diff --git a/.github/actions-lock.txt b/.github/actions-lock.txt
new file mode 100644
index 000000000..06486847d
--- /dev/null
+++ b/.github/actions-lock.txt
@@ -0,0 +1,18 @@
+# SPDX-FileCopyrightText: 2025 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: MIT
+25fc4c7e69e778e20bdc9eb0cc96367e block-merge-freeze.yml
+1d9ba7950f4e501aecdb833291ffc427 documentation.yml
+7bcfba381bfb7c28d9ef6a7d55ac937b lint-eslint.yml
+a674b6e725bcbc1064f7b68c678a2df6 lint-php-cs.yml
+6078222f7c61540504fa9892729f4a04 lint-php.yml
+082385f85afa5bd2c42664b2ca2d6707 lint-typescript.yml
+03759c9dc0fa748cb927b9f9cadf2925 node.yml
+1a3ce26e019f736c5f96c37675d8c530 phpunit-mysql.yml
+522d07fdeead55df5af751ef5e71b45b phpunit-oci.yml
+6862d78a56829d63a77c267be1099860 phpunit-pgsql.yml
+d17de282ccd37f12a5fd78d68a74df96 phpunit-sqlite.yml
+3c4a096b3b7dbaef0f8e5190ffe13518 pr-feedback.yml
+9fe5efdf1113d7fe92ba1f54f1111c4f psalm.yml
+7db5b820f3750eebe988005a0bb2febd reuse.yml
+a3440826636c0fd7c2d20b1de50363da update-nextcloud-ocp-approve-merge.yml
+94d83c701a5583dc4b36a5f471bb9e41 update-nextcloud-ocp.yml
diff --git a/.github/workflows/block-merge-freeze.yml b/.github/workflows/block-merge-freeze.yml
index 616608083..3a9d5cc37 100644
--- a/.github/workflows/block-merge-freeze.yml
+++ b/.github/workflows/block-merge-freeze.yml
@@ -29,7 +29,7 @@ jobs:
steps:
- name: Register server reference to fallback to master branch
- uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
with:
github-token: ${{secrets.GITHUB_TOKEN}}
script: |
diff --git a/.github/workflows/documentation.yml b/.github/workflows/documentation.yml
index 8eacfa4bb..690071714 100644
--- a/.github/workflows/documentation.yml
+++ b/.github/workflows/documentation.yml
@@ -25,12 +25,12 @@ jobs:
- name: Check actor permission level
# Only allow admin to deploy on release
if: github.event.release
- uses: skjnldsv/check-actor-permission@69e92a3c4711150929bca9fcf34448c5bf5526e7 # v2
+ uses: skjnldsv/check-actor-permission@69e92a3c4711150929bca9fcf34448c5bf5526e7 # v3.0
with:
require: admin
- name: Checkout
- uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+ uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
@@ -42,9 +42,10 @@ jobs:
fallbackNpm: '^11.3'
- name: Set up node ${{ steps.versions.outputs.nodeVersion }}
- uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0
+ uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
with:
node-version: ${{ steps.versions.outputs.nodeVersion }}
+ package-manager-cache: false
- name: Set up npm ${{ steps.versions.outputs.npmVersion }}
run: npm i -g 'npm@${{ steps.versions.outputs.npmVersion }}'
@@ -60,7 +61,7 @@ jobs:
- name: Deploy
# Only deploy on release
if: github.event.release
- uses: peaceiris/actions-gh-pages@4f9cc6602d3f66b9c108549d475ec49e8ef4d45e # v4.0.0
+ uses: peaceiris/actions-gh-pages@84c30a85c19949d7eee79c4ff27748b70285e453 # v4.1.0
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
publish_dir: ./dist/doc
diff --git a/.github/workflows/lint-eslint.yml b/.github/workflows/lint-eslint.yml
index cdb2b9e7a..734368546 100644
--- a/.github/workflows/lint-eslint.yml
+++ b/.github/workflows/lint-eslint.yml
@@ -28,7 +28,7 @@ jobs:
src: ${{ steps.changes.outputs.src}}
steps:
- - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2
+ - uses: dorny/paths-filter@fbd0ab8f3e69293af611ebaee6363fc25e6d187d # v4.0.1
id: changes
continue-on-error: true
with:
@@ -56,7 +56,7 @@ jobs:
steps:
- name: Checkout
- uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+ uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
@@ -68,7 +68,7 @@ jobs:
fallbackNpm: '^11.3'
- name: Set up node ${{ steps.versions.outputs.nodeVersion }}
- uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0
+ uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
with:
node-version: ${{ steps.versions.outputs.nodeVersion }}
diff --git a/.github/workflows/lint-php-cs.yml b/.github/workflows/lint-php-cs.yml
index dacf2d016..60102e892 100644
--- a/.github/workflows/lint-php-cs.yml
+++ b/.github/workflows/lint-php-cs.yml
@@ -25,16 +25,16 @@ jobs:
steps:
- name: Checkout
- uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+ uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
- name: Get php version
id: versions
- uses: icewind1991/nextcloud-version-matrix@58becf3b4bb6dc6cef677b15e2fd8e7d48c0908f # v1.3.1
+ uses: icewind1991/nextcloud-version-matrix@8a7bac6300b2f0f3100088b297995a229558ddba # v1.3.2
- name: Set up php${{ steps.versions.outputs.php-min }}
- uses: shivammathur/setup-php@bf6b4fbd49ca58e4608c9c89fba0b8d90bd2a39f # v2.35.5
+ uses: shivammathur/setup-php@7c071dfe9dc99bdf297fa79cb49ea005b9fcadbc # 2.37.1
with:
php-version: ${{ steps.versions.outputs.php-min }}
extensions: bz2, ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, session, simplexml, xmlreader, xmlwriter, zip, zlib, sqlite, pdo_sqlite
diff --git a/.github/workflows/lint-php.yml b/.github/workflows/lint-php.yml
index 238d2c484..985037251 100644
--- a/.github/workflows/lint-php.yml
+++ b/.github/workflows/lint-php.yml
@@ -21,34 +21,35 @@ jobs:
matrix:
runs-on: ubuntu-latest-low
outputs:
- php-versions: ${{ steps.versions.outputs.php-versions }}
+ php-min: ${{ steps.versions.outputs.php-min }}
+ php-max: ${{ steps.versions.outputs.php-max }}
steps:
- name: Checkout app
- uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+ uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
- name: Get version matrix
id: versions
- uses: icewind1991/nextcloud-version-matrix@58becf3b4bb6dc6cef677b15e2fd8e7d48c0908f # v1.0.0
+ uses: icewind1991/nextcloud-version-matrix@8a7bac6300b2f0f3100088b297995a229558ddba # v1.3.2
php-lint:
runs-on: ubuntu-latest
needs: matrix
strategy:
matrix:
- php-versions: ${{fromJson(needs.matrix.outputs.php-versions)}}
+ php-versions: ['${{ needs.matrix.outputs.php-min }}', '${{ needs.matrix.outputs.php-max }}']
name: php-lint
steps:
- name: Checkout
- uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+ uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
- name: Set up php ${{ matrix.php-versions }}
- uses: shivammathur/setup-php@bf6b4fbd49ca58e4608c9c89fba0b8d90bd2a39f # v2.35.5
+ uses: shivammathur/setup-php@7c071dfe9dc99bdf297fa79cb49ea005b9fcadbc # 2.37.1
with:
php-version: ${{ matrix.php-versions }}
extensions: bz2, ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, session, simplexml, xmlreader, xmlwriter, zip, zlib, sqlite, pdo_sqlite
diff --git a/.github/workflows/lint-typescript.yml b/.github/workflows/lint-typescript.yml
index 5ccd4da9b..6cecc809a 100644
--- a/.github/workflows/lint-typescript.yml
+++ b/.github/workflows/lint-typescript.yml
@@ -34,7 +34,7 @@ jobs:
src: ${{ steps.changes.outputs.src}}
steps:
- - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2
+ - uses: dorny/paths-filter@fbd0ab8f3e69293af611ebaee6363fc25e6d187d # v4.0.1
id: changes
continue-on-error: true
with:
@@ -55,7 +55,7 @@ jobs:
steps:
- name: Checkout
- uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+ uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
@@ -67,7 +67,7 @@ jobs:
fallbackNpm: '^11.3'
- name: Set up node ${{ steps.versions.outputs.nodeVersion }}
- uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0
+ uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
with:
node-version: ${{ steps.versions.outputs.nodeVersion }}
diff --git a/.github/workflows/node.yml b/.github/workflows/node.yml
index 0d7c372dd..9f672c2af 100644
--- a/.github/workflows/node.yml
+++ b/.github/workflows/node.yml
@@ -6,108 +6,27 @@
# SPDX-FileCopyrightText: 2021-2024 Nextcloud GmbH and Nextcloud contributors
# SPDX-License-Identifier: MIT
-name: Node
+# TODO: Remove this after a grace period of 6 months to give everyone the chance to switch to the new workflow name
+# TODO: To be removed end of 2026.
+name: No-op please switch to npm-build.yml
on: pull_request
permissions:
- contents: read
+ contents: none
concurrency:
group: node-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
jobs:
- changes:
- runs-on: ubuntu-latest-low
- permissions:
- contents: read
- pull-requests: read
-
- outputs:
- src: ${{ steps.changes.outputs.src}}
-
- steps:
- - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2
- id: changes
- continue-on-error: true
- with:
- filters: |
- src:
- - '.github/workflows/**'
- - 'src/**'
- - 'appinfo/info.xml'
- - 'package.json'
- - 'package-lock.json'
- - 'tsconfig.json'
- - '**.js'
- - '**.ts'
- - '**.vue'
-
- build:
- runs-on: ubuntu-latest
-
- needs: changes
- if: needs.changes.outputs.src != 'false'
-
- name: NPM build
- steps:
- - name: Checkout
- uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
- with:
- persist-credentials: false
-
- - name: Read package.json node and npm engines version
- uses: skjnldsv/read-package-engines-version-actions@06d6baf7d8f41934ab630e97d9e6c0bc9c9ac5e4 # v3
- id: versions
- with:
- fallbackNode: '^24'
- fallbackNpm: '^11.3'
-
- - name: Set up node ${{ steps.versions.outputs.nodeVersion }}
- uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0
- with:
- node-version: ${{ steps.versions.outputs.nodeVersion }}
-
- - name: Set up npm ${{ steps.versions.outputs.npmVersion }}
- run: npm i -g 'npm@${{ steps.versions.outputs.npmVersion }}'
-
- - name: Validate package-lock.json # See https://github.com/npm/cli/issues/4460
- run: |
- npm i -g npm-package-lock-add-resolved@1.1.4
- npm-package-lock-add-resolved
- git --no-pager diff --exit-code
-
- - name: Install dependencies & build
- env:
- CYPRESS_INSTALL_BINARY: 0
- PUPPETEER_SKIP_DOWNLOAD: true
- run: |
- npm ci
- npm run build --if-present
-
- - name: Check build changes
- run: |
- bash -c "[[ ! \"`git status --porcelain `\" ]] || (echo 'Please recompile and commit the assets, see the section \"Show changes on failure\" for details' && exit 1)"
-
- - name: Show changes on failure
- if: failure()
- run: |
- git status
- git --no-pager diff
- exit 1 # make it red to grab attention
-
summary:
- permissions:
- contents: none
runs-on: ubuntu-latest-low
- needs: [changes, build]
-
if: always()
# This is the summary, we just avoid to rename it so that branch protection rules still match
name: node
steps:
- - name: Summary status
- run: if ${{ needs.changes.outputs.src != 'false' && needs.build.result != 'success' }}; then exit 1; fi
+ - name: No-op please switch to npm-build.yml
+ run: echo "The workflow has been renamed, please switch to npm-build.yml from organization templates"; exit 1;
diff --git a/.github/workflows/phpunit-mysql.yml b/.github/workflows/phpunit-mysql.yml
index 08a95fabf..fe87c2bd3 100644
--- a/.github/workflows/phpunit-mysql.yml
+++ b/.github/workflows/phpunit-mysql.yml
@@ -24,13 +24,13 @@ jobs:
matrix: ${{ steps.versions.outputs.sparse-matrix }}
steps:
- name: Checkout app
- uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+ uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
- name: Get version matrix
id: versions
- uses: icewind1991/nextcloud-version-matrix@58becf3b4bb6dc6cef677b15e2fd8e7d48c0908f # v1.3.1
+ uses: icewind1991/nextcloud-version-matrix@8a7bac6300b2f0f3100088b297995a229558ddba # v1.3.2
with:
matrix: '{"mysql-versions": ["8.4"]}'
@@ -44,7 +44,7 @@ jobs:
src: ${{ steps.changes.outputs.src}}
steps:
- - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2
+ - uses: dorny/paths-filter@fbd0ab8f3e69293af611ebaee6363fc25e6d187d # v4.0.1
id: changes
continue-on-error: true
with:
@@ -89,7 +89,7 @@ jobs:
echo "APP_NAME=${GITHUB_REPOSITORY##*/}" >> $GITHUB_ENV
- name: Checkout server
- uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+ uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
submodules: true
@@ -97,13 +97,13 @@ jobs:
ref: ${{ matrix.server-versions }}
- name: Checkout app
- uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+ uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
path: apps/${{ env.APP_NAME }}
- name: Set up php ${{ matrix.php-versions }}
- uses: shivammathur/setup-php@bf6b4fbd49ca58e4608c9c89fba0b8d90bd2a39f # v2.35.5
+ uses: shivammathur/setup-php@7c071dfe9dc99bdf297fa79cb49ea005b9fcadbc # 2.37.1
with:
php-version: ${{ matrix.php-versions }}
# https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
@@ -122,7 +122,7 @@ jobs:
- name: Check composer file existence
id: check_composer
- uses: andstor/file-existence-action@076e0072799f4942c8bc574a82233e1e4d13e9d6 # v3.0.0
+ uses: andstor/file-existence-action@558493d6c74bf472d87c84eab196434afc2fa029 # v3.1.0
with:
files: apps/${{ env.APP_NAME }}/composer.json
diff --git a/.github/workflows/phpunit-oci.yml b/.github/workflows/phpunit-oci.yml
index 7e948c07e..7d7afeb35 100644
--- a/.github/workflows/phpunit-oci.yml
+++ b/.github/workflows/phpunit-oci.yml
@@ -25,13 +25,13 @@ jobs:
server-max: ${{ steps.versions.outputs.branches-max-list }}
steps:
- name: Checkout app
- uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+ uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
- name: Get version matrix
id: versions
- uses: icewind1991/nextcloud-version-matrix@58becf3b4bb6dc6cef677b15e2fd8e7d48c0908f # v1.3.1
+ uses: icewind1991/nextcloud-version-matrix@8a7bac6300b2f0f3100088b297995a229558ddba # v1.3.2
changes:
runs-on: ubuntu-latest-low
@@ -43,7 +43,7 @@ jobs:
src: ${{ steps.changes.outputs.src }}
steps:
- - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2
+ - uses: dorny/paths-filter@fbd0ab8f3e69293af611ebaee6363fc25e6d187d # v4.0.1
id: changes
continue-on-error: true
with:
@@ -70,7 +70,7 @@ jobs:
matrix:
php-versions: ${{ fromJson(needs.matrix.outputs.php-version) }}
server-versions: ${{ fromJson(needs.matrix.outputs.server-max) }}
- oci-versions: ['11', '18', '21', '23']
+ oci-versions: ['18', '21', '23']
name: OCI ${{ matrix.oci-versions }} PHP ${{ matrix.php-versions }} Nextcloud ${{ matrix.server-versions }}
@@ -101,7 +101,7 @@ jobs:
echo "APP_NAME=${GITHUB_REPOSITORY##*/}" >> $GITHUB_ENV
- name: Checkout server
- uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+ uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
submodules: true
@@ -109,13 +109,13 @@ jobs:
ref: ${{ matrix.server-versions }}
- name: Checkout app
- uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+ uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
path: apps/${{ env.APP_NAME }}
- name: Set up php ${{ matrix.php-versions }}
- uses: shivammathur/setup-php@bf6b4fbd49ca58e4608c9c89fba0b8d90bd2a39f # v2.35.5
+ uses: shivammathur/setup-php@7c071dfe9dc99bdf297fa79cb49ea005b9fcadbc # 2.37.1
with:
php-version: ${{ matrix.php-versions }}
# https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
@@ -129,7 +129,7 @@ jobs:
- name: Check composer file existence
id: check_composer
- uses: andstor/file-existence-action@076e0072799f4942c8bc574a82233e1e4d13e9d6 # v3.0.0
+ uses: andstor/file-existence-action@558493d6c74bf472d87c84eab196434afc2fa029 # v3.1.0
with:
files: apps/${{ env.APP_NAME }}/composer.json
diff --git a/.github/workflows/phpunit-pgsql.yml b/.github/workflows/phpunit-pgsql.yml
index 841ecee90..1923ad8e1 100644
--- a/.github/workflows/phpunit-pgsql.yml
+++ b/.github/workflows/phpunit-pgsql.yml
@@ -25,13 +25,13 @@ jobs:
server-max: ${{ steps.versions.outputs.branches-max-list }}
steps:
- name: Checkout app
- uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+ uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
- name: Get version matrix
id: versions
- uses: icewind1991/nextcloud-version-matrix@58becf3b4bb6dc6cef677b15e2fd8e7d48c0908f # v1.3.1
+ uses: icewind1991/nextcloud-version-matrix@8a7bac6300b2f0f3100088b297995a229558ddba # v1.3.2
changes:
runs-on: ubuntu-latest-low
@@ -43,7 +43,7 @@ jobs:
src: ${{ steps.changes.outputs.src }}
steps:
- - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2
+ - uses: dorny/paths-filter@fbd0ab8f3e69293af611ebaee6363fc25e6d187d # v4.0.1
id: changes
continue-on-error: true
with:
@@ -92,7 +92,7 @@ jobs:
echo "APP_NAME=${GITHUB_REPOSITORY##*/}" >> $GITHUB_ENV
- name: Checkout server
- uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+ uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
submodules: true
@@ -100,13 +100,13 @@ jobs:
ref: ${{ matrix.server-versions }}
- name: Checkout app
- uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+ uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
path: apps/${{ env.APP_NAME }}
- name: Set up php ${{ matrix.php-versions }}
- uses: shivammathur/setup-php@bf6b4fbd49ca58e4608c9c89fba0b8d90bd2a39f # v2.35.5
+ uses: shivammathur/setup-php@7c071dfe9dc99bdf297fa79cb49ea005b9fcadbc # 2.37.1
with:
php-version: ${{ matrix.php-versions }}
# https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
@@ -120,7 +120,7 @@ jobs:
- name: Check composer file existence
id: check_composer
- uses: andstor/file-existence-action@076e0072799f4942c8bc574a82233e1e4d13e9d6 # v3.0.0
+ uses: andstor/file-existence-action@558493d6c74bf472d87c84eab196434afc2fa029 # v3.1.0
with:
files: apps/${{ env.APP_NAME }}/composer.json
diff --git a/.github/workflows/phpunit-sqlite.yml b/.github/workflows/phpunit-sqlite.yml
index e50f8e87e..8be2c0c1c 100644
--- a/.github/workflows/phpunit-sqlite.yml
+++ b/.github/workflows/phpunit-sqlite.yml
@@ -25,13 +25,13 @@ jobs:
server-max: ${{ steps.versions.outputs.branches-max-list }}
steps:
- name: Checkout app
- uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+ uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
- name: Get version matrix
id: versions
- uses: icewind1991/nextcloud-version-matrix@58becf3b4bb6dc6cef677b15e2fd8e7d48c0908f # v1.3.1
+ uses: icewind1991/nextcloud-version-matrix@8a7bac6300b2f0f3100088b297995a229558ddba # v1.3.2
changes:
runs-on: ubuntu-latest-low
@@ -43,7 +43,7 @@ jobs:
src: ${{ steps.changes.outputs.src}}
steps:
- - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2
+ - uses: dorny/paths-filter@fbd0ab8f3e69293af611ebaee6363fc25e6d187d # v4.0.1
id: changes
continue-on-error: true
with:
@@ -81,7 +81,7 @@ jobs:
echo "APP_NAME=${GITHUB_REPOSITORY##*/}" >> $GITHUB_ENV
- name: Checkout server
- uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+ uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
submodules: true
@@ -89,13 +89,13 @@ jobs:
ref: ${{ matrix.server-versions }}
- name: Checkout app
- uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+ uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
path: apps/${{ env.APP_NAME }}
- name: Set up php ${{ matrix.php-versions }}
- uses: shivammathur/setup-php@bf6b4fbd49ca58e4608c9c89fba0b8d90bd2a39f # v2.35.5
+ uses: shivammathur/setup-php@7c071dfe9dc99bdf297fa79cb49ea005b9fcadbc # 2.37.1
with:
php-version: ${{ matrix.php-versions }}
# https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
@@ -109,7 +109,7 @@ jobs:
- name: Check composer file existence
id: check_composer
- uses: andstor/file-existence-action@076e0072799f4942c8bc574a82233e1e4d13e9d6 # v3.0.0
+ uses: andstor/file-existence-action@558493d6c74bf472d87c84eab196434afc2fa029 # v3.1.0
with:
files: apps/${{ env.APP_NAME }}/composer.json
diff --git a/.github/workflows/psalm.yml b/.github/workflows/psalm.yml
index 660d91ef8..ff2884e3b 100644
--- a/.github/workflows/psalm.yml
+++ b/.github/workflows/psalm.yml
@@ -24,19 +24,19 @@ jobs:
name: static-psalm-analysis
steps:
- name: Checkout
- uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+ uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
- name: Get php version
id: versions
- uses: icewind1991/nextcloud-version-matrix@58becf3b4bb6dc6cef677b15e2fd8e7d48c0908f # v1.3.1
+ uses: icewind1991/nextcloud-version-matrix@8a7bac6300b2f0f3100088b297995a229558ddba # v1.3.2
- name: Check enforcement of minimum PHP version ${{ steps.versions.outputs.php-min }} in psalm.xml
run: grep 'phpVersion="${{ steps.versions.outputs.php-min }}' psalm.xml
- name: Set up php${{ steps.versions.outputs.php-available }}
- uses: shivammathur/setup-php@bf6b4fbd49ca58e4608c9c89fba0b8d90bd2a39f # v2.35.5
+ uses: shivammathur/setup-php@7c071dfe9dc99bdf297fa79cb49ea005b9fcadbc # 2.37.1
with:
php-version: ${{ steps.versions.outputs.php-available }}
extensions: bz2, ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, session, simplexml, xmlreader, xmlwriter, zip, zlib, sqlite, pdo_sqlite
@@ -52,9 +52,6 @@ jobs:
composer remove nextcloud/ocp --dev --no-scripts
composer i
- - name: Check for vulnerable PHP dependencies
- run: composer require --dev roave/security-advisories:dev-latest
-
- name: Install nextcloud/ocp
run: composer require --dev nextcloud/ocp:dev-${{ steps.versions.outputs.branches-max }} --ignore-platform-reqs --with-dependencies
diff --git a/.github/workflows/reuse.yml b/.github/workflows/reuse.yml
index d65f3b0cb..3f485f875 100644
--- a/.github/workflows/reuse.yml
+++ b/.github/workflows/reuse.yml
@@ -19,7 +19,7 @@ jobs:
runs-on: ubuntu-latest-low
steps:
- name: Checkout
- uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+ uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
diff --git a/.github/workflows/update-nextcloud-ocp-approve-merge.yml b/.github/workflows/update-nextcloud-ocp-approve-merge.yml
index dfe0ef4e9..88c54da0a 100644
--- a/.github/workflows/update-nextcloud-ocp-approve-merge.yml
+++ b/.github/workflows/update-nextcloud-ocp-approve-merge.yml
@@ -27,7 +27,7 @@ jobs:
if: github.actor == 'nextcloud-command'
runs-on: ubuntu-latest-low
permissions:
- # for hmarr/auto-approve-action to approve PRs
+ # for auto-approve-action to approve PRs
pull-requests: write
# for alexwilson/enable-github-automerge-action to approve PRs
contents: write
@@ -44,15 +44,16 @@ jobs:
with:
repo-token: ${{ secrets.GITHUB_TOKEN }}
- # GitHub actions bot approve
- - uses: hmarr/auto-approve-action@b40d6c9ed2fa10c9a2749eca7eb004418a705501 # v2
+ - name: GitHub actions bot approve
if: startsWith(steps.branchname.outputs.branch, 'automated/noid/') && endsWith(steps.branchname.outputs.branch, 'update-nextcloud-ocp')
- with:
- github-token: ${{ secrets.GITHUB_TOKEN }}
+ run: gh pr review --approve "$PR_URL"
+ env:
+ PR_URL: ${{ github.event.pull_request.html_url }}
+ GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# Enable GitHub auto merge
- name: Auto merge
- uses: alexwilson/enable-github-automerge-action@56e3117d1ae1540309dc8f7a9f2825bc3c5f06ff # v2.0.0
+ uses: alexwilson/enable-github-automerge-action@2c32e18a76e0726ffe7a573bfff2d42a20885126 # 3.0.0
if: startsWith(steps.branchname.outputs.branch, 'automated/noid/') && endsWith(steps.branchname.outputs.branch, 'update-nextcloud-ocp')
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/update-nextcloud-ocp.yml b/.github/workflows/update-nextcloud-ocp.yml
index 47dc00992..ba9f3d70f 100644
--- a/.github/workflows/update-nextcloud-ocp.yml
+++ b/.github/workflows/update-nextcloud-ocp.yml
@@ -26,14 +26,15 @@ jobs:
matrix:
branches:
- ${{ github.event.repository.default_branch }}
+ - 'stable34'
+ - 'stable33'
- 'stable32'
- - 'stable31'
name: update-nextcloud-ocp-${{ matrix.branches }}
steps:
- id: checkout
- uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+ uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
ref: ${{ matrix.branches }}
@@ -42,7 +43,7 @@ jobs:
- name: Set up php8.2
if: steps.checkout.outcome == 'success'
- uses: shivammathur/setup-php@bf6b4fbd49ca58e4608c9c89fba0b8d90bd2a39f # v2.35.5
+ uses: shivammathur/setup-php@7c071dfe9dc99bdf297fa79cb49ea005b9fcadbc # 2.37.1
with:
php-version: 8.2
# https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
@@ -62,56 +63,42 @@ jobs:
if: steps.checkout.outcome == 'success'
run: composer install
- - name: Composer update nextcloud/ocp # zizmor: ignore[template-injection]
- id: update_branch
- if: ${{ steps.checkout.outcome == 'success' && matrix.branches != 'main' }}
- run: composer require --dev 'nextcloud/ocp:dev-${{ matrix.branches }}'
-
- - name: Raise on issue on failure
- uses: dacbd/create-issue-action@cdb57ab6ff8862aa09fee2be6ba77a59581921c2 # v2.0.0
- if: ${{ steps.checkout.outcome == 'success' && failure() && steps.update_branch.conclusion == 'failure' }}
+ - name: Check composer bin for nextcloud/ocp exists
+ id: check_composer_bin
+ uses: andstor/file-existence-action@558493d6c74bf472d87c84eab196434afc2fa029 # v3.1.0
with:
- token: ${{ secrets.GITHUB_TOKEN }}
- title: 'Failed to update nextcloud/ocp package on branch ${{ matrix.branches }}'
- body: 'Please check the output of the GitHub action and manually resolve the issues
${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
${{ steps.codeowners.outputs.codeowners }}'
+ files: vendor-bin/nextcloud-ocp/composer.json
- name: Composer update nextcloud/ocp
- id: update_main
- if: ${{ steps.checkout.outcome == 'success' && matrix.branches == 'main' }}
- run: composer require --dev nextcloud/ocp:dev-master
+ id: update_branch
+ env:
+ USE_COMPOSER_BIN: ${{ steps.check_composer_bin.outputs.files_exists }}
+ BRANCH_NAME: ${{ matrix.branches }}
+ run: |
+ COMPOSER_CMD='composer'
+ if [[ "$USE_COMPOSER_BIN" == 'true' ]]; then
+ COMPOSER_CMD='composer bin nextcloud-ocp'
+ fi
+
+ PACKAGE_VERSION="nextcloud/ocp:dev-$BRANCH_NAME"
+ if [[ "$BRANCH_NAME" == 'main' ]]; then
+ PACKAGE_VERSION='nextcloud/ocp:dev-master'
+ fi
+
+ echo $COMPOSER_CMD require --dev $PACKAGE_VERSION
+ $COMPOSER_CMD require --dev $PACKAGE_VERSION
- name: Raise on issue on failure
uses: dacbd/create-issue-action@cdb57ab6ff8862aa09fee2be6ba77a59581921c2 # v2.0.0
- if: ${{ steps.checkout.outcome == 'success' && failure() && steps.update_main.conclusion == 'failure' }}
+ if: ${{ steps.checkout.outcome == 'success' && failure() && steps.update_branch.conclusion == 'failure' }}
with:
token: ${{ secrets.GITHUB_TOKEN }}
title: 'Failed to update nextcloud/ocp package on branch ${{ matrix.branches }}'
body: 'Please check the output of the GitHub action and manually resolve the issues
${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
${{ steps.codeowners.outputs.codeowners }}'
- - name: Reset checkout 3rdparty
- if: steps.checkout.outcome == 'success'
- run: |
- git clean -f 3rdparty
- git checkout 3rdparty
- continue-on-error: true
-
- - name: Reset checkout vendor
- if: steps.checkout.outcome == 'success'
- run: |
- git clean -f vendor
- git checkout vendor
- continue-on-error: true
-
- - name: Reset checkout vendor-bin
- if: steps.checkout.outcome == 'success'
- run: |
- git clean -f vendor-bin
- git checkout vendor-bin
- continue-on-error: true
-
- name: Create Pull Request
if: steps.checkout.outcome == 'success'
- uses: peter-evans/create-pull-request@84ae59a2cdc2258d6fa0732dd66352dddae2a412 # v7.0.9
+ uses: peter-evans/create-pull-request@5f6978faf089d4d20b00c7766989d076bb2fc7f1 # v8.1.1
with:
token: ${{ secrets.COMMAND_BOT_PAT }}
commit-message: 'chore(dev-deps): Bump nextcloud/ocp package'
@@ -120,6 +107,11 @@ jobs:
signoff: true
branch: 'automated/noid/${{ matrix.branches }}-update-nextcloud-ocp'
title: '[${{ matrix.branches }}] Update nextcloud/ocp dependency'
+ add-path: |
+ composer.json
+ composer.lock
+ vendor-bin/nextcloud-ocp/composer.json
+ vendor-bin/nextcloud-ocp/composer.lock
body: |
Auto-generated update of [nextcloud/ocp](https://github.com/nextcloud-deps/ocp/) dependency
labels: |