public-mirrors
/
composer
mirror of https://github.com/composer/composer
1
0
Fork 0
Code
12,655 Commits
3 Branches
209 Tags
54 MiB
Commit Graph

15 Commits (2645d080b5dde3c90514fd51e174c1efcd397dcd)

Author SHA1 Message Date
Tim Düsterhus 089972db87
Generate build provenance attestation during release 
This will simplify secure installation of composer in GitHub Actions to two
calls to `gh` cli with no need to manually import any PGP signing keys:

    gh release --repo composer/composer download --pattern composer.phar
    gh attestation verify --repo composer/composer composer.phar

Given that the current PGP signing key is stored as a GitHub Action secret,
this type of attestation is no less secure than the existing PGP signing.
 2025-01-08 15:46:13 +01:00
dependabot[bot] d463df1021
Bump actions/github-script from 6 to 7 (#11718) 
Bumps [actions/github-script](https://github.com/actions/github-script) from 6 to 7.
- [Release notes](https://github.com/actions/github-script/releases)
- [Commits](https://github.com/actions/github-script/compare/v6...v7)

---
updated-dependencies:
- dependency-name: actions/github-script
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-08 18:25:33 +01:00
dependabot[bot] 77de19dcaa
Bump actions/checkout from 3 to 4 (#11621) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-09-07 14:47:04 +02:00
Alex a1bc424a06
Update release.yml 2022-08-30 14:03:38 +02:00
Jordi Boggiano 99255d3d85
Build releases with 8.1 2022-07-01 12:22:11 +02:00
jrfnl dca2d49d0c
GH Actions: version update for various predefined actions 
A number of predefined actions have had major release, which warrant an update to the workflow(s).

These updates don't actually contain any changed functionality, they are mostly just a change of the Node version used by the action itself (from Node 14 to Node 16).

Refs:
* https://github.com/actions/checkout/releases

P.S.: looks like there are some more actions in use which have had new major releases. As those actually _do_ contain changed functionality, I've excluded the others from this PR.
 2022-03-15 12:49:38 +01:00
Andreas Möller 58deb39029
Enhancement: Update actions/github-script (#10612) 2022-03-15 10:22:01 +01:00
Jordi Boggiano 4f2e0de726
Merge branch '1.10' into 2.0 2021-03-09 15:28:03 +01:00
Jordi Boggiano 06003f4da6
Update release step to use php8 as it produces slightly different output wrt white-space, fixes #9746 2021-03-09 15:27:35 +01:00
Jordi Boggiano 44dc3c27aa
Try and sign phars on releases, refs #5155 2020-10-27 16:18:55 +01:00
Rob Bast 11892070d1
Create an issue @ Docker repository on tag 2020-07-16 14:48:16 +02:00
Rob Bast 351dcd1c64
Create an issue @ Docker repository on tag 2020-06-29 14:22:11 +02:00
Jordi Boggiano 9a0e6e6885
Fix build 2020-04-22 09:31:04 +02:00
Jordi Boggiano ac3fcfc9ec
Fix build 2020-04-22 09:30:34 +02:00
Jordi Boggiano a849e2b244
Add linting, php8, release builds to github actions 2020-04-22 09:27:58 +02:00