Commit Graph

112 Commits

Author SHA1 Message Date
Shivam Mathur
c8c64c6cf9
Bump version to 2.21.0
Continue on npm audit failure
2022-07-19 15:24:35 +05:30
Shivam Mathur
3ede7656cb
Add check for gd in php.yml 2022-07-15 23:22:56 +05:30
Christoph Wurst
109db648f1
Demo PHP8.2+gd failure
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2022-07-13 15:07:46 +02:00
Shivam Mathur
36d7f6c7c5
Set target-branch to develop in dependabot.yml 2022-05-26 09:47:27 +05:30
Shivam Mathur
a1a52db9f3
Merge pull request #598 from shivammathur/dependabot/github_actions/codecov/codecov-action-3
Bump codecov/codecov-action from 2 to 3
2022-05-26 09:45:58 +05:30
Shivam Mathur
88e54b10ca
Merge pull request #599 from shivammathur/dependabot/github_actions/github/codeql-action-2
Bump github/codeql-action from 1 to 2
2022-05-26 09:45:50 +05:30
dependabot[bot]
4e9ea33f8d
Bump actions/setup-node from 1 to 3
Bumps [actions/setup-node](https://github.com/actions/setup-node) from 1 to 3.
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/v1...v3)

---
updated-dependencies:
- dependency-name: actions/setup-node
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-05-26 04:11:48 +00:00
dependabot[bot]
68ba5ba947
Bump github/codeql-action from 1 to 2
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 1 to 2.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v1...v2)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-05-26 04:11:43 +00:00
dependabot[bot]
99af32331c
Bump codecov/codecov-action from 2 to 3
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 2 to 3.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/master/CHANGELOG.md)
- [Commits](https://github.com/codecov/codecov-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-05-26 04:11:36 +00:00
Shivam Mathur
810a92a9b0
Merge pull request #597 from turrisxyz/Dependabot-GitHub-Actions
chore: Included githubactions in the dependabot config
2022-05-26 09:40:26 +05:30
naveen
9c760dd6e2 chore: Included githubactions in the dependabot config
This should help with keeping the GitHub actions updated on new releases. This will also help with keeping it secure.

Dependabot helps in keeping the supply chain secure https://docs.github.com/en/code-security/dependabot

GitHub actions up to date https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot

https://github.com/ossf/scorecard/blob/main/docs/checks.md#dependency-update-tool
Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
2022-05-26 02:48:43 +00:00
nathannaveen
787285e08a chore: Set permissions for GitHub actions
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.

- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)

Signed-off-by: nathannaveen <42319948+nathannaveen@users.noreply.github.com>
2022-05-26 00:50:23 +00:00
Shivam Mathur
6cba851606
Add support for Ubuntu 22.04 2022-05-06 05:43:20 +05:30
jrfnl
33ad931dbb
GH Actions: version update for actions/cache
The update doesn't actually contain any changed functionality, it's mostly just a change of the Node version used by the action itself (from Node 12 to Node 16), but see the changelog for more info.

Refs:
* https://github.com/actions/cache/releases/
2022-03-21 15:39:20 +01:00
jrfnl
ddf8825c2f
GH Actions: version update for various predefined actions
A number of predefined actions have had major release, which warrant an update the workflow(s).

These updates don't actually contain any changed functionality, they are mostly just a change of the Node version used by the action itself (from Node 14 to Node 16).

Refs:
* https://github.com/actions/download-artifact/releases
* https://github.com/actions/upload-artifact/releases
2022-03-05 16:11:15 +01:00
Shivam Mathur
4678e809c3
Bump actions/checkout to v3 2022-03-02 06:00:52 +05:30
Shivam Mathur
44ff4ed92d
Refactor workflows and templates 2022-01-29 07:29:03 +05:30
Shivam Mathur
175c9649c4
Fix sending coverage to codecov in node workflow 2022-01-29 04:14:07 +05:30
Shivam Mathur
0a601ebeee
Use windows-2019 runner in CI workflow 2022-01-27 08:25:50 +05:30
Shivam Mathur
9ca9ab33ef
Update docs workflow 2022-01-20 22:03:33 +05:30
Shivam Mathur
14a9f0b4ae
Add CodeQL workflow
Add npm audit to the node workflow

Remove stepsecurity action from workflows
2022-01-20 21:45:07 +05:30
Shivam Mathur
cca8ad3588
Fix node-release workflow to add lib to the packages 2021-12-17 18:34:16 +05:30
Shivam Mathur
f4d1db5c23
Update Node version to 16.x 2021-12-07 21:33:45 +05:30
Shivam Mathur
cecf84878d
Update Harden Runner step in node workflows 2021-12-07 21:26:23 +05:30
Shivam Mathur
bee5abe269
Bump extension cache key in workflow.yml 2021-11-24 18:23:02 +05:30
Shivam Mathur
dfc02c42d9
Bump extension cache key in workflow.yml 2021-11-11 19:55:50 +05:30
Shivam Mathur
123f6df529
Improve npm release workflow [skip ci] 2021-11-11 05:26:21 +05:30
Shivam Mathur
341cf69e13
Add allowed endpoints to node workflow 2021-11-10 08:36:00 +05:30
Shivam Mathur
f7b503e36b
Add action to harden runner in node workflow 2021-11-10 06:17:07 +05:30
Aneesh Relan
b3bf0f3990 fix: remove dry run 2021-10-05 23:23:05 +05:30
Aneesh Relan
8426bf89fd ci: add github action to publish to npm and github packages 2021-10-05 23:10:58 +05:30
Shivam Mathur
a34eeedd37
Bump version to 2.14.0
Add config to generate types

Fix build error in install.ts after TypeScript upgrade

Minor refactor in install.test.ts

Add bugs, directories, files and types entries in package.json

Update Node.js dependencies

Update SECURITY.md
2021-09-11 05:25:45 +05:30
Shivam Mathur
6473b1c04c
Add 8.2 to the workflows 2021-09-02 00:18:50 +05:30
Shivam Mathur
ed62711289
Update sponsor options [skip ci] 2021-08-28 12:14:51 +05:30
Shivam Mathur
b717b2fcde
Rename macos-11.0 to macos-11 2021-08-18 09:52:47 +05:30
Shivam Mathur
947009a717
Sunset support for Ubuntu 16.04 2021-08-02 23:10:43 +05:30
Shivam Mathur
909090903e
Update SECURITY.md 2021-04-19 17:06:01 +05:30
Shivam Mathur
75a1b03f39
Update Node version to 15.x 2021-04-19 17:06:00 +05:30
Shivam Mathur
de8537f42a
Use lcov.info for coverage 2021-04-15 16:54:35 +05:30
Shivam Mathur
113fcc64e3
Fix docs workflow
Do not run docs workflow on macos-11.0

Run docs workflow on saturday
2021-03-03 09:16:13 +05:30
Shivam Mathur
068c794af7
Change Node.js version in the workflow 2021-01-07 00:14:26 +05:30
Shivam Mathur
5a15252e66
Fix docs workflow 2020-12-01 08:48:41 +05:30
Shivam Mathur
31fa0d7883
Bump version to 2.8.0 2020-11-20 08:39:41 +05:30
Shivam Mathur
385e3b6e96
Revert "Remove dashes from step ids"
This reverts commit 4d5f03db8a.
2020-11-20 08:39:37 +05:30
Shivam Mathur
68fbd80105
Add workflow to add default extensions on wiki 2020-11-02 04:47:28 +05:30
Shivam Mathur
215b040f0d
Fix contribution docs 2020-10-31 14:55:27 +05:30
Shivam Mathur
8816b6ff48
Add PHP 8.1 to the main workflow 2020-10-18 19:41:54 +05:30
Shivam Mathur
465e63b28c
Bump version to 2.6.0 2020-10-15 14:16:21 +05:30
Shivam Mathur
16b0a25bf6
Bump version to 2.5.0 2020-10-15 14:16:10 +05:30
Shivam Mathur
83bdf158fa
Fix coverage message in node workflow 2020-08-02 19:09:46 +05:30