mirror of
https://github.com/nextcloud/server.git
synced 2026-04-29 01:50:33 -04:00
0a6c8b46fe
Bumps the github-actions group with 5 updates: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `4.1.1` | `4.2.2` | | [shivammathur/setup-php](https://github.com/shivammathur/setup-php) | `2.25.2` | `2.31.1` | | [actions/setup-node](https://github.com/actions/setup-node) | `4.0.4` | `4.1.0` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.4.0` | `4.4.3` | | [codecov/codecov-action](https://github.com/codecov/codecov-action) | `4.5.0` | `4.6.0` | Updates `actions/checkout` from 4.1.1 to 4.2.2 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v4.1.1...11bd71901bbe5b1630ceea73d27597364c9af683) Updates `shivammathur/setup-php` from 2.25.2 to 2.31.1 - [Release notes](https://github.com/shivammathur/setup-php/releases) - [Commits](https://github.com/shivammathur/setup-php/compare/2.25.2...c541c155eee45413f5b09a52248675b1a2575231) Updates `actions/setup-node` from 4.0.4 to 4.1.0 - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](0a44ba7841...39370e3970) Updates `actions/upload-artifact` from 4.4.0 to 4.4.3 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](50769540e7...b4b15b8c7c) Updates `codecov/codecov-action` from 4.5.0 to 4.6.0 - [Release notes](https://github.com/codecov/codecov-action/releases) - [Commits](https://github.com/codecov/codecov-action/compare/v4.5.0...v4.6.0) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: shivammathur/setup-php dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/setup-node dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: codecov/codecov-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com>
48 lines
1.9 KiB
YAML
48 lines
1.9 KiB
YAML
# SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors
|
|
# SPDX-License-Identifier: MIT
|
|
name: Update code signing revocation list
|
|
|
|
on:
|
|
workflow_dispatch:
|
|
schedule:
|
|
- cron: "5 2 * * *"
|
|
|
|
jobs:
|
|
update-code-signing-crl:
|
|
runs-on: ubuntu-latest
|
|
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
branches: ['master', 'stable30', 'stable29', 'stable28', 'stable27', 'stable26', 'stable25', 'stable24', 'stable23', 'stable22']
|
|
|
|
name: update-code-signing-crl-${{ matrix.branches }}
|
|
|
|
steps:
|
|
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
|
|
with:
|
|
ref: ${{ matrix.branches }}
|
|
submodules: true
|
|
|
|
- name: Download CRL file from Appstore repository
|
|
run: curl --output resources/codesigning/root.crl https://raw.githubusercontent.com/nextcloud/appstore/master/nextcloudappstore/certificate/nextcloud.crl
|
|
|
|
- name: Verify CRL is from CRT
|
|
run: openssl crl -verify -in resources/codesigning/root.crl -CAfile resources/codesigning/root.crt -noout
|
|
|
|
- name: Create Pull Request
|
|
uses: peter-evans/create-pull-request@5e914681df9dc83aa4e4905692ca88beb2f9e91f
|
|
with:
|
|
token: ${{ secrets.COMMAND_BOT_PAT }}
|
|
commit-message: 'fix(security): Update code signing revocation list'
|
|
committer: GitHub <noreply@github.com>
|
|
author: nextcloud-command <nextcloud-command@users.noreply.github.com>
|
|
signoff: true
|
|
branch: 'automated/noid/${{ matrix.branches }}-update-code-signing-crl'
|
|
title: '[${{ matrix.branches }}] fix(security): Update code signing revocation list'
|
|
body: |
|
|
Auto-generated update of code signing revocation list from [Appstore](https://github.com/nextcloud/appstore/commits/master/nextcloudappstore/certificate/nextcloud.crl)
|
|
labels: |
|
|
dependencies
|
|
3. to review
|
|
reviewers: mgallien, miaulalala, nickvergessen
|