v9.1.1

What's Changed

• GitHub Action: Bump robinraju/release-downloader from 1.8 to 1.9 @makubacki (#307)
  
  Change Details

    Updates the CodeQL workflows to match the latest version that is being updated by dependabot in relevant repos.

  Release notes

  Sourced from robinraju/release-downloader's releases.

  Release Downloader v1.9

  What's Changed

  • Correct minor typo in extract action input by @​philostler in robinraju/release-downloader#666
  • Fix broken link to CI status badge on README by @​robinraju in robinraju/release-downloader#672
  • Upgrade node runtime to v20 by @​xelaris in robinraju/release-downloader#673
  • Add release name to output variable by @​robinraju in robinraju/release-downloader#677
  • Throw error when a release with no assets are obtained by @​robinraju in robinraju/release-downloader#678
  • Download latest pre-release by @​robinraju in robinraju/release-downloader#679

  Dependancy Updates

  • Update dependencies by @​robinraju in robinraju/release-downloader#671
  • Bump @​types/node from 20.9.4 to 20.11.8 by @​dependabot in robinraju/release-downloader#674
  • Bump @​typescript-eslint/parser from 6.12.0 to 6.19.1 by @​dependabot in robinraju/release-downloader#675
  • Bump eslint from 8.54.0 to 8.56.0 by @​dependabot in robinraju/release-downloader#676

  New Contributors

  • @​philostler made their first contribution in robinraju/release-downloader#666
  • @​xelaris made their first contribution in robinraju/release-downloader#673

  Full Changelog: robinraju/release-downloader@v1.8...v1.9

  Commits

  • 368754b Download latest prerelease (#679)
  • 52c0768 Throw error when a release with no assets are obtained (#678)
  • a3ec587 Add release name to output variable (#677)
  • 216d90d Bump eslint from 8.54.0 to 8.56.0 (#676)
  • f70dc82 Bump @​typescript-eslint/parser from 6.12.0 to 6.19.1 (#675)
  • 6dd543b Bump @​types/node from 20.9.4 to 20.11.8 (#674)
  • 63ce2a8 Upgrade node runtime to v20 (#673)
  • 50f312f Fix broken link to CI status badge on README (#672)
  • 56fac71 Update dependencies (#671)
  • 0ef9efa Correct minor typo in extract action input (#666)
  • Additional commits viewable in compare view

  ---

🔐 Security Impacting

• workflows: Add permissions. @Javagedes (#305)
  
  Change Details

    Add permissions to the workflows across mu_devops. This includes the workflows sync'd across repositories, and workflows used in mu_devops itself.

  With MU_BASECORE's Settings -> Code and automation -> Actions -> General -> Workflow permissions set to "Read repository contents and packages permissions" selected, I had no failures, with the following tested:

  .github/workflows

  • AutoMerger.yml - Untested
  • FileSyncer.yml - Tested
  • IssueAssignment.yml - Tested
  • IssueTriager.yml - Tested
  • LabelSyncer.yml - Tested
  • Labeler.yml - Tested
  • ReleaseDrafter.yml - Tested

  .sync/workflows/leaf

  • auto-approve.yml - Untested
  • auto-merge.yml - Untested
  • issue-assignment.yml - Tested through IssueAssignment.yml
  • label-issues.yml - Tested through Labeler.yml
  • label-sync.yml - Tested through LabelSyncer.yml
  • pull-request-formatting-validator.yml - Tested Directly
  • release-draft.yml - Tested through ReleaseDrafter.yml
  • scheduled-maintenance.yml - Tested Directly
  • stale.yml - Tested Directly
  • submodule-release-update.yml - Untested
  • triage-issues.yml - Tested
    

  
  

  ---

Full Changelog: v9.1.0...v9.1.1