mirror of
https://github.com/outbackdingo/firezone.git
synced 2026-01-27 18:18:55 +00:00
709ca25ba0
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 5.6.0 to 6.0.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/setup-python/releases">actions/setup-python's releases</a>.</em></p> <blockquote> <h2>v6.0.0</h2> <h2>What's Changed</h2> <h3>Breaking Changes</h3> <ul> <li>Upgrade to node 24 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/setup-python/pull/1164">actions/setup-python#1164</a></li> </ul> <p>Make sure your runner is on version v2.327.1 or later to ensure compatibility with this release. <a href="https://github.com/actions/runner/releases/tag/v2.327.1">See Release Notes</a></p> <h3>Enhancements:</h3> <ul> <li>Add support for <code>pip-version</code> by <a href="https://github.com/priyagupta108"><code>@priyagupta108</code></a> in <a href="https://redirect.github.com/actions/setup-python/pull/1129">actions/setup-python#1129</a></li> <li>Enhance reading from .python-version by <a href="https://github.com/krystof-k"><code>@krystof-k</code></a> in <a href="https://redirect.github.com/actions/setup-python/pull/787">actions/setup-python#787</a></li> <li>Add version parsing from Pipfile by <a href="https://github.com/aradkdj"><code>@aradkdj</code></a> in <a href="https://redirect.github.com/actions/setup-python/pull/1067">actions/setup-python#1067</a></li> </ul> <h3>Bug fixes:</h3> <ul> <li>Clarify pythonLocation behaviour for PyPy and GraalPy in environment variables by <a href="https://github.com/aparnajyothi-y"><code>@aparnajyothi-y</code></a> in <a href="https://redirect.github.com/actions/setup-python/pull/1183">actions/setup-python#1183</a></li> <li>Change missing cache directory error to warning by <a href="https://github.com/aparnajyothi-y"><code>@aparnajyothi-y</code></a> in <a href="https://redirect.github.com/actions/setup-python/pull/1182">actions/setup-python#1182</a></li> <li>Add Architecture-Specific PATH Management for Python with --user Flag on Windows by <a href="https://github.com/aparnajyothi-y"><code>@aparnajyothi-y</code></a> in <a href="https://redirect.github.com/actions/setup-python/pull/1122">actions/setup-python#1122</a></li> <li>Include python version in PyPy python-version output by <a href="https://github.com/cdce8p"><code>@cdce8p</code></a> in <a href="https://redirect.github.com/actions/setup-python/pull/1110">actions/setup-python#1110</a></li> <li>Update docs: clarification on pip authentication with setup-python by <a href="https://github.com/priya-kinthali"><code>@priya-kinthali</code></a> in <a href="https://redirect.github.com/actions/setup-python/pull/1156">actions/setup-python#1156</a></li> </ul> <h3>Dependency updates:</h3> <ul> <li>Upgrade idna from 2.9 to 3.7 in /<strong>tests</strong>/data by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/setup-python/pull/843">actions/setup-python#843</a></li> <li>Upgrade form-data to fix critical vulnerabilities <a href="https://redirect.github.com/actions/setup-python/issues/182">#182</a> & <a href="https://redirect.github.com/actions/setup-python/issues/183">#183</a> by <a href="https://github.com/aparnajyothi-y"><code>@aparnajyothi-y</code></a> in <a href="https://redirect.github.com/actions/setup-python/pull/1163">actions/setup-python#1163</a></li> <li>Upgrade setuptools to 78.1.1 to fix path traversal vulnerability in PackageIndex.download by <a href="https://github.com/aparnajyothi-y"><code>@aparnajyothi-y</code></a> in <a href="https://redirect.github.com/actions/setup-python/pull/1165">actions/setup-python#1165</a></li> <li>Upgrade actions/checkout from 4 to 5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/setup-python/pull/1181">actions/setup-python#1181</a></li> <li>Upgrade <code>@actions/tool-cache</code> from 2.0.1 to 2.0.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/setup-python/pull/1095">actions/setup-python#1095</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/krystof-k"><code>@krystof-k</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-python/pull/787">actions/setup-python#787</a></li> <li><a href="https://github.com/cdce8p"><code>@cdce8p</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-python/pull/1110">actions/setup-python#1110</a></li> <li><a href="https://github.com/aradkdj"><code>@aradkdj</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-python/pull/1067">actions/setup-python#1067</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/setup-python/compare/v5...v6.0.0">https://github.com/actions/setup-python/compare/v5...v6.0.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="e797f83bcb"><code>e797f83</code></a> Upgrade to node 24 (<a href="https://redirect.github.com/actions/setup-python/issues/1164">#1164</a>)</li> <li><a href="3d1e2d2ca0"><code>3d1e2d2</code></a> Revert "Enhance cache-dependency-path handling to support files outside the w...</li> <li><a href="65b071217a"><code>65b0712</code></a> Clarify pythonLocation behavior for PyPy and GraalPy in environment variables...</li> <li><a href="5b668cf765"><code>5b668cf</code></a> Bump actions/checkout from 4 to 5 (<a href="https://redirect.github.com/actions/setup-python/issues/1181">#1181</a>)</li> <li><a href="f62a0e252f"><code>f62a0e2</code></a> Change missing cache directory error to warning (<a href="https://redirect.github.com/actions/setup-python/issues/1182">#1182</a>)</li> <li><a href="9322b3ca74"><code>9322b3c</code></a> Upgrade setuptools to 78.1.1 to fix path traversal vulnerability in PackageIn...</li> <li><a href="fbeb884f69"><code>fbeb884</code></a> Bump form-data to fix critical vulnerabilities <a href="https://redirect.github.com/actions/setup-python/issues/182">#182</a> & <a href="https://redirect.github.com/actions/setup-python/issues/183">#183</a> (<a href="https://redirect.github.com/actions/setup-python/issues/1163">#1163</a>)</li> <li><a href="03bb6152f4"><code>03bb615</code></a> Bump idna from 2.9 to 3.7 in /<strong>tests</strong>/data (<a href="https://redirect.github.com/actions/setup-python/issues/843">#843</a>)</li> <li><a href="36da51d563"><code>36da51d</code></a> Add version parsing from Pipfile (<a href="https://redirect.github.com/actions/setup-python/issues/1067">#1067</a>)</li> <li><a href="3c6f142cc0"><code>3c6f142</code></a> update documentation (<a href="https://redirect.github.com/actions/setup-python/issues/1156">#1156</a>)</li> <li>Additional commits viewable in <a href="a26af69be9...e797f83bcb">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
101 lines
3.5 KiB
YAML
101 lines
3.5 KiB
YAML
name: Static Analysis
|
|
on:
|
|
workflow_call:
|
|
pull_request:
|
|
types: [edited]
|
|
|
|
jobs:
|
|
pr-lint:
|
|
if: github.event_name == 'pull_request'
|
|
runs-on: ubuntu-24.04
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
permissions:
|
|
pull-requests: read
|
|
steps:
|
|
- name: Enforce PR title length <= 64
|
|
# Don't run for Dependabot PRs
|
|
if: ${{ !contains(github.event.pull_request.head.label, 'dependabot') }}
|
|
env:
|
|
PULL_REQUEST_NUMBER: ${{ github.event.pull_request.number }}
|
|
REPOSITORY_NAME: ${{ github.repository }}
|
|
run: |
|
|
PR_TITLE=$(gh pr view "$PULL_REQUEST_NUMBER" --repo "$REPOSITORY_NAME" --json title -q '.title')
|
|
|
|
pr_title_length=${#PR_TITLE}
|
|
|
|
# 64 instead of 72 because GitHub adds the PR number to the title
|
|
if [ "$pr_title_length" -gt 64 ]; then
|
|
echo "PR title too long. Please keep it under 64 characters."
|
|
exit 1
|
|
fi
|
|
- uses: amannn/action-semantic-pull-request@48f256284bd46cdaab1048c3721360e808335d50 #v6.1.1
|
|
|
|
version-check:
|
|
runs-on: ubuntu-24.04
|
|
steps:
|
|
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
|
|
- name: Check version is up to date
|
|
run: |
|
|
./scripts/bump-versions.sh
|
|
if [ -z "$(git status --porcelain)" ]; then
|
|
# Working directory clean
|
|
echo "Version manifests up to date"
|
|
else
|
|
# Uncommitted changes
|
|
echo "'scripts/bump-versions.sh' found outdated files! Showing diff"
|
|
git diff
|
|
exit 1
|
|
fi
|
|
|
|
link-check:
|
|
runs-on: ubuntu-24.04
|
|
steps:
|
|
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
|
|
- uses: lycheeverse/lychee-action@885c65f3dc543b57c898c8099f4e08c8afd178a2 # v2.6.1
|
|
with:
|
|
fail: true
|
|
args: --offline --verbose --no-progress **/*.md
|
|
|
|
actionlint:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
|
|
- uses: raven-actions/actionlint@3a24062651993d40fed1019b58ac6fbdfbf276cc # v2.0.1
|
|
|
|
global-linter:
|
|
runs-on: ubuntu-24.04
|
|
steps:
|
|
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
|
|
- uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0
|
|
with:
|
|
python-version: "3.11"
|
|
- uses: actions/cache/restore@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3
|
|
name: Restore Python Cache
|
|
id: cache
|
|
with:
|
|
path: ~/.cache/pip
|
|
key: ubuntu-24.04-${{ runner.arch }}-pip-${{ hashFiles('.github/requirements.txt') }}
|
|
- name: Install Python Dependencies
|
|
run: |
|
|
pip install -r .github/requirements.txt
|
|
- uses: ./.github/actions/setup-node
|
|
with:
|
|
npmjs-token: ${{ secrets.NPMJS_TOKEN }}
|
|
lockfile-dir: ./.github
|
|
- name: Install dependencies
|
|
run: |
|
|
sudo apt-get update
|
|
sudo apt-get install -y shfmt
|
|
pnpm i --frozen-lockfile --dir ./.github
|
|
- name: Run pre-commit
|
|
run: |
|
|
pre-commit install --config .github/pre-commit-config.yaml
|
|
SKIP=no-commit-to-branch pre-commit run --all-files --config .github/pre-commit-config.yaml
|
|
- uses: actions/cache/save@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3
|
|
if: ${{ steps.cache.outputs.cache-hit != 'true'}}
|
|
name: Save Python Cache
|
|
with:
|
|
path: ~/.cache/pip
|
|
key: ${{ steps.cache.outputs.cache-primary-key }}
|