Requested by: @vaind
Merge target: (default)
Quick links:
Assign the accepted label to this issue to approve the release.
Targets
Checked targets will be skipped (either already published or user-requested skip). Uncheck to retry a target.
📋 Changelog
Features
- Validate PR - Action is advisory: it posts a single friendly comment on community PRs that don't reference an issue with maintainer discussion. PRs are not closed and no labels are applied. Recommended trigger is
types: [opened].
- Validate PR - Skip validation for PRs with fewer than 100 lines changed, excluding common lock files (
Cargo.lock, yarn.lock, package-lock.json, Pipfile.lock, etc.). Tiny PRs no longer go through the issue-discussion loop.
- Add validate-pr composite action for validating non-maintainer PRs against contribution guidelines (#153)
Fixes
- Complete script injection hardening across all actions: move remaining step outputs to env vars, validate Danger version against semver (#152)
- Updater - Trigger CI for new PRs without changelog updates (#166)
- Updater - Select the first branch when multiple branches point at
HEAD (#165)
Dependencies
- Bump Danger JS from v13.0.4 to v13.0.5 (#160)
Requested by: @vaind
Merge target: (default)
Quick links:
Assign the accepted label to this issue to approve the release.
Targets
Checked targets will be skipped (either already published or user-requested skip). Uncheck to retry a target.
📋 Changelog
Features
types: [opened].Cargo.lock,yarn.lock,package-lock.json,Pipfile.lock, etc.). Tiny PRs no longer go through the issue-discussion loop.Fixes
HEAD(#165)Dependencies