summaryrefslogtreecommitdiffstats
path: root/.github
Commit message (Collapse)AuthorAgeFilesLines
* Change reviewers of Psalm baseline updateMorris Jobke2021-06-161-1/+1
| | | | | Change reviewers from Roeland and Me to Julius and Louis Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* Fix nameJohn Molakvoæ2021-05-291-1/+1
|
* Add fixup.ymlJohn Molakvoæ2021-05-291-2/+1
|
* Fix psalm actionJohn Molakvoæ2021-05-281-3/+4
|
* Fix psalm actionJohn Molakvoæ2021-05-281-3/+4
|
* Add dependabot reviewer team and remove saturday for stable branchesJohn Molakvoæ2021-05-281-0/+16
| | | | Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
* Fix dependabot configJohn Molakvoæ2021-05-281-5/+7
|
* Add dependabot config with proper ignore for stable branchesJohn Molakvoæ (skjnldsv)2021-05-261-0/+149
| | | | Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
* Add ext-zip as platform dependencyChristoph Wurst2021-05-036-1/+8
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* FIx Oracle by testing on Ubuntu 20.04 until oci8.so is available for 21.04Joas Schilling2021-04-221-1/+1
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Typoacsfer2021-04-221-1/+1
|
* Redirect users to forum for questionsacsfer2021-04-221-3/+3
| | | Be more specific so more users will go directly to the forum instead using Github for non-bug reports.
* Add eslint testingJohn Molakvoæ (skjnldsv)2021-03-171-0/+22
| | | | Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
* Add funding infotobiasKaminsky2021-03-161-0/+1
| | | | Signed-off-by: tobiasKaminsky <tobias@kaminsky.me>
* Move fixup check to actionRoeland Jago Douma2021-03-071-0/+13
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Have psalm analysis directly on githubRoeland Jago Douma2021-02-101-0/+26
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Revert "Pin Psalm version to an older one"Roeland Jago Douma2021-02-021-1/+1
|
* Pin Psalm version to an older oneLukas Reschke2021-02-021-1/+1
| | | | | | Ref https://github.com/vimeo/psalm/issues/5144 Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* Merge pull request #24903 from nextcloud/enh/psalm-ocpRoeland Jago Douma2020-12-301-0/+25
|\ | | | | Add dedicated baseline for OCP
| * Add dedicated baseline for OCPRoeland Jago Douma2020-12-301-0/+25
| | | | | | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* | Cleanup bundle files before checking the rebuildJulius Härtl2020-12-291-0/+1
|/ | | | Signed-off-by: Julius Härtl <jus@bitgrid.net>
* jsunit: Run jsunit with chromium/puppeteer on github actionsJulius Härtl2020-12-291-0/+11
| | | | Signed-off-by: Julius Härtl <jus@bitgrid.net>
* Merge pull request #24246 from LukasReschke/add-taint-flow-analysisMorris Jobke2020-11-211-0/+26
|\ | | | | Add Psalm Security Analysis
| * Add Psalm Taint Flow AnalysisLukas Reschke2020-11-201-0/+26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This adds the Psalm Security Analysis, as described at https://psalm.dev/docs/security_analysis/ It also adds a plugin for adding input into AppFramework. The results can be viewed in the GitHub Security tab at https://github.com/nextcloud/server/security/code-scanning **Q&A:** Q: Why do you not use the shipped Psalm version? A: I do a lot of changes to the Psalm Taint behaviour. Using released versions is not gonna get us the results we want. Q: How do I improve false positives? A: https://psalm.dev/docs/security_analysis/avoiding_false_positives/ Q: How do I add custom sources? A: https://psalm.dev/docs/security_analysis/custom_taint_sources/ Q: We should run this on apps! A: Yes. Q: What will change in Psalm? A: Quite some of the PHP core functions are not yet marked to propagate the taint. This leads to results where the taint flow is lost. That's something that I am currently working on. Q: Why is the plugin MIT licensed? A: Because its the first of its kind (based on GitHub Code Search) and I want other people to copy it if they want to. Security is for all :) Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* | Also lint php8Roeland Jago Douma2020-11-201-1/+1
|/ | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Fix naming of jobs and stepsJoas Schilling2020-11-101-17/+20
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Add github action for oci8Julius Härtl2020-11-101-0/+53
| | | | Signed-off-by: Julius Härtl <jus@bitgrid.net>
* Fix php lint actionJohn Molakvoæ2020-11-051-2/+2
|
* Do not commit updated composer dependencies in psalm baseline updateMorris Jobke2020-10-301-1/+2
| | | | Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* Update daily "update psalm baseline" job to composer psalmMorris Jobke2020-10-291-6/+8
| | | | Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* Do not fail on changes to baseline.xml Morris Jobke2020-10-131-1/+1
| | | Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* Use own psalm instead of a global oneChristoph Wurst2020-10-131-6/+10
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Delete dependabot.ymlJohn Molakvoæ2020-09-081-142/+0
|
* Split target-branch between stablexx branches until it supports ArraysJohn Molakvoæ (skjnldsv)2020-09-081-8/+58
| | | | Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
* Move to automated dependabot mergingJohn Molakvoæ (skjnldsv)2020-09-072-0/+111
| | | | Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
* Run psalm-baseline.xml update once a dayMorris Jobke2020-08-201-1/+1
| | | | Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* Revert "This is just to trigger the GitHub scheduled actions registration"Morris Jobke2020-08-201-17/+0
| | | | This reverts commit 2e912990ff63ca364a070243594b174e0ec9868b.
* This is just to trigger the GitHub scheduled actions registrationMorris Jobke2020-08-201-0/+17
| | | | | | | It is needed for #22314 and I will revert it right away afterwards. Sorry for the trouble. See the answer in https://stackoverflow.com/questions/59560214/github-action-works-on-push-but-not-scheduled
* Run update-psalm-baseline action every 5 minutesMorris Jobke2020-08-201-1/+1
| | | | | | | For debugging purposed due to a GitHub bug. See #22325 Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* Revert "This is just to trigger the GitHub scheduled actions registration"Morris Jobke2020-08-201-16/+0
|
* This is just to trigger the GitHub scheduled actionsMorris Jobke2020-08-201-0/+16
| | | | | It is needed for https://github.com/nextcloud/server/pull/22314 and I will revert it right away afterwards. Sorry for the trouble.
* Generate psalm-baseline.xml PR instead of requiring this from the PR author ↵Morris Jobke2020-08-202-2/+45
| | | | | | itself Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* Better psalm CI outputMorris Jobke2020-08-191-2/+2
| | | | Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* Check only the baseline.xml and exclude the psalm.xml from the file checkMorris Jobke2020-08-181-1/+1
| | | | Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* Add a check for fixes in the psalm baselineMorris Jobke2020-08-181-1/+4
| | | | Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* Hello psalmDaniel Kesselberg2020-08-181-0/+22
| | | | Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
* Run cs:check a second time to show diffDaniel Kesselberg2020-07-151-1/+4
| | | | Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
* Report php-cs-fixer errors to GitHubDaniel Kesselberg2020-07-131-1/+2
| | | | Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
* Delete FUNDING.ymlJoas Schilling2020-06-171-2/+0
|
* Show a hint for the php-cs fix when the check failsChristoph Wurst2020-04-141-1/+1
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-23 18:52:37 +0000