Skip to content

chore(ci): bump scan nox 1.3.1 -> 1.4.1 in shared go/js CI#30

Merged
felixgeelhaar merged 1 commit into
mainfrom
chore/bump-scan-nox-1.4.1
Jul 3, 2026
Merged

chore(ci): bump scan nox 1.3.1 -> 1.4.1 in shared go/js CI#30
felixgeelhaar merged 1 commit into
mainfrom
chore/bump-scan-nox-1.4.1

Conversation

@felixgeelhaar

Copy link
Copy Markdown
Contributor

Bumps the pinned nox used by the security-scan job in the reusable go-ci.yml and js-ci.yml from 1.3.1 to 1.4.1, keeping it in step with the remediation workflow (already 1.4.1). sha256 verified against the v1.4.1 checksums.txt.

No behavior change for callers beyond a newer scanner. Every repo picks it up via @main.

https://claude.ai/code/session_01Cr6YdzphmFF3NJqm7kSJom

Keeps the security-scan nox in the reusable go-ci/js-ci workflows in step with
the remediation workflow (also 1.4.1). Picks up scanner improvements from
1.4.0/1.4.1. sha256 verified against the v1.4.1 checksums.txt.

Claude-Session: https://claude.ai/code/session_01Cr6YdzphmFF3NJqm7kSJom
Copilot AI review requested due to automatic review settings July 3, 2026 14:24
@felixgeelhaar felixgeelhaar merged commit 4c73c96 into main Jul 3, 2026
1 check passed
@felixgeelhaar felixgeelhaar deleted the chore/bump-scan-nox-1.4.1 branch July 3, 2026 14:25

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR updates the default pinned nox binary version used by the reusable Go and JS CI workflows’ security scan jobs, keeping the shared CI scanners aligned with the already-updated remediation workflow.

Changes:

  • Bump nox-version default from 1.3.1 to 1.4.1 in go-ci.yml and js-ci.yml.
  • Update the corresponding nox-sha256 default to match the nox_1.4.1_linux_amd64.tar.gz release asset digest.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.

File Description
.github/workflows/js-ci.yml Updates default nox version + sha256 used by the JS reusable security scan job.
.github/workflows/go-ci.yml Updates default nox version + sha256 used by the Go reusable security scan job.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants