mirrors
/
nextcloud
mirror of https://github.com/nextcloud/server.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 1008 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
74966 Commits
423 Branches
Tree: ff92ab1fb1
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'ff92ab1fb1'
${ noResults }
nextcloud/.github/workflows/static-code-analysis.yml

static-code-analysis.yml 3.0KB
Raw Normal View History

chore: Add SPDX header Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>
1 month ago
fix(actions): Update psalm github action Signed-off-by: John Molakvoæ <skjnldsv@protonmail.com>
1 year ago
Hello psalm Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
4 years ago
chore(actions): update php min supported to 8.0 Signed-off-by: John Molakvoæ <skjnldsv@protonmail.com>
1 year ago
Hello psalm Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
4 years ago
ci: Specify concurrency to help with consecutive pushes Signed-off-by: Joas Schilling <coding@schilljs.com>
8 months ago
Hello psalm Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
4 years ago
chore(actions): update php min supported to 8.0 Signed-off-by: John Molakvoæ <skjnldsv@protonmail.com>
1 year ago
fix(actions): Update psalm github action Signed-off-by: John Molakvoæ <skjnldsv@protonmail.com>
1 year ago
Save some CI time Signed-off-by: Joas Schilling <coding@schilljs.com>
1 year ago
chore(actions): update php min supported to 8.0 Signed-off-by: John Molakvoæ <skjnldsv@protonmail.com>
1 year ago
chore(deps): bump the github-actions group across 1 directory with 5 updates Bumps the github-actions group with 5 updates in the / directory: | Package | From | To | | --- | --- | --- | | [dorny/paths-filter](https://github.com/dorny/paths-filter) | `2.11.1` | `3.0.2` | | [actions/checkout](https://github.com/actions/checkout) | `4.1.2` | `4.1.6` | | [skjnldsv/read-package-engines-version-actions](https://github.com/skjnldsv/read-package-engines-version-actions) | `2.2` | `3` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.3.1` | `4.3.3` | | [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) | `6.0.2` | `6.0.5` | Updates `dorny/paths-filter` from 2.11.1 to 3.0.2 - [Release notes](https://github.com/dorny/paths-filter/releases) - [Changelog](https://github.com/dorny/paths-filter/blob/master/CHANGELOG.md) - [Commits](https://github.com/dorny/paths-filter/compare/v2.11.1...de90cc6fb38fc0963ad72b210f1f284cd68cea36) Updates `actions/checkout` from 4.1.2 to 4.1.6 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v4.1.2...a5ac7e51b41094c92402da3b24376905380afc29) Updates `skjnldsv/read-package-engines-version-actions` from 2.2 to 3 - [Release notes](https://github.com/skjnldsv/read-package-engines-version-actions/releases) - [Commits](https://github.com/skjnldsv/read-package-engines-version-actions/compare/v2.2...06d6baf7d8f41934ab630e97d9e6c0bc9c9ac5e4) Updates `actions/upload-artifact` from 4.3.1 to 4.3.3 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v4.3.1...65462800fd760344b1a7b4382951275a0abb4808) Updates `peter-evans/create-pull-request` from 6.0.2 to 6.0.5 - [Release notes](https://github.com/peter-evans/create-pull-request/releases) - [Commits](https://github.com/peter-evans/create-pull-request/compare/v6.0.2...6d6857d36972b65feb161a90e484f2984215f83e) --- updated-dependencies: - dependency-name: dorny/paths-filter dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: skjnldsv/read-package-engines-version-actions dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: peter-evans/create-pull-request dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com>
1 month ago
chore(actions): update php min supported to 8.0 Signed-off-by: John Molakvoæ <skjnldsv@protonmail.com>
1 year ago
feat: drop support for php 8.0 Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
3 months ago
fix(psalm): Install apcu, ftp and ldap extension like in static-code-analysis-security Signed-off-by: Joas Schilling <coding@schilljs.com>
1 year ago
chore(actions): update php min supported to 8.0 Signed-off-by: John Molakvoæ <skjnldsv@protonmail.com>
1 year ago
chore(CI): Improve rate limit situation when installing phpunit Signed-off-by: Joas Schilling <coding@schilljs.com>
1 year ago
chore(actions): update php min supported to 8.0 Signed-off-by: John Molakvoæ <skjnldsv@protonmail.com>
1 year ago
fix(CI): Temporary workaround - Run Psalm CI with 1 thread only so it finishes Signed-off-by: Joas Schilling <coding@schilljs.com>
1 year ago
Prettify static-code-analysis.yml Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
1 year ago
Merge back the two static analysis workflows together Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
1 year ago
Always show the psalm baseline change, even on failure Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
1 year ago
chore(actions): update php min supported to 8.0 Signed-off-by: John Molakvoæ <skjnldsv@protonmail.com>
1 year ago
Prettify static-code-analysis.yml Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
1 year ago
Merge back the two static analysis workflows together Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
1 year ago
Always upload psalm result to github Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
1 year ago
chore(deps): Bump github/codeql-action from 2 to 3 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2 to 3. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/v2...v3) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
6 months ago
Merge back the two static analysis workflows together Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
1 year ago
chore(actions): update php min supported to 8.0 Signed-off-by: John Molakvoæ <skjnldsv@protonmail.com>
1 year ago
Merge back the two static analysis workflows together Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
1 year ago
Prettify static-code-analysis.yml Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
1 year ago
Merge back the two static analysis workflows together Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
1 year ago
chore(deps): bump the github-actions group across 1 directory with 5 updates Bumps the github-actions group with 5 updates in the / directory: | Package | From | To | | --- | --- | --- | | [dorny/paths-filter](https://github.com/dorny/paths-filter) | `2.11.1` | `3.0.2` | | [actions/checkout](https://github.com/actions/checkout) | `4.1.2` | `4.1.6` | | [skjnldsv/read-package-engines-version-actions](https://github.com/skjnldsv/read-package-engines-version-actions) | `2.2` | `3` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.3.1` | `4.3.3` | | [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) | `6.0.2` | `6.0.5` | Updates `dorny/paths-filter` from 2.11.1 to 3.0.2 - [Release notes](https://github.com/dorny/paths-filter/releases) - [Changelog](https://github.com/dorny/paths-filter/blob/master/CHANGELOG.md) - [Commits](https://github.com/dorny/paths-filter/compare/v2.11.1...de90cc6fb38fc0963ad72b210f1f284cd68cea36) Updates `actions/checkout` from 4.1.2 to 4.1.6 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v4.1.2...a5ac7e51b41094c92402da3b24376905380afc29) Updates `skjnldsv/read-package-engines-version-actions` from 2.2 to 3 - [Release notes](https://github.com/skjnldsv/read-package-engines-version-actions/releases) - [Commits](https://github.com/skjnldsv/read-package-engines-version-actions/compare/v2.2...06d6baf7d8f41934ab630e97d9e6c0bc9c9ac5e4) Updates `actions/upload-artifact` from 4.3.1 to 4.3.3 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v4.3.1...65462800fd760344b1a7b4382951275a0abb4808) Updates `peter-evans/create-pull-request` from 6.0.2 to 6.0.5 - [Release notes](https://github.com/peter-evans/create-pull-request/releases) - [Commits](https://github.com/peter-evans/create-pull-request/compare/v6.0.2...6d6857d36972b65feb161a90e484f2984215f83e) --- updated-dependencies: - dependency-name: dorny/paths-filter dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: skjnldsv/read-package-engines-version-actions dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: peter-evans/create-pull-request dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com>
1 month ago
Merge back the two static analysis workflows together Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
1 year ago
Prettify static-code-analysis.yml Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
1 year ago
Merge back the two static analysis workflows together Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
1 year ago
feat: drop support for php 8.0 Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
3 months ago
ci(psalm): Install ftp extension for security scans Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
1 year ago
Merge back the two static analysis workflows together Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
1 year ago
Prettify static-code-analysis.yml Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
1 year ago
Merge back the two static analysis workflows together Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
1 year ago
Prettify static-code-analysis.yml Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
1 year ago
Merge back the two static analysis workflows together Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
1 year ago
fix(CI): Temporary workaround - Run Psalm CI with 1 thread only so it finishes Signed-off-by: Joas Schilling <coding@schilljs.com>
1 year ago
Prettify static-code-analysis.yml Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
1 year ago
Merge back the two static analysis workflows together Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
1 year ago
Always upload psalm result to github Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
1 year ago
chore(deps): Bump github/codeql-action from 2 to 3 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2 to 3. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/v2...v3) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
6 months ago
Merge back the two static analysis workflows together Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
1 year ago
chore(actions): update php min supported to 8.0 Signed-off-by: John Molakvoæ <skjnldsv@protonmail.com>
1 year ago
fix(actions): Update psalm github action Signed-off-by: John Molakvoæ <skjnldsv@protonmail.com>
1 year ago
chore(actions): update php min supported to 8.0 Signed-off-by: John Molakvoæ <skjnldsv@protonmail.com>
1 year ago
chore(deps): bump the github-actions group across 1 directory with 5 updates Bumps the github-actions group with 5 updates in the / directory: | Package | From | To | | --- | --- | --- | | [dorny/paths-filter](https://github.com/dorny/paths-filter) | `2.11.1` | `3.0.2` | | [actions/checkout](https://github.com/actions/checkout) | `4.1.2` | `4.1.6` | | [skjnldsv/read-package-engines-version-actions](https://github.com/skjnldsv/read-package-engines-version-actions) | `2.2` | `3` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.3.1` | `4.3.3` | | [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) | `6.0.2` | `6.0.5` | Updates `dorny/paths-filter` from 2.11.1 to 3.0.2 - [Release notes](https://github.com/dorny/paths-filter/releases) - [Changelog](https://github.com/dorny/paths-filter/blob/master/CHANGELOG.md) - [Commits](https://github.com/dorny/paths-filter/compare/v2.11.1...de90cc6fb38fc0963ad72b210f1f284cd68cea36) Updates `actions/checkout` from 4.1.2 to 4.1.6 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v4.1.2...a5ac7e51b41094c92402da3b24376905380afc29) Updates `skjnldsv/read-package-engines-version-actions` from 2.2 to 3 - [Release notes](https://github.com/skjnldsv/read-package-engines-version-actions/releases) - [Commits](https://github.com/skjnldsv/read-package-engines-version-actions/compare/v2.2...06d6baf7d8f41934ab630e97d9e6c0bc9c9ac5e4) Updates `actions/upload-artifact` from 4.3.1 to 4.3.3 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v4.3.1...65462800fd760344b1a7b4382951275a0abb4808) Updates `peter-evans/create-pull-request` from 6.0.2 to 6.0.5 - [Release notes](https://github.com/peter-evans/create-pull-request/releases) - [Commits](https://github.com/peter-evans/create-pull-request/compare/v6.0.2...6d6857d36972b65feb161a90e484f2984215f83e) --- updated-dependencies: - dependency-name: dorny/paths-filter dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: skjnldsv/read-package-engines-version-actions dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: peter-evans/create-pull-request dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com>
1 month ago
chore(actions): update php min supported to 8.0 Signed-off-by: John Molakvoæ <skjnldsv@protonmail.com>
1 year ago
feat: drop support for php 8.0 Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
3 months ago
chore(actions): update php min supported to 8.0 Signed-off-by: John Molakvoæ <skjnldsv@protonmail.com>
1 year ago
chore(CI): Improve rate limit situation when installing phpunit Signed-off-by: Joas Schilling <coding@schilljs.com>
1 year ago
chore(actions): update php min supported to 8.0 Signed-off-by: John Molakvoæ <skjnldsv@protonmail.com>
1 year ago
fix(CI): Temporary workaround - Run Psalm CI with 1 thread only so it finishes Signed-off-by: Joas Schilling <coding@schilljs.com>
1 year ago
Prettify static-code-analysis.yml Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
1 year ago
chore(actions): update php min supported to 8.0 Signed-off-by: John Molakvoæ <skjnldsv@protonmail.com>
1 year ago
Always show the psalm baseline change, even on failure Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
1 year ago
Merge back the two static analysis workflows together Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
1 year ago
 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103 
  1. # SPDX-FileCopyrightText: 2020 Nextcloud GmbH and Nextcloud contributors

  2. # SPDX-License-Identifier: MIT

  3. name: Psalm static code analysis

  4. 

  5. on:

  6.   pull_request:

  7. 

  8. concurrency:

  9.   group: static-code-analysis-${{ github.head_ref || github.run_id }}

  10.   cancel-in-progress: true

  11. 

  12. jobs:

  13.   static-code-analysis:

  14.     runs-on: ubuntu-latest

  15. 

  16.     if: ${{ github.repository_owner != 'nextcloud-gmbh' }}

  17. 

  18.     steps:

  19.       - name: Checkout

  20.         uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29

  21.         with:

  22.           submodules: true

  23. 

  24.       - name: Set up php

  25.         uses: shivammathur/setup-php@v2

  26.         with:

  27.           php-version: '8.1'

  28.           extensions: apcu,ctype,curl,dom,fileinfo,ftp,gd,intl,json,ldap,mbstring,openssl,pdo_sqlite,posix,sqlite,xml,zip

  29.           coverage: none

  30.         env:

  31.           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

  32. 

  33.       - name: Composer install

  34.         run: composer i

  35. 

  36.       - name: Psalm

  37.         run: composer run psalm:ci -- --monochrome --no-progress --output-format=github --update-baseline --report=results.sarif

  38. 

  39.       - name: Show potential changes in Psalm baseline

  40.         if: always()

  41.         run: git diff -- . ':!lib/composer'

  42. 

  43.       - name: Upload Analysis results to GitHub

  44.         if: always()

  45.         uses: github/codeql-action/upload-sarif@v3

  46.         with:

  47.           sarif_file: results.sarif

  48. 

  49.   static-code-analysis-security:

  50.     runs-on: ubuntu-latest

  51. 

  52.     steps:

  53.       - name: Checkout code

  54.         uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29

  55.         with:

  56.           submodules: true

  57. 

  58.       - name: Set up php

  59.         uses: shivammathur/setup-php@master

  60.         with:

  61.           php-version: '8.1'

  62.           extensions: ctype,curl,dom,fileinfo,ftp,gd,intl,json,ldap,mbstring,openssl,pdo_sqlite,posix,sqlite,xml,zip

  63.           coverage: none

  64. 

  65.       - name: Composer install

  66.         run: composer i

  67. 

  68.       - name: Psalm taint analysis

  69.         run: composer run psalm:ci -- --monochrome --no-progress --output-format=github --report=results.sarif --taint-analysis

  70. 

  71.       - name: Upload Security Analysis results to GitHub

  72.         if: always()

  73.         uses: github/codeql-action/upload-sarif@v3

  74.         with:

  75.           sarif_file: results.sarif

  76. 

  77.   static-code-analysis-ocp:

  78.     runs-on: ubuntu-latest

  79. 

  80.     steps:

  81.       - name: Checkout

  82.         uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29

  83.         with:

  84.           submodules: true

  85. 

  86.       - name: Set up php

  87.         uses: shivammathur/setup-php@v2

  88.         with:

  89.           php-version: '8.1'

  90.           extensions: ctype,curl,dom,fileinfo,gd,intl,json,mbstring,openssl,pdo_sqlite,posix,sqlite,xml,zip

  91.           coverage: none

  92.         env:

  93.           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

  94. 

  95.       - name: Composer install

  96.         run: composer i

  97. 

  98.       - name: Psalm

  99.         run: composer run psalm:ci -- -c psalm-ocp.xml --monochrome --no-progress --output-format=github --update-baseline

  100. 

  101.       - name: Show potential changes in Psalm baseline

  102.         if: always()

  103.         run: git diff -- . ':!lib/composer'