Simon Kurtz
919fdb3f8e
fix: pin GitHub Actions to immutable SHA hashes to prevent supply chain attacks ( #1088 )
...
* chore: publish from staged
* fix: pin GitHub Actions to immutable SHA hashes to prevent supply chain attacks
Co-authored-by: simonkurtz-MSFT <84809797+simonkurtz-MSFT@users.noreply.github.com >
* chore: publish from staged
* Clean plugins
* Clean plugins
* Clean plugins
* Fix gem-team plugin
* Reset README.plugins.md
---------
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com >
2026-03-23 10:37:40 +11:00
Bruno Borges
3d5b2868f0
fix: allow validate-agentic-workflows-pr.yml in forbidden file checks
2026-02-24 15:11:47 -05:00
Bruno Borges
fc567811c8
fix: exclude validate-agentic-workflows-pr.yml from forbidden file checks
2026-02-24 15:10:07 -05:00
Bruno Borges
68cfcb5c46
fix: update forbidden file check to allow actions-lock.json for workflow compilation
2026-02-24 15:08:38 -05:00
Bruno Borges
f058d7cd44
Combine workflow CI checks into single multi-job workflow
...
Merges the two separate action workflows (block-workflow-yaml.yml and
validate-agentic-workflows.yml) into a single validate-agentic-workflows-pr.yml
with two jobs: check-forbidden-files runs first, then compile-workflows
runs only if the file check passes.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com >
2026-02-20 17:09:56 -08:00
