Commit Graph

91 Commits (e7c8bd5640664ee9994738357dab65830d5ec1a8)

Author SHA1 Message Date
dependabot[bot] 156348e314 build(deps): bump docker/setup-qemu-action from 1 to 2
Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) from 1 to 2.
- [Release notes](https://github.com/docker/setup-qemu-action/releases)
- [Commits](https://github.com/docker/setup-qemu-action/compare/v1...v2)

---
updated-dependencies:
- dependency-name: docker/setup-qemu-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-09-25 00:09:13 +02:00
webzwo0i c28177388a Drop support for Node v12.
Add v18 to test matrix
2022-09-24 22:58:32 +02:00
webzwo0i 21d03c1924 stale workflow: fix syntax 2022-09-24 20:15:55 +02:00
webzwo0i 111ad5c52e fix cypress config 2022-09-24 18:44:15 +02:00
Richard Hansen a059a653ba ci: stale: Don't auto-close issues or PRs
Users can't reopen them, so auto-closing tends to irritate users.
Also, when developer activity drops, stale is less meaningful.
2022-07-16 15:08:32 -04:00
Richard Hansen 3018c33efd ci: stale: Use wontfix for close label, not stale 2022-07-16 15:04:40 -04:00
Richard Hansen a95c7b61ea ci: stale: Switch from app to action
The stale app seems to be unmaintained.
2022-07-16 15:03:42 -04:00
Richard Hansen 00173cf55d Windows build: Consolidate Windows workflows 2022-05-14 18:25:29 -04:00
Richard Hansen b1d48bb333 Windows build: Extract .zip outside repo clone 2022-05-14 17:50:46 -04:00
Richard Hansen 52dd6a26bc Windows build: Rename the `.exe` for consistency 2022-05-14 17:46:32 -04:00
Richard Hansen 8a2ef69873 Windows build: Move NSIS installer script to this repo 2022-05-14 17:46:32 -04:00
Richard Hansen e71f69ec72 Windows build: Rename zip to `etherpad-win.zip` 2022-05-14 17:45:30 -04:00
dependabot[bot] 0adc027e25 build(deps): bump github/codeql-action from 1 to 2
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 1 to 2.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v1...v2)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-05-02 21:30:46 -04:00
Naveen 77e036e8d3 chore(deps): Included dependency review
> Dependency Review GitHub Action in your repository to enforce dependency reviews on your pull requests.
> The action scans for vulnerable versions of dependencies introduced by package version changes in pull requests,
> and warns you about the associated security vulnerabilities.
> This gives you better visibility of what's changing in a pull request,
> and helps prevent vulnerabilities being added to your repository.

https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review#dependency-review-enforcement
2022-05-02 21:27:57 -04:00
naveen 2929a3c0bd chore: Set permissions for GitHub actions
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.

- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)

Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
2022-05-02 20:48:01 -04:00
dependabot[bot] 5e99ae772a build(deps): bump actions/upload-artifact from 2 to 3
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 2 to 3.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-04-08 21:44:53 -04:00
dependabot[bot] d7c44c5725 build(deps): bump actions/download-artifact from 2 to 3
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 2 to 3.
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](https://github.com/actions/download-artifact/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/download-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-04-08 21:44:21 -04:00
Grant Slater a11cf67de7 Docker: use buildx to build amd64 and arm64 images 2022-03-20 22:11:09 -04:00
Richard Hansen 5748c76db3 ci: docker: Show Etherpad logs 2022-03-12 00:40:48 -05:00
Richard Hansen 178db7508f ci: docker: Wait for container to be healthy 2022-03-12 00:40:48 -05:00
Richard Hansen a6b969c811 ci: Bump actions/checkout to v3 2022-03-01 17:17:16 -05:00
dependabot[bot] 90d1ae87a7 build(deps): bump actions/setup-node from 2 to 3
Bumps [actions/setup-node](https://github.com/actions/setup-node) from 2 to 3.
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/setup-node
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-02-25 23:51:38 -05:00
Richard Hansen c568bb1baa ci: Skip frontend tests for Dependabot PRs 2022-01-28 01:51:15 -05:00
Richard Hansen 43aa1e4aeb ci: Reformat `.yml` files for readability 2022-01-28 01:39:45 -05:00
dependabot[bot] 84c7da82cf
build(deps): bump saucelabs/sauce-connect-action from 2.0.0 to 2.1.1
Bumps [saucelabs/sauce-connect-action](https://github.com/saucelabs/sauce-connect-action) from 2.0.0 to 2.1.1.
- [Release notes](https://github.com/saucelabs/sauce-connect-action/releases)
- [Changelog](https://github.com/saucelabs/sauce-connect-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/saucelabs/sauce-connect-action/compare/v2.0.0...v2.1.1)

---
updated-dependencies:
- dependency-name: saucelabs/sauce-connect-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-01-28 04:54:58 +00:00
Richard Hansen 35a182e053 ci: dependabot: Set `versioning-strategy` to `increase`
This keeps `package.json` in sync with `package-lock.json`.
2022-01-27 23:54:28 -05:00
Richard Hansen 63a02ec5fa ci: Enable caching 2022-01-27 22:40:38 -05:00
Richard Hansen e80e1c0221 ci: docker: Combine test and build+publish workflows 2022-01-27 22:05:47 -05:00
Richard Hansen a6fcc92d2a ci: docker: Set up Docker Buildx
This isn't required, but it's recommended everywhere I look.
2022-01-27 22:05:47 -05:00
Richard Hansen 3a31ebde4b ci: docker: Style improvements 2022-01-27 22:05:47 -05:00
Richard Hansen f334fb8280 ci: lockfile-lint: Whitelist specific sqlite version 2022-01-27 22:05:47 -05:00
Richard Hansen f925b481c6 ci: lockfile-lint: Pass `--no-save` to npm 2022-01-27 22:05:47 -05:00
Felix 578ae17aa8
Add docker & npm ecosystem to dependabot 2022-01-26 19:34:27 -05:00
dependabot[bot] e4944b8bfa Bump saucelabs/sauce-connect-action from 1.1.2 to 2.0.0
Bumps [saucelabs/sauce-connect-action](https://github.com/saucelabs/sauce-connect-action) from 1.1.2 to 2.0.0.
- [Release notes](https://github.com/saucelabs/sauce-connect-action/releases)
- [Changelog](https://github.com/saucelabs/sauce-connect-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/saucelabs/sauce-connect-action/compare/v1.1.2...v2.0.0)

---
updated-dependencies:
- dependency-name: saucelabs/sauce-connect-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-11-29 22:32:27 -05:00
dependabot[bot] 68933718f6
Bump joncloud/makensis-action from 3.4 to 3.6
Bumps [joncloud/makensis-action](https://github.com/joncloud/makensis-action) from 3.4 to 3.6.
- [Release notes](https://github.com/joncloud/makensis-action/releases)
- [Commits](https://github.com/joncloud/makensis-action/compare/v3.4...v3.6)

---
updated-dependencies:
- dependency-name: joncloud/makensis-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-11-30 02:05:07 +00:00
Richard Hansen 40854b0cfd GitHub workflow to build and publish Docker images 2021-11-29 21:02:41 -05:00
Richard Hansen df459c1278 Enable Dependabot for GitHub Actions 2021-11-29 20:35:29 -05:00
Richard Hansen 9cd59a84af
Fix bug_report.md bug template 2021-11-22 17:25:00 -05:00
Peter VandeHaar 9987834b15 Clarify instructions in PULL_REQUEST_TEMPLATE.md
This change
- removes instructions about commit headers that nobody follows,
- links to useful resources for first-time contributors,
- simplifies some text, and
- hides all text inside <!--  -->.
2021-10-31 02:40:03 -04:00
John McLear c47134b3ab
Update bug_report.md 2021-10-09 14:44:48 +01:00
webzwo0i d3890bc2c2 admin tests: Increase `maxHttpBufferSize` to fit `settings.json` 2021-09-29 23:48:03 -04:00
Hossein d262e31bbf fix: install all dependencies and symlink 2021-09-28 19:01:19 -04:00
webzwo0i b475296cee stop closing feature requests by stale bot 2021-07-02 14:07:29 -04:00
Richard Hansen 44343e5c5e tests: Replace Node.js v15 with v16 2021-06-14 23:17:17 +02:00
Richard Hansen ef1ba21104 deps: Drop support for Node.js < 12.13.0 2021-06-14 23:17:17 +02:00
Richard Hansen c2ac5e6145 tests: Fix missing commit in "Upgrade from latest release" workflow 2021-04-20 13:20:33 -04:00
Richard Hansen 96208e8239 tests: Rename workflow to "Upgrade from latest release" 2021-04-20 13:20:04 -04:00
John McLear 536db7553f
tests: CI of updating from master > this commit. (#4912)
* tests: CI of updating from master > this commit.

In response to cypress eslint I thought I'd put some CI testing for if a PR might break automated upgrading.

Matrix usage is probably overkill.

* Update major-version-git-pull-update.yml

* Name...

* include a front end test

* fix pathing

* Clarity on what's happening

* Update .github/workflows/major-version-git-pull-update.yml

Co-authored-by: Richard Hansen <rhansen@rhansen.org>

* Update .github/workflows/major-version-git-pull-update.yml

Co-authored-by: Richard Hansen <rhansen@rhansen.org>

* Update .github/workflows/major-version-git-pull-update.yml

Co-authored-by: Richard Hansen <rhansen@rhansen.org>

Co-authored-by: Richard Hansen <rhansen@rhansen.org>
2021-03-05 06:38:50 +00:00
John McLear a79f9efdb4
Include props to Sauce Labs for the tests they power. (#4897)
* Include props to Sauce Labs for the tests they power.

* include message in CI
2021-03-01 14:46:50 +00:00
John McLear 64e9e7fcda
tests: Frontend test Windows ZIP (#4894)
* tests:  Frontend test Windows ZIP

This PR introduces Frontend testing within Github actions!

We're depending a lot on saucelabs recently and that's fine but sometimes we just want to quickly do a frontend simple test on a weird environment (IE windows build) so this PR solves that problem.

Things to note.

    It still builds the windows .zip if the cypress tests fail.
    It does not add any heavy deps to Etherpad as cypress must be installed in CI.
    Cypress is responsible for running the Etherpad instance.

It's up to us how much we use this or not, I know it introduces a bunch of technical debt but I tried to keep that a minimum by compartmentalizing things and documenting where required.

* Update .github/workflows/windows-zip.yml

Co-authored-by: Richard Hansen <rhansen@rhansen.org>

* remove timeouts

* Move folder structure up a level

* Update windows-zip.yml

* Update test.js

Co-authored-by: Richard Hansen <rhansen@rhansen.org>
2021-03-01 14:31:55 +00:00