dependabot[bot]
13350e71a1
chore(deps): bump actions/checkout from 6 to 7
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 6 to 7.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v6...v7 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-version: '7'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2026-06-19 11:52:19 +00:00
El RIDO
630886e2c2
harden gihub actions
...
- restrict all default permissions
- content: read is not necessary for public repos
- security-events: write is needed for CodeQL uploads of SARIF reports
- persist-credentials: false prevents any github token to remain configured in the checked out repo (not necessary when not intending to push from the action)
2026-05-25 08:03:43 +02:00
dependabot[bot]
3be3aeb080
Bump actions/checkout from 5 to 6
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 5 to 6.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v5...v6 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-version: '6'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2025-11-21 11:04:46 +00:00
El RIDO
51eff47614
apply explicit permissions as per CodeQL suggestion
...
as per rule ID actions/missing-workflow-permissions
2025-10-10 15:07:44 +02:00
El RIDO
ee531a0b81
update codeql actions to release 4 (node 24) and enable github action scanning
2025-10-08 08:45:06 +02:00
dependabot[bot]
09bab8744f
Bump actions/checkout from 4 to 5
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4 to 5.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v4...v5 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-version: '5'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2025-08-12 17:11:00 +00:00
dependabot[bot]
03e3e4fa06
Bump github/codeql-action from 2 to 3
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2 to 3.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-12-14 11:52:46 +00:00
dependabot[bot]
5bd2eb97e6
Bump actions/checkout from 3 to 4
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-09-05 11:13:01 +00:00
dependabot[bot]
b6f35fc8ab
Bump actions/checkout from 2 to 3
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-06-10 03:02:26 +00:00
dependabot[bot]
86794be1c4
Bump github/codeql-action from 1 to 2
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 1 to 2.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v1...v2 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-06-10 02:59:19 +00:00
rugk
156155663d
Create codeql-analysis.yml
...
Only supports JS for now.
I've removed the build step, because welł… our JS is already "built".
2021-01-26 16:37:53 +01:00