For compliance reasons, we're required
e07510100f
build: remove unused install.sh ( #7124 )
...
install.sh was used for AC_PROG_INSTALL, which was removed in
4421517c55#5133 )
From the manual of GNU Autoconf (version 2.73):
> Autoconf comes with a copy of ‘install-sh’ that you can use. If
> you use ‘AC_PROG_INSTALL’, you must include ‘install-sh’ in your
> distribution; otherwise ‘autoreconf’ and ‘configure’ will produce
> an error message saying they can’t find it—even if the system
> you’re on has a good ‘install’ program. This check is a safety
> measure to prevent you from accidentally leaving that file out,
> which would prevent your package from installing on systems that
> don’t have a BSD-compatible ‘install’ program.
If install-sh wasn't found, configure would check for install.sh in
srcdir. install.sh is a placeholder that does nothing, without it
configure would abort.
2026-04-02 11:55:42 +00:00
dependabot[bot]
ca88d166da
build(deps): bump step-security/harden-runner from 2.15.0 to 2.16.1
...
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner ) from 2.15.0 to 2.16.1.
- [Release notes](https://github.com/step-security/harden-runner/releases )
- [Commits](a90bcbc653...fe10465874
2026-04-01 15:46:56 +00:00
dependabot[bot]
a5e5cf2485
build(deps): bump step-security/harden-runner from 2.14.1 to 2.15.0
...
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner ) from 2.14.1 to 2.15.0.
- [Release notes](https://github.com/step-security/harden-runner/releases )
- [Commits](e3f713f2d8...a90bcbc653
2026-03-01 13:43:35 +00:00
dependabot[bot]
e7844285f8
build(deps): bump actions/checkout from 6.0.1 to 6.0.2
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 6.0.1 to 6.0.2.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](8e8c483db8...de0fac2e45
2026-02-01 19:26:27 +00:00
dependabot[bot]
6cd5b9e62c
build(deps): bump step-security/harden-runner from 2.14.0 to 2.14.1
...
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner ) from 2.14.0 to 2.14.1.
- [Release notes](https://github.com/step-security/harden-runner/releases )
- [Commits](20cf305ff2...e3f713f2d8
2026-02-01 19:26:09 +00:00
dependabot[bot]
7131f4c5ea
build(deps): bump actions/checkout from 6.0.0 to 6.0.1
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 6.0.0 to 6.0.1.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](1af3b93b68...8e8c483db8
2026-01-01 13:21:52 +00:00
dependabot[bot]
e2d6a1b5f0
build(deps): bump step-security/harden-runner from 2.13.2 to 2.14.0
...
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner ) from 2.13.2 to 2.14.0.
- [Release notes](https://github.com/step-security/harden-runner/releases )
- [Commits](95d9a5deda...20cf305ff2
2026-01-01 13:16:49 +00:00
dependabot[bot]
599960144d
build(deps): bump step-security/harden-runner from 2.13.1 to 2.13.2
...
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner ) from 2.13.1 to 2.13.2.
- [Release notes](https://github.com/step-security/harden-runner/releases )
- [Commits](f4a75cfd61...95d9a5deda
2025-12-01 16:13:03 +00:00
dependabot[bot]
2891fc6956
build(deps): bump actions/checkout from 5.0.0 to 6.0.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 5.0.0 to 6.0.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](08c6903cd8...1af3b93b68
2025-12-01 16:12:45 +00:00
dependabot[bot]
f6b666d9d5
build(deps): bump step-security/harden-runner from 2.13.0 to 2.13.1
...
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner ) from 2.13.0 to 2.13.1.
- [Release notes](https://github.com/step-security/harden-runner/releases )
- [Commits](ec9f2d5744...f4a75cfd61
2025-10-01 22:48:14 +00:00
dependabot[bot]
b67b2db74e
build(deps): bump actions/checkout from 4.2.2 to 5.0.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.2.2 to 5.0.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](11bd71901b...08c6903cd8
2025-09-04 11:33:37 +00:00
Kelvin M. Klann
dbf4b9a22b
ci: drop apt dependencies from main build
...
Disable apparmor/selinux and use the default compiler version (currently
gcc 11.4.0-1ubuntu1~22.04).
Note that these configuration options are are still enabled in the
`build-gcc` job, so the code coverage should remain unaffected.
This allows dropping the apt-get update/install commands, which can take
a significant amount of time (sometimes even most of the job runtime),
depending on the state of the CI infrastructure.
For a relatively recent example of this, see the build of commit
a31f74165#6806 )", 2025-07-10) [1]:
* `apt-get update`: 12s
* `apt-get install`: 64s
* `make`: 40s
When comparing master (8bccd686fhttps://github.com/netblue30/firejail/actions/runs/16141617993/job/45550207173
[2] https://github.com/netblue30/firejail/actions/runs/17019049268/job/48245518988
[3] https://github.com/netblue30/firejail/actions/runs/17019049268/job/48245547046
[4] https://github.com/netblue30/firejail/actions/runs/17019049268/job/48245579009
[5] https://github.com/netblue30/firejail/actions/runs/17019030502/job/48245478097
[6] https://github.com/netblue30/firejail/actions/runs/17019030502/job/48245617867
[7] https://github.com/netblue30/firejail/actions/runs/17019030502/job/48245626724
2025-08-18 05:00:36 -03:00
Kelvin M. Klann
47811cb6da
ci: run main build in parallel
...
To make it faster.
See also commit 500d8f2d6#5960 .
2025-08-18 05:00:36 -03:00
Kelvin M. Klann
0d2b949a85
ci: copy build to build-gcc & remove --enable-analyzer
...
Changes:
* Copy the `build` job from build.yml to `build-gcc` in build-extra.yml
* Remove `--enable-analyzer` in the main build
`-fanalyzer` increases the chance of false positives (compared to using
just the normal warning flags), so leave it just in build-extra to make
it clearer why the main build fails (that is, build errors, normal
warnings or analyzer warnings).
2025-08-18 05:00:36 -03:00
dependabot[bot]
8120e87d48
build(deps): bump step-security/harden-runner from 2.12.2 to 2.13.0
...
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner ) from 2.12.2 to 2.13.0.
- [Release notes](https://github.com/step-security/harden-runner/releases )
- [Commits](6c439dc8bd...ec9f2d5744
2025-08-01 08:09:01 +00:00
dependabot[bot]
4505abf1b8
build(deps): bump step-security/harden-runner from 2.12.0 to 2.12.2
...
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner ) from 2.12.0 to 2.12.2.
- [Release notes](https://github.com/step-security/harden-runner/releases )
- [Commits](0634a2670c...6c439dc8bd
2025-07-07 18:52:03 +00:00
dependabot[bot]
2f1b51ab35
build(deps): bump step-security/harden-runner from 2.11.0 to 2.12.0
...
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner ) from 2.11.0 to 2.12.0.
- [Release notes](https://github.com/step-security/harden-runner/releases )
- [Commits](4d991eb9b9...0634a2670c
2025-05-02 07:56:13 +00:00
dependabot[bot]
c7b7478ad3
build(deps): bump step-security/harden-runner from 2.10.4 to 2.11.0
...
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner ) from 2.10.4 to 2.11.0.
- [Release notes](https://github.com/step-security/harden-runner/releases )
- [Commits](cb605e52c2...4d991eb9b9
2025-03-01 13:24:28 +00:00
dependabot[bot]
5a6e52d936
build(deps): bump step-security/harden-runner from 2.10.2 to 2.10.4
...
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner ) from 2.10.2 to 2.10.4.
- [Release notes](https://github.com/step-security/harden-runner/releases )
- [Commits](0080882f6c...cb605e52c2
2025-02-01 14:26:08 +00:00
Kelvin M. Klann
1a576d15a9
build: rename print-version target to installcheck ( #6620 )
...
To make it consistent with the standard GNU make targets.
From the manual of GNU Make (version 4.4.1-2):
> 'installcheck'
> Perform installation tests (if any). The user must build and
> install the program before running the tests. You should not
> assume that '$(bindir)' is in the search path.
Commands used to search and replace:
$ git grep -Ilz print-version |
xargs -0 -I '{}' sh -c "printf '%s\n' \"\$(sed \
's/print-version/installcheck/g' '{}')\" >'{}'"
$ git grep -Ilz 'print version' .github/workflows |
xargs -0 -I '{}' sh -c "printf '%s\n' \"\$(sed \
's/print version/make installcheck/g' '{}')\" >'{}'"
Added on commit c9531d95e#6230 .
2025-01-18 04:48:56 +00:00
dependabot[bot]
28512d16ea
build(deps): bump step-security/harden-runner from 2.10.1 to 2.10.2
...
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner ) from 2.10.1 to 2.10.2.
- [Release notes](https://github.com/step-security/harden-runner/releases )
- [Commits](91182cccc0...0080882f6c
2024-12-01 08:19:01 +00:00
dependabot[bot]
d1ffe4532a
build(deps): bump actions/checkout from 4.2.0 to 4.2.2
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.2.0 to 4.2.2.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](d632683dd7...11bd71901b
2024-11-01 16:41:18 +00:00
netblue30
0c470aa6c5
Merge pull request #6495 from netblue30/dependabot/github_actions/actions/checkout-4.2.0
...
build(deps): bump actions/checkout from 4.1.7 to 4.2.0
2024-10-01 10:47:14 -04:00
dependabot[bot]
a7918b0575
build(deps): bump step-security/harden-runner from 2.9.1 to 2.10.1
...
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner ) from 2.9.1 to 2.10.1.
- [Release notes](https://github.com/step-security/harden-runner/releases )
- [Commits](5c7944e73c...91182cccc0
2024-10-01 06:51:41 +00:00
dependabot[bot]
65fd5bbaaa
build(deps): bump actions/checkout from 4.1.7 to 4.2.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.7 to 4.2.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](692973e3d9...d632683dd7
2024-10-01 06:51:37 +00:00
dependabot[bot]
897f12dd88
build(deps): bump step-security/harden-runner from 2.9.0 to 2.9.1
...
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner ) from 2.9.0 to 2.9.1.
- [Release notes](https://github.com/step-security/harden-runner/releases )
- [Commits](0d381219dd...5c7944e73c
2024-09-01 16:21:50 +00:00
dependabot[bot]
7031de4f54
build(deps): bump step-security/harden-runner from 2.8.1 to 2.9.0
...
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner ) from 2.8.1 to 2.9.0.
- [Release notes](https://github.com/step-security/harden-runner/releases )
- [Commits](17d0e2bd7d...0d381219dd
2024-08-05 08:40:08 +00:00
dependabot[bot]
b69b3361f0
build(deps): bump step-security/harden-runner from 2.8.0 to 2.8.1
...
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner ) from 2.8.0 to 2.8.1.
- [Release notes](https://github.com/step-security/harden-runner/releases )
- [Commits](f086349bfa...17d0e2bd7d
2024-07-03 16:59:37 +00:00
dependabot[bot]
53986d247b
build(deps): bump actions/checkout from 4.1.6 to 4.1.7
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.6 to 4.1.7.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](a5ac7e51b4...692973e3d9
2024-07-03 16:59:21 +00:00
dependabot[bot]
53ad8d7912
build(deps): bump step-security/harden-runner from 2.7.1 to 2.8.0
...
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner ) from 2.7.1 to 2.8.0.
- [Release notes](https://github.com/step-security/harden-runner/releases )
- [Commits](a4aa98b93c...f086349bfa
2024-06-01 14:09:12 +00:00
dependabot[bot]
34b570ce53
build(deps): bump actions/checkout from 4.1.5 to 4.1.6
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.5 to 4.1.6.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](44c2b7a8a4...a5ac7e51b4
2024-05-18 06:57:54 +00:00
dependabot[bot]
16232f34bf
build(deps): bump actions/checkout from 4.1.4 to 4.1.5
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.4 to 4.1.5.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](0ad4b8fada...44c2b7a8a4
2024-05-13 19:47:33 +00:00
dependabot[bot]
a6b758e8ca
build(deps): bump step-security/harden-runner from 2.7.0 to 2.7.1
...
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner ) from 2.7.0 to 2.7.1.
- [Release notes](https://github.com/step-security/harden-runner/releases )
- [Commits](63c24ba6bd...a4aa98b93c
2024-05-07 17:35:49 +00:00
dependabot[bot]
1889f00b55
build(deps): bump actions/checkout from 4.1.2 to 4.1.4
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.2 to 4.1.4.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](9bb56186c3...0ad4b8fada
2024-05-01 18:22:37 +00:00
dependabot[bot]
f3d4e0b828
build(deps): bump actions/checkout from 4.1.1 to 4.1.2
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.1 to 4.1.2.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](b4ffde65f4...9bb56186c3
2024-03-18 09:45:45 +00:00
Kelvin M. Klann
2301ab2348
build: standardize ./configure arguments
...
For consistency and to make it clearer where jobs differ (for example,
to see where `--enable-analyzer` is used).
Changes:
* Always use --prefix=/usr and --enable-fatal-warnings (except in the
Alpine job due to current warnings; see #6224 )
* Use the same argument order
Note: mkdeb.sh and platform/rpm/mkrpm.sh already pass `--prefix=/usr` to
./configure.
2024-02-29 08:52:25 -03:00
Kelvin M. Klann
95f866e3c6
ci: remove unnecessary dependencies and endpoints
...
Sync the build and build-clang jobs.
2024-02-29 08:52:25 -03:00
Kelvin M. Klann
c9531d95ed
build: add print-version target and use in CI
...
To reduce TARNAME hardcoding.
Added on commit 6a89ab023#5148 .
2024-02-29 08:52:24 -03:00
dependabot[bot]
fa81522b5c
build(deps): bump step-security/harden-runner from 2.6.1 to 2.7.0
...
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner ) from 2.6.1 to 2.7.0.
- [Release notes](https://github.com/step-security/harden-runner/releases )
- [Commits](eb238b55ef...63c24ba6bd
2024-02-05 07:41:53 +00:00
Kelvin M. Klann
180bdee347
ci: add timeout limits ( #6178 )
...
So that they fail early instead of letting them run indefinitely when
there are problems with the CI infrastructure.
Use 5 minutes for the jobs that usually complete in under a minute
(check-profiles and codespell) and 10 minutes for the rest (most jobs
usually take 1-3 minutes).
2024-02-03 20:24:45 +00:00
dependabot[bot]
f60f4b3072
build(deps): bump step-security/harden-runner from 2.6.0 to 2.6.1
...
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner ) from 2.6.0 to 2.6.1.
- [Release notes](https://github.com/step-security/harden-runner/releases )
- [Commits](1b05615854...eb238b55ef
2023-11-20 18:34:15 +00:00
dependabot[bot]
c4b0d88fad
build(deps): bump actions/checkout from 4.1.0 to 4.1.1
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.0 to 4.1.1.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](8ade135a41...b4ffde65f4
2023-10-23 16:46:42 +00:00
dependabot[bot]
202a079115
build(deps): bump step-security/harden-runner from 2.5.1 to 2.6.0
...
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner ) from 2.5.1 to 2.6.0.
- [Release notes](https://github.com/step-security/harden-runner/releases )
- [Commits](8ca2b8b2ec...1b05615854
2023-10-09 08:07:54 +00:00
Kelvin M. Klann
e796ba1349
ci: allow running workflows manually
...
Add `on.workflow_dispatch`.
See:
* https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#onworkflow_dispatch
* https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#workflow_dispatch
2023-09-26 12:24:14 -03:00
dependabot[bot]
bfacd86527
build(deps): bump actions/checkout from 4.0.0 to 4.1.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.0.0 to 4.1.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](3df4ab11eb...8ade135a41
2023-09-25 17:22:23 +00:00
dependabot[bot]
8caf747ab8
build(deps): bump actions/checkout from 3.6.0 to 4.0.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.6.0 to 4.0.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](f43a0e5ff2...3df4ab11eb
2023-09-11 17:48:10 +00:00
Kelvin M. Klann
0cc56a71a5
ci: fix dependabot duplicated workflow runs
...
Every workflow is being executed twice for dependabot: Once when its
branch is pushed to this repository and again when a PR is opened for
it.
For example, see the checks in #5979 ("29 checks passed").
This happens because both `on.push` and `on.pull_request` are specified
in the workflow files.
There does not seem to be a simple and generic way to avoid such
duplicated runs directly in GitHub Actions (such as preventing the same
check from running for the same exact commit)[1], so just ignore the
dependabot branches on push for now.
See also and commit 5871b08a4#5815 .
[1] https://github.com/orgs/community/discussions/26276
2023-08-28 20:47:35 -03:00
dependabot[bot]
f235c8f6c7
build(deps): bump actions/checkout from 3.5.3 to 3.6.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.5.3 to 3.6.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](c85c95e3d7...f43a0e5ff2
2023-08-28 22:22:25 +00:00
Kelvin M. Klann
b4346f0f19
ci: document the intended purpose of each workflow
2023-08-22 04:58:21 -03:00
Kelvin M. Klann
82d28795a7
ci: split build and test into separate workflows
...
Testing takes significantly longer than building, so this makes the
default build check faster.
2023-08-22 04:52:55 -03:00
