Merge d86d1a437e into 44c2b7a8a4

README: Suggest `user.email` to be `41898282+github-actions[bot]@users.noreply.github.com` (#1707 )
* README: Set `user.email` to GitHub Actions Bot * Update workflow to use proper bot GitHub Bot email * Prefix `user.email` with `41898282+` To match squash merge user, else showing as two different users, see: b0948d0da0 * Update README.md --------- Co-authored-by: Pelle Wessman <pelle@kodfabrik.se>
2024-05-01 12:44:12 +01:00 · 2024-04-30 11:50:54 -04:00 · 2024-01-16 08:51:56 +13:00 · 2022-12-13 11:16:31 +13:00
2 changed files with 10 additions and 6 deletions
--- a/.github/workflows/update-main-version.yml
+++ b/.github/workflows/update-main-version.yml
@ -18,6 +18,9 @@ on:
 jobs:
  tag:
    runs-on: ubuntu-latest
+    env:
+      TARGET: ${{ github.event.inputs.target }}
+      MAIN_VERSION: ${{ github.event.inputs.major_version }}
    steps:
    # Note this update workflow can also be used as a rollback tool.
    # For that reason, it's best to pin `actions/checkout` to a known, stable version
@ -27,9 +30,9 @@ jobs:
        fetch-depth: 0
    - name: Git config
      run: |
-        git config user.name github-actions
-        git config user.email github-actions@github.com
+        git config user.name "github-actions[bot]"
+        git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
    - name: Tag new target
-      run: git tag -f ${{ github.event.inputs.major_version }} ${{ github.event.inputs.target }}
+      run: git tag -f "$MAIN_VERSION" "$TARGET"
    - name: Push new tag
-      run: git push origin ${{ github.event.inputs.major_version }} --force
+      run: git push origin "$MAIN_VERSION" --force
--- a/README.md
+++ b/README.md
@ -279,8 +279,9 @@ jobs:
      - uses: actions/checkout@v4
      - run: |
          date > generated.txt
-          git config user.name github-actions
-          git config user.email github-actions@github.com
+          # Note: the following account information will not work on GHES
+          git config user.name "github-actions[bot]"
+          git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
          git add .
          git commit -m "generated"
          git push
Author	SHA1	Message	Date
Y. Meyer-Norwood	344211f9c7	Merge `d86d1a437e` into `44c2b7a8a4`	2024-05-01 12:44:12 +01:00
Cory Miller	44c2b7a8a4	README: Suggest `user.email` to be `41898282+github-actions[bot]@users.noreply.github.com` (#1707 ) * README: Set `user.email` to GitHub Actions Bot * Update workflow to use proper bot GitHub Bot email * Prefix `user.email` with `41898282+` To match squash merge user, else showing as two different users, see: `b0948d0da0` * Update README.md --------- Co-authored-by: Pelle Wessman <pelle@kodfabrik.se>	2024-04-30 11:50:54 -04:00
Y. Meyer-Norwood	d86d1a437e	Merge branch 'main' into patch-1	2024-01-16 08:51:56 +13:00
Y. Meyer-Norwood	fe77b196f4	Prevent Script Injection Attack The user provided inputs here are vulnerable to script injection. This PR uses an intermediary environment variable to treat the input as a string, rather than as part of the command. See: https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-an-intermediate-environment-variable	2022-12-13 11:16:31 +13:00