diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 5e1b6f6ec9..184b6fddc2 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -37,6 +37,8 @@ jobs: steps: - name: Checkout repository uses: actions/checkout@v5 + with: + persist-credentials: false - name: Install dependencies run: | diff --git a/.github/workflows/nightly_Linux_distributions.yml b/.github/workflows/nightly_Linux_distributions.yml index 49a20b2680..10a7038bed 100644 --- a/.github/workflows/nightly_Linux_distributions.yml +++ b/.github/workflows/nightly_Linux_distributions.yml @@ -34,6 +34,8 @@ jobs: steps: - uses: actions/checkout@v5 + with: + persist-credentials: false - name: Install dependencies run: ./ci/install_dependencies.sh - name: Build and install diff --git a/.github/workflows/on_PR_linux_fuzz.yml b/.github/workflows/on_PR_linux_fuzz.yml index 791381aa15..b19759c095 100644 --- a/.github/workflows/on_PR_linux_fuzz.yml +++ b/.github/workflows/on_PR_linux_fuzz.yml @@ -26,6 +26,8 @@ jobs: steps: - uses: actions/checkout@v5 + with: + persist-credentials: false - name: Install dependencies run: | sudo ./ci/install_dependencies.sh diff --git a/.github/workflows/on_PR_linux_matrix.yml b/.github/workflows/on_PR_linux_matrix.yml index 395988b0dc..9e7a4d936d 100644 --- a/.github/workflows/on_PR_linux_matrix.yml +++ b/.github/workflows/on_PR_linux_matrix.yml @@ -22,6 +22,8 @@ jobs: steps: - uses: actions/checkout@v5 + with: + persist-credentials: false - name: Install dependencies run: | @@ -72,6 +74,8 @@ jobs: steps: - uses: actions/checkout@v5 + with: + persist-credentials: false - uses: jirutka/setup-alpine@v1 with: arch: ${{matrix.arch}} diff --git a/.github/workflows/on_PR_linux_special_builds.yml b/.github/workflows/on_PR_linux_special_builds.yml index 7a438765f4..b24e8f20a4 100644 --- a/.github/workflows/on_PR_linux_special_builds.yml +++ b/.github/workflows/on_PR_linux_special_builds.yml @@ -19,6 +19,7 @@ jobs: - uses: actions/checkout@v5 with: fetch-depth: 2 + persist-credentials: false # Trying to deal with warning: -> Issue detecting commit SHA. Please run actions/checkout with fetch-depth > 1 or set to 0 - name: Install dependencies @@ -65,6 +66,8 @@ jobs: steps: - uses: actions/checkout@v5 + with: + persist-credentials: false - name: Install dependencies run: | @@ -101,6 +104,8 @@ jobs: steps: - uses: actions/checkout@v5 + with: + persist-credentials: false - name: Install dependencies run: | @@ -135,6 +140,8 @@ jobs: steps: - uses: actions/checkout@v5 + with: + persist-credentials: false - name: Install dependencies run: | @@ -157,6 +164,8 @@ jobs: steps: - uses: actions/checkout@v5 + with: + persist-credentials: false - name: Install dependencies run: | diff --git a/.github/workflows/on_PR_linux_staticAnalysis.yml b/.github/workflows/on_PR_linux_staticAnalysis.yml index 16a80a1c90..cb8282414a 100644 --- a/.github/workflows/on_PR_linux_staticAnalysis.yml +++ b/.github/workflows/on_PR_linux_staticAnalysis.yml @@ -19,6 +19,7 @@ jobs: - uses: actions/checkout@v5 with: fetch-depth: 2 + persist-credentials: false # Trying to deal with warning: -> Issue detecting commit SHA. Please run actions/checkout with fetch-depth > 1 or set to 0 - name: Install dependencies diff --git a/.github/workflows/on_PR_mac_matrix.yml b/.github/workflows/on_PR_mac_matrix.yml index 4d4ba46726..5ddaad0211 100644 --- a/.github/workflows/on_PR_mac_matrix.yml +++ b/.github/workflows/on_PR_mac_matrix.yml @@ -22,6 +22,8 @@ jobs: steps: - uses: actions/checkout@v5 + with: + persist-credentials: false - name: Install dependencies run: | diff --git a/.github/workflows/on_PR_mac_special_builds.yml b/.github/workflows/on_PR_mac_special_builds.yml index ad76239550..35d5497e6c 100644 --- a/.github/workflows/on_PR_mac_special_builds.yml +++ b/.github/workflows/on_PR_mac_special_builds.yml @@ -17,6 +17,8 @@ jobs: steps: - uses: actions/checkout@v5 + with: + persist-credentials: false - name: Install dependencies run: | diff --git a/.github/workflows/on_PR_meson.yaml b/.github/workflows/on_PR_meson.yaml index 05a261410f..e83b80728a 100644 --- a/.github/workflows/on_PR_meson.yaml +++ b/.github/workflows/on_PR_meson.yaml @@ -16,6 +16,8 @@ jobs: deps: ['enabled', 'disabled'] steps: - uses: actions/checkout@v5 + with: + persist-credentials: false - uses: egor-tensin/setup-gcc@v1 with: version: ${{matrix.cxx}} @@ -37,6 +39,8 @@ jobs: deps: ['enabled', 'disabled'] steps: - uses: actions/checkout@v5 + with: + persist-credentials: false - uses: egor-tensin/setup-clang@v1 with: version: ${{matrix.cxx}} @@ -63,6 +67,8 @@ jobs: platform: ['x64', 'x86'] steps: - uses: actions/checkout@v5 + with: + persist-credentials: false - name: Install packages run: | @@ -85,6 +91,8 @@ jobs: deps: ['forcefallback', 'default'] steps: - uses: actions/checkout@v5 + with: + persist-credentials: false - name: Install packages run: | @@ -117,6 +125,8 @@ jobs: shell: msys2 {0} steps: - uses: actions/checkout@v5 + with: + persist-credentials: false - uses: msys2/setup-msys2@v2 with: @@ -143,6 +153,8 @@ jobs: shell: msys2 {0} steps: - uses: actions/checkout@v5 + with: + persist-credentials: false - uses: msys2/setup-msys2@v2 with: msystem: 'MSYS' @@ -165,6 +177,8 @@ jobs: deps: ['enabled', 'disabled'] steps: - uses: actions/checkout@v5 + with: + persist-credentials: false - name: Install packages run: | @@ -179,6 +193,8 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v5 + with: + persist-credentials: false - uses: vmactions/freebsd-vm@v1 with: prepare: | @@ -191,6 +207,8 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v5 + with: + persist-credentials: false - uses: vmactions/omnios-vm@v1 with: prepare: | @@ -203,6 +221,8 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v5 + with: + persist-credentials: false - name: Install packages run: | sudo apt install -y meson diff --git a/.github/workflows/on_PR_windows_matrix.yml b/.github/workflows/on_PR_windows_matrix.yml index 6282e0f853..6211294b91 100644 --- a/.github/workflows/on_PR_windows_matrix.yml +++ b/.github/workflows/on_PR_windows_matrix.yml @@ -30,6 +30,8 @@ jobs: steps: - uses: actions/checkout@v5 + with: + persist-credentials: false - name: Set up Visual Studio shell uses: ilammy/msvc-dev-cmd@v1 @@ -41,6 +43,7 @@ jobs: with: path: ${{github.workspace}}/conanCache key: ${{runner.os}}-${{matrix.platform}}-${{matrix.build_type}}-Shared${{matrix.shared_libraries}}-${{ hashFiles('conanfile.py') }} + lookup-only: true - name: Install Conan & Common config run: | @@ -94,6 +97,8 @@ jobs: steps: - uses: actions/checkout@v5 + with: + persist-credentials: false - name: Set up MSYS2 uses: msys2/setup-msys2@v2 @@ -150,6 +155,8 @@ jobs: - run: git config --global core.autocrlf input shell: pwsh - uses: actions/checkout@v5 + with: + persist-credentials: false - name: Set up Cygwin uses: cygwin/cygwin-install-action@v6 diff --git a/.github/workflows/on_push_BasicWinLinMac.yml b/.github/workflows/on_push_BasicWinLinMac.yml index a476e24f87..a99661c0c2 100644 --- a/.github/workflows/on_push_BasicWinLinMac.yml +++ b/.github/workflows/on_push_BasicWinLinMac.yml @@ -21,6 +21,8 @@ jobs: steps: - uses: actions/checkout@v5 + with: + persist-credentials: false - name: Set up Visual Studio shell uses: ilammy/msvc-dev-cmd@v1 @@ -57,6 +59,8 @@ jobs: steps: - uses: actions/checkout@v5 + with: + persist-credentials: false - name: Install dependencies run: | @@ -91,6 +95,8 @@ jobs: steps: - uses: actions/checkout@v5 + with: + persist-credentials: false - name: Install dependencies run: | diff --git a/.github/workflows/on_push_ExtraJobsForMain.yml b/.github/workflows/on_push_ExtraJobsForMain.yml index 702487f825..9b46e4011c 100644 --- a/.github/workflows/on_push_ExtraJobsForMain.yml +++ b/.github/workflows/on_push_ExtraJobsForMain.yml @@ -21,6 +21,8 @@ jobs: steps: - uses: actions/checkout@v5 + with: + persist-credentials: false - name: Install dependencies run: | diff --git a/.github/workflows/on_push_clang_format.yml b/.github/workflows/on_push_clang_format.yml index 41375d865c..ff415becfb 100644 --- a/.github/workflows/on_push_clang_format.yml +++ b/.github/workflows/on_push_clang_format.yml @@ -8,6 +8,8 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v5 + with: + persist-credentials: false - uses: DoozyX/clang-format-lint-action@v0.20 with: source: '.' diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 3a885c3abe..c0839f99c5 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -26,6 +26,8 @@ jobs: - { os: ubuntu-22.04-arm, arch: arm64 } steps: - uses: actions/checkout@v5 + with: + persist-credentials: false - name: Install dependencies run: | @@ -68,6 +70,8 @@ jobs: - { os: macos-14, arch: arm64 } steps: - uses: actions/checkout@v5 + with: + persist-credentials: false - name: Install dependencies run: | @@ -110,6 +114,8 @@ jobs: - { os: windows-2022, arch: x64 } steps: - uses: actions/checkout@v5 + with: + persist-credentials: false - name: Set up Visual Studio shell uses: ilammy/msvc-dev-cmd@v1 @@ -124,6 +130,7 @@ jobs: with: path: ${{github.workspace}}/conanCache key: ${{runner.os}}-release-win-${{ hashFiles('conanfile.py') }} + lookup-only: true - name: Install Conan & Common config run: | @@ -162,14 +169,16 @@ jobs: steps: - if: github.event_name == 'workflow_dispatch' - run: echo "TAG_NAME=${{ github.event.inputs.tag_name }}" >> $GITHUB_ENV + run: echo "TAG_NAME=${GITHUB_EVENT_INPUTS_TAG_NAME}" >> $GITHUB_ENV + env: + GITHUB_EVENT_INPUTS_TAG_NAME: ${{ github.event.inputs.tag_name }} - if: github.event_name == 'schedule' run: echo 'TAG_NAME=nightly' >> $GITHUB_ENV - if: github.event_name == 'push' run: | - TAG_NAME=${{ github.ref }} + TAG_NAME=${GITHUB_REF} echo "TAG_NAME=${TAG_NAME#refs/tags/}" >> $GITHUB_ENV - if: env.TAG_NAME == 'nightly' @@ -183,7 +192,7 @@ jobs: - if: env.TAG_NAME != 'nightly' run: | echo 'BODY<> $GITHUB_ENV - echo '## Exiv2 Release ${{ env.TAG_NAME }}' >> $GITHUB_ENV + echo '## Exiv2 Release ${TAG_NAME}' >> $GITHUB_ENV echo 'See [ChangeLog](doc/ChangeLog) for more information about the changes in this release.' >> $GITHUB_ENV echo 'EOF' >> $GITHUB_ENV