huangzhenpc/new-api-oiss
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
5,482 Commits 1 Branch 0 Tags
84e828d804ecc08c99cf78e4e9336bb6db42411e
Commit Graph

5 Commits

Author SHA1 Message Date
CaIon
a5e20269dd security: harden Docker and release CI workflows 
- Pin all GitHub Actions to commit SHA to prevent supply chain attacks
- Enable SLSA provenance attestation (mode=max) and SBOM generation
- Add cosign keyless signing for Docker images via GitHub OIDC
- Capture and output image digests to GitHub Job Summary
- Pin Dockerfile base images to digest (bun:1, golang:1.26.1-alpine, debian:bookworm-slim)
- Add SHA256 checksum generation for binary releases (Linux/macOS/Windows)
- Update actions/checkout v3->v4, actions/setup-go v3->v5 in release.yml
 2026-03-24 23:56:15 +08:00
Seefs
de4b52d320 fix: release workflow show version 2025-11-22 20:06:13 +08:00
CaIon
85fdcc78ac fix: 修复工作流重复创建release的问题 2025-10-12 15:40:22 +08:00
Seefs
5010f2d004 format: package name -> github.com/QuantumNous/new-api (#2017) 2025-10-11 15:30:09 +08:00
CaIon
e6129bec57 feat: update Go version in CI configuration and add release workflow for multi-platform builds 2025-10-11 12:44:09 +08:00