From 00e08539ca5ff25307997d8c845296376a1cd858 Mon Sep 17 00:00:00 2001 From: laurentsimon Date: Mon, 10 Jan 2022 23:19:46 +0000 Subject: [PATCH 01/18] prepare release --- code-scanning/scorecards.yml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/code-scanning/scorecards.yml b/code-scanning/scorecards.yml index 8b2346a..ba42ef0 100644 --- a/code-scanning/scorecards.yml +++ b/code-scanning/scorecards.yml @@ -17,6 +17,8 @@ jobs: permissions: # Needed to upload the results to code-scanning dashboard. security-events: write + actions: read + contents: read steps: - name: "Checkout code" @@ -34,8 +36,8 @@ jobs: repo_token: ${{ secrets.SCORECARD_TOKEN }} # Publish the results to enable scorecard badges. For more details, see # https://github.com/ossf/scorecard-action#publishing-results. - # If you are installing the action on a private repo, set it to `publish_results: false` - # or comment out the following line. + # Note: for private repositories, the value of `publish_results` set here + # is ignored and defaults to false. publish_results: true # Upload the results as artifacts (optional). From b0f310cefc1cd8acd28eb8680356f1b084414f09 Mon Sep 17 00:00:00 2001 From: laurentsimon Date: Mon, 10 Jan 2022 23:52:58 +0000 Subject: [PATCH 02/18] update token name --- code-scanning/scorecards.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/code-scanning/scorecards.yml b/code-scanning/scorecards.yml index ba42ef0..6cbdaaf 100644 --- a/code-scanning/scorecards.yml +++ b/code-scanning/scorecards.yml @@ -33,7 +33,7 @@ jobs: results_format: sarif # Read-only PAT token. To create it, # follow the steps in https://github.com/ossf/scorecard-action#pat-token-creation. - repo_token: ${{ secrets.SCORECARD_TOKEN }} + repo_token: ${{ secrets.SCORECARD_READ_TOKEN }} # Publish the results to enable scorecard badges. For more details, see # https://github.com/ossf/scorecard-action#publishing-results. # Note: for private repositories, the value of `publish_results` set here From aa643dfa0c1ddbdc15fe80baa4c7bf5a60eca2a6 Mon Sep 17 00:00:00 2001 From: laurentsimon Date: Thu, 13 Jan 2022 22:29:39 +0000 Subject: [PATCH 03/18] bump hash --- code-scanning/scorecards.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/code-scanning/scorecards.yml b/code-scanning/scorecards.yml index 6cbdaaf..a756c2b 100644 --- a/code-scanning/scorecards.yml +++ b/code-scanning/scorecards.yml @@ -27,7 +27,7 @@ jobs: persist-credentials: false - name: "Run analysis" - uses: ossf/scorecard-action@175f59783fa96e44dd6fa96619ab7bdacab56b5c # v0.0.1 + uses: ossf/scorecard-action@0fe1afdc40f536c78e3dc69147b91b3ecec2cc8a # v1.0.0 with: results_file: results.sarif results_format: sarif From 1b10c28ff42916ad2a9d5f9566d39656df9e6372 Mon Sep 17 00:00:00 2001 From: laurentsimon Date: Fri, 14 Jan 2022 03:00:11 +0000 Subject: [PATCH 04/18] rem tabs and update comment --- code-scanning/scorecards.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/code-scanning/scorecards.yml b/code-scanning/scorecards.yml index a756c2b..cbd0e01 100644 --- a/code-scanning/scorecards.yml +++ b/code-scanning/scorecards.yml @@ -1,5 +1,5 @@ name: Scorecards supply-chain security -on: +on: # Only the default branch is supported. branch_protection_rule: schedule: @@ -19,7 +19,7 @@ jobs: security-events: write actions: read contents: read - + steps: - name: "Checkout code" uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 # v2.4.0 @@ -36,8 +36,8 @@ jobs: repo_token: ${{ secrets.SCORECARD_READ_TOKEN }} # Publish the results to enable scorecard badges. For more details, see # https://github.com/ossf/scorecard-action#publishing-results. - # Note: for private repositories, the value of `publish_results` set here - # is ignored and defaults to false. + # For private repositories, `publish_results` will automatically be set to `false`, + # regardless of the value entered here. publish_results: true # Upload the results as artifacts (optional). @@ -47,7 +47,7 @@ jobs: name: SARIF file path: results.sarif retention-days: 5 - + # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" uses: github/codeql-action/upload-sarif@5f532563584d71fdef14ee64d17bafb34f751ce5 # v1.0.26 From 588f02dade95e45435f1a970cde5258223b6f9ab Mon Sep 17 00:00:00 2001 From: Manuel Date: Sat, 15 Jan 2022 00:05:31 +0100 Subject: [PATCH 05/18] Switch java distribution from 'adopt' to 'temurin' (#1065) adopt is rebranded into temurin see https://blog.adoptopenjdk.net/2021/03/transition-to-eclipse-an-update/ --- ci/android.yml | 2 +- ci/ant.yml | 2 +- ci/gradle-publish.yml | 2 +- ci/gradle.yml | 2 +- ci/maven-publish.yml | 2 +- ci/maven.yml | 2 +- ci/scala.yml | 2 +- 7 files changed, 7 insertions(+), 7 deletions(-) diff --git a/ci/android.yml b/ci/android.yml index 3037b9f..f289bd5 100644 --- a/ci/android.yml +++ b/ci/android.yml @@ -17,7 +17,7 @@ jobs: uses: actions/setup-java@v2 with: java-version: '11' - distribution: 'adopt' + distribution: 'temurin' cache: gradle - name: Grant execute permission for gradlew diff --git a/ci/ant.yml b/ci/ant.yml index 655a94c..0205d40 100644 --- a/ci/ant.yml +++ b/ci/ant.yml @@ -20,6 +20,6 @@ jobs: uses: actions/setup-java@v2 with: java-version: '11' - distribution: 'adopt' + distribution: 'temurin' - name: Build with Ant run: ant -noinput -buildfile build.xml diff --git a/ci/gradle-publish.yml b/ci/gradle-publish.yml index f24c004..26bc0df 100644 --- a/ci/gradle-publish.yml +++ b/ci/gradle-publish.yml @@ -25,7 +25,7 @@ jobs: uses: actions/setup-java@v2 with: java-version: '11' - distribution: 'adopt' + distribution: 'temurin' server-id: github # Value of the distributionManagement/repository/id field of the pom.xml settings-path: ${{ github.workspace }} # location for the settings.xml file diff --git a/ci/gradle.yml b/ci/gradle.yml index b83458c..cc63e9a 100644 --- a/ci/gradle.yml +++ b/ci/gradle.yml @@ -24,7 +24,7 @@ jobs: uses: actions/setup-java@v2 with: java-version: '11' - distribution: 'adopt' + distribution: 'temurin' - name: Build with Gradle uses: gradle/gradle-build-action@4137be6a8bf7d7133955359dbd952c0ca73b1021 with: diff --git a/ci/maven-publish.yml b/ci/maven-publish.yml index 18dd937..319f9a1 100644 --- a/ci/maven-publish.yml +++ b/ci/maven-publish.yml @@ -21,7 +21,7 @@ jobs: uses: actions/setup-java@v2 with: java-version: '11' - distribution: 'adopt' + distribution: 'temurin' server-id: github # Value of the distributionManagement/repository/id field of the pom.xml settings-path: ${{ github.workspace }} # location for the settings.xml file diff --git a/ci/maven.yml b/ci/maven.yml index ac3b6de..f301fe0 100644 --- a/ci/maven.yml +++ b/ci/maven.yml @@ -20,7 +20,7 @@ jobs: uses: actions/setup-java@v2 with: java-version: '11' - distribution: 'adopt' + distribution: 'temurin' cache: maven - name: Build with Maven run: mvn -B package --file pom.xml diff --git a/ci/scala.yml b/ci/scala.yml index 4a3c112..af6b2ed 100644 --- a/ci/scala.yml +++ b/ci/scala.yml @@ -17,6 +17,6 @@ jobs: uses: actions/setup-java@v2 with: java-version: '11' - distribution: 'adopt' + distribution: 'temurin' - name: Run tests run: sbt test From b224dd844994cf72698787cfaa6e91d3b9bcef14 Mon Sep 17 00:00:00 2001 From: laurentsimon Date: Fri, 14 Jan 2022 21:38:04 +0000 Subject: [PATCH 06/18] update icon --- code-scanning/scorecards.yml | 2 +- icons/scorecards.svg | 366 +---------------------------------- 2 files changed, 2 insertions(+), 366 deletions(-) diff --git a/code-scanning/scorecards.yml b/code-scanning/scorecards.yml index cbd0e01..2172aba 100644 --- a/code-scanning/scorecards.yml +++ b/code-scanning/scorecards.yml @@ -27,7 +27,7 @@ jobs: persist-credentials: false - name: "Run analysis" - uses: ossf/scorecard-action@0fe1afdc40f536c78e3dc69147b91b3ecec2cc8a # v1.0.0 + uses: ossf/scorecard-action@f5a7da46837397de5331ea22ce0099e2bfe265d0 # v1.0.1 with: results_file: results.sarif results_format: sarif diff --git a/icons/scorecards.svg b/icons/scorecards.svg index 9db608c..9433c91 100644 --- a/icons/scorecards.svg +++ b/icons/scorecards.svg @@ -1,365 +1 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + \ No newline at end of file From 94100d1d4a908d4b49a2c82511353ec7b670cc07 Mon Sep 17 00:00:00 2001 From: laurentsimon Date: Fri, 14 Jan 2022 21:44:30 +0000 Subject: [PATCH 07/18] bump --- code-scanning/scorecards.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/code-scanning/scorecards.yml b/code-scanning/scorecards.yml index 2172aba..dbae361 100644 --- a/code-scanning/scorecards.yml +++ b/code-scanning/scorecards.yml @@ -27,7 +27,7 @@ jobs: persist-credentials: false - name: "Run analysis" - uses: ossf/scorecard-action@f5a7da46837397de5331ea22ce0099e2bfe265d0 # v1.0.1 + uses: ossf/scorecard-action@e3e75cf2ffbf9364bbff86cdbdf52b23176fe492 # v1.0.1 with: results_file: results.sarif results_format: sarif From f31e3a9c9dda4c8027904038d1e7e1c54695dc7d Mon Sep 17 00:00:00 2001 From: Beth G Date: Sat, 15 Jan 2022 07:11:46 +0100 Subject: [PATCH 08/18] Add Datadog Synthetics GitHub action to starter workflows (#1342) --- ci/datadog-synthetics.yml | 38 +++++++++++++++++++ .../datadog-synthetics.properties.json | 6 +++ icons/datadog.svg | 4 ++ 3 files changed, 48 insertions(+) create mode 100644 ci/datadog-synthetics.yml create mode 100644 ci/properties/datadog-synthetics.properties.json create mode 100644 icons/datadog.svg diff --git a/ci/datadog-synthetics.yml b/ci/datadog-synthetics.yml new file mode 100644 index 0000000..7056f87 --- /dev/null +++ b/ci/datadog-synthetics.yml @@ -0,0 +1,38 @@ +# This workflow will trigger Datadog Synthetic tests within your Datadog organisation +# For more information on running Synthetic tests within your GitHub workflows see: https://docs.datadoghq.com/synthetics/cicd_integrations/github_actions/ + +# This workflow uses actions that are not certified by GitHub. +# They are provided by a third-party and are governed by +# separate terms of service, privacy policy, and support +# documentation. + +# To get started: + +# 1. Add your Datadog API (DD_API_KEY) and Application Key (DD_APP_KEY) as secrets to your GitHub repository. For more information, see: https://docs.datadoghq.com/account_management/api-app-keys/. +# 2. Start using the action within your workflow + +name: Run Datadog Synthetic tests + +on: + push: + branches: [ $default-branch ] + pull_request: + branches: [ $default-branch ] + +jobs: + build: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v2 + + # Run Synthetic tests within your GitHub workflow. + # For additional configuration options visit the action within the marketplace: https://github.com/marketplace/actions/datadog-synthetics-ci + - name: Run Datadog Synthetic tests + uses: DataDog/synthetics-ci-github-action@2b56dc0cca9daa14ab69c0d1d6844296de8f941e + with: + api_key: ${{secrets.DD_API_KEY}} + app_key: ${{secrets.DD_APP_KEY}} + test_search_query: 'tag:e2e-tests' #Modify this tag to suit your tagging strategy + + diff --git a/ci/properties/datadog-synthetics.properties.json b/ci/properties/datadog-synthetics.properties.json new file mode 100644 index 0000000..5a4f74d --- /dev/null +++ b/ci/properties/datadog-synthetics.properties.json @@ -0,0 +1,6 @@ +{ + "name": "Datadog Synthetics", + "description": "Run Datadog Synthetic tests within your GitHub Actions workflow", + "iconName": "datadog", + "categories": ["Continuous integration", "JavaScript", "TypeScript", "Testing"] +} diff --git a/icons/datadog.svg b/icons/datadog.svg new file mode 100644 index 0000000..91cb3b6 --- /dev/null +++ b/icons/datadog.svg @@ -0,0 +1,4 @@ + + + + From 11778e9eb06ef161f9f8fc44f9d82ca4b79675e3 Mon Sep 17 00:00:00 2001 From: Bishal Prasad Date: Mon, 17 Jan 2022 13:17:29 +0530 Subject: [PATCH 09/18] Add check for GITHUB_TOKEN permissions (#1354) --- .github/pull_request_template.md | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md index 6494e8d..752dd99 100644 --- a/.github/pull_request_template.md +++ b/.github/pull_request_template.md @@ -26,6 +26,7 @@ It is not: - [ ] Should use sentence case for the names of workflows and steps (for example, "Run tests"). - [ ] Should be named _only_ by the name of the language or platform (for example, "Go", not "Go CI" or "Go Build"). - [ ] Should include comments in the workflow for any parts that are not obvious or could use clarification. +- [ ] Should specify least priviledge [permissions](https://docs.github.com/en/actions/security-guides/automatic-token-authentication#modifying-the-permissions-for-the-github_token) for `GITHUB_TOKEN` so that the workflow runs successfully. **For _CI_ workflows, the workflow:** From 5635bf05bcf0ed0db83494aca58ccaf979eed483 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Andr=C3=A9=20Arko?= Date: Mon, 17 Jan 2022 12:34:33 -0800 Subject: [PATCH 10/18] Upgrade Rails workflow to true CI (#1353) * Upgrade Rails workflow to true CI The existing Rails CI example only runs linters, which is not continuous integration. This change brings the Rails example workflow up to par with the other web framework CI flows, like Django. This example is optimized for Rails 7, which does not include NodeJS, webpack, or yarn by default. No Rails application code changes are required for this flow to run the tests, and both minitest and rspec are supported via the `test` rake task. * add Rails icon * use env vars, hopefully * use the full hash for ruby/setup-ruby * remove PORT since services cannot use it * stop repeating identical step envs * resolve env var declaration error * update setup-ruby to the SHA of v1.92 * use setup-ruby SHA for lint job too Co-authored-by: Bishal Prasad --- .../rubyonrails-lint.properties.json | 6 -- ci/properties/rubyonrails.properties.json | 6 ++ ci/rubyonrails-lint.yml | 32 ---------- ci/rubyonrails.yml | 58 +++++++++++++++++++ icons/rails.svg | 1 + 5 files changed, 65 insertions(+), 38 deletions(-) delete mode 100644 ci/properties/rubyonrails-lint.properties.json create mode 100644 ci/properties/rubyonrails.properties.json delete mode 100644 ci/rubyonrails-lint.yml create mode 100644 ci/rubyonrails.yml create mode 100644 icons/rails.svg diff --git a/ci/properties/rubyonrails-lint.properties.json b/ci/properties/rubyonrails-lint.properties.json deleted file mode 100644 index e6e5f69..0000000 --- a/ci/properties/rubyonrails-lint.properties.json +++ /dev/null @@ -1,6 +0,0 @@ -{ - "name": "Rails - Install Dependencies and Run Linters", - "description": "Install dependencies and run linters on Rails application", - "iconName": "ruby", - "categories": ["Continuous integration", "Ruby", "Rails"] -} diff --git a/ci/properties/rubyonrails.properties.json b/ci/properties/rubyonrails.properties.json new file mode 100644 index 0000000..49b29a4 --- /dev/null +++ b/ci/properties/rubyonrails.properties.json @@ -0,0 +1,6 @@ +{ + "name": "Ruby on Rails continuous integration", + "description": "Build, lint, and test a Rails application", + "iconName": "rails", + "categories": ["Continuous integration", "Ruby", "Rails"] +} diff --git a/ci/rubyonrails-lint.yml b/ci/rubyonrails-lint.yml deleted file mode 100644 index d95b70e..0000000 --- a/ci/rubyonrails-lint.yml +++ /dev/null @@ -1,32 +0,0 @@ -# This workflow uses actions that are not certified by GitHub. -# They are provided by a third-party and are governed by -# separate terms of service, privacy policy, and support -# documentation. -# This workflow will download a prebuilt Ruby version, install dependencies, and run linters -name: Rails - Install dependencies and run linters - -on: - push: - branches: [ $default-branch ] - pull_request: - branches: [ $default-branch ] -jobs: - run-lint: - runs-on: ubuntu-latest - steps: - - name: Checkout code - uses: actions/checkout@v2 - - - name: Setup Ruby and install gems - uses: ruby/setup-ruby@473e4d8fe5dd94ee328fdfca9f8c9c7afc9dae5e - with: - bundler-cache: true - # Add or Replace any other security checks here - - name: Run security checks - run: | - bin/bundler-audit --update - bin/brakeman -q -w2 - # Add or Replace any other Linters here - - name: Run linters - run: | - bin/rubocop --parallel \ No newline at end of file diff --git a/ci/rubyonrails.yml b/ci/rubyonrails.yml new file mode 100644 index 0000000..b7b3624 --- /dev/null +++ b/ci/rubyonrails.yml @@ -0,0 +1,58 @@ +# This workflow uses actions that are not certified by GitHub. They are +# provided by a third-party and are governed by separate terms of service, +# privacy policy, and support documentation. +# +# This workflow will install a prebuilt Ruby version, install dependencies, and +# run tests and linters. +name: "Ruby on Rails CI" +on: + push: + branches: [ $default-branch ] + pull_request: + branches: [ $default-branch ] +jobs: + test: + runs-on: ubuntu-latest + services: + postgres: + image: postgres:11-alpine + ports: + - "5432:5432" + env: + POSTGRES_DB: rails_test + POSTGRES_USER: rails + POSTGRES_PASSWORD: password + env: + RAILS_ENV: test + DATABASE_URL: "postgres://rails:password@localhost:5432/rails_test" + steps: + - name: Checkout code + uses: actions/checkout@v2 + # Add or replace dependency steps here + - name: Install Ruby and gems + uses: ruby/setup-ruby@8f312efe1262fb463d906e9bf040319394c18d3e # v1.92 + with: + bundler-cache: true + # Add or replace database setup steps here + - name: Set up database schema + run: bin/rails db:schema:load + # Add or replace test runners here + - name: Run tests + run: bin/rake + + lint: + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v2 + - name: Install Ruby and gems + uses: ruby/setup-ruby@8f312efe1262fb463d906e9bf040319394c18d3e # v1.92 + with: + bundler-cache: true + # Add or replace any other lints here + - name: Security audit dependencies + run: bin/bundler-audit --update + - name: Security audit application code + run: bin/brakeman -q -w2 + - name: Lint Ruby files + run: bin/rubocop --parallel diff --git a/icons/rails.svg b/icons/rails.svg new file mode 100644 index 0000000..5e1f8f8 --- /dev/null +++ b/icons/rails.svg @@ -0,0 +1 @@ + From ba97234b6070487094b58c0bd01959c47d29c20d Mon Sep 17 00:00:00 2001 From: Jason Freeberg Date: Tue, 18 Jan 2022 14:07:26 -0800 Subject: [PATCH 11/18] Fix indentation error (#1356) --- deployments/azure-container-webapp.yml | 34 +++++++++++++------------- 1 file changed, 17 insertions(+), 17 deletions(-) diff --git a/deployments/azure-container-webapp.yml b/deployments/azure-container-webapp.yml index 7c7bb2a..57fe362 100644 --- a/deployments/azure-container-webapp.yml +++ b/deployments/azure-container-webapp.yml @@ -62,21 +62,21 @@ jobs: tags: ghcr.io/${{ env.REPO }}:${{ github.sha }} file: ./Dockerfile - deploy: - runs-on: ubuntu-latest - needs: build - environment: - name: 'Development' - url: ${{ steps.deploy-to-webapp.outputs.webapp-url }} + deploy: + runs-on: ubuntu-latest + needs: build + environment: + name: 'Development' + url: ${{ steps.deploy-to-webapp.outputs.webapp-url }} - steps: - - name: Lowercase the repo name and username - run: echo "REPO=${GITHUB_REPOSITORY,,}" >>${GITHUB_ENV} - - - name: Deploy to Azure Web App - id: deploy-to-webapp - uses: azure/webapps-deploy@v2 - with: - app-name: ${{ env.AZURE_WEBAPP_NAME }} - publish-profile: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE }} - images: 'ghcr.io/${{ env.REPO }}:${{ github.sha }}' + steps: + - name: Lowercase the repo name and username + run: echo "REPO=${GITHUB_REPOSITORY,,}" >>${GITHUB_ENV} + + - name: Deploy to Azure Web App + id: deploy-to-webapp + uses: azure/webapps-deploy@v2 + with: + app-name: ${{ env.AZURE_WEBAPP_NAME }} + publish-profile: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE }} + images: 'ghcr.io/${{ env.REPO }}:${{ github.sha }}' From a96d2407b59e6e123df45d05c846d2ae3073d6aa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?C=C3=A9sar=20Rom=C3=A1n?= Date: Wed, 19 Jan 2022 15:41:20 -0800 Subject: [PATCH 12/18] fix(ci): pylint.yml (#1108) ref: #636. `pylint` command does not work I've had success running the modified command [here](https://github.com/thecesrom/incendium/blob/project/.github/workflows/pylint.yml). Co-authored-by: Josh Gross --- ci/pylint.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ci/pylint.yml b/ci/pylint.yml index 10c49c6..7b555fe 100644 --- a/ci/pylint.yml +++ b/ci/pylint.yml @@ -20,4 +20,4 @@ jobs: pip install pylint - name: Analysing the code with pylint run: | - pylint `ls -R|grep .py$|xargs` + pylint $(git ls-files '*.py') From ffa80e095edd0b21cda81cc3836cf3b7c863c355 Mon Sep 17 00:00:00 2001 From: Andrew Wiltshire <62200778+AW1534@users.noreply.github.com> Date: Thu, 20 Jan 2022 03:30:56 +0000 Subject: [PATCH 13/18] fixed grammatical error in node.js.yml (#1358) --- ci/node.js.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ci/node.js.yml b/ci/node.js.yml index 89b24fe..8d1b9c7 100644 --- a/ci/node.js.yml +++ b/ci/node.js.yml @@ -1,4 +1,4 @@ -# This workflow will do a clean install of node dependencies, cache/restore them, build the source code and run tests across different versions of node +# This workflow will do a clean installation of node dependencies, cache/restore them, build the source code and run tests across different versions of node # For more information see: https://help.github.com/actions/language-and-framework-guides/using-nodejs-with-github-actions name: Node.js CI From 41e7dd427d1cc358f8c78d1e511ba122d68f761e Mon Sep 17 00:00:00 2001 From: laurentsimon <64505099+laurentsimon@users.noreply.github.com> Date: Mon, 24 Jan 2022 08:27:33 -0800 Subject: [PATCH 14/18] Scorecards: update hash to v1.0.2 We fixed a small issue and need to update the hash --- code-scanning/scorecards.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/code-scanning/scorecards.yml b/code-scanning/scorecards.yml index dbae361..618ce28 100644 --- a/code-scanning/scorecards.yml +++ b/code-scanning/scorecards.yml @@ -27,7 +27,7 @@ jobs: persist-credentials: false - name: "Run analysis" - uses: ossf/scorecard-action@e3e75cf2ffbf9364bbff86cdbdf52b23176fe492 # v1.0.1 + uses: ossf/scorecard-action@c8416b0b2bf627c349ca92fc8e3de51a64b005cf # v1.0.2 with: results_file: results.sarif results_format: sarif From 7a56117f9857b2b4b87c448f9ba839d0e1549a47 Mon Sep 17 00:00:00 2001 From: Bishal Prasad Date: Thu, 27 Jan 2022 10:27:08 +0530 Subject: [PATCH 15/18] Rename node.js.yml to bishal-node.js.yml --- ci/{node.js.yml => bishal-node.js.yml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename ci/{node.js.yml => bishal-node.js.yml} (100%) diff --git a/ci/node.js.yml b/ci/bishal-node.js.yml similarity index 100% rename from ci/node.js.yml rename to ci/bishal-node.js.yml From c0b54905907ff685ff46b29437472d3ff5844709 Mon Sep 17 00:00:00 2001 From: Bishal Prasad Date: Thu, 27 Jan 2022 10:27:32 +0530 Subject: [PATCH 16/18] Rename ci/bishal-node.js.yml to node.js.yml --- ci/bishal-node.js.yml => node.js.yml | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename ci/bishal-node.js.yml => node.js.yml (100%) diff --git a/ci/bishal-node.js.yml b/node.js.yml similarity index 100% rename from ci/bishal-node.js.yml rename to node.js.yml From 80404f48bc4162e425999b01ab82ec254a061371 Mon Sep 17 00:00:00 2001 From: Bishal Prasad Date: Thu, 27 Jan 2022 10:28:39 +0530 Subject: [PATCH 17/18] Rename node.js.yml to ci/node.js.yml --- node.js.yml => ci/node.js.yml | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename node.js.yml => ci/node.js.yml (100%) diff --git a/node.js.yml b/ci/node.js.yml similarity index 100% rename from node.js.yml rename to ci/node.js.yml From 1220bda7e4d820b469f0312332df5902cdf9257d Mon Sep 17 00:00:00 2001 From: Aarnav Pai <52203828+arnu515@users.noreply.github.com> Date: Thu, 27 Jan 2022 21:21:47 +0530 Subject: [PATCH 18/18] Fix version of `denoland/setup-deno` (#1369) * Fix version of `denoland/setup-deno` * Update deno.yml --- ci/deno.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ci/deno.yml b/ci/deno.yml index 38f2319..25e9e2a 100644 --- a/ci/deno.yml +++ b/ci/deno.yml @@ -24,7 +24,7 @@ jobs: - name: Setup Deno # uses: denoland/setup-deno@v1 - uses: denoland/setup-deno@004814556e37c54a2f6e31384c9e18e9833173669 + uses: denoland/setup-deno@004814556e37c54a2f6e31384c9e18e983317366 with: deno-version: v1.x