Skip to content

v0.3.1

Choose a tag to compare

View all tags
@github-actions github-actions released this 26 Jan 18:27
· 479 commits to main since this release
v0.3.1
This tag was signed with the committer’s verified signature.
CybotTM Sebastian Mendel
SSH Key Fingerprint: NOxv8dcZlMFz3wrLdHILVNSnF6xskqAjN3bnn0i7K30
Verified
Learn about vigilant mode.
d6f5e41
This commit was signed with the committer’s verified signature.
CybotTM Sebastian Mendel
SSH Key Fingerprint: NOxv8dcZlMFz3wrLdHILVNSnF6xskqAjN3bnn0i7K30
Verified
Learn about vigilant mode.

Highlights

Community & Governance

  • Code of Conduct: Updated to Contributor Covenant v3.0 with detailed enforcement guidelines
  • GitHub Templates: Added issue templates (bug report, feature request, CoC report) and PR template
  • Contact Standardization: All contact points now use GitHub (Issues, Discussions, Security Advisories)

Security & Supply Chain

  • OpenSSF Scorecard Improvements:
    • Token permissions moved to job-level with minimal scopes
    • All dependencies pinned to SHA hashes
    • Added dedicated fuzzing workflow
    • Fixed SLSA provenance generation (now triggers after release completion)
    • Improved branch protection visibility for scorecard

Documentation

  • Added Secure Outbound HTTP Client PRD and Architecture Decision Records (ADRs)

Dependency Updates

  • actions/cache v5.0.2
  • actions/checkout v6.0.2
  • anchore/sbom-action v0.22.0
  • github/codeql-action v4.31.11
  • step-security/harden-runner v2.14.1
  • @playwright/test v1.58.0

Full Changelog: v0.3.0...v0.3.1

Assets 11
Loading