Joyce
010fde9a18
Set top level permissions to read only on GitHub Workflows ( #12971 )
...
Hi, here is Joyce from Google again.
I'd like starting suggesting the [Token-Permission check](https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions ) fix.
Let me know if I might be missing any permission. Thanks!
### Security Reason
This is needed because, by default, github grants write-all permission to all workflows, which could be exploit by an attacker in case of a compromised workflow. Limiting permissions is a simple and effective way to also limit the impact of an eventual compromised workflow.
Thus, it is both a recommendation from [OpenSSF Scorecard](https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions ) and the [Github](https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions ) to always use credentials that are minimally scoped.
Closes #12971
COPYBARA_INTEGRATE_REVIEW=https://github.com/protocolbuffers/protobuf/pull/12971 from joycebrum:main 6d6dac5678
PiperOrigin-RevId: 537973051
2 years ago
Mike Kruskal
0b9b5da7a7
Cleanup scheduled staleness tests.
...
- Do some minimal sanity testing on every PR
- Only run the staleness tests on a daily schedule or explicit runs.
- Add 23.x to the checks
PiperOrigin-RevId: 537952151
2 years ago
Mike Kruskal
722d6f5897
Disable non-hermetic breakage due to github runner update
...
See https://github.com/actions/runner-images/issues/7662
PiperOrigin-RevId: 537946689
2 years ago
Thomas Van Lenten
d3242a10ba
Sync up the min os versions between the C++ and ObjC CocoaPods support.
...
Fixes #12944
PiperOrigin-RevId: 537907016
2 years ago
Mike Kruskal
59df916f55
Internal changes
...
PiperOrigin-RevId: 537904295
2 years ago
Protobuf Team Bot
242771ad15
Internal change
...
PiperOrigin-RevId: 537790620
2 years ago
Protobuf Team Bot
aad52db8a1
Auto-generate files after cl/537733765
2 years ago
Protobuf Team Bot
026da8ee9a
Directly refer to member variable instead of internal accessors.
...
PiperOrigin-RevId: 537733765
2 years ago
Protobuf Team Bot
b2b60512eb
Expose `Reserve` from `MutableRepeatedFieldRef`
...
PiperOrigin-RevId: 537370306
2 years ago
Mike Kruskal
f935804bfc
Internal changes
...
PiperOrigin-RevId: 537367840
2 years ago
Marcel Hlopko
03b53f404c
Update staleness test worker
...
Currently the test fails because the Bazel version is too old for the Rust subproject (https://github.com/protocolbuffers/protobuf/actions/runs/5154290452/jobs/9282571385 )
PiperOrigin-RevId: 537323723
2 years ago
Marcel Hlopko
fe7c4f9422
Simplify Protobuf Rust runtime build setup
...
PiperOrigin-RevId: 537300231
2 years ago
Marcel Hlopko
b14ad422ca
Fix staleness test workflow
...
PiperOrigin-RevId: 537256933
2 years ago
Protobuf Team Bot
ad677f3215
Replace ColdChunkSkipper with iterator-based approach.
...
PiperOrigin-RevId: 537185836
2 years ago
Mike Kruskal
46ea61ae94
Add a flag in the C++ generator for stripping non-functional bits.
...
The resulting code won't have functional reflection, but allows us to compare the functionality between two sets of gencode.
PiperOrigin-RevId: 537170849
2 years ago
Mike Kruskal
6f24fceb36
Internal changes
...
PiperOrigin-RevId: 537054791
2 years ago
Protobuf Team Bot
fc1c5512e5
fix: missing `PROTOBUF_EXPORT` for public symbols
...
PiperOrigin-RevId: 537042088
2 years ago
Thomas Van Lenten
e50ee82feb
Change indent the indent to try and stabilize the export/import.
...
Not really sure why things changed and started having this problem, but
cl/536414905 & cl/536708284 just keep swapping this so hopefully changing
the formatting to avoid this going forward.
PiperOrigin-RevId: 537035911
2 years ago
Protobuf Team Bot
d73406a007
Auto-generate files after cl/537029283
2 years ago
Protobuf Team Bot
47f76b7a33
Minor refactor to MapSorter to avoid putting the value_type/mapped_type in the std::sort instantiation.
...
This allows making only a few instantiations of std::sort (one per key type) instead of one for each key-value pair.
PiperOrigin-RevId: 537029283
2 years ago
Protobuf Team Bot
02e071fe0b
Auto-generate files after cl/536936386
2 years ago
Protobuf Team Bot
aa9919d1f8
Internal change
...
PiperOrigin-RevId: 536936386
2 years ago
Protobuf Team Bot
8322f28183
Auto-generate files after cl/536934704
2 years ago
Protobuf Team Bot
917e00e393
Internal change
...
PiperOrigin-RevId: 536934704
2 years ago
Protobuf Team Bot
df3b8feadc
Auto-generate files after cl/536929770
2 years ago
Jie Luo
52dfa4b853
Update file reference for compiler/cpp/file.cc
...
PiperOrigin-RevId: 536929770
2 years ago
Protobuf Team Bot
39f7631f47
Auto-generate files after cl/536859974
2 years ago
Protobuf Team Bot
d8901265c7
Check invalid type_id after casting it to uint32_t.
...
PiperOrigin-RevId: 536859974
2 years ago
Protobuf Team Bot
96c5923601
Auto-generate files after cl/536851491
2 years ago
Mike Kruskal
7971ec7629
Clarify is_packed comments.
...
PiperOrigin-RevId: 536851491
2 years ago
Protobuf Team Bot
d5df25d965
Auto-generate files after cl/536843635
2 years ago
Mike Kruskal
12e0f1d66a
Regenerate amalgamation files
...
PiperOrigin-RevId: 536843635
2 years ago
Protobuf Team Bot
6d282c969b
Auto-generate files after cl/536772539
2 years ago
Protobuf Team Bot
fd3b5e8436
Internal change
...
PiperOrigin-RevId: 536772539
2 years ago
Protobuf Team Bot
55919fb8e0
Auto-generate files after cl/536759444
2 years ago
Protobuf Team Bot
28d47b0e0c
Internal change
...
PiperOrigin-RevId: 536759444
2 years ago
Protobuf Team Bot
71cfdad483
Auto-generate files after cl/536748225
2 years ago
Protobuf Team Bot
a170ac4be1
Internal change
...
PiperOrigin-RevId: 536748225
2 years ago
Protobuf Team Bot
4affcfe3b3
Auto-generate files after cl/536738975
2 years ago
Protobuf Team Bot
9f9d55d393
Internal change
...
PiperOrigin-RevId: 536738975
2 years ago
Protobuf Team Bot
3f765780f2
Auto-generate files after cl/536731565
2 years ago
Protobuf Team Bot
9cedad1f46
Internal change
...
PiperOrigin-RevId: 536731565
2 years ago
Protobuf Team Bot
315ffb5be8
Auto-generate files after cl/536708284
2 years ago
Marcel Hlopko
8f5404ab11
Update golden file
...
PiperOrigin-RevId: 536708284
2 years ago
Protobuf Team Bot
340ebaa15d
Auto-generate files after cl/536700260
2 years ago
Protobuf Team Bot
2280577370
Internal change
...
PiperOrigin-RevId: 536700260
2 years ago
Protobuf Team Bot
f5906ea631
Auto-generate files after cl/536671631
2 years ago
Protobuf Team Bot
55c75b64ab
Internal change
...
PiperOrigin-RevId: 536671631
2 years ago
Protobuf Team Bot
8f95cdf315
Auto-generate files after cl/536621668
2 years ago
Protobuf Team Bot
767ef4dc13
Internal change
...
PiperOrigin-RevId: 536621668
2 years ago