| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2025-09-27 | ci: improve security in project.yml workflow (#13329) | Marc Cornellà | |
| There is no inherent security vulnerability in the workflow, but there were certain practices that increased latent risk. In this commit, we: - Explicitly bind app token for each step that needs it, instead of setting it for all steps after "Store app token" - Refactor "classify" step, to not rely on files passed around, and instead uses only awk script. - Remove all instances of template injection within `run` scripts. There was nothing dangerous, but the practice is unsafe. - Sanitize all unwanted characters from PR plugin and theme names. References: W2M1-06 W2M1-07 | |||
| 2025-09-19 | ci: Harden GitHub Actions [StepSecurity] (#13318) | StepSecurity Bot | |
| 2025-07-28 | ci: use `actions/create-github-app-token` (#13233) | Carlo Sala | |
| 2023-12-28 | ci(project): use ohmyzsh's bot credentials | Carlo Sala | |
| 2022-11-04 | ci: fix update of plugin or theme fields | Marc Cornellà | |
| See [1] for the reference of value field (ProjectV2FieldValue type), and [2] for sample application code. [1] https://docs.github.com/en/graphql/reference/input-objects#projectv2fieldvalue [2] https://docs.github.com/en/enterprise-cloud@latest/issues/planning-and-tracking-with-projects/automating-your-project/automating-projects-using-actions#example-workflow-authenticating-with-a-github-app | |||
| 2022-11-03 | ci: migrate to ProjectV2 GraphQL API (#11311) | Lennart Ochel | |
| 2022-10-07 | ci: harden permissions for GitHub Workflows (#11174) | Alex | |
| * build: harden main.yml permissions Signed-off-by: Alex <aleksandrosansan@gmail.com> * build: harden project.yml permissions Signed-off-by: Alex <aleksandrosansan@gmail.com> * Update project.yml The permissions are not necessary, because a separate token is used `GITHUB_TOKEN: ${{ secrets.PROJECT_TOKEN }}` | |||
| 2022-04-04 | ci(project): sort issues and PRs when reopened | Marc Cornellà | |
| 2022-02-21 | ci: cancel current runs on new trigger | Marc Cornellà | |
| 2022-01-11 | ci(project): fix .list files not found error | Marc Cornellà | |
| 2022-01-10 | ci(project): fix `gh pr view` call to use ohmyzsh repository | Marc Cornellà | |
| 2022-01-03 | ci: disable GitHub Actions on forks | Marc Cornellà | |
| 2022-01-03 | chore: simplify project GitHub Action | Marc Cornellà | |
| 2022-01-03 | chore: simplify `GITHUB_TOKEN` env in project GitHub Action | Marc Cornellà | |
| 2022-01-02 | chore: I'm dumb af | Marc Cornellà | |
| 2022-01-02 | chore: let's try again | Marc Cornellà | |
| 2022-01-02 | chore: look ma no auth! | Marc Cornellà | |
| 2022-01-02 | chore: please work | Marc Cornellà | |
| 2022-01-02 | chore: fix auth in Project tracking Action | Marc Cornellà | |
| 2022-01-02 | chore: use GITHUB_TOKEN auth for Project Beta GitHub Action | Marc Cornellà | |
| 2022-01-02 | chore: add Projects Beta GitHub Action | Marc Cornellà | |
 |
index : zsh.git | |
| Unnamed repository; edit this file 'description' to name the repository. |
| summaryrefslogtreecommitdiff |