Gabriela Gutierrez
|
147902f4cb
|
Ref actions by commit SHA in test.yml
It's important to make sure the SHA's are from the original repositories and not forks.
For reference:
https://github.com/actions/setup-go/releases/tag/v4.0.1
fac708d667
https://github.com/actions/checkout/releases/tag/v3.5.2
8e5e7e5ab8
https://github.com/actions/cache/releases/tag/v3.3.1
88522ab9f3
Signed-off-by: Gabriela Gutierrez <gabigutierrez@google.com>
|
2 years ago |
|
Gabriela Gutierrez
|
404301103d
|
Ref actions by commit SHA in shellcheck.yml
It's important to make sure the SHA's are from the original repositories and not forks.
For reference:
https://github.com/actions/checkout/releases/tag/v3.5.2
8e5e7e5ab8
https://github.com/ludeeus/action-shellcheck/releases/tag/2.0.0
00cae500b0
Signed-off-by: Gabriela Gutierrez <gabigutierrez@google.com>
|
2 years ago |
|
Gabriela Gutierrez
|
346f7bc0fd
|
Ref actions by commit SHA in sbom_generator.yml
It's important to make sure the SHA's are from the original repositories and not forks.
For reference:
https://github.com/actions/checkout/releases/tag/v3.5.2
8e5e7e5ab8
https://github.com/advanced-security/sbom-generator-action/releases/tag/v0.0.1
375dee8e61
https://github.com/actions/upload-artifact/releases/tag/v3.1.2
0b7f8abb15
Signed-off-by: Gabriela Gutierrez <gabigutierrez@google.com>
|
2 years ago |
|
Gabriela Gutierrez
|
f6afa2b95f
|
Ref actions by commit SHA in release.yml
It's important to make sure the SHA's are from the original repositories and not forks.
For reference:
https://github.com/actions/checkout/releases/tag/v3.5.2
8e5e7e5ab8
Signed-off-by: Gabriela Gutierrez <gabigutierrez@google.com>
|
2 years ago |
|
Gabriela Gutierrez
|
0f90ed4833
|
Ref actions by commit SHA in lint.yml
It's important to make sure the SHA's are from the original repositories and not forks.
For reference:
https://github.com/actions/setup-go/releases/tag/v4.0.1
fac708d667
https://github.com/actions/checkout/releases/tag/v3.5.2
8e5e7e5ab8
https://github.com/golangci/golangci-lint-action/releases/tag/v3.5.0
5f1fec7010
Signed-off-by: Gabriela Gutierrez <gabigutierrez@google.com>
|
2 years ago |
|
Gabriela Gutierrez
|
2d8c888a00
|
Ref actions by commit SHA in labeler.yml
It's important to make sure the SHA's are from the original repositories and not forks.
For reference:
https://github.com/actions/labeler/releases/tag/v4.1.0
9fcb2c2f55
Signed-off-by: Gabriela Gutierrez <gabigutierrez@google.com>
|
2 years ago |
|
Gabriela Gutierrez
|
7865eebd82
|
Ref actions by commit SHA in build_test.yml
It's important to make sure the SHA's are from the original repositories and not forks.
For reference:
https://github.com/actions/setup-go/releases/tag/v4.0.1
fac708d667
https://github.com/actions/checkout/releases/tag/v3.5.2
8e5e7e5ab8
https://github.com/actions/cache/releases/tag/v3.3.1
88522ab9f3
Signed-off-by: Gabriela Gutierrez <gabigutierrez@google.com>
|
2 years ago |
|
Gabriela Gutierrez
|
2d2db8fee9
|
Create SECURITY.md
Signed-off-by: Gabriela Gutierrez <gabigutierrez@google.com>
|
2 years ago |
dependabot[bot]
|
d6ee47e5dc
|
chore(deps): bump actions/upload-artifact from 3.1.0 to 3.1.2
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3.1.0 to 3.1.2.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v3.1.0...v3.1.2)
---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2 years ago |
shirou
|
755bcab7b9
|
Update branch of sbom_generator.yml
|
2 years ago |
|
shirou
|
90f9165482
|
Merge branch 'master' of github.com:shirou/gopsutil into feature/add_sbom_github_actions
|
2 years ago |
|
shirou
|
68a3b4210c
|
fix: remove ubuntu-18.04, add macos-12, windows-2022
ubuntu-18.04 has been deprecated:
https://docs.github.com/en/actions/using-github-hosted-runners/about-github-hosted-runners#supported-runners-and-hardware-resources
|
2 years ago |
|
shirou
|
d7f65a84ca
|
Add github SBOM Generator
See this GitHub blog post
https://github.blog/2023-03-28-introducing-self-service-sboms/
|
2 years ago |
|
dependabot[bot]
|
0f0223064d
|
chore(deps): bump actions/setup-go from 3 to 4
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 3 to 4.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](https://github.com/actions/setup-go/compare/v3...v4)
---
updated-dependencies:
- dependency-name: actions/setup-go
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2 years ago |
|
dependabot[bot]
|
3ece2bff78
|
chore(deps): bump actions/checkout from 2 to 3
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2...v3)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
|
3 years ago |
Lomanic
|
2553c620ed
|
[ci] Remove deprecated macos-10.15 virtual environment in tests
Ref https://github.com/actions/virtual-environments/issues/5583
|
3 years ago |
|
shirou
|
37a0bf3fa1
|
feat: add github release.yml
|
3 years ago |
|
shirou
|
4f1f5b314d
|
fix(actions): add write permission to release action
|
3 years ago |
|
shirou
|
a91ea95c78
|
feat(actions): go-version will be latest two version automatically on CI
|
3 years ago |
nathannaveen
|
3a2c8dd4f8
|
chore: Set permissions for GitHub actions
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.
- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)
Signed-off-by: nathannaveen <42319948+nathannaveen@users.noreply.github.com>
|
3 years ago |
|
shirou
|
ea6bed829b
|
add a GitHub action to auto release
|
3 years ago |
|
dependabot[bot]
|
b5592414b5
|
Bump actions/setup-go from 2 to 3
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 2 to 3.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](https://github.com/actions/setup-go/compare/v2...v3)
---
updated-dependencies:
- dependency-name: actions/setup-go
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
|
3 years ago |
|
dependabot[bot]
|
b68e0acc74
|
Bump actions/cache from 2 to 3
Bumps [actions/cache](https://github.com/actions/cache) from 2 to 3.
- [Release notes](https://github.com/actions/cache/releases)
- [Commits](https://github.com/actions/cache/compare/v2...v3)
---
updated-dependencies:
- dependency-name: actions/cache
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
|
3 years ago |
|
shirou
|
8717edb669
|
remove Windows 2016 from tests.
see https://github.com/actions/virtual-environments/issues/5238
|
3 years ago |
|
Lomanic
|
c0f6ce3804
|
Merge pull request #1264 from shirou/dependabot/github_actions/actions/labeler-4
Bump actions/labeler from 3.0.2 to 4
|
3 years ago |
|
dependabot[bot]
|
ff016751b6
|
Bump actions/labeler from 3.0.2 to 4
Bumps [actions/labeler](https://github.com/actions/labeler) from 3.0.2 to 4.
- [Release notes](https://github.com/actions/labeler/releases)
- [Commits](https://github.com/actions/labeler/compare/v3.0.2...v4)
---
updated-dependencies:
- dependency-name: actions/labeler
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
|
3 years ago |
|
dependabot[bot]
|
aa9aca7d12
|
Bump actions/checkout from 2 to 3
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2...v3)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
|
3 years ago |
|
dependabot[bot]
|
a22a057761
|
Bump golangci/golangci-lint-action from 2 to 3
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) from 2 to 3.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases)
- [Commits](https://github.com/golangci/golangci-lint-action/compare/v2...v3)
---
updated-dependencies:
- dependency-name: golangci/golangci-lint-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
|
3 years ago |
|
shirou
|
59e366d674
|
remove codecov
|
3 years ago |
Matthieu MOREL
|
fe2fab4938
|
Update test.yml
|
3 years ago |
|
Matthieu MOREL
|
2252055b93
|
enable codecoverage
|
3 years ago |
|
Matthieu MOREL
|
f8c685e717
|
enable caching in workflows
|
3 years ago |
|
Matthieu MOREL
|
08a73c90a6
|
Delete run-commit.yml
|
3 years ago |
|
Matthieu MOREL
|
5eac39f418
|
Update run-commit.yml
|
3 years ago |
|
Matthieu MOREL
|
3664dbb362
|
Update run-commit.yml
|
3 years ago |
|
Matthieu MOREL
|
04c870cb3d
|
Update run-commit.yml
|
3 years ago |
|
Matthieu MOREL
|
fbdbfec158
|
Update run-commit.yml
|
3 years ago |
|
Matthieu MOREL
|
a2420eab64
|
Create run-commit.yml
|
3 years ago |
|
shirou
|
d2e27c1712
|
fix dependabot v2 deletion.
|
3 years ago |
|
shirou
|
0969c9436b
|
delete v2 directory, move v3 to top #1078
|
3 years ago |
|
Matthieu MOREL
|
15ce718263
|
Update lint.yml
|
3 years ago |
|
Matthieu MOREL
|
ae6d769a24
|
setup golangci-lint
|
3 years ago |
|
shirou
|
4db4dc09a0
|
[v3] fix Signal import on dragonfly OS in fallback
|
3 years ago |
|
shirou
|
ed7efd5d01
|
fix path on build_test
|
3 years ago |
|
shirou
|
a4ec7a2e77
|
fix build_test workflow
|
3 years ago |
|
shirou
|
63210193c2
|
add build_test to github action
|
3 years ago |
|
shirou
|
bf37f4d1ec
|
Update github action virtual environments and golang version
Golang: 15,16 -> 16, 17
Ubuntu: 1604, 1804 -> 1804, 2004
Mac: 10.14, 11.0 -> 10.15, 11
|
4 years ago |
|
shirou
|
ff3e668a6d
|
Create FUNDING.yml
|
4 years ago |
|
shirou
|
1273f2cffb
|
change test support version to 1.15 and 1.16.
|
4 years ago |
|
dependabot[bot]
|
0f84c89cb4
|
Bump actions/labeler from 2 to 3.0.2
Bumps [actions/labeler](https://github.com/actions/labeler) from 2 to 3.0.2.
- [Release notes](https://github.com/actions/labeler/releases)
- [Commits](https://github.com/actions/labeler/compare/v2...v3.0.2)
---
updated-dependencies:
- dependency-name: actions/labeler
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
|
4 years ago |