dependabot[bot]
c6f9859ac6
Bump the actions-minor group with 3 updates ( #765 )
...
Check Transpiled JavaScript / Check dist/ (push) Failing after 20s
Continuous Integration / TypeScript Tests (push) Failing after 1s
Continuous Integration / Test attest-provenance action (push) Failing after 1s
CodeQL / Analyze (TypeScript) (push) Failing after 2s
GitHub Sigstore Prober / prober (push) Failing after 2s
Public-Good Sigstore Prober / prober (push) Has started running
Bumps the actions-minor group with 3 updates: [actions/checkout](https://github.com/actions/checkout ), [actions/setup-node](https://github.com/actions/setup-node ) and [github/codeql-action](https://github.com/github/codeql-action ).
Updates `actions/checkout` from 6.0.0 to 6.0.1
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](1af3b93b68...8e8c483db8https://github.com/actions/setup-node/releases )
- [Commits](2028fbc5c2...395ad32622https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](fdbfb4d275...cf1bb45a27
2025-12-08 10:18:51 -08:00
dependabot[bot]
2dc334f1ac
Bump github/codeql-action in the actions-minor group ( #760 )
...
Bumps the actions-minor group with 1 update: [github/codeql-action](https://github.com/github/codeql-action ).
Updates `github/codeql-action` from 4.31.4 to 4.31.5
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](e12f017898...fdbfb4d275
2025-12-01 10:42:25 -08:00
dependabot[bot]
b92f224bf5
Bump actions/checkout from 5.0.1 to 6.0.0 ( #756 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 5.0.1 to 6.0.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](93cb6efe18...1af3b93b68
2025-11-24 08:00:44 -08:00
dependabot[bot]
a6fede4d5d
Bump actions/upload-artifact from 4 to 5 ( #755 )
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 4 to 5.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](https://github.com/actions/upload-artifact/compare/v4...v5 )
---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-version: '5'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-24 07:59:04 -08:00
dependabot[bot]
268464dd14
Bump the actions-minor group across 1 directory with 3 updates ( #751 )
...
Check Transpiled JavaScript / Check dist/ (push) Failing after 25s
Continuous Integration / TypeScript Tests (push) Failing after 3s
Continuous Integration / Test attest-provenance action (push) Failing after 1s
CodeQL / Analyze (TypeScript) (push) Failing after 2s
Public-Good Sigstore Prober / prober (push) Failing after 2s
GitHub Sigstore Prober / prober (push) Failing after 1s
Bumps the actions-minor group with 3 updates in the / directory: [actions/checkout](https://github.com/actions/checkout ), [github/codeql-action](https://github.com/github/codeql-action ) and [masci/datadog](https://github.com/masci/datadog ).
Updates `actions/checkout` from 5.0.0 to 5.0.1
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](08c6903cd8...93cb6efe18https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](f443b600d9...e12f017898https://github.com/masci/datadog/releases )
- [Commits](f0cad7cba5...a3f481d2ed
2025-11-18 15:30:35 -08:00
dependabot[bot]
2087a22bcc
Bump actions/setup-node from 5.0.0 to 6.0.0 ( #719 )
...
Bumps [actions/setup-node](https://github.com/actions/setup-node ) from 5.0.0 to 6.0.0.
- [Release notes](https://github.com/actions/setup-node/releases )
- [Commits](a0853c2454...2028fbc5c2
2025-11-18 15:23:52 -08:00
dependabot[bot]
ba965ac88a
Bump github/codeql-action from 3.30.3 to 4.30.8 ( #716 )
...
Check Transpiled JavaScript / Check dist/ (push) Failing after 4s
Continuous Integration / TypeScript Tests (push) Failing after 1s
Continuous Integration / Test attest-provenance action (push) Failing after 1s
CodeQL / Analyze (TypeScript) (push) Failing after 3s
Public-Good Sigstore Prober / prober (push) Failing after 2s
GitHub Sigstore Prober / prober (push) Failing after 2s
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.30.3 to 4.30.8.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](192325c861...f443b600d9
2025-10-17 10:53:41 -07:00
dependabot[bot]
bed76f6f80
Bump actions/setup-node from 4.4.0 to 5.0.0 ( #706 )
...
Check Transpiled JavaScript / Check dist/ (push) Failing after 18s
Continuous Integration / TypeScript Tests (push) Failing after 1s
Continuous Integration / Test attest-provenance action (push) Failing after 1s
CodeQL / Analyze (TypeScript) (push) Failing after 2s
Public-Good Sigstore Prober / prober (push) Failing after 1s
GitHub Sigstore Prober / prober (push) Failing after 2s
Bumps [actions/setup-node](https://github.com/actions/setup-node ) from 4.4.0 to 5.0.0.
- [Release notes](https://github.com/actions/setup-node/releases )
- [Commits](49933ea528...a0853c2454
2025-10-06 10:05:41 -07:00
dependabot[bot]
5a0f9f9189
Bump github/codeql-action in the actions-minor group ( #705 )
...
Bumps the actions-minor group with 1 update: [github/codeql-action](https://github.com/github/codeql-action ).
Updates `github/codeql-action` from 3.29.11 to 3.30.3
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](3c3833e0f8...192325c861
2025-10-06 10:04:57 -07:00
dependabot[bot]
3752c92e3b
Bump github/codeql-action in the actions-minor group ( #698 )
...
Check Transpiled JavaScript / Check dist/ (push) Failing after 2s
Continuous Integration / TypeScript Tests (push) Failing after 2s
Continuous Integration / Test attest-provenance action (push) Failing after 1s
CodeQL / Analyze (TypeScript) (push) Failing after 3s
Public-Good Sigstore Prober / prober (push) Failing after 2s
GitHub Sigstore Prober / prober (push) Failing after 2s
Bumps the actions-minor group with 1 update: [github/codeql-action](https://github.com/github/codeql-action ).
Updates `github/codeql-action` from 3.29.9 to 3.29.11
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](df559355d5...3c3833e0f8
2025-09-12 13:14:47 -07:00
Brian DeHamer
0b6e980926
update doc references to v3 release ( #697 )
...
Check Transpiled JavaScript / Check dist/ (push) Failing after 2s
Continuous Integration / TypeScript Tests (push) Failing after 1s
Continuous Integration / Test attest-provenance action (push) Failing after 2s
CodeQL / Analyze (TypeScript) (push) Failing after 2s
Public-Good Sigstore Prober / prober (push) Failing after 1s
GitHub Sigstore Prober / prober (push) Failing after 1s
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2025-08-28 14:23:03 -07:00
Brian DeHamer
8ee716368b
refactor eslint config ( #690 )
...
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2025-08-26 16:57:28 -07:00
dependabot[bot]
91ca1c2567
Bump actions/checkout from 4.1.1 to 5.0.0 ( #684 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.1 to 5.0.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v4.1.1...08c6903cd8c0fde910a37f88322edcfb5dd907a8 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-version: 5.0.0
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-08-26 16:21:27 -07:00
Brian DeHamer
8bd83f1e05
pin workflow deps ( #683 )
...
Check Transpiled JavaScript / Check dist/ (push) Failing after 18s
Continuous Integration / TypeScript Tests (push) Failing after 2s
Continuous Integration / Test attest-provenance action (push) Failing after 2s
Lint Codebase / Lint Codebase (push) Failing after 1s
CodeQL / Analyze (TypeScript) (push) Failing after 16s
Public-Good Sigstore Prober / prober (push) Failing after 1s
GitHub Sigstore Prober / prober (push) Failing after 2s
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2025-08-14 15:13:49 -07:00
dependabot[bot]
961f313d93
Bump masci/datadog from 1.9.1 to 1.9.2 in the actions-minor group ( #672 )
...
Check Transpiled JavaScript / Check dist/ (push) Failing after 3s
Continuous Integration / TypeScript Tests (push) Failing after 3s
Continuous Integration / Test attest-provenance action (push) Failing after 3s
CodeQL / Analyze (TypeScript) (push) Failing after 2s
Lint Codebase / Lint Codebase (push) Failing after 2s
Public-Good Sigstore Prober / prober (push) Failing after 1s
GitHub Sigstore Prober / prober (push) Failing after 1s
Bumps the actions-minor group with 1 update: [masci/datadog](https://github.com/masci/datadog ).
Updates `masci/datadog` from 1.9.1 to 1.9.2
- [Release notes](https://github.com/masci/datadog/releases )
- [Commits](6889e9d060...f0cad7cba5
2025-07-28 10:11:23 -07:00
dependabot[bot]
fe74bb2c6c
Bump super-linter/super-linter from 7.4.0 to 8.0.0 ( #670 )
...
Check Transpiled JavaScript / Check dist/ (push) Failing after 2s
Continuous Integration / TypeScript Tests (push) Failing after 2s
Continuous Integration / Test attest-provenance action (push) Failing after 2s
CodeQL / Analyze (TypeScript) (push) Failing after 2s
Lint Codebase / Lint Codebase (push) Failing after 3s
Public-Good Sigstore Prober / prober (push) Failing after 1s
GitHub Sigstore Prober / prober (push) Failing after 0s
---
updated-dependencies:
- dependency-name: super-linter/super-linter
dependency-version: 8.0.0
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-07-22 10:21:12 -04:00
dependabot[bot]
d848170917
Bump super-linter/super-linter in the actions-minor group ( #640 )
...
Check Transpiled JavaScript / Check dist/ (push) Failing after 3s
Continuous Integration / TypeScript Tests (push) Failing after 2s
Continuous Integration / Test attest-provenance action (push) Failing after 4s
CodeQL / Analyze (TypeScript) (push) Failing after 1s
Lint Codebase / Lint Codebase (push) Failing after 1s
Public-Good Sigstore Prober / prober (push) Failing after 0s
GitHub Sigstore Prober / prober (push) Failing after 0s
Bumps the actions-minor group with 1 update: [super-linter/super-linter](https://github.com/super-linter/super-linter ).
Updates `super-linter/super-linter` from 7.3.0 to 7.4.0
- [Release notes](https://github.com/super-linter/super-linter/releases )
- [Changelog](https://github.com/super-linter/super-linter/blob/main/CHANGELOG.md )
- [Commits](https://github.com/super-linter/super-linter/compare/v7.3.0...v7.4.0 )
---
updated-dependencies:
- dependency-name: super-linter/super-linter
dependency-version: 7.4.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: actions-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-05-19 19:27:17 -07:00
Brian DeHamer
d82e7cd0c7
offboard from eslint in superlinter ( #618 )
...
Check Transpiled JavaScript / Check dist/ (push) Failing after 1s
Continuous Integration / TypeScript Tests (push) Failing after 22s
Continuous Integration / Test attest-provenance action (push) Failing after 3s
Lint Codebase / Lint Codebase (push) Failing after 1s
CodeQL / Analyze (TypeScript) (push) Failing after 2s
Public-Good Sigstore Prober / prober (push) Failing after 1s
GitHub Sigstore Prober / prober (push) Failing after 1s
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2025-04-28 11:30:19 -07:00
dependabot[bot]
d3b713ade6
Bump the actions-minor group with 2 updates ( #566 )
...
Check Transpiled JavaScript / Check dist/ (push) Failing after 2s
Continuous Integration / TypeScript Tests (push) Failing after 17s
Continuous Integration / Test attest-provenance action (push) Failing after 3s
Lint Codebase / Lint Codebase (push) Failing after 1s
CodeQL / Analyze (TypeScript) (push) Failing after 2s
Public-Good Sigstore Prober / prober (push) Failing after 1s
GitHub Sigstore Prober / prober (push) Failing after 0s
* Bump the actions-minor group with 2 updates
Bumps the actions-minor group with 2 updates: [super-linter/super-linter](https://github.com/super-linter/super-linter ) and [masci/datadog](https://github.com/masci/datadog ).
Updates `super-linter/super-linter` from 7.2.1 to 7.3.0
- [Release notes](https://github.com/super-linter/super-linter/releases )
- [Changelog](https://github.com/super-linter/super-linter/blob/main/CHANGELOG.md )
- [Commits](https://github.com/super-linter/super-linter/compare/v7.2.1...v7.3.0 )
Updates `masci/datadog` from 1.7.1 to 1.9.1
- [Release notes](https://github.com/masci/datadog/releases )
- [Commits](a5d283e78e...6889e9d060
2025-04-01 15:04:18 -04:00
Brian DeHamer
f9eaf234fc
Bump actions/attest from 2.2.0 to 2.2.1 ( #481 )
...
Check Transpiled JavaScript / Check dist/ (push) Failing after 1s
Continuous Integration / TypeScript Tests (push) Failing after 1s
Continuous Integration / Test attest-provenance action (push) Failing after 2s
CodeQL / Analyze (TypeScript) (push) Failing after 1s
Lint Codebase / Lint Codebase (push) Failing after 1s
Public-Good Sigstore Prober / prober (push) Failing after 1s
GitHub Sigstore Prober / prober (push) Failing after 0s
* bump actions/attest from v2.2.0 to v2.2.1
Signed-off-by: Brian DeHamer <bdehamer@github.com>
* pin super-linter action to v7.2.1
Signed-off-by: Brian DeHamer <bdehamer@github.com>
---------
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2025-02-26 12:57:26 -08:00
Brian DeHamer
c4fbc64884
bump actions/attest from 2.0.0 to 2.0.1 ( #406 )
...
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2024-12-06 07:32:45 -08:00
dependabot[bot]
0704961b8b
Bump actions/publish-immutable-action in the actions-minor group ( #298 )
...
Bumps the actions-minor group with 1 update: [actions/publish-immutable-action](https://github.com/actions/publish-immutable-action ).
Updates `actions/publish-immutable-action` from 0.0.3 to 0.0.4
- [Release notes](https://github.com/actions/publish-immutable-action/releases )
- [Commits](https://github.com/actions/publish-immutable-action/compare/0.0.3...v0.0.4 )
---
updated-dependencies:
- dependency-name: actions/publish-immutable-action
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: actions-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-28 09:56:55 -07:00
Joel Ambass
b1d65e4607
Add workflow file for publishing releases to immutable action package ( #277 )
...
* Add workflow file for publishing releases to immutable action package
This workflow file publishes new action releases to the immutable action package of the same name as this repo.
This is part of the Immutable Actions project which is not yet fully released to the public. First party actions like this one are part of our initial testing of this feature.
* linter fix for workflow permissions
Signed-off-by: Brian DeHamer <bdehamer@github.com>
---------
Signed-off-by: Brian DeHamer <bdehamer@github.com>
Co-authored-by: Brian DeHamer <bdehamer@github.com>
2024-10-14 16:59:28 -07:00
Brian DeHamer
dff1ae69a7
prevent e2e workflows on forks ( #272 )
...
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2024-10-03 07:56:27 -07:00
Brian DeHamer
43c221e61f
add stamp tag to prober ( #227 )
...
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2024-09-05 16:25:38 -07:00
Brian DeHamer
d438876305
add sigstore prober ( #224 )
...
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2024-09-05 06:54:45 -07:00
dependabot[bot]
3eb3242bd7
Bump super-linter/super-linter from 6 to 7 ( #205 )
...
* Bump super-linter/super-linter from 6 to 7
Bumps [super-linter/super-linter](https://github.com/super-linter/super-linter ) from 6 to 7.
- [Release notes](https://github.com/super-linter/super-linter/releases )
- [Changelog](https://github.com/super-linter/super-linter/blob/main/CHANGELOG.md )
- [Commits](https://github.com/super-linter/super-linter/compare/v6...v7 )
---
updated-dependencies:
- dependency-name: super-linter/super-linter
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
* disable YAML_PRETTIER in super-linter
Signed-off-by: Brian DeHamer <bdehamer@github.com>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Brian DeHamer <bdehamer@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Brian DeHamer <bdehamer@github.com>
2024-08-20 13:10:51 -05:00
Brian DeHamer
48f71d5e11
disable typescript-standard super linter ( #191 )
...
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2024-08-06 09:08:02 -07:00
Brian DeHamer
8f1fc17a59
Revert "disable github action linting ( #54 )" ( #102 )
...
This reverts commit eab7f69317
2024-06-04 08:37:47 -07:00
Brian DeHamer
eab7f69317
disable github action linting ( #54 )
...
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2024-05-01 13:59:05 -07:00
Phill MV
e9e8f489ae
Update README.md to use attestations permission ( #43 )
...
* Update README.md to use `attestations` permission
* Update ci.yml
* Update ci.yml
* Update README.md
Co-authored-by: Brian DeHamer <bdehamer@github.com>
* Update README.md
Co-authored-by: Brian DeHamer <bdehamer@github.com>
---------
Co-authored-by: Brian DeHamer <bdehamer@github.com>
2024-04-22 09:12:55 -07:00
Eugene
9b4b35feaa
unit test ( #13 )
...
* test
* updated
2024-02-29 17:04:03 -08:00
Brian DeHamer
b6400165aa
Force signing w/ private sigstore instance ( #16 )
...
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2024-02-29 16:29:00 -08:00
Brian DeHamer
ee7eb81981
readme updates ( #12 )
...
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2024-02-28 18:11:21 -08:00
Brian DeHamer
d6e451253f
reference @actions/attest package ( #10 )
...
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2024-02-26 14:49:08 -08:00
Brian DeHamer
1c11bf4f81
workflow fixup
...
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2024-02-23 17:25:53 -08:00
Brian DeHamer
4b5ff813f7
fix permissions for codeql workflow
...
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2024-02-23 16:56:37 -08:00
Brian DeHamer
4c5a33ee04
fix fetch-depth for linter checkout
...
Signed-off-by: Brian DeHamer <bdehamer@github.com>
2024-02-23 16:56:12 -08:00
dependabot[bot]
e6db7d66b0
Bump super-linter/super-linter from 5 to 6
...
Bumps [super-linter/super-linter](https://github.com/super-linter/super-linter ) from 5 to 6.
- [Release notes](https://github.com/super-linter/super-linter/releases )
- [Changelog](https://github.com/super-linter/super-linter/blob/main/CHANGELOG.md )
- [Commits](https://github.com/super-linter/super-linter/compare/v5...v6 )
---
updated-dependencies:
- dependency-name: super-linter/super-linter
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-02-23 21:57:31 +00:00
ejahnGithub
9a05ed248a
update ci
2024-02-23 12:39:26 -08:00
ejahnGithub
381fca5703
init attest build provenance
2024-02-22 08:29:05 -08:00
Brian DeHamer
1a4323c55b
Initial commit
2024-02-20 11:26:39 -08:00
