Ruben ten Hove
787401a440
push on tags as well
2022-07-06 13:19:05 -04:00
Ruben ten Hove
dccb1e220f
remove 3.6; fix tests
2022-07-06 12:47:38 -04:00
Ruben ten Hove
258b10edc9
refactor: more containerization
2022-07-05 12:39:02 -04:00
Steven Black
1af0c9620c
Merge pull request #1993 from StevenBlack/dependabot/github_actions/actions/dependency-review-action-2
...
Bump actions/dependency-review-action from 1 to 2
2022-07-01 23:12:34 -04:00
dependabot[bot]
a9d214f57d
Bump actions/setup-python from 3 to 4
...
Bumps [actions/setup-python](https://github.com/actions/setup-python ) from 3 to 4.
- [Release notes](https://github.com/actions/setup-python/releases )
- [Commits](https://github.com/actions/setup-python/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: actions/setup-python
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-07-01 00:07:39 +00:00
dependabot[bot]
c1232095bf
Bump actions/dependency-review-action from 1 to 2
...
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) from 1 to 2.
- [Release notes](https://github.com/actions/dependency-review-action/releases )
- [Commits](https://github.com/actions/dependency-review-action/compare/v1...v2 )
---
updated-dependencies:
- dependency-name: actions/dependency-review-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-07-01 00:07:34 +00:00
Steven Black
a0e307373d
Merge pull request #1980 from turrisxyz/Dependency-GitHub
...
chore(deps): Included dependency review
2022-06-13 12:11:17 -04:00
naveen
4c18fb82dd
chore(deps): Included dependency review
...
> Dependency Review GitHub Action in your repository to enforce dependency
> reviews on your pull requests.
> The action scans for vulnerable versions of dependencies introduced by package version
> changes in pull requests,
> and warns you about the associated security vulnerabilities.
> This gives you better visibility of what's changing in a pull request,
> and helps prevent vulnerabilities being added to your repository.
https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review#dependency-review-enforcement
Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
2022-06-13 02:36:28 +00:00
dependabot[bot]
10db0f1783
Bump github/codeql-action from 1 to 2
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 1 to 2.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v1...v2 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-05-01 00:21:59 +00:00
naveensrinivasan
b742118cd1
Set permissions for GitHub actions
...
- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ )
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.
Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
2022-04-07 23:00:53 +00:00
XhmikosR
83a58c60a0
Update dependabot.yml
2022-03-12 17:32:00 +02:00
Steven Black
d96a4a98fc
Merge pull request #1921 from XhmikosR/dependabot
...
Add dependabot for pip and action updates
2022-03-12 10:25:44 -05:00
XhmikosR
1714afb293
Update CI
...
* drop Python 3.5
* add pip caching back
* run makeHosts.py too
2022-03-12 10:22:11 +02:00
XhmikosR
dd5334d1d3
Add dependabot for pip and action updates
2022-03-12 10:16:37 +02:00
XhmikosR
071a3a1e0e
CI: combine version steps
2022-03-07 08:58:22 +02:00
XhmikosR
491f45e017
CI: remove Python cache
...
Since we are still testing obsolete/unsupported Python versions, this is a workaround for the Windows Python 3.5 error.
It should be reverted later when support for Python 3.5 is dropped.
2022-03-07 08:53:37 +02:00
XhmikosR
823612498f
CI: update actions
...
* actions/checkout to v3
* actions/setup-python to v3
2022-03-06 20:56:24 +02:00
Steven Black
9ac65652e1
Merge pull request #1828 from XhmikosR/patch-2
...
Update CodeQL workflow
2021-12-12 10:52:27 -05:00
XhmikosR
73c8564b29
Update CI config
...
* `actions/setup-python` now has built-in support for caching
* add `workflow_dispatch` to add the ability to manually trigger the workflow
* add Python 3.10
* add workflow name
2021-12-12 15:37:11 +02:00
XhmikosR
0aaa893a1f
Update CodeQL workflow
...
* bring in the latest upstream changes
* add `workflow_dispatch` so that the workflow can be triggered manually
* remove autobuild since we don't need to build anything
* reindent
2021-12-12 15:29:30 +02:00
Steven Black
8b63b4dc90
Fix the github
line.
2021-12-11 14:58:29 -05:00
Steven Black
53740c42ec
Create FUNDING.yml, just experimenting with this.
2021-12-11 14:57:14 -05:00
XhmikosR
cbeadb1e2b
Update CI config
...
* remove unneeded `CI: true` env var since it's already set by the runner
* update to `actions/setup-python@v2`
* remove `x64` architecture since it's the default
2021-02-06 17:06:48 +02:00
Steven Black
458804c51c
Upgrade the congratulations on merging message to first time contributors.
2020-12-19 18:05:19 -05:00
Steven Black
833e3f8ef5
Merge pull request #1446 from XhmikosR/patch-2
...
Create codeql-analysis.yml
2020-10-31 16:34:23 -04:00
XhmikosR
dea68fc51d
Create codeql-analysis.yml
2020-10-31 18:58:49 +02:00
XhmikosR
c95763d3e1
CI: add Python 3.9
2020-10-31 18:38:40 +02:00
gfyoung
ab1bbe7b53
Extract flake8 config in setup.cfg
...
Now you can just run "flake8" when linting
2020-08-09 00:22:23 -07:00
XhmikosR
8b4c837d59
Remove miniconda and add Windows CI support
2020-07-24 07:36:17 +03:00
XhmikosR
eb4d002f13
Update CI config
...
* update to `actions/cache@v2`
* change cache key to take into account requirements.txt
2020-06-07 21:29:06 +03:00
XhmikosR
bdcb4954e9
CI: move lint before test and add Python 3.8
2020-04-29 15:31:55 +03:00
XhmikosR
125d7c8745
Switch to GitHub Actions CI.
2020-04-29 15:31:54 +03:00
XhmikosR
67bbfe06d2
Move logo to the repo.
...
Also compress it losslessly (29,2 KB -> 20,5 KB).
2020-03-21 22:38:32 +02:00
Steven Black
dc51c546be
Fix typo in the Stale Bot text.
2020-02-23 22:18:49 -05:00
Steven Black
8a5ab54b17
Add the ‘enhancement’ to the list of labels ignored by Stale Bot.
2020-02-23 22:15:14 -05:00
Steven Black
f0ffddd599
Add Stale Bot configuration file.
2020-02-23 22:12:34 -05:00
Steven Black
3d027fd436
Configuration for the welcome bot.
2017-10-11 23:41:56 -04:00