jprdonnelly/terminal
1
0
Fork 0
mirror of https://github.com/microsoft/terminal.git synced 2026-04-04 20:00:21 -04:00
Code Issues Projects Releases Wiki Activity
4,873 Commits 555 Branches 180 Tags
778c19f4c0ae4fa90b7e90f1a11ff6dc9264c19a
Commit Graph

9 Commits

Author SHA1 Message Date
Jvr
8c016d3ea2 Update actions/add-to-project 1.0.1 -> 1.0.2 (#18052) 
- build(deps-dev): bump braces from 3.0.2 to 3.0.3 
- build(deps-dev): bump @types/node from 16.18.96 to 16.18.101
- build(deps-dev): bump ts-jest from 29.1.2 to 29.1.5
- build(deps-dev): bump @typescript-eslint/parser from 7.6.0 to 7.14.1 
- build(deps-dev): bump @typescript-eslint/eslint-plugin from 7.6.0 to
7.14.1
- build(deps-dev): bump eslint-plugin-jest from 27.9.0 to 28.6.0 
- Dependabot/npm and yarn/eslint plugin jest 28.6.0 fixes
 2024-11-04 17:17:36 -06:00
Jvr
19c24aced9 Update actions/add-to-project to 1.0.1 (#17097) 2024-04-23 09:16:46 -07:00
Jvr
65d2d3dcec Update actions/add-to-project to version 0.5.0 (#16084) 
Update actions/add-to-project to version 0.5.0
 2023-12-05 16:31:52 -06:00
Alex
547349af77 GitHub Workflows security hardening (#14513) 
This PR adds explicit [permissions section] to workflows. This is a
security best practice because by default workflows run with [extended
set of permissions] (except from `on: pull_request` [from external
forks]). By specifying any permission explicitly all others are set to
none. By using the principle of least privilege the damage a compromised
workflow can do (because of an [injection] or compromised third party
tool or action) is restricted.

It is recommended to have [most strict permissions on the top level] and
grant write permissions on [job level] case by case.

[permissions section]: https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
[extended set of permissions]: https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token
[from external forks]: https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
[injection]: https://securitylab.github.com/research/github-actions-untrusted-input/
[most strict permissions on the top level]: https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
[job level]: https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
 2022-12-19 12:07:25 -08:00
Mike Griese
446ef22044 apparently I don't know yaml 2022-09-15 16:17:27 -05:00
Mike Griese
2f0a93d9c8 okay that didn't work. Reverting back to LKG 2022-09-14 16:36:32 -05:00
Mike Griese
cf1d4de20b learning 2022-09-14 16:34:25 -05:00
Mike Griese
cf293ad367 This is a test 2022-09-14 16:30:21 -05:00
Mike Griese
89746adfd7 This is a test of the add-to-project action (#13975) 
docs: https://github.com/marketplace/actions/add-to-github-projects?version=v0.3.0

Hey maybe we should use more actions. This was thrown out during the last GH sync. Hopefully this doesn't explode.

This _should_ add all issues that don't have one of `Issue-Feature`, `Needs-Triage`, `Needs-Author-Feedback`, `Issue-Scenario` to the project board. That should just leave all the bugs and tasks that have been triaged.

I didn't go for 

```yml
          labeled: Issue-Task, Issue-Bug
          label-operator: OR
```

since those would include untriaged ones.

There's also no way to filter on milestone currently, so this will likely add icebox issues. We'll need to remove those manually as needed.
 2022-09-14 21:11:19 +00:00