dependabot[bot]
f118fc11bf
build(deps): bump the actions group across 1 directory with 6 updates
...
Bumps the actions group with 6 updates in the / directory:
| Package | From | To |
| --- | --- | --- |
| [actions/setup-python](https://github.com/actions/setup-python ) | `6.2.0` | `6.3.0` |
| [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) | `4.1.0` | `4.2.0` |
| [docker/build-push-action](https://github.com/docker/build-push-action ) | `7.2.0` | `7.3.0` |
| [github/codeql-action/upload-sarif](https://github.com/github/codeql-action ) | `4.36.2` | `4.37.0` |
| [docker/login-action](https://github.com/docker/login-action ) | `4.2.0` | `4.4.0` |
| [docker/metadata-action](https://github.com/docker/metadata-action ) | `6.1.0` | `6.2.0` |
Updates `actions/setup-python` from 6.2.0 to 6.3.0
- [Release notes](https://github.com/actions/setup-python/releases )
- [Commits](https://github.com/actions/setup-python/compare/a309ff8b426b58ec0e2a45f0f869d46889d02405...ece7cb06caefa5fff74198d8649806c4678c61a1 )
Updates `docker/setup-buildx-action` from 4.1.0 to 4.2.0
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](https://github.com/docker/setup-buildx-action/compare/d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5...bb05f3f5519dd87d3ba754cc423b652a5edd6d2c )
Updates `docker/build-push-action` from 7.2.0 to 7.3.0
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](https://github.com/docker/build-push-action/compare/f9f3042f7e2789586610d6e8b85c8f03e5195baf...53b7df96c91f9c12dcc8a07bcb9ccacbed38856a )
Updates `github/codeql-action/upload-sarif` from 4.36.2 to 4.37.0
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/8aad20d150bbac5944a9f9d289da16a4b0d87c1e...99df26d4f13ea111d4ec1a7dddef6063f76b97e9 )
Updates `docker/login-action` from 4.2.0 to 4.4.0
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](https://github.com/docker/login-action/compare/650006c6eb7dba73a995cc03b0b2d7f5ca915bee...af1e73f918a031802d376d3c8bbc3fe56130a9b0 )
Updates `docker/metadata-action` from 6.1.0 to 6.2.0
- [Release notes](https://github.com/docker/metadata-action/releases )
- [Commits](https://github.com/docker/metadata-action/compare/80c7e94dd9b9319bd5eb7a0e0fe9291e23a2a2e9...dc802804100637a589fabce1cb79ff13a1411302 )
---
updated-dependencies:
- dependency-name: actions/setup-python
dependency-version: 6.3.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: actions
- dependency-name: docker/build-push-action
dependency-version: 7.3.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: actions
- dependency-name: docker/login-action
dependency-version: 4.3.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: actions
- dependency-name: docker/metadata-action
dependency-version: 6.2.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: actions
- dependency-name: docker/setup-buildx-action
dependency-version: 4.2.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: actions
- dependency-name: github/codeql-action/upload-sarif
dependency-version: 4.36.3
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: actions
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-07-09 17:35:09 +00:00
Alexandre Teixeira
1f6dc80525
ci: add focused test guidance signal ( #4982 )
...
* ci: add focused test guidance signal
* ci: diff focused guidance from merge base
2026-07-03 21:17:28 +02:00
dependabot[bot]
8e6a2e89f8
chore(deps): bump actions/checkout in the actions group ( #4559 )
...
Bumps the actions group with 1 update: [actions/checkout](https://github.com/actions/checkout ).
Updates `actions/checkout` from 6.0.3 to 7.0.0
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/df4cb1c069e1874edd31b4311f1884172cec0e10...9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-version: 7.0.0
dependency-type: direct:production
update-type: version-update:semver-major
dependency-group: actions
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-18 20:49:58 +02:00
dependabot[bot]
3c0e9fcb25
chore(deps): bump the actions group with 4 updates ( #3990 )
...
Bumps the actions group with 4 updates: [actions/checkout](https://github.com/actions/checkout ), [actions/setup-python](https://github.com/actions/setup-python ), [actions/setup-node](https://github.com/actions/setup-node ) and [github/codeql-action](https://github.com/github/codeql-action ).
Updates `actions/checkout` from 4.3.1 to 6.0.3
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v4.3.1...df4cb1c069e1874edd31b4311f1884172cec0e10 )
Updates `actions/setup-python` from 5.6.0 to 6.2.0
- [Release notes](https://github.com/actions/setup-python/releases )
- [Commits](https://github.com/actions/setup-python/compare/v5.6.0...a309ff8b426b58ec0e2a45f0f869d46889d02405 )
Updates `actions/setup-node` from 4.4.0 to 6.4.0
- [Release notes](https://github.com/actions/setup-node/releases )
- [Commits](https://github.com/actions/setup-node/compare/49933ea5288caeca8642d1e84afbd3f7d6820020...48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e )
Updates `github/codeql-action` from 3.36.0 to 4.36.2
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/03e4368ac7daa2bd82b3e85262f3bf87ee112f57...8aad20d150bbac5944a9f9d289da16a4b0d87c1e )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-version: 6.0.3
dependency-type: direct:production
update-type: version-update:semver-major
dependency-group: actions
- dependency-name: actions/setup-python
dependency-version: 6.2.0
dependency-type: direct:production
update-type: version-update:semver-major
dependency-group: actions
- dependency-name: actions/setup-node
dependency-version: 6.4.0
dependency-type: direct:production
update-type: version-update:semver-major
dependency-group: actions
- dependency-name: github/codeql-action
dependency-version: 4.36.2
dependency-type: direct:production
update-type: version-update:semver-major
dependency-group: actions
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-15 19:26:05 +09:00
nopoz
ed6cc88974
ci: harden existing workflows for the security gate ( #3498 )
...
Pin actions to commit SHAs, set persist-credentials: false on every
checkout, and scope token permissions to the jobs that use them. Suppress
the two findings that are safe by design: the description bot's
pull_request_target trigger (no fork code runs) and an intentional
word-split in the docker manifest step.
Clears actionlint and zizmor against dev so the blocking gate from #1314
can pass once both land.
2026-06-08 20:58:59 +02:00
Lucas Daniel
eb840459f5
ci: skip pytest smoke on documentation-only changes ( #2768 )
...
* ci: skip pytest smoke on documentation-only changes
Adding paths-ignore for **.md and docs/** so that PRs that touch only
markdown files do not trigger the full pytest suite. Runner minutes are
spent only when Python or config files change.
Closes #2646 .
* ci: detect docs-only changes inside the job instead of paths-ignore
Previously paths-ignore on the pull_request trigger caused the entire
workflow to be skipped, which can leave required checks pending and block
merging. Instead, keep the workflow always-triggered and detect docs-only
changes inside python-tests with a git diff step; if every changed file
is a .md or docs/ path, the step reports success without running pytest.
The syntax jobs (python-syntax, node-syntax) are cheap enough to always run.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
---------
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-06-06 16:00:46 +01:00
Kenny Van de Maele
379a60e5d6
Add CI workflow for syntax + test checks
...
.github/workflows/ci.yml runs on push to main + PRs:
- python-syntax: compileall over app.py + core/routes/src/services/scripts/tests
- node-syntax: node --check on our JS (static/app.js + static/js)
- python-tests: pip install + pytest (continue-on-error for now)
Hardening: least-privilege `permissions: contents: read`, a `concurrency`
group that cancels superseded runs, and actions pinned to commit SHAs
(version in a comment) instead of mutable tags.
2026-06-04 13:17:08 +02:00