upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-04-21 14:23:17 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 15

fix(actions): Harden workflows when using variables in strings

Browse source 
Signed-off-by: Joas Schilling <coding@schilljs.com>
This commit is contained in:
Joas Schilling 2024-06-07 15:40:12 +02:00 committed by Ferdinand Thiessen
parent 49c42c36ae
commit 54edf993d6
22 changed files with 78 additions and 87 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
.github/workflows/block-merge-eol.yml vendored
View file

@ -26,15 +26,15 @@ jobs:
runs-on: ubuntu-latest-low
steps:
- name: Download updater config
run: curl https://raw.githubusercontent.com/nextcloud/updater_server/production/config/config.php --output config.php
- name: Set server major version environment
run: |
# retrieve version number from branch reference
server_major=$(echo "${{ github.base_ref }}" | sed -En 's/stable//p')
echo "server_major=$server_major" >> $GITHUB_ENV
echo "current_month=$(date +%Y-%m)" >> $GITHUB_ENV
- name: Checking if ${{ env.server_major }} is EOL
run: |
php -r 'echo json_encode(require_once "config.php");' | jq --arg version "${{ env.server_major }}" '.stable[$version]["100"].eol // .beta[$version]["100"].eol // "NotEOL"' | grep -q "NotEOL"
curl -s https://raw.githubusercontent.com/nextcloud-releases/updater_server/production/config/major_versions.json \
| jq '.["${{ env.server_major }}"]["eol"] // "9999-99" | . >= "${{ env.current_month }}"' \
| grep -q true

2
.github/workflows/block-merge-freeze.yml vendored
View file

@ -29,7 +29,7 @@ jobs:
steps:
- name: Download version.php from ${{ github.base_ref }}
run: curl https://raw.githubusercontent.com/nextcloud/server/${{ github.base_ref }}/version.php --output version.php
run: curl 'https://raw.githubusercontent.com/nextcloud/server/${{ github.base_ref }}/version.php' --output version.php
- name: Run check
run: cat version.php | grep 'OC_VersionString' | grep -i -v 'RC'

4
.github/workflows/block-outdated-3rdparty.yml vendored
View file

@ -46,8 +46,8 @@ jobs:
- name: Compare if 3rdparty commits are different
run: |
echo '3rdparty/ seems to not point to the last commit of the dedicated branch:'
echo "Branch has: ${{ steps.actual.outputs.commit }}"
echo "${{ github.base_ref }} has: ${{ steps.target.outputs.commit }}"
echo 'Branch has: ${{ steps.actual.outputs.commit }}'
echo '${{ github.base_ref }} has: ${{ steps.target.outputs.commit }}'
- name: Fail if 3rdparty commits are different
if: ${{ steps.changes.outputs.src != 'false' && steps.actual.outputs.commit != steps.target.outputs.commit }}

22
.github/workflows/command-compile.yml vendored
View file

@ -37,7 +37,7 @@ jobs:
token: ${{ secrets.COMMAND_BOT_PAT }}
repository: ${{ github.event.repository.full_name }}
comment-id: ${{ github.event.comment.id }}
reactions: "+1"
reactions: '+1'
- name: Parse command
uses: skjnldsv/parse-command-comment@5c955203c52424151e6d0e58fb9de8a9f6a605a1 # v2
@ -77,8 +77,8 @@ jobs:
- name: Setup git
run: |
git config --local user.email "nextcloud-command@users.noreply.github.com"
git config --local user.name "nextcloud-command"
git config --local user.email 'nextcloud-command@users.noreply.github.com'
git config --local user.name 'nextcloud-command'
- name: Read package.json node and npm engines version
uses: skjnldsv/read-package-engines-version-actions@06d6baf7d8f41934ab630e97d9e6c0bc9c9ac5e4 # v3
@ -94,13 +94,13 @@ jobs:
cache: npm
- name: Set up npm ${{ steps.package-engines-versions.outputs.npmVersion }}
run: npm i -g npm@"${{ steps.package-engines-versions.outputs.npmVersion }}"
run: npm i -g 'npm@${{ steps.package-engines-versions.outputs.npmVersion }}'
- name: Rebase to ${{ needs.init.outputs.base_ref }}
if: ${{ contains(needs.init.outputs.arg1, 'rebase') }}
run: |
git fetch origin ${{ needs.init.outputs.base_ref }}:${{ needs.init.outputs.base_ref }}
git rebase origin/${{ needs.init.outputs.base_ref }}
git fetch origin '${{ needs.init.outputs.base_ref }}:${{ needs.init.outputs.base_ref }}'
git rebase 'origin/${{ needs.init.outputs.base_ref }}'
- name: Install dependencies & build
env:
@ -113,30 +113,30 @@ jobs:
- name: Commit default
if: ${{ !contains(needs.init.outputs.arg1, 'fixup') && !contains(needs.init.outputs.arg1, 'amend') }}
run: |
git add ${{ github.workspace }}${{ needs.init.outputs.git_path }}
git add '${{ github.workspace }}${{ needs.init.outputs.git_path }}'
git commit --signoff -m 'chore(assets): Recompile assets'
- name: Commit fixup
if: ${{ contains(needs.init.outputs.arg1, 'fixup') }}
run: |
git add ${{ github.workspace }}${{ needs.init.outputs.git_path }}
git add '${{ github.workspace }}${{ needs.init.outputs.git_path }}'
git commit --fixup=HEAD --signoff
- name: Commit amend
if: ${{ contains(needs.init.outputs.arg1, 'amend') }}
run: |
git add ${{ github.workspace }}${{ needs.init.outputs.git_path }}
git add '${{ github.workspace }}${{ needs.init.outputs.git_path }}'
git commit --amend --no-edit --signoff
# Remove any [skip ci] from the amended commit
git commit --amend -m "$(git log -1 --format='%B' | sed '/\[skip ci\]/d')"
- name: Push normally
if: ${{ !contains(needs.init.outputs.arg1, 'rebase') && !contains(needs.init.outputs.arg1, 'amend') }}
run: git push origin ${{ needs.init.outputs.head_ref }}
run: git push origin '${{ needs.init.outputs.head_ref }}'
- name: Force push
if: ${{ contains(needs.init.outputs.arg1, 'rebase') || contains(needs.init.outputs.arg1, 'amend') }}
run: git push --force origin ${{ needs.init.outputs.head_ref }}
run: git push --force origin '${{ needs.init.outputs.head_ref }}'
- name: Add reaction on failure
uses: peter-evans/create-or-update-comment@71345be0265236311c031f5c7866368bd1eff043 # v4.0.0

12
.github/workflows/command-pull-3rdparty.yml vendored
View file

@ -25,7 +25,7 @@ jobs:
token: ${{ secrets.COMMAND_BOT_PAT }}
repository: ${{ github.event.repository.full_name }}
comment-id: ${{ github.event.comment.id }}
reactions: "+1"
reactions: '+1'
- name: Init branch
uses: xt0rted/pull-request-comment-branch@d97294d304604fa98a2600a6e2f916a84b596dc7 # v1
@ -40,16 +40,16 @@ jobs:
- name: Setup git
run: |
git config --local user.email "nextcloud-command@users.noreply.github.com"
git config --local user.name "nextcloud-command"
git config --local user.email 'nextcloud-command@users.noreply.github.com'
git config --local user.name 'nextcloud-command'
- name: Pull 3rdparty
run: git submodule foreach 'if [ "$sm_path" == "3rdparty" ]; then git pull origin ${{ github.event.issue.pull_request.base.ref }}; fi'
run: git submodule foreach 'if [ "$sm_path" == "3rdparty" ]; then git pull origin '"'"'${{ github.event.issue.pull_request.base.ref }}'"'"'; fi'
- name: Commit and push changes
run: |
git add 3rdparty
git commit -s -m "Update submodule 3rdparty to latest ${{ github.event.issue.pull_request.base.ref }}"
git commit -s -m 'Update submodule 3rdparty to latest ${{ github.event.issue.pull_request.base.ref }}'
git push
- name: Add reaction on failure
@ -59,4 +59,4 @@ jobs:
token: ${{ secrets.COMMAND_BOT_PAT }}
repository: ${{ github.event.repository.full_name }}
comment-id: ${{ github.event.comment.id }}
reactions: "-1"
reactions: '-1'

11
.github/workflows/cypress.yml vendored
View file

@ -17,6 +17,7 @@ concurrency:
env:
# Adjust APP_NAME if your repository name is different
APP_NAME: ${{ github.event.repository.name }}
# Server requires head_ref instead of base_ref, as we want to test the PR branch
BRANCH: ${{ github.head_ref || github.ref_name }}
@ -52,7 +53,7 @@ jobs:
id: versions
with:
fallbackNode: "^20"
fallbackNpm: "^9"
fallbackNpm: "^10"
- name: Set up node ${{ steps.versions.outputs.nodeVersion }}
uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2
@ -60,7 +61,7 @@ jobs:
node-version: ${{ steps.versions.outputs.nodeVersion }}
- name: Set up npm ${{ steps.versions.outputs.npmVersion }}
run: npm i -g npm@"${{ steps.versions.outputs.npmVersion }}"
run: npm i -g 'npm@${{ steps.versions.outputs.npmVersion }}'
- name: Install node dependencies & build app
run: |
@ -85,9 +86,9 @@ jobs:
matrix:
# Run multiple copies of the current job in parallel
# Please increase the number or runners as your tests suite grows (0 based index for e2e tests)
containers: ["component", 0, 1, 2, 3, 4, 5]
containers: ["component", '0', '1', '2', '3', '4', '5']
# Hack as strategy.job-total includes the component and GitHub does not allow math expressions
# Always aling this number with the total of e2e runners (max. index + 1)
# Always align this number with the total of e2e runners (max. index + 1)
total-containers: [6]
name: runner ${{ matrix.containers }}
@ -106,7 +107,7 @@ jobs:
node-version: ${{ needs.init.outputs.nodeVersion }}
- name: Set up npm ${{ needs.init.outputs.npmVersion }}
run: npm i -g npm@"${{ needs.init.outputs.npmVersion }}"
run: npm i -g 'npm@${{ needs.init.outputs.npmVersion }}'
- name: Run ${{ matrix.containers == 'component' && 'component' || 'E2E' }} cypress tests
uses: cypress-io/github-action@f88a151c986cab2e339cdbede6a5c4468bb62c17 # v6.7.0

2
.github/workflows/dependabot-approve-merge.yml vendored
View file

@ -31,7 +31,7 @@ jobs:
pull-requests: write
steps:
# Github actions bot approve
# GitHub actions bot approve
- uses: hmarr/auto-approve-action@b40d6c9ed2fa10c9a2749eca7eb004418a705501 # v2
with:
github-token: ${{ secrets.GITHUB_TOKEN }}

2
.github/workflows/files-external-s3.yml vendored
View file

@ -56,7 +56,7 @@ jobs:
MINIO_ROOT_PASSWORD: bWluaW8tc2VjcmV0LWtleS1uZXh0Y2xvdWQ=
MINIO_DEFAULT_BUCKETS: nextcloud
ports:
- "9000:9000"
- '9000:9000'
steps:
- name: Checkout server

2
.github/workflows/files-external-sftp.yml vendored
View file

@ -61,7 +61,7 @@ jobs:
run: |
sudo mkdir /tmp/sftp
sudo chown -R 0777 /tmp/sftp
if [[ "${{ matrix.sftpd }}" == 'openssh' ]]; then docker run -p 2222:22 --name sftp -d -v /tmp/sftp:/home/test atmoz/sftp "test:test:::data"; fi
if [[ '${{ matrix.sftpd }}' == 'openssh' ]]; then docker run -p 2222:22 --name sftp -d -v /tmp/sftp:/home/test atmoz/sftp 'test:test:::data'; fi
- name: Set up php ${{ matrix.php-versions }}
uses: shivammathur/setup-php@c5fc0d8281aba02c7fda07d3a70cc5371548067d #v2.25.2

9
.github/workflows/lint-eslint.yml vendored
View file

@ -8,8 +8,7 @@
name: Lint eslint
on:
pull_request:
on: pull_request
permissions:
contents: read
@ -61,15 +60,15 @@ jobs:
id: versions
with:
fallbackNode: '^20'
fallbackNpm: '^9'
fallbackNpm: '^10'
- name: Set up node ${{ steps.versions.outputs.nodeVersion }}
uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2
uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v3
with:
node-version: ${{ steps.versions.outputs.nodeVersion }}
- name: Set up npm ${{ steps.versions.outputs.npmVersion }}
run: npm i -g npm@"${{ steps.versions.outputs.npmVersion }}"
run: npm i -g 'npm@${{ steps.versions.outputs.npmVersion }}'
- name: Install dependencies
env:

3
.github/workflows/lint-php-cs.yml vendored
View file

@ -50,10 +50,11 @@ jobs:
- name: Checkout
uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- name: Set up php
- name: Set up php8.1
uses: shivammathur/setup-php@c665c7a15b5295c2488ac8a87af9cb806cd72198 # v2
with:
php-version: 8.1
extensions: bz2, ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, session, simplexml, xmlreader, xmlwriter, zip, zlib, sqlite, pdo_sqlite
coverage: none
ini-file: development
env:

7
.github/workflows/lint-php.yml vendored
View file

@ -8,8 +8,7 @@
name: Lint php
on:
pull_request:
on: pull_request
permissions:
contents: read
@ -21,10 +20,8 @@ concurrency:
jobs:
changes:
runs-on: ubuntu-latest-low
outputs:
src: ${{ steps.changes.outputs.src}}
steps:
- uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2
id: changes
@ -50,7 +47,7 @@ jobs:
strategy:
matrix:
php-versions: [ "8.1", "8.2", "8.3" ]
php-versions: [ '8.1', '8.2', '8.3' ]
name: php-lint

6
.github/workflows/node-test.yml vendored
View file

@ -88,7 +88,7 @@ jobs:
node-version: ${{ needs.versions.outputs.nodeVersion }}
- name: Set up npm ${{ needs.versions.outputs.npmVersion }}
run: npm i -g npm@"${{ needs.versions.outputs.npmVersion }}"
run: npm i -g 'npm@${{ needs.versions.outputs.npmVersion }}'
- name: Install dependencies & build
run: |
@ -122,7 +122,7 @@ jobs:
node-version: ${{ needs.versions.outputs.nodeVersion }}
- name: Set up npm ${{ needs.versions.outputs.npmVersion }}
run: npm i -g npm@"${{ needs.versions.outputs.npmVersion }}"
run: npm i -g 'npm@${{ needs.versions.outputs.npmVersion }}'
- name: Install dependencies
run: npm ci
@ -150,7 +150,7 @@ jobs:
node-version: ${{ needs.versions.outputs.nodeVersion }}
- name: Set up npm ${{ needs.versions.outputs.npmVersion }}
run: npm i -g npm@"${{ needs.versions.outputs.npmVersion }}"
run: npm i -g 'npm@${{ needs.versions.outputs.npmVersion }}'
- name: Install dependencies
run: npm ci

9
.github/workflows/node.yml vendored
View file

@ -8,8 +8,7 @@
name: Node
on:
pull_request:
on: pull_request
permissions:
contents: read
@ -59,15 +58,15 @@ jobs:
id: versions
with:
fallbackNode: '^20'
fallbackNpm: '^9'
fallbackNpm: '^10'
- name: Set up node ${{ steps.versions.outputs.nodeVersion }}
uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2
uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v3
with:
node-version: ${{ steps.versions.outputs.nodeVersion }}
- name: Set up npm ${{ steps.versions.outputs.npmVersion }}
run: npm i -g npm@"${{ steps.versions.outputs.npmVersion }}"
run: npm i -g 'npm@${{ steps.versions.outputs.npmVersion }}'
- name: Install dependencies & build
env:

20
.github/workflows/npm-audit-fix.yml vendored
View file

@ -21,7 +21,7 @@ jobs:
strategy:
fail-fast: false
matrix:
branches: ["main", "master", "stable29", "stable28", "stable27"]
branches: ['main', 'master', 'stable29', 'stable28', 'stable27']
name: npm-audit-fix-${{ matrix.branches }}
@ -36,25 +36,24 @@ jobs:
id: versions
with:
fallbackNode: '^20'
fallbackNpm: '^9'
fallbackNpm: '^10'
- name: Set up node ${{ steps.versions.outputs.nodeVersion }}
uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2
uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v3
with:
node-version: ${{ steps.versions.outputs.nodeVersion }}
- name: Set up npm ${{ steps.versions.outputs.npmVersion }}
run: npm i -g npm@"${{ steps.versions.outputs.npmVersion }}"
run: npm i -g 'npm@${{ steps.versions.outputs.npmVersion }}'
- name: Fix npm audit
run: |
npm audit fix
id: npm-audit
uses: nextcloud-libraries/npm-audit-action@2a60bd2e79cc77f2cc4d9a3fe40f1a69896f3a87 # v0.1.0
- name: Run npm ci and npm run build
if: always()
env:
CYPRESS_INSTALL_BINARY: 0
PUPPETEER_SKIP_DOWNLOAD: true
run: |
npm ci
npm run build --if-present
@ -64,14 +63,13 @@ jobs:
uses: peter-evans/create-pull-request@6d6857d36972b65feb161a90e484f2984215f83e # v6.0.5
with:
token: ${{ secrets.COMMAND_BOT_PAT }}
commit-message: "fix(deps): fix npm audit"
commit-message: 'fix(deps): Fix npm audit'
committer: GitHub <noreply@github.com>
author: nextcloud-command <nextcloud-command@users.noreply.github.com>
signoff: true
branch: automated/noid/${{ matrix.branches }}-fix-npm-audit
title: "[${{ matrix.branches }}] Fix npm audit"
body: |
Auto-generated fix of npm audit
title: '[${{ matrix.branches }}] Fix npm audit'
body: ${{ steps.npm-audit.outputs.markdown }}
labels: |
dependencies
3. to review

3
.github/workflows/openapi.yml vendored
View file

@ -34,10 +34,11 @@ jobs:
php-version: '8.2'
extensions: xml
coverage: none
ini-file: development
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Composer install
- name: Set up dependencies
run: composer i
- name: OpenAPI checker

6
.github/workflows/performance.yml vendored
View file

@ -62,9 +62,9 @@ jobs:
- name: Apply PR
run: |
git remote add pr ${{ github.event.pull_request.head.repo.clone_url }}
git fetch pr ${{ github.event.pull_request.head.ref }}
git checkout -b pr/${{ github.event.pull_request.head.ref }}
git remote add pr '${{ github.event.pull_request.head.repo.clone_url }}'
git fetch pr '${{ github.event.pull_request.head.ref }}'
git checkout -b 'pr/${{ github.event.pull_request.head.ref }}'
git submodule update
./occ upgrade

7
.github/workflows/phpunit-mariadb.yml vendored
View file

@ -105,7 +105,7 @@ jobs:
- name: Enable ONLY_FULL_GROUP_BY MariaDB option
run: |
echo "SET GLOBAL sql_mode=(SELECT CONCAT(@@sql_mode,',ONLY_FULL_GROUP_BY'));" | mysql -h 127.0.0.1 -P 4444 -u root -prootpassword
echo "SELECT @@sql_mode;" | mysql -h 127.0.0.1 -P 4444 -u root -prootpassword
echo 'SELECT @@sql_mode;' | mysql -h 127.0.0.1 -P 4444 -u root -prootpassword
- name: Set up Nextcloud
env:
@ -127,11 +127,6 @@ jobs:
files: ./clover.db.xml
flags: phpunit-mariadb
- name: Print logs
if: always()
run: |
cat data/nextcloud.log
summary:
permissions:
contents: none

6
.github/workflows/pr-feedback.yml vendored
View file

@ -35,7 +35,7 @@ jobs:
with:
feedback-message: |
Hello there,
Thank you so much for taking the time and effort to create a pull request to our Nextcloud project.
Thank you so much for taking the time and effort to create a pull request to our Nextcloud project.
We hope that the review process is going smooth and is helpful for you. We want to ensure your pull request is reviewed to your satisfaction. If you have a moment, our community management team would very much appreciate your feedback on your experience with this PR review process.
@ -45,6 +45,6 @@ jobs:
(If you believe you should not receive this message, you can add yourself to the [blocklist](https://github.com/nextcloud/.github/blob/master/non-community-usernames.txt).)
days-before-feedback: 14
start-date: "2024-04-30"
exempt-authors: "${{ steps.blocklist.outputs.blocklist }},${{ steps.scrape.outputs.users }},nextcloud-command,nextcloud-android-bot"
start-date: '2024-04-30'
exempt-authors: '${{ steps.blocklist.outputs.blocklist }},${{ steps.scrape.outputs.users }},nextcloud-command,nextcloud-android-bot'
exempt-bots: true

8
.github/workflows/update-cacert-bundle.yml vendored
View file

@ -14,7 +14,7 @@ jobs:
strategy:
fail-fast: false
matrix:
branches: ["master", "stable29", "stable28", "stable27", "stable26", "stable25", "stable24", "stable23", "stable22"]
branches: ['master', 'stable29', 'stable28', 'stable27', 'stable26', 'stable25', 'stable24', 'stable23', 'stable22']
name: update-ca-certificate-bundle-${{ matrix.branches }}
@ -31,12 +31,12 @@ jobs:
uses: peter-evans/create-pull-request@6d6857d36972b65feb161a90e484f2984215f83e
with:
token: ${{ secrets.COMMAND_BOT_PAT }}
commit-message: "fix(security): Update CA certificate bundle"
commit-message: 'fix(security): Update CA certificate bundle'
committer: GitHub <noreply@github.com>
author: nextcloud-command <nextcloud-command@users.noreply.github.com>
signoff: true
branch: automated/noid/${{ matrix.branches }}-update-ca-cert-bundle
title: "[${{ matrix.branches }}] fix(security): Update CA certificate bundle"
branch: 'automated/noid/${{ matrix.branches }}-update-ca-cert-bundle'
title: '[${{ matrix.branches }}] fix(security): Update CA certificate bundle'
body: |
Auto-generated update of CA certificate bundle from [https://curl.se/docs/caextract.html](https://curl.se/docs/caextract.html)
labels: |

8
.github/workflows/update-code-signing-crl.yml vendored
View file

@ -14,7 +14,7 @@ jobs:
strategy:
fail-fast: false
matrix:
branches: ["master", "stable28", "stable27", "stable26", "stable25", "stable24", "stable23", "stable22"]
branches: ['master', 'stable29', 'stable28', 'stable27', 'stable26', 'stable25', 'stable24', 'stable23', 'stable22']
name: update-code-signing-crl-${{ matrix.branches }}
@ -34,12 +34,12 @@ jobs:
uses: peter-evans/create-pull-request@6d6857d36972b65feb161a90e484f2984215f83e
with:
token: ${{ secrets.COMMAND_BOT_PAT }}
commit-message: "fix(security): Update code signing revocation list"
commit-message: 'fix(security): Update code signing revocation list'
committer: GitHub <noreply@github.com>
author: nextcloud-command <nextcloud-command@users.noreply.github.com>
signoff: true
branch: automated/noid/${{ matrix.branches }}-update-code-signing-crl
title: "[${{ matrix.branches }}] fix(security): Update code signing revocation list"
branch: 'automated/noid/${{ matrix.branches }}-update-code-signing-crl'
title: '[${{ matrix.branches }}] fix(security): Update code signing revocation list'
body: |
Auto-generated update of code signing revocation list from [Appstore](https://github.com/nextcloud/appstore/commits/master/nextcloudappstore/certificate/nextcloud.crl)
labels: |

8
.github/workflows/update-psalm-baseline.yml vendored
View file

@ -16,7 +16,7 @@ jobs:
strategy:
fail-fast: false
matrix:
branches: ["master", "stable29", "stable28", "stable27"]
branches: ['master', 'stable29', 'stable28', 'stable27']
name: update-psalm-baseline-${{ matrix.branches }}
@ -55,12 +55,12 @@ jobs:
uses: peter-evans/create-pull-request@6d6857d36972b65feb161a90e484f2984215f83e
with:
token: ${{ secrets.COMMAND_BOT_PAT }}
commit-message: "chore(tests): Update psalm baseline"
commit-message: 'chore(tests): Update psalm baseline'
committer: GitHub <noreply@github.com>
author: nextcloud-command <nextcloud-command@users.noreply.github.com>
signoff: true
branch: automated/noid/${{ matrix.branches }}-update-psalm-baseline
title: "[${{ matrix.branches }}] Update psalm-baseline.xml"
branch: 'automated/noid/${{ matrix.branches }}-update-psalm-baseline'
title: '[${{ matrix.branches }}] Update psalm-baseline.xml'
body: |
Auto-generated update psalm-baseline.xml with fixed psalm warnings
labels: |