summaryrefslogtreecommitdiff
path: root/.github
Commit message (Collapse)AuthorAge
* Merge pull request #298 from ↵Darius Jahandarie2023-11-02
|\ | | | | | | | | | | themoeway/dependabot/github_actions/actions/setup-node-4 build(deps): bump actions/setup-node from 3 to 4
| * build(deps): bump actions/setup-node from 3 to 4dependabot[bot]2023-11-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [actions/setup-node](https://github.com/actions/setup-node) from 3 to 4. - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](https://github.com/actions/setup-node/compare/v3...v4) --- updated-dependencies: - dependency-name: actions/setup-node dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
* | Merge pull request #297 from ↵Darius Jahandarie2023-11-02
|\ \ | | | | | | | | | | | | | | | themoeway/dependabot/github_actions/minor-9d4a252c6e build(deps): bump the minor group with 3 updates
| * | build(deps): bump the minor group with 3 updatesdependabot[bot]2023-11-01
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps the minor group with 3 updates: [awalsh128/cache-apt-pkgs-action](https://github.com/awalsh128/cache-apt-pkgs-action), [ad-m/github-push-action](https://github.com/ad-m/github-push-action) and [ossf/scorecard-action](https://github.com/ossf/scorecard-action). Updates `awalsh128/cache-apt-pkgs-action` from 1.3.0 to 1.3.1 - [Release notes](https://github.com/awalsh128/cache-apt-pkgs-action/releases) - [Commits](https://github.com/awalsh128/cache-apt-pkgs-action/compare/1850ee53f6e706525805321a3f2f863dcf73c962...44c33b32f808cdddd5ac0366d70595ed63661ed8) Updates `ad-m/github-push-action` from 0.7.0 to 0.8.0 - [Release notes](https://github.com/ad-m/github-push-action/releases) - [Commits](https://github.com/ad-m/github-push-action/compare/29f05e01bb17e6f28228b47437e03a7b69e1f9ef...d91a481090679876dfc4178fef17f286781251df) Updates `ossf/scorecard-action` from 2.2.0 to 2.3.1 - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](https://github.com/ossf/scorecard-action/compare/08b4669551908b1024bb425080c797723083c031...0864cf19026789058feabb7e87baa5f140aac736) --- updated-dependencies: - dependency-name: awalsh128/cache-apt-pkgs-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor - dependency-name: ad-m/github-push-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor - dependency-name: ossf/scorecard-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor ... Signed-off-by: dependabot[bot] <support@github.com>
* / add playwright sw env variable in action workflowjbukl2023-11-01
|/
* Fix version number in Firefox updates.json in CDDarius Jahandarie2023-10-24
|
* Fix whitespaceDarius Jahandarie2023-10-22
|
* Fix errors in publish-firefox-development.ymlDarius Jahandarie2023-10-22
|
* Merge pull request #146 from ↵Darius Jahandarie2023-10-21
|\ | | | | | | | | | | themoeway/dependabot/github_actions/cardinalby/schema-validator-action-3.0.0 Bump cardinalby/schema-validator-action from 1.1.1 to 3.1.0
| * Update schema-validator-action to 3.1.0Darius Jahandarie2023-10-21
| |
| * Merge branch 'master' into ↵Darius Jahandarie2023-10-01
| |\ | | | | | | | | | dependabot/github_actions/cardinalby/schema-validator-action-3.0.0
| * | Turn on lax mode, fix versionDarius Jahandarie2023-10-01
| | |
| * | Bump cardinalby/schema-validator-action from 1.1.1 to 3.0.0dependabot[bot]2023-08-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [cardinalby/schema-validator-action](https://github.com/cardinalby/schema-validator-action) from 1.1.1 to 3.0.0. - [Release notes](https://github.com/cardinalby/schema-validator-action/releases) - [Commits](https://github.com/cardinalby/schema-validator-action/compare/c2da05377e89dd0c9b7be9420da0b3534b1efcce...8407573c2627c5159428cf9fa3770d13b2360a27) --- updated-dependencies: - dependency-name: cardinalby/schema-validator-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
* | | Switch to version pin for slsa generator (as it is required)Darius Jahandarie2023-10-01
| | |
* | | Add SLSA provenance to releasesDarius Jahandarie2023-10-01
| |/ |/|
* | Fix bug in publish-firefox-development, use correct filepathDarius Jahandarie2023-09-24
| |
* | Fix bug in prerelease CI workflowDarius Jahandarie2023-09-24
| |
* | Merge pull request #253 from themoeway/reduce-dependabot-frequencyDarius Jahandarie2023-09-23
|\ \ | | | | | | | | | Reduce dependabot frequency from weekly to monthly
| * | Reduce dependabot frequency from weekly to monthlyDarius Jahandarie2023-09-23
| | |
* | | Bump dawidd6/action-download-artifact from 2.27.0 to 2.28.0dependabot[bot]2023-09-23
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [dawidd6/action-download-artifact](https://github.com/dawidd6/action-download-artifact) from 2.27.0 to 2.28.0. - [Release notes](https://github.com/dawidd6/action-download-artifact/releases) - [Commits](https://github.com/dawidd6/action-download-artifact/compare/246dbf436b23d7c49e21a7ab8204ca9ecd1fe615...268677152d06ba59fcec7a7f0b5d961b6ccd7e1e) --- updated-dependencies: - dependency-name: dawidd6/action-download-artifact dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* | Merge pull request #222 from ↵Darius Jahandarie2023-09-23
|\ \ | | | | | | | | | | | | | | | themoeway/dependabot/github_actions/actions/upload-artifact-3 Bump actions/upload-artifact from 2 to 3
| * | Remove incorrect version comment in scorecard.ymlDarius Jahandarie2023-09-23
| | |
| * | Bump actions/upload-artifact from 2 to 3dependabot[bot]2023-08-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 2 to 3. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v2...v3) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
* | | Merge pull request #237 from ↵Darius Jahandarie2023-09-23
|\ \ \ | | | | | | | | | | | | | | | | | | | | themoeway/dependabot/github_actions/actions/checkout-4 Bump actions/checkout from 3 to 4
| * | | Remove incorrect checkout version comment in scorecard.ymlDarius Jahandarie2023-09-23
| | | |
| * | | Bump actions/checkout from 3 to 4dependabot[bot]2023-09-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v3...v4) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
* | | | Merge pull request #234 from ↵Darius Jahandarie2023-09-23
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | themoeway/dependabot/github_actions/ad-m/github-push-action-29f05e01bb17e6f28228b47437e03a7b69e1f9ef Bump ad-m/github-push-action from 9a2e3c14aaecf56d5816dc3a54514f82050820b2 to 29f05e01bb17e6f28228b47437e03a7b69e1f9ef
| * | | | Bump ad-m/github-push-actiondependabot[bot]2023-08-28
| | |/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [ad-m/github-push-action](https://github.com/ad-m/github-push-action) from 9a2e3c14aaecf56d5816dc3a54514f82050820b2 to 29f05e01bb17e6f28228b47437e03a7b69e1f9ef. - [Release notes](https://github.com/ad-m/github-push-action/releases) - [Commits](https://github.com/ad-m/github-push-action/compare/9a2e3c14aaecf56d5816dc3a54514f82050820b2...29f05e01bb17e6f28228b47437e03a7b69e1f9ef) --- updated-dependencies: - dependency-name: ad-m/github-push-action dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
* | | | Group minor/patch updates together in dependabot configDarius Jahandarie2023-09-23
| |/ / |/| |
* | | Remove hardcoded version from manifestDarius Jahandarie2023-09-23
|/ / | | | | | | | | | | * Dynamically set version as argument to build script * Set version using tag ref_name in CI * [Cleanup] gitignore ext/manifest.json as it's dynamically generated
* | Merge pull request #219 from themoeway/fix-workflow-permissionsDarius Jahandarie2023-08-20
|\ \ | | | | | | | | | Restrict workflow permissions to satisfy OSSF Scorecard
| * | Restrict workflow permissions to satisfy OSSF ScorecardDarius Jahandarie2023-08-20
| | |
* | | Merge branch 'master' into codeql-workflowDarius Jahandarie2023-08-20
|\| |
| * | Fix auto-approval CI workflowDarius Jahandarie2023-08-20
| | |
| * | Auto-approve safe PRsDarius Jahandarie2023-08-20
| | |
* | | Use custom CodeQL workflowDarius Jahandarie2023-08-20
|/ /
* | Use a fine-grained PAT in scorecard.ymlDarius Jahandarie2023-08-20
| | | | | | For additional checks in the scorecard, such as branch protection checks.
* | Fix caching and fonts in playwright.ymlDarius Jahandarie2023-08-20
| | | | | | | | | | | | | | When playwright is installed (i.e., not pulled from cache), the `--with-deps` flag causes it to pull in system dependencies as well. That makes the current caching strategy incoherent, as those dependencies will not be part of the cache as defined. Causing different behavior when pulling from cache vs installing fresh. In particular, some of the dependencies it pulls in are fonts, which causes the output of the test to change due to the available fonts changing. In fact, fonts are the _only_ dependencies it pulls in, everything else is already present in the stock ubuntu image. So it seems fine to just remove `--with-deps` and just pull in the image. If we discover we need system deps at any point, we can use `npx playwright install-deps chromium` in a separate command to pull in those deps, and figure out an alternate caching strategy fo rthem.
* | Fix typo in publish-firefox-development.ymlDarius Jahandarie2023-08-19
| |
* | Bump ossf/scorecard-action from 2.1.3 to 2.2.0dependabot[bot]2023-08-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.1.3 to 2.2.0. - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](https://github.com/ossf/scorecard-action/compare/80e868c13c90f172d68d1f4501dee99e2479f7af...08b4669551908b1024bb425080c797723083c031) --- updated-dependencies: - dependency-name: ossf/scorecard-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* | Merge pull request #200 from ↵Darius Jahandarie2023-08-19
|\ \ | | | | | | | | | | | | themoeway/dependabot/github_actions/ad-m/github-push-action-9a2e3c14aaecf56d5816dc3a54514f82050820b2 Bump ad-m/github-push-action from 0fafdd62b84042d49ec0cb92d9cac7f7ce4ec79e to 9a2e3c14aaecf56d5816dc3a54514f82050820b2
| * | Bump ad-m/github-push-actiondependabot[bot]2023-08-17
| |/ | | | | | | | | | | | | | | | | | | | | | | | | Bumps [ad-m/github-push-action](https://github.com/ad-m/github-push-action) from 0fafdd62b84042d49ec0cb92d9cac7f7ce4ec79e to 9a2e3c14aaecf56d5816dc3a54514f82050820b2. - [Release notes](https://github.com/ad-m/github-push-action/releases) - [Commits](https://github.com/ad-m/github-push-action/compare/0fafdd62b84042d49ec0cb92d9cac7f7ce4ec79e...9a2e3c14aaecf56d5816dc3a54514f82050820b2) --- updated-dependencies: - dependency-name: ad-m/github-push-action dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
* / Bump github/codeql-action from 2.2.9 to 2.21.4dependabot[bot]2023-08-19
|/ | | | | | | | | | | | | | | Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.2.9 to 2.21.4. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/04df1262e6247151b5ac09cd2c303ac36ad3f62b...a09933a12a80f87b87005513f0abb1494c27a716) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* Remove font checkEwan Fox2023-08-16
|
* Revert and Fix!Ewan Fox2023-08-16
|
* Merge pull request #154 from ↵dependabot[bot]2023-06-04
|\ | | | | | | themoeway/dependabot/github_actions/lycheeverse/lychee-action-1.8.0
| * Bump lycheeverse/lychee-action from 1.6.1 to 1.8.0dependabot[bot]2023-05-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [lycheeverse/lychee-action](https://github.com/lycheeverse/lychee-action) from 1.6.1 to 1.8.0. - [Release notes](https://github.com/lycheeverse/lychee-action/releases) - [Commits](https://github.com/lycheeverse/lychee-action/compare/9ace499fe66cee282a29eaa628fdac2c72fa087f...ec3ed119d4f44ad2673a7232460dc7dff59d2421) --- updated-dependencies: - dependency-name: lycheeverse/lychee-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* | Merge pull request #152 from ↵dependabot[bot]2023-06-04
|\ \ | | | | | | | | | themoeway/dependabot/github_actions/robinraju/release-downloader-1.8
| * | Bump robinraju/release-downloader from 1.7 to 1.8dependabot[bot]2023-05-08
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [robinraju/release-downloader](https://github.com/robinraju/release-downloader) from 1.7 to 1.8. - [Release notes](https://github.com/robinraju/release-downloader/releases) - [Commits](https://github.com/robinraju/release-downloader/compare/768b85c8d69164800db5fc00337ab917daf3ce68...efa4cd07bd0195e6cc65e9e30c251b49ce4d3e51) --- updated-dependencies: - dependency-name: robinraju/release-downloader dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* / Bump dawidd6/action-download-artifact from 2.26.0 to 2.27.0dependabot[bot]2023-04-17
|/ | | | | | | | | | | | | | Bumps [dawidd6/action-download-artifact](https://github.com/dawidd6/action-download-artifact) from 2.26.0 to 2.27.0. - [Release notes](https://github.com/dawidd6/action-download-artifact/releases) - [Commits](https://github.com/dawidd6/action-download-artifact/compare/5e780fc7bbd0cac69fc73271ed86edf5dcb72d67...246dbf436b23d7c49e21a7ab8204ca9ecd1fe615) --- updated-dependencies: - dependency-name: dawidd6/action-download-artifact dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>