summaryrefslogtreecommitdiffstats
path: root/.github/workflows
diff options
context:
space:
mode:
Diffstat (limited to '.github/workflows')
-rw-r--r--.github/workflows/browserstack.yml12
-rw-r--r--.github/workflows/bundlewatch.yml11
-rw-r--r--.github/workflows/calibreapp-image-actions.yml2
-rw-r--r--.github/workflows/codeql.yml14
-rw-r--r--.github/workflows/cspell.yml14
-rw-r--r--.github/workflows/css.yml14
-rw-r--r--.github/workflows/docs.yml11
-rw-r--r--.github/workflows/issue-close-require.yml7
-rw-r--r--.github/workflows/issue-labeled.yml7
-rw-r--r--.github/workflows/js.yml17
-rw-r--r--.github/workflows/lint.yml11
-rw-r--r--.github/workflows/node-sass.yml24
-rw-r--r--.github/workflows/release-notes.yml7
13 files changed, 123 insertions, 28 deletions
diff --git a/.github/workflows/browserstack.yml b/.github/workflows/browserstack.yml
index 425c566..e545d62 100644
--- a/.github/workflows/browserstack.yml
+++ b/.github/workflows/browserstack.yml
@@ -2,21 +2,29 @@ name: BrowserStack
on:
push:
+ branches:
+ - "**"
+ - "!dependabot/**"
workflow_dispatch:
env:
FORCE_COLOR: 2
- NODE: 16
+ NODE: 18
+
+permissions:
+ contents: read
jobs:
browserstack:
runs-on: ubuntu-latest
- if: github.repository == 'twbs/bootstrap' && (!contains(github.event.commits[0].message, '[ci skip]') && !contains(github.event.commits[0].message, '[skip ci]'))
+ if: github.repository == 'twbs/bootstrap'
timeout-minutes: 30
steps:
- name: Clone repository
uses: actions/checkout@v3
+ with:
+ persist-credentials: false
- name: Set up Node.js
uses: actions/setup-node@v3
diff --git a/.github/workflows/bundlewatch.yml b/.github/workflows/bundlewatch.yml
index d1a1747..c02a37e 100644
--- a/.github/workflows/bundlewatch.yml
+++ b/.github/workflows/bundlewatch.yml
@@ -2,14 +2,17 @@ name: Bundlewatch
on:
push:
- branches-ignore:
- - "dependabot/**"
+ branches:
+ - main
pull_request:
workflow_dispatch:
env:
FORCE_COLOR: 2
- NODE: 16
+ NODE: 18
+
+permissions:
+ contents: read
jobs:
bundlewatch:
@@ -18,6 +21,8 @@ jobs:
steps:
- name: Clone repository
uses: actions/checkout@v3
+ with:
+ persist-credentials: false
- name: Set up Node.js
uses: actions/setup-node@v3
diff --git a/.github/workflows/calibreapp-image-actions.yml b/.github/workflows/calibreapp-image-actions.yml
index e23f562..21df1f6 100644
--- a/.github/workflows/calibreapp-image-actions.yml
+++ b/.github/workflows/calibreapp-image-actions.yml
@@ -17,6 +17,8 @@ jobs:
steps:
- name: Checkout Repo
uses: actions/checkout@v3
+ with:
+ persist-credentials: false
- name: Compress Images
uses: calibreapp/image-actions@1.1.0
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 70be056..b1780ee 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -7,13 +7,12 @@ on:
- v4-dev
- "!dependabot/**"
pull_request:
- # The branches below must be a subset of the branches above
branches:
- main
- v4-dev
- "!dependabot/**"
schedule:
- - cron: "0 2 * * 5"
+ - cron: "0 2 * * 4"
workflow_dispatch:
jobs:
@@ -21,18 +20,25 @@ jobs:
name: Analyze
runs-on: ubuntu-latest
permissions:
- actions: read
- contents: read
security-events: write
steps:
- name: Checkout repository
uses: actions/checkout@v3
+ with:
+ persist-credentials: false
- name: Initialize CodeQL
uses: github/codeql-action/init@v2
with:
+ config-file: ./.github/codeql/codeql-config.yml
languages: "javascript"
+ queries: +security-and-quality
+
+ - name: Autobuild
+ uses: github/codeql-action/autobuild@v2
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2
+ with:
+ category: "/language:javascript"
diff --git a/.github/workflows/cspell.yml b/.github/workflows/cspell.yml
index 3751ad3..11788e3 100644
--- a/.github/workflows/cspell.yml
+++ b/.github/workflows/cspell.yml
@@ -2,22 +2,30 @@ name: cspell
on:
push:
- branches-ignore:
- - "dependabot/**"
+ branches:
+ - main
pull_request:
workflow_dispatch:
env:
FORCE_COLOR: 2
- NODE: 16
+
+permissions:
+ contents: read
jobs:
cspell:
+ permissions:
+ # allow streetsidesoftware/cspell-action to fetch files for commits and PRs
+ contents: read
+ pull-requests: read
runs-on: ubuntu-latest
steps:
- name: Clone repository
uses: actions/checkout@v3
+ with:
+ persist-credentials: false
- name: Run cspell
uses: streetsidesoftware/cspell-action@v2
diff --git a/.github/workflows/css.yml b/.github/workflows/css.yml
index 857a567..66112a9 100644
--- a/.github/workflows/css.yml
+++ b/.github/workflows/css.yml
@@ -2,14 +2,17 @@ name: CSS
on:
push:
- branches-ignore:
- - "dependabot/**"
+ branches:
+ - main
pull_request:
workflow_dispatch:
env:
FORCE_COLOR: 2
- NODE: 16
+ NODE: 18
+
+permissions:
+ contents: read
jobs:
css:
@@ -18,6 +21,8 @@ jobs:
steps:
- name: Clone repository
uses: actions/checkout@v3
+ with:
+ persist-credentials: false
- name: Set up Node.js
uses: actions/setup-node@v3
@@ -30,3 +35,6 @@ jobs:
- name: Build CSS
run: npm run css
+
+ - name: Run CSS tests
+ run: npm run css-test
diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml
index f33413e..2a684f6 100644
--- a/.github/workflows/docs.yml
+++ b/.github/workflows/docs.yml
@@ -2,14 +2,17 @@ name: Docs
on:
push:
- branches-ignore:
- - "dependabot/**"
+ branches:
+ - main
pull_request:
workflow_dispatch:
env:
FORCE_COLOR: 2
- NODE: 16
+ NODE: 18
+
+permissions:
+ contents: read
jobs:
docs:
@@ -18,6 +21,8 @@ jobs:
steps:
- name: Clone repository
uses: actions/checkout@v3
+ with:
+ persist-credentials: false
- name: Set up Node.js
uses: actions/setup-node@v3
diff --git a/.github/workflows/issue-close-require.yml b/.github/workflows/issue-close-require.yml
index b251cd7..b5000d8 100644
--- a/.github/workflows/issue-close-require.yml
+++ b/.github/workflows/issue-close-require.yml
@@ -4,8 +4,15 @@ on:
schedule:
- cron: "0 0 * * *"
+permissions:
+ contents: read
+
jobs:
issue-close-require:
+ permissions:
+ # allow actions-cool/issues-helper to update issues and PRs
+ issues: write
+ pull-requests: write
runs-on: ubuntu-latest
if: github.repository == 'twbs/bootstrap'
steps:
diff --git a/.github/workflows/issue-labeled.yml b/.github/workflows/issue-labeled.yml
index fac5849..584879d 100644
--- a/.github/workflows/issue-labeled.yml
+++ b/.github/workflows/issue-labeled.yml
@@ -4,8 +4,15 @@ on:
issues:
types: [labeled]
+permissions:
+ contents: read
+
jobs:
issue-labeled:
+ permissions:
+ # allow actions-cool/issues-helper to update issues and PRs
+ issues: write
+ pull-requests: write
if: github.repository == 'twbs/bootstrap'
runs-on: ubuntu-latest
steps:
diff --git a/.github/workflows/js.yml b/.github/workflows/js.yml
index 82616c5..805b1b7 100644
--- a/.github/workflows/js.yml
+++ b/.github/workflows/js.yml
@@ -2,23 +2,32 @@ name: JS Tests
on:
push:
- branches-ignore:
- - "dependabot/**"
+ branches:
+ - main
pull_request:
workflow_dispatch:
env:
FORCE_COLOR: 2
- NODE: 16
+ NODE: 18
+
+permissions:
+ contents: read
jobs:
run:
+ permissions:
+ # allow coverallsapp/github-action to create new checks issues and fetch code
+ checks: write
+ contents: read
name: JS Tests
runs-on: ubuntu-latest
steps:
- name: Clone repository
uses: actions/checkout@v3
+ with:
+ persist-credentials: false
- name: Set up Node.js
uses: actions/setup-node@v3
@@ -36,7 +45,7 @@ jobs:
run: npm run js-test
- name: Run Coveralls
- uses: coverallsapp/github-action@1.1.3
+ uses: coverallsapp/github-action@v2
with:
github-token: "${{ secrets.GITHUB_TOKEN }}"
path-to-lcov: "./js/coverage/lcov.info"
diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
index 816694e..fd62b41 100644
--- a/.github/workflows/lint.yml
+++ b/.github/workflows/lint.yml
@@ -2,14 +2,17 @@ name: Lint
on:
push:
- branches-ignore:
- - "dependabot/**"
+ branches:
+ - main
pull_request:
workflow_dispatch:
env:
FORCE_COLOR: 2
- NODE: 16
+ NODE: 18
+
+permissions:
+ contents: read
jobs:
lint:
@@ -18,6 +21,8 @@ jobs:
steps:
- name: Clone repository
uses: actions/checkout@v3
+ with:
+ persist-credentials: false
- name: Set up Node.js
uses: actions/setup-node@v3
diff --git a/.github/workflows/node-sass.yml b/.github/workflows/node-sass.yml
index 465cee4..c558e44 100644
--- a/.github/workflows/node-sass.yml
+++ b/.github/workflows/node-sass.yml
@@ -2,14 +2,17 @@ name: CSS (node-sass)
on:
push:
- branches-ignore:
- - "dependabot/**"
+ branches:
+ - main
pull_request:
workflow_dispatch:
env:
FORCE_COLOR: 2
- NODE: 16
+ NODE: 18
+
+permissions:
+ contents: read
jobs:
css:
@@ -18,6 +21,8 @@ jobs:
steps:
- name: Clone repository
uses: actions/checkout@v3
+ with:
+ persist-credentials: false
- name: Set up Node.js
uses: actions/setup-node@v3
@@ -29,3 +34,16 @@ jobs:
npx --package node-sass@latest node-sass --version
npx --package node-sass@latest node-sass --output-style expanded --source-map true --source-map-contents true --precision 6 scss/ -o dist-sass/css/
ls -Al dist-sass/css
+
+ - name: Check built CSS files for Sass variables
+ shell: bash
+ run: |
+ SASS_VARS_FOUND=$(find "dist-sass/css/" -type f -name "*.css" -print0 | xargs -0 --no-run-if-empty grep -F "\$" || true)
+ if [[ -z "$SASS_VARS_FOUND" ]]; then
+ echo "All good, no Sass variables found!"
+ exit 0
+ else
+ echo "Found $(echo "$SASS_VARS_FOUND" | wc -l | bc) Sass variables:"
+ echo "$SASS_VARS_FOUND"
+ exit 1
+ fi
diff --git a/.github/workflows/release-notes.yml b/.github/workflows/release-notes.yml
index bbd0a24..f620dd3 100644
--- a/.github/workflows/release-notes.yml
+++ b/.github/workflows/release-notes.yml
@@ -6,8 +6,15 @@ on:
- main
workflow_dispatch:
+permissions:
+ contents: read
+
jobs:
update_release_draft:
+ permissions:
+ # allow release-drafter/release-drafter to create GitHub releases and add labels to PRs
+ contents: write
+ pull-requests: write
runs-on: ubuntu-latest
if: github.repository == 'twbs/bootstrap'
steps:
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-03 11:08:34 +0000