mirrors/hedgedoc
1
0
Fork 0
mirror of https://github.com/hedgedoc/hedgedoc.git synced 2025-05-09 05:41:57 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
6673 commits 48 branches 50 tags 224 MiB
Commit graph

344 commits

Author SHA1 Message Date
Tilman Vatteroth
4ee9997256 ci: unpin actions 
Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>
 2025-04-20 19:55:35 +02:00
Tilman Vatteroth
5d16557616 ci: unpin actions 
Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>
 2025-04-20 19:55:35 +02:00
Erik Michelson
15f6e12bee fix(ci): cache cypress binary correctly 
It seems cypress installs its own binary under a different path than
the path where it later looks for it for running the tests. This
change adds proper versioned caching for the binary to avoid re-
downloads and configures the binary path accordingly.

Signed-off-by: Erik Michelson <github@erik.michelson.eu>
 2025-04-20 19:55:35 +02:00
Tilman Vatteroth
c7f318e525 ci: unpin actions 
some of the hashes dont exist anymore. but i'm too lazy to look for the new hashes. So i let renovate update them later.

Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>
 2025-04-20 19:29:05 +02:00
renovate[bot]
a522380c4c chore(deps): update actions/cache action to v4.2.1 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-02-19 18:55:51 +01:00
renovate[bot]
0051c33fe6
chore(deps): update mariadb:11.5.2 docker digest to 2d50fe0 (develop) (#5952) 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-02-01 22:45:00 +00:00
renovate[bot]
fc094b64c9
chore(deps): update actions/upload-artifact digest to 65c4c4a (develop) (#5942) 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-02-01 21:15:08 +00:00
renovate[bot]
09e365ceea chore(deps): update codecov/codecov-action action to v4.6.0
Some checks failed
Run tests & build / Test and build with NodeJS 20 (push) Has been cancelled
Details
Docker / build-and-push (backend) (push) Has been cancelled
Details
Docker / build-and-push (frontend) (push) Has been cancelled
Details
Static Analysis / CodeQL analysis (push) Has been cancelled
Details
E2E Tests / backend-sqlite (push) Has been cancelled
Details
E2E Tests / backend-mariadb (push) Has been cancelled
Details
E2E Tests / backend-postgres (push) Has been cancelled
Details
E2E Tests / Build test build of frontend (push) Has been cancelled
Details
Lint and check format / Lint files and check formatting (push) Has been cancelled
Details
REUSE Compliance Check / reuse (push) Has been cancelled
Details
Scorecard supply-chain security / Scorecard analysis (push) Has been cancelled
Details
Static Analysis / Njsscan code scanning (push) Has been cancelled
Details
E2E Tests / frontend-cypress (1) (push) Has been cancelled
Details
E2E Tests / frontend-cypress (2) (push) Has been cancelled
Details
E2E Tests / frontend-cypress (3) (push) Has been cancelled
Details 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-11-15 10:48:40 +01:00
renovate[bot]
f97e5469ac chore(deps): update actions/cache action to v4.1.2 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-11-15 10:48:04 +01:00
renovate[bot]
44fb5aa091 chore(deps): update actions/checkout action to v4.2.2 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-11-15 10:47:19 +01:00
renovate[bot]
7dcc35d0bc chore(deps): update actions/setup-node action to v4.1.0 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-11-15 10:46:45 +01:00
renovate[bot]
ce5956b3d6
chore(deps): update github/codeql-action action to v3.26.13 (develop) (#5872)
Some checks failed
Docker / build-and-push (backend) (push) Has been cancelled
Details
Docker / build-and-push (frontend) (push) Has been cancelled
Details
Deploy HD2 docs to Netlify / Deploys to netlify (push) Has been cancelled
Details
E2E Tests / backend-sqlite (push) Has been cancelled
Details
E2E Tests / backend-mariadb (push) Has been cancelled
Details
E2E Tests / backend-postgres (push) Has been cancelled
Details
REUSE Compliance Check / reuse (push) Has been cancelled
Details
E2E Tests / Build test build of frontend (push) Has been cancelled
Details
Lint and check format / Lint files and check formatting (push) Has been cancelled
Details
Scorecard supply-chain security / Scorecard analysis (push) Has been cancelled
Details
Static Analysis / Njsscan code scanning (push) Has been cancelled
Details
Static Analysis / CodeQL analysis (push) Has been cancelled
Details
Run tests & build / Test and build with NodeJS 20 (push) Has been cancelled
Details
E2E Tests / frontend-cypress (1) (push) Has been cancelled
Details
E2E Tests / frontend-cypress (2) (push) Has been cancelled
Details
E2E Tests / frontend-cypress (3) (push) Has been cancelled
Details 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-11-12 20:38:28 +00:00
renovate[bot]
f41a39ea38
chore(deps): update actions/upload-artifact action to v4.4.3 (develop) (#5871) 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-11-12 20:35:13 +00:00
renovate[bot]
8ebc07ae7a
chore(deps): update postgres:16.4 docker digest to e62fbf9 (develop) (#5870) 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-11-12 20:34:41 +00:00
renovate[bot]
0fda44f625
chore(deps): update mariadb:11.5.2 docker digest to 4a1de8f (develop) (#5868) 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-11-12 20:33:06 +00:00
renovate[bot]
55acd214b7
chore(deps): update actions/upload-artifact digest to 184d73b (develop) (#5866) 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-11-12 20:32:55 +00:00
renovate[bot]
ea4c13efd3
chore(deps): update ajinabraham/njsscan-action digest to c7b65a3 (develop) (#5867) 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-11-12 20:32:43 +00:00
renovate[bot]
f4c633c5c7 chore(deps): pin cypress/browsers docker tag to 3dd9d85 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-11-12 21:27:33 +01:00
Erik Michelson
313b823cbf chore(deps): upgrade cypress browsers image 
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
 2024-11-12 20:58:09 +01:00
renovate[bot]
0217f68fc7 chore(deps): update actions/upload-artifact digest to 3eadd8b 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-09-26 16:50:09 +00:00
renovate[bot]
3958fdab71 chore(deps): update actions/setup-node action to v4.0.4 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-09-26 16:49:18 +00:00
renovate[bot]
783cd1c8b5 chore(deps): update docker/build-push-action action to v6 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-31 18:12:25 +02:00
renovate[bot]
e1c5332bec chore(deps): update fsfe/reuse docker tag to v4 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-31 18:04:12 +02:00
Philip Molares
03a388c6f9 fix: turbo filter commands 
turbo now wants you to specify the whole name and not just part of the name.

See: https://github.com/vercel/turborepo/pull/8137
Signed-off-by: Philip Molares <philip.molares@udo.edu>
 2024-08-31 12:53:53 +02:00
renovate[bot]
e10a7f885a chore(deps): update actions/upload-artifact action to v4.4.0
Some checks are pending
Docker / build-and-push (backend) (push) Waiting to run
Details
Docker / build-and-push (frontend) (push) Waiting to run
Details
E2E Tests / backend-sqlite (push) Waiting to run
Details
E2E Tests / backend-mariadb (push) Waiting to run
Details
E2E Tests / backend-postgres (push) Waiting to run
Details
E2E Tests / Build test build of frontend (push) Waiting to run
Details
E2E Tests / frontend-cypress (1) (push) Blocked by required conditions
Details
E2E Tests / frontend-cypress (2) (push) Blocked by required conditions
Details
E2E Tests / frontend-cypress (3) (push) Blocked by required conditions
Details
Lint and check format / Lint files and check formatting (push) Waiting to run
Details
REUSE Compliance Check / reuse (push) Waiting to run
Details
Scorecard supply-chain security / Scorecard analysis (push) Waiting to run
Details
Static Analysis / Njsscan code scanning (push) Waiting to run
Details
Static Analysis / CodeQL analysis (javascript) (push) Waiting to run
Details
Run tests & build / Test and build with NodeJS 20 (push) Waiting to run
Details 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-31 10:16:03 +02:00
renovate[bot]
e3697b3a30 chore(deps): update github/codeql-action action to v3.26.6
Some checks are pending
Docker / build-and-push (backend) (push) Waiting to run
Details
Docker / build-and-push (frontend) (push) Waiting to run
Details
E2E Tests / backend-sqlite (push) Waiting to run
Details
E2E Tests / backend-mariadb (push) Waiting to run
Details
E2E Tests / backend-postgres (push) Waiting to run
Details
E2E Tests / Build test build of frontend (push) Waiting to run
Details
E2E Tests / frontend-cypress (1) (push) Blocked by required conditions
Details
E2E Tests / frontend-cypress (2) (push) Blocked by required conditions
Details
E2E Tests / frontend-cypress (3) (push) Blocked by required conditions
Details
Lint and check format / Lint files and check formatting (push) Waiting to run
Details
REUSE Compliance Check / reuse (push) Waiting to run
Details
Scorecard supply-chain security / Scorecard analysis (push) Waiting to run
Details
Static Analysis / Njsscan code scanning (push) Waiting to run
Details
Static Analysis / CodeQL analysis (javascript) (push) Waiting to run
Details
Run tests & build / Test and build with NodeJS 20 (push) Waiting to run
Details 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-30 09:42:18 +00:00
renovate[bot]
986d9aa4d6 chore(deps): update actions/upload-artifact digest to 5076954 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-30 09:37:35 +00:00
renovate[bot]
846368304c chore(deps): update mariadb docker tag to v11.5.2 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-29 12:59:49 +02:00
renovate[bot]
5d60abb5d5 chore(deps): update postgres docker tag to v16.4 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-29 12:59:11 +02:00
renovate[bot]
b38dbece19 chore(deps): update docker/build-push-action action to v5.4.0 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-29 12:01:11 +02:00
renovate[bot]
6c7dcb8954 chore(deps): update docker/login-action action to v3.3.0 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-29 12:00:46 +02:00
renovate[bot]
d00d7d4bd8 chore(deps): update docker/setup-buildx-action action to v3.6.1 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-29 12:00:21 +02:00
renovate[bot]
589ab5ddc5 chore(deps): update docker/setup-qemu-action action to v3.2.0 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-29 11:59:51 +02:00
renovate[bot]
ec2aaa86f7 chore(deps): update codecov/codecov-action action to v4.5.0 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-29 11:59:18 +02:00
renovate[bot]
0da6b21186 chore(deps): update github/codeql-action action to v3.26.5 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-29 11:58:45 +02:00
renovate[bot]
bc6688a83f chore(deps): update ossf/scorecard-action action to v2.4.0 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-29 11:58:22 +02:00
renovate[bot]
0455632c46 chore(deps): update mariadb docker tag to v11.2.5 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-29 10:43:54 +02:00
renovate[bot]
954a384d65 chore(deps): update ossf/scorecard-action action to v2.3.3 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-29 07:16:00 +00:00
renovate[bot]
51bc6cc33f chore(deps): update github/codeql-action action to v3.24.11 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-29 05:21:34 +00:00
renovate[bot]
c8c7715287 chore(deps): update fsfe/reuse docker tag to v3.0.2 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-29 05:20:45 +00:00
renovate[bot]
e242d5ccf3 chore(deps): update codecov/codecov-action action to v4.0.2 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-28 22:37:08 +00:00
renovate[bot]
95748d1370 chore(deps): update actions/upload-artifact action to v4.3.6 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-28 22:31:20 +00:00
renovate[bot]
5e236e4906 chore(deps): update actions/setup-node action to v4.0.3 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-28 22:30:51 +00:00
renovate[bot]
b65c8c1ff5 chore(deps): update actions/checkout action to v4.1.7 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-28 22:29:42 +00:00
renovate[bot]
9b64471554 chore(deps): update actions/checkout digest to 692973e 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-28 22:25:07 +00:00
renovate[bot]
8fedd5402c chore(deps): update actions/cache action to v4.0.2 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-28 22:24:54 +00:00
renovate[bot]
52944840c1 chore(deps): update actions/upload-artifact digest to 834a144 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-28 22:22:11 +00:00
Erik Michelson
1f1231a730 ci: remove netlify deployment workflow
Some checks failed
E2E Tests / backend-sqlite (push) Has been cancelled
Details
Static Analysis / CodeQL analysis (javascript) (push) Has been cancelled
Details
Run tests & build / Test and build with NodeJS ${{ matrix.node }} (true, 20) (push) Has been cancelled
Details
Docker / build-and-push (backend) (push) Has been cancelled
Details
Docker / build-and-push (frontend) (push) Has been cancelled
Details
Deploy HD2 docs to Netlify / Deploys to netlify (push) Has been cancelled
Details
E2E Tests / backend-mariadb (push) Has been cancelled
Details
E2E Tests / backend-postgres (push) Has been cancelled
Details
E2E Tests / Build test build of frontend (push) Has been cancelled
Details
Lint and check format / Lint files and check formatting (push) Has been cancelled
Details
REUSE Compliance Check / reuse (push) Has been cancelled
Details
Scorecard supply-chain security / Scorecard analysis (push) Has been cancelled
Details
Static Analysis / Njsscan code scanning (push) Has been cancelled
Details
E2E Tests / frontend-cypress (1) (push) Has been cancelled
Details
E2E Tests / frontend-cypress (2) (push) Has been cancelled
Details
E2E Tests / frontend-cypress (3) (push) Has been cancelled
Details 
This workflow was used in an early stage of development of HedgeDoc 2.
It allowed the core developers to quickly check fixes, improvements or
new features to the HedgeDoc UI without the requirement to check-out
the branch locally. As not every pull request required a deployment,
this workflow was only triggered when the "ci: force deployment"
label was added. Since some time already, the frontend and backend
are so tightly coupled that the netfliy deployment doesn't make any
sense anymore and therefore hasn't been used anymore. This commit
therefore removes this leftover workflow.

@RedYetiDev contacted us privately and reported that this deployment
workflow could have been abused to invoke arbitrary commands, including
extraction of environment variables which include our tokens for the
turborepo build cache or the netlify deployment token. For this it
would have been required that somebody created a "safe" pull request,
which would have been labelled with the deployment label and then
changed afterwards since the workflow checks out the pull request
source repository, not the target. We assured that the label was only
added to pull requests from trusted members of the HedgeDoc core team.
There was never any malicious use of the workflow. Furthermore, no
released versions of HedgeDoc (1.x) could have been affected by this,
even in the worst-case scenario.

We're thankful for putting this risk at our attention!
If you too encounter something unusual regarding security in HedgeDoc
itself or our toolchain around it, don't hesitate to contact us.
Details on this are wriiten in our SECURITY.md in the root of the
repository.

Signed-off-by: Erik Michelson <github@erik.michelson.eu>
 2024-07-30 08:48:38 +02:00
Erik Michelson
d3318eb232 fix(ci): adjust options for artifacts action v4 
See: https://github.com/actions/upload-artifact/blob/main/docs/MIGRATION.md
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
 2024-02-12 09:39:38 +01:00
renovate[bot]
6e42da2613 chore(deps): update actions/download-artifact action to v4 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-02-12 09:39:38 +01:00