| 文件 | 最后提交记录 | 最后更新时间 |
|---|---|---|
ci: bump the github-actions group across 2 directories with 2 updates Bumps the github-actions group with 1 update in the / directory: [github/codeql-action](https://github.com/github/codeql-action). Bumps the github-actions group with 1 update in the /.github/actions/cache directory: [actions/cache](https://github.com/actions/cache). Updates github/codeql-action from 4 to 4.35.1 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/v4...v4.35.1) Updates actions/cache from 5 to 5.0.4 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/v5...v5.0.4) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.35.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/cache dependency-version: 5.0.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com> | 2 个月前 | |
ci: ignore known Zizmor findings This avoids false positives from existing uses of GITHUB_ENV and pull_request_target that are safe, as well as from cache usage in a workflow that doesn't produce release artifacts. | 3 个月前 |