From c1d5a801b4bc66e3866f815be00e11d1b20d3539 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sat, 24 Jun 2023 14:44:36 +0200 Subject: Adding upstream version 5.3.0+dfsg. Signed-off-by: Daniel Baumann --- .github/CONTRIBUTING.md | 18 +++++++++--------- .github/PULL_REQUEST_TEMPLATE.md | 2 +- .github/codeql/codeql-config.yml | 3 +++ .github/dependabot.yml | 11 +++++------ .github/workflows/browserstack.yml | 12 ++++++++++-- .github/workflows/bundlewatch.yml | 11 ++++++++--- .github/workflows/calibreapp-image-actions.yml | 2 ++ .github/workflows/codeql.yml | 14 ++++++++++---- .github/workflows/cspell.yml | 14 +++++++++++--- .github/workflows/css.yml | 14 +++++++++++--- .github/workflows/docs.yml | 11 ++++++++--- .github/workflows/issue-close-require.yml | 7 +++++++ .github/workflows/issue-labeled.yml | 7 +++++++ .github/workflows/js.yml | 17 +++++++++++++---- .github/workflows/lint.yml | 11 ++++++++--- .github/workflows/node-sass.yml | 24 +++++++++++++++++++++--- .github/workflows/release-notes.yml | 7 +++++++ 17 files changed, 141 insertions(+), 44 deletions(-) create mode 100644 .github/codeql/codeql-config.yml (limited to '.github') diff --git a/.github/CONTRIBUTING.md b/.github/CONTRIBUTING.md index c7211e6..4463445 100644 --- a/.github/CONTRIBUTING.md +++ b/.github/CONTRIBUTING.md @@ -18,16 +18,16 @@ the preferred channel for [bug reports](#bug-reports), [features requests](#feat and [submitting pull requests](#pull-requests), but please respect the following restrictions: -* Please **do not** use the issue tracker for personal support requests. Stack Overflow ([`bootstrap-5`](https://stackoverflow.com/questions/tagged/bootstrap-5) tag), [our GitHub Discussions](https://github.com/twbs/bootstrap/discussions) or [IRC](/README.md#community) are better places to get help. +- Please **do not** use the issue tracker for personal support requests. Stack Overflow ([`bootstrap-5`](https://stackoverflow.com/questions/tagged/bootstrap-5) tag), [our GitHub Discussions](https://github.com/twbs/bootstrap/discussions) or [IRC](/README.md#community) are better places to get help. -* Please **do not** derail or troll issues. Keep the discussion on topic and +- Please **do not** derail or troll issues. Keep the discussion on topic and respect the opinions of others. -* Please **do not** post comments consisting solely of "+1" or ":thumbsup:". +- Please **do not** post comments consisting solely of "+1" or ":thumbsup:". Use [GitHub's "reactions" feature](https://blog.github.com/2016-03-10-add-reactions-to-pull-requests-issues-and-comments/) instead. We reserve the right to delete comments which violate this rule. -* Please **do not** open issues regarding the official themes offered on . +- Please **do not** open issues regarding the official themes offered on . Instead, please email any questions or feedback regarding those themes to `themes AT getbootstrap DOT com`. @@ -101,16 +101,16 @@ Sometimes bugs reported to us are actually caused by bugs in the browser(s) them | Vendor(s) | Browser(s) | Rendering engine | Bug reporting website(s) | Notes | | ------------- | ---------------------------- | ---------------- | ------------------------------------------------------ | -------------------------------------------------------- | -| Mozilla | Firefox | Gecko | https://bugzilla.mozilla.org/enter_bug.cgi | "Core" is normally the right product option to choose. | -| Apple | Safari | WebKit | https://bugs.webkit.org/enter_bug.cgi?product=WebKit | In Apple's bug reporter, choose "Safari" as the product. | -| Google, Opera | Chrome, Chromium, Opera v15+ | Blink | https://bugs.chromium.org/p/chromium/issues/list | Click the "New issue" button. | -| Microsoft | Edge | Blink | https://developer.microsoft.com/en-us/microsoft-edge/ | Go to "Help > Send Feedback" from the browser | +| Mozilla | Firefox | Gecko | | "Core" is normally the right product option to choose. | +| Apple | Safari | WebKit | | In Apple's bug reporter, choose "Safari" as the product. | +| Google, Opera | Chrome, Chromium, Opera v15+ | Blink | | Click the "New issue" button. | +| Microsoft | Edge | Blink | | Go to "Help > Send Feedback" from the browser | ## Feature requests Feature requests are welcome. But take a moment to find out whether your idea -fits with the scope and aims of the project. It's up to *you* to make a strong +fits with the scope and aims of the project. It's up to _you_ to make a strong case to convince the project's developers of the merits of this feature. Please provide as much detail and context as possible. diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md index 4675f70..98e45c5 100644 --- a/.github/PULL_REQUEST_TEMPLATE.md +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -31,7 +31,7 @@ -* https://deploy-preview-{your pr number}--twbs-bootstrap.netlify.app/ +- ### Related issues diff --git a/.github/codeql/codeql-config.yml b/.github/codeql/codeql-config.yml new file mode 100644 index 0000000..9578772 --- /dev/null +++ b/.github/codeql/codeql-config.yml @@ -0,0 +1,3 @@ +name: "CodeQL config" +paths-ignore: + - dist diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 29135b4..f54ba89 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -1,24 +1,23 @@ version: 2 updates: - - package-ecosystem: npm + - package-ecosystem: "github-actions" directory: "/" schedule: interval: weekly day: tuesday time: "12:00" timezone: Europe/Athens - open-pull-requests-limit: 10 + - package-ecosystem: npm + directory: "/" reviewers: - XhmikosR labels: - dependencies - v5 - versioning-strategy: increase - rebase-strategy: disabled - - package-ecosystem: "github-actions" - directory: "/" schedule: interval: weekly day: tuesday time: "12:00" timezone: Europe/Athens + versioning-strategy: increase + rebase-strategy: disabled diff --git a/.github/workflows/browserstack.yml b/.github/workflows/browserstack.yml index 425c566..e545d62 100644 --- a/.github/workflows/browserstack.yml +++ b/.github/workflows/browserstack.yml @@ -2,21 +2,29 @@ name: BrowserStack on: push: + branches: + - "**" + - "!dependabot/**" workflow_dispatch: env: FORCE_COLOR: 2 - NODE: 16 + NODE: 18 + +permissions: + contents: read jobs: browserstack: runs-on: ubuntu-latest - if: github.repository == 'twbs/bootstrap' && (!contains(github.event.commits[0].message, '[ci skip]') && !contains(github.event.commits[0].message, '[skip ci]')) + if: github.repository == 'twbs/bootstrap' timeout-minutes: 30 steps: - name: Clone repository uses: actions/checkout@v3 + with: + persist-credentials: false - name: Set up Node.js uses: actions/setup-node@v3 diff --git a/.github/workflows/bundlewatch.yml b/.github/workflows/bundlewatch.yml index d1a1747..c02a37e 100644 --- a/.github/workflows/bundlewatch.yml +++ b/.github/workflows/bundlewatch.yml @@ -2,14 +2,17 @@ name: Bundlewatch on: push: - branches-ignore: - - "dependabot/**" + branches: + - main pull_request: workflow_dispatch: env: FORCE_COLOR: 2 - NODE: 16 + NODE: 18 + +permissions: + contents: read jobs: bundlewatch: @@ -18,6 +21,8 @@ jobs: steps: - name: Clone repository uses: actions/checkout@v3 + with: + persist-credentials: false - name: Set up Node.js uses: actions/setup-node@v3 diff --git a/.github/workflows/calibreapp-image-actions.yml b/.github/workflows/calibreapp-image-actions.yml index e23f562..21df1f6 100644 --- a/.github/workflows/calibreapp-image-actions.yml +++ b/.github/workflows/calibreapp-image-actions.yml @@ -17,6 +17,8 @@ jobs: steps: - name: Checkout Repo uses: actions/checkout@v3 + with: + persist-credentials: false - name: Compress Images uses: calibreapp/image-actions@1.1.0 diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 70be056..b1780ee 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -7,13 +7,12 @@ on: - v4-dev - "!dependabot/**" pull_request: - # The branches below must be a subset of the branches above branches: - main - v4-dev - "!dependabot/**" schedule: - - cron: "0 2 * * 5" + - cron: "0 2 * * 4" workflow_dispatch: jobs: @@ -21,18 +20,25 @@ jobs: name: Analyze runs-on: ubuntu-latest permissions: - actions: read - contents: read security-events: write steps: - name: Checkout repository uses: actions/checkout@v3 + with: + persist-credentials: false - name: Initialize CodeQL uses: github/codeql-action/init@v2 with: + config-file: ./.github/codeql/codeql-config.yml languages: "javascript" + queries: +security-and-quality + + - name: Autobuild + uses: github/codeql-action/autobuild@v2 - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@v2 + with: + category: "/language:javascript" diff --git a/.github/workflows/cspell.yml b/.github/workflows/cspell.yml index 3751ad3..11788e3 100644 --- a/.github/workflows/cspell.yml +++ b/.github/workflows/cspell.yml @@ -2,22 +2,30 @@ name: cspell on: push: - branches-ignore: - - "dependabot/**" + branches: + - main pull_request: workflow_dispatch: env: FORCE_COLOR: 2 - NODE: 16 + +permissions: + contents: read jobs: cspell: + permissions: + # allow streetsidesoftware/cspell-action to fetch files for commits and PRs + contents: read + pull-requests: read runs-on: ubuntu-latest steps: - name: Clone repository uses: actions/checkout@v3 + with: + persist-credentials: false - name: Run cspell uses: streetsidesoftware/cspell-action@v2 diff --git a/.github/workflows/css.yml b/.github/workflows/css.yml index 857a567..66112a9 100644 --- a/.github/workflows/css.yml +++ b/.github/workflows/css.yml @@ -2,14 +2,17 @@ name: CSS on: push: - branches-ignore: - - "dependabot/**" + branches: + - main pull_request: workflow_dispatch: env: FORCE_COLOR: 2 - NODE: 16 + NODE: 18 + +permissions: + contents: read jobs: css: @@ -18,6 +21,8 @@ jobs: steps: - name: Clone repository uses: actions/checkout@v3 + with: + persist-credentials: false - name: Set up Node.js uses: actions/setup-node@v3 @@ -30,3 +35,6 @@ jobs: - name: Build CSS run: npm run css + + - name: Run CSS tests + run: npm run css-test diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml index f33413e..2a684f6 100644 --- a/.github/workflows/docs.yml +++ b/.github/workflows/docs.yml @@ -2,14 +2,17 @@ name: Docs on: push: - branches-ignore: - - "dependabot/**" + branches: + - main pull_request: workflow_dispatch: env: FORCE_COLOR: 2 - NODE: 16 + NODE: 18 + +permissions: + contents: read jobs: docs: @@ -18,6 +21,8 @@ jobs: steps: - name: Clone repository uses: actions/checkout@v3 + with: + persist-credentials: false - name: Set up Node.js uses: actions/setup-node@v3 diff --git a/.github/workflows/issue-close-require.yml b/.github/workflows/issue-close-require.yml index b251cd7..b5000d8 100644 --- a/.github/workflows/issue-close-require.yml +++ b/.github/workflows/issue-close-require.yml @@ -4,8 +4,15 @@ on: schedule: - cron: "0 0 * * *" +permissions: + contents: read + jobs: issue-close-require: + permissions: + # allow actions-cool/issues-helper to update issues and PRs + issues: write + pull-requests: write runs-on: ubuntu-latest if: github.repository == 'twbs/bootstrap' steps: diff --git a/.github/workflows/issue-labeled.yml b/.github/workflows/issue-labeled.yml index fac5849..584879d 100644 --- a/.github/workflows/issue-labeled.yml +++ b/.github/workflows/issue-labeled.yml @@ -4,8 +4,15 @@ on: issues: types: [labeled] +permissions: + contents: read + jobs: issue-labeled: + permissions: + # allow actions-cool/issues-helper to update issues and PRs + issues: write + pull-requests: write if: github.repository == 'twbs/bootstrap' runs-on: ubuntu-latest steps: diff --git a/.github/workflows/js.yml b/.github/workflows/js.yml index 82616c5..805b1b7 100644 --- a/.github/workflows/js.yml +++ b/.github/workflows/js.yml @@ -2,23 +2,32 @@ name: JS Tests on: push: - branches-ignore: - - "dependabot/**" + branches: + - main pull_request: workflow_dispatch: env: FORCE_COLOR: 2 - NODE: 16 + NODE: 18 + +permissions: + contents: read jobs: run: + permissions: + # allow coverallsapp/github-action to create new checks issues and fetch code + checks: write + contents: read name: JS Tests runs-on: ubuntu-latest steps: - name: Clone repository uses: actions/checkout@v3 + with: + persist-credentials: false - name: Set up Node.js uses: actions/setup-node@v3 @@ -36,7 +45,7 @@ jobs: run: npm run js-test - name: Run Coveralls - uses: coverallsapp/github-action@1.1.3 + uses: coverallsapp/github-action@v2 with: github-token: "${{ secrets.GITHUB_TOKEN }}" path-to-lcov: "./js/coverage/lcov.info" diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 816694e..fd62b41 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -2,14 +2,17 @@ name: Lint on: push: - branches-ignore: - - "dependabot/**" + branches: + - main pull_request: workflow_dispatch: env: FORCE_COLOR: 2 - NODE: 16 + NODE: 18 + +permissions: + contents: read jobs: lint: @@ -18,6 +21,8 @@ jobs: steps: - name: Clone repository uses: actions/checkout@v3 + with: + persist-credentials: false - name: Set up Node.js uses: actions/setup-node@v3 diff --git a/.github/workflows/node-sass.yml b/.github/workflows/node-sass.yml index 465cee4..c558e44 100644 --- a/.github/workflows/node-sass.yml +++ b/.github/workflows/node-sass.yml @@ -2,14 +2,17 @@ name: CSS (node-sass) on: push: - branches-ignore: - - "dependabot/**" + branches: + - main pull_request: workflow_dispatch: env: FORCE_COLOR: 2 - NODE: 16 + NODE: 18 + +permissions: + contents: read jobs: css: @@ -18,6 +21,8 @@ jobs: steps: - name: Clone repository uses: actions/checkout@v3 + with: + persist-credentials: false - name: Set up Node.js uses: actions/setup-node@v3 @@ -29,3 +34,16 @@ jobs: npx --package node-sass@latest node-sass --version npx --package node-sass@latest node-sass --output-style expanded --source-map true --source-map-contents true --precision 6 scss/ -o dist-sass/css/ ls -Al dist-sass/css + + - name: Check built CSS files for Sass variables + shell: bash + run: | + SASS_VARS_FOUND=$(find "dist-sass/css/" -type f -name "*.css" -print0 | xargs -0 --no-run-if-empty grep -F "\$" || true) + if [[ -z "$SASS_VARS_FOUND" ]]; then + echo "All good, no Sass variables found!" + exit 0 + else + echo "Found $(echo "$SASS_VARS_FOUND" | wc -l | bc) Sass variables:" + echo "$SASS_VARS_FOUND" + exit 1 + fi diff --git a/.github/workflows/release-notes.yml b/.github/workflows/release-notes.yml index bbd0a24..f620dd3 100644 --- a/.github/workflows/release-notes.yml +++ b/.github/workflows/release-notes.yml @@ -6,8 +6,15 @@ on: - main workflow_dispatch: +permissions: + contents: read + jobs: update_release_draft: + permissions: + # allow release-drafter/release-drafter to create GitHub releases and add labels to PRs + contents: write + pull-requests: write runs-on: ubuntu-latest if: github.repository == 'twbs/bootstrap' steps: -- cgit v1.2.3