astral-sh-setup-uv

mirror of https://github.com/astral-sh/setup-uv.git synced 2026-02-07 18:17:24 +00:00

History

William Woodruff 64f7f4e15f chore: use `npm ci --ignore-scripts` everywhere (#699 ) Like https://github.com/astral-sh/ruff-action/pull/276 🙂 This also adds cooldown stanzas to the Dependabot updater rules: this ensures that we only receive dependency bumps once they're at least a week old, which should reduce the window of opportunity for an attacker who temporarily compromises popular packages (like with "Shai-Hulud" last week). Signed-off-by: William Woodruff <william@astral.sh>		2025-12-02 08:08:49 +01:00
..
codeql-analysis.yml	Bump github/codeql-action from 4.30.8 to 4.30.9 (#652 )	2025-10-24 16:28:47 +02:00
release-drafter.yml	chore(ci): address CI lint findings (#545 )	2025-09-02 13:29:06 +00:00
test.yml	chore: use `npm ci --ignore-scripts` everywhere (#699 )	2025-12-02 08:08:49 +01:00
update-known-versions.yml	chore: use `npm ci --ignore-scripts` everywhere (#699 )	2025-12-02 08:08:49 +01:00
update-major-minor-tags.yml	chore(ci): address CI lint findings (#545 )	2025-09-02 13:29:06 +00:00