alteropen/streamyfin
1
0
Fork 0
mirror of https://github.com/streamyfin/streamyfin.git synced 2026-06-02 03:58:36 +01:00
Code Issues Actions 7 Packages Projects Releases Wiki Activity
Files
06510d2bd619a5cfbc39ad0ef07b2ea850f250d2
streamyfin/.github
History
Gauvino 06510d2bd6 chore(security): harden helpers + document conflict-labeler safety 
From the workflow security audit:
- symlink-native-dirs.js: drop the execSync shell strings for fs.symlink/mkdir
  (removes a latent shell-injection surface; also clears dead commented code).
- automerge.sh: add 'set -euo pipefail' and restore the starting branch on exit
  so a mid-merge failure can't leave the repo on the wrong branch.
- conflict.yml: document that this pull_request_target workflow must never check
  out or run PR-head code (it only labels via the API today).
2026-06-01 20:35:05 +02:00
..
ISSUE_TEMPLATE
chore: Add version 0.47.1 to issue report template (#1251)
2025-12-01 16:27:33 +01:00
workflows
chore(security): harden helpers + document conflict-labeler safety
2026-06-01 20:35:05 +02:00
CONTRIBUTING.md
docs: Add AI Assistance Disclosure Clause
2025-10-24 10:01:36 +02:00
copilot-instructions.md
docs: remove markdown link formatting from commit guide
2025-10-19 22:45:23 +02:00
pull_request_template.md
chore: update pr template
2026-05-30 10:41:24 +02:00
renovate.json
chore(deps): migrate to Expo SDK 56 (Phase 1 - compat)
2026-05-28 23:56:03 +02:00