Commit Graph

9 Commits

Author SHA1 Message Date
Mike Dalessio fa12aca387 ci: update pinned github versions (minor bump) 2026-03-17 18:08:11 -04:00
Mike Dalessio bc6703b0df ci: disable credential persistence after checkout
suppress artipacked warning in dependabot lockfile sync workflow
2026-03-17 17:57:34 -04:00
Mike Dalessio 310e271908 ci: suppress zizmor secrets-outside-env in test workflow 2026-03-17 17:57:34 -04:00
Mike Dalessio 463f289072 ci: pin github actions
using `pinact`
2026-03-17 17:19:37 -04:00
Mike Dalessio 6a244b17e6 Use new FIZZY_GH_TOKEN with limited access
because this is a public repo and so doesn't have access to the
private org secret GH_TOKEN anymore.
2025-12-12 13:04:26 -05:00
dependabot[bot] ef538abb4f Bump actions/checkout from 4 to 6 (#2047)
Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 6.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v4...v6)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-10 13:25:42 -08:00
Jeremy Daer bc1075f194 GitHub actions: limit GITHUB_TOKEN permissions (#1933) 2025-12-04 11:05:50 -08:00
Jorge Manrubia e15c4987c1 Remove saas from matrix or it will always run 2025-11-28 15:53:58 +01:00
Jorge Manrubia f174058f43 Extract common checks to its own workflow to only run once 2025-11-28 15:53:58 +01:00