Commit Graph

10 Commits

Author SHA1 Message Date
dependabot[bot] f9daf091d7 Bump the github-actions group across 1 directory with 3 updates (#2856)
Bumps the github-actions group with 3 updates in the / directory: [ruby/setup-ruby](https://github.com/ruby/setup-ruby), [docker/login-action](https://github.com/docker/login-action) and [docker/build-push-action](https://github.com/docker/build-push-action).


Updates `ruby/setup-ruby` from 1.295.0 to 1.300.0
- [Release notes](https://github.com/ruby/setup-ruby/releases)
- [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb)
- [Commits](https://github.com/ruby/setup-ruby/compare/319994f95fa847cf3fb3cd3dbe89f6dcde9f178f...e65c17d16e57e481586a6a5a0282698790062f92)

Updates `docker/login-action` from 4.0.0 to 4.1.0
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/b45d80f862d83dbcd57f89517bcf500b2ab88fb2...4907a6ddec9925e35a0a9e82d7399ccc52663121)

Updates `docker/build-push-action` from 7.0.0 to 7.1.0
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/d08e5c354a6adb9ed34480a06d141179aa583294...bcafcacb16a39f128d818304e6c9c0c18556b85f)

---
updated-dependencies:
- dependency-name: ruby/setup-ruby
  dependency-version: 1.300.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: docker/login-action
  dependency-version: 4.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: docker/build-push-action
  dependency-version: 7.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-18 17:04:01 -07:00
Mike Dalessio fa12aca387 ci: update pinned github versions (minor bump) 2026-03-17 18:08:11 -04:00
Mike Dalessio 58f94b0cc1 ci: add job to lint github actions
using zizmor
2026-03-17 18:08:09 -04:00
Mike Dalessio bc6703b0df ci: disable credential persistence after checkout
suppress artipacked warning in dependabot lockfile sync workflow
2026-03-17 17:57:34 -04:00
Mike Dalessio 463f289072 ci: pin github actions
using `pinact`
2026-03-17 17:19:37 -04:00
Jeremy Daer 586015c3f9 Bundle drift detection and correction (#2101)
Gemfile.saas evals Gemfile, so shared gems should have identical versions
in both lockfiles. This adds bin/bundle-drift to detect and fix drift:

* `bin/bundle-drift check` compares shared gem versions
* `bin/bundle-drift correct` seeds Gemfile.lock from Gemfile.saas.lock
  and re-locks, letting Bundler prune SaaS-only gems while preserving
  shared versions

Adds drift check to bin/ci and GitHub CI. Corrects existing drift.
2025-12-11 21:32:34 -08:00
dependabot[bot] ef538abb4f Bump actions/checkout from 4 to 6 (#2047)
Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 6.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v4...v6)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-10 13:25:42 -08:00
Jeremy Daer bc1075f194 GitHub actions: limit GITHUB_TOKEN permissions (#1933) 2025-12-04 11:05:50 -08:00
Jorge Manrubia 15e654b526 Checks only in PRs 2025-11-28 15:53:58 +01:00
Jorge Manrubia f174058f43 Extract common checks to its own workflow to only run once 2025-11-28 15:53:58 +01:00