microsoft
/
appcenter-cli
зеркало из https://github.com/microsoft/appcenter-cli.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
2 301 коммит 32 Ветки 121 Тег 42 MiB
Граф коммитов

13 Коммитов

Автор SHA1 Сообщение Дата
Dima 5ed6391e34
Remove dependabot PRs and codeql workflow (#2542) 2024-06-20 21:56:17 +07:00
Dima a0bd3b5afe
Upgrade codeql action to v2 (#2033) 
* Upgrade codeql action to v2

* Filter codeql on.push action to master branch

* Trigger CodeQL if pull request targets master branch
 2022-10-26 17:14:33 +07:00
Evgenii Utkin d0fcecc7cf
Create CODEOWNERS (#2079) 2022-09-02 12:05:03 +02:00
Ivan Matkov dd918f3f6d
Update issue templates (#1259) 2021-02-01 13:43:17 +03:00
Robin Neatherway e3d2bb42cf
Add on: pull_request trigger to CodeQL workflow (#1214) 
From February 2021, in order to provide feedback on pull requests, Code Scanning workflows must be configured with both `push` and `pull_request` triggers. This is because Code Scanning compares the results from a pull request against the results for the base branch to tell you only what has changed between the two.

Early in the beta period we supported displaying results on pull requests for workflows with only `push` triggers, but have discontinued support as this proved to be less robust.

See https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#scanning-pull-requests for more information on how best to configure your Code Scanning workflows.
 2021-01-22 19:52:58 +04:00
Jeroen Rietveld e3ea160ead
Open PRs for all dependency updates (not just five) (#1081) 2020-10-12 11:31:47 +09:00
Jeroen Rietveld 7d665c253e
Enable Dependabot on appcenter-file-upload-client-node and run weekly (#997) 2020-07-30 18:16:44 +09:00
Jean-Philippe André e2703a95a8
Add dependabot.yml to enable dependabot beta (#930) 
* Add dependabot.yml to enable dependabot beta

Dependabot version update is now in beta, see post at:
https://github.blog/2020-06-01-keep-all-your-packages-up-to-date-with-dependabot/

Once this flow has been validated, we can remove the dependabot-preview app.
We may have to check in some changes to tell dependabot not to ignore this or that package, as we've previously done with comment in the PRs raised. With a bit of luck, the bot will have the right to run builds on azure pipelines.

See also:
- https://help.github.com/en/github/administering-a-repository/enabling-and-disabling-version-updates
- https://help.github.com/en/github/administering-a-repository/customizing-dependency-updates

* let's make it daily at first

* Rename file

* Fix mess... Should have been clean rename

Co-authored-by: Jeroen Rietveld <jerietve@microsoft.com>
 2020-06-22 12:01:02 +09:00
Karl Krukow 19e77b431a
Explicitly specify JS for Code analysis (#841) 2020-04-29 19:56:21 +09:00
Karl Krukow a201526349
Setup auto code scanning in CI/Actions (#840) 2020-04-29 18:18:03 +09:00
Jean-Philippe ANDRE 4661ee678f Also remove GitHub Action - it's not necessary anymore 2019-10-10 18:08:59 +09:00
Jean-Philippe ANDRE 4ffec186af Fix typo 2019-10-02 22:51:37 +09:00
Jean-Philippe ANDRE 6376e3ac1a Add GitHub Action to auto-comment on PR 2019-10-02 22:31:38 +09:00