Cutlery/immich
1
0
Fork 1
mirror of https://github.com/immich-app/immich.git synced 2025-05-24 01:12:58 -04:00
Code Issues Packages Projects Releases Wiki Activity
6,860 Commits 152 Branches 262 Tags
Commit Graph

6 Commits

Author SHA1 Message Date
bo0tzz
504930947d
fix: various actions workflow security improvements (#17651) 
* fix: set persist-credentials explicitly for checkout

https://woodruffw.github.io/zizmor/audits/#artipacked

* fix: minimize permissions scope for workflows

https://woodruffw.github.io/zizmor/audits/#excessive-permissions

* fix: remove potential template injections

https://woodruffw.github.io/zizmor/audits/#template-injection

* fix: only pass needed secrets in workflow_call

https://woodruffw.github.io/zizmor/audits/#secrets-inherit

* fix: push perm for single-arch build jobs

I hadn't realised these push to the registry too :x

* chore: fix formatting

* fix: $

* fix: retag job quoting

---------

Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
 2025-04-18 15:10:27 -05:00
renovate[bot]
90f21d9047
chore(deps): pin dependencies (#17077) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-03-25 18:07:59 +00:00
Nicholas Flamy
9e015c7f97
feat: lint workflow files and others files in .github (#16914) 
* add npm prettier dep and format script to .github folder

* initial work on prettier formatting test

* attempt index notation

* change name of .github job to be valid

* another use of index notation

this is getting overcomplicated

* Change job ID to `github-files-formatting` and chane the name to `.github Files Checks`

* Change job name to `.github Files Formatting`

* Update Makefile with .github module and `filter-out`s

* run prettier formatting as added in this PR
 2025-03-24 10:49:18 -05:00
dependabot[bot]
f2e950d89c
chore(deps): bump ytanikin/PRConventionalCommits from 1.2.0 to 1.3.0 (#13051) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-11-13 01:27:37 +00:00
dependabot[bot]
a4887bfa7e
chore(deps): bump ytanikin/PRConventionalCommits from 1.1.0 to 1.2.0 (#9661) 
---
updated-dependencies:
- dependency-name: ytanikin/PRConventionalCommits
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-22 11:43:46 +01:00
Zack Pollard
02e755bd92
ci: add conventional commit validation for PR titles (#9634) 2024-05-21 13:54:21 +01:00