Koen Kanters
4c0c69b15f
Support Node.js 20 ( #17422 )
2023-04-22 16:53:15 +02:00
dependabot[bot]
c6a2400f56
Bump peter-evans/create-pull-request from 4 to 5 ( #17255 )
...
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request ) from 4 to 5.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases )
- [Commits](https://github.com/peter-evans/create-pull-request/compare/v4...v5 )
---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-05 19:58:23 +02:00
dependabot[bot]
ae2de04251
Bump actions/stale from 7 to 8 ( #17126 )
...
Bumps [actions/stale](https://github.com/actions/stale ) from 7 to 8.
- [Release notes](https://github.com/actions/stale/releases )
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/stale/compare/v7...v8 )
---
updated-dependencies:
- dependency-name: actions/stale
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-23 16:22:08 +00:00
dependabot[bot]
407f0df6ad
Bump peter-evans/enable-pull-request-automerge from 2 to 3 ( #17125 )
...
Bumps [peter-evans/enable-pull-request-automerge](https://github.com/peter-evans/enable-pull-request-automerge ) from 2 to 3.
- [Release notes](https://github.com/peter-evans/enable-pull-request-automerge/releases )
- [Commits](https://github.com/peter-evans/enable-pull-request-automerge/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: peter-evans/enable-pull-request-automerge
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-23 17:06:11 +01:00
Robert Kaussow
a24586bec3
disable buildx provenance in the ci build command ( #16495 )
2023-02-04 14:12:24 +01:00
Roland Ramthun
140213950d
Disable provenance information in Docker images ( #16297 )
...
* Disable provenance information in Docker images
The new default of buildx to include provenance information to OCI images causes a series of infrastructure issues with current Docker versions.
Disable generation of the new provenance information until all necessary infrastructure software components and registries have been fixed to support it properly.
* Correct docker/setup-buildx-action version number
2023-01-23 19:26:43 +01:00
Koen Kanters
5b2756fef3
Build linux/386 Docker image. https://github.com/Koenkk/zigbee2mqtt/issues/15796
2022-12-29 10:44:15 +01:00
Koen Kanters
6d08a2f0f6
Use Node.js 18 in CI
2022-12-24 09:50:32 +01:00
dependabot[bot]
dea44579c3
Bump actions/stale from 6 to 7 ( #15685 )
...
Bumps [actions/stale](https://github.com/actions/stale ) from 6 to 7.
- [Release notes](https://github.com/actions/stale/releases )
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/stale/compare/v6...v7 )
---
updated-dependencies:
- dependency-name: actions/stale
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-21 17:03:55 +01:00
DJTerentjev
1b3dd7540b
Add polling when bounded for Trust and Gledopto ( #15126 )
...
* GitHub Workflows security hardening (#14799 )
* build: harden update_frontend.yml permissions
Signed-off-by: Alex <aleksandrosansan@gmail.com >
* build: harden update_zhc.yml permissions
Signed-off-by: Alex <aleksandrosansan@gmail.com >
* build: harden ghcr_cleanup.yml permissions
Signed-off-by: Alex <aleksandrosansan@gmail.com >
* build: harden update_zh.yml permissions
Signed-off-by: Alex <aleksandrosansan@gmail.com >
Signed-off-by: Alex <aleksandrosansan@gmail.com >
* Add bound polling by manufacturerNames
Based on:
#7825
* Add bound polling by manufacturerNames
Based on:
#7825
Signed-off-by: Alex <aleksandrosansan@gmail.com >
Co-authored-by: Alex <aleksandrosansan@gmail.com >
2022-11-22 19:35:15 +01:00
dependabot[bot]
e8f85b35c1
Bump actions/dependency-review-action from 2 to 3 ( #14978 )
...
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) from 2 to 3.
- [Release notes](https://github.com/actions/dependency-review-action/releases )
- [Commits](https://github.com/actions/dependency-review-action/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: actions/dependency-review-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-14 18:13:49 +01:00
John Doe
f88ac154a2
Mark node v19 as supported ( #14837 )
...
* Mark node19 as supported
* Fix condition
* Fix tests
Co-authored-by: Ainur Timerbaev <ainur.timerbaev@superawesome.com >
2022-11-06 12:28:59 +00:00
dependabot[bot]
3413d472ab
Bump actions/stale from 5 to 6 ( #14160 )
...
Bumps [actions/stale](https://github.com/actions/stale ) from 5 to 6.
- [Release notes](https://github.com/actions/stale/releases )
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/stale/compare/v5...v6 )
---
updated-dependencies:
- dependency-name: actions/stale
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-09-23 19:49:49 +02:00
Koen Kanters
e0a9323d6e
Update dont-stale label
2022-08-19 20:57:44 +02:00
Koen Kanters
26fc4609f0
Enable publish to ghcr.io
2022-07-15 12:50:43 +02:00
Koen Kanters
3478715926
Update ci.yml
2022-07-12 22:15:26 +02:00
Koen Kanters
ed351ee712
TEMP: disable ghcr.io Docker build since ghcr.io is unstable
2022-07-12 22:09:43 +02:00
Koen Kanters
6ef9e4f479
Fix matrix test jobs unstable ( #13068 )
...
* Update ci.yml
* Update ci.yml
2022-07-07 15:21:37 +02:00
dependabot[bot]
4cc838accf
Bump actions/dependency-review-action from 1 to 2 ( #13009 )
...
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) from 1 to 2.
- [Release notes](https://github.com/actions/dependency-review-action/releases )
- [Commits](https://github.com/actions/dependency-review-action/compare/v1...v2 )
---
updated-dependencies:
- dependency-name: actions/dependency-review-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-01 23:10:32 +02:00
Koen Kanters
c973632efd
Merge branch 'dev'
2022-07-01 16:40:18 +02:00
Koen Kanters
80f8fb4d98
Node 17 is EOL
2022-06-26 16:56:01 +02:00
Koen Kanters
9b2a92106e
Disable ghcr_cleanup
2022-06-15 17:03:16 +02:00
Koen Kanters
389ff844c4
Revert "Revert "Revert "Temp: disable ghcr.io since it makes build fail"""
...
This reverts commit 975eb7d6ae .
2022-06-08 16:40:20 +02:00
Koen Kanters
300b2973e1
Update ci.yml
2022-06-06 13:32:44 +02:00
Koen Kanters
5c44582b69
Update zigbee2mqtt/hassio-zigbee2mqtt trigger
2022-06-06 12:58:37 +02:00
Koen Kanters
a252914ecd
Update update_deps.yml
2022-06-05 21:48:26 +02:00
Naveen
05538ec28b
chore: Enable codeql action ( #12708 )
...
This action runs GitHub's industry-leading semantic code analysis engine,
CodeQL, against a repository's source code to find security vulnerabilities.
https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-with-codeql
https://github.com/ossf/scorecard/blob/main/docs/checks.md#sast
Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com >
2022-06-04 10:28:44 +02:00
Naveen
2676c3f641
chore(deps): Included dependency review ( #12695 )
...
* chore(deps): Included dependency review
> Dependency Review GitHub Action in your repository to enforce dependency
> reviews on your pull requests.
> The action scans for vulnerable versions of dependencies introduced by package version
> changes in pull requests,
> and warns you about the associated security vulnerabilities.
> This gives you better visibility of what's changing in a pull request,
> and helps prevent vulnerabilities being added to your repository.
https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review#dependency-review-enforcement
Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com >
* Update depsreview.yaml
Co-authored-by: Koen Kanters <koenkanters94@gmail.com >
2022-06-03 16:41:06 +02:00
John Doe
d064a73131
Rework ci and use package-lock.json instead of npm-shrinkwrap.json ( #12631 )
...
* Update ci
* Use package-lock
* Use package-lock.json
* Use cache for ci
* Enable node18 windows
* Revert "Enable node18 windows"
This reverts commit e427551acdd64c3a256b48a5b8e86b3c4c986405.
* Remove redundant cache
* Don't do shrinkwrap
* Remove shrinkwrap
* Remove redundant step
* Cache node-gyp
* Debug
* Add key
* Update ci.yml
* Add cache detection
* Fix
* Add deps
* Fix2
* Update caches
* Fix ci
* Update patsh
* Update paths
* Update paths
* Fix max cache path
* Change cache key
* Remove spaces
* Split caches
* Fix linux cache
* Fix linux cache
* Merge caches
* Ignore errs
* Find only dirs
* Run find after ci
* Fix mac cache
* Fix caches
* Remove env run
Co-authored-by: nurikk <ainur@yojee.com >
2022-06-02 14:38:07 +00:00
Koen Kanters
64ab3b0492
Revert "Downgrade docker/setup-qemu-action to v1"
...
This reverts commit 35b9e01230 .
2022-06-02 16:27:18 +02:00
Koen Kanters
e1c9d68c68
Revert "Check if ghcr.io build works again"
...
This reverts commit 1596714ccb .
2022-06-02 16:27:11 +02:00
Koen Kanters
35b9e01230
Downgrade docker/setup-qemu-action to v1
2022-06-02 16:13:40 +02:00
Koen Kanters
1596714ccb
Check if ghcr.io build works again
2022-06-02 16:02:51 +02:00
Koen Kanters
e852851273
Update ghcr_cleanup.yml
2022-06-02 08:30:55 +02:00
dependabot[bot]
dc4f4ad047
Bump actions/github-script from 3 to 6 ( #12674 )
...
Bumps [actions/github-script](https://github.com/actions/github-script ) from 3 to 6.
- [Release notes](https://github.com/actions/github-script/releases )
- [Commits](https://github.com/actions/github-script/compare/v3...v6 )
---
updated-dependencies:
- dependency-name: actions/github-script
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-01 19:16:21 +02:00
neilnaveen
cc42ab7584
chore: Set permissions for GitHub actions ( #12626 )
...
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.
- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ )
Signed-off-by: neilnaveen <42328488+neilnaveen@users.noreply.github.com >
Co-authored-by: Koen Kanters <koenkanters94@gmail.com >
2022-06-01 19:15:06 +02:00
Koen Kanters
9b9e2289d3
Merge remote-tracking branch 'origin/master' into dev
2022-06-01 17:36:50 +02:00
Koen Kanters
975eb7d6ae
Revert "Revert "Temp: disable ghcr.io since it makes build fail""
...
This reverts commit 4e28df88ae .
2022-06-01 16:57:47 +02:00
Koen Kanters
4de04c19c0
Update ghcr_cleanup.yml
2022-06-01 15:12:32 +02:00
Koen Kanters
1db12612e6
Add GHCR cleanup ( #12669 )
...
* Create ghcr_cleanup.yml
* Update ghcr_cleanup.yml
* Update ghcr_cleanup.yml
* Update ghcr_cleanup.yml
* Update ghcr_cleanup.yml
2022-06-01 14:18:41 +02:00
Koen Kanters
4e28df88ae
Revert "Temp: disable ghcr.io since it makes build fail"
...
This reverts commit a1db076c02 .
2022-05-31 08:28:36 +02:00
Koen Kanters
fe011ba7b3
Disable node 18 testing for now (fails quite often)
2022-05-29 10:21:23 +02:00
Koen Kanters
05975109a4
Lock connect-gzip-static https://github.com/Koenkk/zigbee2mqtt/pull/12624/files#r884205347
2022-05-29 08:43:02 +02:00
Koen Kanters
43a82ad835
Delete ghcr_delete_untagged.yml
2022-05-27 16:29:50 +02:00
Koen Kanters
a1db076c02
Temp: disable ghcr.io since it makes build fail
2022-05-27 16:23:34 +02:00
Koen Kanters
bfc70c3bb8
Update ghcr_delete_untagged.yml
2022-05-27 15:09:48 +02:00
Koen Kanters
b268b1ed75
Update ghcr_delete_untagged.yml
2022-05-27 12:08:55 +02:00
Koen Kanters
64769b3e9f
Update ghcr_delete_untagged.yml
2022-05-27 12:05:51 +02:00
Koen Kanters
66e804d71e
Create ghcr_delete_untagged.yml
2022-05-27 12:01:21 +02:00
Koen Kanters
be55e3ee80
Revert "Temp disable ghcr.io push (seems to make build fail)"
...
This reverts commit c1372852e9 .
2022-05-27 11:47:43 +02:00