public-offering
/
pad.pub0.org
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
8,152 Commits
190 Branches
71 Tags
55 MiB
Commit Graph

106 Commits (05eddd03a1859416e7cf0c91c858392ec89d056a)

Author SHA1 Message Date
webzwo0i 208d4918f9 remove npm i - is this still needed? 2023-07-29 14:31:51 +02:00
webzwo0i 4f85205134 Remove etherpad-cli-client devDependency. 
We use this package when testing rate limiting. We already install it in
Docker, when running the Github workflow, so there is no need to install it by default.

In contrast to other devDependencies this is not required in case you
want to run the backend tests or check the code with eslint etc.
 2023-07-29 13:41:20 +02:00
webzwo0i 9089b8b973 Use `npm link` to install ep_etherpad-lite. This places a package.json 
file in the root directory that references ./src directory as the file
source for `ep_etherpad-lite`.

Remove --legacy-peer-deps and --no-save when invoking npm. There is no
need for them anymore, as we are bumping npm now to v8.

./src/package.json contains all dependencies of Etherpad core
(package name ep_etherpad-lite) as before. The root directory's
package.json file references ep_etherpad-lite and also contains
references to any installed plugins.

Remove npm from package.json as we depend on a recent version now; PATH is still updated as before, so in the future we may install a custom npm version again

lint package-lock: update exception for sqlite3

remove node_modules and package.json during installDeps.sh

update Dockerfile

adapt minify

windows build

Fixed installOnWindows.bat

remove node_modules from git

bump minimal node/npm version in src/bin/functions.sh

add changelog notes

update installdeps

fix dockerfile

docker: test npm prefix set to the etherpad directory

workflow: upgrade-from-latest-release needs to be adapted until next release is out

Revert "docker: test npm prefix set to the etherpad directory"

This reverts commit b856a2488c9dbfb2acf35309cd1ee83016b631ad.

use npm link --bin-links=false to prevent it from copying bin files

temp fix for scripts as they are not installed to bin directory anymore

adjust bin paths in Dockerfile

Dockerfile

add hint for npm link, dockerfile

update dockerfile

Revert "Fixed installOnWindows.bat"

This reverts commit 70d0716bbedc4c0c1043155fcc5d157f01775c61.

try installOnWindows; still TODO: no difference between production and development; no warning like in installDeps.sh before update - it just removes package* and node_modules so admins must be aware of the plugins they want to reinstall later

update installOnWindows.bat

update package-lock.json

Dockerfile

Dockerfile

add file: scheme for lint check - needed as long as we have the plugin compatibility symlinks in ./src/node_modules

fix installOnWindows

upgrade-from-latest-release workflow: adapt cypress installation

src/package.json: test-container fix path to _mocha; maybe revert this in case we enable bin-links again

src/package.json: add test-on-windows script

another try with test-on-windows, without using bin-links

use bin-links on windows

Revert "use bin-links on windows"

This reverts commit f50ec2a9fabe3098d48e8f412b73c01edbe2140e.

invoke mocha binary on windows

run npm i once on windows, to make bin files available - why?

remove supertest on windows production builds

add symlink for mocha

debug

Revert "debug"

This reverts commit 8916a0515ca2897c57ca65fef49fd0b3610d2989.

Revert "add symlink for mocha"

This reverts commit 3c60bef77d2a120d24fce14421fe638598cd849d.

windows workflow: adapt cypress path

frontend admin tests
 2023-07-08 14:31:54 +02:00
John McLear 1d289520eb
Require Node 16 for Etherpad and target Node 20 for testing (#5771) 2023-06-26 18:11:32 +01:00
John McLear 04826edd3b
github action fix for windows build (#5737) 
* github action fix for windows build

* cypress pathing
 2023-06-22 01:45:11 +01:00
dependabot[bot] 7ece72503a build(deps): bump actions/dependency-review-action from 1 to 3 
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 1 to 3.
- [Release notes](https://github.com/actions/dependency-review-action/releases)
- [Commits](https://github.com/actions/dependency-review-action/compare/v1...v3)

---
updated-dependencies:
- dependency-name: actions/dependency-review-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-06-21 13:17:38 +01:00
dependabot[bot] 6eb037525c build(deps): bump actions/stale from 7 to 8 
Bumps [actions/stale](https://github.com/actions/stale) from 7 to 8.
- [Release notes](https://github.com/actions/stale/releases)
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/stale/compare/v7...v8)

---
updated-dependencies:
- dependency-name: actions/stale
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-06-21 13:13:52 +01:00
dependabot[bot] ed8b8f0893 build(deps): bump saucelabs/sauce-connect-action from 2.1.1 to 2.3.4 
Bumps [saucelabs/sauce-connect-action](https://github.com/saucelabs/sauce-connect-action) from 2.1.1 to 2.3.4.
- [Release notes](https://github.com/saucelabs/sauce-connect-action/releases)
- [Changelog](https://github.com/saucelabs/sauce-connect-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/saucelabs/sauce-connect-action/compare/v2.1.1...v2.3.4)

---
updated-dependencies:
- dependency-name: saucelabs/sauce-connect-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-06-21 13:11:20 +01:00
dependabot[bot] 5c376ea17a build(deps): bump joncloud/makensis-action from 3.6 to 3.7 
Bumps [joncloud/makensis-action](https://github.com/joncloud/makensis-action) from 3.6 to 3.7.
- [Release notes](https://github.com/joncloud/makensis-action/releases)
- [Commits](https://github.com/joncloud/makensis-action/compare/v3.6...v3.7)

---
updated-dependencies:
- dependency-name: joncloud/makensis-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-06-21 13:11:06 +01:00
dependabot[bot] 0dea4cb1c8 build(deps): bump docker/setup-buildx-action from 1 to 2 
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 1 to 2.
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](https://github.com/docker/setup-buildx-action/compare/v1...v2)

---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-06-20 14:11:58 +01:00
dependabot[bot] 0f557909ba build(deps): bump docker/metadata-action from 3 to 4 
Bumps [docker/metadata-action](https://github.com/docker/metadata-action) from 3 to 4.
- [Release notes](https://github.com/docker/metadata-action/releases)
- [Upgrade guide](https://github.com/docker/metadata-action/blob/master/UPGRADE.md)
- [Commits](https://github.com/docker/metadata-action/compare/v3...v4)

---
updated-dependencies:
- dependency-name: docker/metadata-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-06-20 13:48:05 +01:00
dependabot[bot] 3879763656 build(deps): bump docker/login-action from 1 to 2 
Bumps [docker/login-action](https://github.com/docker/login-action) from 1 to 2.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/v1...v2)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-06-20 13:46:10 +01:00
dependabot[bot] c175d1ea36 build(deps): bump actions/stale from 5 to 7 
Bumps [actions/stale](https://github.com/actions/stale) from 5 to 7.
- [Release notes](https://github.com/actions/stale/releases)
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/stale/compare/v5...v7)

---
updated-dependencies:
- dependency-name: actions/stale
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-06-20 13:44:15 +01:00
dependabot[bot] d4b5ce2db3 build(deps): bump docker/build-push-action from 2 to 4 
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 2 to 4.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v2...v4)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-06-20 13:43:20 +01:00
Alex efe32ac333
GitHub Workflows security hardening (#5598) 
* build: harden frontend-tests.yml permissions
Signed-off-by: Alex <aleksandrosansan@gmail.com>

* build: harden frontend-admin-tests.yml permissions
Signed-off-by: Alex <aleksandrosansan@gmail.com>
 2023-06-20 13:27:03 +01:00
dependabot[bot] 156348e314 build(deps): bump docker/setup-qemu-action from 1 to 2 
Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) from 1 to 2.
- [Release notes](https://github.com/docker/setup-qemu-action/releases)
- [Commits](https://github.com/docker/setup-qemu-action/compare/v1...v2)

---
updated-dependencies:
- dependency-name: docker/setup-qemu-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-09-25 00:09:13 +02:00
webzwo0i c28177388a Drop support for Node v12. 
Add v18 to test matrix
 2022-09-24 22:58:32 +02:00
webzwo0i 21d03c1924 stale workflow: fix syntax 2022-09-24 20:15:55 +02:00
webzwo0i 111ad5c52e fix cypress config 2022-09-24 18:44:15 +02:00
Richard Hansen a059a653ba ci: stale: Don't auto-close issues or PRs 
Users can't reopen them, so auto-closing tends to irritate users.
Also, when developer activity drops, stale is less meaningful.
 2022-07-16 15:08:32 -04:00
Richard Hansen 3018c33efd ci: stale: Use wontfix for close label, not stale 2022-07-16 15:04:40 -04:00
Richard Hansen a95c7b61ea ci: stale: Switch from app to action 
The stale app seems to be unmaintained.
 2022-07-16 15:03:42 -04:00
Richard Hansen 00173cf55d Windows build: Consolidate Windows workflows 2022-05-14 18:25:29 -04:00
Richard Hansen b1d48bb333 Windows build: Extract .zip outside repo clone 2022-05-14 17:50:46 -04:00
Richard Hansen 52dd6a26bc Windows build: Rename the `.exe` for consistency 2022-05-14 17:46:32 -04:00
Richard Hansen 8a2ef69873 Windows build: Move NSIS installer script to this repo 2022-05-14 17:46:32 -04:00
Richard Hansen e71f69ec72 Windows build: Rename zip to `etherpad-win.zip` 2022-05-14 17:45:30 -04:00
dependabot[bot] 0adc027e25 build(deps): bump github/codeql-action from 1 to 2 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 1 to 2.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v1...v2)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-02 21:30:46 -04:00
Naveen 77e036e8d3 chore(deps): Included dependency review 
> Dependency Review GitHub Action in your repository to enforce dependency reviews on your pull requests.
> The action scans for vulnerable versions of dependencies introduced by package version changes in pull requests,
> and warns you about the associated security vulnerabilities.
> This gives you better visibility of what's changing in a pull request,
> and helps prevent vulnerabilities being added to your repository.

https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review#dependency-review-enforcement
 2022-05-02 21:27:57 -04:00
naveen 2929a3c0bd chore: Set permissions for GitHub actions 
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.

- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)

Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
 2022-05-02 20:48:01 -04:00
dependabot[bot] 5e99ae772a build(deps): bump actions/upload-artifact from 2 to 3 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 2 to 3.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-04-08 21:44:53 -04:00
dependabot[bot] d7c44c5725 build(deps): bump actions/download-artifact from 2 to 3 
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 2 to 3.
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](https://github.com/actions/download-artifact/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/download-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-04-08 21:44:21 -04:00
Grant Slater a11cf67de7 Docker: use buildx to build amd64 and arm64 images 2022-03-20 22:11:09 -04:00
Richard Hansen 5748c76db3 ci: docker: Show Etherpad logs 2022-03-12 00:40:48 -05:00
Richard Hansen 178db7508f ci: docker: Wait for container to be healthy 2022-03-12 00:40:48 -05:00
Richard Hansen a6b969c811 ci: Bump actions/checkout to v3 2022-03-01 17:17:16 -05:00
dependabot[bot] 90d1ae87a7 build(deps): bump actions/setup-node from 2 to 3 
Bumps [actions/setup-node](https://github.com/actions/setup-node) from 2 to 3.
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/setup-node
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-02-25 23:51:38 -05:00
Richard Hansen c568bb1baa ci: Skip frontend tests for Dependabot PRs 2022-01-28 01:51:15 -05:00
Richard Hansen 43aa1e4aeb ci: Reformat `.yml` files for readability 2022-01-28 01:39:45 -05:00
dependabot[bot] 84c7da82cf
build(deps): bump saucelabs/sauce-connect-action from 2.0.0 to 2.1.1 
Bumps [saucelabs/sauce-connect-action](https://github.com/saucelabs/sauce-connect-action) from 2.0.0 to 2.1.1.
- [Release notes](https://github.com/saucelabs/sauce-connect-action/releases)
- [Changelog](https://github.com/saucelabs/sauce-connect-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/saucelabs/sauce-connect-action/compare/v2.0.0...v2.1.1)

---
updated-dependencies:
- dependency-name: saucelabs/sauce-connect-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-01-28 04:54:58 +00:00
Richard Hansen 35a182e053 ci: dependabot: Set `versioning-strategy` to `increase` 
This keeps `package.json` in sync with `package-lock.json`.
 2022-01-27 23:54:28 -05:00
Richard Hansen 63a02ec5fa ci: Enable caching 2022-01-27 22:40:38 -05:00
Richard Hansen e80e1c0221 ci: docker: Combine test and build+publish workflows 2022-01-27 22:05:47 -05:00
Richard Hansen a6fcc92d2a ci: docker: Set up Docker Buildx 
This isn't required, but it's recommended everywhere I look.
 2022-01-27 22:05:47 -05:00
Richard Hansen 3a31ebde4b ci: docker: Style improvements 2022-01-27 22:05:47 -05:00
Richard Hansen f334fb8280 ci: lockfile-lint: Whitelist specific sqlite version 2022-01-27 22:05:47 -05:00
Richard Hansen f925b481c6 ci: lockfile-lint: Pass `--no-save` to npm 2022-01-27 22:05:47 -05:00
Felix 578ae17aa8
Add docker & npm ecosystem to dependabot 2022-01-26 19:34:27 -05:00
dependabot[bot] e4944b8bfa Bump saucelabs/sauce-connect-action from 1.1.2 to 2.0.0 
Bumps [saucelabs/sauce-connect-action](https://github.com/saucelabs/sauce-connect-action) from 1.1.2 to 2.0.0.
- [Release notes](https://github.com/saucelabs/sauce-connect-action/releases)
- [Changelog](https://github.com/saucelabs/sauce-connect-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/saucelabs/sauce-connect-action/compare/v1.1.2...v2.0.0)

---
updated-dependencies:
- dependency-name: saucelabs/sauce-connect-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-11-29 22:32:27 -05:00
dependabot[bot] 68933718f6
Bump joncloud/makensis-action from 3.4 to 3.6 
Bumps [joncloud/makensis-action](https://github.com/joncloud/makensis-action) from 3.4 to 3.6.
- [Release notes](https://github.com/joncloud/makensis-action/releases)
- [Commits](https://github.com/joncloud/makensis-action/compare/v3.4...v3.6)

---
updated-dependencies:
- dependency-name: joncloud/makensis-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-11-30 02:05:07 +00:00