mirror of
https://github.com/element-hq/synapse.git
synced 2025-04-16 06:56:22 +00:00
51deadec41
After the [recent supply chain attack](https://www.wiz.io/blog/new-github-action-supply-chain-attack-reviewdog-action-setup) in `tj-actions/changed-files` and actions based on it, it's become clear that relying on git tags to pin our dependencies is not enough (as tags can simply be replaced). Therefore we need to switch to hashes. Dependabot should continue to update these dependencies for us. Best reviewed commit-by-commit. Though if CI passes, we're *probably* fine.
14 lines
402 B
YAML
14 lines
402 B
YAML
name: Move new issues into the issue triage board
|
|
|
|
on:
|
|
issues:
|
|
types: [ opened ]
|
|
|
|
jobs:
|
|
triage:
|
|
uses: matrix-org/backend-meta/.github/workflows/triage-incoming.yml@18beaf3c8e536108bd04d18e6c3dc40ba3931e28 # v2.0.3
|
|
with:
|
|
project_id: 'PVT_kwDOAIB0Bs4AFDdZ'
|
|
content_id: ${{ github.event.issue.node_id }}
|
|
secrets:
|
|
github_access_token: ${{ secrets.ELEMENT_BOT_TOKEN }}
|