Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SEC-090: Automated trusted workflow pinning (2024-11-04) #5226

Merged
merged 1 commit into from
Nov 25, 2024
Merged

SEC-090: Automated trusted workflow pinning (2024-11-04) #5226

merged 1 commit into from
Nov 25, 2024

Conversation

hashicorp-tsccr[bot]
Copy link
Contributor

@hashicorp-tsccr hashicorp-tsccr bot commented Nov 4, 2024
edited by moduli
Loading

Bumping GitHub Actions version to latest TSCCR release.

  • changes in .github/workflows/actionlint.yml
  • changes in .github/workflows/backport.yml
  • changes in .github/workflows/build.yml
  • changes in .github/workflows/enos-fmt.yml
  • changes in .github/workflows/enos-run.yml
  • changes in .github/workflows/fuzz.yml
  • changes in .github/workflows/linting.yml
  • changes in .github/workflows/make-gen-delta.yml
  • changes in .github/workflows/schema-diff.yml
  • changes in .github/workflows/security-scan.yml
    • bump actions/checkout from v4.1.7 to v4.2.2 (release notes)
    • bump actions/setup-go from v5.0.2 to v5.1.0 (release notes)
    • bump actions/setup-python from v5.2.0 to v5.3.0 (release notes)
    • bump actions/checkout from v4.1.7 to v4.2.2 (release notes)
    • bump github/codeql-action/upload-sarif from codeql-bundle-v2.19.0 to codeql-bundle-v2.19.2 (release notes)
  • changes in .github/workflows/test-ci-bootstrap-oss.yml
  • changes in .github/workflows/test-ci-cleanup-oss.yml
  • changes in .github/workflows/test-cli-ui_oss.yml
  • changes in .github/workflows/test-race.yml
  • changes in .github/workflows/test-sql.yml
  • changes in .github/workflows/test.yml
  • changes in .github/workflows/trigger-merge-to-downstream.yml

This PR was auto-generated by security-tsccr/actions/runs/11625103651

You can alter the configuration of this automation via the hcl config in security-tsccr/automation

This PR can be regenerated by dispatching the GitHub workflow Pin Action Refs. Please reach out to #team-prodsec if you have any questions.

https://hashicorp.atlassian.net/browse/ICU-15659

@hashicorp-tsccr hashicorp-tsccr bot requested a review from a team as a code owner November 4, 2024 18:44
@hashicorp-tsccr hashicorp-tsccr bot added the SEC-090/Pinning/Trusted Automated TSCCR pinning PR to trusted SHAs. label Nov 4, 2024
@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 4, 2024

Database schema diff between main and tsccr-auto-pinning/trusted/2024-11-04 @ ad528e6

To understand how these diffs are generated and some limitations see the
documentation of the script.

Functions

Unchanged

Tables

Unchanged

Views

Unchanged

Triggers

Unchanged

Indexes

Unchanged

Constraints

Unchanged

Foreign Key Constraints

Unchanged

@moduli moduli added the pr/no-milestone Ignores the Milestone Check label Nov 12, 2024
@moduli moduli merged commit 69b60c8 into main Nov 25, 2024
67 of 70 checks passed
@moduli moduli deleted the tsccr-auto-pinning/trusted/2024-11-04 branch November 25, 2024 20:09
@moduli moduli mentioned this pull request Jan 3, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@moduli moduli moduli approved these changes

Assignees
No one assigned
Labels
pr/no-milestone Ignores the Milestone Check SEC-090/Pinning/Trusted Automated TSCCR pinning PR to trusted SHAs.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@moduli