mirrors
/
nextcloud
zrcadlo https://github.com/nextcloud/server.git
Sledovat 1
Oblíbit 0
Rozštěpit 0
Zdrojový kód Úkoly 0 Vydání 1008 Wiki Aktivita
Procházet zdrojové kódy

fix(actions): Harden workflows when using variables in strings 

Signed-off-by: Joas Schilling <coding@schilljs.com>
pull/45710/head
Joas Schilling před 2 týdny
rodič
49c42c36ae
revize
54edf993d6
22 změnil soubory, kde provedl 78 přidání a 87 odebrání
Rozdělené zobrazení Ukázat statistiku rozdílových dat
  1. 4
    4
      .github/workflows/block-merge-eol.yml
  2. 1
    1
      .github/workflows/block-merge-freeze.yml
  3. 2
    2
      .github/workflows/block-outdated-3rdparty.yml
  4. 11
    11
      .github/workflows/command-compile.yml
  5. 6
    6
      .github/workflows/command-pull-3rdparty.yml
  6. 6
    5
      .github/workflows/cypress.yml
  7. 1
    1
      .github/workflows/dependabot-approve-merge.yml
  8. 1
    1
      .github/workflows/files-external-s3.yml
  9. 1
    1
      .github/workflows/files-external-sftp.yml
  10. 4
    5
      .github/workflows/lint-eslint.yml
  11. 2
    1
      .github/workflows/lint-php-cs.yml
  12. 2
    5
      .github/workflows/lint-php.yml
  13. 3
    3
      .github/workflows/node-test.yml
  14. 4
    5
      .github/workflows/node.yml
  15. 9
    11
      .github/workflows/npm-audit-fix.yml
  16. 2
    1
      .github/workflows/openapi.yml
  17. 3
    3
      .github/workflows/performance.yml
  18. 1
    6
      .github/workflows/phpunit-mariadb.yml
  19. 3
    3
      .github/workflows/pr-feedback.yml
  20. 4
    4
      .github/workflows/update-cacert-bundle.yml
  21. 4
    4
      .github/workflows/update-code-signing-crl.yml
  22. 4
    4
      .github/workflows/update-psalm-baseline.yml

+ 4
- 4
.github/workflows/block-merge-eol.yml Zobrazit soubor

@@ -26,15 +26,15 @@ jobs:
runs-on: ubuntu-latest-low

steps:
- name: Download updater config
run: curl https://raw.githubusercontent.com/nextcloud/updater_server/production/config/config.php --output config.php

- name: Set server major version environment
run: |
# retrieve version number from branch reference
server_major=$(echo "${{ github.base_ref }}" | sed -En 's/stable//p')
echo "server_major=$server_major" >> $GITHUB_ENV
echo "current_month=$(date +%Y-%m)" >> $GITHUB_ENV

- name: Checking if ${{ env.server_major }} is EOL
run: |
php -r 'echo json_encode(require_once "config.php");' | jq --arg version "${{ env.server_major }}" '.stable[$version]["100"].eol // .beta[$version]["100"].eol // "NotEOL"' | grep -q "NotEOL"
curl -s https://raw.githubusercontent.com/nextcloud-releases/updater_server/production/config/major_versions.json \
| jq '.["${{ env.server_major }}"]["eol"] // "9999-99" | . >= "${{ env.current_month }}"' \
| grep -q true

+ 1
- 1
.github/workflows/block-merge-freeze.yml Zobrazit soubor

@@ -29,7 +29,7 @@ jobs:

steps:
- name: Download version.php from ${{ github.base_ref }}
run: curl https://raw.githubusercontent.com/nextcloud/server/${{ github.base_ref }}/version.php --output version.php
run: curl 'https://raw.githubusercontent.com/nextcloud/server/${{ github.base_ref }}/version.php' --output version.php

- name: Run check
run: cat version.php | grep 'OC_VersionString' | grep -i -v 'RC'

+ 2
- 2
.github/workflows/block-outdated-3rdparty.yml Zobrazit soubor

@@ -46,8 +46,8 @@ jobs:
- name: Compare if 3rdparty commits are different
run: |
echo '3rdparty/ seems to not point to the last commit of the dedicated branch:'
echo "Branch has: ${{ steps.actual.outputs.commit }}"
echo "${{ github.base_ref }} has: ${{ steps.target.outputs.commit }}"
echo 'Branch has: ${{ steps.actual.outputs.commit }}'
echo '${{ github.base_ref }} has: ${{ steps.target.outputs.commit }}'

- name: Fail if 3rdparty commits are different
if: ${{ steps.changes.outputs.src != 'false' && steps.actual.outputs.commit != steps.target.outputs.commit }}

+ 11
- 11
.github/workflows/command-compile.yml Zobrazit soubor

@@ -37,7 +37,7 @@ jobs:
token: ${{ secrets.COMMAND_BOT_PAT }}
repository: ${{ github.event.repository.full_name }}
comment-id: ${{ github.event.comment.id }}
reactions: "+1"
reactions: '+1'

- name: Parse command
uses: skjnldsv/parse-command-comment@5c955203c52424151e6d0e58fb9de8a9f6a605a1 # v2
@@ -77,8 +77,8 @@ jobs:

- name: Setup git
run: |
git config --local user.email "nextcloud-command@users.noreply.github.com"
git config --local user.name "nextcloud-command"
git config --local user.email 'nextcloud-command@users.noreply.github.com'
git config --local user.name 'nextcloud-command'

- name: Read package.json node and npm engines version
uses: skjnldsv/read-package-engines-version-actions@06d6baf7d8f41934ab630e97d9e6c0bc9c9ac5e4 # v3
@@ -94,13 +94,13 @@ jobs:
cache: npm

- name: Set up npm ${{ steps.package-engines-versions.outputs.npmVersion }}
run: npm i -g npm@"${{ steps.package-engines-versions.outputs.npmVersion }}"
run: npm i -g 'npm@${{ steps.package-engines-versions.outputs.npmVersion }}'
- name: Rebase to ${{ needs.init.outputs.base_ref }}
if: ${{ contains(needs.init.outputs.arg1, 'rebase') }}
run: |
git fetch origin ${{ needs.init.outputs.base_ref }}:${{ needs.init.outputs.base_ref }}
git rebase origin/${{ needs.init.outputs.base_ref }}
git fetch origin '${{ needs.init.outputs.base_ref }}:${{ needs.init.outputs.base_ref }}'
git rebase 'origin/${{ needs.init.outputs.base_ref }}'

- name: Install dependencies & build
env:
@@ -113,30 +113,30 @@ jobs:
- name: Commit default
if: ${{ !contains(needs.init.outputs.arg1, 'fixup') && !contains(needs.init.outputs.arg1, 'amend') }}
run: |
git add ${{ github.workspace }}${{ needs.init.outputs.git_path }}
git add '${{ github.workspace }}${{ needs.init.outputs.git_path }}'
git commit --signoff -m 'chore(assets): Recompile assets'
- name: Commit fixup
if: ${{ contains(needs.init.outputs.arg1, 'fixup') }}
run: |
git add ${{ github.workspace }}${{ needs.init.outputs.git_path }}
git add '${{ github.workspace }}${{ needs.init.outputs.git_path }}'
git commit --fixup=HEAD --signoff

- name: Commit amend
if: ${{ contains(needs.init.outputs.arg1, 'amend') }}
run: |
git add ${{ github.workspace }}${{ needs.init.outputs.git_path }}
git add '${{ github.workspace }}${{ needs.init.outputs.git_path }}'
git commit --amend --no-edit --signoff
# Remove any [skip ci] from the amended commit
git commit --amend -m "$(git log -1 --format='%B' | sed '/\[skip ci\]/d')"
- name: Push normally
if: ${{ !contains(needs.init.outputs.arg1, 'rebase') && !contains(needs.init.outputs.arg1, 'amend') }}
run: git push origin ${{ needs.init.outputs.head_ref }}
run: git push origin '${{ needs.init.outputs.head_ref }}'

- name: Force push
if: ${{ contains(needs.init.outputs.arg1, 'rebase') || contains(needs.init.outputs.arg1, 'amend') }}
run: git push --force origin ${{ needs.init.outputs.head_ref }}
run: git push --force origin '${{ needs.init.outputs.head_ref }}'

- name: Add reaction on failure
uses: peter-evans/create-or-update-comment@71345be0265236311c031f5c7866368bd1eff043 # v4.0.0

+ 6
- 6
.github/workflows/command-pull-3rdparty.yml Zobrazit soubor

@@ -25,7 +25,7 @@ jobs:
token: ${{ secrets.COMMAND_BOT_PAT }}
repository: ${{ github.event.repository.full_name }}
comment-id: ${{ github.event.comment.id }}
reactions: "+1"
reactions: '+1'

- name: Init branch
uses: xt0rted/pull-request-comment-branch@d97294d304604fa98a2600a6e2f916a84b596dc7 # v1
@@ -40,16 +40,16 @@ jobs:

- name: Setup git
run: |
git config --local user.email "nextcloud-command@users.noreply.github.com"
git config --local user.name "nextcloud-command"
git config --local user.email 'nextcloud-command@users.noreply.github.com'
git config --local user.name 'nextcloud-command'

- name: Pull 3rdparty
run: git submodule foreach 'if [ "$sm_path" == "3rdparty" ]; then git pull origin ${{ github.event.issue.pull_request.base.ref }}; fi'
run: git submodule foreach 'if [ "$sm_path" == "3rdparty" ]; then git pull origin '"'"'${{ github.event.issue.pull_request.base.ref }}'"'"'; fi'

- name: Commit and push changes
run: |
git add 3rdparty
git commit -s -m "Update submodule 3rdparty to latest ${{ github.event.issue.pull_request.base.ref }}"
git commit -s -m 'Update submodule 3rdparty to latest ${{ github.event.issue.pull_request.base.ref }}'
git push

- name: Add reaction on failure
@@ -59,4 +59,4 @@ jobs:
token: ${{ secrets.COMMAND_BOT_PAT }}
repository: ${{ github.event.repository.full_name }}
comment-id: ${{ github.event.comment.id }}
reactions: "-1"
reactions: '-1'

+ 6
- 5
.github/workflows/cypress.yml Zobrazit soubor

@@ -17,6 +17,7 @@ concurrency:
env:
# Adjust APP_NAME if your repository name is different
APP_NAME: ${{ github.event.repository.name }}

# Server requires head_ref instead of base_ref, as we want to test the PR branch
BRANCH: ${{ github.head_ref || github.ref_name }}

@@ -52,7 +53,7 @@ jobs:
id: versions
with:
fallbackNode: "^20"
fallbackNpm: "^9"
fallbackNpm: "^10"

- name: Set up node ${{ steps.versions.outputs.nodeVersion }}
uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2
@@ -60,7 +61,7 @@ jobs:
node-version: ${{ steps.versions.outputs.nodeVersion }}

- name: Set up npm ${{ steps.versions.outputs.npmVersion }}
run: npm i -g npm@"${{ steps.versions.outputs.npmVersion }}"
run: npm i -g 'npm@${{ steps.versions.outputs.npmVersion }}'

- name: Install node dependencies & build app
run: |
@@ -85,9 +86,9 @@ jobs:
matrix:
# Run multiple copies of the current job in parallel
# Please increase the number or runners as your tests suite grows (0 based index for e2e tests)
containers: ["component", 0, 1, 2, 3, 4, 5]
containers: ["component", '0', '1', '2', '3', '4', '5']
# Hack as strategy.job-total includes the component and GitHub does not allow math expressions
# Always aling this number with the total of e2e runners (max. index + 1)
# Always align this number with the total of e2e runners (max. index + 1)
total-containers: [6]

name: runner ${{ matrix.containers }}
@@ -106,7 +107,7 @@ jobs:
node-version: ${{ needs.init.outputs.nodeVersion }}

- name: Set up npm ${{ needs.init.outputs.npmVersion }}
run: npm i -g npm@"${{ needs.init.outputs.npmVersion }}"
run: npm i -g 'npm@${{ needs.init.outputs.npmVersion }}'

- name: Run ${{ matrix.containers == 'component' && 'component' || 'E2E' }} cypress tests
uses: cypress-io/github-action@f88a151c986cab2e339cdbede6a5c4468bb62c17 # v6.7.0

+ 1
- 1
.github/workflows/dependabot-approve-merge.yml Zobrazit soubor

@@ -31,7 +31,7 @@ jobs:
pull-requests: write

steps:
# Github actions bot approve
# GitHub actions bot approve
- uses: hmarr/auto-approve-action@b40d6c9ed2fa10c9a2749eca7eb004418a705501 # v2
with:
github-token: ${{ secrets.GITHUB_TOKEN }}

+ 1
- 1
.github/workflows/files-external-s3.yml Zobrazit soubor

@@ -56,7 +56,7 @@ jobs:
MINIO_ROOT_PASSWORD: bWluaW8tc2VjcmV0LWtleS1uZXh0Y2xvdWQ=
MINIO_DEFAULT_BUCKETS: nextcloud
ports:
- "9000:9000"
- '9000:9000'

steps:
- name: Checkout server

+ 1
- 1
.github/workflows/files-external-sftp.yml Zobrazit soubor

@@ -61,7 +61,7 @@ jobs:
run: |
sudo mkdir /tmp/sftp
sudo chown -R 0777 /tmp/sftp
if [[ "${{ matrix.sftpd }}" == 'openssh' ]]; then docker run -p 2222:22 --name sftp -d -v /tmp/sftp:/home/test atmoz/sftp "test:test:::data"; fi
if [[ '${{ matrix.sftpd }}' == 'openssh' ]]; then docker run -p 2222:22 --name sftp -d -v /tmp/sftp:/home/test atmoz/sftp 'test:test:::data'; fi

- name: Set up php ${{ matrix.php-versions }}
uses: shivammathur/setup-php@c5fc0d8281aba02c7fda07d3a70cc5371548067d #v2.25.2

+ 4
- 5
.github/workflows/lint-eslint.yml Zobrazit soubor

@@ -8,8 +8,7 @@

name: Lint eslint

on:
pull_request:
on: pull_request

permissions:
contents: read
@@ -61,15 +60,15 @@ jobs:
id: versions
with:
fallbackNode: '^20'
fallbackNpm: '^9'
fallbackNpm: '^10'

- name: Set up node ${{ steps.versions.outputs.nodeVersion }}
uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2
uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v3
with:
node-version: ${{ steps.versions.outputs.nodeVersion }}

- name: Set up npm ${{ steps.versions.outputs.npmVersion }}
run: npm i -g npm@"${{ steps.versions.outputs.npmVersion }}"
run: npm i -g 'npm@${{ steps.versions.outputs.npmVersion }}'

- name: Install dependencies
env:

+ 2
- 1
.github/workflows/lint-php-cs.yml Zobrazit soubor

@@ -50,10 +50,11 @@ jobs:
- name: Checkout
uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6

- name: Set up php
- name: Set up php8.1
uses: shivammathur/setup-php@c665c7a15b5295c2488ac8a87af9cb806cd72198 # v2
with:
php-version: 8.1
extensions: bz2, ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, session, simplexml, xmlreader, xmlwriter, zip, zlib, sqlite, pdo_sqlite
coverage: none
ini-file: development
env:

+ 2
- 5
.github/workflows/lint-php.yml Zobrazit soubor

@@ -8,8 +8,7 @@

name: Lint php

on:
pull_request:
on: pull_request

permissions:
contents: read
@@ -21,10 +20,8 @@ concurrency:
jobs:
changes:
runs-on: ubuntu-latest-low

outputs:
src: ${{ steps.changes.outputs.src}}

steps:
- uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2
id: changes
@@ -50,7 +47,7 @@ jobs:

strategy:
matrix:
php-versions: [ "8.1", "8.2", "8.3" ]
php-versions: [ '8.1', '8.2', '8.3' ]

name: php-lint


+ 3
- 3
.github/workflows/node-test.yml Zobrazit soubor

@@ -88,7 +88,7 @@ jobs:
node-version: ${{ needs.versions.outputs.nodeVersion }}

- name: Set up npm ${{ needs.versions.outputs.npmVersion }}
run: npm i -g npm@"${{ needs.versions.outputs.npmVersion }}"
run: npm i -g 'npm@${{ needs.versions.outputs.npmVersion }}'

- name: Install dependencies & build
run: |
@@ -122,7 +122,7 @@ jobs:
node-version: ${{ needs.versions.outputs.nodeVersion }}

- name: Set up npm ${{ needs.versions.outputs.npmVersion }}
run: npm i -g npm@"${{ needs.versions.outputs.npmVersion }}"
run: npm i -g 'npm@${{ needs.versions.outputs.npmVersion }}'

- name: Install dependencies
run: npm ci
@@ -150,7 +150,7 @@ jobs:
node-version: ${{ needs.versions.outputs.nodeVersion }}

- name: Set up npm ${{ needs.versions.outputs.npmVersion }}
run: npm i -g npm@"${{ needs.versions.outputs.npmVersion }}"
run: npm i -g 'npm@${{ needs.versions.outputs.npmVersion }}'

- name: Install dependencies
run: npm ci

+ 4
- 5
.github/workflows/node.yml Zobrazit soubor

@@ -8,8 +8,7 @@

name: Node

on:
pull_request:
on: pull_request

permissions:
contents: read
@@ -59,15 +58,15 @@ jobs:
id: versions
with:
fallbackNode: '^20'
fallbackNpm: '^9'
fallbackNpm: '^10'

- name: Set up node ${{ steps.versions.outputs.nodeVersion }}
uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2
uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v3
with:
node-version: ${{ steps.versions.outputs.nodeVersion }}

- name: Set up npm ${{ steps.versions.outputs.npmVersion }}
run: npm i -g npm@"${{ steps.versions.outputs.npmVersion }}"
run: npm i -g 'npm@${{ steps.versions.outputs.npmVersion }}'

- name: Install dependencies & build
env:

+ 9
- 11
.github/workflows/npm-audit-fix.yml Zobrazit soubor

@@ -21,7 +21,7 @@ jobs:
strategy:
fail-fast: false
matrix:
branches: ["main", "master", "stable29", "stable28", "stable27"]
branches: ['main', 'master', 'stable29', 'stable28', 'stable27']

name: npm-audit-fix-${{ matrix.branches }}

@@ -36,25 +36,24 @@ jobs:
id: versions
with:
fallbackNode: '^20'
fallbackNpm: '^9'
fallbackNpm: '^10'

- name: Set up node ${{ steps.versions.outputs.nodeVersion }}
uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2
uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v3
with:
node-version: ${{ steps.versions.outputs.nodeVersion }}

- name: Set up npm ${{ steps.versions.outputs.npmVersion }}
run: npm i -g npm@"${{ steps.versions.outputs.npmVersion }}"
run: npm i -g 'npm@${{ steps.versions.outputs.npmVersion }}'

- name: Fix npm audit
run: |
npm audit fix
id: npm-audit
uses: nextcloud-libraries/npm-audit-action@2a60bd2e79cc77f2cc4d9a3fe40f1a69896f3a87 # v0.1.0

- name: Run npm ci and npm run build
if: always()
env:
CYPRESS_INSTALL_BINARY: 0
PUPPETEER_SKIP_DOWNLOAD: true
run: |
npm ci
npm run build --if-present
@@ -64,14 +63,13 @@ jobs:
uses: peter-evans/create-pull-request@6d6857d36972b65feb161a90e484f2984215f83e # v6.0.5
with:
token: ${{ secrets.COMMAND_BOT_PAT }}
commit-message: "fix(deps): fix npm audit"
commit-message: 'fix(deps): Fix npm audit'
committer: GitHub <noreply@github.com>
author: nextcloud-command <nextcloud-command@users.noreply.github.com>
signoff: true
branch: automated/noid/${{ matrix.branches }}-fix-npm-audit
title: "[${{ matrix.branches }}] Fix npm audit"
body: |
Auto-generated fix of npm audit
title: '[${{ matrix.branches }}] Fix npm audit'
body: ${{ steps.npm-audit.outputs.markdown }}
labels: |
dependencies
3. to review

+ 2
- 1
.github/workflows/openapi.yml Zobrazit soubor

@@ -34,10 +34,11 @@ jobs:
php-version: '8.2'
extensions: xml
coverage: none
ini-file: development
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

- name: Composer install
- name: Set up dependencies
run: composer i

- name: OpenAPI checker

+ 3
- 3
.github/workflows/performance.yml Zobrazit soubor

@@ -62,9 +62,9 @@ jobs:

- name: Apply PR
run: |
git remote add pr ${{ github.event.pull_request.head.repo.clone_url }}
git fetch pr ${{ github.event.pull_request.head.ref }}
git checkout -b pr/${{ github.event.pull_request.head.ref }}
git remote add pr '${{ github.event.pull_request.head.repo.clone_url }}'
git fetch pr '${{ github.event.pull_request.head.ref }}'
git checkout -b 'pr/${{ github.event.pull_request.head.ref }}'
git submodule update

./occ upgrade

+ 1
- 6
.github/workflows/phpunit-mariadb.yml Zobrazit soubor

@@ -105,7 +105,7 @@ jobs:
- name: Enable ONLY_FULL_GROUP_BY MariaDB option
run: |
echo "SET GLOBAL sql_mode=(SELECT CONCAT(@@sql_mode,',ONLY_FULL_GROUP_BY'));" | mysql -h 127.0.0.1 -P 4444 -u root -prootpassword
echo "SELECT @@sql_mode;" | mysql -h 127.0.0.1 -P 4444 -u root -prootpassword
echo 'SELECT @@sql_mode;' | mysql -h 127.0.0.1 -P 4444 -u root -prootpassword

- name: Set up Nextcloud
env:
@@ -127,11 +127,6 @@ jobs:
files: ./clover.db.xml
flags: phpunit-mariadb

- name: Print logs
if: always()
run: |
cat data/nextcloud.log

summary:
permissions:
contents: none

+ 3
- 3
.github/workflows/pr-feedback.yml Zobrazit soubor

@@ -35,7 +35,7 @@ jobs:
with:
feedback-message: |
Hello there,
Thank you so much for taking the time and effort to create a pull request to our Nextcloud project.
Thank you so much for taking the time and effort to create a pull request to our Nextcloud project.

We hope that the review process is going smooth and is helpful for you. We want to ensure your pull request is reviewed to your satisfaction. If you have a moment, our community management team would very much appreciate your feedback on your experience with this PR review process.

@@ -45,6 +45,6 @@ jobs:

(If you believe you should not receive this message, you can add yourself to the [blocklist](https://github.com/nextcloud/.github/blob/master/non-community-usernames.txt).)
days-before-feedback: 14
start-date: "2024-04-30"
exempt-authors: "${{ steps.blocklist.outputs.blocklist }},${{ steps.scrape.outputs.users }},nextcloud-command,nextcloud-android-bot"
start-date: '2024-04-30'
exempt-authors: '${{ steps.blocklist.outputs.blocklist }},${{ steps.scrape.outputs.users }},nextcloud-command,nextcloud-android-bot'
exempt-bots: true

+ 4
- 4
.github/workflows/update-cacert-bundle.yml Zobrazit soubor

@@ -14,7 +14,7 @@ jobs:
strategy:
fail-fast: false
matrix:
branches: ["master", "stable29", "stable28", "stable27", "stable26", "stable25", "stable24", "stable23", "stable22"]
branches: ['master', 'stable29', 'stable28', 'stable27', 'stable26', 'stable25', 'stable24', 'stable23', 'stable22']

name: update-ca-certificate-bundle-${{ matrix.branches }}

@@ -31,12 +31,12 @@ jobs:
uses: peter-evans/create-pull-request@6d6857d36972b65feb161a90e484f2984215f83e
with:
token: ${{ secrets.COMMAND_BOT_PAT }}
commit-message: "fix(security): Update CA certificate bundle"
commit-message: 'fix(security): Update CA certificate bundle'
committer: GitHub <noreply@github.com>
author: nextcloud-command <nextcloud-command@users.noreply.github.com>
signoff: true
branch: automated/noid/${{ matrix.branches }}-update-ca-cert-bundle
title: "[${{ matrix.branches }}] fix(security): Update CA certificate bundle"
branch: 'automated/noid/${{ matrix.branches }}-update-ca-cert-bundle'
title: '[${{ matrix.branches }}] fix(security): Update CA certificate bundle'
body: |
Auto-generated update of CA certificate bundle from [https://curl.se/docs/caextract.html](https://curl.se/docs/caextract.html)
labels: |

+ 4
- 4
.github/workflows/update-code-signing-crl.yml Zobrazit soubor

@@ -14,7 +14,7 @@ jobs:
strategy:
fail-fast: false
matrix:
branches: ["master", "stable28", "stable27", "stable26", "stable25", "stable24", "stable23", "stable22"]
branches: ['master', 'stable29', 'stable28', 'stable27', 'stable26', 'stable25', 'stable24', 'stable23', 'stable22']

name: update-code-signing-crl-${{ matrix.branches }}

@@ -34,12 +34,12 @@ jobs:
uses: peter-evans/create-pull-request@6d6857d36972b65feb161a90e484f2984215f83e
with:
token: ${{ secrets.COMMAND_BOT_PAT }}
commit-message: "fix(security): Update code signing revocation list"
commit-message: 'fix(security): Update code signing revocation list'
committer: GitHub <noreply@github.com>
author: nextcloud-command <nextcloud-command@users.noreply.github.com>
signoff: true
branch: automated/noid/${{ matrix.branches }}-update-code-signing-crl
title: "[${{ matrix.branches }}] fix(security): Update code signing revocation list"
branch: 'automated/noid/${{ matrix.branches }}-update-code-signing-crl'
title: '[${{ matrix.branches }}] fix(security): Update code signing revocation list'
body: |
Auto-generated update of code signing revocation list from [Appstore](https://github.com/nextcloud/appstore/commits/master/nextcloudappstore/certificate/nextcloud.crl)
labels: |

+ 4
- 4
.github/workflows/update-psalm-baseline.yml Zobrazit soubor

@@ -16,7 +16,7 @@ jobs:
strategy:
fail-fast: false
matrix:
branches: ["master", "stable29", "stable28", "stable27"]
branches: ['master', 'stable29', 'stable28', 'stable27']

name: update-psalm-baseline-${{ matrix.branches }}

@@ -55,12 +55,12 @@ jobs:
uses: peter-evans/create-pull-request@6d6857d36972b65feb161a90e484f2984215f83e
with:
token: ${{ secrets.COMMAND_BOT_PAT }}
commit-message: "chore(tests): Update psalm baseline"
commit-message: 'chore(tests): Update psalm baseline'
committer: GitHub <noreply@github.com>
author: nextcloud-command <nextcloud-command@users.noreply.github.com>
signoff: true
branch: automated/noid/${{ matrix.branches }}-update-psalm-baseline
title: "[${{ matrix.branches }}] Update psalm-baseline.xml"
branch: 'automated/noid/${{ matrix.branches }}-update-psalm-baseline'
title: '[${{ matrix.branches }}] Update psalm-baseline.xml'
body: |
Auto-generated update psalm-baseline.xml with fixed psalm warnings
labels: |

Zapsat Náhled
Načítá se…
Zrušit
Uložit