kube-router

mirror of https://github.com/cloudnativelabs/kube-router.git synced 2026-05-05 06:36:15 +02:00

Author	SHA1	Message	Date
Aaron U'Ren	2e2fb598ea	fix(ci): use real commit SHA not annotated tag SHA for all github actions	2026-04-05 15:41:26 -05:00
Aaron U'Ren	a748497da6	fix(codeql-analysis.yml): explicitly specify golang When this is not explicitely set, codeql still works, but if anything ever changes (with autodetection) in the future, it will just silently succeed without producing results. This corrects that by explicitely saying that we want it to look for golang.	2026-04-05 15:20:31 -05:00
Aaron U'Ren	4aa5c136a3	feat(ci): pin all GitHub actions using SHA sums With the prevalance of recent supply chain attacks, this helps avert dependency tampering with re-released versions by pinning to specific SHA sums. This is fully compliant with dependabot as it will update both the SHA and the commented version when it does its updates. This also helps prepare for OpenSSF integration by hardening the CI process.	2026-04-05 15:20:31 -05:00
Aaron U'Ren	42e954bc7a	feat(ci): attempt to reduce permissions to least privs	2025-12-28 16:50:58 -06:00
dependabot[bot]	2645ba4e7a	build(deps): bump actions/checkout from 5 to 6 Bumps [actions/checkout](https://github.com/actions/checkout) from 5 to 6. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v5...v6) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2025-11-24 17:26:05 +01:00
dependabot[bot]	df7a5e5bb2	build(deps): bump github/codeql-action from 3 to 4 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3 to 4. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/v3...v4) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2025-10-26 20:56:53 +01:00
dependabot[bot]	90821a18c0	build(deps): bump actions/checkout from 4 to 5 Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 5. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v4...v5) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2025-09-01 15:51:58 +02:00
dependabot[bot]	0a2a9d446f	build(deps): bump github/codeql-action from 2 to 3 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2 to 3. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/v2...v3) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2024-03-19 13:30:59 +01:00
dependabot[bot]	8c5bdbf7d5	build(deps): bump actions/checkout from 3 to 4 Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v3...v4) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2024-03-18 23:39:15 +01:00
Manuel Rüger	a5e6ed008c	.github: Update github actions	2022-10-20 19:08:17 -05:00
Manuel Rüger	be84ceb434	.github/workflows/codeql-analysis.yml: Update to v2	2022-06-03 19:38:09 -05:00
Manuel Rüger	94785f1ac1	.github: Add codeql scanner See also: https://docs.github.com/en/code-security/secure-coding/configuring-code-scanning Configuration taken from: https://github.com/github/codeql-action/blob/main/README.md#usage	2021-04-14 10:19:38 -05:00

12 Commits