From 104d8248a68f5fab4d3431361ab2150337ce19e4 Mon Sep 17 00:00:00 2001 From: Claude Perrin Date: Tue, 19 May 2026 09:12:03 +0200 Subject: [PATCH] ci(leak-detect): bump reusable SHA to skip bot-authored PRs MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Picks up klodr/.github#39 (`33ff8e51`) — skips the leak-detect scan on any `[bot]` author so Dependabot bumps + release-please PRs no longer require a manual ruleset bypass to merge. Human PRs unchanged. --- .github/workflows/leak-detect.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/leak-detect.yml b/.github/workflows/leak-detect.yml index 6ca9fd9..1ce80b1 100644 --- a/.github/workflows/leak-detect.yml +++ b/.github/workflows/leak-detect.yml @@ -27,6 +27,6 @@ jobs: # fail as a required check. Leak scanning of fork PRs is enforced # post-merge by the maintainer-side push trigger on main. if: github.event.pull_request.head.repo.full_name == github.repository - uses: klodr/.github/.github/workflows/reusable-leak-detect.yml@7987f59050ff9ee614d21b603e4ba87ace27f7d9 + uses: klodr/.github/.github/workflows/reusable-leak-detect.yml@33ff8e518ecb7a799f114dc83ba06c9f0d660845 secrets: leak-detect-app-private-key: ${{ secrets.LEAK_DETECT_APP_PRIVATE_KEY }}