aboutsummaryrefslogtreecommitdiffstats
path: root/.github/workflows/check-profiles.yml
Commit message (Collapse)AuthorAge
* build(deps): bump actions/checkout from 4.1.1 to 4.1.2Libravatar dependabot[bot]2024-03-18
| | | | | | | | | | | | | | | Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.1 to 4.1.2. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/b4ffde65f46336ab88eb53be808477a3936bae11...9bb56186c3b09b4f86b1c65136769dd318469633) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps): bump step-security/harden-runner from 2.6.1 to 2.7.0Libravatar dependabot[bot]2024-02-05
| | | | | | | | | | | | | | Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.6.1 to 2.7.0. - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](https://github.com/step-security/harden-runner/compare/eb238b55efaa70779f274895e782ed17c84f2895...63c24ba6bd7ba022e95695ff85de572c04a18142) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* ci: add timeout limits (#6178)Libravatar Kelvin M. Klann2024-02-03
| | | | | | | | So that they fail early instead of letting them run indefinitely when there are problems with the CI infrastructure. Use 5 minutes for the jobs that usually complete in under a minute (check-profiles and codespell) and 10 minutes for the rest (most jobs usually take 1-3 minutes).
* ci: re-enable sort.pyLibravatar Kelvin M. Klann2023-11-26
| | | | | | | | | | | | | | | | | | It was disabled on commit df6ea884f ("merges, disable sort.py in profile checks temporarely, two more private-etc profiles", 2023-02-14). Currently all profiles are sorted and there are no ongoing `private-etc` changes, so it should be safe to re-enable. Note that the script is useful to catch sorting issues not only in `private-etc` but also in other commands, such as `seccomp`[1] [2]. This is a follow-up to #6070. Relates to #5610. [1] https://github.com/netblue30/firejail/pull/6066#discussion_r1372055800 [2] https://github.com/netblue30/firejail/pull/6067#discussion_r1372027243
* build(deps): bump step-security/harden-runner from 2.6.0 to 2.6.1Libravatar dependabot[bot]2023-11-20
| | | | | | | | | | | | | | Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.6.0 to 2.6.1. - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](https://github.com/step-security/harden-runner/compare/1b05615854632b887b69ae1be8cbefe72d3ae423...eb238b55efaa70779f274895e782ed17c84f2895) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps): bump actions/checkout from 4.1.0 to 4.1.1Libravatar dependabot[bot]2023-10-23
| | | | | | | | | | | | | | | Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.0 to 4.1.1. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/8ade135a41bc03ea155e62e844d188df1ea18608...b4ffde65f46336ab88eb53be808477a3936bae11) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps): bump step-security/harden-runner from 2.5.1 to 2.6.0Libravatar dependabot[bot]2023-10-09
| | | | | | | | | | | | | | Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.5.1 to 2.6.0. - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](https://github.com/step-security/harden-runner/compare/8ca2b8b2ece13480cda6dacd3511b49857a23c09...1b05615854632b887b69ae1be8cbefe72d3ae423) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* ci: allow running workflows manuallyLibravatar Kelvin M. Klann2023-09-26
| | | | | | | | | Add `on.workflow_dispatch`. See: * https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#onworkflow_dispatch * https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#workflow_dispatch
* build(deps): bump actions/checkout from 4.0.0 to 4.1.0Libravatar dependabot[bot]2023-09-25
| | | | | | | | | | | | | | | Bumps [actions/checkout](https://github.com/actions/checkout) from 4.0.0 to 4.1.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/3df4ab11eba7bda6032a0b82a6bb43b11571feac...8ade135a41bc03ea155e62e844d188df1ea18608) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps): bump actions/checkout from 3.6.0 to 4.0.0Libravatar dependabot[bot]2023-09-11
| | | | | | | | | | | | | | | Bumps [actions/checkout](https://github.com/actions/checkout) from 3.6.0 to 4.0.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/f43a0e5ff2bd294095638e18286ca9a3d1956744...3df4ab11eba7bda6032a0b82a6bb43b11571feac) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
* ci: fix dependabot duplicated workflow runsLibravatar Kelvin M. Klann2023-08-28
| | | | | | | | | | | | | | | | | | | | | Every workflow is being executed twice for dependabot: Once when its branch is pushed to this repository and again when a PR is opened for it. For example, see the checks in #5979 ("29 checks passed"). This happens because both `on.push` and `on.pull_request` are specified in the workflow files. There does not seem to be a simple and generic way to avoid such duplicated runs directly in GitHub Actions (such as preventing the same check from running for the same exact commit)[1], so just ignore the dependabot branches on push for now. See also and commit 5871b08a4 ("ci: run for every branch instead of just master", 2023-04-23) / PR #5815. [1] https://github.com/orgs/community/discussions/26276
* build(deps): bump actions/checkout from 3.5.3 to 3.6.0Libravatar dependabot[bot]2023-08-28
| | | | | | | | | | | | | | | Bumps [actions/checkout](https://github.com/actions/checkout) from 3.5.3 to 3.6.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/c85c95e3d7251135ab7dc9ce3241c5835cc595a9...f43a0e5ff2bd294095638e18286ca9a3d1956744) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* ci: document the intended purpose of each workflowLibravatar Kelvin M. Klann2023-08-22
|
* ci: rename profile-checks.yml to check-profiles.ymlLibravatar Kelvin M. Klann2023-08-20
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-19 22:30:36 +0000