1
0
Fork 0
Commit Graph

1391 Commits (4498687c5e855a7e61c31c75acb54b1e30e3f3b3)

Author SHA1 Message Date
eggyhead c104cf5dc0
Merge pull request #1713 from actions/eggyhead/fix-tar-ddos-vuln
fixing https://github.com/advisories/GHSA-f5x3-32g6-xq36
2024-04-12 13:41:10 -07:00
Vallie Joseph 4fb4c6ed94 Merge branch 'eggyhead/fix-tar-ddos-vuln' into vmjoseph/update-archiver 2024-04-12 20:31:55 +00:00
eggyhead df5a794b3d fixing new-package script instruction 2024-04-10 21:48:57 +00:00
eggyhead c01bc907ed fixing https://github.com/advisories/GHSA-f5x3-32g6-xq36 2024-04-10 21:30:24 +00:00
Vallie Joseph 222733049e . 2024-04-09 21:22:40 +00:00
Vallie Joseph fa9db3c8fa wrapping timeout in try catch 2024-04-09 21:18:30 +00:00
Vallie Joseph 18a8a22c65 updating upload try catch to always call cleartimeout 2024-04-09 21:05:58 +00:00
Vallie Joseph 425f05e29d moving timer outside of uploadZipToBlobStorage 2024-04-09 21:04:29 +00:00
Vallie Joseph 90fca23920 replacing timeout 2024-04-09 20:51:12 +00:00
Vallie Joseph 0d3d3bbb40 Adding missing progress time 2024-04-09 20:40:08 +00:00
Vallie Joseph 98ce947a6c updating timeout 2024-04-09 19:38:57 +00:00
Vallie Joseph 2ed9516172 updating timeout 2024-04-09 19:24:52 +00:00
Vallie Joseph 4fc93ec115 . 2024-04-09 19:01:54 +00:00
Vallie Joseph 61d6acdeb1 updating test 2024-04-09 18:52:19 +00:00
Vallie Joseph f98ccd1e39 updating tests 2024-04-09 18:21:41 +00:00
Vallie Joseph 7f0a981b2e Revert http 2024-04-09 18:09:34 +00:00
Vallie Joseph 2e7a11c409 upgrading archiver package along with chunk timeout 2024-04-09 18:02:48 +00:00
Brian DeHamer 9ddf153e00
Merge pull request #1701 from actions/bdehamer/attest-v03-bundle
(@actions/attest) generate attestations using v0.3 bundle format
2024-04-03 13:51:26 -07:00
Brian DeHamer f8d95a85df
generate v0.3 bundles in attest package
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2024-04-03 12:12:26 -07:00
Brian DeHamer 59e9d284e9
Merge pull request #1693 from actions/bdehamer/oidc-provenance
(@actions/attest) build provenance statement from OIDC claims
2024-03-28 13:44:22 -07:00
Brian DeHamer 4ce4c767e2
npm audit fix
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2024-03-22 12:44:24 -07:00
Brian DeHamer a0e6af1e53
build provenance stmt from OIDC claims
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2024-03-22 12:34:42 -07:00
Bethany ef77c9d60b
Merge pull request #1683 from Smeb/fix-1579
fix #1579: add test to check getCacheVersion does not mutate arguments
2024-03-07 10:48:45 -05:00
Smeb 8fee77b04b fix #1579: add test to check getCacheVersion does not mutate arguments 2024-03-07 16:23:04 +01:00
Luke Tomlinson b807fc9c54
Update http-client to 2.2.1 (#1679) 2024-03-01 15:09:37 -05:00
Bethany 55c7a1e03d
Merge pull request #1678 from actions/bethanyj28/logging
Add info level logging for zip extract
2024-03-01 13:09:41 -05:00
bethanyj28 4799020e28 bump version 2024-03-01 13:04:16 -05:00
bethanyj28 bb420e4681 add info level logging for zip extract 2024-03-01 12:54:40 -05:00
Bethany 0c735ba79d
Merge pull request #1677 from actions/bethanyj28/update-releases
Flip releases update order
2024-02-29 12:01:04 -05:00
Bethany e918bf24ae
Update RELEASES.md 2024-02-29 10:41:57 -05:00
Bethany eea6b7f517
Update RELEASES.md 2024-02-29 10:40:22 -05:00
teatimeguest ff435e591d
Make sure RequestOptions.keepAlive is applied properly on node20 runtime (#1572) 2024-02-28 12:10:57 -05:00
Bethany df3315bbea
Merge pull request #1676 from actions/bethanyj28/flip-releases
Flip releases order
2024-02-28 10:46:45 -05:00
Bethany b7770574c2
flip releases order 2024-02-28 10:35:01 -05:00
Brian DeHamer 29bf378d97
Merge pull request #1675 from actions/provenance-permissions
fix permissions for release workflow
2024-02-26 11:40:12 -08:00
Brian DeHamer 68b042febd
fix permissions for release workflow
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2024-02-26 11:32:45 -08:00
Brian DeHamer c366a07d62
Merge pull request #1672 from actions/attest-v1.0.0
bump @actions/attest to 1.0.0
2024-02-26 11:13:48 -08:00
Brian DeHamer 9e5eb95517
Merge pull request #1674 from actions/npm-provenance
publish npm packages with build provenance
2024-02-26 11:13:32 -08:00
Brian DeHamer 7f96bd610d
publish npm packages with build provenance
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2024-02-26 10:42:33 -08:00
Thomas Boop 8f53a1d37f
Update CODEOWNERS (#1673) 2024-02-26 13:31:23 -05:00
Brian DeHamer 37a562b194
bump @actions/attest to 1.0.0
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2024-02-26 10:21:47 -08:00
Brian DeHamer ad1f156c7c
Merge pull request #1667 from actions/bdehamer/attest
add new @actions/attest package
2024-02-26 10:15:14 -08:00
Brian DeHamer 6079dea4c4
add new @actions/attest package
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2024-02-26 08:52:20 -08:00
Bethany 437f2be56d
Merge pull request #1671 from actions/bethanyj28/update-version
Update artifacts to 2.1.3
2024-02-26 10:24:29 -05:00
bethanyj28 97c606b612 update to 2.1.3 2024-02-26 10:18:02 -05:00
Bethany 5a7faf0eb5
Merge pull request #1670 from actions/bethanyj28/fix-callback
Ensure callback is only called once
2024-02-26 10:04:37 -05:00
bethanyj28 dcc55dfd04 feedback 2024-02-26 09:56:00 -05:00
bethanyj28 902046e4d8 ensure callback is only called once 2024-02-26 09:36:35 -05:00
Bethany 88f7a7bc65
Merge pull request #1666 from actions/bethanyj28/download-path
Use `unzip.Parse` over `unzip.Extract`
2024-02-23 16:22:24 -05:00
bethanyj28 6cf4fbcef8 add a comment 2024-02-23 15:33:24 -05:00