Skip to content
Snippets Groups Projects

Compare revisions

Changes are shown as if the source revision was being merged into the target revision. Learn more about comparing revisions.

Source

Select target project
No results found
Select Git revision
  • master
1 result

Target

Select target project
  • smartdatalab/public/applications/renovate
1 result
Select Git revision
  • master
1 result
Show changes
Commits on Source (1000)
900 additional commits have been omitted to prevent performance issues.
Show whitespace changes
Inline Side-by-side
Showing
with 182 additions and 227 deletions
.devcontainer/Dockerfile
View file @ 2dcb0fa3
FROM ghcr.io/containerbase/devcontainer:10.1.4
FROM ghcr.io/containerbase/devcontainer:10.11.4
.devcontainer/post-create.sh
View file @ 2dcb0fa3
......@@ -7,4 +7,4 @@ if [[ "${CODESPACES}" == true ]]; then
sudo chmod 1777 /tmp
fi
pnpm install
COREPACK_ENABLE_DOWNLOAD_PROMPT=0 pnpm install
.eslintrc.js
View file @ 2dcb0fa3
......@@ -16,7 +16,6 @@ module.exports = {
'plugin:@typescript-eslint/recommended-requiring-type-checking',
'plugin:promise/recommended',
'plugin:jest-formatting/recommended',
'prettier',
],
parserOptions: {
ecmaVersion: 9,
......@@ -225,5 +224,14 @@ module.exports = {
'import/extensions': 0,
},
},
{
files: ['tools/docs/test/**/*.mjs'],
env: {
jest: false,
},
rules: {
'@typescript-eslint/no-floating-promises': 0,
},
},
],
};
.github/DISCUSSION_TEMPLATE/report-a-problem.yml deleted 100644 → 0
View file @ 04fecf4b
body:
- type: dropdown
id: how-are-you-running-renovate
attributes:
label: How are you running Renovate?
options:
- 'Mend Renovate hosted app on github.com'
- 'Self-hosted Renovate'
- type: input
id: self-hosted-veresion
attributes:
label: If you're self-hosting Renovate, tell us what version of Renovate you run.
validations:
required: false
- type: dropdown
id: self-hosted-platform
attributes:
label: If you're self-hosting Renovate, select which platform you are using.
options:
- 'AWS CodeCommit'
- 'Azure DevOps (dev.azure.com)'
- 'Azure DevOps Server'
- 'Bitbucket Cloud (bitbucket.org)'
- 'Bitbucket Server'
- 'Gitea or Forgejo'
- 'github.com'
- 'GitHub Enterprise Server'
- 'gitlab.com'
- 'GitLab self-hosted'
validations:
required: false
- type: dropdown
id: regression-error
attributes:
label: Was this something which used to work for you, and then stopped?
options:
- 'It used to work, and then stopped'
- 'I have not seen this working'
- type: textarea
id: describe-problem
attributes:
label: Describe the problem
description: 'Do not report any security concerns here. Email [renovate-disclosure@mend.io](mailto:renovate-disclosure@mend.io) instead.'
validations:
required: true
- type: textarea
id: debug-logs
attributes:
label: Relevant debug logs
description: |
Try not to report a problem unless you've looked at the logs first.
If you're running self-hosted, run with `LOG_LEVEL=debug` in your environment variables and search for whatever dependency/branch/PR that is causing the problem.
If you are using the Renovate App, log into [Renovate's app dashboard](https://developer.mend.io) and locate the correct job log for when the problem occurred (e.g. when the PR was created).
Try to paste the *relevant* logs here, not the entire thing and not just a link to the dashboard (others don't have permissions to view them).
If you're not sure about the relevant parts of the log, then feel free to post the full log to a [Github Gist](https://gist.github.com/) and link to it.
Try to highlight the important logs into the Discussion itself.
value: |
<details><summary>Logs</summary>
```
Copy/paste the relevant log(s) here, between the starting and ending backticks
```
</details>
validations:
required: false
- type: dropdown
id: minimal-reproduction-repository
attributes:
label: Have you created a minimal reproduction repository?
description: Please read the [minimal reproductions documentation](https://github.com/renovatebot/renovate/blob/main/docs/development/minimal-reproductions.md) to learn how to make a good minimal reproduction repository.
options:
- 'Placeholder value, please select the correct response from the dropdown'
- 'I have linked to a minimal reproduction in the description above'
- 'I have explained in the description why a minimal reproduction is impossible'
validations:
required: true
.github/DISCUSSION_TEMPLATE/ask-a-question.yml .github/DISCUSSION_TEMPLATE/request-help.yml
View file @ 2dcb0fa3
body:
- type: dropdown
id: question-type
attributes:
label: What would you like help with?
options:
- 'I would like help with my configuration'
- 'I think I found a bug'
- 'Other'
- type: dropdown
id: how-are-you-running-renovate
attributes:
......@@ -10,32 +19,14 @@ body:
- type: input
id: self-hosted-version
attributes:
label: If you're self-hosting Renovate, tell us what version of Renovate you run.
validations:
required: false
- type: dropdown
id: self-hosted-platform
attributes:
label: If you're self-hosting Renovate, select which platform you are using.
options:
- 'AWS CodeCommit'
- 'Azure DevOps (dev.azure.com)'
- 'Azure DevOps Server'
- 'Bitbucket Cloud (bitbucket.org)'
- 'Bitbucket Server'
- 'Gitea or Forgejo'
- 'github.com'
- 'GitHub Enterprise Server'
- 'gitlab.com'
- 'GitLab self-hosted'
label: If you're self-hosting Renovate, tell us which platform (GitHub, GitLab, etc) and which version of Renovate.
validations:
required: false
- type: textarea
id: the-question
attributes:
label: What is your question?
label: Please tell us more about your question or problem
validations:
required: true
......@@ -54,7 +45,7 @@ body:
```
Copy/paste the relevant log(s) here, between the starting and ending backticks
Replace this text with your logs, between the starting and ending triple backticks
```
......
.github/ISSUE_TEMPLATE/config.yml
View file @ 2dcb0fa3
blank_issues_enabled: false
contact_links:
- name: Start a discussion
url: https://github.com/renovatebot/renovate/discussions/new
url: https://github.com/renovatebot/renovate/discussions/new/choose
about: Our preferred starting point if you have any questions or suggestions about bot configuration, features or behavior.
.github/actions/calculate-prefetch-matrix/action.yml
View file @ 2dcb0fa3
......@@ -34,7 +34,7 @@ runs:
- name: Check cache miss for MacOS
id: macos-cache
uses: actions/cache/restore@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0
uses: actions/cache/restore@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
with:
path: node_modules
key: ${{ env.MACOS_KEY }}
......@@ -43,7 +43,7 @@ runs:
- name: Check cache miss for Windows
id: windows-cache
uses: actions/cache/restore@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0
uses: actions/cache/restore@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
with:
path: node_modules
key: ${{ env.WINDOWS_KEY }}
......
.github/actions/setup-node/action.yml
View file @ 2dcb0fa3
......@@ -34,7 +34,7 @@ runs:
- name: Restore `node_modules`
id: node-modules-restore
uses: actions/cache/restore@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0
uses: actions/cache/restore@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
with:
path: node_modules
key: ${{ env.CACHE_KEY }}
......@@ -47,9 +47,10 @@ runs:
(steps.node-modules-restore.outputs.cache-hit == 'true') && 'true' || ''
}}' >> "$GITHUB_ENV"
- name: Enable corepack
shell: bash
run: corepack enable
- name: Setup pnpm
uses: pnpm/action-setup@a3252b78c470c02df07e9d59298aecedc3ccdd6d # v3.0.0
with:
standalone: true
- name: Setup Node
uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2
......@@ -67,7 +68,7 @@ runs:
- name: Write `node_modules` cache
if: inputs.save-cache == 'true' && env.CACHE_HIT != 'true'
uses: actions/cache/save@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0
uses: actions/cache/save@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
with:
path: node_modules
key: ${{ env.CACHE_KEY }}
......
.github/contributing.md
View file @ 2dcb0fa3
......@@ -21,15 +21,6 @@ If you want help with your Renovate configuration, go to the [discussions tab in
For **feature requests**: first search for related requests in the issues and discussions, if you don't find anything: create a _discussion_.
## Rate Limiting of Support Requests through Temporary Blocking
To ensure that the Renovate maintainers don't burn out from dealing with unfriendly behavior, those who display a bad attitude when asking for or receiving support in the repo will be rate limited from further requests through the use of temporary blocking.
The duration of the temporary block depends on how rude or inconsiderate the behavior is perceived to be, and can be from 1-30 days.
If you have been blocked temporarily and believe that it is due to a misunderstanding, or you regret your comments and wish to make amends, please reach out to the lead maintainer Rhys Arkins by email with any request for early unblocking.
If/once you are unblocked, you should edit or delete whatever comment lead to the blocking, even if you did not intend it to be rude or inconsiderate.
Long emails or apologies are undesirable - the maintainers are busy and want to be able to help as many users as possible with the time they have available.
## Code
If you would like to fix a bug or work on a feature, please fork the repository and create a Pull Request.
......
.github/label-actions.yml
View file @ 2dcb0fa3
......@@ -9,15 +9,12 @@
Before we start working on your issue we need to know exactly what's causing the current behavior.
A minimal reproduction helps us with this.
Discussions without reproductions are less likely to be converted to Issues.
To get started, please read our guide on creating a [minimal reproduction](https://github.com/renovatebot/renovate/blob/main/docs/development/minimal-reproductions.md).
We may close the discussion if you, or someone else, haven't created a minimal reproduction within two weeks.
If you need more time, or are stuck, please ask for help or more time in a comment.
Good luck,
......@@ -42,15 +39,15 @@
<details><summary>Select me to read instructions</summary>
If you use the Renovate app (GitHub):
If you use the Mend Renovate app (GitHub):
1. Go to the affected PR, and search for "View repository job log here"
1. Log in to [the Mend Developer Portal](https://developer.mend.io/)
1. Select the link to go to the "Mend Renovate Dashboard" and log in
1. Navigate to the correct organization and repository
1. You are now in the correct repository log overview screen
1. Locate the appropriate log (it may not always be the latest one)
1. Copy/paste the correct log
1. Copy/paste the log contents
1. Follow the steps in the **formatting your logs** section
......@@ -62,7 +59,7 @@
<details><summary>Select me to read instructions</summary>
If you're running self-hosted, run with `LOG_LEVEL=debug` in your environment variables and search for whatever dependency/branch/PR that is causing the problem.
Read the [Renovate docs, troubleshooting, self-hosted](https://docs.renovatebot.com/troubleshooting/#self-hosted) to learn how to find the logs.
</details>
......@@ -96,6 +93,9 @@
</details>
If you feel the logs are too large to paste here, please use a service like [GitHub Gist](https://gist.github.com/) and paste the link here.
Good luck,
......@@ -128,6 +128,9 @@
Please try the latest version and tell us if that fixes your problem.
Be sure to provide updated logs once you have run with a newer version.
Good luck,
......@@ -168,7 +171,7 @@
Hi there,
You are using `done` comments which cause a lot of noise.
You are using `done` comments which cause a lot of noise/notifications.
Instead, please use GitHub's web interface to request another review.
Please read our [contributing guidelines](https://github.com/renovatebot/renovate/blob/main/.github/contributing.md#resolve-review-comments-instead-of-commenting) to reduce noise.
......@@ -184,7 +187,13 @@
Thank you for your PR, but we need to discuss the requirements and implementation first.
This PR will be closed, but you can reopen it after the discussion has been resolved.
The maintainers believe that there is a lack of - or misalignment of - requirements about this PR.
We need to discuss the requirements and implementation first so that you don't write code that won't be merged.
This PR will be closed for now to avoid confusion, but you can reopen it after the discussion has been resolved.
Thanks, the Renovate team
......@@ -198,21 +207,39 @@
This discussion is missing some details, making it difficult or impossible to help you.
Please try again to provide more details.
For example, you may have left out information about your platform (e.g. GitHub Enterprise Server, etc), your version of Renovate (npm, Docker, GitHub Action, etc), or how you're running Renovate.
If you can't think of what possible information might be required, please reply to this message and ask for help.
'needs-discussion':
unlabel:
- 'type:bug'
- 'type:feature'
- 'status:requirements'
comment: >
**Please create a GitHub Discussion instead of this issue.**
We only want Renovate maintainers to create new Issues. If needed, a Renovate maintainer will create an Issue after your Discussion been triaged and confirmed. As a Renovate user, please create a GitHub Discussion in this repo instead.
Issues in this repository are for creation by Maintainers only - please create a GitHub Discussion instead.
If needed, a Renovate maintainer will create an Issue after your Discussion been triaged and confirmed.
This Issue will now be closed and locked. We may later batch-delete this issue. This way we keep Issues actionable, and free of duplicates or wrong bug reports.
Thanks, the Renovate team
close: true
close-reason: 'not planned'
'auto:inactivity-pr-close':
comment: >
**We're closing this PR due to inactivity, but we are happy for you, or others, to finish the PR.**
We limit the number of open PRs, so we close stale PRs, or PRs that are not getting ready to merge.
If you, or someone else, want to continue working on this PR, then please reopen this PR and let us know.
Thanks, the Renovate team
close: true
close-reason: 'not planned'
......@@ -271,9 +298,6 @@
- Stop giving off more bad vibes
If you're unhappy with this, we suggest you stop using the repository discussions or the product altogether.
Thanks, the Renovate team
'auto:one-topic':
......@@ -299,32 +323,13 @@
Hi there,
Please do not unnecessarily `@` mention maintainers like `@rarkins` or `@viceice`. Doing so causes annoying notifications and makes it harder to maintain this repository.
For example, never `@` mention a maintainer when you are creating a discussion if your desire is to get attention. This is rude behavior, just like shouting out your coffee order in a Starbucks before it's your turn.
It's OK to comment in an issue or discussion after multiple days or weeks. But please, still don't `@` mention people. The maintainers try to answer most discussions, but they can't answer all discussions. If you're still not getting an answer, take a look at the information you've given us and see if you can improve it.
Thanks, the Renovate team
'auto:misclassified-problem':
comment: >
Hi there,
This is intended as a polite, automated _request_ that users avoid `@` mentioning repository maintainers like `@rarkins` or `@viceice`. Doing so causes annoying mobile notifications and makes it harder to maintain this repository.
A maintainer has flagged that this discussion is _misclassified_ as a bug when it is not.
We know it might be common elsewhere but we participate in hundreds of discussions a week and would need to turn off GitHub mobile notifications if we were mentioned in every one.
Incorrectly classified discussions waste maintainer time, worsen search result accuracy and make it harder to train AI on this dataset.
As a general rule, we will read and respond to all discussions in this repository, so there is no need to mention us.
The next time you create a discussion, please keep in mind:
- If you are new to Renovate, try to stick to questions instead of problem reports
- Just because Renovate does something you don't expect, doesn't automatically mean it's a bug
- Unsupported features should be raised as ideas, not problems
- Those who appear to be _twisting_ questions into sounding like a bug for attention will be given the least support
Thanks, the Renovate team
.github/workflows/build.yml
View file @ 2dcb0fa3
......@@ -32,13 +32,13 @@ env:
DEFAULT_BRANCH: ${{ github.event.repository.default_branch }}
NODE_VERSION: 18
DRY_RUN: true
TEST_LEGACY_DECRYPTION: true
SPARSE_CHECKOUT: |-
.github/actions/
data/
tools/
package.json
pnpm-lock.yaml
codecov.yml
jobs:
setup:
......@@ -93,10 +93,11 @@ jobs:
run: gh api ${{ env.PR_URL }} | jq -rc '${{ env.JQ_FILTER }}' >> "$GITHUB_OUTPUT"
- name: Checkout code
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
sparse-checkout: ${{ env.SPARSE_CHECKOUT }}
filter: blob:none # we don't need all blobs
sparse-checkout: ${{ env.SPARSE_CHECKOUT }}
show-progress: false
- name: Calculate matrix for `node_modules` prefetch
uses: ./.github/actions/calculate-prefetch-matrix
......@@ -150,9 +151,11 @@ jobs:
steps:
- name: Checkout code
if: needs.setup.outputs.os-matrix-is-full && runner.os != 'Linux'
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
filter: blob:none # we don't need all blobs
sparse-checkout: ${{ env.SPARSE_CHECKOUT }}
show-progress: false
- name: Setup Node.js
if: needs.setup.outputs.os-matrix-is-full && runner.os != 'Linux'
......@@ -172,7 +175,9 @@ jobs:
steps:
- name: Checkout code
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
show-progress: false
- name: Setup Node.js
uses: ./.github/actions/setup-node
......@@ -181,7 +186,7 @@ jobs:
os: ${{ runner.os }}
- name: Restore eslint cache
uses: actions/cache/restore@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0
uses: actions/cache/restore@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
with:
path: .cache/eslint
key: eslint-main-cache
......@@ -200,7 +205,7 @@ jobs:
- name: Save eslint cache
if: github.event_name == 'push'
uses: actions/cache/save@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0
uses: actions/cache/save@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
with:
path: .cache/eslint
key: eslint-main-cache
......@@ -215,7 +220,9 @@ jobs:
steps:
- name: Checkout code
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
show-progress: false
- name: Setup Node.js
uses: ./.github/actions/setup-node
......@@ -224,7 +231,7 @@ jobs:
os: ${{ runner.os }}
- name: Restore prettier cache
uses: actions/cache/restore@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0
uses: actions/cache/restore@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
with:
path: .cache/prettier
key: prettier-main-cache
......@@ -243,7 +250,7 @@ jobs:
- name: Save prettier cache
if: github.event_name == 'push'
uses: actions/cache/save@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0
uses: actions/cache/save@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
with:
path: .cache/prettier
key: prettier-main-cache
......@@ -255,7 +262,9 @@ jobs:
steps:
- name: Checkout code
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
show-progress: false
- name: Setup Node.js
uses: ./.github/actions/setup-node
......@@ -264,7 +273,7 @@ jobs:
os: ${{ runner.os }}
- name: Lint markdown
uses: DavidAnson/markdownlint-cli2-action@510b996878fc0d1a46c8a04ec86b06dbfba09de7 # v15.0.0
uses: DavidAnson/markdownlint-cli2-action@b4c9feab76d8025d1e83c653fa3990936df0e6c8 # v16.0.0
- name: Lint fenced code blocks
run: pnpm doc-fence-check
......@@ -282,7 +291,9 @@ jobs:
steps:
- name: Checkout code
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
show-progress: false
- name: Setup Node.js
uses: ./.github/actions/setup-node
......@@ -319,7 +330,9 @@ jobs:
include: ${{ fromJSON(needs.setup.outputs.test-shard-matrix) }}
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
show-progress: false
- name: Setup Node.js
uses: ./.github/actions/setup-node
......@@ -328,7 +341,7 @@ jobs:
os: ${{ runner.os }}
- name: Cache jest
uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0
uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
with:
path: .cache/jest
key: |
......@@ -366,7 +379,7 @@ jobs:
- name: Save coverage artifacts
if: (success() || failure()) && github.event.pull_request.draft != true && matrix.coverage
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
with:
name: ${{ matrix.upload-artifact-name }}
path: |
......@@ -377,20 +390,27 @@ jobs:
needs: [test]
runs-on: ubuntu-latest
timeout-minutes: 3
if: (success() || failure()) && github.event.pull_request.draft != true
if: (success() || failure()) && github.event_name != 'merge_group' && github.event.pull_request.draft != true
steps:
- name: Checkout code
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
filter: blob:none # we don't need all blobs
show-progress: false
- name: Download coverage reports
uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
with:
pattern: coverage-*
path: coverage
merge-multiple: true
- name: Codecov
uses: codecov/codecov-action@ab904c41d6ece82784817410c45d8b8c02684457 # v3.1.6
uses: codecov/codecov-action@125fc84a9a348dbcf27191600683ec096ec9021c # v4.4.1
with:
token: ${{ secrets.CODECOV_TOKEN }}
directory: coverage/lcov
fail_ci_if_error: true
fail_ci_if_error: github.event_name != 'pull_request'
verbose: true
coverage-threshold:
......@@ -401,10 +421,11 @@ jobs:
if: (success() || failure()) && github.event.pull_request.draft != true
steps:
- name: Checkout code
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
sparse-checkout: ${{ env.SPARSE_CHECKOUT }}
filter: blob:none # we don't need all blobs
sparse-checkout: ${{ env.SPARSE_CHECKOUT }}
show-progress: false
- name: Setup Node.js
uses: ./.github/actions/setup-node
......@@ -413,7 +434,7 @@ jobs:
os: ${{ runner.os }}
- name: Download coverage reports
uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
with:
pattern: coverage-*
path: coverage
......@@ -486,11 +507,13 @@ jobs:
build:
needs: setup
runs-on: ubuntu-latest
timeout-minutes: 5
timeout-minutes: 15
if: github.event.pull_request.draft != true
steps:
- name: Checkout code
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
show-progress: false
- name: Setup Node.js
uses: ./.github/actions/setup-node
......@@ -510,7 +533,7 @@ jobs:
run: pnpm test-e2e:pack
- name: Upload
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
with:
name: renovate-package
path: renovate-0.0.0-semantic-release.tgz
......@@ -522,7 +545,9 @@ jobs:
if: github.event.pull_request.draft != true
steps:
- name: Checkout code
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
show-progress: false
- name: Setup Node.js
uses: ./.github/actions/setup-node
......@@ -533,8 +558,11 @@ jobs:
- name: Build
run: pnpm build:docs
- name: Test docs
run: pnpm test:docs
- name: Upload
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
with:
name: docs
path: tmp/docs/
......@@ -548,19 +576,22 @@ jobs:
steps:
- name: Checkout code
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
show-progress: false
- name: Setup pnpm
uses: pnpm/action-setup@a3252b78c470c02df07e9d59298aecedc3ccdd6d # v3.0.0
with:
standalone: true
- name: Setup Node.js
uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2
with:
node-version: ${{ env.NODE_VERSION }}
- name: Enable corepack
shell: bash
run: corepack enable
- name: Download package
uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
with:
name: renovate-package
......@@ -594,14 +625,14 @@ jobs:
packages: write
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
fetch-depth: 0 # zero stands for full checkout, which is required for semantic-release
show-progress: false
filter: blob:none # we don't need all blobs, only the full tree
show-progress: false
- name: docker-config
uses: containerbase/internal-tools@2d0f3e80979d6096de2c2f4d84936bb4dfab9ac6 # v3.0.60
uses: containerbase/internal-tools@c1f30a1fe20205256d74fe28d8c114e857e30c23 # v3.0.94
with:
command: docker-config
......@@ -611,7 +642,7 @@ jobs:
node-version: ${{ env.NODE_VERSION }}
os: ${{ runner.os }}
- uses: sigstore/cosign-installer@e1523de7571e31dbe865fd2e80c5c7c23ae71eb4 # v3.4.0
- uses: sigstore/cosign-installer@59acb6260d9c0ba8f4a2f9d9b48431a222b68e20 # v3.5.0
- name: Docker registry login
run: |
......
.github/workflows/codeql-analysis.yml
View file @ 2dcb0fa3
......@@ -31,7 +31,9 @@ jobs:
security-events: write
steps:
- name: Checkout repository
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
show-progress: false
- name: Delete fixtures to suppress false positives
run: |
......@@ -39,7 +41,7 @@ jobs:
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@379614612a29c9e28f31f39a59013eb8012a51f0 # v3.24.3
uses: github/codeql-action/init@530d4feaa9c62aaab2d250371e2061eb7a172363 # v3.25.9
with:
languages: javascript
......@@ -49,7 +51,7 @@ jobs:
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
# If this step fails, then you should remove it and run the build manually (see below)
- name: Autobuild
uses: github/codeql-action/autobuild@379614612a29c9e28f31f39a59013eb8012a51f0 # v3.24.3
uses: github/codeql-action/autobuild@530d4feaa9c62aaab2d250371e2061eb7a172363 # v3.25.9
# ℹ️ Command-line programs to run using the OS shell.
# 📚 https://git.io/JvXDl
......@@ -63,4 +65,4 @@ jobs:
# make release
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@379614612a29c9e28f31f39a59013eb8012a51f0 # v3.24.3
uses: github/codeql-action/analyze@530d4feaa9c62aaab2d250371e2061eb7a172363 # v3.25.9
.github/workflows/dependency-review.yml
View file @ 2dcb0fa3
......@@ -9,7 +9,9 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: 'Checkout Repository'
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
show-progress: false
- name: 'Dependency Review'
uses: actions/dependency-review-action@9129d7d40b8c12c1ed0f60400d00c92d437adcce # v4.1.3
uses: actions/dependency-review-action@72eb03d02c7872a771aacd928f3123ac62ad6d3a # v4.3.3
.github/workflows/devcontainer.yml
View file @ 2dcb0fa3
......@@ -18,9 +18,11 @@ jobs:
if: github.event.pull_request.draft != true
steps:
- name: Checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
show-progress: false
- name: Build and run dev container task
uses: devcontainers/ci@3d462823359c481c587cb7426f39775f24257115 # v0.3.1900000339
uses: devcontainers/ci@a56d055efecd725e8cfe370543b6071b79989cc8 # v0.3.1900000349
with:
runCmd: pnpm build
.github/workflows/mend-slack.yml
View file @ 2dcb0fa3
......@@ -14,7 +14,7 @@ jobs:
steps:
- name: Post to Slack
id: slack
uses: slackapi/slack-github-action@6c661ce58804a1a20f6dc5fbee7f0381b469e001 # v1.25.0
uses: slackapi/slack-github-action@70cd7be8e40a46e8b0eced40b0de447bdb42f68e # v1.26.0
with:
channel-id: 'C05NLTMGCJC'
# For posting a simple plain text message
......
.github/workflows/scorecard.yml
View file @ 2dcb0fa3
......@@ -20,12 +20,13 @@ jobs:
steps:
- name: 'Checkout code'
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
persist-credentials: false
show-progress: false
- name: 'Run analysis'
uses: ossf/scorecard-action@0864cf19026789058feabb7e87baa5f140aac736 # v2.3.1
uses: ossf/scorecard-action@dc50aa9510b46c811795eb24b2f1ba02a914e534 # v2.3.3
with:
results_file: results.sarif
results_format: sarif
......@@ -42,7 +43,7 @@ jobs:
# Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
# format to the repository Actions tab.
- name: 'Upload artifact'
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
with:
name: SARIF file
path: results.sarif
......@@ -50,6 +51,6 @@ jobs:
# Upload the results to GitHub's code scanning dashboard.
- name: 'Upload to code-scanning'
uses: github/codeql-action/upload-sarif@379614612a29c9e28f31f39a59013eb8012a51f0 # v3.24.3
uses: github/codeql-action/upload-sarif@530d4feaa9c62aaab2d250371e2061eb7a172363 # v3.25.9
with:
sarif_file: results.sarif
.github/workflows/trivy.yml
View file @ 2dcb0fa3
......@@ -21,7 +21,7 @@ jobs:
- full
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
show-progress: false
......@@ -31,7 +31,7 @@ jobs:
format: 'sarif'
output: 'trivy-results.sarif'
- uses: github/codeql-action/upload-sarif@379614612a29c9e28f31f39a59013eb8012a51f0 # v3.24.3
- uses: github/codeql-action/upload-sarif@530d4feaa9c62aaab2d250371e2061eb7a172363 # v3.25.9
with:
sarif_file: trivy-results.sarif
category: 'docker-image-${{ matrix.tag }}'
.github/workflows/update-data.yml
View file @ 2dcb0fa3
......@@ -17,11 +17,14 @@ jobs:
contents: write
pull-requests: write
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
show-progress: false
- name: Enable corepack
shell: bash
run: corepack enable
- name: Setup pnpm
uses: pnpm/action-setup@a3252b78c470c02df07e9d59298aecedc3ccdd6d # v3.0.0
with:
standalone: true
- name: Set up Node.js ${{ env.NODE_VERSION }}
uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2
......@@ -39,7 +42,7 @@ jobs:
run: pnpm prettier-fix
- name: Create pull request
uses: peter-evans/create-pull-request@b1ddad2c994a25fbc81a28b3ec0e368bb2021c50 # v6.0.0
uses: peter-evans/create-pull-request@6d6857d36972b65feb161a90e484f2984215f83e # v6.0.5
with:
author: 'Renovate Bot <renovate@whitesourcesoftware.com>'
branch: 'chore/update-static-data'
......
.github/workflows/ws_scan.yaml
View file @ 2dcb0fa3
......@@ -11,7 +11,9 @@ jobs:
WS_SCAN:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
show-progress: false
- name: Download UA
run: curl -LJO https://github.com/whitesource/unified-agent-distribution/releases/latest/download/wss-unified-agent.jar
......
.ls-lint.yml
View file @ 2dcb0fa3
......@@ -12,6 +12,7 @@ ignore:
- .git
- .github/ISSUE_TEMPLATE
- .github/pull_request_template.md
- CODE_OF_CONDUCT.md
- dist
- jest.config.ts
- node_modules
......