Andreas/wekan
1
0
Fork 0
mirror of https://github.com/wekan/wekan.git synced 2025-12-24 11:20:13 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 5
9287 commits 2 branches 844 tags 126 MiB
Commit graph

60 commits

Author SHA1 Message Date
dependabot[bot]
72c44e703f
Bump docker/build-push-action from 3.0.0 to 3.1.0 
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 3.0.0 to 3.1.0.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](e551b19e49...1cb9d22b93)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-07-25 20:54:30 +00:00
dependabot[bot]
b4c74b8d4c
Bump actions/dependency-review-action from 1 to 2 
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 1 to 2.
- [Release notes](https://github.com/actions/dependency-review-action/releases)
- [Commits](https://github.com/actions/dependency-review-action/compare/v1...v2)

---
updated-dependencies:
- dependency-name: actions/dependency-review-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-06-20 20:34:39 +00:00
Lauri Ojansivu
947692693c
Merge pull request #4552 from wekan/dependabot/github_actions/VeryGoodOpenSource/very_good_coverage-1.2.1 
Bump VeryGoodOpenSource/very_good_coverage from 1.1.1 to 1.2.1
 2022-06-07 00:37:24 +03:00
Lauri Ojansivu
0c8e812991
Merge pull request #4555 from wekan/dependabot/github_actions/helm/chart-releaser-action-1.4.0 
Bump helm/chart-releaser-action from 1.1.0 to 1.4.0
 2022-06-07 00:35:01 +03:00
Lauri Ojansivu
fb1742b149
Merge pull request #4554 from wekan/dependabot/github_actions/docker/build-push-action-3 
Bump docker/build-push-action from 2.5.0 to 3
 2022-06-07 00:34:37 +03:00
Lauri Ojansivu
054915031e
Merge pull request #4553 from wekan/dependabot/github_actions/actions/download-artifact-3 
Bump actions/download-artifact from 2 to 3
 2022-06-07 00:34:19 +03:00
dependabot[bot]
63e0597c68
Bump actions/upload-artifact from 2 to 3 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 2 to 3.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-06-06 20:20:26 +00:00
dependabot[bot]
c71cedf9f4
Bump helm/chart-releaser-action from 1.1.0 to 1.4.0 
Bumps [helm/chart-releaser-action](https://github.com/helm/chart-releaser-action) from 1.1.0 to 1.4.0.
- [Release notes](https://github.com/helm/chart-releaser-action/releases)
- [Commits](https://github.com/helm/chart-releaser-action/compare/v1.1.0...v1.4.0)

---
updated-dependencies:
- dependency-name: helm/chart-releaser-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-06-06 20:20:23 +00:00
dependabot[bot]
f6ee321d0f
Bump docker/build-push-action from 2.5.0 to 3 
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 2.5.0 to 3.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](ad44023a93...e551b19e49)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-06-06 20:20:19 +00:00
dependabot[bot]
2a24720fad
Bump actions/download-artifact from 2 to 3 
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 2 to 3.
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](https://github.com/actions/download-artifact/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/download-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-06-06 20:20:14 +00:00
dependabot[bot]
a7fd512124
Bump VeryGoodOpenSource/very_good_coverage from 1.1.1 to 1.2.1 
Bumps [VeryGoodOpenSource/very_good_coverage](https://github.com/VeryGoodOpenSource/very_good_coverage) from 1.1.1 to 1.2.1.
- [Release notes](https://github.com/VeryGoodOpenSource/very_good_coverage/releases)
- [Changelog](https://github.com/VeryGoodOpenSource/very_good_coverage/blob/main/CHANGELOG.md)
- [Commits](https://github.com/VeryGoodOpenSource/very_good_coverage/compare/v1.1.1...v1.2.1)

---
updated-dependencies:
- dependency-name: VeryGoodOpenSource/very_good_coverage
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-06-06 20:20:09 +00:00
Lauri Ojansivu
0d7d38b358
Merge pull request #4543 from turrisxyz/Dependency-GitHub 2022-06-02 05:51:49 +03:00
naveen
680770a7df chore(deps): Included dependency review 
> Dependency Review GitHub Action in your repository to enforce dependency
> reviews on your pull requests.
> The action scans for vulnerable versions of dependencies introduced by package version
> changes in pull requests,
> and warns you about the associated security vulnerabilities.
> This gives you better visibility of what's changing in a pull request,
> and helps prevent vulnerabilities being added to your repository.

https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review#dependency-review-enforcement
Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
 2022-06-01 23:35:00 +00:00
Lauri Ojansivu
14c3432896
Merge pull request #4539 from wekan/dependabot/github_actions/github/codeql-action-2 
Bump github/codeql-action from 1 to 2
 2022-05-31 05:17:43 +03:00
dependabot[bot]
1ed2c3b45a
Bump docker/login-action from 1.9.0 to 2 
Bumps [docker/login-action](https://github.com/docker/login-action) from 1.9.0 to 2.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](28218f9b04...49ed152c8e)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-31 02:16:56 +00:00
Lauri Ojansivu
81f74f4db6
Merge pull request #4536 from wekan/dependabot/github_actions/docker/metadata-action-4.0.1 
Bump docker/metadata-action from 3.3.0 to 4.0.1
 2022-05-31 05:16:33 +03:00
Lauri Ojansivu
b5bc07d2e7
Merge pull request #4535 from wekan/dependabot/github_actions/actions/checkout-3 
Bump actions/checkout from 2 to 3
 2022-05-31 05:15:57 +03:00
dependabot[bot]
d5247daf8a
Bump github/codeql-action from 1 to 2 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 1 to 2.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v1...v2)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-31 02:12:27 +00:00
dependabot[bot]
9ff87d189f
Bump actions/cache from 2 to 3 
Bumps [actions/cache](https://github.com/actions/cache) from 2 to 3.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-31 02:12:24 +00:00
dependabot[bot]
2d36116823
Bump docker/metadata-action from 3.3.0 to 4.0.1 
Bumps [docker/metadata-action](https://github.com/docker/metadata-action) from 3.3.0 to 4.0.1.
- [Release notes](https://github.com/docker/metadata-action/releases)
- [Upgrade guide](https://github.com/docker/metadata-action/blob/master/UPGRADE.md)
- [Commits](98669ae865...69f6fc9d46)

---
updated-dependencies:
- dependency-name: docker/metadata-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-31 02:12:17 +00:00
dependabot[bot]
9f0b9b29a5
Bump actions/checkout from 2 to 3 
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-31 02:12:13 +00:00
Lauri Ojansivu
1d7e08390c
Merge pull request #4534 from turrisxyz/Dependabot-GitHub-Actions 
chore: Included githubactions in the dependabot config
 2022-05-31 05:11:48 +03:00
naveen
bbffa2eb6b chore: Included githubactions in the dependabot config 
This should help with keeping the GitHub actions updated on new releases. This will also help with keeping it secure.

Dependabot helps in keeping the supply chain secure https://docs.github.com/en/code-security/dependabot

GitHub actions up to date https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot

https://github.com/ossf/scorecard/blob/main/docs/checks.md#dependency-update-tool
Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
 2022-05-31 01:40:38 +00:00
neilnaveen
355b358fe2 chore: Set permissions for GitHub actions 
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.

- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)

Signed-off-by: neilnaveen <42328488+neilnaveen@users.noreply.github.com>
 2022-05-30 01:09:08 +00:00
Lauri Ojansivu
62efb67d06 Fix typo in tests. 2022-01-30 01:32:52 +02:00
Janek
021def818f
Update ISSUE_TEMPLATE.md 
Use comments and rephrase
 2022-01-17 15:45:19 +01:00
Lauri Ojansivu
7cc35970a8 Update GitHub issue template. Part 2. 2021-10-29 03:27:15 +03:00
Lauri Ojansivu
46a5eec7d2 Add info about upgrades to GitHub issue template. 
Thanks to xet7 !
 2021-10-29 03:16:26 +03:00
Lauri Ojansivu
b12312f998
Create release.yml 2021-10-12 23:58:35 +03:00
Lauri Ojansivu
70ba1eca78
Create docker-publish.yml 2021-09-18 20:46:00 +03:00
Lauri Ojansivu
e925877ae4 Delete not working workflow 2021-09-18 20:44:25 +03:00
Lauri Ojansivu
0e7cc1ef87
Create docker-publish.yml 2021-09-18 20:41:43 +03:00
Lauri Ojansivu
f18a57b059 Note: With Docker, please don't use latest tag. Only use release tags. 
See https://github.com/wekan/wekan/issues/3874

Thanks to xet7 !
 2021-06-25 00:07:27 +03:00
Lauri Ojansivu
78555f57a7 Try to fix tests. 
Thanks to xet7 !
 2021-06-24 22:52:53 +03:00
Jan Küster
6387d32c2f
ci fix script name 2021-06-23 12:25:02 +02:00
Jan Küster
4d9ba8d73b
tests ci added 2021-06-23 11:52:34 +02:00
Lauri Ojansivu
ea64b17b82 Reworded issue template about can not login. 
Thanks to xet7 !
 2021-05-16 13:34:49 +03:00
Lauri Ojansivu
6d0578fd5a Added Forgot Password page to GitHub issue template. 
Thanks to xet7 !
 2021-05-16 13:27:56 +03:00
Lauri Ojansivu
5dd6466c0a Removed not working GitHub workflow. 
Thanks to xet7 !
 2021-05-10 20:26:23 +03:00
Lauri Ojansivu
dfb563a330 Add link to issue template about email settings. 2021-03-03 15:18:04 +02:00
Lauri Ojansivu
c23aca78ba Updated GitHub issue template links. 
Thanks to atlantsecurity and xet7 !

Related #3598
 2021-02-24 17:01:53 +02:00
Lauri Ojansivu
b9405bfb64
Update owasp-zap-scan.yml 2021-02-22 19:07:15 +02:00
Lauri Ojansivu
5d8856a1c7
Update owasp-zap-scan.yml 2021-02-22 19:04:16 +02:00
Lauri Ojansivu
5073c0e9ad
Create owasp-zap-scan.yml 
https://github.com/marketplace/actions/owasp-zap-baseline-scan
 2021-02-22 18:43:24 +02:00
Lauri Ojansivu
df35683043
Create codeql-analysis.yml 2020-09-03 19:32:02 +03:00
Lauri Ojansivu
5724674e73 Add more issue repo links to GitHub issue template. 2020-01-08 22:09:08 +02:00
Lauri Ojansivu
8670561f78
Create dockerimage.yml 2019-12-05 10:31:32 +02:00
Lauri Ojansivu
a0e5737e4c Anonymize data please. 2019-09-12 10:18:53 +03:00
Lauri Ojansivu
126ab58e03
Create FUNDING.yml 2019-09-11 03:05:45 +03:00
Lauri Ojansivu
2c78aab3dc Ask for webbrowser version at GitHub issue template. 
Thanks to xet7 !
 2019-08-22 23:25:56 +03:00