LizardByte
diff --git a/‎.github/dependabot.yml
Lines changed: 48 additions & 0 deletions b/‎.github/dependabot.yml
Lines changed: 48 additions & 0 deletions
diff --git a/‎.github/label-actions.yml
Lines changed: 49 additions & 0 deletions b/‎.github/label-actions.yml
Lines changed: 49 additions & 0 deletions
diff --git a/‎.github/pr_release_template.md
Lines changed: 28 additions & 0 deletions b/‎.github/pr_release_template.md
Lines changed: 28 additions & 0 deletions
diff --git a/‎.github/workflows/auto-create-pr.yml
Lines changed: 35 additions & 0 deletions b/‎.github/workflows/auto-create-pr.yml
Lines changed: 35 additions & 0 deletions
diff --git a/‎.github/workflows/automerge.yml
Lines changed: 64 additions & 0 deletions b/‎.github/workflows/automerge.yml
Lines changed: 64 additions & 0 deletions
diff --git a/‎.github/workflows/codeql.yml
Lines changed: 147 additions & 0 deletions b/‎.github/workflows/codeql.yml
Lines changed: 147 additions & 0 deletions
@@ -0,0 +1,48 @@
+---
+# This action is centrally managed in https://github.com/<organization>/.github/
+# Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in
+# the above-mentioned repo.
+
+version: 2
+updates:
+  - package-ecosystem: "docker"
+    directory: "/"
+    schedule:
+      interval: "daily"
+      time: "08:00"
+    open-pull-requests-limit: 10
+
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "daily"
+      time: "08:30"
+    open-pull-requests-limit: 10
+
+  - package-ecosystem: "npm"
+    directory: "/"
+    schedule:
+      interval: "daily"
+      time: "09:00"
+    open-pull-requests-limit: 10
+
+  - package-ecosystem: "nuget"
+    directory: "/"
+    schedule:
+      interval: "daily"
+      time: "09:30"
+    open-pull-requests-limit: 10
+
+  - package-ecosystem: "pip"
+    directory: "/"
+    schedule:
+      interval: "daily"
+      time: "10:00"
+    open-pull-requests-limit: 10
+
+  - package-ecosystem: "gitsubmodule"
+    directory: "/"
+    schedule:
+      interval: "daily"
+      time: "10:30"
+    open-pull-requests-limit: 10
@@ -0,0 +1,49 @@
+---
+# This action is centrally managed in https://github.com/<organization>/.github/
+# Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in
+# the above-mentioned repo.
+
+# Configuration for Label Actions - https://github.com/dessant/label-actions
+
+added:
+  comment: >
+    This feature has been added and will be available in the next release.
+fixed:
+  comment: >
+    This issue has been fixed and will be available in the next release.
+invalid:duplicate:
+  comment: >
+    :wave: @{issue-author}, this appears to be a duplicate of a pre-existing issue.
+  close: true
+  lock: true
+  unlabel: 'status:awaiting-triage'
+
+-invalid:duplicate:
+  reopen: true
+  unlock: true
+
+invalid:support:
+  comment: >
+    :wave: @{issue-author}, we use the issue tracker exclusively for bug reports.
+    However, this issue appears to be a support request. Please use our
+    [Support Center](https://app.lizardbyte.dev/support) for support issues. Thanks.
+  close: true
+  lock: true
+  lock-reason: 'off-topic'
+  unlabel: 'status:awaiting-triage'
+
+-invalid:support:
+  reopen: true
+  unlock: true
+
+invalid:template-incomplete:
+  issues:
+    comment: >
+      :wave: @{issue-author}, please edit your issue to complete the template with
+      all the required info. Your issue will be automatically closed in 5 days if
+      the template is not completed. Thanks.
+  prs:
+    comment: >
+      :wave: @{issue-author}, please edit your PR to complete the template with
+      all the required info. Your PR will be automatically closed in 5 days if
+      the template is not completed. Thanks.
@@ -0,0 +1,28 @@
+## Description
+<!--- Please include a summary of the changes. --->
+This PR was created automatically.
+
+
+### Screenshot
+<!--- Include screenshots if the changes are UI-related. --->
+
+
+### Issues Fixed or Closed
+<!--- Close issue example: `- Closes #1` --->
+<!--- Fix bug issue example: `- Fixes #2` --->
+<!--- Resolve issue example: `- Resolves #3` --->
+
+
+## Type of Change
+- [ ] Bug fix (non-breaking change which fixes an issue)
+- [ ] New feature (non-breaking change which adds functionality)
+- [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected)
+- [ ] Dependency update (updates to dependencies)
+- [ ] Documentation update (changes to documentation)
+- [ ] Repository update (changes to repository files, e.g. `.github/...`)
+
+## Branch Updates
+- [x] I want maintainers to keep my branch updated
+
+## Changelog Summary
+<!--- Summarize all the changes in a bulleted list. --->
@@ -0,0 +1,35 @@
+---
+# This action is centrally managed in https://github.com/<organization>/.github/
+# Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in
+# the above-mentioned repo.
+
+# This workflow  creates a PR automatically when anything is merged/pushed into the `nightly` branch. The PR is created
+# against the `master` (default) branch.
+
+name: Auto create PR
+
+on:
+  push:
+    branches:
+      - 'nightly'
+
+jobs:
+  create_pr:
+    if: startsWith(github.repository, 'LizardByte/')
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Create Pull Request
+        uses: repo-sync/pull-request@v2
+        with:
+          source_branch: ""  # should be "nightly" as it's the triggering branch
+          destination_branch: "master"
+          pr_title: "Pulling ${{ github.ref_name }} into master"
+          pr_template: ".github/pr_release_template.md"
+          pr_assignee: "${{ secrets.GH_BOT_NAME }}"
+          pr_draft: true
+          pr_allow_empty: false
+          github_token: ${{ secrets.GH_BOT_TOKEN }}
@@ -0,0 +1,64 @@
+---
+# This action is centrally managed in https://github.com/<organization>/.github/
+# Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in
+# the above-mentioned repo.
+
+# This workflow will, first, automatically approve PRs created by @LizardByte-bot. Then it will automerge relevant PRs.
+
+name: Automerge PR
+
+on:
+  pull_request:
+    types:
+      - opened
+      - synchronize
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  autoapprove:
+    if: >-
+      contains(fromJson('["LizardByte-bot"]'), github.event.pull_request.user.login) &&
+      contains(fromJson('["LizardByte-bot"]'), github.actor) &&
+      startsWith(github.repository, 'LizardByte/')
+    runs-on: ubuntu-latest
+    steps:
+      - name: Autoapproving
+        uses: hmarr/auto-approve-action@v3
+        with:
+          github-token: "${{ secrets.GITHUB_TOKEN }}"
+
+      - name: Label autoapproved
+        uses: actions/github-script@v7
+        with:
+          github-token: ${{ secrets.GH_BOT_TOKEN }}
+          script: |
+            github.rest.issues.addLabels({
+              issue_number: context.issue.number,
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              labels: ['autoapproved', 'autoupdate']
+            })
+
+  automerge:
+    if: startsWith(github.repository, 'LizardByte/')
+    needs: [autoapprove]
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Automerging
+        uses: pascalgn/[email protected]
+        env:
+          BASE_BRANCHES: nightly
+          GITHUB_TOKEN: ${{ secrets.GH_BOT_TOKEN }}
+          GITHUB_LOGIN: ${{ secrets.GH_BOT_NAME }}
+          MERGE_LABELS: "!dependencies"
+          MERGE_METHOD: "squash"
+          MERGE_COMMIT_MESSAGE: "{pullRequest.title} (#{pullRequest.number})"
+          MERGE_DELETE_BRANCH: true
+          MERGE_ERROR_FAIL: true
+          MERGE_FILTER_AUTHOR: ${{ secrets.GH_BOT_NAME }}
+          MERGE_RETRIES: "240"  # 1 hour
+          MERGE_RETRY_SLEEP: "15000"  # 15 seconds
@@ -0,0 +1,147 @@
+---
+# This action is centrally managed in https://github.com/<organization>/.github/
+# Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in
+# the above-mentioned repo.
+
+# This workflow will analyze all supported languages in the repository using CodeQL Analysis.
+
+name: "CodeQL"
+
+on:
+  push:
+    branches: ["master", "nightly"]
+  pull_request:
+    branches: ["master", "nightly"]
+  schedule:
+    - cron: '00 12 * * 0'  # every Sunday at 12:00 UTC
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  languages:
+    name: Get language matrix
+    runs-on: ubuntu-latest
+    outputs:
+      matrix: ${{ steps.lang.outputs.result }}
+      continue: ${{ steps.continue.outputs.result }}
+    steps:
+      - name: Get repo languages
+        uses: actions/github-script@v7
+        id: lang
+        with:
+          script: |
+            // CodeQL supports ['cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby', 'swift']
+            // Use only 'java' to analyze code written in Java, Kotlin or both
+            // Use only 'javascript' to analyze code written in JavaScript, TypeScript or both
+            // Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
+            const supported_languages = ['cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby', 'swift']
+
+            const remap_languages = {
+              'c++': 'cpp',
+              'c#': 'csharp',
+              'kotlin': 'java',
+              'typescript': 'javascript',
+            }
+
+            const repo = context.repo
+            const response = await github.rest.repos.listLanguages(repo)
+            let matrix = {
+              "include": []
+            }
+
+            for (let [key, value] of Object.entries(response.data)) {
+              // remap language
+              if (remap_languages[key.toLowerCase()]) {
+                console.log(`Remapping language: ${key} to ${remap_languages[key.toLowerCase()]}`)
+                key = remap_languages[key.toLowerCase()]
+              }
+              if (supported_languages.includes(key.toLowerCase()) &&
+                  !matrix['include'].includes({"language": key.toLowerCase()})) {
+                console.log(`Found supported language: ${key}`)
+                matrix['include'].push({"language": key.toLowerCase()})
+              }
+            }
+
+            // print languages
+            console.log(`matrix: ${JSON.stringify(matrix)}`)
+
+            return matrix
+
+      - name: Continue
+        uses: actions/github-script@v7
+        id: continue
+        with:
+          script: |
+            // if matrix['include'] is an empty list return false, otherwise true
+            const matrix = ${{ steps.lang.outputs.result }}  // this is already json encoded
+
+            if (matrix['include'].length == 0) {
+              return false
+            } else {
+              return true
+            }
+
+  analyze:
+    name: Analyze
+    if: ${{ needs.languages.outputs.continue == 'true' }}
+    needs: [languages]
+    runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }}
+    timeout-minutes: ${{ (matrix.language == 'swift' && 120) || 360 }}
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix: ${{ fromJson(needs.languages.outputs.matrix) }}
+
+    steps:
+      - name: Maximize build space
+        uses: easimon/maximize-build-space@v8
+        with:
+          root-reserve-mb: 20480
+          remove-dotnet: ${{ (matrix.language == 'csharp' && 'false') || 'true' }}
+          remove-android: 'true'
+          remove-haskell: 'true'
+          remove-codeql: 'false'
+          remove-docker-images: 'true'
+
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          submodules: recursive
+
+      # Initializes the CodeQL tools for scanning.
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v3
+        with:
+          languages: ${{ matrix.language }}
+          # If you wish to specify custom queries, you can do so here or in a config file.
+          # By default, queries listed here will override any specified in a config file.
+          # Prefix the list here with "+" to use these queries and those in the config file.
+
+          # yamllint disable-line rule:line-length
+          # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
+          # queries: security-extended,security-and-quality
+
+      # Pre autobuild
+      # create a file named .codeql-prebuild-${{ matrix.language }}.sh in the root of your repository
+      - name: Prebuild
+        run: |
+          # check if .qodeql-prebuild-${{ matrix.language }}.sh exists
+          if [ -f "./.codeql-prebuild-${{ matrix.language }}.sh" ]; then
+            echo "Running .codeql-prebuild-${{ matrix.language }}.sh"
+            ./.codeql-prebuild-${{ matrix.language }}.sh
+          fi
+
+      # Autobuild attempts to build any compiled languages (C/C++, C#, Go, Java, or Swift).
+      - name: Autobuild
+        uses: github/codeql-action/autobuild@v3
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v3
+        with:
+          category: "/language:${{matrix.language}}"