aboutsummaryrefslogtreecommitdiffstats
path: root/.github
Commit message (Collapse)AuthorAgeFilesLines
...
* ftp logsRobin Appelman2021-10-071-0/+4
| | | | Signed-off-by: Robin Appelman <robin@icewind.nl>
* run ftp external storage tests against multiple ftp serversRobin Appelman2021-10-071-0/+69
| | | | Signed-off-by: Robin Appelman <robin@icewind.nl>
* Reset composer for automated psalm baseline updateDaniel Kesselberg2021-10-071-1/+5
| | | | Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
* Merge pull request #29050 from ↵Vincent Petry2021-10-061-6/+1
|\ | | | | | | | | nextcloud/debt/noid/job-to-update-psalm-baseline-broken Fix job to update psalm baseline
| * Fix job to update psalm baselineDaniel Kesselberg2021-10-031-6/+1
| | | | | | | | Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
* | Change output format of Psalm to GithubMorris Jobke2021-10-031-2/+2
|/ | | | | This automatically inlines the errors into the diff view. Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* Run oci against all php versionsJulius Härtl2021-09-271-2/+1
| | | | Signed-off-by: Julius Härtl <jus@bitgrid.net>
* Run oci tests against phpunit9/php8Julius Härtl2021-09-271-3/+3
| | | | Signed-off-by: Julius Härtl <jus@bitgrid.net>
* Pin Psalm version for security analysisChristoph Wurst2021-09-032-2/+2
| | | | | | | The action will otherwise pull dev-master and this can break easily as we just experience. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Updating command-compile.yml workflow from templateNextcloud bot2021-08-061-30/+42
| | | | Signed-off-by: Nextcloud bot <bot@nextcloud.com>
* Updating command-rebase.yml workflow from templateNextcloud bot2021-08-021-6/+15
| | | | Signed-off-by: Nextcloud bot <bot@nextcloud.com>
* Update update-psalm-baseline.ymlJohn Molakvoæ2021-07-281-1/+1
|
* Add checkout tokenJohn Molakvoæ2021-07-281-0/+1
|
* Use COMMAND_BOT_PATJohn Molakvoæ2021-07-281-2/+2
|
* Update dependabot-approve-merge.ymlJohn Molakvoæ2021-07-271-5/+5
|
* Add command-compileJohn Molakvoæ2021-07-261-0/+105
|
* Add proper node testingJohn Molakvoæ (skjnldsv)2021-07-221-0/+91
| | | | Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
* Migrate to npm 7John Molakvoæ (skjnldsv)2021-07-223-82/+77
| | | | Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
* Add files via uploadJohn Molakvoæ2021-07-161-1/+9
|
* Updating dependabot-approve-merge.yml workflow from templateNextcloud bot2021-07-021-2/+2
| | | | Signed-off-by: Nextcloud bot <bot@nextcloud.com>
* Updating dependabot-approve-merge.yml workflow from templateNextcloud bot2021-06-291-3/+9
| | | | Signed-off-by: Nextcloud bot <bot@nextcloud.com>
* Updating command-rebase.yml workflow from templateskjnldsv2021-06-291-0/+9
| | | | Signed-off-by: GitHub <noreply@github.com>
* Merge pull request #27687 from nextcloud/szaimen-patch-1Lukas Reschke2021-06-281-0/+27
|\ | | | | Create rebase command
| * Create rebase commandszaimen2021-06-261-0/+27
| | | | | | Signed-off-by: szaimen <szaimen@e.mail.de>
* | Auto approve/merge also on stable branchesJulius Härtl2021-06-281-5/+7
|/ | | | Signed-off-by: Julius Härtl <jus@bitgrid.net>
* Update dependabot config tooJoas Schilling2021-06-241-6/+6
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Change reviewers of Psalm baseline updateMorris Jobke2021-06-161-1/+1
| | | | | Change reviewers from Roeland and Me to Julius and Louis Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* Fix nameJohn Molakvoæ2021-05-291-1/+1
|
* Add fixup.ymlJohn Molakvoæ2021-05-291-2/+1
|
* Fix psalm actionJohn Molakvoæ2021-05-281-3/+4
|
* Fix psalm actionJohn Molakvoæ2021-05-281-3/+4
|
* Add dependabot reviewer team and remove saturday for stable branchesJohn Molakvoæ2021-05-281-0/+16
| | | | Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
* Fix dependabot configJohn Molakvoæ2021-05-281-5/+7
|
* Add dependabot config with proper ignore for stable branchesJohn Molakvoæ (skjnldsv)2021-05-261-0/+149
| | | | Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
* Add ext-zip as platform dependencyChristoph Wurst2021-05-036-1/+8
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* FIx Oracle by testing on Ubuntu 20.04 until oci8.so is available for 21.04Joas Schilling2021-04-221-1/+1
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Typoacsfer2021-04-221-1/+1
|
* Redirect users to forum for questionsacsfer2021-04-221-3/+3
| | | Be more specific so more users will go directly to the forum instead using Github for non-bug reports.
* Add eslint testingJohn Molakvoæ (skjnldsv)2021-03-171-0/+22
| | | | Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
* Add funding infotobiasKaminsky2021-03-161-0/+1
| | | | Signed-off-by: tobiasKaminsky <tobias@kaminsky.me>
* Move fixup check to actionRoeland Jago Douma2021-03-071-0/+13
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Have psalm analysis directly on githubRoeland Jago Douma2021-02-101-0/+26
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Revert "Pin Psalm version to an older one"Roeland Jago Douma2021-02-021-1/+1
|
* Pin Psalm version to an older oneLukas Reschke2021-02-021-1/+1
| | | | | | Ref https://github.com/vimeo/psalm/issues/5144 Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* Merge pull request #24903 from nextcloud/enh/psalm-ocpRoeland Jago Douma2020-12-301-0/+25
|\ | | | | Add dedicated baseline for OCP
| * Add dedicated baseline for OCPRoeland Jago Douma2020-12-301-0/+25
| | | | | | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* | Cleanup bundle files before checking the rebuildJulius Härtl2020-12-291-0/+1
|/ | | | Signed-off-by: Julius Härtl <jus@bitgrid.net>
* jsunit: Run jsunit with chromium/puppeteer on github actionsJulius Härtl2020-12-291-0/+11
| | | | Signed-off-by: Julius Härtl <jus@bitgrid.net>
* Merge pull request #24246 from LukasReschke/add-taint-flow-analysisMorris Jobke2020-11-211-0/+26
|\ | | | | Add Psalm Security Analysis
| * Add Psalm Taint Flow AnalysisLukas Reschke2020-11-201-0/+26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This adds the Psalm Security Analysis, as described at https://psalm.dev/docs/security_analysis/ It also adds a plugin for adding input into AppFramework. The results can be viewed in the GitHub Security tab at https://github.com/nextcloud/server/security/code-scanning **Q&A:** Q: Why do you not use the shipped Psalm version? A: I do a lot of changes to the Psalm Taint behaviour. Using released versions is not gonna get us the results we want. Q: How do I improve false positives? A: https://psalm.dev/docs/security_analysis/avoiding_false_positives/ Q: How do I add custom sources? A: https://psalm.dev/docs/security_analysis/custom_taint_sources/ Q: We should run this on apps! A: Yes. Q: What will change in Psalm? A: Quite some of the PHP core functions are not yet marked to propagate the taint. This leads to results where the taint flow is lost. That's something that I am currently working on. Q: Why is the plugin MIT licensed? A: Because its the first of its kind (based on GitHub Code Search) and I want other people to copy it if they want to. Security is for all :) Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-04 16:32:30 +0000