nextcloud

Commit Graph

Author	SHA1	Message	Date
John Molakvoæ (skjnldsv)	49b490ce6d	Migrate to npm 7 Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>	2 years ago
John Molakvoæ	3508976156	Add files via upload	2 years ago
Nextcloud bot	472a51e845	Updating dependabot-approve-merge.yml workflow from template Signed-off-by: Nextcloud bot <bot@nextcloud.com>	2 years ago
Nextcloud bot	b4cb5e2cff	Updating dependabot-approve-merge.yml workflow from template Signed-off-by: Nextcloud bot <bot@nextcloud.com>	2 years ago
skjnldsv	2fdd8c40ef	Updating command-rebase.yml workflow from template Signed-off-by: GitHub <noreply@github.com>	2 years ago
Julius Härtl	b18a7b8d22	Auto approve/merge also on stable branches Signed-off-by: Julius Härtl <jus@bitgrid.net>	2 years ago
szaimen	716dd54af2	Create rebase command Signed-off-by: szaimen <szaimen@e.mail.de>	2 years ago
Joas Schilling	15e59a686d	Update dependabot config too Signed-off-by: Joas Schilling <coding@schilljs.com>	3 years ago
Morris Jobke	deaf0f3aa2	Change reviewers of Psalm baseline update Change reviewers from Roeland and Me to Julius and Louis Signed-off-by: Morris Jobke <hey@morrisjobke.de>	3 years ago
John Molakvoæ	8c8777a841	Fix name	3 years ago
John Molakvoæ	38a19c263b	Add fixup.yml	3 years ago
John Molakvoæ	162229dbff	Fix psalm action	3 years ago
John Molakvoæ	fb583d5665	Fix psalm action	3 years ago
John Molakvoæ	f2e731e017	Add dependabot reviewer team and remove saturday for stable branches Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>	3 years ago
John Molakvoæ	018e18bf8a	Fix dependabot config	3 years ago
John Molakvoæ (skjnldsv)	c3f9f09fb0	Add dependabot config with proper ignore for stable branches Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>	3 years ago
Christoph Wurst	ab3424ad44	Add ext-zip as platform dependency Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	3 years ago
Joas Schilling	6a43948a6e	FIx Oracle by testing on Ubuntu 20.04 until oci8.so is available for 21.04 Signed-off-by: Joas Schilling <coding@schilljs.com>	3 years ago
acsfer	2e41939ece	Typo	3 years ago
acsfer	9f56646694	Redirect users to forum for questions Be more specific so more users will go directly to the forum instead using Github for non-bug reports.	3 years ago
John Molakvoæ (skjnldsv)	fb183b457c	Add eslint testing Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>	3 years ago
tobiasKaminsky	bfb535b2b2	Add funding info Signed-off-by: tobiasKaminsky <tobias@kaminsky.me>	3 years ago
Roeland Jago Douma	da652ded26	Move fixup check to action Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	3 years ago
Roeland Jago Douma	cc18213c98	Have psalm analysis directly on github Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	3 years ago
Roeland Jago Douma	08cae2ec44	Revert "Pin Psalm version to an older one"	3 years ago
Lukas Reschke	f1d2dcdaa5	Pin Psalm version to an older one Ref https://github.com/vimeo/psalm/issues/5144 Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	3 years ago
Roeland Jago Douma	fe65f8facf	Add dedicated baseline for OCP Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	3 years ago
Julius Härtl	c42385ef0f	Cleanup bundle files before checking the rebuild Signed-off-by: Julius Härtl <jus@bitgrid.net>	3 years ago
Julius Härtl	c7a320d880	jsunit: Run jsunit with chromium/puppeteer on github actions Signed-off-by: Julius Härtl <jus@bitgrid.net>	3 years ago
Lukas Reschke	47ac8e0028	Add Psalm Taint Flow Analysis This adds the Psalm Security Analysis, as described at https://psalm.dev/docs/security_analysis/ It also adds a plugin for adding input into AppFramework. The results can be viewed in the GitHub Security tab at https://github.com/nextcloud/server/security/code-scanning Q&A: Q: Why do you not use the shipped Psalm version? A: I do a lot of changes to the Psalm Taint behaviour. Using released versions is not gonna get us the results we want. Q: How do I improve false positives? A: https://psalm.dev/docs/security_analysis/avoiding_false_positives/ Q: How do I add custom sources? A: https://psalm.dev/docs/security_analysis/custom_taint_sources/ Q: We should run this on apps! A: Yes. Q: What will change in Psalm? A: Quite some of the PHP core functions are not yet marked to propagate the taint. This leads to results where the taint flow is lost. That's something that I am currently working on. Q: Why is the plugin MIT licensed? A: Because its the first of its kind (based on GitHub Code Search) and I want other people to copy it if they want to. Security is for all :) Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	3 years ago
Roeland Jago Douma	12f322d804	Also lint php8 Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	3 years ago
Joas Schilling	a524e83be0	Fix naming of jobs and steps Signed-off-by: Joas Schilling <coding@schilljs.com>	3 years ago
Julius Härtl	2050517d44	Add github action for oci8 Signed-off-by: Julius Härtl <jus@bitgrid.net>	3 years ago
John Molakvoæ	1e7a82d99e	Fix php lint action	3 years ago
Morris Jobke	bb05f0e4eb	Do not commit updated composer dependencies in psalm baseline update Signed-off-by: Morris Jobke <hey@morrisjobke.de>	3 years ago
Morris Jobke	f18d9cd310	Update daily "update psalm baseline" job to composer psalm Signed-off-by: Morris Jobke <hey@morrisjobke.de>	3 years ago
Morris Jobke	106c8d719c	Do not fail on changes to baseline.xml Signed-off-by: Morris Jobke <hey@morrisjobke.de>	3 years ago
Christoph Wurst	081e9ac47f	Use own psalm instead of a global one Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	3 years ago
John Molakvoæ	28df9239bb	Delete dependabot.yml	3 years ago
John Molakvoæ (skjnldsv)	d939f2fa5a	Split target-branch between stablexx branches until it supports Arrays Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>	3 years ago
John Molakvoæ (skjnldsv)	91e463ff00	Move to automated dependabot merging Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>	3 years ago
Morris Jobke	886466d510	Run psalm-baseline.xml update once a day Signed-off-by: Morris Jobke <hey@morrisjobke.de>	3 years ago
Morris Jobke	458320e8d7	Revert "This is just to trigger the GitHub scheduled actions registration" This reverts commit `2e912990ff`.	3 years ago
Morris Jobke	2e912990ff	This is just to trigger the GitHub scheduled actions registration It is needed for #22314 and I will revert it right away afterwards. Sorry for the trouble. See the answer in https://stackoverflow.com/questions/59560214/github-action-works-on-push-but-not-scheduled	3 years ago
Morris Jobke	ebc80dba78	Run update-psalm-baseline action every 5 minutes For debugging purposed due to a GitHub bug. See #22325 Signed-off-by: Morris Jobke <hey@morrisjobke.de>	3 years ago
Morris Jobke	27157051aa	Revert "This is just to trigger the GitHub scheduled actions registration"	3 years ago
Morris Jobke	f255f42991	This is just to trigger the GitHub scheduled actions It is needed for https://github.com/nextcloud/server/pull/22314 and I will revert it right away afterwards. Sorry for the trouble.	3 years ago
Morris Jobke	50784a7c51	Generate psalm-baseline.xml PR instead of requiring this from the PR author itself Signed-off-by: Morris Jobke <hey@morrisjobke.de>	3 years ago
Morris Jobke	4db7829f43	Better psalm CI output Signed-off-by: Morris Jobke <hey@morrisjobke.de>	3 years ago
Morris Jobke	42bb6cd7d7	Check only the baseline.xml and exclude the psalm.xml from the file check Signed-off-by: Morris Jobke <hey@morrisjobke.de>	3 years ago

1 2 3

108 Commits (7ca81f360f42341b2941798374160d362507ba26)