diff --git a/.github/workflows/appstore-build-publish.yml b/.github/workflows/appstore-build-publish.yml
index 6f97963f6..6a223fb9b 100644
--- a/.github/workflows/appstore-build-publish.yml
+++ b/.github/workflows/appstore-build-publish.yml
@@ -74,6 +74,7 @@ jobs:
uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
with:
node-version: ${{ steps.versions.outputs.nodeVersion }}
+ package-manager-cache: false
- name: Set up npm ${{ steps.versions.outputs.npmVersion }}
# Skip if no package.json
@@ -82,12 +83,12 @@ jobs:
- name: Get php version
id: php-versions
- uses: icewind1991/nextcloud-version-matrix@8a7bac6300b2f0f3100088b297995a229558ddba # v1.3.2.3.1.3.2
+ uses: icewind1991/nextcloud-version-matrix@8a7bac6300b2f0f3100088b297995a229558ddba # v1.3.2
with:
filename: ${{ env.APP_NAME }}/appinfo/info.xml
- name: Set up php ${{ steps.php-versions.outputs.php-min }}
- uses: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1 # v2.36.0
+ uses: shivammathur/setup-php@7c071dfe9dc99bdf297fa79cb49ea005b9fcadbc # 2.37.1
with:
php-version: ${{ steps.php-versions.outputs.php-min }}
coverage: none
@@ -96,7 +97,7 @@ jobs:
- name: Check composer.json
id: check_composer
- uses: andstor/file-existence-action@076e0072799f4942c8bc574a82233e1e4d13e9d6 # v3.0.0
+ uses: andstor/file-existence-action@558493d6c74bf472d87c84eab196434afc2fa029 # v3.1.0
with:
files: "${{ env.APP_NAME }}/composer.json"
@@ -118,7 +119,7 @@ jobs:
- name: Check Krankerl config
id: krankerl
- uses: andstor/file-existence-action@076e0072799f4942c8bc574a82233e1e4d13e9d6 # v3.0.0
+ uses: andstor/file-existence-action@558493d6c74bf472d87c84eab196434afc2fa029 # v3.1.0
with:
files: ${{ env.APP_NAME }}/krankerl.toml
@@ -181,7 +182,7 @@ jobs:
tar -zcvf ${{ env.APP_NAME }}.tar.gz ${{ env.APP_NAME }}
- name: Attach tarball to github release
- uses: svenstaro/upload-release-action@29e53e917877a24fad85510ded594ab3c9ca12de # v2.11.5
+ uses: svenstaro/upload-release-action@29e53e917877a24fad85510ded594ab3c9ca12de # 2.11.5
id: attach_to_release
with:
repo_token: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/dependabot-approve-merge.yml b/.github/workflows/dependabot-approve-merge.yml
index c0411c057..dd28a484a 100644
--- a/.github/workflows/dependabot-approve-merge.yml
+++ b/.github/workflows/dependabot-approve-merge.yml
@@ -24,10 +24,10 @@ concurrency:
jobs:
auto-approve-merge:
- if: github.event.pull_request.user.login == 'dependabot[bot]' || github.event.pull_request.user.login == 'renovate[bot]'
+ if: github.event.pull_request.user.login == 'dependabot[bot]'
runs-on: ubuntu-latest-low
permissions:
- # for hmarr/auto-approve-action to approve PRs
+ # for auto-approve step to work
pull-requests: write
# for alexwilson/enable-github-automerge-action to approve PRs
contents: write
@@ -44,15 +44,22 @@ jobs:
with:
repo-token: ${{ secrets.GITHUB_TOKEN }}
- # GitHub actions bot approve
- - uses: hmarr/auto-approve-action@f0939ea97e9205ef24d872e76833fa908a770363 # v4.0.0
- if: startsWith(steps.branchname.outputs.branch, 'dependabot/')
+ - name: Dependabot metadata
+ id: metadata
+ uses: dependabot/fetch-metadata@25dd0e34f4fe68f24cc83900b1fe3fe149efef98 # v3.1.0
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
+ - name: GitHub actions bot approve
+ if: startsWith(steps.branchname.outputs.branch, 'dependabot/')
+ run: gh pr review --approve "$PR_URL"
+ env:
+ PR_URL: ${{ github.event.pull_request.html_url }}
+ GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
# Enable GitHub auto merge
- name: Auto merge
- uses: alexwilson/enable-github-automerge-action@56e3117d1ae1540309dc8f7a9f2825bc3c5f06ff # v2.0.0
- if: startsWith(steps.branchname.outputs.branch, 'dependabot/')
+ uses: alexwilson/enable-github-automerge-action@2c32e18a76e0726ffe7a573bfff2d42a20885126 # 3.0.0
+ if: startsWith(steps.branchname.outputs.branch, 'dependabot/') && (github.event.action == 'opened' || github.event.action == 'reopened') && (steps.metadata.outputs.update-type == 'version-update:semver-patch' || steps.metadata.outputs.update-type == 'version-update:semver-minor')
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/lint-php-cs.yml b/.github/workflows/lint-php-cs.yml
index be0b1dbcf..60102e892 100644
--- a/.github/workflows/lint-php-cs.yml
+++ b/.github/workflows/lint-php-cs.yml
@@ -31,10 +31,10 @@ jobs:
- name: Get php version
id: versions
- uses: icewind1991/nextcloud-version-matrix@8a7bac6300b2f0f3100088b297995a229558ddba # v1.3.2.3.1.3.2
+ uses: icewind1991/nextcloud-version-matrix@8a7bac6300b2f0f3100088b297995a229558ddba # v1.3.2
- name: Set up php${{ steps.versions.outputs.php-min }}
- uses: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1 # v2.36.0
+ uses: shivammathur/setup-php@7c071dfe9dc99bdf297fa79cb49ea005b9fcadbc # 2.37.1
with:
php-version: ${{ steps.versions.outputs.php-min }}
extensions: bz2, ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, session, simplexml, xmlreader, xmlwriter, zip, zlib, sqlite, pdo_sqlite
diff --git a/.github/workflows/lint-php.yml b/.github/workflows/lint-php.yml
index 8cc2cb045..985037251 100644
--- a/.github/workflows/lint-php.yml
+++ b/.github/workflows/lint-php.yml
@@ -21,7 +21,8 @@ jobs:
matrix:
runs-on: ubuntu-latest-low
outputs:
- php-versions: ${{ steps.versions.outputs.php-versions }}
+ php-min: ${{ steps.versions.outputs.php-min }}
+ php-max: ${{ steps.versions.outputs.php-max }}
steps:
- name: Checkout app
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
@@ -30,14 +31,14 @@ jobs:
- name: Get version matrix
id: versions
- uses: icewind1991/nextcloud-version-matrix@8a7bac6300b2f0f3100088b297995a229558ddba # v1.0.0
+ uses: icewind1991/nextcloud-version-matrix@8a7bac6300b2f0f3100088b297995a229558ddba # v1.3.2
php-lint:
runs-on: ubuntu-latest
needs: matrix
strategy:
matrix:
- php-versions: ${{fromJson(needs.matrix.outputs.php-versions)}}
+ php-versions: ['${{ needs.matrix.outputs.php-min }}', '${{ needs.matrix.outputs.php-max }}']
name: php-lint
@@ -48,7 +49,7 @@ jobs:
persist-credentials: false
- name: Set up php ${{ matrix.php-versions }}
- uses: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1 # v2.36.0
+ uses: shivammathur/setup-php@7c071dfe9dc99bdf297fa79cb49ea005b9fcadbc # 2.37.1
with:
php-version: ${{ matrix.php-versions }}
extensions: bz2, ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, session, simplexml, xmlreader, xmlwriter, zip, zlib, sqlite, pdo_sqlite
diff --git a/.github/workflows/node.yml b/.github/workflows/npm-build.yml
similarity index 98%
rename from .github/workflows/node.yml
rename to .github/workflows/npm-build.yml
index 616d28eaa..896bb7b8b 100644
--- a/.github/workflows/node.yml
+++ b/.github/workflows/npm-build.yml
@@ -6,7 +6,7 @@
# SPDX-FileCopyrightText: 2021-2024 Nextcloud GmbH and Nextcloud contributors
# SPDX-License-Identifier: MIT
-name: Node
+name: Build Javascript
on: pull_request
@@ -73,7 +73,6 @@ jobs:
run: npm i -g 'npm@${{ steps.versions.outputs.npmVersion }}'
- name: Validate package-lock.json # See https://github.com/npm/cli/issues/4460
- if: false # disable temporarily
run: |
npm i -g npm-package-lock-add-resolved@1.1.4
npm-package-lock-add-resolved
diff --git a/.github/workflows/phpunit-mysql.yml b/.github/workflows/phpunit-mysql.yml
index d1b1d940a..fe87c2bd3 100644
--- a/.github/workflows/phpunit-mysql.yml
+++ b/.github/workflows/phpunit-mysql.yml
@@ -30,7 +30,7 @@ jobs:
- name: Get version matrix
id: versions
- uses: icewind1991/nextcloud-version-matrix@8a7bac6300b2f0f3100088b297995a229558ddba # v1.3.2.3.1.3.2
+ uses: icewind1991/nextcloud-version-matrix@8a7bac6300b2f0f3100088b297995a229558ddba # v1.3.2
with:
matrix: '{"mysql-versions": ["8.4"]}'
@@ -103,7 +103,7 @@ jobs:
path: apps/${{ env.APP_NAME }}
- name: Set up php ${{ matrix.php-versions }}
- uses: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1 # v2.36.0
+ uses: shivammathur/setup-php@7c071dfe9dc99bdf297fa79cb49ea005b9fcadbc # 2.37.1
with:
php-version: ${{ matrix.php-versions }}
# https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
@@ -122,7 +122,7 @@ jobs:
- name: Check composer file existence
id: check_composer
- uses: andstor/file-existence-action@076e0072799f4942c8bc574a82233e1e4d13e9d6 # v3.0.0
+ uses: andstor/file-existence-action@558493d6c74bf472d87c84eab196434afc2fa029 # v3.1.0
with:
files: apps/${{ env.APP_NAME }}/composer.json
diff --git a/.github/workflows/phpunit-pgsql.yml b/.github/workflows/phpunit-pgsql.yml
index 362511804..1923ad8e1 100644
--- a/.github/workflows/phpunit-pgsql.yml
+++ b/.github/workflows/phpunit-pgsql.yml
@@ -31,7 +31,7 @@ jobs:
- name: Get version matrix
id: versions
- uses: icewind1991/nextcloud-version-matrix@8a7bac6300b2f0f3100088b297995a229558ddba # v1.3.2.3.1.3.2
+ uses: icewind1991/nextcloud-version-matrix@8a7bac6300b2f0f3100088b297995a229558ddba # v1.3.2
changes:
runs-on: ubuntu-latest-low
@@ -106,7 +106,7 @@ jobs:
path: apps/${{ env.APP_NAME }}
- name: Set up php ${{ matrix.php-versions }}
- uses: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1 # v2.36.0
+ uses: shivammathur/setup-php@7c071dfe9dc99bdf297fa79cb49ea005b9fcadbc # 2.37.1
with:
php-version: ${{ matrix.php-versions }}
# https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
@@ -120,7 +120,7 @@ jobs:
- name: Check composer file existence
id: check_composer
- uses: andstor/file-existence-action@076e0072799f4942c8bc574a82233e1e4d13e9d6 # v3.0.0
+ uses: andstor/file-existence-action@558493d6c74bf472d87c84eab196434afc2fa029 # v3.1.0
with:
files: apps/${{ env.APP_NAME }}/composer.json
diff --git a/.github/workflows/phpunit-sqlite.yml b/.github/workflows/phpunit-sqlite.yml
index dc215e0c3..8be2c0c1c 100644
--- a/.github/workflows/phpunit-sqlite.yml
+++ b/.github/workflows/phpunit-sqlite.yml
@@ -31,7 +31,7 @@ jobs:
- name: Get version matrix
id: versions
- uses: icewind1991/nextcloud-version-matrix@8a7bac6300b2f0f3100088b297995a229558ddba # v1.3.2.3.1.3.2
+ uses: icewind1991/nextcloud-version-matrix@8a7bac6300b2f0f3100088b297995a229558ddba # v1.3.2
changes:
runs-on: ubuntu-latest-low
@@ -95,7 +95,7 @@ jobs:
path: apps/${{ env.APP_NAME }}
- name: Set up php ${{ matrix.php-versions }}
- uses: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1 # v2.36.0
+ uses: shivammathur/setup-php@7c071dfe9dc99bdf297fa79cb49ea005b9fcadbc # 2.37.1
with:
php-version: ${{ matrix.php-versions }}
# https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
@@ -109,7 +109,7 @@ jobs:
- name: Check composer file existence
id: check_composer
- uses: andstor/file-existence-action@076e0072799f4942c8bc574a82233e1e4d13e9d6 # v3.0.0
+ uses: andstor/file-existence-action@558493d6c74bf472d87c84eab196434afc2fa029 # v3.1.0
with:
files: apps/${{ env.APP_NAME }}/composer.json
diff --git a/.github/workflows/psalm.yml b/.github/workflows/psalm.yml
index 457acac57..ff2884e3b 100644
--- a/.github/workflows/psalm.yml
+++ b/.github/workflows/psalm.yml
@@ -30,15 +30,15 @@ jobs:
- name: Get php version
id: versions
- uses: icewind1991/nextcloud-version-matrix@8a7bac6300b2f0f3100088b297995a229558ddba # v1.3.2.3.1.3.2
+ uses: icewind1991/nextcloud-version-matrix@8a7bac6300b2f0f3100088b297995a229558ddba # v1.3.2
- name: Check enforcement of minimum PHP version ${{ steps.versions.outputs.php-min }} in psalm.xml
run: grep 'phpVersion="${{ steps.versions.outputs.php-min }}' psalm.xml
- - name: Set up php${{ steps.versions.outputs.php-min }}
- uses: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1 # v2.36.0
+ - name: Set up php${{ steps.versions.outputs.php-available }}
+ uses: shivammathur/setup-php@7c071dfe9dc99bdf297fa79cb49ea005b9fcadbc # 2.37.1
with:
- php-version: ${{ steps.versions.outputs.php-min }}
+ php-version: ${{ steps.versions.outputs.php-available }}
extensions: bz2, ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, session, simplexml, xmlreader, xmlwriter, zip, zlib, sqlite, pdo_sqlite
coverage: none
ini-file: development
@@ -52,9 +52,6 @@ jobs:
composer remove nextcloud/ocp --dev --no-scripts
composer i
- - name: Check for vulnerable PHP dependencies
- run: composer require --dev roave/security-advisories:dev-latest
-
- name: Install nextcloud/ocp
run: composer require --dev nextcloud/ocp:dev-${{ steps.versions.outputs.branches-max }} --ignore-platform-reqs --with-dependencies
diff --git a/.github/workflows/update-nextcloud-ocp-approve-merge.yml b/.github/workflows/update-nextcloud-ocp-approve-merge.yml
index dfe0ef4e9..88c54da0a 100644
--- a/.github/workflows/update-nextcloud-ocp-approve-merge.yml
+++ b/.github/workflows/update-nextcloud-ocp-approve-merge.yml
@@ -27,7 +27,7 @@ jobs:
if: github.actor == 'nextcloud-command'
runs-on: ubuntu-latest-low
permissions:
- # for hmarr/auto-approve-action to approve PRs
+ # for auto-approve-action to approve PRs
pull-requests: write
# for alexwilson/enable-github-automerge-action to approve PRs
contents: write
@@ -44,15 +44,16 @@ jobs:
with:
repo-token: ${{ secrets.GITHUB_TOKEN }}
- # GitHub actions bot approve
- - uses: hmarr/auto-approve-action@b40d6c9ed2fa10c9a2749eca7eb004418a705501 # v2
+ - name: GitHub actions bot approve
if: startsWith(steps.branchname.outputs.branch, 'automated/noid/') && endsWith(steps.branchname.outputs.branch, 'update-nextcloud-ocp')
- with:
- github-token: ${{ secrets.GITHUB_TOKEN }}
+ run: gh pr review --approve "$PR_URL"
+ env:
+ PR_URL: ${{ github.event.pull_request.html_url }}
+ GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# Enable GitHub auto merge
- name: Auto merge
- uses: alexwilson/enable-github-automerge-action@56e3117d1ae1540309dc8f7a9f2825bc3c5f06ff # v2.0.0
+ uses: alexwilson/enable-github-automerge-action@2c32e18a76e0726ffe7a573bfff2d42a20885126 # 3.0.0
if: startsWith(steps.branchname.outputs.branch, 'automated/noid/') && endsWith(steps.branchname.outputs.branch, 'update-nextcloud-ocp')
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/update-nextcloud-ocp.yml b/.github/workflows/update-nextcloud-ocp.yml
index 8bd889b6e..ba9f3d70f 100644
--- a/.github/workflows/update-nextcloud-ocp.yml
+++ b/.github/workflows/update-nextcloud-ocp.yml
@@ -43,7 +43,7 @@ jobs:
- name: Set up php8.2
if: steps.checkout.outcome == 'success'
- uses: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1 # v2.36.0
+ uses: shivammathur/setup-php@7c071dfe9dc99bdf297fa79cb49ea005b9fcadbc # 2.37.1
with:
php-version: 8.2
# https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
@@ -63,53 +63,39 @@ jobs:
if: steps.checkout.outcome == 'success'
run: composer install
- - name: Composer update nextcloud/ocp # zizmor: ignore[template-injection]
- id: update_branch
- if: ${{ steps.checkout.outcome == 'success' && matrix.branches != 'main' }}
- run: composer require --dev 'nextcloud/ocp:dev-${{ matrix.branches }}'
-
- - name: Raise on issue on failure
- uses: dacbd/create-issue-action@cdb57ab6ff8862aa09fee2be6ba77a59581921c2 # v2.0.0
- if: ${{ steps.checkout.outcome == 'success' && failure() && steps.update_branch.conclusion == 'failure' }}
+ - name: Check composer bin for nextcloud/ocp exists
+ id: check_composer_bin
+ uses: andstor/file-existence-action@558493d6c74bf472d87c84eab196434afc2fa029 # v3.1.0
with:
- token: ${{ secrets.GITHUB_TOKEN }}
- title: 'Failed to update nextcloud/ocp package on branch ${{ matrix.branches }}'
- body: 'Please check the output of the GitHub action and manually resolve the issues
${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
${{ steps.codeowners.outputs.codeowners }}'
+ files: vendor-bin/nextcloud-ocp/composer.json
- name: Composer update nextcloud/ocp
- id: update_main
- if: ${{ steps.checkout.outcome == 'success' && matrix.branches == 'main' }}
- run: composer require --dev nextcloud/ocp:dev-master
+ id: update_branch
+ env:
+ USE_COMPOSER_BIN: ${{ steps.check_composer_bin.outputs.files_exists }}
+ BRANCH_NAME: ${{ matrix.branches }}
+ run: |
+ COMPOSER_CMD='composer'
+ if [[ "$USE_COMPOSER_BIN" == 'true' ]]; then
+ COMPOSER_CMD='composer bin nextcloud-ocp'
+ fi
+
+ PACKAGE_VERSION="nextcloud/ocp:dev-$BRANCH_NAME"
+ if [[ "$BRANCH_NAME" == 'main' ]]; then
+ PACKAGE_VERSION='nextcloud/ocp:dev-master'
+ fi
+
+ echo $COMPOSER_CMD require --dev $PACKAGE_VERSION
+ $COMPOSER_CMD require --dev $PACKAGE_VERSION
- name: Raise on issue on failure
uses: dacbd/create-issue-action@cdb57ab6ff8862aa09fee2be6ba77a59581921c2 # v2.0.0
- if: ${{ steps.checkout.outcome == 'success' && failure() && steps.update_main.conclusion == 'failure' }}
+ if: ${{ steps.checkout.outcome == 'success' && failure() && steps.update_branch.conclusion == 'failure' }}
with:
token: ${{ secrets.GITHUB_TOKEN }}
title: 'Failed to update nextcloud/ocp package on branch ${{ matrix.branches }}'
body: 'Please check the output of the GitHub action and manually resolve the issues
${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
${{ steps.codeowners.outputs.codeowners }}'
- - name: Reset checkout 3rdparty
- if: steps.checkout.outcome == 'success'
- run: |
- git clean -f 3rdparty
- git checkout 3rdparty
- continue-on-error: true
-
- - name: Reset checkout vendor
- if: steps.checkout.outcome == 'success'
- run: |
- git clean -f vendor
- git checkout vendor
- continue-on-error: true
-
- - name: Reset checkout vendor-bin
- if: steps.checkout.outcome == 'success'
- run: |
- git clean -f vendor-bin
- git checkout vendor-bin
- continue-on-error: true
-
- name: Create Pull Request
if: steps.checkout.outcome == 'success'
uses: peter-evans/create-pull-request@5f6978faf089d4d20b00c7766989d076bb2fc7f1 # v8.1.1
@@ -121,6 +107,11 @@ jobs:
signoff: true
branch: 'automated/noid/${{ matrix.branches }}-update-nextcloud-ocp'
title: '[${{ matrix.branches }}] Update nextcloud/ocp dependency'
+ add-path: |
+ composer.json
+ composer.lock
+ vendor-bin/nextcloud-ocp/composer.json
+ vendor-bin/nextcloud-ocp/composer.lock
body: |
Auto-generated update of [nextcloud/ocp](https://github.com/nextcloud-deps/ocp/) dependency
labels: |