tedkulp/PrivateBin
1
0
Fork 0
mirror of https://github.com/PrivateBin/PrivateBin.git synced 2026-03-05 13:30:32 -05:00
Code Issues Packages Projects Releases Wiki Activity
4,247 Commits 11 Branches 40 Tags
d638b2dac4cb36409bff281231f75ffbb3370d03
Commit Graph

173 Commits

Author SHA1 Message Date
El RIDO
d638b2dac4 correct version selector 2025-10-08 08:56:44 +02:00
El RIDO
ee531a0b81 update codeql actions to release 4 (node 24) and enable github action scanning 2025-10-08 08:45:06 +02:00
El RIDO
020818d3fc move codacy action to workflows to get it to execute 
we seem to have never noticed that it didn't ever run after adding it
 2025-10-08 08:43:52 +02:00
El RIDO
e775647206 attempting to make the condition list more readable 2025-09-13 07:56:54 +02:00
El RIDO
5cca4be89a enable running tests on pull requests 2025-09-13 07:21:10 +02:00
El RIDO
86b1a4e9ac disable running snyk if triggering user doesn't have access to the secret 2025-09-13 07:20:25 +02:00
dependabot[bot]
ba5dfb2a08 Bump actions/setup-node from 4 to 5 
Bumps [actions/setup-node](https://github.com/actions/setup-node) from 4 to 5.
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/v4...v5)

---
updated-dependencies:
- dependency-name: actions/setup-node
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-09-04 13:21:14 +00:00
dependabot[bot]
09bab8744f Bump actions/checkout from 4 to 5 
Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 5.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v4...v5)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-08-12 17:11:00 +00:00
El RIDO
09ba23ae22 adding a test stage for the configuration combinations 2025-07-26 08:40:48 +02:00
El RIDO
13869e46be updating jdenticon library to 2.0.0, minimum PHP version 7.4 2025-07-14 22:01:11 +02:00
dependabot[bot]
d544d1281d Bump dawidd6/action-download-artifact from 10 to 11 
Bumps [dawidd6/action-download-artifact](https://github.com/dawidd6/action-download-artifact) from 10 to 11.
- [Release notes](https://github.com/dawidd6/action-download-artifact/releases)
- [Commits](4c1e823582...ac66b43f0e)

---
updated-dependencies:
- dependency-name: dawidd6/action-download-artifact
  dependency-version: '11'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-06-16 12:22:51 +00:00
dependabot[bot]
3a1eb8d534 Bump dawidd6/action-download-artifact from 9 to 10 
Bumps [dawidd6/action-download-artifact](https://github.com/dawidd6/action-download-artifact) from 9 to 10.
- [Release notes](https://github.com/dawidd6/action-download-artifact/releases)
- [Commits](07ab29fd4a...4c1e823582)

---
updated-dependencies:
- dependency-name: dawidd6/action-download-artifact
  dependency-version: '10'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-06-02 12:46:39 +00:00
El RIDO
37871eac69 node 20 seems to fail with the updated jsdom, locally I had tested with 18 - lets downgrade till we can find a solution 2025-04-09 21:11:10 +02:00
dependabot[bot]
d89bc1b97b Bump dawidd6/action-download-artifact from 8 to 9 
Bumps [dawidd6/action-download-artifact](https://github.com/dawidd6/action-download-artifact) from 8 to 9.
- [Release notes](https://github.com/dawidd6/action-download-artifact/releases)
- [Commits](20319c5641...07ab29fd4a)

---
updated-dependencies:
- dependency-name: dawidd6/action-download-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-02-27 11:25:13 +00:00
dependabot[bot]
478b79b7b7 Bump slsa-framework/slsa-github-generator from 2.0.0 to 2.1.0 
Bumps [slsa-framework/slsa-github-generator](https://github.com/slsa-framework/slsa-github-generator) from 2.0.0 to 2.1.0.
- [Release notes](https://github.com/slsa-framework/slsa-github-generator/releases)
- [Changelog](https://github.com/slsa-framework/slsa-github-generator/blob/main/CHANGELOG.md)
- [Commits](https://github.com/slsa-framework/slsa-github-generator/compare/v2.0.0...v2.1.0)

---
updated-dependencies:
- dependency-name: slsa-framework/slsa-github-generator
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-02-25 11:57:15 +00:00
dependabot[bot]
6dbd9bd157 Bump dawidd6/action-download-artifact from 7 to 8 
Bumps [dawidd6/action-download-artifact](https://github.com/dawidd6/action-download-artifact) from 7 to 8.
- [Release notes](https://github.com/dawidd6/action-download-artifact/releases)
- [Commits](80620a5d27...20319c5641)

---
updated-dependencies:
- dependency-name: dawidd6/action-download-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-01-22 11:07:30 +00:00
El RIDO
8b7ccb0fd4 PHP 8.4 is no longer a development release 2024-12-22 12:14:25 +01:00
dependabot[bot]
7ee6bcafc4 Bump dawidd6/action-download-artifact from 6 to 7 
Bumps [dawidd6/action-download-artifact](https://github.com/dawidd6/action-download-artifact) from 6 to 7.
- [Release notes](https://github.com/dawidd6/action-download-artifact/releases)
- [Commits](bf251b5aa9...80620a5d27)

---
updated-dependencies:
- dependency-name: dawidd6/action-download-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-11-29 11:11:25 +00:00
El RIDO
d097631469 possibly not necessary? 2024-07-07 14:28:29 +02:00
El RIDO
84d4d31c73 composer is not part of the matrix, don't try and process event.json 2024-07-07 14:22:48 +02:00
El RIDO
17f924118e address warnings and errors in github actions 2024-07-07 14:13:59 +02:00
dependabot[bot]
4d912b082b Bump dawidd6/action-download-artifact from 5 to 6 
Bumps [dawidd6/action-download-artifact](https://github.com/dawidd6/action-download-artifact) from 5 to 6.
- [Release notes](https://github.com/dawidd6/action-download-artifact/releases)
- [Commits](deb3bb8325...bf251b5aa9)

---
updated-dependencies:
- dependency-name: dawidd6/action-download-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-06-12 11:12:15 +00:00
dependabot[bot]
48b4c6ce5b Bump dawidd6/action-download-artifact from 3.1.4 to 5 
Bumps [dawidd6/action-download-artifact](https://github.com/dawidd6/action-download-artifact) from 3.1.4 to 5.
- [Release notes](https://github.com/dawidd6/action-download-artifact/releases)
- [Commits](09f2f74827...deb3bb8325)

---
updated-dependencies:
- dependency-name: dawidd6/action-download-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-06-04 11:09:50 +00:00
El RIDO
b32efe0187 disable snyk scan on forks, they won't have the necessary secret 2024-05-30 07:54:19 +02:00
dependabot[bot]
2aeec14a52 Bump dawidd6/action-download-artifact from 3.0.0 to 3.1.4 
Bumps [dawidd6/action-download-artifact](https://github.com/dawidd6/action-download-artifact) from 3.0.0 to 3.1.4.
- [Release notes](https://github.com/dawidd6/action-download-artifact/releases)
- [Commits](e7466d1a75...09f2f74827)

---
updated-dependencies:
- dependency-name: dawidd6/action-download-artifact
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-05-13 12:00:22 +00:00
El RIDO
74cc2c3c92 Merge pull request #1326 from PrivateBin/unset-platform-matrix 
in PHP matrix tests, we don't want to constrain the platform
 2024-05-13 06:58:53 +02:00
El RIDO
df377d9652 in PHP matrix tests, we don't want to constrain the platform 
setting the platform allow composer to prevent upgrades to versions that would exceed the configured version, for the matrix tests we want to use the latest ones for that release
 2024-05-09 19:33:50 +02:00
rugk
9df90ece78 Merge branch 'experimental-8.4' into test-improvments 2024-05-05 18:27:08 +02:00
rugk
4ff9dea9cf ci: try fixing intendation 2024-05-05 15:10:00 +02:00
rugk
6144caae85 ci: fix test results publishing being a totally separate action 2024-05-05 15:01:47 +02:00
rugk
33df5fbd2f Actually make tests continue on experimental builds 2024-05-04 16:02:31 +02:00
rugk
1d6a14ba14 Switch to better artifact download action 2024-05-04 13:29:58 +02:00
rugk
93f59d6456 Upload and use event file, too, for test runs 
To support forked repos: https://github.com/marketplace/actions/publish-test-results#support-fork-repositories-and-dependabot-branches

**NOTE:** Do _not_ use with `pull_request_target` as that causes issues!
 2024-05-04 13:21:57 +02:00
rugk
00fca44986 Fix npm syntax 2024-05-04 13:14:25 +02:00
rugk
f92edf0026 Run mocha tests properly 2024-05-04 13:13:22 +02:00
rugk
91957838be Add upload test results job 
As per https://github.com/marketplace/actions/publish-test-results#use-with-matrix-strategy only one job should upload all results.
 2024-05-04 13:07:53 +02:00
rugk
04822aa643 Actually make tests continue on experimental builds 2024-05-04 12:40:44 +02:00
rugk
55dec46cf4 Mark PHP v8.4 tests as experimental 
As per this doc: https://docs.github.com/en/actions/using-jobs/using-a-matrix-for-your-jobs#handling-failures

Workaround for https://github.com/PrivateBin/PrivateBin/issues/1301 for now. I hope this ignores failures?
 2024-05-04 12:16:37 +02:00
El RIDO
baf8c4a11d tolerate test failures in the PHP development release 
at this time, guzzle, dependency of google cloud storage library, raises deprecation warnings in PHP 8.4, which caused the tests to be considered failed
 2024-05-04 08:58:20 +02:00
dependabot[bot]
ad19f8cfe6 Bump slsa-framework/slsa-github-generator from 1.10.0 to 2.0.0 
Bumps [slsa-framework/slsa-github-generator](https://github.com/slsa-framework/slsa-github-generator) from 1.10.0 to 2.0.0.
- [Release notes](https://github.com/slsa-framework/slsa-github-generator/releases)
- [Changelog](https://github.com/slsa-framework/slsa-github-generator/blob/main/CHANGELOG.md)
- [Commits](https://github.com/slsa-framework/slsa-github-generator/compare/v1.10.0...v2.0.0)

---
updated-dependencies:
- dependency-name: slsa-framework/slsa-github-generator
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-04-23 11:43:14 +00:00
dependabot[bot]
383dbf1c79 Bump slsa-framework/slsa-github-generator from 1.9.0 to 1.10.0 
Bumps [slsa-framework/slsa-github-generator](https://github.com/slsa-framework/slsa-github-generator) from 1.9.0 to 1.10.0.
- [Release notes](https://github.com/slsa-framework/slsa-github-generator/releases)
- [Changelog](https://github.com/slsa-framework/slsa-github-generator/blob/main/CHANGELOG.md)
- [Commits](https://github.com/slsa-framework/slsa-github-generator/compare/v1.9.0...v1.10.0)

---
updated-dependencies:
- dependency-name: slsa-framework/slsa-github-generator
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-03-21 11:46:25 +00:00
dependabot[bot]
ba25ab8fa9 Bump actions/cache from 3 to 4 
Bumps [actions/cache](https://github.com/actions/cache) from 3 to 4.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-01-18 11:21:35 +00:00
dependabot[bot]
03e3e4fa06 Bump github/codeql-action from 2 to 3 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2 to 3.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-14 11:52:46 +00:00
El RIDO
826444bef7 fix shasum in release pipeline, hope this fixes #1169 2023-12-09 10:50:49 +01:00
El RIDO
8d97569de0 enable testing on PHP 8.3 and 8.4 
at this time both are still installed out of nightly builds, though 8.3
got released last week, see:
https://github.com/shivammathur/setup-php#tada-php-support
 2023-11-26 09:54:28 +01:00
rugk
b9d74ecd35 Use Node20 for tests 
A try following https://github.com/PrivateBin/PrivateBin/pull/1189#pullrequestreview-1695447526
 2023-10-24 19:03:47 +02:00
dependabot[bot]
9114ca00bf Bump actions/setup-node from 3 to 4 
Bumps [actions/setup-node](https://github.com/actions/setup-node) from 3 to 4.
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/setup-node
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-24 11:05:40 +00:00
dependabot[bot]
58f919ecdd Bump actions/checkout from 3 to 4 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-22 11:33:49 +00:00
El RIDO
ad50950b3c Extract latest changelog entry and attach it to draft 2023-09-18 20:50:14 +02:00
El RIDO
73c13af10d add workflow attaching SLSA provinence to draft release 2023-09-18 20:47:16 +02:00