dependabot[bot]
|
f30a64c1bf
|
chore(deps): bump peter-evans/create-pull-request from 3.10.0 to 4.0.2 (#6087)
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 3.10.0 to 4.0.2.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](9825ae65b1...bd72e1b792)
---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2022-04-19 15:30:27 -07:00 |
|
Naveen
|
e0d81ef03d
|
chore: Set permissions for GitHub actions (#6077)
- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.
Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
|
2022-04-18 08:59:51 -07:00 |
|
Aaron Dodson
|
8d33869a4a
|
Gzip build output files in update_metadata.sh instead of update_metadata.yml.
|
2021-07-14 10:58:08 -07:00 |
|
Aaron Dodson
|
1fd4b9bb21
|
Calculate metadata size from freshly-built and gzipped Blockly.
|
2021-07-13 08:43:52 -07:00 |
|
Aaron Dodson
|
80d0314ca2
|
Added script and workflow to automatically update build artifact sizes in check_metadata.sh
|
2021-07-12 13:37:25 -07:00 |
|