update-flake-lock

Author	SHA1	Message	Date
dependabot[bot]	37001efe5b	build(deps): bump crazy-max/ghaction-import-gpg from 6.2.0 to 6.3.0 Bumps [crazy-max/ghaction-import-gpg](https://github.com/crazy-max/ghaction-import-gpg) from 6.2.0 to 6.3.0. - [Release notes](https://github.com/crazy-max/ghaction-import-gpg/releases) - [Commits](`cb9bde2e25...e89d40939c`) --- updated-dependencies: - dependency-name: crazy-max/ghaction-import-gpg dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2025-03-31 01:42:56 +00:00
Graham Christensen	f71609bc55	Merge pull request #138 from DeterminateSystems/dependabot/github_actions/crazy-max/ghaction-import-gpg-6.2.0 build(deps): bump crazy-max/ghaction-import-gpg from 6.1.0 to 6.2.0	2025-03-19 16:14:03 -04:00
Graham Christensen	e64717fb04	Update action.yml Co-authored-by: Cole Helbling <cole.helbling@determinate.systems>	2025-03-19 12:25:15 -04:00
Graham Christensen	d99e45a16b	Update the text with much simpler 'run ci' instructions.	2025-03-19 12:13:08 -04:00
Cole Mickens	1360662aa3	action.yml: expose pull-request-url from create-pr action	2024-11-08 11:34:36 -08:00
dependabot[bot]	1cc1733537	build(deps): bump crazy-max/ghaction-import-gpg from 6.1.0 to 6.2.0 Bumps [crazy-max/ghaction-import-gpg](https://github.com/crazy-max/ghaction-import-gpg) from 6.1.0 to 6.2.0. - [Release notes](https://github.com/crazy-max/ghaction-import-gpg/releases) - [Commits](`01dd5d3ca4...cb9bde2e25`) --- updated-dependencies: - dependency-name: crazy-max/ghaction-import-gpg dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2024-10-28 01:50:01 +00:00
Arian van Putten	af9a980c7d	Lock third-party actions A caller of this action can lock this action to a specific commit. However because the action itself does not lock its dependent actions to a specific commit this opens the end-user up to possible supply-chain attacks if the dependent actions rewrite their tags. This PR changes all third party actions to be explicitly locked. Dependabot will still work and update these hashes for you I also suggest installing https://github.com/ossf/scorecard in this repo. It will report about these kind of issues. Note that you should in turn have to audit all the third party deps of the actions that your action depends on. In general this is all a bit of a mess and GitHub's security model is very meh e.g. see https://github.com/ossf/scorecard/issues/2189	2024-06-18 09:17:15 -07:00
Luc Perkins	0e2a61b1f3	Add environment variable for strict mode input	2024-05-23 12:23:56 -03:00
Luc Perkins	7a7f13f9b5	Make strict mode input not required	2024-05-23 12:03:54 -03:00
Luc Perkins	7ce3b51a1d	Update detsys-ts	2024-05-22 15:40:01 -03:00
Graham Christensen	3fa85bcf4c	nit: run line	2024-05-09 15:44:43 -04:00
Graham Christensen	d978837d43	Expose all inputs	2024-05-09 15:35:53 -04:00
Graham Christensen	8363f28293	Call the node action instead directly	2024-05-07 23:02:56 -04:00
Luc Perkins	dde5487502	Finish initial rework into TS	2024-04-26 11:55:19 -03:00
Luc Perkins	b1f8684b21	Update Nix shell and add envrc	2024-04-21 19:42:23 -03:00
Luc Perkins	cf6776dfd1	Add initial JS setup	2024-04-21 19:17:03 -03:00
Cole Helbling	a3ccb8f597	Update pedrolamas/handlebars-action to 2.4.0	2024-02-29 07:07:00 -08:00
Cole Helbling	56b3507bfe	Update DamianReeves/write-file-action to v1.3	2024-02-28 15:06:00 -08:00
dependabot[bot]	70d01ca550	build(deps): bump pedrolamas/handlebars-action from 2.2.0 to 2.3.0 Bumps [pedrolamas/handlebars-action](https://github.com/pedrolamas/handlebars-action) from 2.2.0 to 2.3.0. - [Release notes](https://github.com/pedrolamas/handlebars-action/releases) - [Commits](https://github.com/pedrolamas/handlebars-action/compare/v2.2.0...v2.3.0) --- updated-dependencies: - dependency-name: pedrolamas/handlebars-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2024-02-28 14:55:32 -08:00
dependabot[bot]	0631a12d9a	build(deps): bump crazy-max/ghaction-import-gpg from 5 to 6 Bumps [crazy-max/ghaction-import-gpg](https://github.com/crazy-max/ghaction-import-gpg) from 5 to 6. - [Release notes](https://github.com/crazy-max/ghaction-import-gpg/releases) - [Commits](https://github.com/crazy-max/ghaction-import-gpg/compare/v5...v6) --- updated-dependencies: - dependency-name: crazy-max/ghaction-import-gpg dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2024-02-28 14:54:51 -08:00
Morgan Helton	a72d3c5880	update peter-evans/create-pull-request to v6	2024-02-28 14:54:06 -08:00
Pol Dellaiera	e98d4358e3	Bump `peter-evans/create-pull-request` to v5	2023-10-10 13:22:51 -07:00
Graham Christensen	da2fd6f256	Update action.yml	2023-08-24 00:12:15 -04:00
xgroleau🐢	dec3bc3c9b	fix: removed commented commit escaping code	2023-03-29 11:11:22 -07:00
xgroleau🐢	ad81b423ab	fix: use multiline string	2023-03-29 11:11:22 -07:00
xgroleau🐢	8a88a06550	fix: pr message fix	2023-03-29 11:11:22 -07:00
xgroleau🐢	9af2d0f36a	fix : replace action using deprecated node 12	2023-03-29 11:11:22 -07:00
xgroleau🐢	b55ee105d9	feat: Added nix option fix: nix options position Use empty list fix options	2023-03-29 11:11:22 -07:00
Budiman Jojo	bc75a5b55e	expose status of PR	2023-03-27 09:17:55 -07:00
Jörg Thalheim	786e5cf5a2	allow to set base branch of pull request	2023-03-27 08:43:21 -07:00
dependabot[bot]	085c3a0b6d	build(deps): bump pedrolamas/handlebars-action from 2.1.0 to 2.2.0 Bumps [pedrolamas/handlebars-action](https://github.com/pedrolamas/handlebars-action) from 2.1.0 to 2.2.0. - [Release notes](https://github.com/pedrolamas/handlebars-action/releases) - [Commits](https://github.com/pedrolamas/handlebars-action/compare/v2.1.0...v2.2.0) --- updated-dependencies: - dependency-name: pedrolamas/handlebars-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2023-03-06 05:55:07 -08:00
dependabot[bot]	cc83127440	build(deps): bump peter-evans/create-pull-request from 3 to 4 Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 3 to 4. - [Release notes](https://github.com/peter-evans/create-pull-request/releases) - [Commits](https://github.com/peter-evans/create-pull-request/compare/v3...v4) --- updated-dependencies: - dependency-name: peter-evans/create-pull-request dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2023-03-06 05:46:37 -08:00
Linus Heckemann	114dde340d	Merge pull request #57 from DeterminateSystems/dependabot/github_actions/pedrolamas/handlebars-action-2.1.0 build(deps): bump pedrolamas/handlebars-action from 2.0.0 to 2.1.0	2023-01-27 16:00:40 +01:00
Eric Crosson	876a472251	fix(deps): upgrade DamianReeves/write-file-action to v1.2 https://github.com/DamianReeves/write-file-action/releases/tag/v1.2 This bumps the write-file-action from the Node.js 12 runtime to Node.js 16, avoiding a warning that Node.js 12 actions are deprecated[^1]. [^1]: https://github.blog/changelog/2022-09-22-github-actions-all-actions-will-begin-running-on-node16-instead-of-node12/	2023-01-23 07:15:35 -08:00
Eric Crosson	a0c5484d59	feat: accept list of reviewers and assignees Pass a list of GitHub usernames through to peter-evans/create-pull-request. Assignees are specified with the `pr-assignees` property. Reviewers are specified with the `pr-reviewers` property. Both properties expect the value to be a list of GitHub usernames, separated by either commas or newlines.	2023-01-19 07:29:15 -08:00
Arman Bilge	913da8731c	Remove stray `>`	2022-11-28 08:02:01 -08:00
Arman Bilge	867efeb864	Emails should be in `< ... >`	2022-11-28 08:02:01 -08:00
Arman Bilge	5e50e4bcfb	Allow to customize git author/committer name+email	2022-11-28 08:02:01 -08:00
dependabot[bot]	766761fdfc	build(deps): bump pedrolamas/handlebars-action from 2.0.0 to 2.1.0 Bumps [pedrolamas/handlebars-action](https://github.com/pedrolamas/handlebars-action) from 2.0.0 to 2.1.0. - [Release notes](https://github.com/pedrolamas/handlebars-action/releases) - [Commits](https://github.com/pedrolamas/handlebars-action/compare/v2.0.0...v2.1.0) --- updated-dependencies: - dependency-name: pedrolamas/handlebars-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2022-11-08 01:17:13 +00:00
Aaron Andersen	0ad9a55048	feat: allow specifying a path to flake.nix within the repository	2022-09-14 07:46:21 -07:00
Nicola Squartini	235f95922e	chore: bump `crazy-max/ghaction-import-gpg`	2022-08-19 11:40:14 -07:00
Nicola Squartini	a8f58509de	feat: allow using a subkey for GPG signing	2022-08-19 11:39:18 -07:00
Cole Helbling	4cf0d5d8d6	Prevent template files from being committed	2022-07-29 07:49:05 -07:00
Eduardo Robles Elvira	e23c52bb51	fixing sign-commits boolean variable conditionals	2022-07-15 12:22:17 +01:00
Eduardo Robles Elvira	96af8bfbfc	Adding documentation and support for custom pr-body	2022-07-15 11:44:21 +01:00
Eduardo Robles Elvira	1c5f270731	adding support for gpg commit signing	2022-07-15 05:40:47 +02:00
Arman Bilge	2026a4bf1a	Expose option to configure branch for PR (#36 )	2022-06-22 15:44:48 -04:00
Cole Helbling	c58b7816fa	Expose the number of the opened PR	2022-04-22 11:46:11 -07:00
a-kenji	a10510d383	Add: script for `update flake lock` Take commands out of the `action.yml` file, and put it in a dedicated shell script.	2022-04-05 08:50:00 -07:00
maydayv7	e00d99112b	fix: Re-introduce `inputs.pr-title` This is to allow users to override the PR title since the commit message as well as title are processed differently which may lead to errors in how they are displayed. For example, the commit message needs quotations to be escaped	2022-02-01 10:43:22 -08:00

1 2

62 Commits