Commit graph

33 commits

Author SHA1 Message Date
Robert Kaussow
e1a273d25d
Update docs deps to address cves (#2080)
Related-to: https://github.com/woodpecker-ci/woodpecker/pull/2078

Remaining CVEs:

```
❯ trivy fs --exit-code 1 --skip-dirs node_modules/,plugins/woodpecker-plugins/node_modules/ docs/
2023-08-01T10:02:36.911+0200	INFO	Vulnerability scanning is enabled
2023-08-01T10:02:36.911+0200	INFO	Secret scanning is enabled
2023-08-01T10:02:36.911+0200	INFO	If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2023-08-01T10:02:36.911+0200	INFO	Please see also https://aquasecurity.github.io/trivy/v0.43/docs/scanner/secret/#recommendation for faster secret detection
2023-08-01T10:02:36.963+0200	INFO	Number of language-specific files: 1
2023-08-01T10:02:36.963+0200	INFO	Detecting pnpm vulnerabilities...

pnpm-lock.yaml (pnpm)

Total: 2 (UNKNOWN: 0, LOW: 0, MEDIUM: 1, HIGH: 1, CRITICAL: 0)

┌─────────┬────────────────┬──────────┬───────────────────┬────────────────┬──────────────────────────────────────────────────────────────┐
│ Library │ Vulnerability  │ Severity │ Installed Version │ Fixed Version  │                            Title                             │
├─────────┼────────────────┼──────────┼───────────────────┼────────────────┼──────────────────────────────────────────────────────────────┤
│ got     │ CVE-2022-33987 │ MEDIUM   │ 9.6.0             │ 11.8.5, 12.1.0 │ missing verification of requested URLs allows redirects to   │
│         │                │          │                   │                │ UNIX sockets                                                 │
│         │                │          │                   │                │ https://avd.aquasec.com/nvd/cve-2022-33987                   │
├─────────┼────────────────┼──────────┼───────────────────┼────────────────┼──────────────────────────────────────────────────────────────┤
│ trim    │ CVE-2020-7753  │ HIGH     │ 0.0.1             │ 0.0.3          │ nodejs-trim: Regular Expression Denial of Service (ReDoS) in │
│         │                │          │                   │                │ trim function                                                │
│         │                │          │                   │                │ https://avd.aquasec.com/nvd/cve-2020-7753                    │
└─────────┴────────────────┴──────────┴───────────────────┴────────────────┴──────────────────────────────────────────────────────────────┘
```

- `trim` is pulled in by `@docusaurus/theme-classic` and can be ignored
due to
https://github.com/facebook/docusaurus/issues/7275#issuecomment-1113997259
- `got` can be ignored as well, see `trim`
2023-08-01 13:30:44 +02:00
Anbraten
e0ed1b3e49
Change master to main (#2044) 2023-07-31 05:47:23 +02:00
Guillaume REMBERT
0cf602a1f6
Add Kubernetes and Dockle Plugins (#1930)
Add Kubernetes Deployments and StatefulSet update and Dockle Scan Plugins.

For Kubernetes plugin, I based on the Drone unmaintened Kubernetes
plugin and took the statefulset management evolutions. I added sync/wait
and force redeploy capabilities + updates dependencies

For Dockle plugin, I took example on Trivy plugin.
2023-07-04 20:28:43 +02:00
Ell
10313e79a0
Added Nextcloud Upload plugin (#1927)
Add plugin [Nextcloud Upload](https://github.com/Ellpeck/WoodpeckerPlugins/tree/main/nextcloud-upload) to the official plugin list.

there's already an official plugin that allows uploading
files using WebDAV, but my plugin has two Nextcloud-specific additions
that aren't part of the regular WebDAV spec:
- The ability to chunk uploads, which is necessary for larger files if
Nextcloud is hosted behind Cloudflare (which restricts uploads to a
maximum of 100MB)
- The ability to apply Nextcloud tags, which allows automatically
categorizing items and using Nextcloud's Retention plugin to easily
auto-remove older artifacts.
2023-07-03 19:47:10 +02:00
Epsilon_02
3714e9c218
Add TODO-Checker plugin (#1906)
Co-authored-by: qwerty287 <80460567+qwerty287@users.noreply.github.com>
2023-07-01 08:26:53 +02:00
6543
375e352a84
Add MkDocs Plugin (#1770)
https://codeberg.org/woodpecker-plugins/mkdocs
2023-05-21 07:54:23 +02:00
6543
1a79d30555
Add Trivy Plugin (#1769) 2023-05-21 00:21:34 +02:00
Alexander Wühr
02cfbc8cbf
Add ntfy plugin (#1741)
Add https://codeberg.org/l-x/woodpecker-ntfy to the index
2023-05-11 01:18:31 +02:00
6543
44a1cd8782
Refactor plugin-index plugin for docs (#1694)
- delete NewPluginPanel as it's not used
- useRef for fuse
2023-04-03 17:09:05 +02:00
6543
6d022712e8
Fix docs build (#1690)
Co-authored-by: Anbraten <anton@ju60.de>
2023-04-03 12:30:01 +02:00
6543
d98e566de2
docs: update pnpm-lock.yaml of woodpecker-plugins
yes it would had made sense to create a pull looking at the last 2 commits ...
2023-04-03 00:33:43 +02:00
陈杨文
799bb42ddd
docs: add woodpecker-feishu-bot to plugins.json (#1679)
Co-authored-by: qwerty287 <80460567+qwerty287@users.noreply.github.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
2023-03-24 19:22:08 +01:00
Simon Vieille
1cd73f0b76
Add Email plugin (#1545)
Add plugin to send build status notifications via Email

Co-authored-by: Simon Vieille <simon.vieille@trinaps.com>
2023-01-15 16:31:44 +01:00
John Olheiser
9e56c66db8
Add Gitea Release plugin to docs (#1533) 2023-01-10 16:28:09 +01:00
Lauris BH
21bc885c51
Add pipeline trigger plugin (#1531)
Should wait when CI is configured and docker image is published
2023-01-09 18:43:04 +01:00
brenard
f1e9c8416d
Add Aptly publish plugin (#1521)
A plugin to publish one (or more) Debian package on a Aptly repository using its API.
2023-01-03 01:49:58 +01:00
6543
7c9644c887
Add WebDAV to plugin index 2022-12-29 01:37:15 +01:00
Anbraten
dfd4622ba2
Point docs navbar items to selected version (#1434) 2022-11-19 15:21:03 +01:00
Josh Soref
023d03dd61
Spelling (#1405)
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
2022-11-09 08:12:17 +01:00
qwerty287
b44e895017
Add Node PM plugin (#1360)
A simple plugin that executes NPM, PNPM or Yarn scripts
2022-10-28 17:06:14 +02:00
6543
c48b1dcd7e
Add "Git Push" plugin to index (#1289) 2022-10-19 21:06:20 +02:00
qwerty287
38198f83c4
Update all dependencies (#1291) 2022-10-19 10:15:58 +02:00
Mark Sharpley
755d9d37e4
Add "Gitea Pull Comment" plugin to index (#1270)
Signed-off-by: Mark Sharpley <698889+markopolo123@users.noreply.github.com>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Anbraten <anton@ju60.de>
2022-10-17 12:34:41 +02:00
Lukas
7686d4c8c3
Use fallback icon on plugin page (#1268) 2022-10-14 16:20:54 +02:00
Lukas
b3c816abbd
Add fallback plugin image and display plugins in 1 to 3 columns (#1247) 2022-10-09 19:31:53 +02:00
Lukas
fd6923fe20
Replace yarn with pnpm (#1240)
Should resolve startup issues in gitpod and be a lot faster 🚀
2022-10-08 16:15:07 +02:00
qwerty287
86bc751b95
Add my plugins (#1204)
Co-authored-by: Anbraten <anton@ju60.de>
2022-09-27 09:30:04 +02:00
Anbraten
62d82765fd
Improve plugins index (#1200)
Co-authored-by: qwerty287 <80460567+qwerty287@users.noreply.github.com>
2022-09-25 19:04:47 +02:00
Anbraten
ee97977b93
Update and cleanup docs (#851)
- migrate step conditions back into pipeline syntax, but show 2-4 level in toc to be able to see `when` keywords
- create new backend section in admin docs
- update docusaurus
- remove prefix docker of container / container-image where possible
- replace terms SCM, VCS, Github with [forge](https://en.wikipedia.org/wiki/Forge_(software))
- add darkmode favicon variant
2022-04-06 17:15:28 +02:00
Anbraten
9ff0f230ec
Add awesome page (#744) 2022-02-04 10:53:03 +01:00
Anbraten
934847e855
update docs (#611) 2021-12-18 01:05:23 +01:00
Anbraten
c4700e9693
Update docs dependencies (#553) 2021-11-27 15:13:00 +01:00
Anbraten
0812a29163
Add plugin marketplace (for official plugins) (#451)
Co-authored-by: 6543 <6543@obermui.de>
2021-10-19 18:54:01 +02:00