d1855e902d
Bump github/codeql-action from 2.20.1 to 2.20.3
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.20.1 to 2.20.3.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](f6e388ebf0...46ed16ded9
1 year ago
a8c655e651
Bump actions/checkout from 3.5.1 to 3.5.3
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.5.1 to 3.5.3.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v3.5.1...c85c95e3d7251135ab7dc9ce3241c5835cc595a9 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
27ef6c081e
Create scorecard.yml
1 year ago
0be1e5a73d
Use meson 0.62.0, remove retry
...
Signed-off-by: Pedro Kaj Kjellerup Nacht <pnacht@google.com>
1 year ago
3679293a45
msvc-ci: Retry if meson setup is flaky
...
Signed-off-by: Pedro Kaj Kjellerup Nacht <pnacht@google.com>
1 year ago
0ccb5c365f
Only use fonttools in msys2-ci
...
Signed-off-by: Pedro Kaj Kjellerup Nacht <pnacht@google.com>
1 year ago
e39c4cf5a9
Bump ilammy/msvc-dev-cmd from 1.12.0 to 1.12.1
...
Bumps [ilammy/msvc-dev-cmd](https://github.com/ilammy/msvc-dev-cmd ) from 1.12.0 to 1.12.1.
- [Release notes](https://github.com/ilammy/msvc-dev-cmd/releases )
- [Commits](7315a94840...cec98b9d09
1 year ago
d82c7623c5
Bump actions/checkout from 3.5.2 to 3.5.3
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.5.2 to 3.5.3.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](8e5e7e5ab8...c85c95e3d7
1 year ago
5906f90ce1
Hash-pin Actions
...
Signed-off-by: Pedro Kaj Kjellerup Nacht <pnacht@google.com>
1 year ago
59f2d2f6c2
Set dependabot to update requirements.txt
...
Signed-off-by: Pedro Kaj Kjellerup Nacht <pnacht@google.com>
1 year ago
7c08bb85d5
Adopt requirements.txt file in workflows
...
Signed-off-by: Pedro Kaj Kjellerup Nacht <pnacht@google.com>
1 year ago
26c719e8cd
Add read-only top-level permissions to cifuzz.yml
...
Signed-off-by: Pedro Kaj Kjellerup Nacht <pnacht@google.com>
2 years ago
b4b089c427
[docs] Disable gtdoc-check by default
...
It slows build as it causes documentation to be always rebuilt. We now
disable it by default and enable it on relevant CI jobs.
2 years ago
178c5bed39
[ci] Use unique ccache cache keys per job
2 years ago
a0afde70c5
[ci] Re-enable coverage reporting on macOS
2 years ago
8785d515d0
[ci] Don’t install glib-utils on macOS
...
Homebrew can’t make up their mind, they seem to have merged the glib
packages again.
2 years ago
5ddb5fb847
[ci] Don’t install gtk-doc on macOS
...
We are not building the documentation here.
2 years ago
48df846a41
[ci] Make homebrew do less work
2 years ago
35f0184bfd
[ci] Clean a bit and add some consistency
2 years ago
1abcc32137
Revert "[ci] Use sccache with msys2"
...
This reverts commit b9646dfd6280dd751564
2 years ago
b9646dfd62
[ci] Use sccache with msys2
2 years ago
22a4fca375
[ci] Use sccache for msvc jobs
...
Meson will not use ccache with MSVC, so we use sccache here.
2 years ago
582636bce0
[ci] Use ccache for linux and macos jobs
2 years ago
99146e7609
[ci] We don’t need to install ragel on msys2
2 years ago
842e26d32c
[ci] Remove no longer needed workaround
...
Meson seems to take care of this itself now.
2 years ago
1f3c042ff5
[doc] Don’t automatically skip building docs on Windows
...
Respect the option setting.
2 years ago
d4dec54c3a
[ci] Switch configs build to Ubuntu 20.04
...
https://github.com/actions/runner-images/issues/6002
2 years ago
52d8346d99
[ci] Change Linux runner to Ubuntu 20.04
...
https://github.com/actions/runner-images/issues/6002
2 years ago
80dd751564
CI: work around flaky 64bit MSYS2 builds
...
MSYS2 Python+meson has some random crashes in CI which we haven't been
able to reproduce yet. Naturally enabling debugging fixes them.. :)
2 years ago
8f41b6a139
CI: fix msvc build
...
The Windows image for some reason now contains a zlib and freetype build
which meson finds and tries to use. Force meson to use the subprojects always
to avoid picking up system libs.
2 years ago
9650f34a84
[CI] Remove coverage testing from macos-ci
2 years ago
3a9ca6aa69
[CI] Try fixing macos-ci
2 years ago
3377ddf69e
Add missing underscore
2 years ago
28cb1b3954
Fix working-directory
2 years ago
dbbbf02d77
Fix GHA workflow
2 years ago
756b500018
Add ARM CI workflow
2 years ago
9e4ae09fe7
[ci] Fix linux-ci builds
2 years ago
efab763885
[ci] Fix docs deployment
...
Trigger build on tag pushes, and simplify the condition for calling
.ci/deploy-docs.sh.
2 years ago
7a219ca9f0
[ci] Install glib-utils on macOS
...
The glib utils have been split into a separate homebrew package.
Fixes https://github.com/harfbuzz/harfbuzz/issues/3747
2 years ago
a92d988d3d
Revert "[ci] Upgrade codecov-action to v3.1"
...
This reverts commit 5b8bff8dca
2 years ago
5b8bff8dca
[ci] Upgrade codecov-action to v3.1
2 years ago
2eb561ebea
[ci] Upgrade macos runner from 10.15 to latest (11)
2 years ago
a1c299da13
Bump actions/setup-python from 3 to 4
...
Bumps [actions/setup-python](https://github.com/actions/setup-python ) from 3 to 4.
- [Release notes](https://github.com/actions/setup-python/releases )
- [Commits](https://github.com/actions/setup-python/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: actions/setup-python
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
9342adb0d6
Bump actions/checkout from 2 to 3
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
335d058bf4
Bump codecov/codecov-action from 1 to 3
...
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action ) from 1 to 3.
- [Release notes](https://github.com/codecov/codecov-action/releases )
- [Changelog](https://github.com/codecov/codecov-action/blob/master/CHANGELOG.md )
- [Commits](https://github.com/codecov/codecov-action/compare/v1...v3 )
---
updated-dependencies:
- dependency-name: codecov/codecov-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
a51c3a66f2
Bump actions/upload-artifact from 1 to 3
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 1 to 3.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](https://github.com/actions/upload-artifact/compare/v1...v3 )
---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
80bf2b3d2f
Bump actions/setup-python from 1 to 3
...
Bumps [actions/setup-python](https://github.com/actions/setup-python ) from 1 to 3.
- [Release notes](https://github.com/actions/setup-python/releases )
- [Commits](https://github.com/actions/setup-python/compare/v1...v3 )
---
updated-dependencies:
- dependency-name: actions/setup-python
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
acd2151927
chore: Included githubactions in the dependabot config
...
This should help with keeping the GitHub actions updated on new releases. This will also help with keeping it secure.
Dependabot helps in keeping the supply chain secure https://docs.github.com/en/code-security/dependabot
GitHub actions up to date https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot
https://github.com/ossf/scorecard/blob/main/docs/checks.md#dependency-update-tool
Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
2 years ago
356c1f8336
chore: Set permissions for GitHub actions
...
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.
- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ )
Signed-off-by: neilnaveen <42328488+neilnaveen@users.noreply.github.com>
2 years ago
aef92b2846
[ci] Better compiler specification in configs-build job
2 years ago
dependabot[bot]
Pedro Nacht
Pedro Kaj Kjellerup Nacht
Khaled Hosny
Behdad Esfahbod
Christoph Reiter
Joel Auterson
naveen
neilnaveen