John McLear
04826edd3b
github action fix for windows build ( #5737 )
...
* github action fix for windows build
* cypress pathing
2023-06-22 01:45:11 +01:00
dependabot[bot]
7ece72503a
build(deps): bump actions/dependency-review-action from 1 to 3
...
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) from 1 to 3.
- [Release notes](https://github.com/actions/dependency-review-action/releases )
- [Commits](https://github.com/actions/dependency-review-action/compare/v1...v3 )
---
updated-dependencies:
- dependency-name: actions/dependency-review-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-06-21 13:17:38 +01:00
dependabot[bot]
6eb037525c
build(deps): bump actions/stale from 7 to 8
...
Bumps [actions/stale](https://github.com/actions/stale ) from 7 to 8.
- [Release notes](https://github.com/actions/stale/releases )
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/stale/compare/v7...v8 )
---
updated-dependencies:
- dependency-name: actions/stale
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-06-21 13:13:52 +01:00
dependabot[bot]
ed8b8f0893
build(deps): bump saucelabs/sauce-connect-action from 2.1.1 to 2.3.4
...
Bumps [saucelabs/sauce-connect-action](https://github.com/saucelabs/sauce-connect-action ) from 2.1.1 to 2.3.4.
- [Release notes](https://github.com/saucelabs/sauce-connect-action/releases )
- [Changelog](https://github.com/saucelabs/sauce-connect-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/saucelabs/sauce-connect-action/compare/v2.1.1...v2.3.4 )
---
updated-dependencies:
- dependency-name: saucelabs/sauce-connect-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-06-21 13:11:20 +01:00
dependabot[bot]
5c376ea17a
build(deps): bump joncloud/makensis-action from 3.6 to 3.7
...
Bumps [joncloud/makensis-action](https://github.com/joncloud/makensis-action ) from 3.6 to 3.7.
- [Release notes](https://github.com/joncloud/makensis-action/releases )
- [Commits](https://github.com/joncloud/makensis-action/compare/v3.6...v3.7 )
---
updated-dependencies:
- dependency-name: joncloud/makensis-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-06-21 13:11:06 +01:00
dependabot[bot]
0dea4cb1c8
build(deps): bump docker/setup-buildx-action from 1 to 2
...
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) from 1 to 2.
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](https://github.com/docker/setup-buildx-action/compare/v1...v2 )
---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-06-20 14:11:58 +01:00
dependabot[bot]
0f557909ba
build(deps): bump docker/metadata-action from 3 to 4
...
Bumps [docker/metadata-action](https://github.com/docker/metadata-action ) from 3 to 4.
- [Release notes](https://github.com/docker/metadata-action/releases )
- [Upgrade guide](https://github.com/docker/metadata-action/blob/master/UPGRADE.md )
- [Commits](https://github.com/docker/metadata-action/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: docker/metadata-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-06-20 13:48:05 +01:00
dependabot[bot]
3879763656
build(deps): bump docker/login-action from 1 to 2
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 1 to 2.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](https://github.com/docker/login-action/compare/v1...v2 )
---
updated-dependencies:
- dependency-name: docker/login-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-06-20 13:46:10 +01:00
dependabot[bot]
c175d1ea36
build(deps): bump actions/stale from 5 to 7
...
Bumps [actions/stale](https://github.com/actions/stale ) from 5 to 7.
- [Release notes](https://github.com/actions/stale/releases )
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/stale/compare/v5...v7 )
---
updated-dependencies:
- dependency-name: actions/stale
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-06-20 13:44:15 +01:00
dependabot[bot]
d4b5ce2db3
build(deps): bump docker/build-push-action from 2 to 4
...
Bumps [docker/build-push-action](https://github.com/docker/build-push-action ) from 2 to 4.
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](https://github.com/docker/build-push-action/compare/v2...v4 )
---
updated-dependencies:
- dependency-name: docker/build-push-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-06-20 13:43:20 +01:00
Alex
efe32ac333
GitHub Workflows security hardening ( #5598 )
...
* build: harden frontend-tests.yml permissions
Signed-off-by: Alex <aleksandrosansan@gmail.com>
* build: harden frontend-admin-tests.yml permissions
Signed-off-by: Alex <aleksandrosansan@gmail.com>
2023-06-20 13:27:03 +01:00
dependabot[bot]
156348e314
build(deps): bump docker/setup-qemu-action from 1 to 2
...
Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action ) from 1 to 2.
- [Release notes](https://github.com/docker/setup-qemu-action/releases )
- [Commits](https://github.com/docker/setup-qemu-action/compare/v1...v2 )
---
updated-dependencies:
- dependency-name: docker/setup-qemu-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-09-25 00:09:13 +02:00
webzwo0i
c28177388a
Drop support for Node v12.
...
Add v18 to test matrix
2022-09-24 22:58:32 +02:00
webzwo0i
21d03c1924
stale workflow: fix syntax
2022-09-24 20:15:55 +02:00
webzwo0i
111ad5c52e
fix cypress config
2022-09-24 18:44:15 +02:00
Richard Hansen
a059a653ba
ci: stale: Don't auto-close issues or PRs
...
Users can't reopen them, so auto-closing tends to irritate users.
Also, when developer activity drops, stale is less meaningful.
2022-07-16 15:08:32 -04:00
Richard Hansen
3018c33efd
ci: stale: Use wontfix for close label, not stale
2022-07-16 15:04:40 -04:00
Richard Hansen
a95c7b61ea
ci: stale: Switch from app to action
...
The stale app seems to be unmaintained.
2022-07-16 15:03:42 -04:00
Richard Hansen
00173cf55d
Windows build: Consolidate Windows workflows
2022-05-14 18:25:29 -04:00
Richard Hansen
b1d48bb333
Windows build: Extract .zip outside repo clone
2022-05-14 17:50:46 -04:00
Richard Hansen
52dd6a26bc
Windows build: Rename the `.exe` for consistency
2022-05-14 17:46:32 -04:00
Richard Hansen
8a2ef69873
Windows build: Move NSIS installer script to this repo
2022-05-14 17:46:32 -04:00
Richard Hansen
e71f69ec72
Windows build: Rename zip to `etherpad-win.zip`
2022-05-14 17:45:30 -04:00
dependabot[bot]
0adc027e25
build(deps): bump github/codeql-action from 1 to 2
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 1 to 2.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v1...v2 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-05-02 21:30:46 -04:00
Naveen
77e036e8d3
chore(deps): Included dependency review
...
> Dependency Review GitHub Action in your repository to enforce dependency reviews on your pull requests.
> The action scans for vulnerable versions of dependencies introduced by package version changes in pull requests,
> and warns you about the associated security vulnerabilities.
> This gives you better visibility of what's changing in a pull request,
> and helps prevent vulnerabilities being added to your repository.
https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review#dependency-review-enforcement
2022-05-02 21:27:57 -04:00
naveen
2929a3c0bd
chore: Set permissions for GitHub actions
...
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.
- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ )
Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
2022-05-02 20:48:01 -04:00
dependabot[bot]
5e99ae772a
build(deps): bump actions/upload-artifact from 2 to 3
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 2 to 3.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](https://github.com/actions/upload-artifact/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-04-08 21:44:53 -04:00
dependabot[bot]
d7c44c5725
build(deps): bump actions/download-artifact from 2 to 3
...
Bumps [actions/download-artifact](https://github.com/actions/download-artifact ) from 2 to 3.
- [Release notes](https://github.com/actions/download-artifact/releases )
- [Commits](https://github.com/actions/download-artifact/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: actions/download-artifact
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-04-08 21:44:21 -04:00
Grant Slater
a11cf67de7
Docker: use buildx to build amd64 and arm64 images
2022-03-20 22:11:09 -04:00
Richard Hansen
5748c76db3
ci: docker: Show Etherpad logs
2022-03-12 00:40:48 -05:00
Richard Hansen
178db7508f
ci: docker: Wait for container to be healthy
2022-03-12 00:40:48 -05:00
Richard Hansen
a6b969c811
ci: Bump actions/checkout to v3
2022-03-01 17:17:16 -05:00
dependabot[bot]
90d1ae87a7
build(deps): bump actions/setup-node from 2 to 3
...
Bumps [actions/setup-node](https://github.com/actions/setup-node ) from 2 to 3.
- [Release notes](https://github.com/actions/setup-node/releases )
- [Commits](https://github.com/actions/setup-node/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: actions/setup-node
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-02-25 23:51:38 -05:00
Richard Hansen
c568bb1baa
ci: Skip frontend tests for Dependabot PRs
2022-01-28 01:51:15 -05:00
Richard Hansen
43aa1e4aeb
ci: Reformat `.yml` files for readability
2022-01-28 01:39:45 -05:00
dependabot[bot]
84c7da82cf
build(deps): bump saucelabs/sauce-connect-action from 2.0.0 to 2.1.1
...
Bumps [saucelabs/sauce-connect-action](https://github.com/saucelabs/sauce-connect-action ) from 2.0.0 to 2.1.1.
- [Release notes](https://github.com/saucelabs/sauce-connect-action/releases )
- [Changelog](https://github.com/saucelabs/sauce-connect-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/saucelabs/sauce-connect-action/compare/v2.0.0...v2.1.1 )
---
updated-dependencies:
- dependency-name: saucelabs/sauce-connect-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-01-28 04:54:58 +00:00
Richard Hansen
35a182e053
ci: dependabot: Set `versioning-strategy` to `increase`
...
This keeps `package.json` in sync with `package-lock.json`.
2022-01-27 23:54:28 -05:00
Richard Hansen
63a02ec5fa
ci: Enable caching
2022-01-27 22:40:38 -05:00
Richard Hansen
e80e1c0221
ci: docker: Combine test and build+publish workflows
2022-01-27 22:05:47 -05:00
Richard Hansen
a6fcc92d2a
ci: docker: Set up Docker Buildx
...
This isn't required, but it's recommended everywhere I look.
2022-01-27 22:05:47 -05:00
Richard Hansen
3a31ebde4b
ci: docker: Style improvements
2022-01-27 22:05:47 -05:00
Richard Hansen
f334fb8280
ci: lockfile-lint: Whitelist specific sqlite version
2022-01-27 22:05:47 -05:00
Richard Hansen
f925b481c6
ci: lockfile-lint: Pass `--no-save` to npm
2022-01-27 22:05:47 -05:00
Felix
578ae17aa8
Add docker & npm ecosystem to dependabot
2022-01-26 19:34:27 -05:00
dependabot[bot]
e4944b8bfa
Bump saucelabs/sauce-connect-action from 1.1.2 to 2.0.0
...
Bumps [saucelabs/sauce-connect-action](https://github.com/saucelabs/sauce-connect-action ) from 1.1.2 to 2.0.0.
- [Release notes](https://github.com/saucelabs/sauce-connect-action/releases )
- [Changelog](https://github.com/saucelabs/sauce-connect-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/saucelabs/sauce-connect-action/compare/v1.1.2...v2.0.0 )
---
updated-dependencies:
- dependency-name: saucelabs/sauce-connect-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-11-29 22:32:27 -05:00
dependabot[bot]
68933718f6
Bump joncloud/makensis-action from 3.4 to 3.6
...
Bumps [joncloud/makensis-action](https://github.com/joncloud/makensis-action ) from 3.4 to 3.6.
- [Release notes](https://github.com/joncloud/makensis-action/releases )
- [Commits](https://github.com/joncloud/makensis-action/compare/v3.4...v3.6 )
---
updated-dependencies:
- dependency-name: joncloud/makensis-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-11-30 02:05:07 +00:00
Richard Hansen
40854b0cfd
GitHub workflow to build and publish Docker images
2021-11-29 21:02:41 -05:00
Richard Hansen
df459c1278
Enable Dependabot for GitHub Actions
2021-11-29 20:35:29 -05:00
Richard Hansen
9cd59a84af
Fix bug_report.md bug template
2021-11-22 17:25:00 -05:00
Peter VandeHaar
9987834b15
Clarify instructions in PULL_REQUEST_TEMPLATE.md
...
This change
- removes instructions about commit headers that nobody follows,
- links to useful resources for first-time contributors,
- simplifies some text, and
- hides all text inside <!-- -->.
2021-10-31 02:40:03 -04:00