StarMirror
/
PrivateBin
mirror of https://github.com/PrivateBin/PrivateBin
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
3,180 Commits
9 Branches
28 Tags
24 MiB
Commit Graph

132 Commits (master)

Author SHA1 Message Date
dependabot[bot] ba25ab8fa9
Bump actions/cache from 3 to 4 
Bumps [actions/cache](https://github.com/actions/cache) from 3 to 4.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-01-18 11:21:35 +00:00
dependabot[bot] 03e3e4fa06
Bump github/codeql-action from 2 to 3 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2 to 3.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-14 11:52:46 +00:00
El RIDO 826444bef7
fix shasum in release pipeline, hope this fixes #1169 2023-12-09 10:50:49 +01:00
El RIDO 8d97569de0
enable testing on PHP 8.3 and 8.4 
at this time both are still installed out of nightly builds, though 8.3
got released last week, see:
https://github.com/shivammathur/setup-php#tada-php-support
 2023-11-26 09:54:28 +01:00
rugk b9d74ecd35
Use Node20 for tests 
A try following https://github.com/PrivateBin/PrivateBin/pull/1189#pullrequestreview-1695447526
 2023-10-24 19:03:47 +02:00
dependabot[bot] 9114ca00bf
Bump actions/setup-node from 3 to 4 
Bumps [actions/setup-node](https://github.com/actions/setup-node) from 3 to 4.
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/setup-node
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-24 11:05:40 +00:00
dependabot[bot] 58f919ecdd
Bump actions/checkout from 3 to 4 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-22 11:33:49 +00:00
El RIDO ad50950b3c
Extract latest changelog entry and attach it to draft 2023-09-18 20:50:14 +02:00
El RIDO 73c13af10d
add workflow attaching SLSA provinence to draft release 2023-09-18 20:47:16 +02:00
rugk db2d8f1598
Also add FAQ sectiontick box requirement for bug template 
It's apparently not enough to have in the Q/A, best is we have it here to.

The next step would be converting that into the same form like the QA template. After all, it may mostly just be copy paste as it is nearly identical but well…
 2023-09-14 00:02:01 +02:00
rugk 168fb46767
Fix error message about QA template 
GitHub complains:
> title must be of type String and cannot be empty. Learn more about this error.

Well then… as we don't want to provide a default title (see https://github.com/PrivateBin/PrivateBin/pull/1155) let's remove it.
 2023-09-13 23:56:35 +02:00
dependabot[bot] 5bd2eb97e6
Bump actions/checkout from 3 to 4 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-05 11:13:01 +00:00
R4SAS 617b421d8f
Fix comment in bug report issue template 2023-09-03 19:30:32 +03:00
rugk 876a59cedc
Apprently GitHub 
Apparently GitHub now adds a security policy button by default (this is new, is not it?)?
Also they have a policy report form behind that button. So reports can apparently now be made online at GitHub? (IMHO that is fine, just need to be aware of that)

As such, IMHO two buttons would be confusing, so let's remove our custom one here?
 2023-08-28 18:49:27 +02:00
rugk 1470b0cb9c
QA tenplate: remove prefilled title 
Let's remove that.

1. With label and A&A category we have more than enough options for filtering such requests.
2. Actually, as you can see in https://github.com/orgs/PrivateBin/discussions/1152, as it is a required field, but already filled out… we want them to write proper titles.
 2023-08-24 22:14:15 +02:00
rugk 61457c46c0
doc: link FAQ in option too 
The doc says MD is supported for that here, too.
 2023-08-24 21:35:42 +02:00
rugk 11fd21f8a8
doc: improve wording/grammar 2023-08-24 21:32:42 +02:00
rugk 906c115a97
Make QA template more strict and helpful 
1. Require to fill out STRs.
2. Add more fields for client stuff, i.e. web browser and OS.
3. Add more placeholders and descriptions to guide users.
4. Adjust the reproducibility thing to be more clear. I.e. before the result was sth. like "Issue reproducibility: Yes" - this could be confused with "Is it always reproducible? Yes", and not "It is reproducible on our test instance."
 2023-08-24 21:30:25 +02:00
El RIDO 5047e6c550
Merge pull request #1149 from PrivateBin/delete-shifleft 
Delete shiftleft-analysis.yml
 2023-08-18 06:33:12 +02:00
R4SAS 1c42576575
[GH] update discussion q-a template (#1143) 2023-08-17 03:05:39 +03:00
El RIDO 81ae359dfc
Delete shiftleft-analysis.yml 
Development on this stopped in 2021 and apart from the (false positive) secret scan, dev suggests CodeQL replaces it, feature wise: https://github.com/ShiftLeftSecurity/sast-scan/issues/352
 2023-08-17 00:00:30 +02:00
El RIDO ad35c30d45
Update q-a.yml, one more try 
body[12]: options must not include booleans. Please wrap values such as 'yes', and 'true' in quotes.
 2023-08-16 23:14:07 +02:00
R4SAS 7f28e8cc0c
Update discussion template 
Try to fix #1143.
 2023-08-16 23:21:46 +03:00
El RIDO 0e582e8934 fix syntax, standardize form attributes 
radio buttons are not supported, checkboxes would allow selecting
multiple things, so dropdown it is
 2023-08-11 20:53:06 +02:00
El RIDO e89593b4fc comment fix, kudos @r4sas 2023-08-11 20:51:12 +02:00
rugk 1bb23ef9ca
Remove markdown from issue selector 
Was worth a try, but apparently markdown is not supported there.
 2023-08-09 23:11:35 +02:00
rugk 991ec6ca22
Fix potential syntax error in YAML 
Likely that online VSCode did a stupid line wrapping here, let's see whether that works.
 2023-08-09 18:19:33 +02:00
El RIDO e83f51b547
Merge pull request #1138 from PrivateBin/dependabot/github_actions/github/codeql-action-2 
Bump github/codeql-action from 1 to 2
 2023-08-08 20:19:02 +02:00
dependabot[bot] cbff1c8488
Bump github/codeql-action from 1 to 2 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 1 to 2.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v1...v2)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-08 11:13:15 +00:00
dependabot[bot] 5f71c9de10
Bump actions/checkout from 2 to 3 
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-08 11:13:08 +00:00
El RIDO 4796c7ff02
Merge pull request #807 from PrivateBin/siftleft-scan 
Add Shiftleft scan
 2023-08-07 20:46:43 +02:00
rugk a22b96b7fc
style: fix typo 2023-08-07 20:02:36 +02:00
rugk 204d1756c9 refactor: redirect support questions to discussions including form + more links 
Discussions apparently onyl support forms see,
so I quickly used ChatGPT to convert the Markdown file into the YAMl format
and after telling the format it seems to have done that in a good eay:
https://chat.openai.com/share/99718495-28d0-4382-ab5e-6a4a733c1ccb

(maybe GitHub introduced that after end of 2021 hehe, so the LLM could not know that)
 2023-08-07 17:59:07 +00:00
rugk 8deb68c2da chore: remove old issue template 2023-08-07 17:26:26 +00:00
rugk 1a37f7b865
Update and create new issue templates for better ctageorisation 
[128 of 600 issues are just questions and support and this is getting out of hand IMHO](https://github.com/PrivateBin/PrivateBin/issues?q=is%3Aissue+is%3Aopen+label%3Aquestion%2Fsupport), so I thought we need to do something while of course IMHO keeping support in some sense that is vital to an open-source project.

Anyway, this here now:
* Converts the "one and only issue template" to multiple ones with the new GitHub way, see https://docs.github.com/en/communities/using-templates-to-encourage-useful-issues-and-pull-requests/
  Note this uses mostly the templates they have, modifies them to use proper headers (sorry but I don't get why they always want to use **bold text** as headers, when you have real markdown headings) and adjusts/ports the
* We could use even more elaborate issue forms, but that  was too much for me to do now and is also beta, so maybe when they have a visual editor for that or so 😉 https://docs.github.com/en/communities/using-templates-to-encourage-useful-issues-and-pull-requests/configuring-issue-templates-for-your-repository#creating-issue-forms

The aim:
* is to get support requests and stuff directly sorted and tagged, so they are out the way
* is to nudge people to improve the quality of issues/reports by providing a more useful template or their use case
* is to redirect people to the appropriate resource (give me a moment)
 2023-08-07 19:24:13 +02:00
El RIDO ecf100551d document change, raise minimum PHP version to 7.3, remove branch refresh 2023-07-23 10:04:57 +02:00
El RIDO 34264cb7f5
Merge branch 'master' into php8 2022-10-26 08:24:41 +02:00
El RIDO ba4878056b
misleading documentation 2022-10-26 05:51:36 +02:00
El RIDO ae6248e27e
handle github actions deprecation warnings 
see: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
 2022-10-26 05:48:51 +02:00
El RIDO 7b98d7381f
allow tests to be manually triggered 2022-10-26 05:30:37 +02:00
El RIDO b890d768d1
enable use of PHP 8.2 2022-10-25 06:53:26 +02:00
El RIDO 8c2cc18b66
Merge branch 'master' into php8 2022-07-31 08:53:52 +02:00
rugk 48bb2fdf0f
Use NodeJs v16 for tests 
So 14 worked, let's try 16. (Actually noticed fedora uses v16 not 14 which makes sense if you see the support time.)
 2022-07-10 00:13:47 +02:00
El RIDO b46b4300ec
Merge pull request #955 from PrivateBin/node14 
chore: run tests with NodeJS 14
 2022-07-09 17:45:23 +02:00
rugk e536db9b7e
style: run tests via npm script insread of custom command 
I.e. not call mocha directly but let the script defined in package.json do it's job.
 2022-07-09 17:04:28 +02:00
rugk 9a476ac34d chore: switch to proper cache file now we have it, i.e. package-lock.json 
as per https://github.com/actions/setup-node#caching-global-packages-data
 2022-07-09 17:00:45 +02:00
rugk 79fd33d21f
chore: run tests with NodeJS 14 
I expect no stuff to break or so, so let's just try to use the current recommend LTS version. (v14 will also die at some time, but Fedora e.g. still seems to use it for now by default. Likely we may upgrade soon even more.)

Ref https://nodejs.org/en/about/releases/
 2022-07-09 16:57:06 +02:00
rugk 08946d1cab Use npm ci instead of npm install for tests in CI 
So it uses the package-json.lock file actually.
 2022-07-09 16:48:21 +02:00
El RIDO 9b132f4054
Merge pull request #941 from PrivateBin/dependabot/github_actions/actions/checkout-3 
Bump actions/checkout from 2 to 3
 2022-06-10 05:04:21 +02:00
El RIDO e052dd9d83
Merge pull request #940 from PrivateBin/dependabot/github_actions/actions/cache-3 
Bump actions/cache from 2 to 3
 2022-06-10 05:03:19 +02:00