aboutsummaryrefslogtreecommitdiffstats
path: root/vendor/twbs/bootstrap/.github
diff options
context:
space:
mode:
authorMario <mario@mariovavti.com>2023-03-19 13:55:18 +0000
committerMario <mario@mariovavti.com>2023-03-19 13:55:18 +0000
commit89285f1408d21091bb80d45b391ddcbe06ba8d0f (patch)
treeb2eb07d9f3d91d77f89a4565a58e6e5231b20c1c /vendor/twbs/bootstrap/.github
parent0a679e503ef367eda3085c44af103ee53869a94f (diff)
parent17c0bb2069dcfe35d3febc5bfdb3a7295f15d49c (diff)
downloadvolse-hubzilla-8.2.tar.gz
volse-hubzilla-8.2.tar.bz2
volse-hubzilla-8.2.zip
Merge branch '8.2RC'8.2
Diffstat (limited to 'vendor/twbs/bootstrap/.github')
-rw-r--r--vendor/twbs/bootstrap/.github/CONTRIBUTING.md18
-rw-r--r--vendor/twbs/bootstrap/.github/PULL_REQUEST_TEMPLATE.md2
-rw-r--r--vendor/twbs/bootstrap/.github/codeql/codeql-config.yml3
-rw-r--r--vendor/twbs/bootstrap/.github/workflows/browserstack.yml7
-rw-r--r--vendor/twbs/bootstrap/.github/workflows/bundlewatch.yml7
-rw-r--r--vendor/twbs/bootstrap/.github/workflows/calibreapp-image-actions.yml2
-rw-r--r--vendor/twbs/bootstrap/.github/workflows/codeql.yml10
-rw-r--r--vendor/twbs/bootstrap/.github/workflows/cspell.yml10
-rw-r--r--vendor/twbs/bootstrap/.github/workflows/css.yml7
-rw-r--r--vendor/twbs/bootstrap/.github/workflows/docs.yml7
-rw-r--r--vendor/twbs/bootstrap/.github/workflows/issue-close-require.yml7
-rw-r--r--vendor/twbs/bootstrap/.github/workflows/issue-labeled.yml7
-rw-r--r--vendor/twbs/bootstrap/.github/workflows/js.yml11
-rw-r--r--vendor/twbs/bootstrap/.github/workflows/lint.yml7
-rw-r--r--vendor/twbs/bootstrap/.github/workflows/node-sass.yml7
-rw-r--r--vendor/twbs/bootstrap/.github/workflows/release-notes.yml7
-rw-r--r--vendor/twbs/bootstrap/.github/workflows/scorecards.yml65
17 files changed, 165 insertions, 19 deletions
diff --git a/vendor/twbs/bootstrap/.github/CONTRIBUTING.md b/vendor/twbs/bootstrap/.github/CONTRIBUTING.md
index c7211e689..446344580 100644
--- a/vendor/twbs/bootstrap/.github/CONTRIBUTING.md
+++ b/vendor/twbs/bootstrap/.github/CONTRIBUTING.md
@@ -18,16 +18,16 @@ the preferred channel for [bug reports](#bug-reports), [features requests](#feat
and [submitting pull requests](#pull-requests), but please respect the following
restrictions:
-* Please **do not** use the issue tracker for personal support requests. Stack Overflow ([`bootstrap-5`](https://stackoverflow.com/questions/tagged/bootstrap-5) tag), [our GitHub Discussions](https://github.com/twbs/bootstrap/discussions) or [IRC](/README.md#community) are better places to get help.
+- Please **do not** use the issue tracker for personal support requests. Stack Overflow ([`bootstrap-5`](https://stackoverflow.com/questions/tagged/bootstrap-5) tag), [our GitHub Discussions](https://github.com/twbs/bootstrap/discussions) or [IRC](/README.md#community) are better places to get help.
-* Please **do not** derail or troll issues. Keep the discussion on topic and
+- Please **do not** derail or troll issues. Keep the discussion on topic and
respect the opinions of others.
-* Please **do not** post comments consisting solely of "+1" or ":thumbsup:".
+- Please **do not** post comments consisting solely of "+1" or ":thumbsup:".
Use [GitHub's "reactions" feature](https://blog.github.com/2016-03-10-add-reactions-to-pull-requests-issues-and-comments/)
instead. We reserve the right to delete comments which violate this rule.
-* Please **do not** open issues regarding the official themes offered on <https://themes.getbootstrap.com/>.
+- Please **do not** open issues regarding the official themes offered on <https://themes.getbootstrap.com/>.
Instead, please email any questions or feedback regarding those themes to `themes AT getbootstrap DOT com`.
@@ -101,16 +101,16 @@ Sometimes bugs reported to us are actually caused by bugs in the browser(s) them
| Vendor(s) | Browser(s) | Rendering engine | Bug reporting website(s) | Notes |
| ------------- | ---------------------------- | ---------------- | ------------------------------------------------------ | -------------------------------------------------------- |
-| Mozilla | Firefox | Gecko | https://bugzilla.mozilla.org/enter_bug.cgi | "Core" is normally the right product option to choose. |
-| Apple | Safari | WebKit | https://bugs.webkit.org/enter_bug.cgi?product=WebKit | In Apple's bug reporter, choose "Safari" as the product. |
-| Google, Opera | Chrome, Chromium, Opera v15+ | Blink | https://bugs.chromium.org/p/chromium/issues/list | Click the "New issue" button. |
-| Microsoft | Edge | Blink | https://developer.microsoft.com/en-us/microsoft-edge/ | Go to "Help > Send Feedback" from the browser |
+| Mozilla | Firefox | Gecko | <https://bugzilla.mozilla.org/enter_bug.cgi> | "Core" is normally the right product option to choose. |
+| Apple | Safari | WebKit | <https://bugs.webkit.org/enter_bug.cgi?product=WebKit> | In Apple's bug reporter, choose "Safari" as the product. |
+| Google, Opera | Chrome, Chromium, Opera v15+ | Blink | <https://bugs.chromium.org/p/chromium/issues/list> | Click the "New issue" button. |
+| Microsoft | Edge | Blink | <https://developer.microsoft.com/en-us/microsoft-edge/> | Go to "Help > Send Feedback" from the browser |
## Feature requests
Feature requests are welcome. But take a moment to find out whether your idea
-fits with the scope and aims of the project. It's up to *you* to make a strong
+fits with the scope and aims of the project. It's up to _you_ to make a strong
case to convince the project's developers of the merits of this feature. Please
provide as much detail and context as possible.
diff --git a/vendor/twbs/bootstrap/.github/PULL_REQUEST_TEMPLATE.md b/vendor/twbs/bootstrap/.github/PULL_REQUEST_TEMPLATE.md
index 4675f7007..98e45c55a 100644
--- a/vendor/twbs/bootstrap/.github/PULL_REQUEST_TEMPLATE.md
+++ b/vendor/twbs/bootstrap/.github/PULL_REQUEST_TEMPLATE.md
@@ -31,7 +31,7 @@
<!-- Please add direct links where your modifications can be seen in the documentation -->
-* https://deploy-preview-{your pr number}--twbs-bootstrap.netlify.app/
+- <https://deploy-preview-{your_pr_number}--twbs-bootstrap.netlify.app/>
### Related issues
diff --git a/vendor/twbs/bootstrap/.github/codeql/codeql-config.yml b/vendor/twbs/bootstrap/.github/codeql/codeql-config.yml
new file mode 100644
index 000000000..957877282
--- /dev/null
+++ b/vendor/twbs/bootstrap/.github/codeql/codeql-config.yml
@@ -0,0 +1,3 @@
+name: "CodeQL config"
+paths-ignore:
+ - dist
diff --git a/vendor/twbs/bootstrap/.github/workflows/browserstack.yml b/vendor/twbs/bootstrap/.github/workflows/browserstack.yml
index 425c56684..9a2fc91e5 100644
--- a/vendor/twbs/bootstrap/.github/workflows/browserstack.yml
+++ b/vendor/twbs/bootstrap/.github/workflows/browserstack.yml
@@ -6,7 +6,10 @@ on:
env:
FORCE_COLOR: 2
- NODE: 16
+ NODE: 18
+
+permissions:
+ contents: read
jobs:
browserstack:
@@ -17,6 +20,8 @@ jobs:
steps:
- name: Clone repository
uses: actions/checkout@v3
+ with:
+ persist-credentials: false
- name: Set up Node.js
uses: actions/setup-node@v3
diff --git a/vendor/twbs/bootstrap/.github/workflows/bundlewatch.yml b/vendor/twbs/bootstrap/.github/workflows/bundlewatch.yml
index d1a174784..2add86c49 100644
--- a/vendor/twbs/bootstrap/.github/workflows/bundlewatch.yml
+++ b/vendor/twbs/bootstrap/.github/workflows/bundlewatch.yml
@@ -9,7 +9,10 @@ on:
env:
FORCE_COLOR: 2
- NODE: 16
+ NODE: 18
+
+permissions:
+ contents: read
jobs:
bundlewatch:
@@ -18,6 +21,8 @@ jobs:
steps:
- name: Clone repository
uses: actions/checkout@v3
+ with:
+ persist-credentials: false
- name: Set up Node.js
uses: actions/setup-node@v3
diff --git a/vendor/twbs/bootstrap/.github/workflows/calibreapp-image-actions.yml b/vendor/twbs/bootstrap/.github/workflows/calibreapp-image-actions.yml
index e23f5626e..21df1f626 100644
--- a/vendor/twbs/bootstrap/.github/workflows/calibreapp-image-actions.yml
+++ b/vendor/twbs/bootstrap/.github/workflows/calibreapp-image-actions.yml
@@ -17,6 +17,8 @@ jobs:
steps:
- name: Checkout Repo
uses: actions/checkout@v3
+ with:
+ persist-credentials: false
- name: Compress Images
uses: calibreapp/image-actions@1.1.0
diff --git a/vendor/twbs/bootstrap/.github/workflows/codeql.yml b/vendor/twbs/bootstrap/.github/workflows/codeql.yml
index 70be0563c..98aa891c4 100644
--- a/vendor/twbs/bootstrap/.github/workflows/codeql.yml
+++ b/vendor/twbs/bootstrap/.github/workflows/codeql.yml
@@ -7,7 +7,6 @@ on:
- v4-dev
- "!dependabot/**"
pull_request:
- # The branches below must be a subset of the branches above
branches:
- main
- v4-dev
@@ -28,11 +27,20 @@ jobs:
steps:
- name: Checkout repository
uses: actions/checkout@v3
+ with:
+ persist-credentials: false
- name: Initialize CodeQL
uses: github/codeql-action/init@v2
with:
+ config-file: ./.github/codeql/codeql-config.yml
languages: "javascript"
+ queries: +security-and-quality
+
+ - name: Autobuild
+ uses: github/codeql-action/autobuild@v2
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2
+ with:
+ category: "/language:javascript"
diff --git a/vendor/twbs/bootstrap/.github/workflows/cspell.yml b/vendor/twbs/bootstrap/.github/workflows/cspell.yml
index 3751ad339..1d946981c 100644
--- a/vendor/twbs/bootstrap/.github/workflows/cspell.yml
+++ b/vendor/twbs/bootstrap/.github/workflows/cspell.yml
@@ -9,15 +9,23 @@ on:
env:
FORCE_COLOR: 2
- NODE: 16
+
+permissions:
+ contents: read
jobs:
cspell:
+ permissions:
+ # allow streetsidesoftware/cspell-action to fetch files for commits and PRs
+ contents: read
+ pull-requests: read
runs-on: ubuntu-latest
steps:
- name: Clone repository
uses: actions/checkout@v3
+ with:
+ persist-credentials: false
- name: Run cspell
uses: streetsidesoftware/cspell-action@v2
diff --git a/vendor/twbs/bootstrap/.github/workflows/css.yml b/vendor/twbs/bootstrap/.github/workflows/css.yml
index 857a5672c..6bfde50af 100644
--- a/vendor/twbs/bootstrap/.github/workflows/css.yml
+++ b/vendor/twbs/bootstrap/.github/workflows/css.yml
@@ -9,7 +9,10 @@ on:
env:
FORCE_COLOR: 2
- NODE: 16
+ NODE: 18
+
+permissions:
+ contents: read
jobs:
css:
@@ -18,6 +21,8 @@ jobs:
steps:
- name: Clone repository
uses: actions/checkout@v3
+ with:
+ persist-credentials: false
- name: Set up Node.js
uses: actions/setup-node@v3
diff --git a/vendor/twbs/bootstrap/.github/workflows/docs.yml b/vendor/twbs/bootstrap/.github/workflows/docs.yml
index f33413eb4..bdeae6043 100644
--- a/vendor/twbs/bootstrap/.github/workflows/docs.yml
+++ b/vendor/twbs/bootstrap/.github/workflows/docs.yml
@@ -9,7 +9,10 @@ on:
env:
FORCE_COLOR: 2
- NODE: 16
+ NODE: 18
+
+permissions:
+ contents: read
jobs:
docs:
@@ -18,6 +21,8 @@ jobs:
steps:
- name: Clone repository
uses: actions/checkout@v3
+ with:
+ persist-credentials: false
- name: Set up Node.js
uses: actions/setup-node@v3
diff --git a/vendor/twbs/bootstrap/.github/workflows/issue-close-require.yml b/vendor/twbs/bootstrap/.github/workflows/issue-close-require.yml
index b251cd75e..b5000d8b4 100644
--- a/vendor/twbs/bootstrap/.github/workflows/issue-close-require.yml
+++ b/vendor/twbs/bootstrap/.github/workflows/issue-close-require.yml
@@ -4,8 +4,15 @@ on:
schedule:
- cron: "0 0 * * *"
+permissions:
+ contents: read
+
jobs:
issue-close-require:
+ permissions:
+ # allow actions-cool/issues-helper to update issues and PRs
+ issues: write
+ pull-requests: write
runs-on: ubuntu-latest
if: github.repository == 'twbs/bootstrap'
steps:
diff --git a/vendor/twbs/bootstrap/.github/workflows/issue-labeled.yml b/vendor/twbs/bootstrap/.github/workflows/issue-labeled.yml
index fac58493b..584879dd8 100644
--- a/vendor/twbs/bootstrap/.github/workflows/issue-labeled.yml
+++ b/vendor/twbs/bootstrap/.github/workflows/issue-labeled.yml
@@ -4,8 +4,15 @@ on:
issues:
types: [labeled]
+permissions:
+ contents: read
+
jobs:
issue-labeled:
+ permissions:
+ # allow actions-cool/issues-helper to update issues and PRs
+ issues: write
+ pull-requests: write
if: github.repository == 'twbs/bootstrap'
runs-on: ubuntu-latest
steps:
diff --git a/vendor/twbs/bootstrap/.github/workflows/js.yml b/vendor/twbs/bootstrap/.github/workflows/js.yml
index 82616c574..a8994b6cc 100644
--- a/vendor/twbs/bootstrap/.github/workflows/js.yml
+++ b/vendor/twbs/bootstrap/.github/workflows/js.yml
@@ -9,16 +9,25 @@ on:
env:
FORCE_COLOR: 2
- NODE: 16
+ NODE: 18
+
+permissions:
+ contents: read
jobs:
run:
+ permissions:
+ # allow coverallsapp/github-action to create new checks issues and fetch code
+ checks: write
+ contents: read
name: JS Tests
runs-on: ubuntu-latest
steps:
- name: Clone repository
uses: actions/checkout@v3
+ with:
+ persist-credentials: false
- name: Set up Node.js
uses: actions/setup-node@v3
diff --git a/vendor/twbs/bootstrap/.github/workflows/lint.yml b/vendor/twbs/bootstrap/.github/workflows/lint.yml
index 816694ec2..51ee18999 100644
--- a/vendor/twbs/bootstrap/.github/workflows/lint.yml
+++ b/vendor/twbs/bootstrap/.github/workflows/lint.yml
@@ -9,7 +9,10 @@ on:
env:
FORCE_COLOR: 2
- NODE: 16
+ NODE: 18
+
+permissions:
+ contents: read
jobs:
lint:
@@ -18,6 +21,8 @@ jobs:
steps:
- name: Clone repository
uses: actions/checkout@v3
+ with:
+ persist-credentials: false
- name: Set up Node.js
uses: actions/setup-node@v3
diff --git a/vendor/twbs/bootstrap/.github/workflows/node-sass.yml b/vendor/twbs/bootstrap/.github/workflows/node-sass.yml
index 465cee485..dc687ca46 100644
--- a/vendor/twbs/bootstrap/.github/workflows/node-sass.yml
+++ b/vendor/twbs/bootstrap/.github/workflows/node-sass.yml
@@ -9,7 +9,10 @@ on:
env:
FORCE_COLOR: 2
- NODE: 16
+ NODE: 18
+
+permissions:
+ contents: read
jobs:
css:
@@ -18,6 +21,8 @@ jobs:
steps:
- name: Clone repository
uses: actions/checkout@v3
+ with:
+ persist-credentials: false
- name: Set up Node.js
uses: actions/setup-node@v3
diff --git a/vendor/twbs/bootstrap/.github/workflows/release-notes.yml b/vendor/twbs/bootstrap/.github/workflows/release-notes.yml
index bbd0a2448..f620dd31d 100644
--- a/vendor/twbs/bootstrap/.github/workflows/release-notes.yml
+++ b/vendor/twbs/bootstrap/.github/workflows/release-notes.yml
@@ -6,8 +6,15 @@ on:
- main
workflow_dispatch:
+permissions:
+ contents: read
+
jobs:
update_release_draft:
+ permissions:
+ # allow release-drafter/release-drafter to create GitHub releases and add labels to PRs
+ contents: write
+ pull-requests: write
runs-on: ubuntu-latest
if: github.repository == 'twbs/bootstrap'
steps:
diff --git a/vendor/twbs/bootstrap/.github/workflows/scorecards.yml b/vendor/twbs/bootstrap/.github/workflows/scorecards.yml
new file mode 100644
index 000000000..01977ac1c
--- /dev/null
+++ b/vendor/twbs/bootstrap/.github/workflows/scorecards.yml
@@ -0,0 +1,65 @@
+name: Scorecards supply-chain security
+
+on:
+ # Only the default branch is supported.
+ branch_protection_rule:
+ push:
+ branches:
+ - main
+ schedule:
+ - cron: "16 10 * * 6"
+ workflow_dispatch:
+
+# Declare default permissions as read only.
+permissions: read-all
+
+jobs:
+ analysis:
+ name: Scorecards analysis
+ runs-on: ubuntu-latest
+ permissions:
+ # Needed to upload the results to code-scanning dashboard.
+ security-events: write
+ # Used to receive a badge.
+ id-token: write
+ # Needs for private repositories.
+ contents: read
+ actions: read
+
+ steps:
+ - name: Clone repository
+ uses: actions/checkout@v3
+ with:
+ persist-credentials: false
+
+ - name: Run analysis
+ uses: ossf/scorecard-action@v2.1.1
+ with:
+ results_file: results.sarif
+ results_format: sarif
+ # (Optional) Read-only PAT token. Uncomment the `repo_token` line below if:
+ # - you want to enable the Branch-Protection check on a *public* repository, or
+ # - you are installing Scorecards on a *private* repository
+ # To create the PAT, follow the steps in https://github.com/ossf/scorecard-action#authentication-with-pat.
+ # repo_token: ${{ secrets.SCORECARD_READ_TOKEN }}
+
+ # Publish the results for public repositories to enable scorecard badges. For more details, see
+ # https://github.com/ossf/scorecard-action#publishing-results.
+ # For private repositories, `publish_results` will automatically be set to `false`, regardless
+ # of the value entered here.
+ publish_results: true
+
+ # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
+ # format to the repository Actions tab.
+ - name: Upload artifact
+ uses: actions/upload-artifact@v3
+ with:
+ name: SARIF file
+ path: results.sarif
+ retention-days: 5
+
+ # Upload the results to GitHub's code scanning dashboard.
+ - name: Upload to code-scanning
+ uses: github/codeql-action/upload-sarif@v1
+ with:
+ sarif_file: results.sarif