cookiecutter/cookiecutter-django
1
1
Fork 0
mirror of https://github.com/cookiecutter/cookiecutter-django.git synced 2024-11-14 13:47:07 +03:00
Code Issues Packages Projects Releases Wiki Activity
5,966 Commits 11 Branches 576 Tags 24 MiB
635b1fa3ec
Commit Graph

34 Commits

Author SHA1 Message Date
Naveen
e0c04fa0d3
Set permissions for GitHub actions (#3698) 
* chore: Set permissions for GitHub actions

 Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.

- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)

Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>

* Leave comment close to code

Co-authored-by: Bruno Alla <browniebroke@users.noreply.github.com>
 2022-05-07 13:49:24 +01:00
dependabot[bot]
59b01a3462
Bump peter-evans/create-pull-request from 3.14.0 to 4 (#3645) 
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 3.14.0 to 4.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](https://github.com/peter-evans/create-pull-request/compare/v3.14.0...v4)

---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-03-23 19:55:45 +00:00
dependabot[bot]
3eaeb83760
Bump actions/checkout from 2 to 3 (#3619) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Bruno Alla <alla.brunoo@gmail.com>
 2022-03-02 09:17:47 +00:00
dependabot[bot]
318c018276
Bump actions/setup-python from 2 to 3 (#3617) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-03-01 15:25:18 +00:00
dependabot[bot]
8fa66e8593
Bump peter-evans/create-pull-request from 3.13.0 to 3.14.0 (#3618) 
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 3.13.0 to 3.14.0.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](https://github.com/peter-evans/create-pull-request/compare/v3.13.0...v3.14.0)

---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-03-01 08:20:39 +00:00
dependabot[bot]
92e88bca2a
Bump peter-evans/create-pull-request from 3.12.1 to 3.13.0 (#3616) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-02-28 18:45:23 +00:00
dependabot[bot]
3512e63cf2
Bump peter-evans/create-pull-request from 3.12.0 to 3.12.1 (#3558) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-02-07 14:33:52 +00:00
dependabot[bot]
2a1ea27ba1
Bump peter-evans/create-pull-request from 3.11.0 to 3.12.0 (#3469) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-12-14 08:59:56 +00:00
Bruno Alla
c4aa645094 Auto-update pre-commit hooks for template 2021-12-08 18:18:36 +00:00
Bruno Alla
4a63cecebc Disable a few workflows on forks 2021-12-06 11:50:50 +00:00
Bruno Alla
6542067138 Auto-format YAML in the .github folder 2021-11-19 22:06:56 +00:00
Bruno Alla
b0dbee3c17 Quote Python versions 2021-11-19 21:52:04 +00:00
Bruno Alla
f77906d135 Reference official GH actions by major version only 2021-11-04 14:55:32 +00:00
dependabot[bot]
06d44987f3
Bump peter-evans/create-pull-request from 3.10.1 to 3.11.0 
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 3.10.1 to 3.11.0.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](https://github.com/peter-evans/create-pull-request/compare/v3.10.1...v3.11.0)

---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-11-04 05:18:08 +00:00
dependabot[bot]
af47398ddd
Bump peter-evans/create-pull-request from 3.10.0 to 3.10.1 
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 3.10.0 to 3.10.1.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](https://github.com/peter-evans/create-pull-request/compare/v3.10.0...v3.10.1)

---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-08-23 05:02:27 +00:00
dependabot[bot]
bd0bba6e6c
Bump peter-evans/create-pull-request from 3.9.2 to 3.10.0 
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 3.9.2 to 3.10.0.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](https://github.com/peter-evans/create-pull-request/compare/v3.9.2...v3.10.0)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-05-25 05:29:46 +00:00
Fábio C. Barrionuevo da Luz
82bf33b279
Merge pull request #3173 from pydanny/dependabot/github_actions/actions/setup-python-2.2.2 
Bump actions/setup-python from 2 to 2.2.2
 2021-05-15 15:49:29 -03:00
dependabot[bot]
577603c55c
Bump peter-evans/create-pull-request from 3.8.2 to 3.9.2 
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 3.8.2 to 3.9.2.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](https://github.com/peter-evans/create-pull-request/compare/v3.8.2...v3.9.2)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-05-14 05:31:45 +00:00
dependabot[bot]
05ac73b7b9
Bump actions/setup-python from 2 to 2.2.2 
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 2 to 2.2.2.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](https://github.com/actions/setup-python/compare/v2...v2.2.2)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-05-12 05:12:25 +00:00
Bruno Alla
9e7320ea1b Merge branch 'master' into fix_upgrade_py39 
# Conflicts:
#	README.rst
#	{{cookiecutter.project_slug}}/.gitlab-ci.yml
#	{{cookiecutter.project_slug}}/compose/local/django/Dockerfile
#	{{cookiecutter.project_slug}}/compose/production/django/Dockerfile
 2021-04-08 18:43:54 +01:00
dependabot[bot]
9efa93a7e0
Bump peter-evans/create-pull-request from v3.8.1 to v3.8.2 
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from v3.8.1 to v3.8.2.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](https://github.com/peter-evans/create-pull-request/compare/v3.8.1...052fc72b4198ba9fbc81b818c6e1859f747d49a8)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-02-10 05:51:17 +00:00
dependabot[bot]
10a4f4e4b8
Bump peter-evans/create-pull-request from v3.8.0 to v3.8.1 
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from v3.8.0 to v3.8.1.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](https://github.com/peter-evans/create-pull-request/compare/v3.8.0...34371f09e5a05dadd212d0bc451d4c1fa456c646)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-02-08 06:30:51 +00:00
dependabot[bot]
086dae7eca
Bump peter-evans/create-pull-request from v3.7.0 to v3.8.0 
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from v3.7.0 to v3.8.0.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](https://github.com/peter-evans/create-pull-request/compare/v3.7.0...5e9d0ee9ea5ccf865a52a571cba827e4b52a1aff)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-02-01 07:19:27 +00:00
areski
a1d551d067 Update from Python3.8 to Python3.9 2021-01-26 16:13:27 +01:00
dependabot[bot]
602832cde3
Bump peter-evans/create-pull-request from v3.6.0 to v3.7.0 
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from v3.6.0 to v3.7.0.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](https://github.com/peter-evans/create-pull-request/compare/v3.6.0...2455e1596942c2902952003bbb574afbbe2ab2e6)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-01-26 06:07:57 +00:00
dependabot[bot]
5e41838b39
Bump peter-evans/create-pull-request from v3.5.2 to v3.6.0 
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from v3.5.2 to v3.6.0.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](https://github.com/peter-evans/create-pull-request/compare/v3.5.2...45c510e1f68ba052e3cd911f661a799cfb9ba3a3)

Signed-off-by: dependabot[bot] <support@github.com>
 2020-12-23 06:12:42 +00:00
dependabot[bot]
c1b9c2acc5
Bump peter-evans/create-pull-request from v3.5.1 to v3.5.2 
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from v3.5.1 to v3.5.2.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](https://github.com/peter-evans/create-pull-request/compare/v3.5.1...8c603dbb04b917a9fc2dd991dc54fef54b640b43)

Signed-off-by: dependabot[bot] <support@github.com>
 2020-12-09 06:18:22 +00:00
dependabot[bot]
b47678a2e8
Bump peter-evans/create-pull-request from v3.5.0 to v3.5.1 
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from v3.5.0 to v3.5.1.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](https://github.com/peter-evans/create-pull-request/compare/v3.5.0...ce699aa2d108e9d04fde047a71e44b2bf444b6dc)

Signed-off-by: dependabot[bot] <support@github.com>
 2020-11-25 05:47:41 +00:00
dependabot[bot]
1ab82a0e33
Bump peter-evans/create-pull-request from v2 to v3.5.0 
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from v2 to v3.5.0.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](https://github.com/peter-evans/create-pull-request/compare/v2...ff0beed1b2103611f5bdb7dfb1b23956763bf79a)

Signed-off-by: dependabot[bot] <support@github.com>
 2020-11-17 06:16:21 +00:00
Bruno Alla
7223ab5065 Pin official GH actions to the major digit 2020-10-15 12:58:21 +01:00
dependabot[bot]
f98211ae4c
Bump actions/setup-python from v2.1.2 to v2.1.3 
Bumps [actions/setup-python](https://github.com/actions/setup-python) from v2.1.2 to v2.1.3.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](https://github.com/actions/setup-python/compare/v2.1.2...c181ffa198a1248f902bc2f7965d2f9a36c2d7f6)

Signed-off-by: dependabot[bot] <support@github.com>
 2020-10-01 06:24:35 +00:00
dependabot[bot]
684218a908
Update actions/setup-python requirement to v2.1.2 
Updates the requirements on [actions/setup-python](https://github.com/actions/setup-python) to permit the latest version.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](24156c231c)

Signed-off-by: dependabot[bot] <support@github.com>
 2020-09-09 12:25:44 +00:00
Bruno Alla
4db39b5319 Fix syntax 2020-08-12 12:55:37 +01:00
Bruno Alla
3d1067fb56 Workflow to run pre-commit autoupdate 2020-08-12 12:52:58 +01:00