Mirrors/inspec
2
0
Fork 0
mirror of https://github.com/inspec/inspec synced 2024-11-14 17:07:09 +00:00
Code Issues Projects Releases Packages Wiki Activity
10455 commits 449 branches 1895 tags 73 MiB
Commit graph

18 commits

Author SHA1 Message Date
neilnaveen
257ea55158 chore: Set permissions for GitHub actions 
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.

- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)

Signed-off-by: neilnaveen <42328488+neilnaveen@users.noreply.github.com>
 2022-04-17 15:51:20 +00:00
Vasu1105
d1d5058896 CFINSPEC-38 Rename the stable branch to Inspec-4 
Signed-off-by: Vasu1105 <vasundhara.jagdale@chef.io>
 2022-02-11 17:56:45 +05:30
Vasu1105
29d6884c8e CFINSPEC-38 Update dependabot for InSpec 4 stable branch. 
Signed-off-by: Vasu1105 <vasundhara.jagdale@chef.io>
 2022-02-10 15:04:24 +05:30
Tim Smith
bcc98feada Enable repeatable builds by bundling Gemfile.lock 
This way changes to omnibus-software or omnibus don't change the builds. This is important for us, but also for cinc. It also makes sure that we're tracking bumps to the omnibus-software in the InSpec changelog so we can build release notes that reflect key dep changes like openssl. We recently added the same thing to Infra Server to better track deps there and we've done this in infra client for many years.

Signed-off-by: Tim Smith <tsmith@chef.io>
 2021-10-02 16:52:40 -07:00
Ian Maddaus
7f6c1c13a9 Add labeler workflow with docs label 
Signed-off-by: Ian Maddaus <Ian.Maddaus@progress.com>
 2021-09-03 11:25:25 -07:00
dependabot-preview[bot]
cf1ec576ce
Upgrade to GitHub-native Dependabot 2021-04-28 22:35:59 +00:00
IanMadd
aeb8102e43 Update codeowners for docs 
Signed-off-by: IanMadd <Ian.Maddaus@progress.com>
 2021-03-22 11:07:00 -07:00
Mary Jinglewski
db770f1be8 Codeowner Pattern Changes 
Signed-off-by: Mary Jinglewski <mjinglewski@chef.io>
 2020-11-09 09:33:56 -05:00
Mary Jinglewski
cd81a465d8 Update Codeowners file for Docs 
Signed-off-by: Mary Jinglewski <mjinglewski@chef.io>
 2020-11-09 09:33:56 -05:00
IanMadd
7aed1940b4 Update codeowners 
Signed-off-by: IanMadd <imaddaus@chef.io>
 2020-09-14 13:53:49 -07:00
Miah Johnson
565c42d672 Update codeowners to get better automatic review requests 
Signed-off-by: Miah Johnson <miah@chia-pet.org>
 2019-09-13 11:29:57 -07:00
Miah Johnson
e816cbf2c8 Close at 400 days, with a message. 
Signed-off-by: Miah Johnson <miah@chia-pet.org>
 2019-06-05 16:19:41 -07:00
Miah Johnson
5f0c1fa7dc OSS Rollout Updates 
Add Project State, and SLA to README
Update CODEOWNERS

Signed-off-by: Miah Johnson <miah@chia-pet.org>
 2019-04-25 15:59:14 -07:00
Tim Smith
0cbd8ce705 Move the issue template to the .github directory 
No need for this in the root

Signed-off-by: Tim Smith <tsmith@chef.io>
 2019-02-13 22:50:30 -08:00
Dominik Richter
21c5b4a4c8
rename stale -> Stale label 2018-08-09 11:06:28 -07:00
Dominik Richter
4db2c8232e
Activate stale bot to help us with labels 2018-08-09 11:03:49 -07:00
Seth Chisamore
d468753d8e Update CODEOWNERS file (#2398) 
Signed-off-by: Seth Chisamore <schisamo@chef.io>
 2017-12-15 11:30:28 -05:00
Seth Chisamore
3650515a0e Add a CODEOWNERS file (#2086) 
Signed-off-by: Seth Chisamore <schisamo@chef.io>
 2017-08-17 13:57:54 -04:00