dependabot[bot]
5507db8950
Bump VeryGoodOpenSource/very_good_coverage from 2.0.0 to 2.1.0
...
Bumps [VeryGoodOpenSource/very_good_coverage](https://github.com/VeryGoodOpenSource/very_good_coverage ) from 2.0.0 to 2.1.0.
- [Release notes](https://github.com/VeryGoodOpenSource/very_good_coverage/releases )
- [Changelog](https://github.com/VeryGoodOpenSource/very_good_coverage/blob/main/CHANGELOG.md )
- [Commits](https://github.com/VeryGoodOpenSource/very_good_coverage/compare/v2.0.0...v2.1.0 )
---
updated-dependencies:
- dependency-name: VeryGoodOpenSource/very_good_coverage
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-11-28 20:04:34 +00:00
dependabot[bot]
c9466c688b
Bump actions/dependency-review-action from 2 to 3
...
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) from 2 to 3.
- [Release notes](https://github.com/actions/dependency-review-action/releases )
- [Commits](https://github.com/actions/dependency-review-action/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: actions/dependency-review-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-11-14 20:04:55 +00:00
Lauri Ojansivu
e06390362b
Merge pull request #4720 from wekan/dependabot/github_actions/docker/build-push-action-3.2.0
...
Bump docker/build-push-action from 3.1.1 to 3.2.0
2022-10-17 23:37:43 +03:00
Lauri Ojansivu
88cb35e75c
Merge pull request #4719 from wekan/dependabot/github_actions/docker/metadata-action-4.1.1
...
Bump docker/metadata-action from 4.0.1 to 4.1.1
2022-10-17 23:36:51 +03:00
dependabot[bot]
4543fd73df
Bump docker/build-push-action from 3.1.1 to 3.2.0
...
Bumps [docker/build-push-action](https://github.com/docker/build-push-action ) from 3.1.1 to 3.2.0.
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](c84f382811...c56af95754
2022-10-17 20:21:41 +00:00
dependabot[bot]
4d47f6b80b
Bump docker/metadata-action from 4.0.1 to 4.1.1
...
Bumps [docker/metadata-action](https://github.com/docker/metadata-action ) from 4.0.1 to 4.1.1.
- [Release notes](https://github.com/docker/metadata-action/releases )
- [Commits](69f6fc9d46...57396166ad
2022-10-17 20:21:35 +00:00
dependabot[bot]
5f8f5f2892
Bump docker/login-action from 2.0.0 to 2.1.0
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 2.0.0 to 2.1.0.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](49ed152c8e...f4ef78c080
2022-10-17 20:21:32 +00:00
dependabot[bot]
d1dfffb4b2
Bump VeryGoodOpenSource/very_good_coverage from 1.2.1 to 2.0.0
...
Bumps [VeryGoodOpenSource/very_good_coverage](https://github.com/VeryGoodOpenSource/very_good_coverage ) from 1.2.1 to 2.0.0.
- [Release notes](https://github.com/VeryGoodOpenSource/very_good_coverage/releases )
- [Changelog](https://github.com/VeryGoodOpenSource/very_good_coverage/blob/main/CHANGELOG.md )
- [Commits](https://github.com/VeryGoodOpenSource/very_good_coverage/compare/v1.2.1...v2.0.0 )
---
updated-dependencies:
- dependency-name: VeryGoodOpenSource/very_good_coverage
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-10-10 20:32:20 +00:00
dependabot[bot]
1155cb8d68
Bump helm/chart-releaser-action from 1.4.0 to 1.4.1
...
Bumps [helm/chart-releaser-action](https://github.com/helm/chart-releaser-action ) from 1.4.0 to 1.4.1.
- [Release notes](https://github.com/helm/chart-releaser-action/releases )
- [Commits](https://github.com/helm/chart-releaser-action/compare/v1.4.0...v1.4.1 )
---
updated-dependencies:
- dependency-name: helm/chart-releaser-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-10-03 20:28:35 +00:00
Alex
81e847a153
build: harden GitHub Workflow permissions
...
Signed-off-by: Alex Low <aleksandrosansan@gmail.com>
2022-09-19 17:02:31 +02:00
Alex
834408c740
a new commit message
2022-09-19 17:00:13 +02:00
dependabot[bot]
3762768ed3
Bump docker/build-push-action from 3.1.0 to 3.1.1
...
Bumps [docker/build-push-action](https://github.com/docker/build-push-action ) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](1cb9d22b93...c84f382811
2022-08-08 20:25:06 +00:00
dependabot[bot]
72c44e703f
Bump docker/build-push-action from 3.0.0 to 3.1.0
...
Bumps [docker/build-push-action](https://github.com/docker/build-push-action ) from 3.0.0 to 3.1.0.
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](e551b19e49...1cb9d22b93
2022-07-25 20:54:30 +00:00
dependabot[bot]
b4c74b8d4c
Bump actions/dependency-review-action from 1 to 2
...
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) from 1 to 2.
- [Release notes](https://github.com/actions/dependency-review-action/releases )
- [Commits](https://github.com/actions/dependency-review-action/compare/v1...v2 )
---
updated-dependencies:
- dependency-name: actions/dependency-review-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-06-20 20:34:39 +00:00
Lauri Ojansivu
947692693c
Merge pull request #4552 from wekan/dependabot/github_actions/VeryGoodOpenSource/very_good_coverage-1.2.1
...
Bump VeryGoodOpenSource/very_good_coverage from 1.1.1 to 1.2.1
2022-06-07 00:37:24 +03:00
Lauri Ojansivu
0c8e812991
Merge pull request #4555 from wekan/dependabot/github_actions/helm/chart-releaser-action-1.4.0
...
Bump helm/chart-releaser-action from 1.1.0 to 1.4.0
2022-06-07 00:35:01 +03:00
Lauri Ojansivu
fb1742b149
Merge pull request #4554 from wekan/dependabot/github_actions/docker/build-push-action-3
...
Bump docker/build-push-action from 2.5.0 to 3
2022-06-07 00:34:37 +03:00
Lauri Ojansivu
054915031e
Merge pull request #4553 from wekan/dependabot/github_actions/actions/download-artifact-3
...
Bump actions/download-artifact from 2 to 3
2022-06-07 00:34:19 +03:00
dependabot[bot]
63e0597c68
Bump actions/upload-artifact from 2 to 3
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 2 to 3.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](https://github.com/actions/upload-artifact/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-06-06 20:20:26 +00:00
dependabot[bot]
c71cedf9f4
Bump helm/chart-releaser-action from 1.1.0 to 1.4.0
...
Bumps [helm/chart-releaser-action](https://github.com/helm/chart-releaser-action ) from 1.1.0 to 1.4.0.
- [Release notes](https://github.com/helm/chart-releaser-action/releases )
- [Commits](https://github.com/helm/chart-releaser-action/compare/v1.1.0...v1.4.0 )
---
updated-dependencies:
- dependency-name: helm/chart-releaser-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-06-06 20:20:23 +00:00
dependabot[bot]
f6ee321d0f
Bump docker/build-push-action from 2.5.0 to 3
...
Bumps [docker/build-push-action](https://github.com/docker/build-push-action ) from 2.5.0 to 3.
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](ad44023a93...e551b19e49
2022-06-06 20:20:19 +00:00
dependabot[bot]
2a24720fad
Bump actions/download-artifact from 2 to 3
...
Bumps [actions/download-artifact](https://github.com/actions/download-artifact ) from 2 to 3.
- [Release notes](https://github.com/actions/download-artifact/releases )
- [Commits](https://github.com/actions/download-artifact/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: actions/download-artifact
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-06-06 20:20:14 +00:00
dependabot[bot]
a7fd512124
Bump VeryGoodOpenSource/very_good_coverage from 1.1.1 to 1.2.1
...
Bumps [VeryGoodOpenSource/very_good_coverage](https://github.com/VeryGoodOpenSource/very_good_coverage ) from 1.1.1 to 1.2.1.
- [Release notes](https://github.com/VeryGoodOpenSource/very_good_coverage/releases )
- [Changelog](https://github.com/VeryGoodOpenSource/very_good_coverage/blob/main/CHANGELOG.md )
- [Commits](https://github.com/VeryGoodOpenSource/very_good_coverage/compare/v1.1.1...v1.2.1 )
---
updated-dependencies:
- dependency-name: VeryGoodOpenSource/very_good_coverage
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-06-06 20:20:09 +00:00
Lauri Ojansivu
0d7d38b358
Merge pull request #4543 from turrisxyz/Dependency-GitHub
2022-06-02 05:51:49 +03:00
naveen
680770a7df
chore(deps): Included dependency review
...
> Dependency Review GitHub Action in your repository to enforce dependency
> reviews on your pull requests.
> The action scans for vulnerable versions of dependencies introduced by package version
> changes in pull requests,
> and warns you about the associated security vulnerabilities.
> This gives you better visibility of what's changing in a pull request,
> and helps prevent vulnerabilities being added to your repository.
https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review#dependency-review-enforcement
Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
2022-06-01 23:35:00 +00:00
Lauri Ojansivu
14c3432896
Merge pull request #4539 from wekan/dependabot/github_actions/github/codeql-action-2
...
Bump github/codeql-action from 1 to 2
2022-05-31 05:17:43 +03:00
dependabot[bot]
1ed2c3b45a
Bump docker/login-action from 1.9.0 to 2
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 1.9.0 to 2.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](28218f9b04...49ed152c8e
2022-05-31 02:16:56 +00:00
Lauri Ojansivu
81f74f4db6
Merge pull request #4536 from wekan/dependabot/github_actions/docker/metadata-action-4.0.1
...
Bump docker/metadata-action from 3.3.0 to 4.0.1
2022-05-31 05:16:33 +03:00
Lauri Ojansivu
b5bc07d2e7
Merge pull request #4535 from wekan/dependabot/github_actions/actions/checkout-3
...
Bump actions/checkout from 2 to 3
2022-05-31 05:15:57 +03:00
dependabot[bot]
d5247daf8a
Bump github/codeql-action from 1 to 2
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 1 to 2.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v1...v2 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-05-31 02:12:27 +00:00
dependabot[bot]
9ff87d189f
Bump actions/cache from 2 to 3
...
Bumps [actions/cache](https://github.com/actions/cache ) from 2 to 3.
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](https://github.com/actions/cache/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: actions/cache
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-05-31 02:12:24 +00:00
dependabot[bot]
2d36116823
Bump docker/metadata-action from 3.3.0 to 4.0.1
...
Bumps [docker/metadata-action](https://github.com/docker/metadata-action ) from 3.3.0 to 4.0.1.
- [Release notes](https://github.com/docker/metadata-action/releases )
- [Upgrade guide](https://github.com/docker/metadata-action/blob/master/UPGRADE.md )
- [Commits](98669ae865...69f6fc9d46
2022-05-31 02:12:17 +00:00
dependabot[bot]
9f0b9b29a5
Bump actions/checkout from 2 to 3
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-05-31 02:12:13 +00:00
Lauri Ojansivu
1d7e08390c
Merge pull request #4534 from turrisxyz/Dependabot-GitHub-Actions
...
chore: Included githubactions in the dependabot config
2022-05-31 05:11:48 +03:00
naveen
bbffa2eb6b
chore: Included githubactions in the dependabot config
...
This should help with keeping the GitHub actions updated on new releases. This will also help with keeping it secure.
Dependabot helps in keeping the supply chain secure https://docs.github.com/en/code-security/dependabot
GitHub actions up to date https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot
https://github.com/ossf/scorecard/blob/main/docs/checks.md#dependency-update-tool
Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
2022-05-31 01:40:38 +00:00
neilnaveen
355b358fe2
chore: Set permissions for GitHub actions
...
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.
- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ )
Signed-off-by: neilnaveen <42328488+neilnaveen@users.noreply.github.com>
2022-05-30 01:09:08 +00:00
Lauri Ojansivu
62efb67d06
Fix typo in tests.
2022-01-30 01:32:52 +02:00
Janek
021def818f
Update ISSUE_TEMPLATE.md
...
Use comments and rephrase
2022-01-17 15:45:19 +01:00
Lauri Ojansivu
7cc35970a8
Update GitHub issue template. Part 2.
2021-10-29 03:27:15 +03:00
Lauri Ojansivu
46a5eec7d2
Add info about upgrades to GitHub issue template.
...
Thanks to xet7 !
2021-10-29 03:16:26 +03:00
Lauri Ojansivu
b12312f998
Create release.yml
2021-10-12 23:58:35 +03:00
Lauri Ojansivu
70ba1eca78
Create docker-publish.yml
2021-09-18 20:46:00 +03:00
Lauri Ojansivu
e925877ae4
Delete not working workflow
2021-09-18 20:44:25 +03:00
Lauri Ojansivu
0e7cc1ef87
Create docker-publish.yml
2021-09-18 20:41:43 +03:00
Lauri Ojansivu
f18a57b059
Note: With Docker, please don't use latest tag. Only use release tags.
...
See https://github.com/wekan/wekan/issues/3874
Thanks to xet7 !
2021-06-25 00:07:27 +03:00
Lauri Ojansivu
78555f57a7
Try to fix tests.
...
Thanks to xet7 !
2021-06-24 22:52:53 +03:00
Jan Küster
6387d32c2f
ci fix script name
2021-06-23 12:25:02 +02:00
Jan Küster
4d9ba8d73b
tests ci added
2021-06-23 11:52:34 +02:00
Lauri Ojansivu
ea64b17b82
Reworded issue template about can not login.
...
Thanks to xet7 !
2021-05-16 13:34:49 +03:00
Lauri Ojansivu
6d0578fd5a
Added Forgot Password page to GitHub issue template.
...
Thanks to xet7 !
2021-05-16 13:27:56 +03:00
