Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: prettier/eslint-plugin-prettier
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: v5.5.5
Choose a base ref
...
head repository: prettier/eslint-plugin-prettier
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: v5.5.6
Choose a head ref
  • 8 commits
  • 9 files changed
  • 7 contributors

Commits on Jan 14, 2026

  1. Remove empty NPM_TOKEN from release.yml 

    Remove empty NPM_TOKEN from release workflow.
    @JounQin
    JounQin authored Jan 14, 2026
    Configuration menu
    Copy the full SHA
    53ff214 View commit details
    Browse the repository at this point in the history

Commits on Feb 3, 2026

  1. build(deps): Bump the actions group with 2 updates (#778) 

    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Feb 3, 2026
    Configuration menu
    Copy the full SHA
    42e6369 View commit details
    Browse the repository at this point in the history

Commits on Feb 7, 2026

  1. chore: update dev dependencies (#780)

    @BPScott
    BPScott authored Feb 7, 2026
    Configuration menu
    Copy the full SHA
    ca076d9 View commit details
    Browse the repository at this point in the history

Commits on Apr 5, 2026

  1. chore: testing eslint v10 (#779)

    @BPScott
    BPScott authored Apr 5, 2026
    Configuration menu
    Copy the full SHA
    e8e2f7f View commit details
    Browse the repository at this point in the history

  2. chore(deps): update all dependencies (#766) 

    Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
    @renovate @autofix-ci
    renovate[bot] and autofix-ci[bot] authored Apr 5, 2026
    Configuration menu
    Copy the full SHA
    e867680 View commit details
    Browse the repository at this point in the history

Commits on May 28, 2026

  1. chore: bump all (dev)Dependencies (#791)

    @JounQin
    JounQin authored May 28, 2026
    Configuration menu
    Copy the full SHA
    b5c96a3 View commit details
    Browse the repository at this point in the history

  2. ci: declare workflow-level contents: read on 2 workflows (#790) 

    Pins the default GITHUB_TOKEN to contents: read on workflows that don't
call a GitHub API beyond the initial checkout. Drops the autofix.yml
change from the earlier revision because that workflow uses autofix-ci
to push fixes back to the PR head, which needs write scope (per @JounQin
review feedback). Other workflows that need write scopes are left
implicit for a maintainer to declare.

Motivation: CVE-2025-30066 (March 2025 tj-actions/changed-files
compromise) exfiltrated GITHUB_TOKEN from workflow logs. Per-workflow
caps bound runtime authority irrespective of repo or org default,
give drift protection, and are credited per-file by the OpenSSF
Scorecard Token-Permissions check.

YAML validated locally with yaml.safe_load.

Signed-off-by: Arpit Jain <arpitjain099@gmail.com>
    @arpitjain099
    arpitjain099 authored May 28, 2026
    Configuration menu
    Copy the full SHA
    4745b54 View commit details
    Browse the repository at this point in the history

  3. chore: release eslint-plugin-prettier (#792)

    @github-actions
    github-actions[bot] authored May 28, 2026
    Configuration menu
    Copy the full SHA
    4f33ea5 View commit details
    Browse the repository at this point in the history
Loading