From 9ec657cf6e93dcf26206a2be98c2072bb63d6d23 Mon Sep 17 00:00:00 2001 From: felix920506 Date: Wed, 27 Mar 2024 13:23:10 -0400 Subject: Remove permission check from GHA Permission check is moved to the script itself --- .github/workflows/commands.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to '.github/workflows') diff --git a/.github/workflows/commands.yml b/.github/workflows/commands.yml index d78f11166c..23636cff64 100644 --- a/.github/workflows/commands.yml +++ b/.github/workflows/commands.yml @@ -124,7 +124,7 @@ jobs: rename: name: Rename - if: contains(github.event.comment.body, '@jellyfin-bot rename') && github.event.comment.author_association == 'MEMBER' + if: contains(github.event.comment.body, '@jellyfin-bot rename') runs-on: ubuntu-latest steps: - name: pull in script -- cgit v1.2.3 From 80365f277afa05b329422362cbef6a4aa92317cd Mon Sep 17 00:00:00 2001 From: Josh Soref <2119212+jsoref@users.noreply.github.com> Date: Mon, 4 Mar 2024 00:28:41 -0500 Subject: chore(ci): Add permissions grant Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> --- .github/workflows/ci-codeql-analysis.yml | 4 ++++ 1 file changed, 4 insertions(+) (limited to '.github/workflows') diff --git a/.github/workflows/ci-codeql-analysis.yml b/.github/workflows/ci-codeql-analysis.yml index f7366c7e04..96e72743e6 100644 --- a/.github/workflows/ci-codeql-analysis.yml +++ b/.github/workflows/ci-codeql-analysis.yml @@ -8,6 +8,10 @@ on: schedule: - cron: '24 2 * * 4' +permissions: + contents: read + security-events: write + jobs: analyze: name: Analyze -- cgit v1.2.3 From 29d11f6ecb529ca091f6538ea3dc6c9a0fd6d4c3 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 10 Apr 2026 19:09:15 +0000 Subject: Update actions/upload-artifact action to v7.0.1 --- .github/workflows/ci-compat.yml | 4 ++-- .github/workflows/openapi-generate.yml | 2 +- .github/workflows/openapi-pull-request.yml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) (limited to '.github/workflows') diff --git a/.github/workflows/ci-compat.yml b/.github/workflows/ci-compat.yml index f9e2fbc3a6..dd48209a1f 100644 --- a/.github/workflows/ci-compat.yml +++ b/.github/workflows/ci-compat.yml @@ -26,7 +26,7 @@ jobs: dotnet build Jellyfin.Server -o ./out - name: Upload Head - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: abi-head retention-days: 14 @@ -65,7 +65,7 @@ jobs: dotnet build Jellyfin.Server -o ./out - name: Upload Head - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: abi-base retention-days: 14 diff --git a/.github/workflows/openapi-generate.yml b/.github/workflows/openapi-generate.yml index 255cc49e82..dbfaf9d30b 100644 --- a/.github/workflows/openapi-generate.yml +++ b/.github/workflows/openapi-generate.yml @@ -36,7 +36,7 @@ jobs: run: dotnet test tests/Jellyfin.Server.Integration.Tests/Jellyfin.Server.Integration.Tests.csproj -c Release --filter Jellyfin.Server.Integration.Tests.OpenApiSpecTests - name: Upload Artifact - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: ${{ inputs.artifact }} path: tests/Jellyfin.Server.Integration.Tests/bin/Release/net10.0/openapi.json diff --git a/.github/workflows/openapi-pull-request.yml b/.github/workflows/openapi-pull-request.yml index 563a0a406f..4acd0f4d4f 100644 --- a/.github/workflows/openapi-pull-request.yml +++ b/.github/workflows/openapi-pull-request.yml @@ -74,7 +74,7 @@ jobs: docker run -v /tmp/openapi-report:/data openapitools/openapi-diff:2.1.6 /data/base.json /data/head.json --state -l ERROR --markdown /data/openapi-report.md - name: Upload Artifact - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: openapi-report path: /tmp/openapi-report/openapi-report.md -- cgit v1.2.3 From eb6c0e093552974d09476135ce95501ef01f5c46 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 15 Apr 2026 19:46:47 +0200 Subject: Update github/codeql-action action to v4.35.2 (#16639) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/ci-codeql-analysis.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to '.github/workflows') diff --git a/.github/workflows/ci-codeql-analysis.yml b/.github/workflows/ci-codeql-analysis.yml index f6f9a26d06..442114dd80 100644 --- a/.github/workflows/ci-codeql-analysis.yml +++ b/.github/workflows/ci-codeql-analysis.yml @@ -32,13 +32,13 @@ jobs: dotnet-version: '10.0.x' - name: Initialize CodeQL - uses: github/codeql-action/init@c10b8064de6f491fea524254123dbe5e09572f13 # v4.35.1 + uses: github/codeql-action/init@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4.35.2 with: languages: ${{ matrix.language }} queries: +security-extended - name: Autobuild - uses: github/codeql-action/autobuild@c10b8064de6f491fea524254123dbe5e09572f13 # v4.35.1 + uses: github/codeql-action/autobuild@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4.35.2 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@c10b8064de6f491fea524254123dbe5e09572f13 # v4.35.1 + uses: github/codeql-action/analyze@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4.35.2 -- cgit v1.2.3 From d8c55a29bb0f3fe04ba083bb338ca80cf7f1601e Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 16 Apr 2026 04:59:35 +0000 Subject: Update danielpalme/ReportGenerator-GitHub-Action action to v5.5.5 --- .github/workflows/ci-tests.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to '.github/workflows') diff --git a/.github/workflows/ci-tests.yml b/.github/workflows/ci-tests.yml index fc32cc884d..9fdcaedf97 100644 --- a/.github/workflows/ci-tests.yml +++ b/.github/workflows/ci-tests.yml @@ -35,7 +35,7 @@ jobs: --verbosity minimal - name: Merge code coverage results - uses: danielpalme/ReportGenerator-GitHub-Action@cf6fe1b38ed5becc89ffe056c1f240825993be5b # v5.5.4 + uses: danielpalme/ReportGenerator-GitHub-Action@7ae927204961589fcb0b0be245c51fbbc87cbca2 # v5.5.5 with: reports: "**/coverage.cobertura.xml" targetdir: "merged/" -- cgit v1.2.3