Infra-Mirrors/PrivateBin
1
0
Fork 0
mirror of https://github.com/PrivateBin/PrivateBin.git synced 2024-10-01 01:26:10 -04:00
Code Issues Packages Projects Releases Wiki Activity
3,334 Commits 10 Branches 31 Tags 25 MiB
ee3b5ec08a
Commit Graph

146 Commits

Author SHA1 Message Date
rugk
9df90ece78
Merge branch 'experimental-8.4' into test-improvments 2024-05-05 18:27:08 +02:00
rugk
4ff9dea9cf
ci: try fixing intendation 2024-05-05 15:10:00 +02:00
rugk
6144caae85
ci: fix test results publishing being a totally separate action 2024-05-05 15:01:47 +02:00
rugk
33df5fbd2f
Actually make tests continue on experimental builds 2024-05-04 16:02:31 +02:00
rugk
1d6a14ba14
Switch to better artifact download action 2024-05-04 13:29:58 +02:00
rugk
93f59d6456
Upload and use event file, too, for test runs 
To support forked repos: https://github.com/marketplace/actions/publish-test-results#support-fork-repositories-and-dependabot-branches

**NOTE:** Do _not_ use with `pull_request_target` as that causes issues!
 2024-05-04 13:21:57 +02:00
rugk
00fca44986
Fix npm syntax 2024-05-04 13:14:25 +02:00
rugk
f92edf0026
Run mocha tests properly 2024-05-04 13:13:22 +02:00
rugk
91957838be
Add upload test results job 
As per https://github.com/marketplace/actions/publish-test-results#use-with-matrix-strategy only one job should upload all results.
 2024-05-04 13:07:53 +02:00
rugk
04822aa643
Actually make tests continue on experimental builds 2024-05-04 12:40:44 +02:00
rugk
55dec46cf4
Mark PHP v8.4 tests as experimental 
As per this doc: https://docs.github.com/en/actions/using-jobs/using-a-matrix-for-your-jobs#handling-failures

Workaround for https://github.com/PrivateBin/PrivateBin/issues/1301 for now. I hope this ignores failures?
 2024-05-04 12:16:37 +02:00
El RIDO
baf8c4a11d tolerate test failures in the PHP development release 
at this time, guzzle, dependency of google cloud storage library, raises deprecation warnings in PHP 8.4, which caused the tests to be considered failed
 2024-05-04 08:58:20 +02:00
dependabot[bot]
ad19f8cfe6
Bump slsa-framework/slsa-github-generator from 1.10.0 to 2.0.0 
Bumps [slsa-framework/slsa-github-generator](https://github.com/slsa-framework/slsa-github-generator) from 1.10.0 to 2.0.0.
- [Release notes](https://github.com/slsa-framework/slsa-github-generator/releases)
- [Changelog](https://github.com/slsa-framework/slsa-github-generator/blob/main/CHANGELOG.md)
- [Commits](https://github.com/slsa-framework/slsa-github-generator/compare/v1.10.0...v2.0.0)

---
updated-dependencies:
- dependency-name: slsa-framework/slsa-github-generator
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-04-23 11:43:14 +00:00
dependabot[bot]
383dbf1c79
Bump slsa-framework/slsa-github-generator from 1.9.0 to 1.10.0 
Bumps [slsa-framework/slsa-github-generator](https://github.com/slsa-framework/slsa-github-generator) from 1.9.0 to 1.10.0.
- [Release notes](https://github.com/slsa-framework/slsa-github-generator/releases)
- [Changelog](https://github.com/slsa-framework/slsa-github-generator/blob/main/CHANGELOG.md)
- [Commits](https://github.com/slsa-framework/slsa-github-generator/compare/v1.9.0...v1.10.0)

---
updated-dependencies:
- dependency-name: slsa-framework/slsa-github-generator
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-03-21 11:46:25 +00:00
dependabot[bot]
ba25ab8fa9
Bump actions/cache from 3 to 4 
Bumps [actions/cache](https://github.com/actions/cache) from 3 to 4.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-01-18 11:21:35 +00:00
dependabot[bot]
03e3e4fa06
Bump github/codeql-action from 2 to 3 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2 to 3.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-14 11:52:46 +00:00
El RIDO
826444bef7
fix shasum in release pipeline, hope this fixes #1169 2023-12-09 10:50:49 +01:00
El RIDO
8d97569de0
enable testing on PHP 8.3 and 8.4 
at this time both are still installed out of nightly builds, though 8.3
got released last week, see:
https://github.com/shivammathur/setup-php#tada-php-support
 2023-11-26 09:54:28 +01:00
rugk
b9d74ecd35
Use Node20 for tests 
A try following https://github.com/PrivateBin/PrivateBin/pull/1189#pullrequestreview-1695447526
 2023-10-24 19:03:47 +02:00
dependabot[bot]
9114ca00bf
Bump actions/setup-node from 3 to 4 
Bumps [actions/setup-node](https://github.com/actions/setup-node) from 3 to 4.
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/setup-node
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-24 11:05:40 +00:00
dependabot[bot]
58f919ecdd
Bump actions/checkout from 3 to 4 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-22 11:33:49 +00:00
El RIDO
ad50950b3c
Extract latest changelog entry and attach it to draft 2023-09-18 20:50:14 +02:00
El RIDO
73c13af10d
add workflow attaching SLSA provinence to draft release 2023-09-18 20:47:16 +02:00
rugk
db2d8f1598
Also add FAQ sectiontick box requirement for bug template 
It's apparently not enough to have in the Q/A, best is we have it here to.

The next step would be converting that into the same form like the QA template. After all, it may mostly just be copy paste as it is nearly identical but well…
 2023-09-14 00:02:01 +02:00
rugk
168fb46767
Fix error message about QA template 
GitHub complains:
> title must be of type String and cannot be empty. Learn more about this error.

Well then… as we don't want to provide a default title (see https://github.com/PrivateBin/PrivateBin/pull/1155) let's remove it.
 2023-09-13 23:56:35 +02:00
dependabot[bot]
5bd2eb97e6
Bump actions/checkout from 3 to 4 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-05 11:13:01 +00:00
R4SAS
617b421d8f
Fix comment in bug report issue template 2023-09-03 19:30:32 +03:00
rugk
876a59cedc
Apprently GitHub 
Apparently GitHub now adds a security policy button by default (this is new, is not it?)?
Also they have a policy report form behind that button. So reports can apparently now be made online at GitHub? (IMHO that is fine, just need to be aware of that)

As such, IMHO two buttons would be confusing, so let's remove our custom one here?
 2023-08-28 18:49:27 +02:00
rugk
1470b0cb9c
QA tenplate: remove prefilled title 
Let's remove that.

1. With label and A&A category we have more than enough options for filtering such requests.
2. Actually, as you can see in https://github.com/orgs/PrivateBin/discussions/1152, as it is a required field, but already filled out… we want them to write proper titles.
 2023-08-24 22:14:15 +02:00
rugk
61457c46c0
doc: link FAQ in option too 
The doc says MD is supported for that here, too.
 2023-08-24 21:35:42 +02:00
rugk
11fd21f8a8
doc: improve wording/grammar 2023-08-24 21:32:42 +02:00
rugk
906c115a97
Make QA template more strict and helpful 
1. Require to fill out STRs.
2. Add more fields for client stuff, i.e. web browser and OS.
3. Add more placeholders and descriptions to guide users.
4. Adjust the reproducibility thing to be more clear. I.e. before the result was sth. like "Issue reproducibility: Yes" - this could be confused with "Is it always reproducible? Yes", and not "It is reproducible on our test instance."
 2023-08-24 21:30:25 +02:00
El RIDO
5047e6c550
Merge pull request #1149 from PrivateBin/delete-shifleft 
Delete shiftleft-analysis.yml
 2023-08-18 06:33:12 +02:00
R4SAS
1c42576575
[GH] update discussion q-a template (#1143) 2023-08-17 03:05:39 +03:00
El RIDO
81ae359dfc
Delete shiftleft-analysis.yml 
Development on this stopped in 2021 and apart from the (false positive) secret scan, dev suggests CodeQL replaces it, feature wise: https://github.com/ShiftLeftSecurity/sast-scan/issues/352
 2023-08-17 00:00:30 +02:00
El RIDO
ad35c30d45
Update q-a.yml, one more try 
body[12]: options must not include booleans. Please wrap values such as 'yes', and 'true' in quotes.
 2023-08-16 23:14:07 +02:00
R4SAS
7f28e8cc0c
Update discussion template 
Try to fix #1143.
 2023-08-16 23:21:46 +03:00
El RIDO
0e582e8934 fix syntax, standardize form attributes 
radio buttons are not supported, checkboxes would allow selecting
multiple things, so dropdown it is
 2023-08-11 20:53:06 +02:00
El RIDO
e89593b4fc comment fix, kudos @r4sas 2023-08-11 20:51:12 +02:00
rugk
1bb23ef9ca
Remove markdown from issue selector 
Was worth a try, but apparently markdown is not supported there.
 2023-08-09 23:11:35 +02:00
rugk
991ec6ca22
Fix potential syntax error in YAML 
Likely that online VSCode did a stupid line wrapping here, let's see whether that works.
 2023-08-09 18:19:33 +02:00
El RIDO
e83f51b547
Merge pull request #1138 from PrivateBin/dependabot/github_actions/github/codeql-action-2 
Bump github/codeql-action from 1 to 2
 2023-08-08 20:19:02 +02:00
dependabot[bot]
cbff1c8488
Bump github/codeql-action from 1 to 2 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 1 to 2.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v1...v2)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-08 11:13:15 +00:00
dependabot[bot]
5f71c9de10
Bump actions/checkout from 2 to 3 
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-08 11:13:08 +00:00
El RIDO
4796c7ff02
Merge pull request #807 from PrivateBin/siftleft-scan 
Add Shiftleft scan
 2023-08-07 20:46:43 +02:00
rugk
a22b96b7fc
style: fix typo 2023-08-07 20:02:36 +02:00
rugk
204d1756c9 refactor: redirect support questions to discussions including form + more links 
Discussions apparently onyl support forms see,
so I quickly used ChatGPT to convert the Markdown file into the YAMl format
and after telling the format it seems to have done that in a good eay:
https://chat.openai.com/share/99718495-28d0-4382-ab5e-6a4a733c1ccb

(maybe GitHub introduced that after end of 2021 hehe, so the LLM could not know that)
 2023-08-07 17:59:07 +00:00
rugk
8deb68c2da chore: remove old issue template 2023-08-07 17:26:26 +00:00
rugk
1a37f7b865
Update and create new issue templates for better ctageorisation 
[128 of 600 issues are just questions and support and this is getting out of hand IMHO](https://github.com/PrivateBin/PrivateBin/issues?q=is%3Aissue+is%3Aopen+label%3Aquestion%2Fsupport), so I thought we need to do something while of course IMHO keeping support in some sense that is vital to an open-source project.

Anyway, this here now:
* Converts the "one and only issue template" to multiple ones with the new GitHub way, see https://docs.github.com/en/communities/using-templates-to-encourage-useful-issues-and-pull-requests/
  Note this uses mostly the templates they have, modifies them to use proper headers (sorry but I don't get why they always want to use **bold text** as headers, when you have real markdown headings) and adjusts/ports the
* We could use even more elaborate issue forms, but that  was too much for me to do now and is also beta, so maybe when they have a visual editor for that or so 😉 https://docs.github.com/en/communities/using-templates-to-encourage-useful-issues-and-pull-requests/configuring-issue-templates-for-your-repository#creating-issue-forms

The aim:
* is to get support requests and stuff directly sorted and tagged, so they are out the way
* is to nudge people to improve the quality of issues/reports by providing a more useful template or their use case
* is to redirect people to the appropriate resource (give me a moment)
 2023-08-07 19:24:13 +02:00
El RIDO
ecf100551d document change, raise minimum PHP version to 7.3, remove branch refresh 2023-07-23 10:04:57 +02:00