milliways-infosec/AikidoSec-safe-chain
7
0
Fork 0
mirror of https://github.com/AikidoSec/safe-chain.git synced 2026-05-26 12:10:49 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
1203 commits 61 branches 106 tags 3.3 MiB
Commit graph

41 commits

Author SHA1 Message Date
Ethan Setnik
e976d100f3 Add Homebrew tap for safe-chain (closes #372) 
Adds a publish-homebrew job to the release workflow that renders
Formula/safe-chain.rb from a template (substituting the released
version + per-platform SHA256s parsed from the install script asset)
and pushes it to AikidoSec/homebrew-tap on every non-prerelease.

Users can then install via:

  brew install AikidoSec/tap/safe-chain
  safe-chain setup

The formula downloads the existing prebuilt single-file binaries
from the GitHub release (the same ones the install script uses),
so there is no extra build work in this pipeline.

One-time maintainer setup (creating the AikidoSec/homebrew-tap repo
and adding HOMEBREW_TAP_TOKEN as a secret on safe-chain) is documented
in docs/homebrew.md.

Tested locally on macOS arm64 with Homebrew 5.1.11:
  - brew style: 0 offenses
  - brew install --build-from-source: success
  - brew test: 2 assertions pass (--version + help)
  - brew audit --new: 0 offenses

This PR addresses item 1 of #372 (Homebrew only). The integrity-check
piece in item 2 has already shipped — install-safe-chain.sh already
calls verify_checksum() against the baked-in SHA256s. winget and
Chocolatey are not in scope here; see docs/homebrew.md for notes on
why they belong in separate PRs.
 2026-05-15 11:36:57 -04:00
Sander Declerck
d0fc643f23
Verify sha2356 checksum in install scripts 2026-04-29 12:50:17 +02:00
Sander Declerck
f1307c6d82
Fix release pipeline for immutable builds again 2026-04-08 13:16:14 +02:00
Sander Declerck
47ee9718d3
Remove check on npm release 2026-04-06 15:15:01 +02:00
Sander Declerck
a5541df5ec
Fix pre-release publishing 2026-04-06 15:08:23 +02:00
Sander Declerck
ae63d42ae9
Copy shrinkwrap before publishing 2026-04-06 15:03:11 +02:00
bitterpanda
458f7c3c42 Fix releases to create draft 2026-04-03 16:43:36 +02:00
bitterpanda
33f50ba580
Change runner to open-source-releaser in workflow 2026-03-25 11:04:05 -07:00
Sander Declerck
e9f941e3d0
Use runner with static ip for releases 2026-03-25 09:53:42 +01:00
Sander Declerck
b3e5726a83
Add new scripts to release 2026-03-13 14:30:29 +01:00
Sander Declerck
b2a5336556
Use latest build of safe-chain in CI again 2026-01-07 11:39:22 +01:00
Sander Declerck
7a4b7057bc
Test on gh actions 2026-01-07 09:40:40 +01:00
Sander Declerck
b19d67f853
Add linuxstatic artifact to release 2026-01-07 08:55:20 +01:00
Sander Declerck
1f4e50df9d
Checkout code in set version 2026-01-06 11:51:01 +01:00
Sander Declerck
66c1da0f1e
Rework release workflow (split npm and github release), and skip npm publish for prereleases 2026-01-06 11:48:06 +01:00
Sander Declerck
4aca6ef86a
Restore publish script 2026-01-06 10:54:34 +01:00
Sander Declerck
efe3b24ab9
Comment npm publish step 2026-01-06 10:07:40 +01:00
Sander Declerck
2cb891b935
Use correct Windows install script 2025-12-17 14:12:39 +01:00
Sander Declerck
a1ec035d9c
Use Windows installation script 2025-12-17 14:09:45 +01:00
Sander Declerck
148eb21430
Use new release script in GH workflows 2025-12-17 14:07:58 +01:00
bitterpanda
7dd832dd9a
Merge pull request #249 from AikidoSec/fix-failing-download-in-install-script-beta 
Add install script with hard-coded version to build output
 2025-12-17 13:53:13 +01:00
Sander Declerck
e6cfa65ee2
Document release scripts 2025-12-16 16:09:57 +01:00
Sander Declerck
aaa5a41af6
Replace version correctly 2025-12-16 15:19:50 +01:00
Sander Declerck
8b2ebdf49c
Add correct destination operand for cp uninstall scripts 2025-12-16 14:57:53 +01:00
Sander Declerck
dc14d5023f
Move files to release-artifacts dir 2025-12-16 14:53:35 +01:00
Sander Declerck
2068ede045
Disable push to npm 2025-12-16 14:47:53 +01:00
Sander Declerck
dddd41e891
Add correct scripts to the release 2025-12-16 14:35:16 +01:00
Sander Declerck
2c2159e512
Add install script with hard-coded version to build output 2025-12-16 14:34:24 +01:00
Sander Declerck
4be1f7900d
Use the standalone binary in our own pipelines 2025-12-16 12:56:03 +01:00
Sander Declerck
57a0e88fa4
Add tests and clarifying comments 2025-12-05 12:09:19 +01:00
Sander Declerck
22b93e91f6
Use "beta" as tag 2025-12-04 16:16:31 +01:00
Sander Declerck
6d449d63c8
Fix version number when publishing to npmjs 2025-12-04 16:06:48 +01:00
Sander Declerck
10a3b63a5f
Add --tag to npm publish 2025-12-04 15:54:26 +01:00
Sander Declerck
ac6567ba59
Make scripts release-proof again 2025-12-03 11:58:33 +01:00
Sander Declerck
6f583ce396
Rename build artifacts 2025-12-01 14:09:05 +01:00
Sander Declerck
3f60ea15f7
Set release version on PR build 2025-12-01 13:28:11 +01:00
Sander Declerck
20e9826ef0
Modify release pipeline to attach the binaries. 2025-12-01 12:31:55 +01:00
Hans Ott
e976c28b8a Publish using OIDC 2025-11-24 18:45:14 +01:00
Sander Declerck
28ccb55033
Use safe-chain ourselves in CI/CD 2025-10-06 16:55:46 +02:00
Sander Declerck
75deed9370
Modify release process 2025-09-05 12:01:29 +02:00
Sander Declerck
21cdefadde
Add editorconfig + github workflows 2025-07-11 17:20:39 +02:00