Skip to content

DPE-15321 - Update seequent/return-dispatch fork to be up to date#132

Merged
stephanwindischmann merged 35 commits into
mainfrom
DPE-15321-Update-seequent-return-dispatch-fork-to-be-up-to-date
Jun 3, 2026
Merged

DPE-15321 - Update seequent/return-dispatch fork to be up to date#132
stephanwindischmann merged 35 commits into
mainfrom
DPE-15321-Update-seequent-return-dispatch-fork-to-be-up-to-date

Conversation

@stephanwindischmann

@stephanwindischmann stephanwindischmann commented Jun 1, 2026

Copy link
Copy Markdown

No description provided.

renovate Bot and others added 30 commits November 19, 2025 11:21
@renovate
chore(deps): update github/codeql-action action to v4 (Codex-#311)
2a37bef 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
@Codex-
security: pin dependencies
e234429
@Codex-
release: 2.2.0
1f6aadf
@Codex-
cicd: support v3
abdae27
@Codex-
feat: upgrade to node24
1767168
@Codex-
release: 3.0.0
be07aaa
@Codex-
chore(deps): Bump js-yaml 4.1.0 -> 4.1.1
bb3a8f3
@renovate
chore(deps): update all non-major dependencies (Codex-#312)
5f6d831 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
@renovate
chore(deps): update dependency changelogithub to v14 (Codex-#314)
cef4232 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
@renovate
chore(deps): update all non-major dependencies (Codex-#315)
52a6649 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
@renovate
chore(deps): update actions/checkout action to v6 (Codex-#313)
f080a7b 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
@alecrajeev @Codex-
Fix upstream Github response status change for creating a workflow di…
fe61e45 
…spatch event (Codex-#318)

* fix github response

* test: update test assertions

---------

Co-authored-by: Alex Miller <codex.nz@gmail.com>
@renovate
chore(deps): update all non-major dependencies (Codex-#319)
2211e45 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
@renovate
fix(deps): update dependency @actions/core to v2 (Codex-#320)
d8332e5 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
@renovate
chore(deps): lock file maintenance (Codex-#321)
6bf2d4f 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
@Codex-
release: 3.0.1
2277c7e
@renovate
chore(deps): lock file maintenance (Codex-#322)
8c2f0bc 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
@renovate
fix(deps): update all non-major dependencies (Codex-#324)
96ae0db 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
@dependabot
build(deps): bump @isaacs/brace-expansion from 5.0.0 to 5.0.1 (Codex-…
1c55801 
…#326)

Bumps @isaacs/brace-expansion from 5.0.0 to 5.0.1.

---
updated-dependencies:
- dependency-name: "@isaacs/brace-expansion"
  dependency-version: 5.0.1
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@renovate
fix(deps): update dependency @actions/core to v3 (Codex-#325)
4e76d9c 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
@renovate
chore(deps): update all non-major dependencies (Codex-#327)
108e45c 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
@renovate
chore(deps): update eslint monorepo to v10 (Codex-#328)
3ed0499 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
@dependabot
build(deps): bump rollup from 4.54.0 to 4.59.0 (Codex-#329)
d345544 
Bumps [rollup](https://github.com/rollup/rollup) from 4.54.0 to 4.59.0.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](rollup/rollup@v4.54.0...v4.59.0)

---
updated-dependencies:
- dependency-name: rollup
  dependency-version: 4.59.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
build(deps): bump flatted from 3.3.3 to 3.4.1 (Codex-#331)
f843d66 
Bumps [flatted](https://github.com/WebReflection/flatted) from 3.3.3 to 3.4.1.
- [Commits](WebReflection/flatted@v3.3.3...v3.4.1)

---
updated-dependencies:
- dependency-name: flatted
  dependency-version: 3.4.1
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@renovate
chore(deps): update jdx/mise-action action to v4 (Codex-#333)
8b2920d 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
@renovate
fix(deps): update dependency @actions/github to v9 (Codex-#334)
c503081 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
@renovate
chore(deps): update all non-major dependencies (Codex-#332)
0f5fad5 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
@renovate @Codex-
chore(deps): lock file maintenance (Codex-#335)
7665e62 
* chore(deps): lock file maintenance

* chore: resolve lint findings

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Alex Miller <codex.nz@gmail.com>
@Codex-
release: 3.0.2
16fa9d1
@JackPGreen
Update documentation example usage to avoid executing untrusted inputs (
5732b69 
Codex-#336)

The example shown in the documentation:
https://github.com/Codex-/return-dispatch/blob/16fa9d14771c4d56ae0196bbda1d3c17f7f3650f/README.md?plain=1#L67-L68

Is vulnerable to untrusted input execution (i.e. `distinct_id` _could_ be a malicious command). See [this document](https://securitylab.github.com/resources/github-actions-untrusted-input/) (specifically - `Remediation`) for more details.

Also, the command can be simplified [as `inputs.blah` is equivalent to `github.event.inputs.blah`](https://docs.github.com/en/actions/reference/workflows-and-actions/events-that-trigger-workflows#providing-inputs), but [_also_ handles `workflow_call` `inputs`](https://github.blog/changelog/2022-06-09-github-actions-inputs-unified-across-manual-and-reusable-workflows/).
renovate Bot and others added 5 commits March 31, 2026 20:43
@renovate
chore(deps): update all non-major dependencies (Codex-#339)
f1b2a27 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
@renovate
chore(deps): lock file maintenance (Codex-#341)
314d9e0 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
@renovate
fix(deps): update all non-major dependencies (Codex-#346)
57040d2 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
@stephanwindischmann
Merge branch 'main' into DPE-15321-Update-seequent-return-dispatch-fo…
b8eedc3 
…rk-to-be-up-to-date
@stephanwindischmann
Update lockfiles
8878634
@stephanwindischmann stephanwindischmann merged commit e3e8c78 into main Jun 3, 2026
6 of 7 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@thekindly1 thekindly1 thekindly1 approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@stephanwindischmann @thekindly1 @Codex- @alecrajeev @JackPGreen