summaryrefslogtreecommitdiff
path: root/.github
Commit message (Collapse)AuthorAge
* Switch to version pin for slsa generator (as it is required)Darius Jahandarie2023-10-01
|
* Add SLSA provenance to releasesDarius Jahandarie2023-10-01
|
* Fix bug in publish-firefox-development, use correct filepathDarius Jahandarie2023-09-24
|
* Fix bug in prerelease CI workflowDarius Jahandarie2023-09-24
|
* Merge pull request #253 from themoeway/reduce-dependabot-frequencyDarius Jahandarie2023-09-23
|\ | | | | | | Reduce dependabot frequency from weekly to monthly
| * Reduce dependabot frequency from weekly to monthlyDarius Jahandarie2023-09-23
| |
* | Bump dawidd6/action-download-artifact from 2.27.0 to 2.28.0dependabot[bot]2023-09-23
|/ | | | | | | | | | | | | | Bumps [dawidd6/action-download-artifact](https://github.com/dawidd6/action-download-artifact) from 2.27.0 to 2.28.0. - [Release notes](https://github.com/dawidd6/action-download-artifact/releases) - [Commits](https://github.com/dawidd6/action-download-artifact/compare/246dbf436b23d7c49e21a7ab8204ca9ecd1fe615...268677152d06ba59fcec7a7f0b5d961b6ccd7e1e) --- updated-dependencies: - dependency-name: dawidd6/action-download-artifact dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* Merge pull request #222 from ↵Darius Jahandarie2023-09-23
|\ | | | | | | | | | | themoeway/dependabot/github_actions/actions/upload-artifact-3 Bump actions/upload-artifact from 2 to 3
| * Remove incorrect version comment in scorecard.ymlDarius Jahandarie2023-09-23
| |
| * Bump actions/upload-artifact from 2 to 3dependabot[bot]2023-08-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 2 to 3. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v2...v3) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
* | Merge pull request #237 from ↵Darius Jahandarie2023-09-23
|\ \ | | | | | | | | | | | | | | | themoeway/dependabot/github_actions/actions/checkout-4 Bump actions/checkout from 3 to 4
| * | Remove incorrect checkout version comment in scorecard.ymlDarius Jahandarie2023-09-23
| | |
| * | Bump actions/checkout from 3 to 4dependabot[bot]2023-09-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v3...v4) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
* | | Merge pull request #234 from ↵Darius Jahandarie2023-09-23
|\ \ \ | | | | | | | | | | | | | | | | | | | | themoeway/dependabot/github_actions/ad-m/github-push-action-29f05e01bb17e6f28228b47437e03a7b69e1f9ef Bump ad-m/github-push-action from 9a2e3c14aaecf56d5816dc3a54514f82050820b2 to 29f05e01bb17e6f28228b47437e03a7b69e1f9ef
| * | | Bump ad-m/github-push-actiondependabot[bot]2023-08-28
| | |/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [ad-m/github-push-action](https://github.com/ad-m/github-push-action) from 9a2e3c14aaecf56d5816dc3a54514f82050820b2 to 29f05e01bb17e6f28228b47437e03a7b69e1f9ef. - [Release notes](https://github.com/ad-m/github-push-action/releases) - [Commits](https://github.com/ad-m/github-push-action/compare/9a2e3c14aaecf56d5816dc3a54514f82050820b2...29f05e01bb17e6f28228b47437e03a7b69e1f9ef) --- updated-dependencies: - dependency-name: ad-m/github-push-action dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
* | | Group minor/patch updates together in dependabot configDarius Jahandarie2023-09-23
| |/ |/|
* | Remove hardcoded version from manifestDarius Jahandarie2023-09-23
|/ | | | | | * Dynamically set version as argument to build script * Set version using tag ref_name in CI * [Cleanup] gitignore ext/manifest.json as it's dynamically generated
* Merge pull request #219 from themoeway/fix-workflow-permissionsDarius Jahandarie2023-08-20
|\ | | | | | | Restrict workflow permissions to satisfy OSSF Scorecard
| * Restrict workflow permissions to satisfy OSSF ScorecardDarius Jahandarie2023-08-20
| |
* | Merge branch 'master' into codeql-workflowDarius Jahandarie2023-08-20
|\|
| * Fix auto-approval CI workflowDarius Jahandarie2023-08-20
| |
| * Auto-approve safe PRsDarius Jahandarie2023-08-20
| |
* | Use custom CodeQL workflowDarius Jahandarie2023-08-20
|/
* Use a fine-grained PAT in scorecard.ymlDarius Jahandarie2023-08-20
| | | For additional checks in the scorecard, such as branch protection checks.
* Fix caching and fonts in playwright.ymlDarius Jahandarie2023-08-20
| | | | | | | When playwright is installed (i.e., not pulled from cache), the `--with-deps` flag causes it to pull in system dependencies as well. That makes the current caching strategy incoherent, as those dependencies will not be part of the cache as defined. Causing different behavior when pulling from cache vs installing fresh. In particular, some of the dependencies it pulls in are fonts, which causes the output of the test to change due to the available fonts changing. In fact, fonts are the _only_ dependencies it pulls in, everything else is already present in the stock ubuntu image. So it seems fine to just remove `--with-deps` and just pull in the image. If we discover we need system deps at any point, we can use `npx playwright install-deps chromium` in a separate command to pull in those deps, and figure out an alternate caching strategy fo rthem.
* Fix typo in publish-firefox-development.ymlDarius Jahandarie2023-08-19
|
* Bump ossf/scorecard-action from 2.1.3 to 2.2.0dependabot[bot]2023-08-19
| | | | | | | | | | | | | | | Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.1.3 to 2.2.0. - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](https://github.com/ossf/scorecard-action/compare/80e868c13c90f172d68d1f4501dee99e2479f7af...08b4669551908b1024bb425080c797723083c031) --- updated-dependencies: - dependency-name: ossf/scorecard-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* Merge pull request #200 from ↵Darius Jahandarie2023-08-19
|\ | | | | | | | | themoeway/dependabot/github_actions/ad-m/github-push-action-9a2e3c14aaecf56d5816dc3a54514f82050820b2 Bump ad-m/github-push-action from 0fafdd62b84042d49ec0cb92d9cac7f7ce4ec79e to 9a2e3c14aaecf56d5816dc3a54514f82050820b2
| * Bump ad-m/github-push-actiondependabot[bot]2023-08-17
| | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [ad-m/github-push-action](https://github.com/ad-m/github-push-action) from 0fafdd62b84042d49ec0cb92d9cac7f7ce4ec79e to 9a2e3c14aaecf56d5816dc3a54514f82050820b2. - [Release notes](https://github.com/ad-m/github-push-action/releases) - [Commits](https://github.com/ad-m/github-push-action/compare/0fafdd62b84042d49ec0cb92d9cac7f7ce4ec79e...9a2e3c14aaecf56d5816dc3a54514f82050820b2) --- updated-dependencies: - dependency-name: ad-m/github-push-action dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
* | Bump github/codeql-action from 2.2.9 to 2.21.4dependabot[bot]2023-08-19
|/ | | | | | | | | | | | | | | Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.2.9 to 2.21.4. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/04df1262e6247151b5ac09cd2c303ac36ad3f62b...a09933a12a80f87b87005513f0abb1494c27a716) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* Remove font checkEwan Fox2023-08-16
|
* Revert and Fix!Ewan Fox2023-08-16
|
* Merge pull request #154 from ↵dependabot[bot]2023-06-04
|\ | | | | | | themoeway/dependabot/github_actions/lycheeverse/lychee-action-1.8.0
| * Bump lycheeverse/lychee-action from 1.6.1 to 1.8.0dependabot[bot]2023-05-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [lycheeverse/lychee-action](https://github.com/lycheeverse/lychee-action) from 1.6.1 to 1.8.0. - [Release notes](https://github.com/lycheeverse/lychee-action/releases) - [Commits](https://github.com/lycheeverse/lychee-action/compare/9ace499fe66cee282a29eaa628fdac2c72fa087f...ec3ed119d4f44ad2673a7232460dc7dff59d2421) --- updated-dependencies: - dependency-name: lycheeverse/lychee-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* | Merge pull request #152 from ↵dependabot[bot]2023-06-04
|\ \ | | | | | | | | | themoeway/dependabot/github_actions/robinraju/release-downloader-1.8
| * | Bump robinraju/release-downloader from 1.7 to 1.8dependabot[bot]2023-05-08
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [robinraju/release-downloader](https://github.com/robinraju/release-downloader) from 1.7 to 1.8. - [Release notes](https://github.com/robinraju/release-downloader/releases) - [Commits](https://github.com/robinraju/release-downloader/compare/768b85c8d69164800db5fc00337ab917daf3ce68...efa4cd07bd0195e6cc65e9e30c251b49ce4d3e51) --- updated-dependencies: - dependency-name: robinraju/release-downloader dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* / Bump dawidd6/action-download-artifact from 2.26.0 to 2.27.0dependabot[bot]2023-04-17
|/ | | | | | | | | | | | | | Bumps [dawidd6/action-download-artifact](https://github.com/dawidd6/action-download-artifact) from 2.26.0 to 2.27.0. - [Release notes](https://github.com/dawidd6/action-download-artifact/releases) - [Commits](https://github.com/dawidd6/action-download-artifact/compare/5e780fc7bbd0cac69fc73271ed86edf5dcb72d67...246dbf436b23d7c49e21a7ab8204ca9ecd1fe615) --- updated-dependencies: - dependency-name: dawidd6/action-download-artifact dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* fix publish-firefox-development's upload_url for xpiDarius Jahandarie2023-04-07
|
* playwright: try to make sure font installs properlyDarius Jahandarie2023-04-03
|
* Bump github/codeql-action from 2.2.4 to 2.2.9dependabot[bot]2023-04-02
| | | | | | | | | | | | | | | Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.2.4 to 2.2.9. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/17573ee1cc1b9d061760f3a006fc4aac4f944fd5...04df1262e6247151b5ac09cd2c303ac36ad3f62b) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* ossf/scorecard-action 2.1.2 -> 2.1.3Darius Jahandarie2023-04-02
|
* Remove playwright test results from comment because they are sometimes too ↵Darius Jahandarie2023-04-02
| | | | big and cause it to fail.
* Make playwright_comment work even when there are retries / flaky testsDarius Jahandarie2023-04-02
|
* playwright: add cjk fontsxy2_2023-03-30
| | | | By default CJK fonts are not installed on the Ubuntu image,
* Merge branch 'master' into cjkxy22023-03-30
|\
| * Continue fixing playwright_commentDarius Jahandarie2023-03-30
| |
| * Continue fixing playwright_commentDarius Jahandarie2023-03-30
| |
| * Continue to fix playwright_commentDarius Jahandarie2023-03-30
| |
| * Fix more errors in playwright_commentDarius Jahandarie2023-03-30
| |
| * Fix error in playwright_commentDarius Jahandarie2023-03-27
| |