diff options
| author | Linus Färnstrand <linus@mullvad.net> | 2025-07-24 15:35:34 +0200 |
|---|---|---|
| committer | Linus Färnstrand <linus@mullvad.net> | 2025-07-24 15:35:34 +0200 |
| commit | fe8b307d6ebb8bd99b666b8f16b24dee2bdd5297 (patch) | |
| tree | 4f0ef3374f133a91c13f694302ca2535adac18f7 | |
| parent | a7c5ab43de135c4a342eb67dea1582eb29fd17be (diff) | |
| parent | ce04bd9bfd1749766ba18e65cc982d381f826c83 (diff) | |
| download | mullvadvpn-fe8b307d6ebb8bd99b666b8f16b24dee2bdd5297.tar.xz mullvadvpn-fe8b307d6ebb8bd99b666b8f16b24dee2bdd5297.zip | |
Merge branch 'stricter-git-signing-ci'
| -rw-r--r-- | .github/CODEOWNERS | 1 | ||||
| -rw-r--r-- | .github/workflows/verify-locked-down-signatures.yml | 3 |
2 files changed, 3 insertions, 1 deletions
diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 27fa5531dc..0ba9975690 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -23,6 +23,7 @@ # Security related github action workflow changes must be approved by leads /.github/workflows/verify-locked-down-signatures.yml @faern @raksooo @pinkisemils @albin-mullvad +/ci/verify-locked-down-signatures.sh @faern @raksooo @pinkisemils @albin-mullvad /.github/workflows/unicop.yml @faern @raksooo @pinkisemils @albin-mullvad # The CODEOWNERS itself must be protected from unauthorized changes, diff --git a/.github/workflows/verify-locked-down-signatures.yml b/.github/workflows/verify-locked-down-signatures.yml index 70b0a4bdb4..e4d71a99fb 100644 --- a/.github/workflows/verify-locked-down-signatures.yml +++ b/.github/workflows/verify-locked-down-signatures.yml @@ -1,5 +1,5 @@ --- -name: Verify lockfile signatures +name: Verify git signatures on important files on: pull_request: paths: @@ -39,6 +39,7 @@ permissions: {} jobs: verify-signatures: + name: Verify git signatures runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 |