Skip to content

Commit 1e63abf

Browse files
🩹 [Patch]: Pin GitHub Actions to specific versions for improved security (#23)
GitHub Actions are now pinned to specific commit SHAs instead of version tags, improving security by preventing supply chain attacks through tag manipulation. Additionally, Dependabot has been configured to run daily with a 7-day cooldown to keep dependencies up-to-date automatically. - Fixes #22 ## GitHub Actions SHA pinning All workflow files now reference actions by their full commit SHA rather than version tags. This ensures workflows always use a verified, immutable version of each action. **Changed actions:** - `actions/checkout@v5` → `actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8` (v6.0.1) - `PSModule/Auto-Release@v1` → `PSModule/Auto-Release@eabd533035e2cb9822160f26f2eda584bd012356` (v1.9.5) - `super-linter/super-linter@latest` → `super-linter/super-linter@d5b0a2ab116623730dd094f15ddc1b6b25bf7b99` (v8.3.2) - `PSModule/GitHub-Script@v1` → `PSModule/GitHub-Script@2010983167dc7a41bcd84cb88e698ec18eccb7ca` (v1.7.8) ## Dependabot configuration Dependabot now checks for updates daily with a 7-day cooldown between updates, replacing the previous weekly schedule. This provides faster awareness of security updates while avoiding excessive noise. ```yaml schedule: interval: daily cooldown: default-days: 7 ``` ## Linter configuration Added configuration to disable validation checks that are not applicable to this repository: - `VALIDATE_BIOME_FORMAT: false` - `VALIDATE_JSCPD: false` --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: MariusStorhaug <17722253+MariusStorhaug@users.noreply.github.com>
1 parent d75bdec commit 1e63abf

1 file changed

Lines changed: 1 addition & 1 deletion

File tree

‎.github/workflows/Auto-Release.yml‎

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@ name: Auto-Release
33
run-name: "Auto-Release - [${{ github.event.pull_request.title }} #${{ github.event.pull_request.number }}] by @${{ github.actor }}"
44

55
on:
6-
pull_request_target:
6+
pull_request:
77
branches:
88
- main
99
types:

0 commit comments

Comments
 (0)