Age | Commit message (Collapse) | Author | Files | Lines |
|
backport-action: 0.0.5 -> 0.0.8
|
|
|
|
|
|
|
|
nix-shell
nix_path was removed from the update scripts in 3e63fa279f035df1d3650aa392f3a55a374e4cb4
|
|
according to [GitHub documentation] some fields are required.
`about` is not listed, but it probably is required.
[GitHub documentation]: https://docs.github.com/en/communities/using-templates-to-encourage-useful-issues-and-pull-requests/syntax-for-issue-forms
|
|
this allows anyone to create labelled issues for easy filtering.
|
|
try nixpkgs-update with passthru.updateScript
|
|
the merge actions comment on pull requests, seems this was broken by 2c71278a2395d6d8c4e06d1ebe4de1ffdae727c7
also:
- fix permissions on new manual rendering action
- drop unnecessary issues permission from the terraform action
|
|
the check command didn't set NIX_PATH, so compare-manuals.sh (which is a nix-shell script) failed.
|
|
we want to make sure that rendering the manual from markdown without
going through docbook produces (semantically) the same output as with
going through docbook. to ensure this we'll build the manual twice, run
each manual through html-tidy to generate a normalized form and diff
the normalized forms. we don't want to compare raw output because that
exposes us to a lot of whitespace we'd have to reproduce exactly in the
MD render.
this check may be relaxed even further in the future, but hopefully not
by much.
|
|
the nixos manual should not use docbook for module option documentation,
only markdown, to make future transition to a markdown-only world easier
and less painful. this check will ensure that all options
documentation (even plain text that would not be interpreted specially
by neither markdown nor docbook) is declared as being markdown.
|
|
|
|
|
|
|
|
|
|
* terraform-full: remove
* .github/workflows/update-terraform-providers.yml: switch to terraform.full
|
|
|
|
|
|
codeowners: add fricklerhandwerk to documentation
|
|
Resolves github warning that the file contains errors: cbf736eb3906fd1d4c3efba40d3846140a616b9b
|
|
|
|
Signed-off-by: Varun Sharma <varunsh@stepsecurity.io>
|
|
|
|
|
|
Channel is EOL
|
|
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.
- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)
Signed-off-by: nathannaveen <42319948+nathannaveen@users.noreply.github.com>
|
|
|
|
|
|
.github/stale bot: stop commenting
|
|
CODEOWNERS: remove expipiplus1 from haskell
|
|
Hopefully temporarily, just too many notifications at the moment
|
|
|
|
See https://github.com/Gabriel439:
Hi, there! 👋🏼
I renamed my GitHub account from @Gabriel439 to @Gabriella439, so if you got here from an old profile link you can visit my new profile here:
@Gabriella439
I created this placeholder account so that:
… people who visit old links to my profile can find my new profile
… other people cannot impersonate my old handle
… GitHub continues to redirect old links to my repositories indefinitely
|
|
|
|
Niklas Hambüchen noted in
https://github.com/NixOS/rfcs/pull/124#issuecomment-1113647856
that we can add a label description for the stale label that appears
when you hover over the label, or look on
https://github.com/NixOS/nixpkgs/labels
I set the description to be
> https://github.com/NixOS/nixpkgs/blob/master/.github/STALE-BOT.md
which is our page explaining the stale bot.
The stale bot comments/emails are a significant burden on our most
prodigious contributors, and the reason for their existence to orient
new contributors.
Since our stale bot's configuration is benign enough to ignore (it
does not close), I believe it is good enough to satisfy the new
contributor orientation with the label description.
Therefore, this commit disables commenting when labeling an issue or
PR stale.
|
|
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 3 to 4.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](https://github.com/peter-evans/create-pull-request/compare/v3...v4)
|
|
- simplify comment
- move `ofborg` command into block for clickable copying
|
|
|
|
With the re-implementation in Python merged[1], it no longer makes sense
for me to track issues and pull requests. I did this originally because
people were forgetting (rightfully so) to run tests against all that
proprietary stuff we have in nixpkgs that is using autoPatchelfHook.
We still can't test these automatically but with me no longer being the
author of the code, I hereby drop my entry in CODEOWNERS and instead
replace it with layus, who's the author of the rewrite.
[1]: https://github.com/NixOS/nixpkgs/pull/149731
Signed-off-by: aszlig <aszlig@nix.build>
|
|
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 16 to 17.
- [Release notes](https://github.com/cachix/install-nix-action/releases)
- [Commits](https://github.com/cachix/install-nix-action/compare/v16...v17)
---
updated-dependencies:
- dependency-name: cachix/install-nix-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
|
|
|
|
.github/workflows/basic-eval.yml: only run if manually triggered
|
|
ofborg should have obsoleted this with https://github.com/NixOS/ofborg/pull/588#issuecomment-1078451552
https://github.com/NixOS/nixpkgs/pull/166599#issuecomment-1085069938
this is still useful to have around for act usage
|
|
these didn't work anyway and now github warns if they don't have commit access
|
|
|
|
Bumps [peter-evans/commit-comment](https://github.com/peter-evans/commit-comment) from 1 to 2.
- [Release notes](https://github.com/peter-evans/commit-comment/releases)
- [Commits](https://github.com/peter-evans/commit-comment/compare/v1...v2)
---
updated-dependencies:
- dependency-name: peter-evans/commit-comment
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
|
|
Bumps [peter-evans/create-or-update-comment](https://github.com/peter-evans/create-or-update-comment) from 1 to 2.
- [Release notes](https://github.com/peter-evans/create-or-update-comment/releases)
- [Commits](https://github.com/peter-evans/create-or-update-comment/compare/v1...v2)
---
updated-dependencies:
- dependency-name: peter-evans/create-or-update-comment
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
|
|
CODEOWNERS: add @NixOS/systemd for systemd files
|
|
|