wait-for-secrets

wait-for-secrets copied to clipboard

Bumps [typescript](https://github.com/Microsoft/TypeScript) from 4.9.4 to 4.9.5. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: #...

dependabot[bot]

Bumps [@vercel/ncc](https://github.com/vercel/ncc) from 0.36.0 to 0.36.1. Release notes Sourced from @​vercel/ncc's releases. 0.36.1 0.36.1 (2023-01-25) Bug Fixes add missing pr title lint action (#1032) (c2d03cf) add ncc --version and ncc...

dependabot[bot]

End to end encryption

1

arjundashrath

Add end-to-end encryption

17

Ideally, the secrets should be encrypted end-to-end so the backend API cannot access them. Only the GitHub Action should be able to decrypt the secrets.

varunsh-coder

We need to think more about how to do this, but it would be interesting to provide the GitHub token of the user using the browser and publish a release...

varunsh-coder

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.20.4 to 3.26.1. Changelog Sourced from github/codeql-action's changelog. CodeQL Action Changelog See the releases page for the relevant changes to the CodeQL CLI and language packs. Note...

dependabot[bot]

Bump @types/node from 18.11.18 to 22.2.0

1

Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 18.11.18 to 22.2.0. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...

dependabot[bot]

Bumps [eslint](https://github.com/eslint/eslint) from 7.32.0 to 9.9.0. Release notes Sourced from eslint's releases. v9.9.0 Features 41d0206 feat: Add support for TS config files (#18134) (Arya Emami) 3a4eaf9 feat: add suggestion to...

dependabot[bot]

Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3.1.2 to 4.3.6. Release notes Sourced from actions/upload-artifact's releases. v4.3.6 What's Changed Revert to @​actions/artifact 2.1.8 by @​robherley in actions/upload-artifact#594 Full Changelog: https://github.com/actions/upload-artifact/compare/v4...v4.3.6 v4.3.5 What's Changed Bump...

dependabot[bot]

Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.3.3 to 2.4.0. Release notes Sourced from ossf/scorecard-action's releases. v2.4.0 What's Changed This update bumps the Scorecard version to the v5 release. For a complete list of...

dependabot[bot]