goreleaser-action

mirror of https://github.com/goreleaser/goreleaser-action.git synced 2026-06-28 17:20:46 +00:00

History

Carlos Alexandro Becker a4f614e65e ci: use a GitHub App token to rebuild dist on dependabot PRs (#569 ) * ci: use a GitHub App token to rebuild dist on dependabot PRs Replaces GH_PAT (a broad org PAT) with a GitHub App token for pushing the rebuilt dist/ back to Dependabot PR branches. An App token is scoped to this repo with minimal permissions and is short-lived, so it is much safer to expose on the (semi-trusted) Dependabot PR build than a wide PAT. The job stays a no-op until the DIST_REBUILD_APP_ID and DIST_REBUILD_APP_PRIVATE_KEY Dependabot secrets are configured. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com> * ci: use GORELEASER_APP_ID/GORELEASER_APP_KEY for dist rebuild Use the existing GoReleaser GitHub App secrets instead of dedicated DIST_REBUILD_* ones. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com> --------- Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com> Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>		2026-06-27 10:26:46 -03:00
..
workflows	ci: use a GitHub App token to rebuild dist on dependabot PRs (#569 )	2026-06-27 10:26:46 -03:00
CODEOWNERS	chore: codeowners	2019-10-03 21:39:01 +02:00
dependabot.yml	ci: update dependabot settings	2026-02-09 09:06:19 -03:00
FUNDING.yml	chore: update community files (#328 )	2022-02-27 18:55:49 +01:00
goreleaser-action.png	refactor: use built-in `getExecOutput` (#292 )	2021-06-10 03:02:52 +02:00