Marown/hosts
1
0
Fork 0
mirror of https://github.com/StevenBlack/hosts.git synced 2024-07-04 19:46:02 +02:00
Code Issues Packages Projects Releases Wiki Activity
2,981 Commits 1 Branch 657 Tags 1.6 GiB
1a293025de
Commit Graph

31 Commits

Author SHA1 Message Date
Steven Black
a0e307373d
Merge pull request #1980 from turrisxyz/Dependency-GitHub 
chore(deps): Included dependency review
 2022-06-13 12:11:17 -04:00
naveen
4c18fb82dd chore(deps): Included dependency review 
> Dependency Review GitHub Action in your repository to enforce dependency
> reviews on your pull requests.
> The action scans for vulnerable versions of dependencies introduced by package version
> changes in pull requests,
> and warns you about the associated security vulnerabilities.
> This gives you better visibility of what's changing in a pull request,
> and helps prevent vulnerabilities being added to your repository.

https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review#dependency-review-enforcement
Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
 2022-06-13 02:36:28 +00:00
dependabot[bot]
10db0f1783
Bump github/codeql-action from 1 to 2 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 1 to 2.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v1...v2)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-01 00:21:59 +00:00
naveensrinivasan
b742118cd1 Set permissions for GitHub actions 
- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)

 Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.

Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
 2022-04-07 23:00:53 +00:00
XhmikosR
83a58c60a0 Update dependabot.yml 2022-03-12 17:32:00 +02:00
Steven Black
d96a4a98fc
Merge pull request #1921 from XhmikosR/dependabot 
Add dependabot for pip and action updates
 2022-03-12 10:25:44 -05:00
XhmikosR
1714afb293 Update CI 
* drop Python 3.5
* add pip caching back
* run makeHosts.py too
 2022-03-12 10:22:11 +02:00
XhmikosR
dd5334d1d3 Add dependabot for pip and action updates 2022-03-12 10:16:37 +02:00
XhmikosR
071a3a1e0e CI: combine version steps 2022-03-07 08:58:22 +02:00
XhmikosR
491f45e017 CI: remove Python cache 
Since we are still testing obsolete/unsupported Python versions, this is a workaround for the Windows Python 3.5 error.

It should be reverted later when support for Python 3.5 is dropped.
 2022-03-07 08:53:37 +02:00
XhmikosR
823612498f CI: update actions 
* actions/checkout to v3
* actions/setup-python to v3
 2022-03-06 20:56:24 +02:00
Steven Black
9ac65652e1
Merge pull request #1828 from XhmikosR/patch-2 
Update CodeQL workflow
 2021-12-12 10:52:27 -05:00
XhmikosR
73c8564b29 Update CI config 
* `actions/setup-python` now has built-in support for caching
* add `workflow_dispatch` to add the ability to manually trigger the workflow
* add Python 3.10
* add workflow name
 2021-12-12 15:37:11 +02:00
XhmikosR
0aaa893a1f Update CodeQL workflow 
* bring in the latest upstream changes
* add `workflow_dispatch` so that the workflow can be triggered manually
* remove autobuild since we don't need to build anything
* reindent
 2021-12-12 15:29:30 +02:00
Steven Black
8b63b4dc90
Fix the github line. 2021-12-11 14:58:29 -05:00
Steven Black
53740c42ec
Create FUNDING.yml, just experimenting with this. 2021-12-11 14:57:14 -05:00
XhmikosR
cbeadb1e2b
Update CI config 
* remove unneeded `CI: true` env var since it's already set by the runner
* update to `actions/setup-python@v2`
* remove `x64` architecture since it's the default
 2021-02-06 17:06:48 +02:00
Steven Black
458804c51c
Upgrade the congratulations on merging message to first time contributors. 2020-12-19 18:05:19 -05:00
Steven Black
833e3f8ef5
Merge pull request #1446 from XhmikosR/patch-2 
Create codeql-analysis.yml
 2020-10-31 16:34:23 -04:00
XhmikosR
dea68fc51d Create codeql-analysis.yml 2020-10-31 18:58:49 +02:00
XhmikosR
c95763d3e1 CI: add Python 3.9 2020-10-31 18:38:40 +02:00
gfyoung
ab1bbe7b53
Extract flake8 config in setup.cfg 
Now you can just run "flake8" when linting
 2020-08-09 00:22:23 -07:00
XhmikosR
8b4c837d59 Remove miniconda and add Windows CI support 2020-07-24 07:36:17 +03:00
XhmikosR
eb4d002f13
Update CI config 
* update to `actions/cache@v2`
* change cache key to take into account requirements.txt
 2020-06-07 21:29:06 +03:00
XhmikosR
bdcb4954e9 CI: move lint before test and add Python 3.8 2020-04-29 15:31:55 +03:00
XhmikosR
125d7c8745 Switch to GitHub Actions CI. 2020-04-29 15:31:54 +03:00
XhmikosR
67bbfe06d2 Move logo to the repo. 
Also compress it losslessly (29,2 KB -> 20,5 KB).
 2020-03-21 22:38:32 +02:00
Steven Black
dc51c546be
Fix typo in the Stale Bot text. 2020-02-23 22:18:49 -05:00
Steven Black
8a5ab54b17
Add the ‘enhancement’ to the list of labels ignored by Stale Bot. 2020-02-23 22:15:14 -05:00
Steven Black
f0ffddd599
Add Stale Bot configuration file. 2020-02-23 22:12:34 -05:00
Steven Black
3d027fd436 Configuration for the welcome bot. 2017-10-11 23:41:56 -04:00