Commit graph

25 commits

Author SHA1 Message Date
dependabot[bot]
545f537c3a
Build(deps): Bump actions/checkout from 3.5.0 to 3.5.2
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.5.0 to 3.5.2.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3.5.0...8e5e7e5ab8b370d6c329ec480221332ada57f0ab)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-04-17 11:58:23 +00:00
dependabot[bot]
26f7bcdd1d
Build(deps): Bump actions/setup-java from 3.10.0 to 3.11.0
Bumps [actions/setup-java](https://github.com/actions/setup-java) from 3.10.0 to 3.11.0.
- [Release notes](https://github.com/actions/setup-java/releases)
- [Commits](https://github.com/actions/setup-java/compare/v3.10.0...5ffc13f4174014e2d4d4572b3d74c3fa61aeb2c2)

---
updated-dependencies:
- dependency-name: actions/setup-java
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-04-03 11:57:57 +00:00
dependabot[bot]
19b5441b26
Build(deps): Bump actions/checkout from 3.4.0 to 3.5.0
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.4.0 to 3.5.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3.4.0...8f4b7f84864484a7bf31766abe9204da3cbe65b3)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-03-27 11:58:35 +00:00
dependabot[bot]
26ebd78521
Build(deps): Bump actions/checkout from 3.3.0 to 3.4.0
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.3.0 to 3.4.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3.3.0...24cb9080177205b6e8c946b17badbe402adc938f)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-03-20 11:58:22 +00:00
dependabot[bot]
3a7ef87257
Build(deps): Bump actions/checkout from 3.2.0 to 3.3.0
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.2.0 to 3.3.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3.2.0...ac593985615ec2ede58e132d2e21d2b1cbd6127c)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-02-20 12:29:00 +00:00
dependabot[bot]
8b827b3086
Build(deps): Bump actions/setup-java from 3.9.0 to 3.10.0
Bumps [actions/setup-java](https://github.com/actions/setup-java) from 3.9.0 to 3.10.0.
- [Release notes](https://github.com/actions/setup-java/releases)
- [Commits](1df8dbefe2...3f07048e3d)

---
updated-dependencies:
- dependency-name: actions/setup-java
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-02-14 09:16:13 +00:00
tobiasKaminsky
56df7ad103
Pin versions
Signed-off-by: tobiasKaminsky <tobias@kaminsky.me>
2022-12-16 10:35:39 +01:00
Álvaro Brey
3b9ae12de3
analysis.yml: fix missing output
Signed-off-by: Álvaro Brey <alvaro.brey@nextcloud.com>
2022-07-12 17:48:39 +02:00
tobiasKaminsky
92d3f08f6a
Setting token permissions to read-only follows the principle of least privilege.
Signed-off-by: tobiasKaminsky <tobias@kaminsky.me>
2022-06-13 14:23:55 +02:00
Álvaro Brey
f54d234626
Merge pull request #10279 from nextcloud/chore/analysis-github-token
workflows/analysis: Use GITHUB_TOKEN instead of GIT_TOKEN, and some cleanup
2022-05-31 10:07:03 +02:00
Álvaro Brey
e74e12c293
Update some workflows
Signed-off-by: Álvaro Brey <alvaro.brey@nextcloud.com>
2022-05-23 10:11:36 +02:00
Álvaro Brey Vilas
7073746309
Use defusedxml for xml parsing instead of etree
Signed-off-by: Álvaro Brey Vilas <alvaro.brey@nextcloud.com>
2022-04-27 11:03:59 +02:00
dependabot[bot]
5e924a5c4f
Bump actions/setup-java from 2 to 3
Bumps [actions/setup-java](https://github.com/actions/setup-java) from 2 to 3.
- [Release notes](https://github.com/actions/setup-java/releases)
- [Commits](https://github.com/actions/setup-java/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/setup-java
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-04-11 11:20:00 +00:00
Álvaro Brey Vilas
e7dbbb45b4
Analysis: use proper token for clone
Signed-off-by: Álvaro Brey Vilas <alvaro.brey@nextcloud.com>
2022-03-09 09:01:50 +01:00
Álvaro Brey Vilas
bee3403b21
analysis: Checkout branch, but use repo too
Signed-off-by: Álvaro Brey Vilas <alvaro.brey@nextcloud.com>
2022-03-08 13:50:04 +01:00
Álvaro Brey Vilas
421a672e1d
workflows: analysis: another attempt to fix checkout
Signed-off-by: Álvaro Brey Vilas <alvaro.brey@nextcloud.com>
2022-03-08 10:27:24 +01:00
Álvaro Brey Vilas
d2cb7e33b5
Revert "workflows: analysis: default checkout"
This reverts commit 55f02b550b.

Signed-off-by: Álvaro Brey <alvaro.brey@nextcloud.com>
2022-03-08 10:25:38 +01:00
Álvaro Brey Vilas
55f02b550b
workflows: analysis: default checkout
Should work in checkout@v3

Signed-off-by: Álvaro Brey Vilas <alvaro.brey@nextcloud.com>
2022-03-08 10:04:15 +01:00
dependabot[bot]
5e0c59cd6d
Bump actions/checkout from 2 to 3
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-07 08:20:38 +00:00
Álvaro Brey Vilas
494cceab8e
Analysis: fix checkout and commit generation
Signed-off-by: Álvaro Brey Vilas <alvaro.brey@nextcloud.com>
2022-01-26 12:54:24 +01:00
Álvaro Brey Vilas
9f2bdd5916
Analysis: use pull_request_target
Can't post reports otherwise as github token is readonly in pull_request

Signed-off-by: Álvaro Brey Vilas <alvaro.brey@nextcloud.com>
2022-01-26 11:33:53 +01:00
Álvaro Brey Vilas
22367838ab
Run analysis workflow on push too
Otherwise baseline results aren't generated

Signed-off-by: Álvaro Brey Vilas <alvaro.brey@nextcloud.com>
2022-01-24 16:25:33 +01:00
Álvaro Brey Vilas
417dee2535
workflows: Use temurin JDK instead of adopt
Ref: https://blog.adoptopenjdk.net/2021/08/goodbye-adoptopenjdk-hello-adoptium/

tl;dr: AdoptOpenJDK is discontinued and recommendation is to use Eclipse Temurin instead

Signed-off-by: Álvaro Brey Vilas <alvaro.brey@nextcloud.com>
2022-01-20 11:01:09 +01:00
Álvaro Brey Vilas
33a2043d3f
Analysis workflow: correct head ref for branch
Signed-off-by: Álvaro Brey Vilas <alvaro.brey@nextcloud.com>
2022-01-14 13:08:21 +01:00
Álvaro Brey Vilas
9fa63c7547
Run analysis workflow in github actions
Signed-off-by: Álvaro Brey Vilas <alvaro.brey@nextcloud.com>
2022-01-13 09:29:43 +01:00