From ad0ebab0a1f01fa69c99d65081406da06cc68571 Mon Sep 17 00:00:00 2001 From: Garrett Beatty Date: Tue, 16 Dec 2025 18:14:46 +0000 Subject: [PATCH 1/2] update permissions (#2231) (#2232) --- .github/workflows/closed-issue-message.yml | 4 ++++ .github/workflows/stale_issues.yml | 4 ++++ 2 files changed, 8 insertions(+) diff --git a/.github/workflows/closed-issue-message.yml b/.github/workflows/closed-issue-message.yml index bceb11297..3c394caaa 100644 --- a/.github/workflows/closed-issue-message.yml +++ b/.github/workflows/closed-issue-message.yml @@ -2,6 +2,10 @@ name: Closed Issue Message on: issues: types: [closed] + +permissions: + issues: write + jobs: auto_comment: runs-on: ubuntu-latest diff --git a/.github/workflows/stale_issues.yml b/.github/workflows/stale_issues.yml index c81dd92b0..2eb129c00 100644 --- a/.github/workflows/stale_issues.yml +++ b/.github/workflows/stale_issues.yml @@ -5,6 +5,10 @@ on: schedule: - cron: "0 0 * * *" +permissions: + issues: write + pull-requests: write + jobs: cleanup: runs-on: ubuntu-latest From 0548eb33b4f2776baedd743054f538582f5addec Mon Sep 17 00:00:00 2001 From: Garrett Beatty Date: Fri, 9 Jan 2026 12:48:34 -0500 Subject: [PATCH 2/2] Dev (#2248) * doc: update readme to point at changelog correctly (#2243) * Bump tj-actions/changed-files from 47.0.0 to 47.0.1 (#2239) Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files) from 47.0.0 to 47.0.1. - [Release notes](https://github.com/tj-actions/changed-files/releases) - [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md) - [Commits](https://github.com/tj-actions/changed-files/compare/24d32ffd492484c1d75e0c0b894501ddb9d30d62...e0021407031f5be11a464abee9a0776171c79891) --- updated-dependencies: - dependency-name: tj-actions/changed-files dependency-version: 47.0.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump aws-actions/configure-aws-credentials from 5.0.0 to 5.1.1 (#2238) Bumps [aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials) from 5.0.0 to 5.1.1. - [Release notes](https://github.com/aws-actions/configure-aws-credentials/releases) - [Changelog](https://github.com/aws-actions/configure-aws-credentials/blob/main/CHANGELOG.md) - [Commits](https://github.com/aws-actions/configure-aws-credentials/compare/a03048d87541d1d9fcf2ecf528a4a65ba9bd7838...61815dcd50bd041e203e49132bacad1fd04d2708) --- updated-dependencies: - dependency-name: aws-actions/configure-aws-credentials dependency-version: 5.1.1 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Add grouping for GitHub Actions updates (#2247) Group all GitHub Actions updates into a single PR. --------- Signed-off-by: dependabot[bot] Co-authored-by: Samuel Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/dependabot.yml | 8 ++++++-- .github/workflows/aws-ci.yml | 6 +++--- .github/workflows/change-file-in-pr.yml | 2 +- .github/workflows/create-release-pr.yml | 2 +- .github/workflows/sync-master-dev.yml | 2 +- README.md | 2 +- 6 files changed, 13 insertions(+), 9 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 8190c861c..5141e8016 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -1,5 +1,3 @@ -# Set update schedule for GitHub Actions - version: 2 updates: @@ -11,3 +9,9 @@ updates: labels: - "Release Not Needed" target-branch: "dev" + # Group all github-actions updates into a single PR + groups: + all-github-actions: + applies-to: "version-updates" + patterns: + - "*" diff --git a/.github/workflows/aws-ci.yml b/.github/workflows/aws-ci.yml index fddddbd66..582ce5eed 100644 --- a/.github/workflows/aws-ci.yml +++ b/.github/workflows/aws-ci.yml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Configure Load Balancer Credentials - uses: aws-actions/configure-aws-credentials@a03048d87541d1d9fcf2ecf528a4a65ba9bd7838 #v4 + uses: aws-actions/configure-aws-credentials@61815dcd50bd041e203e49132bacad1fd04d2708 #v4 with: role-to-assume: ${{ secrets.CI_MAIN_TESTING_ACCOUNT_ROLE_ARN }} role-duration-seconds: 7200 @@ -29,7 +29,7 @@ jobs: $roleArn=$(cat ./response.json) "roleArn=$($roleArn -replace '"', '')" >> $env:GITHUB_OUTPUT - name: Configure Test Runner Credentials - uses: aws-actions/configure-aws-credentials@a03048d87541d1d9fcf2ecf528a4a65ba9bd7838 #v4 + uses: aws-actions/configure-aws-credentials@61815dcd50bd041e203e49132bacad1fd04d2708 #v4 with: role-to-assume: ${{ steps.lambda.outputs.roleArn }} role-duration-seconds: 7200 @@ -41,7 +41,7 @@ jobs: project-name: ${{ secrets.CI_TESTING_CODE_BUILD_PROJECT_NAME }} - name: Configure Test Sweeper Lambda Credentials if: always() - uses: aws-actions/configure-aws-credentials@a03048d87541d1d9fcf2ecf528a4a65ba9bd7838 #v4 + uses: aws-actions/configure-aws-credentials@61815dcd50bd041e203e49132bacad1fd04d2708 #v4 with: role-to-assume: ${{ steps.lambda.outputs.roleArn }} role-duration-seconds: 7200 diff --git a/.github/workflows/change-file-in-pr.yml b/.github/workflows/change-file-in-pr.yml index 944b3bc94..24c9477bd 100644 --- a/.github/workflows/change-file-in-pr.yml +++ b/.github/workflows/change-file-in-pr.yml @@ -16,7 +16,7 @@ jobs: - name: Get List of Changed Files id: changed-files - uses: tj-actions/changed-files@24d32ffd492484c1d75e0c0b894501ddb9d30d62 #v45 + uses: tj-actions/changed-files@e0021407031f5be11a464abee9a0776171c79891 #v45 - name: Check for Change File(s) in .autover/changes/ run: | diff --git a/.github/workflows/create-release-pr.yml b/.github/workflows/create-release-pr.yml index 952a75d14..27a6ed751 100644 --- a/.github/workflows/create-release-pr.yml +++ b/.github/workflows/create-release-pr.yml @@ -25,7 +25,7 @@ jobs: steps: # Assume an AWS Role that provides access to the Access Token - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@a03048d87541d1d9fcf2ecf528a4a65ba9bd7838 #v5.0.0 + uses: aws-actions/configure-aws-credentials@61815dcd50bd041e203e49132bacad1fd04d2708 #v5.1.1 with: role-to-assume: ${{ secrets.RELEASE_WORKFLOW_ACCESS_TOKEN_ROLE_ARN }} aws-region: us-west-2 diff --git a/.github/workflows/sync-master-dev.yml b/.github/workflows/sync-master-dev.yml index 356fde29c..1eec374f3 100644 --- a/.github/workflows/sync-master-dev.yml +++ b/.github/workflows/sync-master-dev.yml @@ -26,7 +26,7 @@ jobs: steps: # Assume an AWS Role that provides access to the Access Token - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@a03048d87541d1d9fcf2ecf528a4a65ba9bd7838 #v5.0.0 + uses: aws-actions/configure-aws-credentials@61815dcd50bd041e203e49132bacad1fd04d2708 #v5.1.1 with: role-to-assume: ${{ secrets.RELEASE_WORKFLOW_ACCESS_TOKEN_ROLE_ARN }} aws-region: us-west-2 diff --git a/README.md b/README.md index 37871d167..405e952a5 100644 --- a/README.md +++ b/README.md @@ -2,7 +2,7 @@ Repository for the AWS NuGet packages and Blueprints to support writing AWS Lambda functions using .NET Core. -For a history of releases view the [release change log](RELEASE.CHANGELOG.md) +For a history of releases view the [release change log](CHANGELOG.md) ## Table of Contents - [AWS Lambda for .NET Core ![Gitter](https://gitter.im/aws/aws-lambda-dotnet?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)](#aws-lambda-for-net-core-img-srchttpsbadgesgitterimjoin20chatsvg-altgitter)