libretic/etherpad-lite
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
7949 commits 2 branches 0 tags 24 MiB
Commit graph

14 commits

Author SHA1 Message Date
naveen
2929a3c0bd chore: Set permissions for GitHub actions 
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.

- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)

Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
 2022-05-02 20:48:01 -04:00
Richard Hansen
a6b969c811 ci: Bump actions/checkout to v3 2022-03-01 17:17:16 -05:00
dependabot[bot]
90d1ae87a7 build(deps): bump actions/setup-node from 2 to 3 
Bumps [actions/setup-node](https://github.com/actions/setup-node) from 2 to 3.
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/setup-node
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-02-25 23:51:38 -05:00
Richard Hansen
43aa1e4aeb ci: Reformat .yml files for readability 2022-01-28 01:39:45 -05:00
Richard Hansen
63a02ec5fa ci: Enable caching 2022-01-27 22:40:38 -05:00
John McLear
35ae08ca77
tests: run a long(1+ hr) load test 2021-02-28 16:05:16 +00:00
Richard Hansen
6198e92706 tests: Pass --legacy-peer-deps flag to work around npm v7 bug 
This flag is unknown to npm v6, but npm v6 silently ignores unknown
flags.
 2021-02-22 03:36:12 -05:00
Richard Hansen
6163339c0d plugins: Always install plugins with --no-save 
The npm CLI can get confused if `package.json` or `package-lock.json`
exist.
 2021-02-18 19:18:59 +00:00
Richard Hansen
87341af429 GitHub workflows: Install Node.js v12 
I'm not sure how these tests ever worked. I guess some version of
Node.js and npm come pre-installed on the ubuntu-latest images?

I would have prefered to use Node.js v10 because that is our current
minimum supported version, but we have a surprising number of tests
that don't work on Node.js v10 (mostly due to `assert.match()`, which
was added in Node.js v12).
 2021-02-09 22:18:35 +00:00
Richard Hansen
8b28e00784 restructure: Prefix bin/ and tests/ with src/ 
This is a follow-up to commit
2ea8ea1275.
 2021-02-05 21:52:08 +00:00
Richard Hansen
f7b1133600 GitHub workflows: Install Etherpad deps after installing plugins 2021-01-23 18:14:01 -05:00
Richard Hansen
e32a623468 GitHub workflows: Synchronize plugin lists 2021-01-23 18:12:57 -05:00
Richard Hansen
57be60d1d4 GitHub workflows: Break list of plugins across multiple lines 
This makes it easier to review changes to the list.
 2021-01-23 18:12:49 -05:00
webzwo0i
b71b606774
tests: Switch from Travis to Github Actions 
Travis placed an unnecessary breaking restriction on our tests and failed to respond within 72 hours to our complaint.  This has forced us to introduce Github Actions to manage our testing.  This is hopefully a temporary measure while Travis either gets itself together or we find a non-Github requirement.
 2020-11-24 18:12:41 +00:00