John Molakvoæ (skjnldsv)
49b490ce6d
Migrate to npm 7
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2 years ago
John Molakvoæ
3508976156
Add files via upload
2 years ago
Nextcloud bot
472a51e845
Updating dependabot-approve-merge.yml workflow from template
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2 years ago
Nextcloud bot
b4cb5e2cff
Updating dependabot-approve-merge.yml workflow from template
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2 years ago
skjnldsv
2fdd8c40ef
Updating command-rebase.yml workflow from template
Signed-off-by: GitHub <noreply@github.com>
2 years ago
Julius Härtl
b18a7b8d22
Auto approve/merge also on stable branches
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2 years ago
szaimen
716dd54af2
Create rebase command
Signed-off-by: szaimen <szaimen@e.mail.de>
2 years ago
Joas Schilling
15e59a686d
Update dependabot config too
Signed-off-by: Joas Schilling <coding@schilljs.com>
3 years ago
Morris Jobke
deaf0f3aa2
Change reviewers of Psalm baseline update
Change reviewers from Roeland and Me to Julius and Louis
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
3 years ago
John Molakvoæ
8c8777a841
Fix name
3 years ago
John Molakvoæ
38a19c263b
Add fixup.yml
3 years ago
John Molakvoæ
162229dbff
Fix psalm action
3 years ago
John Molakvoæ
fb583d5665
Fix psalm action
3 years ago
John Molakvoæ
f2e731e017
Add dependabot reviewer team and remove saturday for stable branches
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
3 years ago
John Molakvoæ
018e18bf8a
Fix dependabot config
3 years ago
John Molakvoæ (skjnldsv)
c3f9f09fb0
Add dependabot config with proper ignore for stable branches
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
3 years ago
Christoph Wurst
ab3424ad44
Add ext-zip as platform dependency
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
3 years ago
Joas Schilling
6a43948a6e
FIx Oracle by testing on Ubuntu 20.04 until oci8.so is available for 21.04
Signed-off-by: Joas Schilling <coding@schilljs.com>
3 years ago
acsfer
2e41939ece
Typo
3 years ago
acsfer
9f56646694
Redirect users to forum for questions
Be more specific so more users will go directly to the forum instead using Github for non-bug reports.
3 years ago
John Molakvoæ (skjnldsv)
fb183b457c
Add eslint testing
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
3 years ago
tobiasKaminsky
bfb535b2b2
Add funding info
Signed-off-by: tobiasKaminsky <tobias@kaminsky.me>
3 years ago
Roeland Jago Douma
da652ded26
Move fixup check to action
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
3 years ago
Roeland Jago Douma
cc18213c98
Have psalm analysis directly on github
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
3 years ago
Roeland Jago Douma
08cae2ec44
Revert "Pin Psalm version to an older one"
3 years ago
Lukas Reschke
f1d2dcdaa5
Pin Psalm version to an older one
Ref https://github.com/vimeo/psalm/issues/5144
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
3 years ago
Roeland Jago Douma
fe65f8facf
Add dedicated baseline for OCP
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
3 years ago
Julius Härtl
c42385ef0f
Cleanup bundle files before checking the rebuild
Signed-off-by: Julius Härtl <jus@bitgrid.net>
3 years ago
Julius Härtl
c7a320d880
jsunit: Run jsunit with chromium/puppeteer on github actions
Signed-off-by: Julius Härtl <jus@bitgrid.net>
3 years ago
Lukas Reschke
47ac8e0028
Add Psalm Taint Flow Analysis
This adds the Psalm Security Analysis, as described at
https://psalm.dev/docs/security_analysis/
It also adds a plugin for adding input into AppFramework.
The results can be viewed in the GitHub Security tab at
https://github.com/nextcloud/server/security/code-scanning
**Q&A:**
Q: Why do you not use the shipped Psalm version?
A: I do a lot of changes to the Psalm Taint behaviour. Using released
versions is not gonna get us the results we want.
Q: How do I improve false positives?
A: https://psalm.dev/docs/security_analysis/avoiding_false_positives/
Q: How do I add custom sources?
A: https://psalm.dev/docs/security_analysis/custom_taint_sources/
Q: We should run this on apps!
A: Yes.
Q: What will change in Psalm?
A: Quite some of the PHP core functions are not yet marked to propagate
the taint. This leads to results where the taint flow is lost. That's
something that I am currently working on.
Q: Why is the plugin MIT licensed?
A: Because its the first of its kind (based on GitHub Code Search) and
I want other people to copy it if they want to. Security is for all :)
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
3 years ago
Roeland Jago Douma
12f322d804
Also lint php8
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
3 years ago
Joas Schilling
a524e83be0
Fix naming of jobs and steps
Signed-off-by: Joas Schilling <coding@schilljs.com>
3 years ago
Julius Härtl
2050517d44
Add github action for oci8
Signed-off-by: Julius Härtl <jus@bitgrid.net>
3 years ago
John Molakvoæ
1e7a82d99e
Fix php lint action
3 years ago
Morris Jobke
bb05f0e4eb
Do not commit updated composer dependencies in psalm baseline update
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
3 years ago
Morris Jobke
f18d9cd310
Update daily "update psalm baseline" job to composer psalm
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
3 years ago
Morris Jobke
106c8d719c
Do not fail on changes to baseline.xml
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
3 years ago
Christoph Wurst
081e9ac47f
Use own psalm instead of a global one
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
3 years ago
John Molakvoæ
28df9239bb
Delete dependabot.yml
3 years ago
John Molakvoæ (skjnldsv)
d939f2fa5a
Split target-branch between stablexx branches until it supports Arrays
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
3 years ago
John Molakvoæ (skjnldsv)
91e463ff00
Move to automated dependabot merging
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
3 years ago
Morris Jobke
886466d510
Run psalm-baseline.xml update once a day
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
3 years ago
Morris Jobke
458320e8d7
Revert "This is just to trigger the GitHub scheduled actions registration"
This reverts commit 2e912990ff
.
3 years ago
Morris Jobke
2e912990ff
This is just to trigger the GitHub scheduled actions registration
It is needed for #22314 and I will revert it right away afterwards.
Sorry for the trouble.
See the answer in https://stackoverflow.com/questions/59560214/github-action-works-on-push-but-not-scheduled
3 years ago
Morris Jobke
ebc80dba78
Run update-psalm-baseline action every 5 minutes
For debugging purposed due to a GitHub bug.
See #22325
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
3 years ago
Morris Jobke
27157051aa
Revert "This is just to trigger the GitHub scheduled actions registration"
3 years ago
Morris Jobke
f255f42991
This is just to trigger the GitHub scheduled actions
It is needed for https://github.com/nextcloud/server/pull/22314 and I will revert it right away afterwards.
Sorry for the trouble.
3 years ago
Morris Jobke
50784a7c51
Generate psalm-baseline.xml PR instead of requiring this from the PR author itself
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
3 years ago
Morris Jobke
4db7829f43
Better psalm CI output
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
3 years ago
Morris Jobke
42bb6cd7d7
Check only the baseline.xml and exclude the psalm.xml from the file check
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
3 years ago