diff --git a/.github/actions-lock.txt b/.github/actions-lock.txt index 030b372e..1f48bfc7 100644 --- a/.github/actions-lock.txt +++ b/.github/actions-lock.txt @@ -2,7 +2,7 @@ # SPDX-License-Identifier: MIT 9f2b534bea27e8ec2dda7c1d772a664b block-merge-eol.yml 25fc4c7e69e778e20bdc9eb0cc96367e block-merge-freeze.yml -169b5a5085493975bb375af516b288cc command-compile.yml +4fcd0bffd33680b73724dfd62fae37dd command-compile.yml 7dd8d21d9dd013196cd4bdbf7c24db6f dependabot-approve-merge.yml 54f293d9abe11ac0035a7bbb96a4e453 lint-eslint.yml 80a58e5584612def0e751fcfb7669814 lint-info-xml.yml @@ -10,15 +10,15 @@ ccd8a55c60e35b84becb0f7005ce1286 lint-php-cs.yml 5dcc3187a9460cb62a455235cbdb3562 lint-php.yml cf229fbf443d2f7a303f22eb92745811 lint-stylelint.yml c965845a0def7b39d872e47e93dd1139 node.yml -8d41f3688950b42dce423fb9fc1f785c npm-audit-fix.yml +0b18653741a7e7d377c239a55c5bb062 npm-audit-fix.yml bdca1af74c27de9a9fc2f3c70aabdc8f phpunit-mariadb.yml 5846b994639ccab0059bf23e141d389a phpunit-mysql.yml ec7d1084fbb3a6803dbabf3acdd17ac8 phpunit-oci.yml 29b359a5b76e7ff8cd85af34b3bf36e3 phpunit-pgsql.yml 182cc739d33a2441d3a9278a9bff55b4 phpunit-sqlite.yml 3c4a096b3b7dbaef0f8e5190ffe13518 pr-feedback.yml -2070d9569f327e758b9ce2b924c28fef psalm.yml +a6d8aa0050107ce4d8b6d166d25ca8aa psalm.yml 7db5b820f3750eebe988005a0bb2febd reuse.yml 800d5b188aa885626cf4169fa2dfea9e update-nextcloud-ocp-approve-merge.yml -595e7ba6f8f494268c3309ab7e3825f2 update-nextcloud-ocp.yml +90f22641445623fb227102f8d2d87cc0 update-nextcloud-ocp.yml 22604c31b526de270a080eb19967a638 update-stable-titles.yml diff --git a/.github/workflows/command-compile.yml b/.github/workflows/command-compile.yml index f236822d..ba5ea1f7 100644 --- a/.github/workflows/command-compile.yml +++ b/.github/workflows/command-compile.yml @@ -59,7 +59,7 @@ jobs: - name: Add reaction on start uses: peter-evans/create-or-update-comment@e8674b075228eee787fea43ef493e45ece1004c9 # v5.0.0 with: - token: ${{ secrets.COMMAND_BOT_PAT }} # zizmor: ignore[secrets-outside-env] + token: ${{ secrets.COMMAND_BOT_PAT }} repository: ${{ github.event.repository.full_name }} comment-id: ${{ github.event.comment.id }} reactions: '+1' @@ -86,7 +86,7 @@ jobs: uses: peter-evans/create-or-update-comment@e8674b075228eee787fea43ef493e45ece1004c9 # v5.0.0 if: failure() with: - token: ${{ secrets.COMMAND_BOT_PAT }} # zizmor: ignore[secrets-outside-env] + token: ${{ secrets.COMMAND_BOT_PAT }} repository: ${{ github.event.repository.full_name }} comment-id: ${{ github.event.comment.id }} reactions: '-1' @@ -97,7 +97,7 @@ jobs: steps: - name: Restore cached git repository - uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4 + uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5 with: path: .git key: git-repo @@ -107,7 +107,7 @@ jobs: with: # Needed to allow force push later persist-credentials: true - token: ${{ secrets.COMMAND_BOT_PAT }} # zizmor: ignore[secrets-outside-env] + token: ${{ secrets.COMMAND_BOT_PAT }} fetch-depth: 0 ref: ${{ needs.init.outputs.head_ref }} @@ -216,7 +216,7 @@ jobs: uses: peter-evans/create-or-update-comment@e8674b075228eee787fea43ef493e45ece1004c9 # v5.0.0 if: failure() with: - token: ${{ secrets.COMMAND_BOT_PAT }} # zizmor: ignore[secrets-outside-env] + token: ${{ secrets.COMMAND_BOT_PAT }} repository: ${{ github.event.repository.full_name }} comment-id: ${{ github.event.comment.id }} reactions: '-1' diff --git a/.github/workflows/npm-audit-fix.yml b/.github/workflows/npm-audit-fix.yml index 3e274392..23bae52f 100644 --- a/.github/workflows/npm-audit-fix.yml +++ b/.github/workflows/npm-audit-fix.yml @@ -71,7 +71,7 @@ jobs: if: steps.checkout.outcome == 'success' uses: peter-evans/create-pull-request@5f6978faf089d4d20b00c7766989d076bb2fc7f1 # v8.1.1 with: - token: ${{ secrets.COMMAND_BOT_PAT }} # zizmor: ignore[secrets-outside-env] + token: ${{ secrets.COMMAND_BOT_PAT }} commit-message: 'fix(deps): Fix npm audit' committer: GitHub author: nextcloud-command diff --git a/.github/workflows/psalm.yml b/.github/workflows/psalm.yml index d69fd288..4d4a4ec4 100644 --- a/.github/workflows/psalm.yml +++ b/.github/workflows/psalm.yml @@ -52,9 +52,6 @@ jobs: composer remove nextcloud/ocp --dev --no-scripts composer i - - name: Check for vulnerable PHP dependencies - run: composer require --dev roave/security-advisories:dev-latest - - name: Install nextcloud/ocp run: composer require --dev nextcloud/ocp:dev-${{ steps.versions.outputs.branches-max }} --ignore-platform-reqs --with-dependencies diff --git a/.github/workflows/update-nextcloud-ocp.yml b/.github/workflows/update-nextcloud-ocp.yml index a3c0f23e..835f9561 100644 --- a/.github/workflows/update-nextcloud-ocp.yml +++ b/.github/workflows/update-nextcloud-ocp.yml @@ -99,7 +99,7 @@ jobs: if: steps.checkout.outcome == 'success' uses: peter-evans/create-pull-request@5f6978faf089d4d20b00c7766989d076bb2fc7f1 # v8.1.1 with: - token: ${{ secrets.COMMAND_BOT_PAT }} # zizmor: ignore[secrets-outside-env] + token: ${{ secrets.COMMAND_BOT_PAT }} commit-message: 'chore(dev-deps): Bump nextcloud/ocp package' committer: GitHub author: nextcloud-command