XhmikosR
4fd06daa6d
dependabot.yml: move actions before pip
2024-04-03 17:00:59 +03:00
XhmikosR
11f8e20042
Minor whitespace/line endings consistency changes
2024-04-03 17:00:58 +03:00
dependabot[bot]
afd066e8e6
Bump actions/dependency-review-action from 3 to 4
...
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) from 3 to 4.
- [Release notes](https://github.com/actions/dependency-review-action/releases )
- [Commits](https://github.com/actions/dependency-review-action/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: actions/dependency-review-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-02-01 00:31:45 +00:00
Steven Black
88f178710e
Merge pull request #2548 from StevenBlack/dependabot/github_actions/github/codeql-action-3
...
Bump github/codeql-action from 2 to 3
2024-01-15 20:21:30 -05:00
dependabot[bot]
1bdbdfe097
Bump github/codeql-action from 2 to 3
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2 to 3.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-01-01 01:08:09 +00:00
dependabot[bot]
a225bbddef
Bump actions/setup-python from 4 to 5
...
Bumps [actions/setup-python](https://github.com/actions/setup-python ) from 4 to 5.
- [Release notes](https://github.com/actions/setup-python/releases )
- [Commits](https://github.com/actions/setup-python/compare/v4...v5 )
---
updated-dependencies:
- dependency-name: actions/setup-python
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-01-01 01:07:59 +00:00
XhmikosR
e2d262809e
CI: reduce CI matrix
...
Run the oldest and the latest supported versions on macOS and Windows
2023-12-10 09:18:04 +02:00
XhmikosR
45276ff4bc
CI: remove Python 3.7, add Python 3.12
2023-12-10 08:50:50 +02:00
Steven Black
581cc63395
Removing stale bot; thank you for your service.
2023-10-12 09:29:28 -04:00
Sean
b46f32728d
Invert logo color for dark theme
2023-10-06 00:57:11 +08:00
Steven Black
c557e2e856
Merge pull request #2470 from StevenBlack/dependabot/github_actions/actions/checkout-4
...
Bump actions/checkout from 3 to 4
2023-10-01 15:14:43 -04:00
Steven Black
df52f06ff4
Merge pull request #2469 from StevenBlack/dependabot/github_actions/docker/setup-buildx-action-3
...
Bump docker/setup-buildx-action from 2 to 3
2023-10-01 15:14:17 -04:00
Steven Black
232ec8443f
Merge pull request #2468 from StevenBlack/dependabot/github_actions/docker/login-action-3
...
Bump docker/login-action from 2 to 3
2023-10-01 15:14:06 -04:00
Steven Black
79958bb0e6
Merge pull request #2467 from StevenBlack/dependabot/github_actions/docker/build-push-action-5
...
Bump docker/build-push-action from 4 to 5
2023-10-01 15:13:47 -04:00
dependabot[bot]
5cca0e924c
Bump actions/checkout from 3 to 4
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-10-01 00:32:59 +00:00
dependabot[bot]
d28f94c9dd
Bump docker/setup-buildx-action from 2 to 3
...
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) from 2 to 3.
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](https://github.com/docker/setup-buildx-action/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-10-01 00:32:54 +00:00
dependabot[bot]
0a0ca47ac6
Bump docker/login-action from 2 to 3
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 2 to 3.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](https://github.com/docker/login-action/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: docker/login-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-10-01 00:32:49 +00:00
dependabot[bot]
51995304ea
Bump docker/build-push-action from 4 to 5
...
Bumps [docker/build-push-action](https://github.com/docker/build-push-action ) from 4 to 5.
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](https://github.com/docker/build-push-action/compare/v4...v5 )
---
updated-dependencies:
- dependency-name: docker/build-push-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-10-01 00:32:45 +00:00
dependabot[bot]
257b52c13b
Bump docker/metadata-action from 4 to 5
...
Bumps [docker/metadata-action](https://github.com/docker/metadata-action ) from 4 to 5.
- [Release notes](https://github.com/docker/metadata-action/releases )
- [Upgrade guide](https://github.com/docker/metadata-action/blob/master/UPGRADE.md )
- [Commits](https://github.com/docker/metadata-action/compare/v4...v5 )
---
updated-dependencies:
- dependency-name: docker/metadata-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-10-01 00:32:41 +00:00
Steven Black
3dc0b5f962
Merge pull request #2281 from XhmikosR/patch-2
2023-04-08 11:30:03 -04:00
XhmikosR
d3d4124e7e
Remove unneeded trailing whitespaces
2023-04-08 14:55:22 +03:00
XhmikosR
82e6358811
CI: limit pushes to master
2023-04-08 14:29:41 +03:00
dependabot[bot]
9c17dc5f71
Bump docker/build-push-action from 3 to 4
...
Bumps [docker/build-push-action](https://github.com/docker/build-push-action ) from 3 to 4.
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](https://github.com/docker/build-push-action/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: docker/build-push-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-02-01 00:02:43 +00:00
dependabot[bot]
a8d0b8cd76
Bump actions/dependency-review-action from 2 to 3
...
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) from 2 to 3.
- [Release notes](https://github.com/actions/dependency-review-action/releases )
- [Commits](https://github.com/actions/dependency-review-action/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: actions/dependency-review-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-12-01 00:01:28 +00:00
XhmikosR
f9a8908b24
CI: add Python 3.11
2022-11-13 08:06:30 +02:00
XhmikosR
5b8e0707fe
CI: remove git credentials after checkout
2022-11-13 08:02:41 +02:00
XhmikosR
56e34ab5a6
Update CodeQL workflow
2022-11-13 08:02:31 +02:00
Ruben ten Hove
787401a440
push on tags as well
2022-07-06 13:19:05 -04:00
Ruben ten Hove
dccb1e220f
remove 3.6; fix tests
2022-07-06 12:47:38 -04:00
Ruben ten Hove
258b10edc9
refactor: more containerization
2022-07-05 12:39:02 -04:00
Steven Black
1af0c9620c
Merge pull request #1993 from StevenBlack/dependabot/github_actions/actions/dependency-review-action-2
...
Bump actions/dependency-review-action from 1 to 2
2022-07-01 23:12:34 -04:00
dependabot[bot]
a9d214f57d
Bump actions/setup-python from 3 to 4
...
Bumps [actions/setup-python](https://github.com/actions/setup-python ) from 3 to 4.
- [Release notes](https://github.com/actions/setup-python/releases )
- [Commits](https://github.com/actions/setup-python/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: actions/setup-python
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-07-01 00:07:39 +00:00
dependabot[bot]
c1232095bf
Bump actions/dependency-review-action from 1 to 2
...
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) from 1 to 2.
- [Release notes](https://github.com/actions/dependency-review-action/releases )
- [Commits](https://github.com/actions/dependency-review-action/compare/v1...v2 )
---
updated-dependencies:
- dependency-name: actions/dependency-review-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-07-01 00:07:34 +00:00
Steven Black
a0e307373d
Merge pull request #1980 from turrisxyz/Dependency-GitHub
...
chore(deps): Included dependency review
2022-06-13 12:11:17 -04:00
naveen
4c18fb82dd
chore(deps): Included dependency review
...
> Dependency Review GitHub Action in your repository to enforce dependency
> reviews on your pull requests.
> The action scans for vulnerable versions of dependencies introduced by package version
> changes in pull requests,
> and warns you about the associated security vulnerabilities.
> This gives you better visibility of what's changing in a pull request,
> and helps prevent vulnerabilities being added to your repository.
https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review#dependency-review-enforcement
Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
2022-06-13 02:36:28 +00:00
dependabot[bot]
10db0f1783
Bump github/codeql-action from 1 to 2
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 1 to 2.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v1...v2 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-05-01 00:21:59 +00:00
naveensrinivasan
b742118cd1
Set permissions for GitHub actions
...
- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ )
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.
Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
2022-04-07 23:00:53 +00:00
XhmikosR
83a58c60a0
Update dependabot.yml
2022-03-12 17:32:00 +02:00
Steven Black
d96a4a98fc
Merge pull request #1921 from XhmikosR/dependabot
...
Add dependabot for pip and action updates
2022-03-12 10:25:44 -05:00
XhmikosR
1714afb293
Update CI
...
* drop Python 3.5
* add pip caching back
* run makeHosts.py too
2022-03-12 10:22:11 +02:00
XhmikosR
dd5334d1d3
Add dependabot for pip and action updates
2022-03-12 10:16:37 +02:00
XhmikosR
071a3a1e0e
CI: combine version steps
2022-03-07 08:58:22 +02:00
XhmikosR
491f45e017
CI: remove Python cache
...
Since we are still testing obsolete/unsupported Python versions, this is a workaround for the Windows Python 3.5 error.
It should be reverted later when support for Python 3.5 is dropped.
2022-03-07 08:53:37 +02:00
XhmikosR
823612498f
CI: update actions
...
* actions/checkout to v3
* actions/setup-python to v3
2022-03-06 20:56:24 +02:00
Steven Black
9ac65652e1
Merge pull request #1828 from XhmikosR/patch-2
...
Update CodeQL workflow
2021-12-12 10:52:27 -05:00
XhmikosR
73c8564b29
Update CI config
...
* `actions/setup-python` now has built-in support for caching
* add `workflow_dispatch` to add the ability to manually trigger the workflow
* add Python 3.10
* add workflow name
2021-12-12 15:37:11 +02:00
XhmikosR
0aaa893a1f
Update CodeQL workflow
...
* bring in the latest upstream changes
* add `workflow_dispatch` so that the workflow can be triggered manually
* remove autobuild since we don't need to build anything
* reindent
2021-12-12 15:29:30 +02:00
Steven Black
8b63b4dc90
Fix the github
line.
2021-12-11 14:58:29 -05:00
Steven Black
53740c42ec
Create FUNDING.yml, just experimenting with this.
2021-12-11 14:57:14 -05:00
XhmikosR
cbeadb1e2b
Update CI config
...
* remove unneeded `CI: true` env var since it's already set by the runner
* update to `actions/setup-python@v2`
* remove `x64` architecture since it's the default
2021-02-06 17:06:48 +02:00