dependabot[bot]
f9daf091d7
Bump the github-actions group across 1 directory with 3 updates ( #2856 )
...
Bumps the github-actions group with 3 updates in the / directory: [ruby/setup-ruby](https://github.com/ruby/setup-ruby ), [docker/login-action](https://github.com/docker/login-action ) and [docker/build-push-action](https://github.com/docker/build-push-action ).
Updates `ruby/setup-ruby` from 1.295.0 to 1.300.0
- [Release notes](https://github.com/ruby/setup-ruby/releases )
- [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb )
- [Commits](https://github.com/ruby/setup-ruby/compare/319994f95fa847cf3fb3cd3dbe89f6dcde9f178f...e65c17d16e57e481586a6a5a0282698790062f92 )
Updates `docker/login-action` from 4.0.0 to 4.1.0
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](https://github.com/docker/login-action/compare/b45d80f862d83dbcd57f89517bcf500b2ab88fb2...4907a6ddec9925e35a0a9e82d7399ccc52663121 )
Updates `docker/build-push-action` from 7.0.0 to 7.1.0
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](https://github.com/docker/build-push-action/compare/d08e5c354a6adb9ed34480a06d141179aa583294...bcafcacb16a39f128d818304e6c9c0c18556b85f )
---
updated-dependencies:
- dependency-name: ruby/setup-ruby
dependency-version: 1.300.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: github-actions
- dependency-name: docker/login-action
dependency-version: 4.1.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: github-actions
- dependency-name: docker/build-push-action
dependency-version: 7.1.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: github-actions
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-18 17:04:01 -07:00
Mike Dalessio
fa12aca387
ci: update pinned github versions (minor bump)
2026-03-17 18:08:11 -04:00
Mike Dalessio
58f94b0cc1
ci: add job to lint github actions
...
using zizmor
2026-03-17 18:08:09 -04:00
Mike Dalessio
bc6703b0df
ci: disable credential persistence after checkout
...
suppress artipacked warning in dependabot lockfile sync workflow
2026-03-17 17:57:34 -04:00
Mike Dalessio
463f289072
ci: pin github actions
...
using `pinact`
2026-03-17 17:19:37 -04:00
Jeremy Daer
586015c3f9
Bundle drift detection and correction ( #2101 )
...
Gemfile.saas evals Gemfile, so shared gems should have identical versions
in both lockfiles. This adds bin/bundle-drift to detect and fix drift:
* `bin/bundle-drift check` compares shared gem versions
* `bin/bundle-drift correct` seeds Gemfile.lock from Gemfile.saas.lock
and re-locks, letting Bundler prune SaaS-only gems while preserving
shared versions
Adds drift check to bin/ci and GitHub CI. Corrects existing drift.
2025-12-11 21:32:34 -08:00
dependabot[bot]
ef538abb4f
Bump actions/checkout from 4 to 6 ( #2047 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4 to 6.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v4...v6 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-version: '6'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-10 13:25:42 -08:00
Jeremy Daer
bc1075f194
GitHub actions: limit GITHUB_TOKEN permissions ( #1933 )
2025-12-04 11:05:50 -08:00
Jorge Manrubia
15e654b526
Checks only in PRs
2025-11-28 15:53:58 +01:00
Jorge Manrubia
f174058f43
Extract common checks to its own workflow to only run once
2025-11-28 15:53:58 +01:00