kenmirrors/firefly-iii
1
0
Fork 0
mirror of https://github.com/firefly-iii/firefly-iii.git synced 2025-10-31 10:47:00 +00:00
Code Issues Projects Releases Wiki Activity
20,285 Commits 4 Branches 773 Tags
cc29d0a850edabf034146bf564ae1f2fb1bd0eeb
Commit Graph

225 Commits

Author SHA1 Message Date
naveen
9d1e20192d chore(deps): Included dependency review 
> Dependency Review GitHub Action in your repository to enforce dependency
> reviews on your pull requests.
> The action scans for vulnerable versions of dependencies introduced by package version
> changes in pull requests,
> and warns you about the associated security vulnerabilities.
> This gives you better visibility of what's changing in a pull request,
> and helps prevent vulnerabilities being added to your repository.

https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review#dependency-review-enforcement
Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
 2022-05-19 00:12:46 +00:00
naveensrinivasan
a963e1bc03 Set permissions for GitHub actions 
- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)

 Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.

Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
 2022-04-07 22:58:30 +00:00
James Cole
775492b391 Minor fixes. 2021-12-03 18:39:45 +01:00
James Cole
b1e453438e Update meta files for new release. 2021-11-26 06:28:04 +01:00
James Cole
284c6033d3 Update meta files for new release. 2021-11-26 06:24:10 +01:00
James Cole
b19f69dc2a Update lock.yml 2021-06-13 06:33:20 +00:00
James Cole
0d969dd42a Rebuild all for new release. 2021-05-08 21:26:50 +02:00
James Cole
8315734471 Update schedule to daily. 2021-05-03 08:08:47 +02:00
James Cole
1d9431795b Add feedback. 2021-05-02 15:12:53 +02:00
James Cole
b3074b2f6a Fix run. 2021-05-02 15:03:56 +02:00
James Cole
3be65ff806 Add manual trigger. 2021-05-02 15:03:09 +02:00
James Cole
c7128dedf2 Lock app. 2021-05-02 15:00:40 +02:00
James Cole
6ecbc5e013 Create stale.yml 2020-11-29 13:03:13 +00:00
James Cole
723d1cffe2 Fix some tests, disable actions for the time being. 2020-08-01 15:06:02 +02:00
James Cole
c3d8d70b34 Move phpstan config file for cleaner root. 2020-07-31 12:56:32 +02:00
James Cole
4b96558433 Do some code cleanup and call correct phpunit. 2020-07-31 12:12:54 +02:00
James Cole
22b1bfd189 Small improvements to CI 2020-07-31 12:08:58 +02:00
James Cole
886e9459a5 Switch to v9 2020-07-31 08:56:12 +02:00
James Cole
9d6979e3dd Fix path. 2020-07-31 08:48:06 +02:00
James Cole
cea3f860f2 Try another path 2020-07-31 07:46:24 +02:00
James Cole
bc27ce8c56 Fix command. 2020-07-31 07:41:13 +02:00
James Cole
c78c1bea7d Add thing for code standard. 2020-07-31 07:37:44 +02:00
James Cole
4c38c7c67b Update lock files. 2020-07-31 07:05:28 +02:00
James Cole
e57251abf4 Rename file. 2020-07-31 06:57:38 +02:00
Hosh Sadiq
8f568d41ca Add initial continuous integration 
Currently it will run phpunit, check coding standards and run
phpstan. This can and should be build upon, so that eventually builds
are automated and hopefully reproducable.
 2020-07-27 19:47:22 +01:00