eggyhead
|
c104cf5dc0
|
Merge pull request #1713 from actions/eggyhead/fix-tar-ddos-vuln
fixing https://github.com/advisories/GHSA-f5x3-32g6-xq36
|
2024-04-12 13:41:10 -07:00 |
eggyhead
|
df5a794b3d
|
fixing new-package script instruction
|
2024-04-10 21:48:57 +00:00 |
eggyhead
|
c01bc907ed
|
fixing https://github.com/advisories/GHSA-f5x3-32g6-xq36
|
2024-04-10 21:30:24 +00:00 |
Brian DeHamer
|
9ddf153e00
|
Merge pull request #1701 from actions/bdehamer/attest-v03-bundle
(@actions/attest) generate attestations using v0.3 bundle format
|
2024-04-03 13:51:26 -07:00 |
Brian DeHamer
|
f8d95a85df
|
generate v0.3 bundles in attest package
Signed-off-by: Brian DeHamer <bdehamer@github.com>
|
2024-04-03 12:12:26 -07:00 |
Brian DeHamer
|
59e9d284e9
|
Merge pull request #1693 from actions/bdehamer/oidc-provenance
(@actions/attest) build provenance statement from OIDC claims
|
2024-03-28 13:44:22 -07:00 |
Brian DeHamer
|
4ce4c767e2
|
npm audit fix
Signed-off-by: Brian DeHamer <bdehamer@github.com>
|
2024-03-22 12:44:24 -07:00 |
Brian DeHamer
|
a0e6af1e53
|
build provenance stmt from OIDC claims
Signed-off-by: Brian DeHamer <bdehamer@github.com>
|
2024-03-22 12:34:42 -07:00 |
Bethany
|
ef77c9d60b
|
Merge pull request #1683 from Smeb/fix-1579
fix #1579: add test to check getCacheVersion does not mutate arguments
|
2024-03-07 10:48:45 -05:00 |
Smeb
|
8fee77b04b
|
fix #1579: add test to check getCacheVersion does not mutate arguments
|
2024-03-07 16:23:04 +01:00 |
Luke Tomlinson
|
b807fc9c54
|
Update http-client to 2.2.1 (#1679)
|
2024-03-01 15:09:37 -05:00 |
Bethany
|
55c7a1e03d
|
Merge pull request #1678 from actions/bethanyj28/logging
Add info level logging for zip extract
|
2024-03-01 13:09:41 -05:00 |
bethanyj28
|
4799020e28
|
bump version
|
2024-03-01 13:04:16 -05:00 |
bethanyj28
|
bb420e4681
|
add info level logging for zip extract
|
2024-03-01 12:54:40 -05:00 |
Bethany
|
0c735ba79d
|
Merge pull request #1677 from actions/bethanyj28/update-releases
Flip releases update order
|
2024-02-29 12:01:04 -05:00 |
Bethany
|
e918bf24ae
|
Update RELEASES.md
|
2024-02-29 10:41:57 -05:00 |
Bethany
|
eea6b7f517
|
Update RELEASES.md
|
2024-02-29 10:40:22 -05:00 |
teatimeguest
|
ff435e591d
|
Make sure RequestOptions.keepAlive is applied properly on node20 runtime (#1572)
|
2024-02-28 12:10:57 -05:00 |
Bethany
|
df3315bbea
|
Merge pull request #1676 from actions/bethanyj28/flip-releases
Flip releases order
|
2024-02-28 10:46:45 -05:00 |
Bethany
|
b7770574c2
|
flip releases order
|
2024-02-28 10:35:01 -05:00 |
Brian DeHamer
|
29bf378d97
|
Merge pull request #1675 from actions/provenance-permissions
fix permissions for release workflow
|
2024-02-26 11:40:12 -08:00 |
Brian DeHamer
|
68b042febd
|
fix permissions for release workflow
Signed-off-by: Brian DeHamer <bdehamer@github.com>
|
2024-02-26 11:32:45 -08:00 |
Brian DeHamer
|
c366a07d62
|
Merge pull request #1672 from actions/attest-v1.0.0
bump @actions/attest to 1.0.0
|
2024-02-26 11:13:48 -08:00 |
Brian DeHamer
|
9e5eb95517
|
Merge pull request #1674 from actions/npm-provenance
publish npm packages with build provenance
|
2024-02-26 11:13:32 -08:00 |
Brian DeHamer
|
7f96bd610d
|
publish npm packages with build provenance
Signed-off-by: Brian DeHamer <bdehamer@github.com>
|
2024-02-26 10:42:33 -08:00 |
Thomas Boop
|
8f53a1d37f
|
Update CODEOWNERS (#1673)
|
2024-02-26 13:31:23 -05:00 |
Brian DeHamer
|
37a562b194
|
bump @actions/attest to 1.0.0
Signed-off-by: Brian DeHamer <bdehamer@github.com>
|
2024-02-26 10:21:47 -08:00 |
Brian DeHamer
|
ad1f156c7c
|
Merge pull request #1667 from actions/bdehamer/attest
add new @actions/attest package
|
2024-02-26 10:15:14 -08:00 |
Brian DeHamer
|
6079dea4c4
|
add new @actions/attest package
Signed-off-by: Brian DeHamer <bdehamer@github.com>
|
2024-02-26 08:52:20 -08:00 |
Bethany
|
437f2be56d
|
Merge pull request #1671 from actions/bethanyj28/update-version
Update artifacts to 2.1.3
|
2024-02-26 10:24:29 -05:00 |
bethanyj28
|
97c606b612
|
update to 2.1.3
|
2024-02-26 10:18:02 -05:00 |
Bethany
|
5a7faf0eb5
|
Merge pull request #1670 from actions/bethanyj28/fix-callback
Ensure callback is only called once
|
2024-02-26 10:04:37 -05:00 |
bethanyj28
|
dcc55dfd04
|
feedback
|
2024-02-26 09:56:00 -05:00 |
bethanyj28
|
902046e4d8
|
ensure callback is only called once
|
2024-02-26 09:36:35 -05:00 |
Bethany
|
88f7a7bc65
|
Merge pull request #1666 from actions/bethanyj28/download-path
Use `unzip.Parse` over `unzip.Extract`
|
2024-02-23 16:22:24 -05:00 |
bethanyj28
|
6cf4fbcef8
|
add a comment
|
2024-02-23 15:33:24 -05:00 |
bethanyj28
|
7fa864a4f4
|
go back to normalize)
|
2024-02-23 15:28:25 -05:00 |
Bethany
|
f77cbc9ef7
|
Update packages/artifact/src/internal/download/download-artifact.ts
Co-authored-by: Tingluo Huang <tingluohuang@github.com>
|
2024-02-23 15:20:01 -05:00 |
bethanyj28
|
8a1800c5da
|
use resolve instead of normalize
|
2024-02-23 15:15:17 -05:00 |
bethanyj28
|
90894a8853
|
bump version
|
2024-02-23 15:03:09 -05:00 |
bethanyj28
|
614f27a4fb
|
use stream transform
|
2024-02-23 14:34:39 -05:00 |
bethanyj28
|
ac84a9bee3
|
re-add noop logs and format + lint
|
2024-02-23 13:46:22 -05:00 |
bethanyj28
|
4256ea99c5
|
update test case and handling
|
2024-02-23 13:41:40 -05:00 |
bethanyj28
|
76489f433b
|
attempt with comparing index
|
2024-02-23 11:59:36 -05:00 |
bethanyj28
|
e9005f7727
|
ensure no path traversal
|
2024-02-23 10:54:12 -05:00 |
bethanyj28
|
8d03fb4787
|
prettier
|
2024-02-23 08:46:56 -05:00 |
bethanyj28
|
d3301c9bc2
|
update path parsing
|
2024-02-23 08:42:23 -05:00 |
bethanyj28
|
1e326de474
|
use existing function
|
2024-02-23 08:28:37 -05:00 |
bethanyj28
|
83731e6528
|
remove awaits from on entry
|
2024-02-22 22:06:32 -05:00 |
bethanyj28
|
a24b9c0184
|
handle directories
|
2024-02-22 21:54:54 -05:00 |