github-personal/firezone
1
0
Fork 0
mirror of https://github.com/outbackdingo/firezone.git synced 2026-01-27 10:18:54 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
852a7a94843ec79cd991e824aae890de0e5e61d6
firezone/.github
History
Mariusz Klochowicz 852a7a9484 chore(dependabot): Add 28-day cooldown for supply-chain security (#10365) 
Configure Dependabot with a 28-day cooldown period across all package
ecosystems to protect against supply-chain attacks. This ensures newly
released packages undergo community vetting before adoption.

Key changes:
- Add 7-day cooldown for all dependency types (major, minor, patch)
- Switch from monthly to weekly checks to ensure timely updates after
cooldown expires
- Use YAML anchors to maintain DRY configuration (we can unfold them if
we need custom config)

Security rationale:
- Most supply-chain attacks are discovered within a few days of release
- Patch versions are particularly vulnerable as they're often
auto-merged with less scrutiny
- Weekly checks + 28-day cooldown = roughly matching previous elixir
dependency update cadence

Note: Security updates bypass the cooldown and are applied immediately,
ensuring critical CVEs are patched without delay
2025-09-17 00:35:54 +00:00
..
actions
chore: Build whole workspace on macos (#10228)
2025-09-02 06:55:53 +00:00
ISSUE_TEMPLATE
refactor: Discord -> Slack (#4616)
2024-04-15 22:05:29 +00:00
workflows
ci: add latency to routers (#10352)
2025-09-16 20:27:47 +00:00
.gitignore
chore(ci): downgrade runners to free tier (#10248)
2025-08-26 10:48:45 -07:00
actionlint.yml
chore: remove duplicate labels from actionlint configuration (#9789)
2025-07-04 14:25:47 +00:00
CODEOWNERS
chore: move terraform/ to private repo (#9421)
2025-06-05 19:24:06 +00:00
codespellrc
ci: ignore GUI client pnpm-lock.yml for spellchecker (#9355)
2025-06-02 05:40:57 +00:00
copilot-instructions.md
chore: add basic context about Firezone for AI agents (#10284)
2025-09-10 03:30:23 +00:00
dependabot.yml
chore(dependabot): Add 28-day cooldown for supply-chain security (#10365)
2025-09-17 00:35:54 +00:00
package.json
chore(ci): downgrade runners to free tier (#10248)
2025-08-26 10:48:45 -07:00
pnpm-lock.yaml
chore(ci): downgrade runners to free tier (#10248)
2025-08-26 10:48:45 -07:00
pre-commit-config.yaml
chore(ci): downgrade runners to free tier (#10248)
2025-08-26 10:48:45 -07:00
README_CI.md
chore(ci): Use GitHub Actions Cache for CI layer cache (#9941)
2025-07-21 04:04:14 +00:00
release-drafter-android-client.yml
ci: Draft android releases (#7596)
2024-12-30 14:33:11 +00:00
release-drafter-gateway.yml
chore(ci): Remove unneeded release drafter config (#7607)
2024-12-30 14:56:58 +00:00
release-drafter-gui-client.yml
chore(ci): Remove unneeded release drafter config (#7607)
2024-12-30 14:56:58 +00:00
release-drafter-headless-client.yml
chore(ci): Remove unneeded release drafter config (#7607)
2024-12-30 14:56:58 +00:00
release-drafter-macos-client.yml
Revert "ci: Consolidate templates for release drafter" (#7606)
2024-12-30 06:32:36 -08:00
requirements.txt
chore(deps): Bump codespell to 2.4.1 and fix found issues (#9221)
2025-05-24 22:02:06 +00:00