tobiasKaminsky
bfb535b2b2
Add funding info
Signed-off-by: tobiasKaminsky <tobias@kaminsky.me>
3 years ago
Roeland Jago Douma
da652ded26
Move fixup check to action
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
3 years ago
Roeland Jago Douma
cc18213c98
Have psalm analysis directly on github
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
3 years ago
Roeland Jago Douma
08cae2ec44
Revert "Pin Psalm version to an older one"
3 years ago
Lukas Reschke
f1d2dcdaa5
Pin Psalm version to an older one
Ref https://github.com/vimeo/psalm/issues/5144
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
3 years ago
Roeland Jago Douma
fe65f8facf
Add dedicated baseline for OCP
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
3 years ago
Julius Härtl
c42385ef0f
Cleanup bundle files before checking the rebuild
Signed-off-by: Julius Härtl <jus@bitgrid.net>
3 years ago
Julius Härtl
c7a320d880
jsunit: Run jsunit with chromium/puppeteer on github actions
Signed-off-by: Julius Härtl <jus@bitgrid.net>
3 years ago
Lukas Reschke
47ac8e0028
Add Psalm Taint Flow Analysis
This adds the Psalm Security Analysis, as described at
https://psalm.dev/docs/security_analysis/
It also adds a plugin for adding input into AppFramework.
The results can be viewed in the GitHub Security tab at
https://github.com/nextcloud/server/security/code-scanning
**Q&A:**
Q: Why do you not use the shipped Psalm version?
A: I do a lot of changes to the Psalm Taint behaviour. Using released
versions is not gonna get us the results we want.
Q: How do I improve false positives?
A: https://psalm.dev/docs/security_analysis/avoiding_false_positives/
Q: How do I add custom sources?
A: https://psalm.dev/docs/security_analysis/custom_taint_sources/
Q: We should run this on apps!
A: Yes.
Q: What will change in Psalm?
A: Quite some of the PHP core functions are not yet marked to propagate
the taint. This leads to results where the taint flow is lost. That's
something that I am currently working on.
Q: Why is the plugin MIT licensed?
A: Because its the first of its kind (based on GitHub Code Search) and
I want other people to copy it if they want to. Security is for all :)
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
3 years ago
Roeland Jago Douma
12f322d804
Also lint php8
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
3 years ago
Joas Schilling
a524e83be0
Fix naming of jobs and steps
Signed-off-by: Joas Schilling <coding@schilljs.com>
3 years ago
Julius Härtl
2050517d44
Add github action for oci8
Signed-off-by: Julius Härtl <jus@bitgrid.net>
3 years ago
John Molakvoæ
1e7a82d99e
Fix php lint action
3 years ago
Morris Jobke
bb05f0e4eb
Do not commit updated composer dependencies in psalm baseline update
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
3 years ago
Morris Jobke
f18d9cd310
Update daily "update psalm baseline" job to composer psalm
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
3 years ago
Morris Jobke
106c8d719c
Do not fail on changes to baseline.xml
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
3 years ago
Christoph Wurst
081e9ac47f
Use own psalm instead of a global one
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
3 years ago
John Molakvoæ
28df9239bb
Delete dependabot.yml
3 years ago
John Molakvoæ (skjnldsv)
d939f2fa5a
Split target-branch between stablexx branches until it supports Arrays
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
3 years ago
John Molakvoæ (skjnldsv)
91e463ff00
Move to automated dependabot merging
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
3 years ago
Morris Jobke
886466d510
Run psalm-baseline.xml update once a day
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
3 years ago
Morris Jobke
458320e8d7
Revert "This is just to trigger the GitHub scheduled actions registration"
This reverts commit 2e912990ff
.
3 years ago
Morris Jobke
2e912990ff
This is just to trigger the GitHub scheduled actions registration
It is needed for #22314 and I will revert it right away afterwards.
Sorry for the trouble.
See the answer in https://stackoverflow.com/questions/59560214/github-action-works-on-push-but-not-scheduled
3 years ago
Morris Jobke
ebc80dba78
Run update-psalm-baseline action every 5 minutes
For debugging purposed due to a GitHub bug.
See #22325
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
3 years ago
Morris Jobke
27157051aa
Revert "This is just to trigger the GitHub scheduled actions registration"
3 years ago
Morris Jobke
f255f42991
This is just to trigger the GitHub scheduled actions
It is needed for https://github.com/nextcloud/server/pull/22314 and I will revert it right away afterwards.
Sorry for the trouble.
3 years ago
Morris Jobke
50784a7c51
Generate psalm-baseline.xml PR instead of requiring this from the PR author itself
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
3 years ago
Morris Jobke
4db7829f43
Better psalm CI output
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
3 years ago
Morris Jobke
42bb6cd7d7
Check only the baseline.xml and exclude the psalm.xml from the file check
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
3 years ago
Morris Jobke
80056e081a
Add a check for fixes in the psalm baseline
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
3 years ago
Daniel Kesselberg
7257793fc4
Hello psalm
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
3 years ago
Daniel Kesselberg
08cb4b8172
Run cs:check a second time to show diff
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
3 years ago
Daniel Kesselberg
f64b47c36a
Report php-cs-fixer errors to GitHub
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
3 years ago
Joas Schilling
7f92bd9d71
Delete FUNDING.yml
4 years ago
Christoph Wurst
9e6fcd585b
Show a hint for the php-cs fix when the check fails
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
4 years ago
Christoph Wurst
c9980ed099
Add php-cs check action
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
4 years ago
Christoph Wurst
f88ee3a556
We don't use IRC anymore
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
4 years ago
Daniel Kesselberg
98a2e3b628
Add text about subscribing issues and sync introduction to feature request
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
4 years ago
Daniel Kesselberg
df0131539a
Change Portalm to Portal
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
4 years ago
Joas Schilling
190eabf220
Add a link to the portal directly
Signed-off-by: Joas Schilling <coding@schilljs.com>
4 years ago
Daniel Kesselberg
feb642d532
Let people know that the logs not optional
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
4 years ago
Daniel Kesselberg
3e9bd97ce4
Add short explanation how to use the organization search to find issues with all nextcloud repos.
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
4 years ago
Daniel Kesselberg
aaa1506a47
Add guidelines for submitting issues to template
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
4 years ago
Gary Kim
907a27897a
Move Compile Handlebars CI to GitHub Actions
Signed-off-by: Gary Kim <gary@garykim.dev>
4 years ago
Roeland Jago Douma
64665c98e1
Lint on github actions
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
4 years ago
Roeland Jago Douma
ae75e17eff
Lets just use the fixup bot
The action is slower plus we can use more actions this way ;)
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
4 years ago
Christoph Wurst
b267409d38
Add webpack-based js tests
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
4 years ago
Roeland Jago Douma
582ab20e9d
Use checkout v2 for npm build action
Saves checking out the whole tree.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
4 years ago
Roeland Jago Douma
e639e11de3
Move npm build to github actions
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
4 years ago
Daniel Kesselberg
fc027ca801
Use proper ellipsis and replace sparkle with rocket
Thanks to nextcloud/calendar
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
4 years ago