Commit Graph

83 Commits

Author SHA1 Message Date
El RIDO
ba4878056b
misleading documentation 2022-10-26 05:51:36 +02:00
El RIDO
ae6248e27e
handle github actions deprecation warnings
see: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
2022-10-26 05:48:51 +02:00
rugk
48bb2fdf0f
Use NodeJs v16 for tests
So 14 worked, let's try 16. (Actually noticed fedora uses v16 not 14 which makes sense if you see the support time.)
2022-07-10 00:13:47 +02:00
El RIDO
b46b4300ec
Merge pull request #955 from PrivateBin/node14
chore: run tests with NodeJS 14
2022-07-09 17:45:23 +02:00
rugk
e536db9b7e
style: run tests via npm script insread of custom command
I.e. not call mocha directly but let the script defined in package.json do it's job.
2022-07-09 17:04:28 +02:00
rugk
9a476ac34d chore: switch to proper cache file now we have it, i.e. package-lock.json
as per https://github.com/actions/setup-node#caching-global-packages-data
2022-07-09 17:00:45 +02:00
rugk
79fd33d21f
chore: run tests with NodeJS 14
I expect no stuff to break or so, so let's just try to use the current recommend LTS version. (v14 will also die at some time, but Fedora e.g. still seems to use it for now by default. Likely we may upgrade soon even more.)

Ref https://nodejs.org/en/about/releases/
2022-07-09 16:57:06 +02:00
rugk
08946d1cab Use npm ci instead of npm install for tests in CI
So it uses the package-json.lock file actually.
2022-07-09 16:48:21 +02:00
El RIDO
9b132f4054
Merge pull request #941 from PrivateBin/dependabot/github_actions/actions/checkout-3
Bump actions/checkout from 2 to 3
2022-06-10 05:04:21 +02:00
El RIDO
e052dd9d83
Merge pull request #940 from PrivateBin/dependabot/github_actions/actions/cache-3
Bump actions/cache from 2 to 3
2022-06-10 05:03:19 +02:00
dependabot[bot]
b6f35fc8ab
Bump actions/checkout from 2 to 3
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-06-10 03:02:26 +00:00
El RIDO
9291e57ac6
Merge pull request #939 from PrivateBin/dependabot/github_actions/github/codeql-action-2
Bump github/codeql-action from 1 to 2
2022-06-10 05:02:04 +02:00
dependabot[bot]
be23ae2874
Bump actions/cache from 2 to 3
Bumps [actions/cache](https://github.com/actions/cache) from 2 to 3.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-06-10 02:59:25 +00:00
dependabot[bot]
86794be1c4
Bump github/codeql-action from 1 to 2
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 1 to 2.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v1...v2)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-06-10 02:59:19 +00:00
dependabot[bot]
48a6bf4416
Bump actions/setup-node from 2 to 3
Bumps [actions/setup-node](https://github.com/actions/setup-node) from 2 to 3.
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/setup-node
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-06-10 02:59:15 +00:00
rugk
3c8c32fbcb
Add/enable Dependabot to keep dependencies up-to-date
Enabled update checking via Dependabot for
* GitHub Actions for updates or in case you are going to use that (just my default)
* PHP aka Composer

We successfully use it [for our Docker container](https://github.com/PrivateBin/docker-nginx-fpm-alpine/blob/master/.github/dependabot.yml) and IMHO that has worked quite well, so IMHO, we can also use it here now.
2022-06-09 23:42:03 +02:00
El RIDO
2c01892ee1
bump github/codeql-action from 1 to 2 2022-04-28 19:47:28 +02:00
El RIDO
a15b395eaf
fix php8 refresh workflow
requires updating the commit action due to
https://github.com/github-actions-x/commit/issues/30
2022-04-14 06:19:19 +02:00
El RIDO
15a9b8d826
fix php8 refresh workflow
requires updating the commit action due to
https://github.com/github-actions-x/commit/issues/30
2022-04-14 06:17:10 +02:00
El RIDO
d2126d6dd6
fix php8 refresh workflow
requires updating the commit action due to
https://github.com/github-actions-x/commit/issues/30
2022-04-14 06:08:48 +02:00
El RIDO
b80b318e38
spaces 2021-10-30 17:23:09 +02:00
rugk
1fff4bf4d7
Also set author for merge commit
Follow-up of 41898282+github-actions[bot]@users.noreply.github.com again

In contrast to your suggestion, @elrido, I did use GitHubs bot account again. The mails won't spam anyone, and it's actually intended for such stuff.
Also, we get a proper avatar on GitHub's commit messages etc., and of course we know it is actually GitHubs (servers) that do this change.
2021-10-30 16:53:42 +02:00
rugk
aa6e2f7631
Set GitHub Bot as author for PHP8 merge commits 2021-10-23 15:04:54 +02:00
rugk
af852927a9
Fix PHP refresh pipeline merge
See https://github.com/PrivateBin/PrivateBin/pull/847#issuecomment-942580850

Now merging the origin as master is not yet pulled.
2021-10-13 20:07:45 +02:00
rugk
f6421c9c7c
Fix PHP8 pipeline
As per https://github.com/PrivateBin/PrivateBin/pull/843#issuecomment-939526915

Co-Authored-By: El RIDO <elrido@gmx.net>
2021-10-11 17:45:42 +02:00
rugk
c7cd450f9b
Remove useless boilerplate comments 2021-10-06 20:19:03 +02:00
rugk
a988be7431
Add CI for automatic PHP8 updates
Adds a simple CI for pushing the master branches changes to the php8 branch.

Useful/discussed for https://github.com/PrivateBin/PrivateBin/issues/707
2021-10-06 20:13:09 +02:00
El RIDO
51a590c3c7
Merge pull request #841 from PrivateBin/ci-problem-matchers
Setup CI problem matchers for PHP
2021-10-02 20:15:22 +02:00
rugk
f4e68fcc04
style: better YAML comments 2021-10-02 01:12:08 +02:00
rugk
f43a41c117
Update tests.yml 2021-10-02 01:07:57 +02:00
rugk
ab11fbeb47
Fix syntax error
Apparently in envs the OS etc. syntax is not supported, so we need to use it like this.
2021-10-02 01:01:24 +02:00
rugk
5f4fe52eab
Use package-json instead of package-lock.json
for cache
2021-10-02 00:56:44 +02:00
rugk
b80732f8e2
Add caching for NodeJS 2021-10-02 00:55:08 +02:00
rugk
a372ee92e9
Fix wrong cache key 2021-10-02 00:43:54 +02:00
rugk
e2ae0da4e1
Style cleanup adding newlines
Seems to be the unofficial GitHub Actions YAML style and arguably makes things a lot more readable if you have a lot of steps…
2021-10-02 00:41:54 +02:00
rugk
3f7bceb862
Also cache PHP extensions
See https://github.com/shivammathur/cache-extensions#workflow
2021-10-02 00:38:21 +02:00
rugk
507a10adc5
Use composer.json instead of composer.lock
In a cache
2021-10-02 00:32:57 +02:00
rugk
a8f7840d25
Only restore cache from current date then 2021-10-02 00:29:48 +02:00
rugk
3ba6483bf3
Try caching composer stuff
Especially the GCM stuff may be quite large, so caching may be a good idea.

I tried following https://github.com/shivammathur/setup-php#cache-composer-dependencies
2021-10-02 00:27:57 +02:00
El RIDO
197c4a34e8
fix snyk 2021-06-05 08:25:19 +02:00
El RIDO
7a3a306ddc
fix snyk 2021-06-05 08:22:50 +02:00
El RIDO
cbdcaf4c30
fix snyk 2021-06-05 08:14:04 +02:00
El RIDO
371dca1986
ensure the GCS library and dependencies get included in the scan 2021-06-05 08:10:12 +02:00
rugk
8bc97517fb
Add Snyk security scan for PHP
After I found https://github.com/PrivateBin/docker-nginx-fpm-alpine/pull/44 I saw they also support PHP, so let's do it here (one level before container packaging), too.
Also it complements the CodeQL analysis, which only covers the JS part.

I added the API token to the PrivateBIn org now.
2021-06-04 23:43:01 +02:00
El RIDO
93138cbbae
we already test this via the regular unit tests 2021-05-30 09:26:13 +02:00
El RIDO
fc5e380ccc
fix composer test on PHP 8 2021-05-30 09:18:56 +02:00
El RIDO
33587d54e4
fix composer test on PHP 8 2021-05-30 09:17:23 +02:00
El RIDO
b939b64778
Merge branch 'issue-794/add-gcs-support' of https://github.com/binxio/PrivateBin into binxio-issue-794/add-gcs-support 2021-05-30 07:57:58 +02:00
Mark van Holsteijn
342270d6dd added Google Cloud Storage support 2021-05-28 22:39:50 +02:00
rugk
156155663d
Create codeql-analysis.yml
Only supports JS for now.

I've removed the build step, because welł… our JS is already "built".
2021-01-26 16:37:53 +01:00