roundcubemail

Mirrors/roundcubemail

Fork 0

mirror of https://github.com/roundcube/roundcubemail.git synced 2026-03-12 11:06:48 +01:00

Commit Graph

Author	SHA1	Message	Date
Pablo Zmdl	a65dc33761	Use commit-hashes to refer to github actions, not manipulatible tags (#9819 ) Dependabot will propose updates to the used versions nonetheless. This is motivated by a recent case in which a github action was compromised and manipulated tags to point to malicious code <https://www.stepsecurity.io/blog/harden-runner-detection-tj-actions-changed-files-action-is-compromised>.	2025-03-23 10:34:32 +01:00
Pablo Zmdl	46d25161dc	Test message rendering (#9460 )	2024-12-19 19:01:25 +01:00

Author

SHA1

Message

Date

Pablo Zmdl

a65dc33761

Use commit-hashes to refer to github actions, not manipulatible tags (#9819 )

Dependabot will propose updates to the used versions nonetheless.

This is motivated by a recent case in which a github action was
compromised and manipulated tags to point to malicious code
<https://www.stepsecurity.io/blog/harden-runner-detection-tj-actions-changed-files-action-is-compromised>.

2025-03-23 10:34:32 +01:00

Pablo Zmdl

46d25161dc

Test message rendering (#9460 )

2024-12-19 19:01:25 +01:00

2 Commits