diff options
Diffstat (limited to '.github')
-rw-r--r-- | .github/ISSUE_TEMPLATE/bug_report.md | 2 | ||||
-rw-r--r-- | .github/dependabot.yml | 4 | ||||
-rw-r--r-- | .github/workflows/build-extra.yml | 4 | ||||
-rw-r--r-- | .github/workflows/build.yml | 4 | ||||
-rw-r--r-- | .github/workflows/check-c.yml | 20 | ||||
-rw-r--r-- | .github/workflows/check-profiles.yml | 4 | ||||
-rw-r--r-- | .github/workflows/check-python.yml | 8 | ||||
-rw-r--r-- | .github/workflows/codespell.yml | 4 | ||||
-rw-r--r-- | .github/workflows/test.yml | 20 |
9 files changed, 35 insertions, 35 deletions
diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md index fc74640d4..37056a1ce 100644 --- a/.github/ISSUE_TEMPLATE/bug_report.md +++ b/.github/ISSUE_TEMPLATE/bug_report.md | |||
@@ -22,7 +22,7 @@ _Describe the bug_ | |||
22 | 22 | ||
23 | _Steps to reproduce the behavior_ | 23 | _Steps to reproduce the behavior_ |
24 | 24 | ||
25 | 1. Run in bash `LC_ALL=C firejail PROGRAM` (`LC_ALL=C` to get a consistent | 25 | 1. Run in bash `LC_ALL=C firejail /path/to/program` (`LC_ALL=C` to get a consistent |
26 | output in English that can be understood by everybody) | 26 | output in English that can be understood by everybody) |
27 | 2. Click on '....' | 27 | 2. Click on '....' |
28 | 3. Scroll down to '....' | 28 | 3. Scroll down to '....' |
diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 30242923d..7335f1eb2 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml | |||
@@ -3,5 +3,5 @@ updates: | |||
3 | - package-ecosystem: "github-actions" | 3 | - package-ecosystem: "github-actions" |
4 | directory: "/" | 4 | directory: "/" |
5 | schedule: | 5 | schedule: |
6 | interval: "weekly" | 6 | interval: "monthly" |
7 | open-pull-requests-limit: 2 | 7 | open-pull-requests-limit: 4 |
diff --git a/.github/workflows/build-extra.yml b/.github/workflows/build-extra.yml index 97a7b20d1..72ba685b5 100644 --- a/.github/workflows/build-extra.yml +++ b/.github/workflows/build-extra.yml | |||
@@ -44,7 +44,7 @@ jobs: | |||
44 | timeout-minutes: 10 | 44 | timeout-minutes: 10 |
45 | steps: | 45 | steps: |
46 | - name: Harden Runner | 46 | - name: Harden Runner |
47 | uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 | 47 | uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 |
48 | with: | 48 | with: |
49 | egress-policy: block | 49 | egress-policy: block |
50 | allowed-endpoints: > | 50 | allowed-endpoints: > |
@@ -52,7 +52,7 @@ jobs: | |||
52 | github.com:443 | 52 | github.com:443 |
53 | packages.microsoft.com:443 | 53 | packages.microsoft.com:443 |
54 | ppa.launchpadcontent.net:443 | 54 | ppa.launchpadcontent.net:443 |
55 | - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b | 55 | - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 |
56 | - name: update package information | 56 | - name: update package information |
57 | run: sudo apt-get update -qy | 57 | run: sudo apt-get update -qy |
58 | - name: install dependencies | 58 | - name: install dependencies |
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 93a115daa..b4ae7a2e9 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml | |||
@@ -60,7 +60,7 @@ jobs: | |||
60 | timeout-minutes: 10 | 60 | timeout-minutes: 10 |
61 | steps: | 61 | steps: |
62 | - name: Harden Runner | 62 | - name: Harden Runner |
63 | uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 | 63 | uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 |
64 | with: | 64 | with: |
65 | egress-policy: block | 65 | egress-policy: block |
66 | allowed-endpoints: > | 66 | allowed-endpoints: > |
@@ -68,7 +68,7 @@ jobs: | |||
68 | github.com:443 | 68 | github.com:443 |
69 | packages.microsoft.com:443 | 69 | packages.microsoft.com:443 |
70 | ppa.launchpadcontent.net:443 | 70 | ppa.launchpadcontent.net:443 |
71 | - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b | 71 | - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 |
72 | - name: update package information | 72 | - name: update package information |
73 | run: sudo apt-get update -qy | 73 | run: sudo apt-get update -qy |
74 | - name: install dependencies | 74 | - name: install dependencies |
diff --git a/.github/workflows/check-c.yml b/.github/workflows/check-c.yml index 03955b3f9..c41c67798 100644 --- a/.github/workflows/check-c.yml +++ b/.github/workflows/check-c.yml | |||
@@ -46,7 +46,7 @@ jobs: | |||
46 | timeout-minutes: 10 | 46 | timeout-minutes: 10 |
47 | steps: | 47 | steps: |
48 | - name: Harden Runner | 48 | - name: Harden Runner |
49 | uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 | 49 | uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 |
50 | with: | 50 | with: |
51 | egress-policy: block | 51 | egress-policy: block |
52 | allowed-endpoints: > | 52 | allowed-endpoints: > |
@@ -56,7 +56,7 @@ jobs: | |||
56 | packages.microsoft.com:443 | 56 | packages.microsoft.com:443 |
57 | ppa.launchpadcontent.net:443 | 57 | ppa.launchpadcontent.net:443 |
58 | security.ubuntu.com:80 | 58 | security.ubuntu.com:80 |
59 | - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b | 59 | - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 |
60 | - name: update package information | 60 | - name: update package information |
61 | run: sudo apt-get update -qy | 61 | run: sudo apt-get update -qy |
62 | - name: install clang-tools-14 and dependencies | 62 | - name: install clang-tools-14 and dependencies |
@@ -79,7 +79,7 @@ jobs: | |||
79 | timeout-minutes: 10 | 79 | timeout-minutes: 10 |
80 | steps: | 80 | steps: |
81 | - name: Harden Runner | 81 | - name: Harden Runner |
82 | uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 | 82 | uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 |
83 | with: | 83 | with: |
84 | egress-policy: block | 84 | egress-policy: block |
85 | allowed-endpoints: > | 85 | allowed-endpoints: > |
@@ -89,7 +89,7 @@ jobs: | |||
89 | packages.microsoft.com:443 | 89 | packages.microsoft.com:443 |
90 | ppa.launchpadcontent.net:443 | 90 | ppa.launchpadcontent.net:443 |
91 | security.ubuntu.com:80 | 91 | security.ubuntu.com:80 |
92 | - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b | 92 | - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 |
93 | - name: update package information | 93 | - name: update package information |
94 | run: sudo apt-get update -qy | 94 | run: sudo apt-get update -qy |
95 | - name: install cppcheck | 95 | - name: install cppcheck |
@@ -109,7 +109,7 @@ jobs: | |||
109 | timeout-minutes: 10 | 109 | timeout-minutes: 10 |
110 | steps: | 110 | steps: |
111 | - name: Harden Runner | 111 | - name: Harden Runner |
112 | uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 | 112 | uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 |
113 | with: | 113 | with: |
114 | egress-policy: block | 114 | egress-policy: block |
115 | allowed-endpoints: > | 115 | allowed-endpoints: > |
@@ -120,7 +120,7 @@ jobs: | |||
120 | ppa.launchpad.net:80 | 120 | ppa.launchpad.net:80 |
121 | ppa.launchpadcontent.net:443 | 121 | ppa.launchpadcontent.net:443 |
122 | security.ubuntu.com:80 | 122 | security.ubuntu.com:80 |
123 | - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b | 123 | - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 |
124 | - name: update package information | 124 | - name: update package information |
125 | run: sudo apt-get update -qy | 125 | run: sudo apt-get update -qy |
126 | - name: install cppcheck | 126 | - name: install cppcheck |
@@ -143,7 +143,7 @@ jobs: | |||
143 | 143 | ||
144 | steps: | 144 | steps: |
145 | - name: Harden Runner | 145 | - name: Harden Runner |
146 | uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 | 146 | uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 |
147 | with: | 147 | with: |
148 | disable-sudo: true | 148 | disable-sudo: true |
149 | egress-policy: block | 149 | egress-policy: block |
@@ -154,14 +154,14 @@ jobs: | |||
154 | uploads.github.com:443 | 154 | uploads.github.com:443 |
155 | 155 | ||
156 | - name: Checkout repository | 156 | - name: Checkout repository |
157 | uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b | 157 | uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 |
158 | 158 | ||
159 | - name: print env | 159 | - name: print env |
160 | run: ./ci/printenv.sh | 160 | run: ./ci/printenv.sh |
161 | 161 | ||
162 | # Initializes the CodeQL tools for scanning. | 162 | # Initializes the CodeQL tools for scanning. |
163 | - name: Initialize CodeQL | 163 | - name: Initialize CodeQL |
164 | uses: github/codeql-action/init@d39d31e687223d841ef683f52467bd88e9b21c14 | 164 | uses: github/codeql-action/init@f079b8493333aace61c81488f8bd40919487bd9f |
165 | with: | 165 | with: |
166 | languages: cpp | 166 | languages: cpp |
167 | 167 | ||
@@ -172,4 +172,4 @@ jobs: | |||
172 | run: make -j "$(nproc)" | 172 | run: make -j "$(nproc)" |
173 | 173 | ||
174 | - name: Perform CodeQL Analysis | 174 | - name: Perform CodeQL Analysis |
175 | uses: github/codeql-action/analyze@d39d31e687223d841ef683f52467bd88e9b21c14 | 175 | uses: github/codeql-action/analyze@f079b8493333aace61c81488f8bd40919487bd9f |
diff --git a/.github/workflows/check-profiles.yml b/.github/workflows/check-profiles.yml index 5613b6bb7..a7974a994 100644 --- a/.github/workflows/check-profiles.yml +++ b/.github/workflows/check-profiles.yml | |||
@@ -33,14 +33,14 @@ jobs: | |||
33 | 33 | ||
34 | steps: | 34 | steps: |
35 | - name: Harden Runner | 35 | - name: Harden Runner |
36 | uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 | 36 | uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 |
37 | with: | 37 | with: |
38 | disable-sudo: true | 38 | disable-sudo: true |
39 | egress-policy: block | 39 | egress-policy: block |
40 | allowed-endpoints: > | 40 | allowed-endpoints: > |
41 | github.com:443 | 41 | github.com:443 |
42 | 42 | ||
43 | - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b | 43 | - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 |
44 | - name: print env | 44 | - name: print env |
45 | run: ./ci/printenv.sh | 45 | run: ./ci/printenv.sh |
46 | - run: python3 --version | 46 | - run: python3 --version |
diff --git a/.github/workflows/check-python.yml b/.github/workflows/check-python.yml index 8d8e2ac23..0bb67e05e 100644 --- a/.github/workflows/check-python.yml +++ b/.github/workflows/check-python.yml | |||
@@ -31,7 +31,7 @@ jobs: | |||
31 | 31 | ||
32 | steps: | 32 | steps: |
33 | - name: Harden Runner | 33 | - name: Harden Runner |
34 | uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 | 34 | uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 |
35 | with: | 35 | with: |
36 | disable-sudo: true | 36 | disable-sudo: true |
37 | egress-policy: block | 37 | egress-policy: block |
@@ -44,16 +44,16 @@ jobs: | |||
44 | uploads.github.com:443 | 44 | uploads.github.com:443 |
45 | 45 | ||
46 | - name: Checkout repository | 46 | - name: Checkout repository |
47 | uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b | 47 | uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 |
48 | 48 | ||
49 | - name: print env | 49 | - name: print env |
50 | run: ./ci/printenv.sh | 50 | run: ./ci/printenv.sh |
51 | 51 | ||
52 | # Initializes the CodeQL tools for scanning. | 52 | # Initializes the CodeQL tools for scanning. |
53 | - name: Initialize CodeQL | 53 | - name: Initialize CodeQL |
54 | uses: github/codeql-action/init@d39d31e687223d841ef683f52467bd88e9b21c14 | 54 | uses: github/codeql-action/init@f079b8493333aace61c81488f8bd40919487bd9f |
55 | with: | 55 | with: |
56 | languages: python | 56 | languages: python |
57 | 57 | ||
58 | - name: Perform CodeQL Analysis | 58 | - name: Perform CodeQL Analysis |
59 | uses: github/codeql-action/analyze@d39d31e687223d841ef683f52467bd88e9b21c14 | 59 | uses: github/codeql-action/analyze@f079b8493333aace61c81488f8bd40919487bd9f |
diff --git a/.github/workflows/codespell.yml b/.github/workflows/codespell.yml index c492a2a03..1e8486bd7 100644 --- a/.github/workflows/codespell.yml +++ b/.github/workflows/codespell.yml | |||
@@ -24,7 +24,7 @@ jobs: | |||
24 | timeout-minutes: 5 | 24 | timeout-minutes: 5 |
25 | steps: | 25 | steps: |
26 | - name: Harden Runner | 26 | - name: Harden Runner |
27 | uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 | 27 | uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 |
28 | with: | 28 | with: |
29 | egress-policy: block | 29 | egress-policy: block |
30 | allowed-endpoints: > | 30 | allowed-endpoints: > |
@@ -34,7 +34,7 @@ jobs: | |||
34 | packages.microsoft.com:443 | 34 | packages.microsoft.com:443 |
35 | ppa.launchpadcontent.net:443 | 35 | ppa.launchpadcontent.net:443 |
36 | security.ubuntu.com:80 | 36 | security.ubuntu.com:80 |
37 | - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b | 37 | - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 |
38 | - name: update package information | 38 | - name: update package information |
39 | run: sudo apt-get update -qy | 39 | run: sudo apt-get update -qy |
40 | - name: install dependencies | 40 | - name: install dependencies |
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 2613a30a8..ea9890b5e 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml | |||
@@ -54,7 +54,7 @@ jobs: | |||
54 | SHELL: /bin/bash | 54 | SHELL: /bin/bash |
55 | steps: | 55 | steps: |
56 | - name: Harden Runner | 56 | - name: Harden Runner |
57 | uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 | 57 | uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 |
58 | with: | 58 | with: |
59 | egress-policy: block | 59 | egress-policy: block |
60 | allowed-endpoints: > | 60 | allowed-endpoints: > |
@@ -62,7 +62,7 @@ jobs: | |||
62 | github.com:443 | 62 | github.com:443 |
63 | packages.microsoft.com:443 | 63 | packages.microsoft.com:443 |
64 | ppa.launchpadcontent.net:443 | 64 | ppa.launchpadcontent.net:443 |
65 | - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b | 65 | - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 |
66 | - name: update package information | 66 | - name: update package information |
67 | run: sudo apt-get update -qy | 67 | run: sudo apt-get update -qy |
68 | - name: install dependencies | 68 | - name: install dependencies |
@@ -103,7 +103,7 @@ jobs: | |||
103 | SHELL: /bin/bash | 103 | SHELL: /bin/bash |
104 | steps: | 104 | steps: |
105 | - name: Harden Runner | 105 | - name: Harden Runner |
106 | uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 | 106 | uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 |
107 | with: | 107 | with: |
108 | egress-policy: block | 108 | egress-policy: block |
109 | allowed-endpoints: > | 109 | allowed-endpoints: > |
@@ -111,7 +111,7 @@ jobs: | |||
111 | github.com:443 | 111 | github.com:443 |
112 | packages.microsoft.com:443 | 112 | packages.microsoft.com:443 |
113 | ppa.launchpadcontent.net:443 | 113 | ppa.launchpadcontent.net:443 |
114 | - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b | 114 | - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 |
115 | - name: update package information | 115 | - name: update package information |
116 | run: sudo apt-get update -qy | 116 | run: sudo apt-get update -qy |
117 | - name: install dependencies | 117 | - name: install dependencies |
@@ -143,7 +143,7 @@ jobs: | |||
143 | SHELL: /bin/bash | 143 | SHELL: /bin/bash |
144 | steps: | 144 | steps: |
145 | - name: Harden Runner | 145 | - name: Harden Runner |
146 | uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 | 146 | uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 |
147 | with: | 147 | with: |
148 | egress-policy: block | 148 | egress-policy: block |
149 | allowed-endpoints: > | 149 | allowed-endpoints: > |
@@ -151,7 +151,7 @@ jobs: | |||
151 | github.com:443 | 151 | github.com:443 |
152 | packages.microsoft.com:443 | 152 | packages.microsoft.com:443 |
153 | ppa.launchpadcontent.net:443 | 153 | ppa.launchpadcontent.net:443 |
154 | - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b | 154 | - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 |
155 | - name: update package information | 155 | - name: update package information |
156 | run: sudo apt-get update -qy | 156 | run: sudo apt-get update -qy |
157 | - name: install dependencies | 157 | - name: install dependencies |
@@ -183,7 +183,7 @@ jobs: | |||
183 | SHELL: /bin/bash | 183 | SHELL: /bin/bash |
184 | steps: | 184 | steps: |
185 | - name: Harden Runner | 185 | - name: Harden Runner |
186 | uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 | 186 | uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 |
187 | with: | 187 | with: |
188 | egress-policy: block | 188 | egress-policy: block |
189 | allowed-endpoints: > | 189 | allowed-endpoints: > |
@@ -194,7 +194,7 @@ jobs: | |||
194 | ppa.launchpadcontent.net:443 | 194 | ppa.launchpadcontent.net:443 |
195 | www.debian.org:443 | 195 | www.debian.org:443 |
196 | www.debian.org:80 | 196 | www.debian.org:80 |
197 | - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b | 197 | - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 |
198 | - name: update package information | 198 | - name: update package information |
199 | run: sudo apt-get update -qy | 199 | run: sudo apt-get update -qy |
200 | - name: install dependencies | 200 | - name: install dependencies |
@@ -225,7 +225,7 @@ jobs: | |||
225 | SHELL: /bin/bash | 225 | SHELL: /bin/bash |
226 | steps: | 226 | steps: |
227 | - name: Harden Runner | 227 | - name: Harden Runner |
228 | uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 | 228 | uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 |
229 | with: | 229 | with: |
230 | egress-policy: block | 230 | egress-policy: block |
231 | allowed-endpoints: > | 231 | allowed-endpoints: > |
@@ -240,7 +240,7 @@ jobs: | |||
240 | www.debian.org:443 | 240 | www.debian.org:443 |
241 | www.debian.org:80 | 241 | www.debian.org:80 |
242 | yahoo.com:1025 | 242 | yahoo.com:1025 |
243 | - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b | 243 | - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 |
244 | - name: update package information | 244 | - name: update package information |
245 | run: sudo apt-get update -qy | 245 | run: sudo apt-get update -qy |
246 | - name: install dependencies | 246 | - name: install dependencies |