diff --git a/.github/workflows/appstore-build-publish.yml b/.github/workflows/appstore-build-publish.yml index 7da96c8b..aa8d7dc5 100644 --- a/.github/workflows/appstore-build-publish.yml +++ b/.github/workflows/appstore-build-publish.yml @@ -12,9 +12,6 @@ on: release: types: [published] -env: - PHP_VERSION: 8.1 - jobs: build_and_publish: runs-on: ubuntu-latest @@ -35,7 +32,7 @@ jobs: echo "APP_VERSION=${GITHUB_REF##*/}" >> $GITHUB_ENV - name: Checkout - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: path: ${{ env.APP_NAME }} @@ -47,7 +44,7 @@ jobs: expression: "//info//dependencies//nextcloud/@min-version" - name: Read package.json node and npm engines version - uses: skjnldsv/read-package-engines-version-actions@8205673bab74a63eb9b8093402fd9e0e018663a1 # v2.2 + uses: skjnldsv/read-package-engines-version-actions@06d6baf7d8f41934ab630e97d9e6c0bc9c9ac5e4 # v3 id: versions # Continue if no package.json continue-on-error: true @@ -59,26 +56,32 @@ jobs: - name: Set up node ${{ steps.versions.outputs.nodeVersion }} # Skip if no package.json if: ${{ steps.versions.outputs.nodeVersion }} - uses: actions/setup-node@b39b52d1213e96004bfcb1c61a8a6fa8ab84f3e8 # v3 + uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 with: node-version: ${{ steps.versions.outputs.nodeVersion }} - name: Set up npm ${{ steps.versions.outputs.npmVersion }} # Skip if no package.json if: ${{ steps.versions.outputs.npmVersion }} - run: npm i -g npm@"${{ steps.versions.outputs.npmVersion }}" + run: npm i -g 'npm@${{ steps.versions.outputs.npmVersion }}' + + - name: Get php version + id: php-versions + uses: icewind1991/nextcloud-version-matrix@58becf3b4bb6dc6cef677b15e2fd8e7d48c0908f # v1.3.1 + with: + filename: ${{ env.APP_NAME }}/appinfo/info.xml - - name: Set up php ${{ env.PHP_VERSION }} - uses: shivammathur/setup-php@6d7209f44a25a59e904b1ee9f3b0c33ab2cd888d # v2 + - name: Set up php ${{ steps.php-versions.outputs.php-min }} + uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 # v2.31.1 with: - php-version: ${{ env.PHP_VERSION }} + php-version: ${{ steps.php-versions.outputs.php-min }} coverage: none env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Check composer.json id: check_composer - uses: andstor/file-existence-action@076e0072799f4942c8bc574a82233e1e4d13e9d6 # v2 + uses: andstor/file-existence-action@076e0072799f4942c8bc574a82233e1e4d13e9d6 # v3.0.0 with: files: "${{ env.APP_NAME }}/composer.json" @@ -96,11 +99,11 @@ jobs: run: | cd ${{ env.APP_NAME }} npm ci - npm run build + npm run build --if-present - name: Check Krankerl config id: krankerl - uses: andstor/file-existence-action@076e0072799f4942c8bc574a82233e1e4d13e9d6 # v2 + uses: andstor/file-existence-action@076e0072799f4942c8bc574a82233e1e4d13e9d6 # v3.0.0 with: files: ${{ env.APP_NAME }}/krankerl.toml @@ -126,12 +129,12 @@ jobs: continue-on-error: true id: server-checkout run: | - NCVERSION=${{ fromJSON(steps.appinfo.outputs.result).nextcloud.min-version }} + NCVERSION='${{ fromJSON(steps.appinfo.outputs.result).nextcloud.min-version }}' wget --quiet https://download.nextcloud.com/server/releases/latest-$NCVERSION.zip unzip latest-$NCVERSION.zip - name: Checkout server master fallback - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 if: ${{ steps.server-checkout.outcome != 'success' }} with: submodules: true @@ -145,7 +148,7 @@ jobs: tar -xvf ${{ env.APP_NAME }}.tar.gz cd ../../../ # Setting up keys - echo "${{ secrets.APP_PRIVATE_KEY }}" > ${{ env.APP_NAME }}.key + echo '${{ secrets.APP_PRIVATE_KEY }}' > ${{ env.APP_NAME }}.key wget --quiet "https://github.com/nextcloud/app-certificate-requests/raw/master/${{ env.APP_NAME }}/${{ env.APP_NAME }}.crt" # Signing php nextcloud/occ integrity:sign-app --privateKey=../${{ env.APP_NAME }}.key --certificate=../${{ env.APP_NAME }}.crt --path=../${{ env.APP_NAME }}/build/artifacts/${{ env.APP_NAME }} @@ -154,7 +157,7 @@ jobs: tar -zcvf ${{ env.APP_NAME }}.tar.gz ${{ env.APP_NAME }} - name: Attach tarball to github release - uses: svenstaro/upload-release-action@1beeb572c19a9242f4361f4cee78f8e0d9aec5df # v2 + uses: svenstaro/upload-release-action@04733e069f2d7f7f0b4aebc4fbdbce8613b03ccd # v2 id: attach_to_release with: repo_token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/lint-php-cs.yml b/.github/workflows/lint-php-cs.yml index 354dbb3f..51083488 100644 --- a/.github/workflows/lint-php-cs.yml +++ b/.github/workflows/lint-php-cs.yml @@ -2,6 +2,9 @@ # # https://github.com/nextcloud/.github # https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization +# +# SPDX-FileCopyrightText: 2021-2024 Nextcloud GmbH and Nextcloud contributors +# SPDX-License-Identifier: MIT name: Lint php-cs @@ -15,46 +18,24 @@ concurrency: cancel-in-progress: true jobs: - changes: - runs-on: ubuntu-latest - - outputs: - src: ${{ steps.changes.outputs.src}} - - steps: - - uses: dorny/paths-filter@4512585405083f25c027a35db413c2b3b9006d50 # v2.11.1 - id: changes - continue-on-error: true - with: - filters: | - src: - - '.github/workflows/**' - - '3rdparty/**' - - '**/lib/**' - - '**/tests/**' - - '**/vendor-bin/**' - - '.php-cs-fixer.dist.php' - - 'composer.json' - - 'composer.lock' - - '**.php' - lint: runs-on: ubuntu-latest - name: PHP CS fixer lint - - strategy: - matrix: - php-versions: [ "8.1", "8.2", "8.3" ] + name: php-cs steps: - name: Checkout - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - name: Set up php - uses: shivammathur/setup-php@4bd44f22a98a19e0950cbad5f31095157cc9621b # v2 + - name: Get php version + id: versions + uses: icewind1991/nextcloud-version-matrix@58becf3b4bb6dc6cef677b15e2fd8e7d48c0908f # v1.3.1 + + - name: Set up php${{ steps.versions.outputs.php-available }} + uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 # v2.31.1 with: - php-version: ${{ matrix.php-versions }} + php-version: ${{ steps.versions.outputs.php-available }} + extensions: bz2, ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, session, simplexml, xmlreader, xmlwriter, zip, zlib, sqlite, pdo_sqlite coverage: none ini-file: development env: @@ -65,18 +46,3 @@ jobs: - name: Lint run: composer run cs:check || ( echo 'Please run `composer run cs:fix` to format your code' && exit 1 ) - - summary: - permissions: - contents: none - runs-on: ubuntu-latest - needs: [changes, lint] - - if: always() - - # This is the summary, we just avoid to rename it so that branch protection rules still match - name: php-cs - - steps: - - name: Summary status - run: if ${{ needs.changes.outputs.src != 'false' && needs.lint.result != 'success' }}; then exit 1; fi diff --git a/.github/workflows/lint-php.yml b/.github/workflows/lint-php.yml index af8c5710..104fed64 100644 --- a/.github/workflows/lint-php.yml +++ b/.github/workflows/lint-php.yml @@ -2,11 +2,13 @@ # # https://github.com/nextcloud/.github # https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization +# +# SPDX-FileCopyrightText: 2021-2024 Nextcloud GmbH and Nextcloud contributors +# SPDX-License-Identifier: MIT name: Lint php -on: - pull_request: +on: pull_request permissions: contents: read @@ -16,49 +18,35 @@ concurrency: cancel-in-progress: true jobs: - changes: - runs-on: ubuntu-latest - + matrix: + runs-on: ubuntu-latest-low outputs: - src: ${{ steps.changes.outputs.src}} - + php-versions: ${{ steps.versions.outputs.php-versions }} steps: - - uses: dorny/paths-filter@4512585405083f25c027a35db413c2b3b9006d50 # v2.11.1 - id: changes - continue-on-error: true - with: - filters: | - src: - - '.github/workflows/**' - - '3rdparty/**' - - '**/lib/**' - - '**/tests/**' - - '**/vendor-bin/**' - - '.php-cs-fixer.dist.php' - - 'composer.json' - - 'composer.lock' - - '**.php' + - name: Checkout app + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - name: Get version matrix + id: versions + uses: icewind1991/nextcloud-version-matrix@58becf3b4bb6dc6cef677b15e2fd8e7d48c0908f # v1.0.0 - lint: + php-lint: runs-on: ubuntu-latest - - needs: changes - if: needs.changes.outputs.src != 'false' - + needs: matrix strategy: matrix: - php-versions: [ "8.1", "8.2", "8.3" ] + php-versions: ${{fromJson(needs.matrix.outputs.php-versions)}} name: php-lint steps: - name: Checkout - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Set up php ${{ matrix.php-versions }} - uses: shivammathur/setup-php@4bd44f22a98a19e0950cbad5f31095157cc9621b # v2 + uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 # v2.31.1 with: php-version: ${{ matrix.php-versions }} + extensions: bz2, ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, session, simplexml, xmlreader, xmlwriter, zip, zlib, sqlite, pdo_sqlite coverage: none ini-file: development env: @@ -70,8 +58,8 @@ jobs: summary: permissions: contents: none - runs-on: ubuntu-latest - needs: [changes, lint] + runs-on: ubuntu-latest-low + needs: php-lint if: always() @@ -79,4 +67,4 @@ jobs: steps: - name: Summary status - run: if ${{ needs.changes.outputs.src != 'false' && needs.lint.result != 'success' }}; then exit 1; fi + run: if ${{ needs.php-lint.result != 'success' && needs.php-lint.result != 'skipped' }}; then exit 1; fi diff --git a/.github/workflows/node.yml b/.github/workflows/node.yml index 190520cf..3ca15c8b 100644 --- a/.github/workflows/node.yml +++ b/.github/workflows/node.yml @@ -2,11 +2,13 @@ # # https://github.com/nextcloud/.github # https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization +# +# SPDX-FileCopyrightText: 2021-2024 Nextcloud GmbH and Nextcloud contributors +# SPDX-License-Identifier: MIT name: Node -on: - pull_request: +on: pull_request permissions: contents: read @@ -17,21 +19,24 @@ concurrency: jobs: changes: - runs-on: ubuntu-latest + runs-on: ubuntu-latest-low + permissions: + contents: read + pull-requests: read outputs: src: ${{ steps.changes.outputs.src}} steps: - - uses: dorny/paths-filter@4512585405083f25c027a35db413c2b3b9006d50 # v2.11.1 + - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2 id: changes continue-on-error: true with: filters: | src: - '.github/workflows/**' - - '**/src/**' - - '**/appinfo/info.xml' + - 'src/**' + - 'appinfo/info.xml' - 'package.json' - 'package-lock.json' - 'tsconfig.json' @@ -48,26 +53,27 @@ jobs: name: NPM build steps: - name: Checkout - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v3.6.0 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Read package.json node and npm engines version - uses: skjnldsv/read-package-engines-version-actions@8205673bab74a63eb9b8093402fd9e0e018663a1 # v2.2 + uses: skjnldsv/read-package-engines-version-actions@06d6baf7d8f41934ab630e97d9e6c0bc9c9ac5e4 # v3 id: versions with: fallbackNode: '^20' - fallbackNpm: '^9' + fallbackNpm: '^10' - name: Set up node ${{ steps.versions.outputs.nodeVersion }} - uses: actions/setup-node@8f152de45cc393bb48ce5d89d36b731f54556e65 # v4.0.0 + uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 with: node-version: ${{ steps.versions.outputs.nodeVersion }} - name: Set up npm ${{ steps.versions.outputs.npmVersion }} - run: npm i -g npm@"${{ steps.versions.outputs.npmVersion }}" + run: npm i -g 'npm@${{ steps.versions.outputs.npmVersion }}' - name: Install dependencies & build env: CYPRESS_INSTALL_BINARY: 0 + PUPPETEER_SKIP_DOWNLOAD: true run: | npm ci npm run build --if-present @@ -86,7 +92,7 @@ jobs: summary: permissions: contents: none - runs-on: ubuntu-latest + runs-on: ubuntu-latest-low needs: [changes, build] if: always() diff --git a/.github/workflows/pr-feedback.yml b/.github/workflows/pr-feedback.yml index be0d028f..6a01fa09 100644 --- a/.github/workflows/pr-feedback.yml +++ b/.github/workflows/pr-feedback.yml @@ -35,7 +35,7 @@ jobs: with: feedback-message: | Hello there, - Thank you so much for taking the time and effort to create a pull request to our Nextcloud project. + Thank you so much for taking the time and effort to create a pull request to our Nextcloud project. We hope that the review process is going smooth and is helpful for you. We want to ensure your pull request is reviewed to your satisfaction. If you have a moment, our community management team would very much appreciate your feedback on your experience with this PR review process. @@ -45,6 +45,6 @@ jobs: (If you believe you should not receive this message, you can add yourself to the [blocklist](https://github.com/nextcloud/.github/blob/master/non-community-usernames.txt).) days-before-feedback: 14 - start-date: "2024-04-30" - exempt-authors: "${{ steps.blocklist.outputs.blocklist }},${{ steps.scrape.outputs.users }},nextcloud-command,nextcloud-android-bot" + start-date: '2024-04-30' + exempt-authors: '${{ steps.blocklist.outputs.blocklist }},${{ steps.scrape.outputs.users }}' exempt-bots: true diff --git a/.github/workflows/psalm.yml b/.github/workflows/psalm.yml index 8c01b423..e9258903 100644 --- a/.github/workflows/psalm.yml +++ b/.github/workflows/psalm.yml @@ -2,23 +2,13 @@ # # https://github.com/nextcloud/.github # https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization +# +# SPDX-FileCopyrightText: 2022-2024 Nextcloud GmbH and Nextcloud contributors +# SPDX-License-Identifier: MIT name: Static analysis -on: - pull_request: - paths: - - 'lib/**' - - 'templates/**' - - 'tests/**' - - 'vendor/**' - - 'vendor-bin/**' - - composer.lock - push: - branches: - - master - - main - - stable* +on: pull_request concurrency: group: psalm-${{ github.head_ref || github.run_id }} @@ -28,29 +18,27 @@ jobs: static-analysis: runs-on: ubuntu-latest - strategy: - matrix: - php-versions: [ '8.1', '8.2', '8.3' ] - server-versions: [ 'dev-master' ] - fail-fast: false - - name: Nextcloud + name: static-psalm-analysis steps: - name: Checkout - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + + - name: Get php version + id: versions + uses: icewind1991/nextcloud-version-matrix@58becf3b4bb6dc6cef677b15e2fd8e7d48c0908f # v1.3.1 - - name: Set up php - uses: shivammathur/setup-php@c5fc0d8281aba02c7fda07d3a70cc5371548067d # v2 + - name: Set up php${{ steps.versions.outputs.php-available }} + uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 # v2.31.1 with: - php-version: ${{ matrix.php-versions }} + php-version: ${{ steps.versions.outputs.php-available }} + extensions: bz2, ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, session, simplexml, xmlreader, xmlwriter, zip, zlib, sqlite, pdo_sqlite coverage: none ini-file: development env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Install dependencies - run: | - composer require --with-all-dependencies nextcloud/ocp:${{ matrix.server-versions }} + run: composer i - name: Run coding standards check run: composer run psalm