tedkulp/PrivateBin
1
0
Fork 0
mirror of https://github.com/PrivateBin/PrivateBin.git synced 2026-04-13 20:57:29 -04:00
Code Issues Packages Projects Releases Wiki Activity
3,468 Commits 10 Branches 40 Tags
b31bb4f4e2f960dfa4beadb7ebdcabed5c3bee21
Commit Graph

113 Commits

Author SHA1 Message Date
El RIDO
d097631469 possibly not necessary? 2024-07-07 14:28:29 +02:00
El RIDO
84d4d31c73 composer is not part of the matrix, don't try and process event.json 2024-07-07 14:22:48 +02:00
El RIDO
17f924118e address warnings and errors in github actions 2024-07-07 14:13:59 +02:00
dependabot[bot]
4d912b082b Bump dawidd6/action-download-artifact from 5 to 6 
Bumps [dawidd6/action-download-artifact](https://github.com/dawidd6/action-download-artifact) from 5 to 6.
- [Release notes](https://github.com/dawidd6/action-download-artifact/releases)
- [Commits](deb3bb8325...bf251b5aa9)

---
updated-dependencies:
- dependency-name: dawidd6/action-download-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-06-12 11:12:15 +00:00
dependabot[bot]
48b4c6ce5b Bump dawidd6/action-download-artifact from 3.1.4 to 5 
Bumps [dawidd6/action-download-artifact](https://github.com/dawidd6/action-download-artifact) from 3.1.4 to 5.
- [Release notes](https://github.com/dawidd6/action-download-artifact/releases)
- [Commits](09f2f74827...deb3bb8325)

---
updated-dependencies:
- dependency-name: dawidd6/action-download-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-06-04 11:09:50 +00:00
El RIDO
b32efe0187 disable snyk scan on forks, they won't have the necessary secret 2024-05-30 07:54:19 +02:00
dependabot[bot]
2aeec14a52 Bump dawidd6/action-download-artifact from 3.0.0 to 3.1.4 
Bumps [dawidd6/action-download-artifact](https://github.com/dawidd6/action-download-artifact) from 3.0.0 to 3.1.4.
- [Release notes](https://github.com/dawidd6/action-download-artifact/releases)
- [Commits](e7466d1a75...09f2f74827)

---
updated-dependencies:
- dependency-name: dawidd6/action-download-artifact
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-05-13 12:00:22 +00:00
El RIDO
74cc2c3c92 Merge pull request #1326 from PrivateBin/unset-platform-matrix 
in PHP matrix tests, we don't want to constrain the platform
 2024-05-13 06:58:53 +02:00
El RIDO
df377d9652 in PHP matrix tests, we don't want to constrain the platform 
setting the platform allow composer to prevent upgrades to versions that would exceed the configured version, for the matrix tests we want to use the latest ones for that release
 2024-05-09 19:33:50 +02:00
rugk
9df90ece78 Merge branch 'experimental-8.4' into test-improvments 2024-05-05 18:27:08 +02:00
rugk
4ff9dea9cf ci: try fixing intendation 2024-05-05 15:10:00 +02:00
rugk
6144caae85 ci: fix test results publishing being a totally separate action 2024-05-05 15:01:47 +02:00
rugk
33df5fbd2f Actually make tests continue on experimental builds 2024-05-04 16:02:31 +02:00
rugk
1d6a14ba14 Switch to better artifact download action 2024-05-04 13:29:58 +02:00
rugk
93f59d6456 Upload and use event file, too, for test runs 
To support forked repos: https://github.com/marketplace/actions/publish-test-results#support-fork-repositories-and-dependabot-branches

**NOTE:** Do _not_ use with `pull_request_target` as that causes issues!
 2024-05-04 13:21:57 +02:00
rugk
00fca44986 Fix npm syntax 2024-05-04 13:14:25 +02:00
rugk
f92edf0026 Run mocha tests properly 2024-05-04 13:13:22 +02:00
rugk
91957838be Add upload test results job 
As per https://github.com/marketplace/actions/publish-test-results#use-with-matrix-strategy only one job should upload all results.
 2024-05-04 13:07:53 +02:00
rugk
04822aa643 Actually make tests continue on experimental builds 2024-05-04 12:40:44 +02:00
rugk
55dec46cf4 Mark PHP v8.4 tests as experimental 
As per this doc: https://docs.github.com/en/actions/using-jobs/using-a-matrix-for-your-jobs#handling-failures

Workaround for https://github.com/PrivateBin/PrivateBin/issues/1301 for now. I hope this ignores failures?
 2024-05-04 12:16:37 +02:00
El RIDO
baf8c4a11d tolerate test failures in the PHP development release 
at this time, guzzle, dependency of google cloud storage library, raises deprecation warnings in PHP 8.4, which caused the tests to be considered failed
 2024-05-04 08:58:20 +02:00
dependabot[bot]
ad19f8cfe6 Bump slsa-framework/slsa-github-generator from 1.10.0 to 2.0.0 
Bumps [slsa-framework/slsa-github-generator](https://github.com/slsa-framework/slsa-github-generator) from 1.10.0 to 2.0.0.
- [Release notes](https://github.com/slsa-framework/slsa-github-generator/releases)
- [Changelog](https://github.com/slsa-framework/slsa-github-generator/blob/main/CHANGELOG.md)
- [Commits](https://github.com/slsa-framework/slsa-github-generator/compare/v1.10.0...v2.0.0)

---
updated-dependencies:
- dependency-name: slsa-framework/slsa-github-generator
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-04-23 11:43:14 +00:00
dependabot[bot]
383dbf1c79 Bump slsa-framework/slsa-github-generator from 1.9.0 to 1.10.0 
Bumps [slsa-framework/slsa-github-generator](https://github.com/slsa-framework/slsa-github-generator) from 1.9.0 to 1.10.0.
- [Release notes](https://github.com/slsa-framework/slsa-github-generator/releases)
- [Changelog](https://github.com/slsa-framework/slsa-github-generator/blob/main/CHANGELOG.md)
- [Commits](https://github.com/slsa-framework/slsa-github-generator/compare/v1.9.0...v1.10.0)

---
updated-dependencies:
- dependency-name: slsa-framework/slsa-github-generator
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-03-21 11:46:25 +00:00
dependabot[bot]
ba25ab8fa9 Bump actions/cache from 3 to 4 
Bumps [actions/cache](https://github.com/actions/cache) from 3 to 4.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-01-18 11:21:35 +00:00
dependabot[bot]
03e3e4fa06 Bump github/codeql-action from 2 to 3 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2 to 3.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-14 11:52:46 +00:00
El RIDO
826444bef7 fix shasum in release pipeline, hope this fixes #1169 2023-12-09 10:50:49 +01:00
El RIDO
8d97569de0 enable testing on PHP 8.3 and 8.4 
at this time both are still installed out of nightly builds, though 8.3
got released last week, see:
https://github.com/shivammathur/setup-php#tada-php-support
 2023-11-26 09:54:28 +01:00
rugk
b9d74ecd35 Use Node20 for tests 
A try following https://github.com/PrivateBin/PrivateBin/pull/1189#pullrequestreview-1695447526
 2023-10-24 19:03:47 +02:00
dependabot[bot]
9114ca00bf Bump actions/setup-node from 3 to 4 
Bumps [actions/setup-node](https://github.com/actions/setup-node) from 3 to 4.
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/setup-node
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-24 11:05:40 +00:00
dependabot[bot]
58f919ecdd Bump actions/checkout from 3 to 4 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-22 11:33:49 +00:00
El RIDO
ad50950b3c Extract latest changelog entry and attach it to draft 2023-09-18 20:50:14 +02:00
El RIDO
73c13af10d add workflow attaching SLSA provinence to draft release 2023-09-18 20:47:16 +02:00
dependabot[bot]
5bd2eb97e6 Bump actions/checkout from 3 to 4 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-05 11:13:01 +00:00
El RIDO
81ae359dfc Delete shiftleft-analysis.yml 
Development on this stopped in 2021 and apart from the (false positive) secret scan, dev suggests CodeQL replaces it, feature wise: https://github.com/ShiftLeftSecurity/sast-scan/issues/352
 2023-08-17 00:00:30 +02:00
El RIDO
e83f51b547 Merge pull request #1138 from PrivateBin/dependabot/github_actions/github/codeql-action-2 
Bump github/codeql-action from 1 to 2
 2023-08-08 20:19:02 +02:00
dependabot[bot]
cbff1c8488 Bump github/codeql-action from 1 to 2 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 1 to 2.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v1...v2)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-08 11:13:15 +00:00
dependabot[bot]
5f71c9de10 Bump actions/checkout from 2 to 3 
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-08 11:13:08 +00:00
El RIDO
4796c7ff02 Merge pull request #807 from PrivateBin/siftleft-scan 
Add Shiftleft scan
 2023-08-07 20:46:43 +02:00
El RIDO
ecf100551d document change, raise minimum PHP version to 7.3, remove branch refresh 2023-07-23 10:04:57 +02:00
El RIDO
34264cb7f5 Merge branch 'master' into php8 2022-10-26 08:24:41 +02:00
El RIDO
ba4878056b misleading documentation 2022-10-26 05:51:36 +02:00
El RIDO
ae6248e27e handle github actions deprecation warnings 
see: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
 2022-10-26 05:48:51 +02:00
El RIDO
7b98d7381f allow tests to be manually triggered 2022-10-26 05:30:37 +02:00
El RIDO
b890d768d1 enable use of PHP 8.2 2022-10-25 06:53:26 +02:00
El RIDO
8c2cc18b66 Merge branch 'master' into php8 2022-07-31 08:53:52 +02:00
rugk
48bb2fdf0f Use NodeJs v16 for tests 
So 14 worked, let's try 16. (Actually noticed fedora uses v16 not 14 which makes sense if you see the support time.)
 2022-07-10 00:13:47 +02:00
El RIDO
b46b4300ec Merge pull request #955 from PrivateBin/node14 
chore: run tests with NodeJS 14
 2022-07-09 17:45:23 +02:00
rugk
e536db9b7e style: run tests via npm script insread of custom command 
I.e. not call mocha directly but let the script defined in package.json do it's job.
 2022-07-09 17:04:28 +02:00
rugk
9a476ac34d chore: switch to proper cache file now we have it, i.e. package-lock.json 
as per https://github.com/actions/setup-node#caching-global-packages-data
 2022-07-09 17:00:45 +02:00
rugk
79fd33d21f chore: run tests with NodeJS 14 
I expect no stuff to break or so, so let's just try to use the current recommend LTS version. (v14 will also die at some time, but Fedora e.g. still seems to use it for now by default. Likely we may upgrade soon even more.)

Ref https://nodejs.org/en/about/releases/
 2022-07-09 16:57:06 +02:00