You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@commons.apache.org by gg...@apache.org on 2023/06/24 18:47:45 UTC

[commons-configuration] branch master updated: [StepSecurity] ci: Harden GitHub Actions #307

This is an automated email from the ASF dual-hosted git repository.

ggregory pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/commons-configuration.git


The following commit(s) were added to refs/heads/master by this push:
     new e237d4f5 [StepSecurity] ci: Harden GitHub Actions #307
e237d4f5 is described below

commit e237d4f558eac9b5d9838f50f921e6883689c1fc
Author: Gary Gregory <ga...@gmail.com>
AuthorDate: Sat Jun 24 14:47:40 2023 -0400

    [StepSecurity] ci: Harden GitHub Actions #307
---
 src/changes/changes.xml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/changes/changes.xml b/src/changes/changes.xml
index 98514532..4be56dbb 100644
--- a/src/changes/changes.xml
+++ b/src/changes/changes.xml
@@ -24,6 +24,10 @@
   </properties>
   <body>
     <release version="2.9.1" date="20YY-MM-DD" description="Minor release with new features and updated dependencies.">
+      <!-- FIX -->
+      <action dev="ggregory" type="fix" due-to="step-security-bot, Gary Gregory">
+        [StepSecurity] ci: Harden GitHub Actions #307.
+      </action>
       <!-- UPDATE -->
       <action type="update" dev="ggregory" due-to="Dependabot">
         Bump jackson-databind from 2.14.2 to 2.15.2 #297, #303.