Commit graph

7112 commits

Author SHA1 Message Date
Jérémy Benoist
96a83ecb02
Merge pull request #5737 from turrisxyz/naveen/feat/githubactions 2022-04-19 21:05:13 +02:00
naveensrinivasan
d52f00132a
Included githubactions in the dependabot config
This should help with keeping the GitHub actions updated on new releases. This will also help with keeping it secure.

Dependabot helps in keeping the supply chain secure https://docs.github.com/en/code-security/dependabot

GitHub actions up to date https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot

https://github.com/ossf/scorecard/blob/main/docs/checks.md#dependency-update-tool

Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
2022-04-19 13:55:41 -05:00
Jérémy Benoist
dfb43c21fd
Merge pull request #5736 from wallabag/dependabot/npm_and_yarn/async-2.6.4 2022-04-19 07:10:28 +02:00
Jérémy Benoist
9f3b1b3b2c
Merge pull request #5735 from wallabag/dependabot/npm_and_yarn/stylelint-14.7.1 2022-04-19 06:55:43 +02:00
dependabot[bot]
0ee895da84
Bump async from 2.6.3 to 2.6.4
Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4.
- [Release notes](https://github.com/caolan/async/releases)
- [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md)
- [Commits](https://github.com/caolan/async/compare/v2.6.3...v2.6.4)

---
updated-dependencies:
- dependency-name: async
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-04-19 04:54:08 +00:00
Jérémy Benoist
e3a5d66afc
Merge pull request #5732 from turrisxyz/naveen/feat/set-perms-actions 2022-04-19 06:53:40 +02:00
dependabot[bot]
69f1e6ecca
Bump stylelint from 14.6.1 to 14.7.1
Bumps [stylelint](https://github.com/stylelint/stylelint) from 14.6.1 to 14.7.1.
- [Release notes](https://github.com/stylelint/stylelint/releases)
- [Changelog](https://github.com/stylelint/stylelint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/stylelint/stylelint/compare/14.6.1...14.7.1)

---
updated-dependencies:
- dependency-name: stylelint
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-04-18 02:01:08 +00:00
naveensrinivasan
8446cda519
Set permissions for GitHub actions
- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)

 Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.

Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
2022-04-16 01:58:38 +00:00
Jérémy Benoist
5a14755be9
Merge pull request #5726 from wallabag/dependabot/npm_and_yarn/highlight.js-11.5.1
Bump highlight.js from 11.5.0 to 11.5.1
2022-04-12 16:47:02 +02:00
Jeremy Benoist
88113289d7
Rebuild assets 2022-04-12 16:25:30 +02:00
dependabot[bot]
cdbdf7de1f
Bump highlight.js from 11.5.0 to 11.5.1
Bumps [highlight.js](https://github.com/highlightjs/highlight.js) from 11.5.0 to 11.5.1.
- [Release notes](https://github.com/highlightjs/highlight.js/releases)
- [Changelog](https://github.com/highlightjs/highlight.js/blob/11.5.1/CHANGES.md)
- [Commits](https://github.com/highlightjs/highlight.js/compare/11.5.0...11.5.1)

---
updated-dependencies:
- dependency-name: highlight.js
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-04-12 16:23:51 +02:00
Jérémy Benoist
c6ebd9cd25
Merge pull request #5725 from wallabag/dependabot/npm_and_yarn/material-design-icons-iconfont-6.6.0
Bump material-design-icons-iconfont from 6.5.0 to 6.6.0
2022-04-12 16:22:54 +02:00
Jeremy Benoist
82b79e6ebc
Rebuild assets 2022-04-12 16:18:15 +02:00
dependabot[bot]
c341cffe0c
Bump material-design-icons-iconfont from 6.5.0 to 6.6.0
Bumps [material-design-icons-iconfont](https://github.com/jossef/material-design-icons-iconfont) from 6.5.0 to 6.6.0.
- [Release notes](https://github.com/jossef/material-design-icons-iconfont/releases)
- [Commits](https://github.com/jossef/material-design-icons-iconfont/compare/v6.5.0...v6.6.0)

---
updated-dependencies:
- dependency-name: material-design-icons-iconfont
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-04-12 16:16:42 +02:00
Jérémy Benoist
934f63efba
Merge pull request #5722 from wallabag/dependabot/npm_and_yarn/babel/core-7.17.9
Bump @babel/core from 7.17.8 to 7.17.9
2022-04-12 16:15:55 +02:00
dependabot[bot]
b57815a089
Bump @babel/core from 7.17.8 to 7.17.9
Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) from 7.17.8 to 7.17.9.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.17.9/packages/babel-core)

---
updated-dependencies:
- dependency-name: "@babel/core"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-04-12 14:03:53 +00:00
Jérémy Benoist
d8d5f180b1
Merge pull request #5724 from wallabag/dependabot/npm_and_yarn/webpack-dev-server-4.8.1
Bump webpack-dev-server from 4.7.4 to 4.8.1
2022-04-12 16:01:42 +02:00
Jérémy Benoist
54c2440edc
Merge pull request #5723 from wallabag/dependabot/npm_and_yarn/eslint-8.13.0
Bump eslint from 8.12.0 to 8.13.0
2022-04-12 16:01:16 +02:00
dependabot[bot]
cc49b0516a
Bump eslint from 8.12.0 to 8.13.0
Bumps [eslint](https://github.com/eslint/eslint) from 8.12.0 to 8.13.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.12.0...v8.13.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-04-12 13:52:40 +00:00
dependabot[bot]
b5555514bd
Bump webpack-dev-server from 4.7.4 to 4.8.1
Bumps [webpack-dev-server](https://github.com/webpack/webpack-dev-server) from 4.7.4 to 4.8.1.
- [Release notes](https://github.com/webpack/webpack-dev-server/releases)
- [Changelog](https://github.com/webpack/webpack-dev-server/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack/webpack-dev-server/compare/v4.7.4...v4.8.1)

---
updated-dependencies:
- dependency-name: webpack-dev-server
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-04-12 13:51:15 +00:00
Jérémy Benoist
9e73a166a7
Merge pull request #5721 from wallabag/dependabot/npm_and_yarn/webpack-5.72.0
Bump webpack from 5.71.0 to 5.72.0
2022-04-12 15:49:42 +02:00
dependabot[bot]
a07c4e2506
Bump webpack from 5.71.0 to 5.72.0
Bumps [webpack](https://github.com/webpack/webpack) from 5.71.0 to 5.72.0.
- [Release notes](https://github.com/webpack/webpack/releases)
- [Commits](https://github.com/webpack/webpack/compare/v5.71.0...v5.72.0)

---
updated-dependencies:
- dependency-name: webpack
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-04-12 13:43:42 +00:00
Jérémy Benoist
fc581b0320
Merge pull request #5720 from wallabag/dependabot/npm_and_yarn/eslint-plugin-import-2.26.0
Bump eslint-plugin-import from 2.25.4 to 2.26.0
2022-04-12 15:41:24 +02:00
dependabot[bot]
baf470ea3f
Bump eslint-plugin-import from 2.25.4 to 2.26.0
Bumps [eslint-plugin-import](https://github.com/import-js/eslint-plugin-import) from 2.25.4 to 2.26.0.
- [Release notes](https://github.com/import-js/eslint-plugin-import/releases)
- [Changelog](https://github.com/import-js/eslint-plugin-import/blob/main/CHANGELOG.md)
- [Commits](https://github.com/import-js/eslint-plugin-import/compare/v2.25.4...v2.26.0)

---
updated-dependencies:
- dependency-name: eslint-plugin-import
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-04-12 13:36:03 +00:00
Jérémy Benoist
aa88671211
Merge pull request #5727 from wallabag/dependabot/npm_and_yarn/sass-1.50.0
Bump sass from 1.49.11 to 1.50.0
2022-04-12 15:33:50 +02:00
dependabot[bot]
a6b428c207
Bump sass from 1.49.11 to 1.50.0
Bumps [sass](https://github.com/sass/dart-sass) from 1.49.11 to 1.50.0.
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sass/dart-sass/compare/1.49.11...1.50.0)

---
updated-dependencies:
- dependency-name: sass
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-04-12 13:23:44 +00:00
Jérémy Benoist
23f12f853d
Merge pull request #5729 from wallabag/fix/php-7.2-7.3-mysql 2022-04-12 15:17:36 +02:00
Jeremy Benoist
0ac8089eee
CI workaround for PHP < 7.4 & MySQL 8
The error on PHP 7.2 & 7.3 is:

> PDO::__construct(): The server requested authentication method unknown to the client [caching_sha2_password]

See:
- https://stackoverflow.com/q/53066962/569101
- https://stackoverflow.com/q/52364415/569101
- https://stackoverflow.com/q/51489616/569101
- https://stackoverflow.com/q/50026939/569101

Also upgrade `actions/checkout` v3
2022-04-11 22:11:22 +02:00
Jérémy Benoist
17f87affdb
Merge pull request #5715 from wallabag/fix-composer-dockerfile
Fix composer version in docker dev configuration
2022-04-04 14:35:37 +02:00
Nicolas Lœuillet
31337b0a0a Fixed composer version in docker dev configuration 2022-04-04 14:02:13 +02:00
Jérémy Benoist
d0cfc547ba
Merge pull request #5713 from wallabag/dependabot/npm_and_yarn/sass-1.49.11
Bump sass from 1.49.9 to 1.49.11
2022-04-04 11:17:41 +02:00
Jeremy Benoist
c946372180
Update assets 2022-04-04 11:10:49 +02:00
Jérémy Benoist
3ea74bd4b2
Merge pull request #5662 from wallabag/impr/env
Update readme and docker development env
2022-04-04 10:59:21 +02:00
Kevin Decherf
f51008aef0 Update docker-compose and Dockerfile for dev env
This change should ease the spawn of a development environment.
It can be used as a vscode devcontainer.

Signed-off-by: Kevin Decherf <kevin@kdecherf.com>
2022-04-04 10:10:55 +02:00
Kevin Decherf
71ffcdc710 Update README
Signed-off-by: Kevin Decherf <kevin@kdecherf.com>
2022-04-04 10:10:55 +02:00
Jérémy Benoist
52752cd0d9
Merge pull request #5712 from wallabag/dependabot/npm_and_yarn/webpack-5.71.0 2022-04-04 07:05:32 +02:00
Jérémy Benoist
8a92a7a569
Merge pull request #5714 from wallabag/dependabot/composer/symfony/phpunit-bridge-6.0.7 2022-04-04 07:05:16 +02:00
dependabot[bot]
56a5625ce7
Bump sass from 1.49.9 to 1.49.11
Bumps [sass](https://github.com/sass/dart-sass) from 1.49.9 to 1.49.11.
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sass/dart-sass/compare/1.49.9...1.49.11)

---
updated-dependencies:
- dependency-name: sass
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-04-04 04:55:08 +00:00
dependabot[bot]
2b736cb32b
Bump webpack from 5.70.0 to 5.71.0
Bumps [webpack](https://github.com/webpack/webpack) from 5.70.0 to 5.71.0.
- [Release notes](https://github.com/webpack/webpack/releases)
- [Commits](https://github.com/webpack/webpack/compare/v5.70.0...v5.71.0)

---
updated-dependencies:
- dependency-name: webpack
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-04-04 04:54:34 +00:00
dependabot[bot]
f8c5817251
Bump symfony/phpunit-bridge from 6.0.3 to 6.0.7
Bumps [symfony/phpunit-bridge](https://github.com/symfony/phpunit-bridge) from 6.0.3 to 6.0.7.
- [Release notes](https://github.com/symfony/phpunit-bridge/releases)
- [Changelog](https://github.com/symfony/phpunit-bridge/blob/5.3/CHANGELOG.md)
- [Commits](https://github.com/symfony/phpunit-bridge/compare/v6.0.3...v6.0.7)

---
updated-dependencies:
- dependency-name: symfony/phpunit-bridge
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-04-04 04:53:39 +00:00
Jérémy Benoist
4ff43814bc
Merge pull request #5708 from wallabag/fix/composer-2.3 2022-04-04 06:52:29 +02:00
Jeremy Benoist
fea2b46496
Composer 2.3 isn't compatible with wallabag 2022-04-01 16:09:59 +02:00
Jérémy Benoist
287eba084a
Merge pull request #5703 from wallabag/dependabot/composer/guzzlehttp/psr7-1.8.4 2022-03-31 06:21:38 +02:00
dependabot[bot]
d50288a951
Bump guzzlehttp/psr7 from 1.8.3 to 1.8.4
Bumps [guzzlehttp/psr7](https://github.com/guzzle/psr7) from 1.8.3 to 1.8.4.
- [Release notes](https://github.com/guzzle/psr7/releases)
- [Changelog](https://github.com/guzzle/psr7/blob/1.8.4/CHANGELOG.md)
- [Commits](https://github.com/guzzle/psr7/compare/1.8.3...1.8.4)

---
updated-dependencies:
- dependency-name: guzzlehttp/psr7
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-29 22:19:08 +00:00
Jérémy Benoist
e096d66667
Merge pull request #5701 from wallabag/dependabot/npm_and_yarn/minimist-1.2.6 2022-03-28 06:14:42 +02:00
Jérémy Benoist
971b690d75
Merge pull request #5697 from wallabag/dependabot/npm_and_yarn/stylelint-webpack-plugin-3.2.0 2022-03-28 06:02:16 +02:00
Jérémy Benoist
2a70090a11
Merge pull request #5698 from wallabag/dependabot/npm_and_yarn/eslint-8.12.0 2022-03-28 06:01:40 +02:00
dependabot[bot]
527719f8a8
Bump minimist from 1.2.5 to 1.2.6
Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6.
- [Release notes](https://github.com/substack/minimist/releases)
- [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6)

---
updated-dependencies:
- dependency-name: minimist
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-28 04:01:30 +00:00
Jérémy Benoist
77bdaf3e17
Merge pull request #5699 from wallabag/dependabot/npm_and_yarn/babel-loader-8.2.4 2022-03-28 06:01:24 +02:00
Jérémy Benoist
ba6eb8e424
Merge pull request #5700 from wallabag/dependabot/npm_and_yarn/stylelint-14.6.1 2022-03-28 06:01:00 +02:00