1
0
Fork 0
mirror of https://github.com/cisagov/log4j-affected-db.git synced 2024-11-18 23:07:54 +00:00
Commit graph

304 commits

Author SHA1 Message Date
Nicholas McDonnell
b9792a8d18
Add a workflow to synchronize repository labels
This adds a workflow to ensure that the repository labels are updated
to reflect changes to the label configuration file .github/labels.yml.
2022-11-08 15:22:08 -05:00
Nicholas McDonnell
e5fbd70b20
Add a label configuration file
This configuration file stores information about the labels expected in
this repository.
2022-11-08 15:22:08 -05:00
Nick
bb9c2a0772
Merge pull request #114 from cisagov/maintenance/update_pre-commit_hooks
Update pre-commit hooks
2022-11-08 15:21:29 -05:00
Nicholas McDonnell
fb8d13f5ba
Update pre-commit hooks
Update pre-commit hooks using `pre-commit autoupdate`. The `ansible-lint` hook
is intentionally held back due to issues with upgrading to v6.
2022-11-08 15:17:33 -05:00
Nick
2a98c6abf5
Merge pull request #120 from cisagov/bug/verify_pre-commit_hook_repos
Update the `flake8` pre-commit hook configuration
2022-11-08 15:17:02 -05:00
Nicholas McDonnell
b1ea3d4239
Fix the repo of the flake8 pre-commit hook
Per PyCQA/flake8#1290 this hook moved from GitLab to GitHub. The
version we use is bumped to the latest tag on GitHub as well.
2022-11-08 15:15:14 -05:00
Nick
cfa9ba59e8
Merge pull request #117 from cisagov/improvement/update_yamllint_line-length_rules
Update the `line-length` configuration for `yamllint`
2022-11-08 15:14:24 -05:00
Nicholas McDonnell
3547c4f28d
Increase the maximum line length in the yamllint configuration
Increase the line length maximum from the default of 80 to 88. This 10%
increase mirrors the line length allowed in other linter configurations
such as black.
2022-11-08 15:12:43 -05:00
Nicholas McDonnell
21a68f461c
Enable the allow-non-breakable-inline-mappings rule for yamllint 2022-11-08 15:12:43 -05:00
Nick
0867685d1c
Merge pull request #119 from cisagov/bug/update_github_actions_workflow
Remove usage of `set-output` from our GitHub Actions workflow
2022-11-08 15:12:11 -05:00
Nicholas McDonnell
71a88a5694
Remove usage of set-output from our GitHub Actions workflow
GitHub has deprecated the set-output command per:
https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/

This updates the GitHub Actions workflow to use the newly preferred
method to set the output for a job's step.
2022-11-08 15:10:45 -05:00
Nick
a8bcddd6c5
Merge pull request #112 from cisagov/improvement/update_dependabot_ignores
Update Dependabot ignore directives
2022-11-08 15:09:28 -05:00
Nicholas McDonnell
dfd54e9ad2
Add additional Dependabot ignore directives
This adds the other versioned Actions that should be managed by
cisagov/skeleton-generic to the list of commented out dependencies to
ignore.
2022-11-08 15:08:12 -05:00
Nicholas McDonnell
6a9c630f86
Add an ownership comment to the Dependabot configuration
Add a comment that states that the commented out ignore directives are
managed by cisagov/skeleton-generic.
2022-11-08 15:08:12 -05:00
Nick
f74b4a32d7
Merge pull request #115 from cisagov/dependabot/github_actions/actions/setup-python-4
Bump actions/setup-python from 3 to 4
2022-11-08 15:07:52 -05:00
dependabot[bot]
1f7c62e5f2
Bump actions/setup-python from 3 to 4
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 3 to 4.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](https://github.com/actions/setup-python/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-08 20:06:28 +00:00
Nick
4925eb194a
Merge pull request #111 from cisagov/dependabot/github_actions/hashicorp/setup-terraform-2
Bump hashicorp/setup-terraform from 1 to 2
2022-11-08 15:05:10 -05:00
dependabot[bot]
2775dfa470
Bump hashicorp/setup-terraform from 1 to 2
Bumps [hashicorp/setup-terraform](https://github.com/hashicorp/setup-terraform) from 1 to 2.
- [Release notes](https://github.com/hashicorp/setup-terraform/releases)
- [Changelog](https://github.com/hashicorp/setup-terraform/blob/main/CHANGELOG.md)
- [Commits](https://github.com/hashicorp/setup-terraform/compare/v1...v2)

---
updated-dependencies:
- dependency-name: hashicorp/setup-terraform
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-08 20:00:23 +00:00
Nick
ec83308c16
Merge pull request #113 from cisagov/improvement/update_go_configuration
Update Go installation in the `build.yml` workflow
2022-11-08 14:58:34 -05:00
Nicholas McDonnell
fc55e84feb
Update the version of Go used from 1.18 to 1.19
Go 1.19 was released while this branch was in the wings and it makes
sense to bump to the latest Go release.
2022-11-08 13:27:47 -05:00
Nicholas McDonnell
8f6849857b
Update the version of Go used from 1.16 to 1.18
Go 1.16 is no longer supported as of the release of 1.18 so it makes
sense to update to the latest version available.
2022-05-27 18:07:10 -04:00
Nicholas McDonnell
57b4abe8fd
Update actions/setup-go from v2 to v3
Additionally as of v3.1.0 of actions/setup-go there is a go-version
output value to retrieve the version of Go installed by the Action.
This allows us to remove the step to manually retrieve this information
from the Go executable.
2022-05-27 18:04:15 -04:00
Nick
4215ba378e
Merge pull request #109 from cisagov/improvement/add_github_actions_pre-commit_hooks
Add `pre-commit` hooks to validate GitHub Actions content
2022-04-06 14:08:46 -04:00
Nicholas McDonnell
49d87d40e4
Add pre-commit hooks to validate GitHub Actions content
Add hooks to validate GitHub Actions and GitHub Action workflows. These
are validated using JSON Schemas.
2022-04-01 16:46:16 -04:00
Nick
da532a590f
Merge pull request #105 from cisagov/maintenance/update_pre-commit_hooks
Update `pre-commit` hooks
2022-04-01 13:24:57 -04:00
Nick
57d6ac04b0
Merge branch 'develop' into maintenance/update_pre-commit_hooks 2022-04-01 13:19:34 -04:00
Nick
504ed9ed45
Merge pull request #106 from cisagov/improvement/use_python_3.10_for_gha
Use Python 3.10 for the `lint` job in GitHub Actions
2022-04-01 13:19:24 -04:00
Nick
14aff9cadc
Merge branch 'develop' into improvement/use_python_3.10_for_gha 2022-04-01 13:13:47 -04:00
Nick
d168151a3c
Merge pull request #104 from cisagov/dependabot/github_actions/actions/cache-3
Bump actions/cache from 2 to 3
2022-04-01 13:13:36 -04:00
Nick
a9c93d0ff9
Merge pull request #107 from cisagov/improvement/add_dependabot_ignores_for_github_actions
Add Dependabot ignore directives
2022-04-01 13:10:46 -04:00
Nick
496ea93027
Merge branch 'develop' into improvement/add_dependabot_ignores_for_github_actions 2022-04-01 12:29:17 -04:00
dependabot[bot]
c576ef56fb
Bump actions/cache from 2 to 3
Bumps [actions/cache](https://github.com/actions/cache) from 2 to 3.
- [Release notes](https://github.com/actions/cache/releases)
- [Commits](https://github.com/actions/cache/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-04-01 16:22:39 +00:00
Nick
e190ae75db
Merge pull request #102 from cisagov/dependabot/github_actions/actions/checkout-3
Bump actions/checkout from 2 to 3
2022-04-01 12:22:32 -04:00
Nick
6869c6830f
Merge branch 'develop' into dependabot/github_actions/actions/checkout-3 2022-04-01 12:16:34 -04:00
Nick
a3f12f43b3
Merge pull request #101 from cisagov/dependabot/github_actions/actions/setup-python-3
Bump actions/setup-python from 2 to 3
2022-04-01 12:16:00 -04:00
Nicholas McDonnell
e22c12cbd4
Use consistent quoting for software versions 2022-03-28 16:35:59 -04:00
Nicholas McDonnell
583992602c
Upgrade from Python 3.9 to 3.10 for the lint job in GHA 2022-03-28 16:29:30 -04:00
Nicholas McDonnell
511a37cf1e
Add Dependabot ignore directives
This adds commented out ignore directives for the following GitHub
Actions:

- action/cache
- action/checkout
- action/setup-python

These should be uncommented downstream to ensure that updates to these
dependencies are pushed from pull requests made in the skeleton.
2022-03-28 16:26:36 -04:00
Nicholas McDonnell
9a0380870c
Update pre-commit hooks
Update pre-commit hooks using `pre-commit autoupdate`. The `ansible-lint` hook
is intentionally held back due to issues with upgrading to v6.
2022-03-28 16:19:18 -04:00
dependabot[bot]
3406c2d420
Bump actions/checkout from 2 to 3
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-07 18:01:37 +00:00
dependabot[bot]
4ee1bfd96b
Bump actions/setup-python from 2 to 3
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 2 to 3.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](https://github.com/actions/setup-python/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-02-28 18:02:16 +00:00
Nick
6978f2a4dd
Merge pull request #100 from cisagov/improvement/update_markdownlint_configuration
Use new `markdownlint` rules for emphasis- and strong-styles
2022-02-25 11:43:07 -05:00
Nicholas McDonnell
7868a35e10
Add missing hyphen in markdownlint rule header 2022-02-25 11:23:25 -05:00
Nicholas McDonnell
706bdeda5a
Use asterisks for emphasis- and strong-styles
Given the inconsistent behavior of underscores used within words for
style we should prefer asterisks now that these rules are available.
2022-02-25 11:21:37 -05:00
Nick
d0817e2a37
Merge pull request #98 from cisagov/maintenance/update_pre-commit_hooks
Update pre-commit hooks
2022-02-25 09:38:03 -05:00
Nick
3303e46ecd
Merge branch 'develop' into maintenance/update_pre-commit_hooks 2022-02-25 09:36:43 -05:00
Nick
d7126900d7
Merge pull request #99 from cisagov/improvement/update_dependabot_and_yamllint_configurations
Add boilerplate for upcoming Dependabot configuration changes
2022-02-25 09:36:33 -05:00
Nicholas McDonnell
77b20ab3d7
Disable comments-indentation rule for yamllint
yamllint does not like it when you comment out pieces of dictionaries
in lists. Upcoming additions to the Dependabot configuration will run
afoul of this so we are updating the yamllint configuration.
2022-02-25 08:27:32 -05:00
Nicholas McDonnell
a05b45adf9
Add comment to Dependabot configuration
This comment explains that the configuration may have commented out
ignore directives that should be uncommented in downstream projects.
2022-02-25 08:26:08 -05:00
Nicholas McDonnell
ad71ef369b
Update pre-commit hooks
Update pre-commit hooks using `pre-commit autoupdate`.
2022-02-23 20:11:49 -05:00