Sakurai/pdf.js
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
18,340 Commits 1 Branch 80 Tags 254 MiB
933e107073
Commit Graph

7 Commits

Author SHA1 Message Date
dependabot[bot]
2e82d947a6
Bump github/codeql-action from 2 to 3 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2 to 3.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-18 12:39:26 +00:00
dependabot[bot]
48a2c29f98
Bump actions/checkout from 3 to 4 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-04 12:51:59 +00:00
Jonas Jenwald
7c1e505f6a Include the entire git history in the work-flows (issue 16366) 
Without this change we're not able to correctly determine the version number, please refer to https://github.com/actions/checkout#fetch-all-history-for-all-tags-and-branches
 2023-04-29 10:50:37 +02:00
neilnaveen
83ecc3f46c
chore: Set permissions for GitHub actions 
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.

- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)

Signed-off-by: neilnaveen <42328488+neilnaveen@users.noreply.github.com>
 2022-06-25 15:32:33 +02:00
Tim van der Meij
349fc51f2c
Update GitHub Actions workflow steps to the most recent versions 2022-04-02 16:21:43 +02:00
tiziodcaio
1a380b5736
Update Checkout to version 3 
Uses node 16 as default
 2022-03-11 14:35:06 +01:00
Tim van der Meij
574fed2bdf
Improve the code analysis workflow with quality checks 
This allows us to get the quality checks that LGTM does into GitHub
Advanced Security. Since it not only runs security checks anymore, the
workflow is also renamed to CodeQL to make this more explicit (and this
matches the documentation better).
 2021-07-31 15:33:07 +02:00