everything-claude-code

elias/everything-claude-code

Fork 0

mirror of https://github.com/affaan-m/everything-claude-code.git synced 2026-05-14 02:10:07 +08:00

Commit Graph

Author	SHA1	Message	Date
Affaan Mustafa	daf0355531	ci: harden workflow install boundaries - run non-test workflow installs with npm ci --ignore-scripts where lifecycle scripts are not needed\n- reject plain npm ci in workflows with write permissions\n- reject actions/cache in id-token: write workflows to reduce OIDC publish cache-poisoning risk	2026-05-12 21:55:36 -04:00
Affaan Mustafa	e674a7dbd7	fix: harden CI validators Ports personal-path validator hardening and quoted checkout detection onto current main.	2026-05-11 03:08:43 -04:00
Affaan Mustafa	3792b69a38	fix: block unsafe privileged workflow checkouts	2026-04-12 23:23:01 -07:00

Author

SHA1

Message

Date

Affaan Mustafa

daf0355531

ci: harden workflow install boundaries

- run non-test workflow installs with npm ci --ignore-scripts where lifecycle scripts are not needed\n- reject plain npm ci in workflows with write permissions\n- reject actions/cache in id-token: write workflows to reduce OIDC publish cache-poisoning risk

2026-05-12 21:55:36 -04:00

Affaan Mustafa

e674a7dbd7

fix: harden CI validators

Ports personal-path validator hardening and quoted checkout detection onto current main.

2026-05-11 03:08:43 -04:00

Affaan Mustafa

3792b69a38

fix: block unsafe privileged workflow checkouts

2026-04-12 23:23:01 -07:00

3 Commits