akanealw/Charon
1
0
Fork 0
Code Issues Pull Requests Actions 5 Packages Projects Releases Wiki Activity
1,775 Commits 11 Branches 107 Tags
753b694dbd2cde86358b75d6a7406ffa2f77b240
Commit Graph

1775 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
GitHub Actions 753b694dbd fix(ci): skip SBOM/Trivy in docker-build for feature branch pushes 2026-01-15 19:44:52 +00:00
GitHub Actions cd0385d770 fix(ci): load docker image locally for feature branch pushes 
Feature branch pushes were failing to save artifacts because the image
was pushed to GHCR but not loaded locally. Multi-platform builds
cannot use load:true, so feature branch pushes now build single-platform.
 2026-01-15 16:50:46 +00:00
Jeremy e31a20d498 Merge branch 'main' into feature/beta-release 2026-01-15 11:50:07 -05:00
Jeremy 3b9502ebc5 Merge pull request #539 from Wikid82/renovate/feature/beta-release-github-codeql-action-4.x 
chore(deps): update github/codeql-action action to v4 (feature/beta-release)
 2026-01-15 11:49:32 -05:00
Jeremy 05c01ab503 Merge pull request #538 from Wikid82/renovate/feature/beta-release-node-24.x 
chore(deps): update dependency node to v24 (feature/beta-release)
 2026-01-15 11:49:02 -05:00
Jeremy 14f8d0f91b Merge branch 'feature/beta-release' into renovate/feature/beta-release-node-24.x 2026-01-15 11:48:49 -05:00
Jeremy 6cf7aecec3 Merge pull request #537 from Wikid82/renovate/feature/beta-release-node-22.x 
chore(deps): update dependency node to v22 (feature/beta-release)
 2026-01-15 11:48:18 -05:00
Jeremy 32ffcef207 Merge pull request #536 from Wikid82/renovate/feature/beta-release-anchore-scan-action-7.x 
chore(deps): update anchore/scan-action action to v7 (feature/beta-release)
 2026-01-15 11:47:58 -05:00
Jeremy 1f51bd718f Merge branch 'feature/beta-release' into renovate/feature/beta-release-anchore-scan-action-7.x 2026-01-15 11:47:46 -05:00
Jeremy 4d65f90716 Merge pull request #535 from Wikid82/renovate/feature/beta-release-anchore-scan-action-6.x 
chore(deps): update anchore/scan-action action to v6 (feature/beta-release)
 2026-01-15 11:47:21 -05:00
Jeremy 30e5cc8e98 Merge branch 'feature/beta-release' into renovate/feature/beta-release-anchore-scan-action-6.x 2026-01-15 11:47:07 -05:00
Jeremy 2b94cd99fd Merge pull request #534 from Wikid82/renovate/feature/beta-release-anchore-scan-action-5.x 
chore(deps): update anchore/scan-action action to v5 (feature/beta-release)
 2026-01-15 11:46:43 -05:00
Jeremy ab4277335a Merge pull request #533 from Wikid82/renovate/feature/beta-release-actions-setup-node-6.x 
chore(deps): update actions/setup-node action to v6 (feature/beta-release)
 2026-01-15 11:46:21 -05:00
Jeremy ae33cffb1a Merge branch 'feature/beta-release' into renovate/feature/beta-release-actions-setup-node-6.x 2026-01-15 11:46:08 -05:00
Jeremy 9d76c33992 Merge pull request #532 from Wikid82/renovate/feature/beta-release-actions-setup-node-5.x 
chore(deps): update actions/setup-node action to v5 (feature/beta-release)
 2026-01-15 11:45:29 -05:00
Jeremy 6f8d345e5b Merge branch 'feature/beta-release' into renovate/feature/beta-release-actions-setup-node-5.x 2026-01-15 11:45:11 -05:00
Jeremy 6447901820 Merge pull request #531 from Wikid82/renovate/feature/beta-release-actions-setup-go-6.x 
chore(deps): update actions/setup-go action to v6 (feature/beta-release)
 2026-01-15 11:44:38 -05:00
Jeremy 2a744fc482 Merge pull request #530 from Wikid82/renovate/feature/beta-release-major-7-github-artifact-actions 
chore(deps): update actions/download-artifact action to v7 (feature/beta-release)
 2026-01-15 11:44:12 -05:00
Jeremy df1239a9c6 Merge branch 'feature/beta-release' into renovate/feature/beta-release-major-7-github-artifact-actions 2026-01-15 11:43:46 -05:00
renovate[bot] b27134dacc chore(deps): update actions/download-artifact action to v7 2026-01-15 16:43:26 +00:00
Jeremy 9923719049 Merge pull request #529 from Wikid82/renovate/feature/beta-release-major-6-github-artifact-actions 
chore(deps): update actions/download-artifact action to v6 (feature/beta-release)
 2026-01-15 11:42:47 -05:00
Jeremy 7808648aa3 Merge branch 'feature/beta-release' into renovate/feature/beta-release-major-6-github-artifact-actions 2026-01-15 11:42:38 -05:00
Jeremy ef1f10b082 Merge pull request #528 from Wikid82/renovate/feature/beta-release-major-5-github-artifact-actions 
chore(deps): update actions/download-artifact action to v5 (feature/beta-release)
 2026-01-15 11:41:57 -05:00
Jeremy 0b5b6ce256 Merge pull request #527 from Wikid82/renovate/feature/beta-release-actions-checkout-6.x 
chore(deps): update actions/checkout action to v6 (feature/beta-release)
 2026-01-15 11:41:24 -05:00
renovate[bot] 29e577b976 chore(deps): update github/codeql-action action to v4 2026-01-15 16:40:59 +00:00
Jeremy 6093d8fc21 Merge branch 'feature/beta-release' into renovate/feature/beta-release-actions-checkout-6.x 2026-01-15 11:40:54 -05:00
renovate[bot] c6064f9bc0 chore(deps): update dependency node to v24 2026-01-15 16:40:53 +00:00
renovate[bot] 04b76329c4 chore(deps): update dependency node to v22 2026-01-15 16:40:48 +00:00
renovate[bot] 08bebd5f6f chore(deps): update actions/setup-node action to v6 2026-01-15 16:40:41 +00:00
renovate[bot] 3e50b26a1f chore(deps): update actions/setup-node action to v5 2026-01-15 16:40:35 +00:00
renovate[bot] 1497336d11 chore(deps): update actions/setup-go action to v6 2026-01-15 16:40:29 +00:00
renovate[bot] baf971b54f chore(deps): update actions/download-artifact action to v6 2026-01-15 16:40:17 +00:00
renovate[bot] 79a5f27272 chore(deps): update actions/download-artifact action to v5 2026-01-15 16:40:10 +00:00
Jeremy 04948d902f Merge pull request #526 from Wikid82/renovate/feature/beta-release-actions-checkout-5.x 
chore(deps): update actions/checkout action to v5 (feature/beta-release)
 2026-01-15 11:40:05 -05:00
renovate[bot] d31a5fd3b8 chore(deps): update actions/checkout action to v6 2026-01-15 16:40:03 +00:00
renovate[bot] 84c2b22e49 chore(deps): update actions/checkout action to v5 2026-01-15 16:39:57 +00:00
Jeremy 5e89275254 Merge pull request #525 from Wikid82/renovate/feature/beta-release-weekly-non-major-updates 
fix(deps): update weekly-non-major-updates (feature/beta-release)
 2026-01-15 11:38:33 -05:00
renovate[bot] e1c6c6dcf9 chore(deps): update anchore/scan-action action to v7 2026-01-15 16:35:55 +00:00
renovate[bot] 028233f378 chore(deps): update anchore/scan-action action to v6 2026-01-15 16:35:48 +00:00
renovate[bot] e9648ca058 chore(deps): update anchore/scan-action action to v5 2026-01-15 16:35:41 +00:00
renovate[bot] 7a55cb0be9 fix(deps): update weekly-non-major-updates 2026-01-15 16:34:35 +00:00
Jeremy 2cd47a125b Fix branch name format in renovate configuration 2026-01-15 11:28:01 -05:00
Jeremy b0d531b4de Merge branch 'main' into feature/beta-release 2026-01-15 11:23:49 -05:00
Jeremy 021eacf4ea Update baseBranches in renovate.json configuration 2026-01-15 11:23:28 -05:00
Jeremy 0346ae2558 Merge branch 'main' into feature/beta-release 2026-01-15 11:20:58 -05:00
Jeremy 2c779c8ef1 Rename baseBranchPatterns to baseBranches 2026-01-15 11:20:40 -05:00
Jeremy 3579f816c5 Merge branch 'main' into feature/beta-release 2026-01-15 11:16:32 -05:00
Jeremy 2e09dbb4f4 Add feature branch pattern to Renovate config 2026-01-15 11:15:47 -05:00
GitHub Actions 07796bf610 fix(ci): enable workflow_run triggers for all push branches 
Update branch triggers and downstream workflow logic to support all
branches defined in docker-build.yml (main, development, feature/**).

Changes:

docker-build.yml: Expand branch glob to feature/**, use branch-based tags
playwright.yml: Replace is_beta_push with generic is_push detection
security-pr.yml: Same branch-agnostic pattern
supply-chain-pr.yml: Same pattern, skip PR comments for push events
The workflows now support any push that triggers docker-build:

main branch → tag: latest
development branch → tag: dev
feature/* branches → tag: {branch-name}
Pull requests → tag: pr-{number}
Dynamic artifact naming:

Push events: push-image (shared across all branches)
Pull requests: pr-image-{number}
This ensures CI/CD pipelines work for stable releases, bug fixes,
and new feature development without hardcoded branch names.
 2026-01-15 16:07:40 +00:00
GitHub Actions 3590553519 chore(ci): comprehensive CI/CD audit fixes per best practices 
Implements all 13 fixes identified in the CI/CD audit against
github-actions-ci-cd-best-practices.instructions.md

Critical fixes:

Remove hardcoded encryption key from playwright.yml (security)
Fix artifact filename mismatch in supply-chain-pr.yml (bug)
Pin GoReleaser to ~> v2.5 instead of latest (supply chain)
High priority fixes:

Upgrade CodeQL action from v3 to v4 in supply-chain-pr.yml
Add environment protection for release workflow
Fix shell variable escaping ($$ → $) in release-goreleaser.yml
Medium priority fixes:

Add timeout-minutes to playwright.yml (20 min)
Add explicit permissions to quality-checks.yml
Add timeout-minutes to codecov-upload.yml jobs (15 min)
Fix benchmark.yml permissions (workflow-level read, job-level write)
Low priority fixes:

Add timeout-minutes to docs.yml jobs (10/5 min)
Add permissions block to docker-lint.yml
Add timeout-minutes to renovate.yml (30 min)
 2026-01-15 15:25:58 +00:00