From d50fca7dd40f596ebb8b50cd9c4140857f2a0637 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Fri, 7 Apr 2023 14:22:26 +0200 Subject: Merging upstream version 1.10.4+dfsg. Signed-off-by: Daniel Baumann --- .github/codeql/codeql-config.yml | 3 +++ .github/dependabot.yml | 17 +++++++---------- .github/release-drafter.yml | 8 ++++++-- .github/workflows/codeql.yml | 1 + .github/workflows/deploy.yml | 2 ++ .github/workflows/release-notes.yml | 8 ++++++++ .github/workflows/test.yml | 8 ++++++-- 7 files changed, 33 insertions(+), 14 deletions(-) create mode 100644 .github/codeql/codeql-config.yml (limited to '.github') diff --git a/.github/codeql/codeql-config.yml b/.github/codeql/codeql-config.yml new file mode 100644 index 0000000..d2d76dd --- /dev/null +++ b/.github/codeql/codeql-config.yml @@ -0,0 +1,3 @@ +name: "CodeQL config" +paths-ignore: + - "**/vendor/**" diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 6e71d17..bb60c64 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -1,20 +1,17 @@ version: 2 updates: - - package-ecosystem: npm + - package-ecosystem: "github-actions" directory: "/" schedule: interval: monthly - time: "12:00" - timezone: Europe/Athens - open-pull-requests-limit: 10 reviewers: - XhmikosR - labels: - - dependencies - versioning-strategy: increase - - package-ecosystem: "github-actions" + - package-ecosystem: npm directory: "/" schedule: interval: monthly - time: "12:00" - timezone: Europe/Athens + labels: + - dependencies + reviewers: + - XhmikosR + versioning-strategy: increase diff --git a/.github/release-drafter.yml b/.github/release-drafter.yml index b10c7b3..9bf0dce 100644 --- a/.github/release-drafter.yml +++ b/.github/release-drafter.yml @@ -17,11 +17,15 @@ categories: - title: '📖 Docs' labels: - 'docs' + - title: '🧰 Maintenance' + labels: + - 'build' + - 'meta' + - 'chore' + - 'CI' - title: '📦 Dependencies' labels: - 'dependencies' - - title: '🧰 Maintenance' - label: 'chore' change-template: '- #$NUMBER: $TITLE' template: | ## Changes diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 225e2ef..bf5c04c 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -31,6 +31,7 @@ jobs: - name: Initialize CodeQL uses: github/codeql-action/init@v2 with: + config-file: ./.github/codeql/codeql-config.yml languages: "javascript" queries: +security-and-quality diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index f87c1ca..4e9a939 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -46,6 +46,8 @@ jobs: publish: needs: deploy runs-on: ubuntu-latest + if: github.repository == 'twbs/icons' + steps: - name: Clone repository uses: actions/checkout@v3 diff --git a/.github/workflows/release-notes.yml b/.github/workflows/release-notes.yml index babe51a..c92b0b1 100644 --- a/.github/workflows/release-notes.yml +++ b/.github/workflows/release-notes.yml @@ -6,9 +6,17 @@ on: - main workflow_dispatch: +permissions: + contents: read + jobs: update_release_draft: + permissions: + # allow release-drafter/release-drafter to create GitHub releases and add labels to PRs + contents: write + pull-requests: write runs-on: ubuntu-latest + if: github.repository == 'twbs/icons' steps: - uses: release-drafter/release-drafter@v5 env: diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 94ca588..493a4df 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -2,8 +2,9 @@ name: Tests on: push: - branches-ignore: - - "dependabot/**" + branches: + - main + - "!dependabot/**" pull_request: workflow_dispatch: @@ -11,6 +12,9 @@ env: FORCE_COLOR: 2 NODE: 18 +permissions: + contents: read + jobs: test: runs-on: ubuntu-latest -- cgit v1.2.3