dependabot[bot]
13350e71a1
chore(deps): bump actions/checkout from 6 to 7
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 6 to 7.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v6...v7 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-version: '7'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2026-06-19 11:52:19 +00:00
El RIDO
630886e2c2
harden gihub actions
...
- restrict all default permissions
- content: read is not necessary for public repos
- security-events: write is needed for CodeQL uploads of SARIF reports
- persist-credentials: false prevents any github token to remain configured in the checked out repo (not necessary when not intending to push from the action)
2026-05-25 08:03:43 +02:00
dependabot[bot]
3be3aeb080
Bump actions/checkout from 5 to 6
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 5 to 6.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v5...v6 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-version: '6'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2025-11-21 11:04:46 +00:00
El RIDO
51eff47614
apply explicit permissions as per CodeQL suggestion
...
as per rule ID actions/missing-workflow-permissions
2025-10-10 15:07:44 +02:00
dependabot[bot]
09bab8744f
Bump actions/checkout from 4 to 5
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4 to 5.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v4...v5 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-version: '5'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2025-08-12 17:11:00 +00:00
dependabot[bot]
478b79b7b7
Bump slsa-framework/slsa-github-generator from 2.0.0 to 2.1.0
...
Bumps [slsa-framework/slsa-github-generator](https://github.com/slsa-framework/slsa-github-generator ) from 2.0.0 to 2.1.0.
- [Release notes](https://github.com/slsa-framework/slsa-github-generator/releases )
- [Changelog](https://github.com/slsa-framework/slsa-github-generator/blob/main/CHANGELOG.md )
- [Commits](https://github.com/slsa-framework/slsa-github-generator/compare/v2.0.0...v2.1.0 )
---
updated-dependencies:
- dependency-name: slsa-framework/slsa-github-generator
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2025-02-25 11:57:15 +00:00
dependabot[bot]
ad19f8cfe6
Bump slsa-framework/slsa-github-generator from 1.10.0 to 2.0.0
...
Bumps [slsa-framework/slsa-github-generator](https://github.com/slsa-framework/slsa-github-generator ) from 1.10.0 to 2.0.0.
- [Release notes](https://github.com/slsa-framework/slsa-github-generator/releases )
- [Changelog](https://github.com/slsa-framework/slsa-github-generator/blob/main/CHANGELOG.md )
- [Commits](https://github.com/slsa-framework/slsa-github-generator/compare/v1.10.0...v2.0.0 )
---
updated-dependencies:
- dependency-name: slsa-framework/slsa-github-generator
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-04-23 11:43:14 +00:00
dependabot[bot]
383dbf1c79
Bump slsa-framework/slsa-github-generator from 1.9.0 to 1.10.0
...
Bumps [slsa-framework/slsa-github-generator](https://github.com/slsa-framework/slsa-github-generator ) from 1.9.0 to 1.10.0.
- [Release notes](https://github.com/slsa-framework/slsa-github-generator/releases )
- [Changelog](https://github.com/slsa-framework/slsa-github-generator/blob/main/CHANGELOG.md )
- [Commits](https://github.com/slsa-framework/slsa-github-generator/compare/v1.9.0...v1.10.0 )
---
updated-dependencies:
- dependency-name: slsa-framework/slsa-github-generator
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-03-21 11:46:25 +00:00
El RIDO
826444bef7
fix shasum in release pipeline, hope this fixes #1169
2023-12-09 10:50:49 +01:00
dependabot[bot]
58f919ecdd
Bump actions/checkout from 3 to 4
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-09-22 11:33:49 +00:00
El RIDO
ad50950b3c
Extract latest changelog entry and attach it to draft
2023-09-18 20:50:14 +02:00
El RIDO
73c13af10d
add workflow attaching SLSA provinence to draft release
2023-09-18 20:47:16 +02:00