Kelvin M. Klann
92137f8087
ci: check-profiles: fix git diff not running
...
This amends commit c222b7f69#6593 )", 2024-12-28).
2025-01-06 20:39:45 -03:00
dependabot[bot]
db1ea0bdcf
build(deps): bump github/codeql-action from 3.27.5 to 3.28.0
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.27.5 to 3.28.0.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](f09c1c0a94...48ab28a6f5
2025-01-01 15:00:06 +00:00
Kelvin M. Klann
c222b7f692
build: sort.py: fix whitespace in entire profile ( #6593 )
...
Changes:
* Strip whitespace at the beginning
* Strip whitespace at the end
* Ensure exactly one newline at the end
* Strip extraneous newlines
Also, for clarity print the git diff in the sort.py ci job, since the
specific lines changed are not printed by the sort.py script in this
case (as whitespace is fixed in the entire profile at once).
Command used to search and replace:
./contrib/sort.py etc/inc/*.inc etc/profile*/*.profile
This is a follow-up to #6556 .
Update contrib/sort.py
2024-12-28 16:00:14 +00:00
dependabot[bot]
28512d16ea
build(deps): bump step-security/harden-runner from 2.10.1 to 2.10.2
...
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner ) from 2.10.1 to 2.10.2.
- [Release notes](https://github.com/step-security/harden-runner/releases )
- [Commits](91182cccc0...0080882f6c
2024-12-01 08:19:01 +00:00
dependabot[bot]
9ddba6a09e
build(deps): bump github/codeql-action from 3.27.0 to 3.27.5
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.27.0 to 3.27.5.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](662472033e...f09c1c0a94
2024-12-01 08:18:52 +00:00
dependabot[bot]
4ded6b7774
build(deps): bump github/codeql-action from 3.26.10 to 3.27.0
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.26.10 to 3.27.0.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](e2b3eafc8d...662472033e
2024-11-01 16:41:26 +00:00
dependabot[bot]
d1ffe4532a
build(deps): bump actions/checkout from 4.2.0 to 4.2.2
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.2.0 to 4.2.2.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](d632683dd7...11bd71901b
2024-11-01 16:41:18 +00:00
netblue30
c926850b5b
Merge pull request #6494 from netblue30/dependabot/github_actions/github/codeql-action-3.26.10
...
build(deps): bump github/codeql-action from 3.26.6 to 3.26.10
2024-10-01 10:47:32 -04:00
netblue30
0c470aa6c5
Merge pull request #6495 from netblue30/dependabot/github_actions/actions/checkout-4.2.0
...
build(deps): bump actions/checkout from 4.1.7 to 4.2.0
2024-10-01 10:47:14 -04:00
dependabot[bot]
a7918b0575
build(deps): bump step-security/harden-runner from 2.9.1 to 2.10.1
...
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner ) from 2.9.1 to 2.10.1.
- [Release notes](https://github.com/step-security/harden-runner/releases )
- [Commits](5c7944e73c...91182cccc0
2024-10-01 06:51:41 +00:00
dependabot[bot]
65fd5bbaaa
build(deps): bump actions/checkout from 4.1.7 to 4.2.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.7 to 4.2.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](692973e3d9...d632683dd7
2024-10-01 06:51:37 +00:00
dependabot[bot]
6a6d493260
build(deps): bump github/codeql-action from 3.26.6 to 3.26.10
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.26.6 to 3.26.10.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](4dd16135b6...e2b3eafc8d
2024-10-01 06:51:33 +00:00
Kelvin M. Klann
508394fbd8
docs: github: improve kernel headers item in build_issue.md
...
Relates to #6423 #6471 .
2024-09-13 05:16:11 -03:00
Kelvin M. Klann
9bccccfa77
docs: github: streamline environment in issue templates ( #6471 )
...
Changes:
* Sync bug_report.md with build_issue.md (reword items and add Linux
kernel item)
* Add a colon to the end of every item (to clarify where to add the
information)
* Add the Environment section to feature_request.md
The last item is intended as a basic sanity check, as users using an
outdated version of firejail may request something that was already
implemented (for example, see #6461 ).
Relates to #4515 #6423 .
2024-09-13 08:16:09 +00:00
dependabot[bot]
897f12dd88
build(deps): bump step-security/harden-runner from 2.9.0 to 2.9.1
...
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner ) from 2.9.0 to 2.9.1.
- [Release notes](https://github.com/step-security/harden-runner/releases )
- [Commits](0d381219dd...5c7944e73c
2024-09-01 16:21:50 +00:00
dependabot[bot]
00fe9ce335
build(deps): bump github/codeql-action from 3.25.15 to 3.26.6
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.25.15 to 3.26.6.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](afb54ba388...4dd16135b6
2024-09-01 16:21:39 +00:00
Kelvin M. Klann
7299f832fb
docs: add build_issue.md issue template ( #6423 )
...
Based on `.github/ISSUE_TEMPLATE/bug_report.md`.
Relates to #6417 .
2024-08-07 16:24:09 +00:00
dependabot[bot]
7031de4f54
build(deps): bump step-security/harden-runner from 2.8.1 to 2.9.0
...
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner ) from 2.8.1 to 2.9.0.
- [Release notes](https://github.com/step-security/harden-runner/releases )
- [Commits](17d0e2bd7d...0d381219dd
2024-08-05 08:40:08 +00:00
dependabot[bot]
a9491c16a8
build(deps): bump github/codeql-action from 3.25.11 to 3.25.15
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.25.11 to 3.25.15.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](b611370bb5...afb54ba388
2024-08-05 08:39:51 +00:00
dependabot[bot]
b69b3361f0
build(deps): bump step-security/harden-runner from 2.8.0 to 2.8.1
...
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner ) from 2.8.0 to 2.8.1.
- [Release notes](https://github.com/step-security/harden-runner/releases )
- [Commits](f086349bfa...17d0e2bd7d
2024-07-03 16:59:37 +00:00
dependabot[bot]
466ea299d0
build(deps): bump github/codeql-action from 3.25.7 to 3.25.11
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.25.7 to 3.25.11.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](f079b84933...b611370bb5
2024-07-03 16:59:29 +00:00
dependabot[bot]
53986d247b
build(deps): bump actions/checkout from 4.1.6 to 4.1.7
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.6 to 4.1.7.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](a5ac7e51b4...692973e3d9
2024-07-03 16:59:21 +00:00
glitsj16
386ee003d2
docs: bug_report.md: use absolute path in 'steps to reproduce' ( #6382 )
...
We still see lots of issue reports where the user runs `firejail foo`
and ends up running foo's sandbox twice (due to firecfg's symlink
precedence). Try to improve the situation by explicitly using absolute
paths in the 'steps to reproduce' section.
2024-06-14 08:59:38 +00:00
dependabot[bot]
53ad8d7912
build(deps): bump step-security/harden-runner from 2.7.1 to 2.8.0
...
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner ) from 2.7.1 to 2.8.0.
- [Release notes](https://github.com/step-security/harden-runner/releases )
- [Commits](a4aa98b93c...f086349bfa
2024-06-01 14:09:12 +00:00
dependabot[bot]
70519058ae
build(deps): bump github/codeql-action from 3.25.5 to 3.25.7
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.25.5 to 3.25.7.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](b7cec75265...f079b84933
2024-06-01 14:09:03 +00:00
dependabot[bot]
812449c6b2
build(deps): bump github/codeql-action from 3.25.4 to 3.25.5
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.25.4 to 3.25.5.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](ccf74c9479...b7cec75265
2024-05-18 06:58:07 +00:00
dependabot[bot]
34b570ce53
build(deps): bump actions/checkout from 4.1.5 to 4.1.6
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.5 to 4.1.6.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](44c2b7a8a4...a5ac7e51b4
2024-05-18 06:57:54 +00:00
Kelvin M. Klann
442032c574
ci: make dependabot updates monthly and bump PR limit ( #6338 )
...
It is currently only used for GitHub Actions. The ones used in this
project rarely ever contain notable changes in their changelogs (in a
way that would cause a noticeable difference in our CI).
Also, there are weeks when most/all of the PR/commit activity is from
dependabot PRs being opened/merged. For example, see the output of the
following command:
git log --no-decorate --oneline 9a0db13e12..bef085035
So change the checks from weekly to monthly to reduce the noise.
Additionally, bump `open-pull-requests-limit` to 4, as it seems that we
only have 4 dependencies:
$ git grep 'uses:' -- .github/ | sed -E 's/.*(uses: .*)@.*/\1/' |
LC_ALL=C sort -u
uses: actions/checkout
uses: github/codeql-action/analyze
uses: github/codeql-action/init
uses: step-security/harden-runner
This should ensure that PRs can be opened against all of them when the
dependabot check is run.
2024-05-18 06:54:23 +00:00
dependabot[bot]
bef0850353
build(deps): bump github/codeql-action from 3.25.3 to 3.25.4
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.25.3 to 3.25.4.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](d39d31e687...ccf74c9479
2024-05-13 19:47:41 +00:00
dependabot[bot]
16232f34bf
build(deps): bump actions/checkout from 4.1.4 to 4.1.5
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.4 to 4.1.5.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](0ad4b8fada...44c2b7a8a4
2024-05-13 19:47:33 +00:00
dependabot[bot]
a6b758e8ca
build(deps): bump step-security/harden-runner from 2.7.0 to 2.7.1
...
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner ) from 2.7.0 to 2.7.1.
- [Release notes](https://github.com/step-security/harden-runner/releases )
- [Commits](63c24ba6bd...a4aa98b93c
2024-05-07 17:35:49 +00:00
dependabot[bot]
8b679f1022
build(deps): bump github/codeql-action from 3.24.10 to 3.25.3
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.24.10 to 3.25.3.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](4355270be1...d39d31e687
2024-05-01 18:23:49 +00:00
dependabot[bot]
1889f00b55
build(deps): bump actions/checkout from 4.1.2 to 4.1.4
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.2 to 4.1.4.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](9bb56186c3...0ad4b8fada
2024-05-01 18:22:37 +00:00
dependabot[bot]
c69b4b4b29
build(deps): bump github/codeql-action from 3.24.9 to 3.24.10
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.24.9 to 3.24.10.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](1b1aada464...4355270be1
2024-04-08 17:48:55 +00:00
dependabot[bot]
a1a49024ca
build(deps): bump github/codeql-action from 3.24.7 to 3.24.9
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.24.7 to 3.24.9.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](3ab4101902...1b1aada464
2024-03-25 06:33:13 +00:00
dependabot[bot]
7d25b31c88
build(deps): bump github/codeql-action from 3.24.6 to 3.24.7
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.24.6 to 3.24.7.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](8a470fddaf...3ab4101902
2024-03-18 09:45:58 +00:00
dependabot[bot]
f3d4e0b828
build(deps): bump actions/checkout from 4.1.1 to 4.1.2
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.1 to 4.1.2.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](b4ffde65f4...9bb56186c3
2024-03-18 09:45:45 +00:00
dependabot[bot]
c677dfe5bb
build(deps): bump github/codeql-action from 3.24.5 to 3.24.6
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.24.5 to 3.24.6.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](47b3d888fe...8a470fddaf
2024-03-04 06:22:40 +00:00
Kelvin M. Klann
2301ab2348
build: standardize ./configure arguments
...
For consistency and to make it clearer where jobs differ (for example,
to see where `--enable-analyzer` is used).
Changes:
* Always use --prefix=/usr and --enable-fatal-warnings (except in the
Alpine job due to current warnings; see #6224 )
* Use the same argument order
Note: mkdeb.sh and platform/rpm/mkrpm.sh already pass `--prefix=/usr` to
./configure.
2024-02-29 08:52:25 -03:00
Kelvin M. Klann
f7e74772cf
ci: run check-c.yml on any C code change
...
test/ also contains source code and cppcheck checks it:
$ make cppcheck | grep 'Checking test/'
Checking test/appimage/main.c ...
Checking test/chroot/unchroot.c ...
Checking test/filters/namespaces.c ...
Checking test/seccomp-extra/memwrexe.c ...
So make sure that it is included in the CI trigger paths.
2024-02-29 08:52:25 -03:00
Kelvin M. Klann
95f866e3c6
ci: remove unnecessary dependencies and endpoints
...
Sync the build and build-clang jobs.
2024-02-29 08:52:25 -03:00
Kelvin M. Klann
c9531d95ed
build: add print-version target and use in CI
...
To reduce TARNAME hardcoding.
Added on commit 6a89ab023#5148 .
2024-02-29 08:52:24 -03:00
Kelvin M. Klann
df2dbec7ee
Merge pull request #6222 from kmk3/build-override-tools
...
build: allow overriding certain tools & sync targets with CI
2024-02-28 01:27:46 +00:00
dependabot[bot]
03731075ee
build(deps): bump github/codeql-action from 3.24.3 to 3.24.5
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.24.3 to 3.24.5.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](379614612a...47b3d888fe
2024-02-26 20:18:41 +00:00
Kelvin M. Klann
1f6400bd89
build: sync scan-build target with CI
...
Changes:
* Use --status-bugs in the scan-build target to exit with an error if
bugs are found
* Call the make target in the CI job
2024-02-24 18:53:07 -03:00
Kelvin M. Klann
f4f7a814e7
build: sync cppcheck targets with CI
...
Changes:
* Use the same command from the cppcheck CI job in the cppcheck target
* Add cppcheck-old target based on the cppcheck_old CI job
* Call the make targets in CI to avoid duplicating the commands
2024-02-24 18:53:06 -03:00
dependabot[bot]
092bb0a3d2
build(deps): bump github/codeql-action from 3.24.0 to 3.24.3
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.24.0 to 3.24.3.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](e8893c57a1...379614612a
2024-02-19 14:59:12 +00:00
dependabot[bot]
feeaec66fa
build(deps): bump github/codeql-action from 3.23.2 to 3.24.0
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.23.2 to 3.24.0.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](b7bf0a3ed3...e8893c57a1
2024-02-05 07:42:00 +00:00
dependabot[bot]
fa81522b5c
build(deps): bump step-security/harden-runner from 2.6.1 to 2.7.0
...
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner ) from 2.6.1 to 2.7.0.
- [Release notes](https://github.com/step-security/harden-runner/releases )
- [Commits](eb238b55ef...63c24ba6bd
2024-02-05 07:41:53 +00:00
Kelvin M. Klann
180bdee347
ci: add timeout limits ( #6178 )
...
So that they fail early instead of letting them run indefinitely when
there are problems with the CI infrastructure.
Use 5 minutes for the jobs that usually complete in under a minute
(check-profiles and codespell) and 10 minutes for the rest (most jobs
usually take 1-3 minutes).
2024-02-03 20:24:45 +00:00
