Signal-Server

History

Blake Irvin 12e11609a9 pin 3rd-party Actions dep by full SHA This change follows GitHub's security-hardening guidance. By pinning to a full SHA, we reduce our exposure to supply-chain attacks where a malicious party could compromise the 3rd-party Actions repo, commit malicious code, and then mutate an existing git tag to redirect to a SHA containing the malicious commit. See https://docs.github.com/en/actions/learn-github-actions/security-hardening-for-github-actions#using-third-party-actions for more.	2021-09-10 14:22:11 -05:00
..
workflows	pin 3rd-party Actions dep by full SHA	2021-09-10 14:22:11 -05:00
FUNDING.yml	Add FUNDING.yml to display sponsor button in GitHub	2021-04-08 09:19:08 -04:00

Blake Irvin 12e11609a9 pin 3rd-party Actions dep by full SHA

This change follows GitHub's security-hardening guidance. By pinning to a full SHA, we reduce our exposure to supply-chain attacks where a malicious party could compromise the 3rd-party Actions repo, commit malicious code, and then mutate an existing git tag to redirect to a SHA containing the malicious commit.

See https://docs.github.com/en/actions/learn-github-actions/security-hardening-for-github-actions#using-third-party-actions for more.

2021-09-10 14:22:11 -05:00

workflows

pin 3rd-party Actions dep by full SHA

2021-09-10 14:22:11 -05:00

FUNDING.yml

Add FUNDING.yml to display sponsor button in GitHub

2021-04-08 09:19:08 -04:00