Skip to content

ci(publish.yml): pin github.triggering_actor#1216

Merged
chimurai merged 1 commit intomasterfrom
ci-publish-pin-triggering_actor
Apr 26, 2026
Merged

ci(publish.yml): pin github.triggering_actor#1216
chimurai merged 1 commit intomasterfrom
ci-publish-pin-triggering_actor

Conversation

@chimurai
Copy link
Copy Markdown
Owner

@chimurai chimurai commented Apr 26, 2026
edited by coderabbitai Bot
Loading

Summary by CodeRabbit

  • Chores
    • Updated package version to 4.0.0-beta.5
    • Enhanced security controls in CI/CD publishing workflow
    • Updated project contributors documentation

@coderabbitai
Copy link
Copy Markdown

coderabbitai Bot commented Apr 26, 2026
edited
Loading

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: b43f435f-3f1a-4974-9899-cb68f8a3303a

📥 Commits

Reviewing files that changed from the base of the PR and between dcacc02 and 31860a2.

📒 Files selected for processing (4)
  • .github/workflows/publish.yml
  • CHANGELOG.md
  • CONTRIBUTORS.txt
  • package.json
📝 Walkthrough

Walkthrough

Version bump to beta.5 paired with workflow security tightening: the publish job now requires the triggering actor to be chimurai, changelog and contributor list updated accordingly.

Changes

Cohort / File(s) Summary
CI/Workflow Security
.github/workflows/publish.yml		 Tightened publish job gating condition to require triggering actor to be chimurai in addition to repository match check.
Release Metadata
package.json, CHANGELOG.md, CONTRIBUTORS.txt		 Bumped package version to 4.0.0-beta.5, added changelog entry for CI workflow update, and registered chimurai as contributor.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Possibly related PRs

Poem

🐰 A beta hops forth with version five so new,
Security checks tighten, just what's overdue,
Contributors noted, the changelog gleams,
Publishing workflows now dream safer dreams!

🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title clearly summarizes the main change: pinning github.triggering_actor in the publish workflow, which aligns with the primary modification shown in the file summaries.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch ci-publish-pin-triggering_actor

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@pkg-pr-new
Copy link
Copy Markdown

pkg-pr-new Bot commented Apr 26, 2026 

npm i https://pkg.pr.new/http-proxy-middleware@1216

commit: 31860a2

@coveralls
Copy link
Copy Markdown

coveralls commented Apr 26, 2026

Coverage Status

coverage: 94.07%. remained the same — ci-publish-pin-triggering_actor into master

@chimurai chimurai merged commit 339f09e into master Apr 26, 2026
21 checks passed
@chimurai chimurai deleted the ci-publish-pin-triggering_actor branch April 26, 2026 12:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@chimurai @coveralls