4b416f89bf
Chore(deps): Bump actions/checkout from 4 to 5 ( #110558 )
...
* Chore(deps): Bump actions/checkout from 4 to 5
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4 to 5.
- [Release notes](https://github.com/actions/checkout/releases )
- [Commits](https://github.com/actions/checkout/compare/v4...v5 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-version: '5'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
* remove incorrect comments
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Ashley Harrison <ashley.harrison@grafana.com>
2025-09-10 14:25:41 +01:00
9b3b6fcdb2
Security: Fix actor spoofing vulnerability in Dependabot workflow ( #109519 )
...
Replace github.actor with github.event.pull_request.user.login to prevent
actor context spoofing in pull requests from forks. This ensures only
genuine Dependabot PRs can trigger the workspace update workflow.
Fixes zizmor security finding with Medium confidence level.
🤖 Generated with [Claude Code](https://claude.ai/code )
Co-authored-by: Claude <noreply@anthropic.com>
2025-08-12 12:40:03 +00:00
41df2e9d26
Bump actions/setup-go from 4.2.1 to 5.5.0 ( #108286 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-07-31 13:27:36 +01:00
c92ff0ca75
Actions: Introduce actionlint ( #105224 )
2025-05-13 08:23:59 +02:00
2436b4e097
CI: move workflows/actions to actions ( #104711 )
...
* move workflows/actions to actions
* rerun actions
* fix setup-go v5
* unpinned unnecessary pins
* update CODEOWONERS
* update CODEOWONERS
* remove remove-milestone from codeowners
* remove bad key
2025-04-29 14:24:55 -05:00
97d10b5095
CI: remove unused worklow; use GITHUB_TOKEN where possible ( #104657 )
...
Backend Code Checks / Validate Backend Configs (push) Waiting to run
Details
Backend Unit Tests / Grafana (push) Waiting to run
Details
Backend Unit Tests / Grafana Enterprise (push) Waiting to run
Details
CodeQL checks / Analyze (go) (push) Waiting to run
Details
CodeQL checks / Analyze (javascript) (push) Waiting to run
Details
CodeQL checks / Analyze (python) (push) Waiting to run
Details
Lint Frontend / Verify i18n (push) Waiting to run
Details
Lint Frontend / Lint (push) Waiting to run
Details
Lint Frontend / Typecheck (push) Waiting to run
Details
Lint Frontend / Betterer (push) Waiting to run
Details
golangci-lint / lint-go (push) Waiting to run
Details
Crowdin Upload Action / upload-sources-to-crowdin (push) Waiting to run
Details
Coverage / Backend Unit Tests (push) Waiting to run
Details
End-to-end tests / Build & Package Grafana (push) Waiting to run
Details
End-to-end tests / ${{ matrix.suite }} (dashboards-suite) (push) Blocked by required conditions
Details
End-to-end tests / ${{ matrix.suite }} (panels-suite) (push) Blocked by required conditions
Details
End-to-end tests / ${{ matrix.suite }} (smoke-tests-suite) (push) Blocked by required conditions
Details
End-to-end tests / ${{ matrix.suite }} (various-suite) (push) Blocked by required conditions
Details
End-to-end tests / ${{ matrix.suite }} (old arch) (old-arch/dashboards-suite) (push) Blocked by required conditions
Details
End-to-end tests / ${{ matrix.suite }} (old arch) (old-arch/panels-suite) (push) Blocked by required conditions
Details
End-to-end tests / ${{ matrix.suite }} (old arch) (old-arch/smoke-tests-suite) (push) Blocked by required conditions
Details
End-to-end tests / ${{ matrix.suite }} (old arch) (old-arch/various-suite) (push) Blocked by required conditions
Details
Frontend tests / Unit tests (${{ matrix.chunk }} / 8) (1) (push) Waiting to run
Details
Frontend tests / Unit tests (${{ matrix.chunk }} / 8) (2) (push) Waiting to run
Details
Frontend tests / Unit tests (${{ matrix.chunk }} / 8) (3) (push) Waiting to run
Details
Frontend tests / Unit tests (${{ matrix.chunk }} / 8) (4) (push) Waiting to run
Details
Frontend tests / Unit tests (${{ matrix.chunk }} / 8) (5) (push) Waiting to run
Details
Frontend tests / Unit tests (${{ matrix.chunk }} / 8) (6) (push) Waiting to run
Details
Frontend tests / Unit tests (${{ matrix.chunk }} / 8) (7) (push) Waiting to run
Details
Frontend tests / Unit tests (${{ matrix.chunk }} / 8) (8) (push) Waiting to run
Details
Integration Tests / Sqlite (push) Waiting to run
Details
Integration Tests / MySQL (push) Waiting to run
Details
Integration Tests / Postgres (push) Waiting to run
Details
Run dashboard schema v2 e2e / dashboard-schema-v2-e2e (push) Waiting to run
Details
Dispatch sync to mirror / dispatch-job (push) Waiting to run
Details
Trivy Scan / trivy-scan (push) Waiting to run
Details
Zizmor GitHub Actions static analysis / Analyse with Zizmor (push) Waiting to run
Details
* remove unused worklow; use GITHUB_TOKEN where possible
* pin usages of checkout and setup-go
* Fix zizmor errors
* add zizmor.yml
* fix `changelog.yml`
* fix `core-plugins-build-and-release.yml`
* fix `release-comms.yml`
* update release-pr.yml and run-e2e-suite.yml
* Fix errors in files outside of .github/workflows
* Remove path filter on zizmor.yml
---------
Co-authored-by: Sven Grossmann <svennergr@gmail.com>
Co-authored-by: joshhunt <josh.hunt@grafana.com>
2025-04-29 10:09:23 -05:00
16f85585ff
Chore: Switch to github actions bot in go workspace action ( #98490 )
2025-01-03 22:29:57 +02:00
5f5c3f0531
Chore: Add id-token:write permission to go workspace action ( #98489 )
2025-01-03 21:56:19 +02:00
f10bf8338e
Chore: Prevent forks from running go workspace update action ( #98488 )
2025-01-03 21:33:30 +02:00
228ac25ff4
Chore: Use github app for dependabot go workspace workflow ( #98464 )
2025-01-03 13:52:52 -05:00
ae7cb6866d
Chore: Update git user for depedabot action ( #98073 )
2024-12-17 06:31:45 -05:00
7bb1b352e1
CI: Use grot for dependabot go workspace commits ( #96136 )
2024-11-08 18:26:26 +02:00
0b06dca472
CI: Add Dependabot go workspace action ( #96064 )
2024-11-07 20:14:04 -05:00
dependabot[bot]
Roberto Jiménez Sánchez
Mariell Hoversholm
Kevin Minehart
Todd Treece