yamanin/registry
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
427 Commits 114 Branches 418 Tags
Commit Graph

6 Commits

Author SHA1 Message Date
Lukasz
ec57cb5c0f
CI: Pin GitHub Actions and fix zizmor high-severity findings (#667) 
## Description

This PR fixes zizmor --min-severity high findings in our GitHub Actions
workflows by:
- Pinning all uses: references to immutable commit SHAs (replaces
floating tags like @v6 / @main).
- Pinning internal Terraform setup action usage
(coder/coder/.github/actions/setup-tf@main) to a fixed ref/commit.
- Pinning crate-ci/typos to a commit SHA.
- Removing GitHub expression template expansion inside a run: block in
version-bump.yaml (prevents template injection flagged by zizmor).


## Type of Change

- [ ] New module
- [ ] New template
- [ ] Bug fix
- [ ] Feature/enhancement
- [ ] Documentation
- [x] Other

## Module Information

N/A

## Template Information

N/A

## Testing & Validation

- [ ] Tests pass (`bun test`)
- [ ] Code formatted (`bun fmt`)
- [x] Changes tested locally - zizmor .github/workflows/* --min-severity
high

## Related Issues

- coder/registry#642
- https://github.com/coder/registry/pull/662
 2026-01-21 11:42:10 +01:00
dependabot[bot]
faff2be207
chore(deps): bump actions/checkout from 5 to 6 in the github-actions group (#561) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-11-24 07:47:55 +00:00
Atif Ali
62951f1fca
chore: improve Prettier configuration (#392) 2025-08-27 01:57:43 +05:00
DevCats
6bebc02122
fix(ci): add fallback for GitHub API failures in release workflow (#388) 
## Description

CI was failing on new module releases because there was no fallback to
gh api failures when there was no previous tag for the module was found.


https://github.com/coder/registry/actions/runs/17225186737/job/48868318539

<!-- Briefly describe what this PR does and why -->

## Type of Change

- [ ] New module
- [ ] Bug fix
- [ ] Feature/enhancement
- [ ] Documentation
- [X] Other
 2025-08-26 08:19:49 -05:00
dependabot[bot]
52c1d47161
chore(deps): bump actions/checkout from 4 to 5 (#378) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-25 13:24:41 +00:00
blink-so[bot]
b206a6870c
chore: add automated release workflow for module tags (#372) 
Co-authored-by: Atif Ali <atif@coder.com>
 2025-08-24 01:28:56 +05:00