naveensrinivasan
8446cda519
Set permissions for GitHub actions
...
- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ )
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.
Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
2022-04-16 01:58:38 +00:00
Jeremy Benoist
0ac8089eee
CI workaround for PHP < 7.4 & MySQL 8
...
The error on PHP 7.2 & 7.3 is:
> PDO::__construct(): The server requested authentication method unknown to the client [caching_sha2_password]
See:
- https://stackoverflow.com/q/53066962/569101
- https://stackoverflow.com/q/52364415/569101
- https://stackoverflow.com/q/51489616/569101
- https://stackoverflow.com/q/50026939/569101
Also upgrade `actions/checkout` v3
2022-04-11 22:11:22 +02:00
Jeremy Benoist
fea2b46496
Composer 2.3 isn't compatible with wallabag
2022-04-01 16:09:59 +02:00
Jeremy Benoist
3c507d676f
Add build test on PHP 8.0 & 8.1
...
Add `isTransactional` to `WallabagMigration` because PHP 8 behave differently with PDO transaction.
This is a workaround because we can't upgrade Doctrine Migration for now (upper versions have the fix).
- Build is now using Composer v2 (instead of v1)
- All actions have been updated to latest version
- Fix bug in PHP 8 were `$entry->getTags()` can't be properly used as a _traversable_ by `assertContains` during tests. Added a custom method `Entry::getTagsLabel()` which return a flatted tag array with only label
- Replace `assertNotRegExp` by `assertDoesNotMatchRegularExpression` because it was deprecated
2022-01-31 12:59:39 +01:00
Jeremy Benoist
96e2e8eeeb
Rebuild assets
...
Also update GitHub Actions to latest versions
2022-01-05 14:26:10 +01:00
Jeremy Benoist
6004de48ff
Allow GitHub Actions to run on 2.* branches
...
Since I created the 2.5.0 branch, GA on PR targeting that branch aren't triggered. This should fix this.
2020-12-31 14:18:49 +01:00
Jeremy Benoist
189a9ef033
Use ramsey/composer-install
to handle composer install & cache
2020-12-03 10:16:03 +01:00
Jeremy Benoist
cab3eb4005
Update deps (PHP & JS)
...
Also re-enable assets diff in GitHub Actions.
2020-11-30 11:52:44 +01:00
Jeremy Benoist
c09b4bbea5
Disable assets check
2020-11-27 14:15:10 +01:00
Jeremy Benoist
d9bc425e1a
Better diff display
2020-11-27 14:14:45 +01:00
Jeremy Benoist
a03a49294a
Make assets build fail if changes are detected
2020-11-27 14:14:45 +01:00
Jeremy Benoist
c29ad30b56
Jump to 18.04 as it offers Tidy extension by default too
2020-11-27 14:14:44 +01:00
Jeremy Benoist
40c01ad1d4
Ditch Travis to use GitHub Actions
2020-11-27 14:14:44 +01:00