Erik Michelson
313b823cbf
chore(deps): upgrade cypress browsers image
...
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2024-11-12 20:58:09 +01:00
renovate[bot]
0217f68fc7
chore(deps): update actions/upload-artifact digest to 3eadd8b
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-09-26 16:50:09 +00:00
renovate[bot]
3958fdab71
chore(deps): update actions/setup-node action to v4.0.4
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-09-26 16:49:18 +00:00
renovate[bot]
783cd1c8b5
chore(deps): update docker/build-push-action action to v6
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-31 18:12:25 +02:00
renovate[bot]
e1c5332bec
chore(deps): update fsfe/reuse docker tag to v4
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-31 18:04:12 +02:00
Philip Molares
03a388c6f9
fix: turbo filter commands
...
turbo now wants you to specify the whole name and not just part of the name.
See: https://github.com/vercel/turborepo/pull/8137
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2024-08-31 12:53:53 +02:00
renovate[bot]
e10a7f885a
chore(deps): update actions/upload-artifact action to v4.4.0
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-31 10:16:03 +02:00
renovate[bot]
e3697b3a30
chore(deps): update github/codeql-action action to v3.26.6
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-30 09:42:18 +00:00
renovate[bot]
986d9aa4d6
chore(deps): update actions/upload-artifact digest to 5076954
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-30 09:37:35 +00:00
renovate[bot]
846368304c
chore(deps): update mariadb docker tag to v11.5.2
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-29 12:59:49 +02:00
renovate[bot]
5d60abb5d5
chore(deps): update postgres docker tag to v16.4
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-29 12:59:11 +02:00
renovate[bot]
b38dbece19
chore(deps): update docker/build-push-action action to v5.4.0
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-29 12:01:11 +02:00
renovate[bot]
6c7dcb8954
chore(deps): update docker/login-action action to v3.3.0
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-29 12:00:46 +02:00
renovate[bot]
d00d7d4bd8
chore(deps): update docker/setup-buildx-action action to v3.6.1
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-29 12:00:21 +02:00
renovate[bot]
589ab5ddc5
chore(deps): update docker/setup-qemu-action action to v3.2.0
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-29 11:59:51 +02:00
renovate[bot]
ec2aaa86f7
chore(deps): update codecov/codecov-action action to v4.5.0
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-29 11:59:18 +02:00
renovate[bot]
0da6b21186
chore(deps): update github/codeql-action action to v3.26.5
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-29 11:58:45 +02:00
renovate[bot]
bc6688a83f
chore(deps): update ossf/scorecard-action action to v2.4.0
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-29 11:58:22 +02:00
renovate[bot]
0455632c46
chore(deps): update mariadb docker tag to v11.2.5
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-29 10:43:54 +02:00
renovate[bot]
954a384d65
chore(deps): update ossf/scorecard-action action to v2.3.3
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-29 07:16:00 +00:00
renovate[bot]
51bc6cc33f
chore(deps): update github/codeql-action action to v3.24.11
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-29 05:21:34 +00:00
renovate[bot]
c8c7715287
chore(deps): update fsfe/reuse docker tag to v3.0.2
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-29 05:20:45 +00:00
renovate[bot]
e242d5ccf3
chore(deps): update codecov/codecov-action action to v4.0.2
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-28 22:37:08 +00:00
renovate[bot]
95748d1370
chore(deps): update actions/upload-artifact action to v4.3.6
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-28 22:31:20 +00:00
renovate[bot]
5e236e4906
chore(deps): update actions/setup-node action to v4.0.3
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-28 22:30:51 +00:00
renovate[bot]
b65c8c1ff5
chore(deps): update actions/checkout action to v4.1.7
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-28 22:29:42 +00:00
renovate[bot]
9b64471554
chore(deps): update actions/checkout digest to 692973e
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-28 22:25:07 +00:00
renovate[bot]
52944840c1
chore(deps): update actions/upload-artifact digest to 834a144
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-28 22:22:11 +00:00
Erik Michelson
1f1231a730
ci: remove netlify deployment workflow
...
This workflow was used in an early stage of development of HedgeDoc 2.
It allowed the core developers to quickly check fixes, improvements or
new features to the HedgeDoc UI without the requirement to check-out
the branch locally. As not every pull request required a deployment,
this workflow was only triggered when the "ci: force deployment"
label was added. Since some time already, the frontend and backend
are so tightly coupled that the netfliy deployment doesn't make any
sense anymore and therefore hasn't been used anymore. This commit
therefore removes this leftover workflow.
@RedYetiDev contacted us privately and reported that this deployment
workflow could have been abused to invoke arbitrary commands, including
extraction of environment variables which include our tokens for the
turborepo build cache or the netlify deployment token. For this it
would have been required that somebody created a "safe" pull request,
which would have been labelled with the deployment label and then
changed afterwards since the workflow checks out the pull request
source repository, not the target. We assured that the label was only
added to pull requests from trusted members of the HedgeDoc core team.
There was never any malicious use of the workflow. Furthermore, no
released versions of HedgeDoc (1.x) could have been affected by this,
even in the worst-case scenario.
We're thankful for putting this risk at our attention!
If you too encounter something unusual regarding security in HedgeDoc
itself or our toolchain around it, don't hesitate to contact us.
Details on this are wriiten in our SECURITY.md in the root of the
repository.
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2024-07-30 08:48:38 +02:00
Erik Michelson
d3318eb232
fix(ci): adjust options for artifacts action v4
...
See: https://github.com/actions/upload-artifact/blob/main/docs/MIGRATION.md
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2024-02-12 09:39:38 +01:00
renovate[bot]
6e42da2613
chore(deps): update actions/download-artifact action to v4
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-02-12 09:39:38 +01:00
renovate[bot]
31a0103b42
chore(deps): update actions/upload-artifact action to v4
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-02-12 09:39:38 +01:00
renovate[bot]
57be001b0e
chore(deps): update actions/setup-python action to v5
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-02-12 09:39:38 +01:00
renovate[bot]
2b3f18f735
chore(deps): update codecov/codecov-action action to v4
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-02-12 09:39:38 +01:00
renovate[bot]
9e63419dff
chore(deps): update github/codeql-action action to v3
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-02-12 09:39:38 +01:00
renovate[bot]
87eda11b10
chore(deps): update fsfe/reuse docker tag to v3
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-02-10 18:10:43 +01:00
renovate[bot]
7e45914cc1
chore(deps): update github/codeql-action action to v2.24.0
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-02-10 18:00:34 +01:00
renovate[bot]
6b256b9233
chore(deps): update docker/metadata-action action to v5.5.1
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-02-10 18:00:34 +01:00
renovate[bot]
8255fd1612
chore(deps): update codecov/codecov-action action to v3.1.6
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-02-10 18:00:34 +01:00
renovate[bot]
96353811a5
chore(deps): update actions/setup-node action to v4.0.2
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-02-10 18:00:34 +01:00
renovate[bot]
6c73e68973
chore(deps): update postgres:16.1 docker digest to 09f23e0
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-02-10 18:00:34 +01:00
renovate[bot]
6dd0dbca07
chore(deps): update mariadb:11.2.2 docker digest to c5077bb
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-02-10 15:29:38 +00:00
renovate[bot]
c0b7394873
chore(deps): update actions/upload-artifact digest to 4c0ff1c
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-02-10 15:28:29 +00:00
renovate[bot]
17aade0934
chore(deps): update actions/upload-artifact digest to d00351b
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-01-29 15:29:24 +00:00
renovate[bot]
2ef9c1f5db
chore(deps): update codecov/codecov-action action to v3.1.5
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-01-28 16:51:29 +00:00
renovate[bot]
9e315033f2
chore(deps): update actions/upload-artifact digest to 26f96df
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-01-25 09:10:44 +01:00
renovate[bot]
ab663a2852
chore(deps): update github/codeql-action action to v2.22.12
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-01-24 21:57:26 +00:00
renovate[bot]
c180d0eb24
chore(deps): update actions/setup-node action to v4.0.1
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-01-22 03:14:03 +00:00
renovate[bot]
7c377292f9
chore(deps): update postgres:16.1 docker digest to 49c276f
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-01-21 19:59:30 +00:00
renovate[bot]
cc5ac4fa06
chore(deps): update mariadb:11.2.2 docker digest to eb6a2d3
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-01-21 14:50:14 +00:00