dependabot[bot]
73ef30e14c
chore(deps): Bump docker/build-push-action from 3.0.0 to 3.1.0 ( #2694 )
2022-07-25 18:18:37 +02:00
Brennan Kinney
8a0c71bd0c
docs(fix): Update to fix regression causing broken links ( #2681 )
2022-07-15 10:07:45 +12:00
dependabot[bot]
2a590113fd
chore(deps): Bump myrotvorets/set-commit-status-action from 1.1.4 to 1.1.5 ( #2664 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Casper <casperklein@users.noreply.github.com>
2022-06-28 09:03:57 +00:00
Frederic Werner
ea8e293dcc
docs(deps): bump mkdocs-material to v8.3.5 ( #2641 )
...
* docs(deps): bump mkdocs-material to v8.3.4
* docs(deps): bump mkdocs-material to v8.3.5
2022-06-15 11:38:32 +12:00
Naveen
13a194466b
chore: Set permissions for GitHub actions ( #2555 )
...
* chore: Set permissions for GitHub actions
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.
- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ )
Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
* Update docs-production-deploy.yml
* added `packages: write` permissions
this is apparently needed by GH so this repository can push new images.
Co-authored-by: Georg Lauterbach <44545919+georglauterbach@users.noreply.github.com>
Co-authored-by: Casper <casperklein@users.noreply.github.com>
2022-05-11 09:51:15 +02:00
dependabot[bot]
28dfb1bd00
chore(deps): Bump docker/setup-qemu-action from 1.2.0 to 2.0.0 ( #2580 )
...
Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action ) from 1.2.0 to 2.0.0.
- [Release notes](https://github.com/docker/setup-qemu-action/releases )
- [Commits](https://github.com/docker/setup-qemu-action/compare/v1.2.0...v2.0.0 )
---
updated-dependencies:
- dependency-name: docker/setup-qemu-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Georg Lauterbach <44545919+georglauterbach@users.noreply.github.com>
2022-05-10 18:07:49 +02:00
dependabot[bot]
66949604a2
chore(deps): Bump docker/login-action from 1.14.1 to 2.0.0 ( #2584 )
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 1.14.1 to 2.0.0.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](https://github.com/docker/login-action/compare/v1.14.1...v2.0.0 )
---
updated-dependencies:
- dependency-name: docker/login-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Georg Lauterbach <44545919+georglauterbach@users.noreply.github.com>
2022-05-10 08:46:44 +02:00
dependabot[bot]
fc454b62ba
chore(deps): Bump docker/metadata-action from 3.8.0 to 4.0.1 ( #2581 )
...
Bumps [docker/metadata-action](https://github.com/docker/metadata-action ) from 3.8.0 to 4.0.1.
- [Release notes](https://github.com/docker/metadata-action/releases )
- [Upgrade guide](https://github.com/docker/metadata-action/blob/master/UPGRADE.md )
- [Commits](https://github.com/docker/metadata-action/compare/v3.8.0...v4.0.1 )
---
updated-dependencies:
- dependency-name: docker/metadata-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Georg Lauterbach <44545919+georglauterbach@users.noreply.github.com>
2022-05-10 08:45:36 +02:00
dependabot[bot]
18f697970f
chore(deps): Bump docker/build-push-action from 2.10.0 to 3.0.0 ( #2582 )
...
Bumps [docker/build-push-action](https://github.com/docker/build-push-action ) from 2.10.0 to 3.0.0.
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](https://github.com/docker/build-push-action/compare/v2.10.0...v3.0.0 )
---
updated-dependencies:
- dependency-name: docker/build-push-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Georg Lauterbach <44545919+georglauterbach@users.noreply.github.com>
2022-05-10 08:43:00 +02:00
dependabot[bot]
a7c02365ce
chore(deps): Bump docker/setup-buildx-action from 1.7.0 to 2.0.0 ( #2583 )
...
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) from 1.7.0 to 2.0.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](https://github.com/docker/setup-buildx-action/compare/v1.7.0...v2.0.0 )
---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-10 08:32:18 +02:00
dependabot[bot]
94fff05424
chore(deps): Bump docker/setup-buildx-action from 1.6.0 to 1.7.0 ( #2574 )
...
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) from 1.6.0 to 1.7.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](https://github.com/docker/setup-buildx-action/compare/v1.6.0...v1.7.0 )
---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Georg Lauterbach <44545919+georglauterbach@users.noreply.github.com>
2022-05-02 15:52:19 +02:00
dependabot[bot]
25678694b5
chore(deps): Bump docker/metadata-action from 3.7.0 to 3.8.0 ( #2573 )
...
Bumps [docker/metadata-action](https://github.com/docker/metadata-action ) from 3.7.0 to 3.8.0.
- [Release notes](https://github.com/docker/metadata-action/releases )
- [Commits](https://github.com/docker/metadata-action/compare/v3.7.0...v3.8.0 )
---
updated-dependencies:
- dependency-name: docker/metadata-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-02 15:24:58 +02:00
dependabot[bot]
3cb5668b6f
chore(deps): Bump docker/metadata-action from 3.6.2 to 3.7.0 ( #2543 )
2022-04-11 21:30:15 +02:00
dependabot[bot]
f3fe454b43
chore(deps): Bump actions/upload-artifact from 2 to 3 ( #2542 )
2022-04-11 16:19:53 +02:00
dependabot[bot]
6553f627e8
chore(deps): Bump actions/stale from 4 to 5 ( #2544 )
...
Bumps [actions/stale](https://github.com/actions/stale ) from 4 to 5.
- [Release notes](https://github.com/actions/stale/releases )
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/stale/compare/v4...v5 )
---
updated-dependencies:
- dependency-name: actions/stale
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-11 15:29:38 +02:00
dependabot[bot]
7c150402a0
chore(deps): Bump peterjgrainger/action-create-branch ( #2528 )
...
Bumps [peterjgrainger/action-create-branch](https://github.com/peterjgrainger/action-create-branch ) from 2.1.0 to 2.2.0.
- [Release notes](https://github.com/peterjgrainger/action-create-branch/releases )
- [Commits](https://github.com/peterjgrainger/action-create-branch/compare/v2.1.0...v2.2.0 )
---
updated-dependencies:
- dependency-name: peterjgrainger/action-create-branch
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-05 10:43:58 +12:00
Georg Lauterbach
21c218ac68
scripts: remove DMS_DEBUG
( #2523 )
...
* remove DMS_DEBUG from tests
* remove DMS_DEBUG from doc and scripts
* updated issue template
* re-add description about removal of DMS_DEBUG
2022-04-03 13:29:10 +02:00
Georg Lauterbach
d651f3bd93
create .github/FUNDING.yml
( #2512 )
2022-04-02 15:56:29 +02:00
Frederic Werner
7655c788ee
docs(deps): bump mkdocs-material to v8.2.8 ( #2516 )
2022-03-31 14:21:43 +02:00
dependabot[bot]
00dffb21f0
chore(deps): Bump actions/cache from 2.1.7 to 3 ( #2502 )
2022-03-21 18:43:58 +01:00
dependabot[bot]
0dc80e6d13
chore(deps): Bump docker/build-push-action from 2.9.0 to 2.10.0 ( #2501 )
2022-03-21 15:03:38 +01:00
Georg Lauterbach
321ae744fa
scripts: small refactorings ( #2485 )
...
Co-authored-by: Casper <casperklein@users.noreply.github.com>
2022-03-17 11:24:30 +01:00
dependabot[bot]
542c1f4e8d
chore(deps): bump docker/login-action from 1.14.0 to 1.14.1 ( #2471 )
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 1.14.0 to 1.14.1.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](https://github.com/docker/login-action/compare/v1.14.0...v1.14.1 )
---
updated-dependencies:
- dependency-name: docker/login-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Brennan Kinney <5098581+polarathene@users.noreply.github.com>
2022-03-09 11:59:00 +13:00
dependabot[bot]
bf7fba68bd
chore(deps): bump actions/checkout from 2 to 3 ( #2470 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Frederic Werner <20406381+wernerfred@users.noreply.github.com>
2022-03-09 11:57:01 +13:00
dependabot[bot]
59712122ff
chore(deps): bump docker/login-action from 1.13.0 to 1.14.0 ( #2442 )
2022-02-28 22:17:22 +01:00
dependabot[bot]
6d6a3de47b
chore(deps): bump docker/login-action from 1.12.0 to 1.13.0 ( #2427 )
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 1.12.0 to 1.13.0.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](https://github.com/docker/login-action/compare/v1.12.0...v1.13.0 )
---
updated-dependencies:
- dependency-name: docker/login-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Casper <casperklein@users.noreply.github.com>
2022-02-22 08:37:44 +13:00
Frederic Werner
358df6ada2
docs(deps): bump mkdocs-material to v8.2.1 ( #2422 )
...
* docs(deps): bump mkdocs-material to v8.2.1
* feat(docs): enable mermaid integration
Configuration based on https://squidfunk.github.io/mkdocs-material/reference/diagrams/?h=mermaid#configuration
* fix: allow yaml value mapping
* chore: Adopt mkdocs-material mermaid integration support
Supported by the docs generator now, we no longer need to rely on external image generator or live editor link (both relied on large base64 encoding of mermaid markup). SVG will be rendered by docs now, although a little different style (can be fixed with custom CSS).
Co-authored-by: Brennan Kinney <5098581+polarathene@users.noreply.github.com>
2022-02-19 21:26:56 +01:00
dependabot[bot]
7b21db77cc
chore(deps): bump docker/build-push-action from 2.8.0 to 2.9.0 ( #2399 )
...
Bumps [docker/build-push-action](https://github.com/docker/build-push-action ) from 2.8.0 to 2.9.0.
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](https://github.com/docker/build-push-action/compare/v2.8.0...v2.9.0 )
---
updated-dependencies:
- dependency-name: docker/build-push-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-07 16:57:22 +01:00
dependabot[bot]
b2b701a478
chore(deps): bump docker/build-push-action from 2.7.0 to 2.8.0 ( #2376 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-01-24 20:28:14 +01:00
Frederic Werner
4f6db41d03
docs(deps): bump mkdocs-material to v8.1.7 ( #2374 )
2022-01-20 10:45:23 +01:00
Frederic Werner
c6b6f680f5
docs(deps): bump mkdocs-material to v8.1.6 ( #2368 )
2022-01-12 18:10:18 +01:00
dependabot[bot]
014dddafbc
chore(deps): bump peterjgrainger/action-create-branch ( #2345 )
2021-12-27 21:54:10 +01:00
dependabot[bot]
6dd2c1d5d6
chore(deps): bump docker/login-action from 1.11.0 to 1.12.0 ( #2346 )
2021-12-27 21:27:02 +01:00
Casper
d46e094280
Remove quotes to meet style guidelines ( #2330 )
...
Co-authored-by: Georg Lauterbach <44545919+georglauterbach@users.noreply.github.com>
2021-12-21 17:01:40 +01:00
Brennan Kinney
bdb770a0aa
ci(fix): Do not trust user controlled input ( #2337 )
...
The prepare workflow runs in an untrusted context already and thus should not have anything worthwhile to exploit.
However care should still be taken to avoid interpolating expressions into shell scripts directly that is data a user can control the value of. Especially to avoid any maintainer referencing an existing workflow from copying a risky snippet unaware of different security contexts for workflows.
In this case, as per Github Documentation and referenced issue comment, the PR title is user controllable data, which if directly interpolated into the shell script being run (as it previously was), allows for injecting commands to execute.
2021-12-21 21:46:09 +13:00
dependabot[bot]
ce4bc8a2bd
chore(deps): bump docker/login-action from 1.10.0 to 1.11.0 ( #2335 )
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 1.10.0 to 1.11.0.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](https://github.com/docker/login-action/compare/v1.10.0...v1.11.0 )
---
updated-dependencies:
- dependency-name: docker/login-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-12-20 15:57:02 +01:00
Georg Lauterbach
99cc9fec2a
Updated ShellCheck to 0.8.0
and Hadolint to 2.8.0
( #2329 )
...
Co-authored-by: Brennan Kinney <5098581+polarathene@users.noreply.github.com>
2021-12-19 11:56:22 +01:00
Frederic Werner
6ad9dd3063
docs(deps): bump mkdocs-material to v8.1.1 ( #2324 )
2021-12-14 23:10:29 +01:00
Frederic Werner
7f731ebca0
docs(deps): bump mkdocs-material to new major version 8 ( #2311 )
...
* docs(deps): bump mkdocs-material to 8.0.2
* docs(deps): bump mkdocs-material to 8.0.3
* chore: add default version of docs
* feat: add version warning
* fix: remove version warning
* docs(deps): bump mkdocs-material to 8.0.5
* added code annotation feature
We can introduce new annotation with new PRs in the future. I'd advise against overhauling all code blocks with this feature in this PR - this PR should just introduce the feature.
* docs(deps): bump mkdocs-material to 8.1.0
* fix: remove unnecessary default value
re-add if version warning gets a thing in the future. See https://github.com/docker-mailserver/docker-mailserver/pull/2311#issuecomment-991805830
Co-authored-by: Georg Lauterbach <44545919+georglauterbach@users.noreply.github.com>
2021-12-13 08:43:01 +01:00
dependabot[bot]
c568e09e60
chore(deps): bump docker/metadata-action from 3.6.1 to 3.6.2 ( #2320 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-12-11 18:23:44 +01:00
Felix
c77229d66e
Added docker to dependabot.yml config ( #2316 )
...
Co-authored-by: Georg Lauterbach <44545919+georglauterbach@users.noreply.github.com>
2021-12-11 09:58:17 +01:00
dependabot[bot]
e92ecd04b4
chore(deps): bump docker/metadata-action from 3.6.0 to 3.6.1 ( #2314 )
...
Bumps [docker/metadata-action](https://github.com/docker/metadata-action ) from 3.6.0 to 3.6.1.
- [Release notes](https://github.com/docker/metadata-action/releases )
- [Commits](https://github.com/docker/metadata-action/compare/v3.6.0...v3.6.1 )
---
updated-dependencies:
- dependency-name: docker/metadata-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-12-06 15:02:00 +01:00
dependabot[bot]
7bf1b7eea4
chore(deps): bump actions/cache from 2.1.6 to 2.1.7 ( #2309 )
...
Bumps [actions/cache](https://github.com/actions/cache ) from 2.1.6 to 2.1.7.
- [Release notes](https://github.com/actions/cache/releases )
- [Commits](https://github.com/actions/cache/compare/v2.1.6...v2.1.7 )
---
updated-dependencies:
- dependency-name: actions/cache
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-29 13:16:43 +01:00
Georg Lauterbach
c7265450cd
corrected stale message format ( #2307 )
2021-11-29 12:39:27 +01:00
Georg Lauterbach
ae70142d8f
Housekeeping ( #2302 )
...
Co-authored-by: Brennan Kinney <5098581+polarathene@users.noreply.github.com>
2021-11-20 10:38:40 +01:00
Georg Lauterbach
30834eb250
Revise workflow for stalled objects ( #2301 )
2021-11-15 21:00:25 +01:00
Casper
984acb960d
Update close_stale_issues.yml ( #2300 )
2021-11-15 09:03:12 +01:00
Brennan Kinney
65120dd934
github(fix): Issues form - Use checkboxes for the experience question ( #2297 )
...
Dropdown isn't appropriate. This was meant to be changed to multi-choice for opt-in.
2021-11-14 00:07:54 +13:00
Frederic Werner
a0bd2c6df9
docs(deps): bump mkdocs-material to 7.3.6 ( #2287 )
2021-11-05 09:03:12 +13:00
Brennan Kinney
fb72f3ad52
ci(docs): Fail when build aborts from broken links ( #2266 )
...
Using `set -ex` will exit the script as soon as a non-zero exit code is returned, such as when the docker image fails building the docs due to `build --strict` catching broken links. This also removes the need for `|| exit` when changing directory.
This seems fine for a small script, but AFAIK an alternative fix is just adding `|| exit` to the end of the `docker run` command too? There appears to be advice [against adopting `-e` carelessly](http://mywiki.wooledge.org/BashFAQ/105 ), while others [encourage `-e`](http://redsymbol.net/articles/unofficial-bash-strict-mode/ ). I know that several maintainers here have preference towards `set -e` so I've kept the original PR solution.
Additionally:
- `-x` is used to improve command visibility when reviewing the workflow log output.
- `--name` isn't necessary, but was part of the original PR.
- I've chosen not to include `-o pipefail`, only because no pipes are used in this script.
* docs(fix): Fix broken links
* ci(docs): Added inline docs
Extra documentation context for maintainers to quickly grok what's going on.
* chore(docs): Minor typo fix by wernerfred
Added from their related PR by request.
2021-10-31 09:13:18 +13:00