| .. |
|
ci.yml
|
7c0eeed8d5
Both workflows now parse package-lock.json directly instead of trusting npm ls. The lockfile correctly marks minimatch as dev: true and doesn't contain npm/tar at all —
|
il y a 3 mois |
|
codeql.yml
|
74e84277cf
Add CodeQL advanced setup workflow with accepted-risk exclusions
|
il y a 3 mois |
|
issue-closed.yml
|
86ad13398a
Updated CI
|
il y a 3 mois |
|
security.yml
|
7c0eeed8d5
Both workflows now parse package-lock.json directly instead of trusting npm ls. The lockfile correctly marks minimatch as dev: true and doesn't contain npm/tar at all —
|
il y a 3 mois |
|
stale.yml
|
6ee25a2157
The only-labels: 'feedback' parameter tells the stale bot to only process issues that have the feedback label. All other issues (feature requests with future, bug
|
il y a 3 mois |
maziggy
7c0eeed8d5
Both workflows now parse package-lock.json directly instead of trusting npm ls. The lockfile correctly marks minimatch as dev: true and doesn't contain npm/tar at all —