Mike Dalessio
fa12aca387
ci: update pinned github versions (minor bump)
2026-03-17 18:08:11 -04:00
Mike Dalessio
58f94b0cc1
ci: add job to lint github actions
...
using zizmor
2026-03-17 18:08:09 -04:00
Mike Dalessio
bc6703b0df
ci: disable credential persistence after checkout
...
suppress artipacked warning in dependabot lockfile sync workflow
2026-03-17 17:57:34 -04:00
Mike Dalessio
463f289072
ci: pin github actions
...
using `pinact`
2026-03-17 17:19:37 -04:00
Jeremy Daer
586015c3f9
Bundle drift detection and correction ( #2101 )
...
Gemfile.saas evals Gemfile, so shared gems should have identical versions
in both lockfiles. This adds bin/bundle-drift to detect and fix drift:
* `bin/bundle-drift check` compares shared gem versions
* `bin/bundle-drift correct` seeds Gemfile.lock from Gemfile.saas.lock
and re-locks, letting Bundler prune SaaS-only gems while preserving
shared versions
Adds drift check to bin/ci and GitHub CI. Corrects existing drift.
2025-12-11 21:32:34 -08:00
dependabot[bot]
ef538abb4f
Bump actions/checkout from 4 to 6 ( #2047 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4 to 6.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v4...v6 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-version: '6'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-10 13:25:42 -08:00
Jeremy Daer
bc1075f194
GitHub actions: limit GITHUB_TOKEN permissions ( #1933 )
2025-12-04 11:05:50 -08:00
Jorge Manrubia
15e654b526
Checks only in PRs
2025-11-28 15:53:58 +01:00
Jorge Manrubia
f174058f43
Extract common checks to its own workflow to only run once
2025-11-28 15:53:58 +01:00