diff options
| author | Harald Eilertsen <haraldei@anduin.net> | 2024-11-07 19:23:35 +0100 |
|---|---|---|
| committer | Harald Eilertsen <haraldei@anduin.net> | 2024-11-08 16:43:29 +0100 |
| commit | fe30b5497593dcfb4445d72c99fa357011cebf46 (patch) | |
| tree | 6d4d89fed5dcd52e26dd1e07e7cae04206c737d4 /vendor/maennchen/zipstream-php/.github/workflows | |
| parent | b00ae997a5dab923a99e1f1cccf35bb52eba9a62 (diff) | |
| download | volse-hubzilla-fe30b5497593dcfb4445d72c99fa357011cebf46.tar.gz volse-hubzilla-fe30b5497593dcfb4445d72c99fa357011cebf46.tar.bz2 volse-hubzilla-fe30b5497593dcfb4445d72c99fa357011cebf46.zip | |
Update php-epub-meta and use composer for dep handling.
Note that we upgrade to the 2.x branch of the dependency, as the 3.x
branch requires PHP version 8.2 or later. There's no reason for us to
move our minimum supported version of PHP just yet.
Diffstat (limited to 'vendor/maennchen/zipstream-php/.github/workflows')
9 files changed, 594 insertions, 0 deletions
diff --git a/vendor/maennchen/zipstream-php/.github/workflows/branch_main.yml b/vendor/maennchen/zipstream-php/.github/workflows/branch_main.yml new file mode 100644 index 000000000..15ff2782c --- /dev/null +++ b/vendor/maennchen/zipstream-php/.github/workflows/branch_main.yml @@ -0,0 +1,24 @@ +on: + push: + branches: + - "main" + +name: "Main Branch" + +permissions: + contents: read + +jobs: + test: + name: "Test" + + permissions: + contents: read + security-events: write + + uses: ./.github/workflows/part_test.yml + + docs: + name: "Docs" + + uses: ./.github/workflows/part_docs.yml diff --git a/vendor/maennchen/zipstream-php/.github/workflows/part_dependabot.yml b/vendor/maennchen/zipstream-php/.github/workflows/part_dependabot.yml new file mode 100644 index 000000000..77e466b81 --- /dev/null +++ b/vendor/maennchen/zipstream-php/.github/workflows/part_dependabot.yml @@ -0,0 +1,30 @@ +on: + workflow_call: {} + +name: "Dependabot" + +permissions: + contents: read + +jobs: + automerge_dependabot: + name: "Automerge PRs" + + runs-on: ubuntu-latest + + permissions: + pull-requests: write + contents: write + + steps: + - name: Harden Runner + uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 + with: + egress-policy: audit + + - uses: fastify/github-action-merge-dependabot@3892334d1c649bb8119af3d22a3f3766bd5e593f # v3.10.2 + with: + github-token: ${{ github.token }} + use-github-auto-merge: true + # Major Updates need to be merged manually + target: minor diff --git a/vendor/maennchen/zipstream-php/.github/workflows/part_docs.yml b/vendor/maennchen/zipstream-php/.github/workflows/part_docs.yml new file mode 100644 index 000000000..7af16f3be --- /dev/null +++ b/vendor/maennchen/zipstream-php/.github/workflows/part_docs.yml @@ -0,0 +1,51 @@ +on: + workflow_call: {} + +name: "Documentation" + +permissions: + contents: read + +jobs: + generate: + name: "Generate" + + runs-on: ubuntu-latest + + steps: + - name: Harden Runner + uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 + with: + egress-policy: audit + + - name: Checkout Code + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + - name: SetUp PHP + id: setup-php + uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 # v2 + with: + php-version: "8.3" + tools: phive + - name: Cache Tools + uses: actions/cache@3624ceb22c1c5a301c8db4169662070a689d9ea8 # v4.1.1 + id: cache + with: + path: ~/.phive + key: tools-${{ runner.os }}-${{ steps.setup-php.outputs.php-version }}-${{ hashFiles('**/phars.xml') }} + restore-keys: | + tools-${{ runner.os }}-${{ steps.setup-php.outputs.php-version }}- + tools-${{ steps.setup-php.outputs.php-version }}- + tools- + - name: Install Tools + run: composer run install:tools + - name: Generate Docs + run: composer run docs:generate + - uses: actions/upload-artifact@604373da6381bf24206979c74d06a550515601b9 # v4.4.1 + with: + name: docs + path: docs + - name: Package for GitHub Pages + uses: actions/upload-pages-artifact@56afc609e74202658d3ffba0e8f6dda462b719fa # v3.0.1 + with: + path: docs + diff --git a/vendor/maennchen/zipstream-php/.github/workflows/part_release.yml b/vendor/maennchen/zipstream-php/.github/workflows/part_release.yml new file mode 100644 index 000000000..c0f3867df --- /dev/null +++ b/vendor/maennchen/zipstream-php/.github/workflows/part_release.yml @@ -0,0 +1,94 @@ +on: + workflow_call: + inputs: + releaseName: + required: true + type: string + stable: + required: false + type: boolean + default: false + +name: "Release" + +permissions: + contents: read + +jobs: + create: + name: Create Release + + runs-on: ubuntu-latest + + permissions: + contents: write + + steps: + - name: Harden Runner + uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 + with: + egress-policy: audit + + - name: Create prerelease + if: ${{ !inputs.stable }} + env: + GITHUB_TOKEN: ${{ github.token }} + run: | + gh release create \ + --repo ${{ github.repository }} \ + --title ${{ inputs.releaseName }} \ + --prerelease \ + --generate-notes \ + ${{ inputs.releaseName }} + + - name: Create release + if: ${{ inputs.stable }} + env: + GITHUB_TOKEN: ${{ github.token }} + run: | + gh release create \ + --repo ${{ github.repository }} \ + --title ${{ inputs.releaseName }} \ + --generate-notes \ + ${{ inputs.releaseName }} + + upload_release: + name: "Upload" + + needs: ["create"] + + runs-on: ubuntu-latest + + permissions: + id-token: write + contents: write + attestations: write + + steps: + - name: Harden Runner + uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 + with: + egress-policy: audit + + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 + with: + name: docs + path: docs + - run: | + tar -czvf docs.tar.gz docs + - name: "Attest Documentation" + id: attestation + uses: actions/attest-build-provenance@1c608d11d69870c2092266b3f9a6f3abbf17002c # v1.4.3 + with: + subject-path: "docs.tar.gz" + - name: Copy Attestation + run: cp "$ATTESTATION" docs.tar.gz.sigstore + env: + ATTESTATION: "${{ steps.attestation.outputs.bundle-path }}" + - name: Upload + env: + GITHUB_TOKEN: ${{ github.token }} + run: | + gh release upload --clobber "${{ github.ref_name }}" \ + docs.tar.gz docs.tar.gz.sigstore diff --git a/vendor/maennchen/zipstream-php/.github/workflows/part_test.yml b/vendor/maennchen/zipstream-php/.github/workflows/part_test.yml new file mode 100644 index 000000000..ccf4d660e --- /dev/null +++ b/vendor/maennchen/zipstream-php/.github/workflows/part_test.yml @@ -0,0 +1,183 @@ +on: + workflow_call: + +name: "Test" + +permissions: + contents: read + +jobs: + phpunit: + name: PHPUnit (PHP ${{ matrix.php }} on ${{ matrix.os }}) + + runs-on: ${{ matrix.os }} + + continue-on-error: ${{ matrix.experimental }} + + strategy: + fail-fast: false + matrix: + php: ["8.1", "8.2", "8.3"] + os: [ubuntu-latest] + experimental: [false] + include: + - php: nightly + os: ubuntu-latest + experimental: true + - php: "8.3" + os: windows-latest + experimental: false + - php: "8.3" + os: macos-latest + experimental: false + + steps: + - name: Harden Runner + uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 + with: + egress-policy: audit + + - name: Checkout Code + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + - name: SetUp PHP + id: setup-php + uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 # v2 + with: + php-version: "${{ matrix.php }}" + tools: phpunit + coverage: xdebug + extensions: xdebug,zip + - name: Get composer cache directory + id: composer-cache-common + if: "${{ runner.os != 'Windows' }}" + run: echo "dir=$(composer config cache-files-dir)" >> $GITHUB_OUTPUT + - name: Get composer cache directory + id: composer-cache-windows + if: "${{ runner.os == 'Windows' }}" + run: echo "dir=$(composer config cache-files-dir)" >> $env:GITHUB_OUTPUT + - name: Cache Deps + uses: actions/cache@3624ceb22c1c5a301c8db4169662070a689d9ea8 # v4.1.1 + id: cache + with: + path: ${{ steps.composer-cache-common.outputs.dir }}${{ steps.composer-cache-windows.outputs.dir }} + key: deps-${{ runner.os }}-${{ steps.setup-php.outputs.php-version }}-composer-${{ hashFiles('**/composer.lock') }} + restore-keys: | + deps-${{ runner.os }}-${{ steps.setup-php.outputs.php-version }}-composer- + deps-${{ runner.os }}-${{ steps.setup-php.outputs.php-version }}- + deps-${{ steps.setup-php.outputs.php-version }}- + deps- + - name: Install Deps + if: matrix.php != 'nightly' + run: composer install --prefer-dist + - name: Install Deps (ignore PHP requirement) + if: matrix.php == 'nightly' + run: composer install --prefer-dist --ignore-platform-req=php+ + - name: Run PHPUnit + run: composer run test:unit + env: + XDEBUG_MODE: coverage + - name: Upload coverage results to Coveralls + env: + COVERALLS_REPO_TOKEN: ${{ secrets.GITHUB_TOKEN }} + COVERALLS_PARALLEL: true + COVERALLS_FLAG_NAME: ${{ runner.os }}-${{ steps.setup-php.outputs.php-version }} + run: composer run coverage:report + continue-on-error: ${{ matrix.experimental }} + + mark_coverage_done: + needs: ["phpunit"] + + runs-on: ubuntu-latest + + steps: + - name: Harden Runner + uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 + with: + egress-policy: audit + + - name: Coveralls Finished + uses: coverallsapp/github-action@643bc377ffa44ace6394b2b5d0d3950076de9f63 # v2.3.0 + with: + github-token: ${{ secrets.github_token }} + parallel-finished: true + + psalm: + name: Run Psalm + + runs-on: "ubuntu-latest" + + permissions: + security-events: write + + steps: + - name: Harden Runner + uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 + with: + egress-policy: audit + + - name: Checkout Code + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + - name: SetUp PHP + id: setup-php + uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 # v2 + with: + php-version: "8.3" + - name: Get composer cache directory + id: composer-cache + run: echo "dir=$(composer config cache-files-dir)" >> $GITHUB_OUTPUT + - name: Cache Deps + uses: actions/cache@3624ceb22c1c5a301c8db4169662070a689d9ea8 # v4.1.1 + id: cache + with: + path: ${{ steps.composer-cache.outputs.dir }} + key: deps-${{ runner.os }}-${{ steps.setup-php.outputs.php-version }}-composer-${{ hashFiles('**/composer.lock') }} + restore-keys: | + deps-${{ runner.os }}-${{ steps.setup-php.outputs.php-version }}-composer- + deps-${{ runner.os }}-${{ steps.setup-php.outputs.php-version }}- + deps-${{ steps.setup-php.outputs.php-version }}- + deps- + - name: Install Deps + run: composer install --prefer-dist + - name: Run Psalm + run: composer run test:lint -- --report=results.sarif + - name: "Upload SARIF" + uses: github/codeql-action/upload-sarif@c36620d31ac7c881962c3d9dd939c40ec9434f2b # v3 + with: + sarif_file: results.sarif + + php-cs: + name: Run PHP-CS + + runs-on: "ubuntu-latest" + + steps: + - name: Harden Runner + uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 + with: + egress-policy: audit + + - name: Checkout Code + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + - name: SetUp PHP + id: setup-php + uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 # v2 + with: + php-version: "8.3" + - name: Get composer cache directory + id: composer-cache + run: echo "dir=$(composer config cache-files-dir)" >> $GITHUB_OUTPUT + - name: Cache Deps + uses: actions/cache@3624ceb22c1c5a301c8db4169662070a689d9ea8 # v4.1.1 + id: cache + with: + path: ${{ steps.composer-cache.outputs.dir }} + key: deps-${{ runner.os }}-${{ steps.setup-php.outputs.php-version }}-composer-${{ hashFiles('**/composer.lock') }} + restore-keys: | + deps-${{ runner.os }}-${{ steps.setup-php.outputs.php-version }}-composer- + deps-${{ runner.os }}-${{ steps.setup-php.outputs.php-version }}- + deps-${{ steps.setup-php.outputs.php-version }}- + deps- + - name: Install Deps + run: composer install --prefer-dist + - name: Run PHP-CS + run: composer run test:formatted diff --git a/vendor/maennchen/zipstream-php/.github/workflows/pr.yml b/vendor/maennchen/zipstream-php/.github/workflows/pr.yml new file mode 100644 index 000000000..05259d4f7 --- /dev/null +++ b/vendor/maennchen/zipstream-php/.github/workflows/pr.yml @@ -0,0 +1,50 @@ +on: + pull_request: + branches: + - "*" + workflow_dispatch: {} + +name: "Pull Request" + +permissions: + contents: read + +jobs: + test: + name: "Test" + + permissions: + contents: read + security-events: write + + uses: ./.github/workflows/part_test.yml + + docs: + name: "Docs" + + uses: ./.github/workflows/part_docs.yml + + dependabot: + name: "Dependabot" + + if: ${{ github.actor == 'dependabot[bot]'}} + + permissions: + pull-requests: write + contents: write + + uses: ./.github/workflows/part_dependabot.yml + + dependency-review: + name: Dependency Review + runs-on: ubuntu-latest + steps: + - name: Harden Runner + uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 + with: + egress-policy: audit + + - name: 'Checkout Repository' + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + - name: 'Dependency Review' + uses: actions/dependency-review-action@5a2ce3f5b92ee19cbb1541a4984c76d921601d7c # v4.3.4 diff --git a/vendor/maennchen/zipstream-php/.github/workflows/scorecard.yml b/vendor/maennchen/zipstream-php/.github/workflows/scorecard.yml new file mode 100644 index 000000000..7bb8dbb6c --- /dev/null +++ b/vendor/maennchen/zipstream-php/.github/workflows/scorecard.yml @@ -0,0 +1,78 @@ +# This workflow uses actions that are not certified by GitHub. They are provided +# by a third-party and are governed by separate terms of service, privacy +# policy, and support documentation. + +name: Scorecard supply-chain security +on: + # For Branch-Protection check. Only the default branch is supported. See + # https://github.com/ossf/scorecard/blob/main/docs/checks.md#branch-protection + branch_protection_rule: + # To guarantee Maintained check is occasionally updated. See + # https://github.com/ossf/scorecard/blob/main/docs/checks.md#maintained + schedule: + - cron: '28 11 * * 3' + push: + branches: [ "main" ] + +# Declare default permissions as read only. +permissions: read-all + +jobs: + analysis: + name: Scorecard analysis + runs-on: ubuntu-latest + permissions: + # Needed to upload the results to code-scanning dashboard. + security-events: write + # Needed to publish results and get a badge (see publish_results below). + id-token: write + # Uncomment the permissions below if installing in a private repository. + # contents: read + # actions: read + + steps: + - name: Harden Runner + uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 + with: + egress-policy: audit + + - name: "Checkout code" + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + with: + persist-credentials: false + + - name: "Run analysis" + uses: ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46 # v2.4.0 + with: + results_file: results.sarif + results_format: sarif + # (Optional) "write" PAT token. Uncomment the `repo_token` line below if: + # - you want to enable the Branch-Protection check on a *public* repository, or + # - you are installing Scorecard on a *private* repository + # To create the PAT, follow the steps in https://github.com/ossf/scorecard-action?tab=readme-ov-file#authentication-with-fine-grained-pat-optional. + # repo_token: ${{ secrets.SCORECARD_TOKEN }} + + # Public repositories: + # - Publish results to OpenSSF REST API for easy access by consumers + # - Allows the repository to include the Scorecard badge. + # - See https://github.com/ossf/scorecard-action#publishing-results. + # For private repositories: + # - `publish_results` will always be set to `false`, regardless + # of the value entered here. + publish_results: true + + # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF + # format to the repository Actions tab. + - name: "Upload artifact" + uses: actions/upload-artifact@604373da6381bf24206979c74d06a550515601b9 # v4.4.1 + with: + name: SARIF file + path: results.sarif + retention-days: 5 + + # Upload the results to GitHub's code scanning dashboard (optional). + # Commenting out will disable upload of results to your repo's Code Scanning dashboard + - name: "Upload to code-scanning" + uses: github/codeql-action/upload-sarif@c36620d31ac7c881962c3d9dd939c40ec9434f2b # v3.26.12 + with: + sarif_file: results.sarif diff --git a/vendor/maennchen/zipstream-php/.github/workflows/tag-beta.yml b/vendor/maennchen/zipstream-php/.github/workflows/tag-beta.yml new file mode 100644 index 000000000..b3399454a --- /dev/null +++ b/vendor/maennchen/zipstream-php/.github/workflows/tag-beta.yml @@ -0,0 +1,29 @@ +on: + push: + tags: + - "[0-9]+.[0-9]+.[0-9]+-beta.[0-9]+" + +name: "Beta Tag" + +permissions: + contents: read + +jobs: + docs: + name: "Docs" + + uses: ./.github/workflows/part_docs.yml + + release: + name: "Release" + + needs: ["docs"] + + permissions: + id-token: write + contents: write + attestations: write + + uses: ./.github/workflows/part_release.yml + with: + releaseName: "${{ github.ref_name }}" diff --git a/vendor/maennchen/zipstream-php/.github/workflows/tag-stable.yml b/vendor/maennchen/zipstream-php/.github/workflows/tag-stable.yml new file mode 100644 index 000000000..0e91cf0d0 --- /dev/null +++ b/vendor/maennchen/zipstream-php/.github/workflows/tag-stable.yml @@ -0,0 +1,55 @@ +on: + push: + tags: + - "[0-9]+.[0-9]+.[0-9]+" + +name: "Stable Tag" + +permissions: + contents: read + +jobs: + docs: + name: "Docs" + + uses: ./.github/workflows/part_docs.yml + + release: + name: "Release" + + needs: ["docs"] + + permissions: + id-token: write + contents: write + attestations: write + + uses: ./.github/workflows/part_release.yml + with: + releaseName: "${{ github.ref_name }}" + stable: true + + deploy_pages: + name: "Deploy to GitHub Pages" + + needs: ["release", "docs"] + + runs-on: ubuntu-latest + + permissions: + pages: write + id-token: write + + environment: + name: github-pages + url: ${{ steps.deployment.outputs.page_url }} + + steps: + - name: Harden Runner + uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 + with: + egress-policy: audit + + - name: Deploy to GitHub Pages + id: deployment + uses: actions/deploy-pages@d6db90164ac5ed86f2b6aed7e0febac5b3c0c03e # v4.0.5 |