ツリー: a24598f069

Jon Ross-Perkins 1d19fa3954 Disable clang-tidy action in favor of clangd-tidy (#6037)		7 ヶ月前
..
README.md	b73387fc84 Update workflows for security hardening. (#4192)	1 年間前
auto_assign_prs.yaml	a94136d477 Remove references to explorer (#5287)	1 年間前
auto_label_prs.yaml	3b7dc79796 Add repo flag to gh (#5669)	10 ヶ月前
clangd_tidy.yaml	0da91115cd Run clangd-tidy for the merge queue (#6041)	7 ヶ月前
discord_wiki.yaml	17abaa2bca Fix stray quote in action (#4193)	1 年間前
gh_pages_ci.yaml	b6396e97f8 Build a website. (#4189)	1 年間前
gh_pages_deploy.yaml	b6396e97f8 Build a website. (#4189)	1 年間前
nightly_release.yaml	9d5575c920 Revert to Ubuntu 22 builders (#5479)	11 ヶ月前
pre_commit.yaml	9d5575c920 Revert to Ubuntu 22 builders (#5479)	11 ヶ月前
pre_commit_suggestions.yaml	b73387fc84 Update workflows for security hardening. (#4192)	1 年間前
proposal_labeled.yaml	ad8d01d35c Replicate the fix in #5669 to the proposal workflow (#5671)	10 ヶ月前
proposal_ready.yaml	ad8d01d35c Replicate the fix in #5669 to the proposal workflow (#5671)	10 ヶ月前
sync_repos.yaml	b73387fc84 Update workflows for security hardening. (#4192)	1 年間前
tests.yaml	9d5575c920 Revert to Ubuntu 22 builders (#5479)	11 ヶ月前
triage_inactive.yaml	9fc40f86f9 Rename 'long term' to 'long term issue' (#5023)	1 年間前

Workflows

Hardening

Workflows are hardened using Step Security tool. Findings for the "Harden Runner" steps are available online.

Most jobs only have a few endpoints, but due to tools which do downloads, a few have significantly more. These are:

When updating one of these, consider updating all of them.

We try to keep allowed-endpoints with one per line. Prettier wants to wrap them, which we fix this with prettier-ignore.

We keep around an action-test branch in carbon-lang, which can be used to test triggers with push: configurations. For example:

on:
  push:
    branches: [action-test]