nextcloud-server.git - Nextcloud server, a safe home for all your data: https://github.com/nextcloud/server

	Commit message (Collapse)	Author	Age	Files	Lines
*	Updating command-compile.yml workflow from template	Nextcloud bot	2021-08-06	1	-30/+42
\| \| \| \|	Signed-off-by: Nextcloud bot <bot@nextcloud.com>
*	Updating command-rebase.yml workflow from template	Nextcloud bot	2021-08-02	1	-6/+15
\| \| \| \|	Signed-off-by: Nextcloud bot <bot@nextcloud.com>
*	Update update-psalm-baseline.yml	John Molakvoæ	2021-07-28	1	-1/+1
\|
*	Add checkout token	John Molakvoæ	2021-07-28	1	-0/+1
\|
*	Use COMMAND_BOT_PAT	John Molakvoæ	2021-07-28	1	-2/+2
\|
*	Update dependabot-approve-merge.yml	John Molakvoæ	2021-07-27	1	-5/+5
\|
*	Add command-compile	John Molakvoæ	2021-07-26	1	-0/+105
\|
*	Add proper node testing	John Molakvoæ (skjnldsv)	2021-07-22	1	-0/+91
\| \| \| \|	Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
*	Migrate to npm 7	John Molakvoæ (skjnldsv)	2021-07-22	3	-82/+77
\| \| \| \|	Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
*	Add files via upload	John Molakvoæ	2021-07-16	1	-1/+9
\|
*	Updating dependabot-approve-merge.yml workflow from template	Nextcloud bot	2021-07-02	1	-2/+2
\| \| \| \|	Signed-off-by: Nextcloud bot <bot@nextcloud.com>
*	Updating dependabot-approve-merge.yml workflow from template	Nextcloud bot	2021-06-29	1	-3/+9
\| \| \| \|	Signed-off-by: Nextcloud bot <bot@nextcloud.com>
*	Updating command-rebase.yml workflow from template	skjnldsv	2021-06-29	1	-0/+9
\| \| \| \|	Signed-off-by: GitHub <noreply@github.com>
*	Merge pull request #27687 from nextcloud/szaimen-patch-1	Lukas Reschke	2021-06-28	1	-0/+27
\|\ \| \| \| \|	Create rebase command
\| *	Create rebase command	szaimen	2021-06-26	1	-0/+27
\| \| \| \| \| \|	Signed-off-by: szaimen <szaimen@e.mail.de>
* \|	Auto approve/merge also on stable branches	Julius Härtl	2021-06-28	1	-5/+7
\|/ \| \| \|	Signed-off-by: Julius Härtl <jus@bitgrid.net>
*	Update dependabot config too	Joas Schilling	2021-06-24	1	-6/+6
\| \| \| \|	Signed-off-by: Joas Schilling <coding@schilljs.com>
*	Change reviewers of Psalm baseline update	Morris Jobke	2021-06-16	1	-1/+1
\| \| \| \| \|	Change reviewers from Roeland and Me to Julius and Louis Signed-off-by: Morris Jobke <hey@morrisjobke.de>
*	Fix name	John Molakvoæ	2021-05-29	1	-1/+1
\|
*	Add fixup.yml	John Molakvoæ	2021-05-29	1	-2/+1
\|
*	Fix psalm action	John Molakvoæ	2021-05-28	1	-3/+4
\|
*	Fix psalm action	John Molakvoæ	2021-05-28	1	-3/+4
\|
*	Add dependabot reviewer team and remove saturday for stable branches	John Molakvoæ	2021-05-28	1	-0/+16
\| \| \| \|	Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
*	Fix dependabot config	John Molakvoæ	2021-05-28	1	-5/+7
\|
*	Add dependabot config with proper ignore for stable branches	John Molakvoæ (skjnldsv)	2021-05-26	1	-0/+149
\| \| \| \|	Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
*	Add ext-zip as platform dependency	Christoph Wurst	2021-05-03	6	-1/+8
\| \| \| \|	Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
*	FIx Oracle by testing on Ubuntu 20.04 until oci8.so is available for 21.04	Joas Schilling	2021-04-22	1	-1/+1
\| \| \| \|	Signed-off-by: Joas Schilling <coding@schilljs.com>
*	Typo	acsfer	2021-04-22	1	-1/+1
\|
*	Redirect users to forum for questions	acsfer	2021-04-22	1	-3/+3
\| \| \|	Be more specific so more users will go directly to the forum instead using Github for non-bug reports.
*	Add eslint testing	John Molakvoæ (skjnldsv)	2021-03-17	1	-0/+22
\| \| \| \|	Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
*	Add funding info	tobiasKaminsky	2021-03-16	1	-0/+1
\| \| \| \|	Signed-off-by: tobiasKaminsky <tobias@kaminsky.me>
*	Move fixup check to action	Roeland Jago Douma	2021-03-07	1	-0/+13
\| \| \| \|	Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
*	Have psalm analysis directly on github	Roeland Jago Douma	2021-02-10	1	-0/+26
\| \| \| \|	Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
*	Revert "Pin Psalm version to an older one"	Roeland Jago Douma	2021-02-02	1	-1/+1
\|
*	Pin Psalm version to an older one	Lukas Reschke	2021-02-02	1	-1/+1
\| \| \| \| \| \|	Ref https://github.com/vimeo/psalm/issues/5144 Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
*	Merge pull request #24903 from nextcloud/enh/psalm-ocp	Roeland Jago Douma	2020-12-30	1	-0/+25
\|\ \| \| \| \|	Add dedicated baseline for OCP
\| *	Add dedicated baseline for OCP	Roeland Jago Douma	2020-12-30	1	-0/+25
\| \| \| \| \| \| \| \|	Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* \|	Cleanup bundle files before checking the rebuild	Julius Härtl	2020-12-29	1	-0/+1
\|/ \| \| \|	Signed-off-by: Julius Härtl <jus@bitgrid.net>
*	jsunit: Run jsunit with chromium/puppeteer on github actions	Julius Härtl	2020-12-29	1	-0/+11
\| \| \| \|	Signed-off-by: Julius Härtl <jus@bitgrid.net>
*	Merge pull request #24246 from LukasReschke/add-taint-flow-analysis	Morris Jobke	2020-11-21	1	-0/+26
\|\ \| \| \| \|	Add Psalm Security Analysis
\| *	Add Psalm Taint Flow Analysis	Lukas Reschke	2020-11-20	1	-0/+26
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	This adds the Psalm Security Analysis, as described at https://psalm.dev/docs/security_analysis/ It also adds a plugin for adding input into AppFramework. The results can be viewed in the GitHub Security tab at https://github.com/nextcloud/server/security/code-scanning Q&A: Q: Why do you not use the shipped Psalm version? A: I do a lot of changes to the Psalm Taint behaviour. Using released versions is not gonna get us the results we want. Q: How do I improve false positives? A: https://psalm.dev/docs/security_analysis/avoiding_false_positives/ Q: How do I add custom sources? A: https://psalm.dev/docs/security_analysis/custom_taint_sources/ Q: We should run this on apps! A: Yes. Q: What will change in Psalm? A: Quite some of the PHP core functions are not yet marked to propagate the taint. This leads to results where the taint flow is lost. That's something that I am currently working on. Q: Why is the plugin MIT licensed? A: Because its the first of its kind (based on GitHub Code Search) and I want other people to copy it if they want to. Security is for all :) Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* \|	Also lint php8	Roeland Jago Douma	2020-11-20	1	-1/+1
\|/ \| \| \|	Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
*	Fix naming of jobs and steps	Joas Schilling	2020-11-10	1	-17/+20
\| \| \| \|	Signed-off-by: Joas Schilling <coding@schilljs.com>
*	Add github action for oci8	Julius Härtl	2020-11-10	1	-0/+53
\| \| \| \|	Signed-off-by: Julius Härtl <jus@bitgrid.net>
*	Fix php lint action	John Molakvoæ	2020-11-05	1	-2/+2
\|
*	Do not commit updated composer dependencies in psalm baseline update	Morris Jobke	2020-10-30	1	-1/+2
\| \| \| \|	Signed-off-by: Morris Jobke <hey@morrisjobke.de>
*	Update daily "update psalm baseline" job to composer psalm	Morris Jobke	2020-10-29	1	-6/+8
\| \| \| \|	Signed-off-by: Morris Jobke <hey@morrisjobke.de>
*	Do not fail on changes to baseline.xml	Morris Jobke	2020-10-13	1	-1/+1
\| \| \|	Signed-off-by: Morris Jobke <hey@morrisjobke.de>
*	Use own psalm instead of a global one	Christoph Wurst	2020-10-13	1	-6/+10
\| \| \| \|	Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
*	Delete dependabot.yml	John Molakvoæ	2020-09-08	1	-142/+0
\|