You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@nuttx.apache.org by pk...@apache.org on 2022/06/21 13:44:04 UTC
[incubator-nuttx-apps] branch master updated (fe109998c -> 2f173e9f4)
This is an automated email from the ASF dual-hosted git repository.
pkarashchenko pushed a change to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-nuttx-apps.git
from fe109998c webclient_get_tunnel: A comment about how to dispose the returned "conn"
new 5787c2615 Add black linter for python
new 72ead93de ci: lint only changed files
new 72cb2c237 Lint Python code with flake8 and isort
new 83ea328ef chore: Set permissions for GitHub actions
new 2f173e9f4 chore: Included githubactions in the dependabot config
The 5 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
.github/dependabot.yml | 6 ++++++
.github/linters/setup.cfg | 9 +++++++++
.github/workflows/build.yml | 2 ++
.github/workflows/check.yml | 3 +++
.github/workflows/lint.yml | 25 ++++++++++++++++++++-----
5 files changed, 40 insertions(+), 5 deletions(-)
create mode 100644 .github/dependabot.yml
create mode 100644 .github/linters/setup.cfg
[incubator-nuttx-apps] 02/05: ci: lint only changed files
Posted by pk...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
pkarashchenko pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-nuttx-apps.git
commit 72ead93dee3555da0d8c7da1d3985e17a0f3243c
Author: Brennan Ashton <ba...@brennanashton.com>
AuthorDate: Mon Apr 5 21:41:14 2021 -0700
ci: lint only changed files
---
.github/workflows/lint.yml | 3 +++
1 file changed, 3 insertions(+)
diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
index 4adc31409..cf9c111fe 100644
--- a/.github/workflows/lint.yml
+++ b/.github/workflows/lint.yml
@@ -12,8 +12,11 @@ jobs:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
+ with:
+ fetch-depth: 0
- name: YAML Lint
uses: github/super-linter@v4
env:
+ VALIDATE_ALL_CODEBASE: false
VALIDATE_YAML: true
VALIDATE_PYTHON_BLACK: true
[incubator-nuttx-apps] 05/05: chore: Included githubactions in the dependabot config
Posted by pk...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
pkarashchenko pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-nuttx-apps.git
commit 2f173e9f48afe72e58d1f08a2bf90045cf9ec274
Author: naveen <17...@users.noreply.github.com>
AuthorDate: Sun Jun 19 01:30:08 2022 +0000
chore: Included githubactions in the dependabot config
This should help with keeping the GitHub actions updated on new releases. This will also help with keeping it secure.
Dependabot helps in keeping the supply chain secure https://docs.github.com/en/code-security/dependabot
GitHub actions up to date https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot
https://github.com/ossf/scorecard/blob/main/docs/checks.md#dependency-update-tool
Signed-off-by: naveen <17...@users.noreply.github.com>
---
.github/dependabot.yml | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 000000000..5ace4600a
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,6 @@
+version: 2
+updates:
+ - package-ecosystem: "github-actions"
+ directory: "/"
+ schedule:
+ interval: "weekly"
[incubator-nuttx-apps] 03/05: Lint Python code with flake8 and isort
Posted by pk...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
pkarashchenko pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-nuttx-apps.git
commit 72cb2c237b318b06ca49535696c672133027066d
Author: Christian Clauss <cc...@me.com>
AuthorDate: Fri Apr 9 18:35:47 2021 +0200
Lint Python code with flake8 and isort
---
.github/linters/setup.cfg | 9 +++++++++
.github/workflows/lint.yml | 10 ++++++++--
2 files changed, 17 insertions(+), 2 deletions(-)
diff --git a/.github/linters/setup.cfg b/.github/linters/setup.cfg
new file mode 100644
index 000000000..9c18e21fe
--- /dev/null
+++ b/.github/linters/setup.cfg
@@ -0,0 +1,9 @@
+[flake8]
+ignore = W503,W605
+max-complexity = 27
+max-line-length = 125
+show-source = True
+statistics = True
+
+[isort]
+profile = black
diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
index cf9c111fe..df35b1b7f 100644
--- a/.github/workflows/lint.yml
+++ b/.github/workflows/lint.yml
@@ -14,9 +14,15 @@ jobs:
- uses: actions/checkout@v2
with:
fetch-depth: 0
- - name: YAML Lint
+ - run: mkdir super-linter.report
+ - name: Lint
uses: github/super-linter@v4
env:
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
VALIDATE_ALL_CODEBASE: false
- VALIDATE_YAML: true
VALIDATE_PYTHON_BLACK: true
+ VALIDATE_PYTHON_FLAKE8: true
+ PYTHON_FLAKE8_CONFIG_FILE: setup.cfg
+ VALIDATE_PYTHON_ISORT: true
+ PYTHON_ISORT_CONFIG_FILE: setup.cfg
+ VALIDATE_YAML: true
[incubator-nuttx-apps] 04/05: chore: Set permissions for GitHub actions
Posted by pk...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
pkarashchenko pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-nuttx-apps.git
commit 83ea328ef540f66fbe87a1989a95499ea906b362
Author: naveen <17...@users.noreply.github.com>
AuthorDate: Fri Jun 17 00:32:28 2022 +0000
chore: Set permissions for GitHub actions
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.
- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)
Signed-off-by: naveen <17...@users.noreply.github.com>
---
.github/workflows/build.yml | 2 ++
.github/workflows/check.yml | 3 +++
.github/workflows/lint.yml | 6 ++++++
3 files changed, 11 insertions(+)
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 7775dcbf9..767afe28b 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -155,6 +155,8 @@ jobs:
continue-on-error: true
macOS:
+ permissions:
+ contents: none
runs-on: macos-10.15
needs: Fetch-Source
strategy:
diff --git a/.github/workflows/check.yml b/.github/workflows/check.yml
index ccca43d27..da7ca7dd9 100644
--- a/.github/workflows/check.yml
+++ b/.github/workflows/check.yml
@@ -19,6 +19,9 @@ concurrency:
group: check-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: true
+permissions:
+ contents: read
+
jobs:
check:
runs-on: ubuntu-18.04
diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
index df35b1b7f..58c6007d2 100644
--- a/.github/workflows/lint.yml
+++ b/.github/workflows/lint.yml
@@ -6,8 +6,14 @@ concurrency:
group: lint-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: true
+permissions:
+ contents: read
+
jobs:
lint:
+ permissions:
+ contents: read # for actions/checkout to fetch code
+ statuses: write # for github/super-linter to mark status of each linter run
name: Lint
runs-on: ubuntu-latest
steps:
[incubator-nuttx-apps] 01/05: Add black linter for python
Posted by pk...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
pkarashchenko pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-nuttx-apps.git
commit 5787c26159046454bed284010e55bcdc6bb74dab
Author: Brennan Ashton <ba...@brennanashton.com>
AuthorDate: Sun Apr 4 17:13:32 2021 -0700
Add black linter for python
---
.github/workflows/lint.yml | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
index 94256ee1a..4adc31409 100644
--- a/.github/workflows/lint.yml
+++ b/.github/workflows/lint.yml
@@ -1,4 +1,4 @@
-name: ❄️ Lint
+name: Lint
on: [pull_request]
@@ -7,13 +7,13 @@ concurrency:
cancel-in-progress: true
jobs:
- yamllint:
- name: 🍺 YAML
+ lint:
+ name: Lint
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- - name: 🧹 YAML Lint
+ - name: YAML Lint
uses: github/super-linter@v4
env:
VALIDATE_YAML: true
- FILTER_REGEX_INCLUDE: .*\.github/.*
+ VALIDATE_PYTHON_BLACK: true