #105 from DeterminateSystems/detsys-ts-update
Update detsys-ts
2024-05-22 20:27:21 -03:00
Luc Perkins
7ce3b51a1d
Update detsys-ts 2024-05-22 15:40:01 -03:00
Graham Christensen
4f21d96ab3
Merge pull request #103 from DeterminateSystems/space-sep
Split flake inputs on spaces instead of commas
2024-05-09 18:14:58 -04:00
Graham Christensen
165ae6e270 space-sep'd inputs 2024-05-09 18:13:24 -04:00
Graham Christensen
bcabaab2f1
Merge pull request #101 from DeterminateSystems/detsys-ts
Convert the Action into TypeScript
2024-05-09 15:50:34 -04:00
Graham Christensen
406a429015 Regenerate 2024-05-09 15:48:13 -04:00
Graham Christensen
28eac596e7 nits on the nits 2024-05-09 15:47:03 -04:00
Graham Christensen
da64c8c904 nits 2024-05-09 15:45:38 -04:00
Graham Christensen
3fa85bcf4c nit: run line 2024-05-09 15:44:43 -04:00
Graham Christensen
d021735a89 space separated options 2024-05-09 15:35:58 -04:00
Graham Christensen
d978837d43 Expose all inputs 2024-05-09 15:35:53 -04:00
Graham Christensen
fc5dacd10b Use nix flake update if no inputs are specified 2024-05-09 14:15:38 -04:00
Graham Christensen
7352b7f36b lockfile-summary, d'oh 2024-05-07 23:03:21 -04:00
Graham Christensen
6d82bce8ec Update detsys-ts 2024-05-07 23:03:12 -04:00
Graham Christensen
8363f28293 Call the node action instead directly 2024-05-07 23:02:56 -04:00
Graham Christensen
1752965d0b Don't cd separately 2024-05-06 16:13:34 -04:00
Luc Perkins
21663d562d
Rename workflow 2024-04-29 10:15:25 -03:00
Luc Perkins
6318aa12c1
Remove now-unnecessary shellcheck check 2024-04-26 14:23:24 -03:00
Luc Perkins
239b4c9810
Add JS-specific bits to Actions 2024-04-26 14:19:53 -03:00
Luc Perkins
539b7a6481
Remove Bash script and do more TS streamlining 2024-04-26 12:10:07 -03:00
Luc Perkins
dde5487502
Finish initial rework into TS 2024-04-26 11:55:19 -03:00
Luc Perkins
502daa7e5e
Construct Nix command 2024-04-21 19:50:32 -03:00
Luc Perkins
b1f8684b21
Update Nix shell and add envrc 2024-04-21 19:42:23 -03:00
Luc Perkins
cf6776dfd1
Add initial JS setup 2024-04-21 19:17:03 -03:00
Ian Cleary
cc5f064749 Update README.md to use actions/checkout@v4 2024-04-08 09:21:10 -07:00
Cole Helbling
a3ccb8f597 Update pedrolamas/handlebars-action to 2.4.0 2024-02-29 07:07:00 -08:00
Cole Helbling
56b3507bfe Update DamianReeves/write-file-action to v1.3 2024-02-28 15:06:00 -08:00
dependabot[bot]
70d01ca550 build(deps): bump pedrolamas/handlebars-action from 2.2.0 to 2.3.0
Bumps [pedrolamas/handlebars-action](https://github.com/pedrolamas/handlebars-action) from 2.2.0 to 2.3.0.
- [Release notes](https://github.com/pedrolamas/handlebars-action/releases)
- [Commits](https://github.com/pedrolamas/handlebars-action/compare/v2.2.0...v2.3.0)

---
updated-dependencies:
- dependency-name: pedrolamas/handlebars-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-02-28 14:55:32 -08:00
dependabot[bot]
96c74d26ed build(deps): bump actions/checkout from 2 to 4
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-02-28 14:55:13 -08:00
dependabot[bot]
0631a12d9a build(deps): bump crazy-max/ghaction-import-gpg from 5 to 6
Bumps [crazy-max/ghaction-import-gpg](https://github.com/crazy-max/ghaction-import-gpg) from 5 to 6.
- [Release notes](https://github.com/crazy-max/ghaction-import-gpg/releases)
- [Commits](https://github.com/crazy-max/ghaction-import-gpg/compare/v5...v6)

---
updated-dependencies:
- dependency-name: crazy-max/ghaction-import-gpg
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-02-28 14:54:51 -08:00