diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 59b8db0..7aadf7f 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -10,3 +10,17 @@ updates:
time: "03:00"
timezone: Europe/Paris
open-pull-requests-limit: 10
+
+ # GitHub Actions
+- package-ecosystem: "github-actions"
+ directory: ".github/workflows"
+ commit-message:
+ prefix: "ci"
+ include: "scope"
+ schedule:
+ interval: weekly
+ day: saturday
+ time: "03:00"
+ timezone: Europe/Berlin
+ cooldown:
+ default-days: 4
diff --git a/.github/workflows/dependabot-approve-merge.yml b/.github/workflows/dependabot-approve-merge.yml
new file mode 100644
index 0000000..e1d0b9b
--- /dev/null
+++ b/.github/workflows/dependabot-approve-merge.yml
@@ -0,0 +1,58 @@
+# This workflow is provided via the organization template repository
+#
+# https://github.com/nextcloud/.github
+# https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization
+#
+# SPDX-FileCopyrightText: Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: MIT
+
+name: Auto approve Dependabot PRs
+
+on:
+ pull_request_target: # zizmor: ignore[dangerous-triggers]
+ branches:
+ - main
+ - master
+ - stable*
+
+permissions:
+ contents: read
+
+concurrency:
+ group: dependabot-approve-merge-${{ github.head_ref || github.run_id }}
+ cancel-in-progress: true
+
+jobs:
+ auto-approve-merge:
+ if: github.event.pull_request.user.login == 'dependabot[bot]' || github.event.pull_request.user.login == 'renovate[bot]'
+ runs-on: ubuntu-latest-low
+ permissions:
+ # for hmarr/auto-approve-action to approve PRs
+ pull-requests: write
+ # for alexwilson/enable-github-automerge-action to approve PRs
+ contents: write
+
+ steps:
+ - name: Disabled on forks
+ if: ${{ github.event.pull_request.head.repo.full_name != github.repository }}
+ run: |
+ echo 'Can not approve PRs from forks'
+ exit 1
+
+ - uses: mdecoleman/pr-branch-name@55795d86b4566d300d237883103f052125cc7508 # v3.0.0
+ id: branchname
+ with:
+ repo-token: ${{ secrets.GITHUB_TOKEN }}
+
+ # GitHub actions bot approve
+ - uses: hmarr/auto-approve-action@f0939ea97e9205ef24d872e76833fa908a770363 # v4.0.0
+ if: startsWith(steps.branchname.outputs.branch, 'dependabot/') && contains(steps.branchname.outputs.branch, '/webrtc-adapter-') != true && contains(steps.branchname.outputs.branch, '/nextcloud/vue-') != true
+ with:
+ github-token: ${{ secrets.GITHUB_TOKEN }}
+
+ # Enable GitHub auto merge
+ - name: Auto merge
+ uses: alexwilson/enable-github-automerge-action@56e3117d1ae1540309dc8f7a9f2825bc3c5f06ff # v2.0.0
+ if: startsWith(steps.branchname.outputs.branch, 'dependabot/') && contains(steps.branchname.outputs.branch, '/webrtc-adapter-') != true && contains(steps.branchname.outputs.branch, '/nextcloud/vue-') != true
+ with:
+ github-token: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/lint-php-cs.yml b/.github/workflows/lint-php-cs.yml
index 44cf66b..a08cf99 100644
--- a/.github/workflows/lint-php-cs.yml
+++ b/.github/workflows/lint-php-cs.yml
@@ -25,12 +25,14 @@ jobs:
steps:
- name: Checkout
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+ with:
+ persist-credentials: false
- - name: Set up php8.2
- uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 # v2.31.1
+ - name: Set up php8.3
+ uses: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1 # v2.36.0
with:
- php-version: 8.2
+ php-version: 8.3
extensions: bz2, ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, session, simplexml, xmlreader, xmlwriter, zip, zlib, sqlite, pdo_sqlite
coverage: none
ini-file: development
@@ -38,7 +40,9 @@ jobs:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Install dependencies
- run: composer i
+ run: |
+ composer remove nextcloud/ocp --dev --no-scripts
+ composer i
- name: Lint
run: composer run cs:check || ( echo 'Please run `composer run cs:fix` to format your code' && exit 1 )
diff --git a/.github/workflows/lint-php.yml b/.github/workflows/lint-php.yml
index 0923d94..e9e26c4 100644
--- a/.github/workflows/lint-php.yml
+++ b/.github/workflows/lint-php.yml
@@ -22,16 +22,18 @@ jobs:
runs-on: ubuntu-latest
strategy:
matrix:
- php-versions: [ '8.1' ]
+ php-versions: ['8.1', '8.2', '8.3', '8.4', '8.5']
name: php-lint
steps:
- name: Checkout
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+ with:
+ persist-credentials: false
- name: Set up php ${{ matrix.php-versions }}
- uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 # v2.31.1
+ uses: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1 # v2.36.0
with:
php-version: ${{ matrix.php-versions }}
extensions: bz2, ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, session, simplexml, xmlreader, xmlwriter, zip, zlib, sqlite, pdo_sqlite
diff --git a/.github/workflows/pr-feedback.yml b/.github/workflows/pr-feedback.yml
index 6a01fa0..f4c0477 100644
--- a/.github/workflows/pr-feedback.yml
+++ b/.github/workflows/pr-feedback.yml
@@ -15,12 +15,17 @@ on:
schedule:
- cron: '30 1 * * *'
+permissions:
+ contents: read
+ pull-requests: write
+
jobs:
pr-feedback:
+ if: ${{ github.repository_owner == 'nextcloud' }}
runs-on: ubuntu-latest
steps:
- name: The get-github-handles-from-website action
- uses: marcelklehr/get-github-handles-from-website-action@a739600f6b91da4957f51db0792697afbb2f143c # v1.0.0
+ uses: marcelklehr/get-github-handles-from-website-action@06b2239db0a48fe1484ba0bfd966a3ab81a08308 # v1.0.1
id: scrape
with:
website: 'https://nextcloud.com/team/'
@@ -31,7 +36,7 @@ jobs:
blocklist=$(curl https://raw.githubusercontent.com/nextcloud/.github/master/non-community-usernames.txt | paste -s -d, -)
echo "blocklist=$blocklist" >> "$GITHUB_OUTPUT"
- - uses: marcelklehr/pr-feedback-action@1883b38a033fb16f576875e0cf45f98b857655c4
+ - uses: nextcloud/pr-feedback-action@f0cab224dea8e1f282f9451de322f323c78fc7a5 # main
with:
feedback-message: |
Hello there,
@@ -45,6 +50,6 @@ jobs:
(If you believe you should not receive this message, you can add yourself to the [blocklist](https://github.com/nextcloud/.github/blob/master/non-community-usernames.txt).)
days-before-feedback: 14
- start-date: '2024-04-30'
+ start-date: '2025-06-12'
exempt-authors: '${{ steps.blocklist.outputs.blocklist }},${{ steps.scrape.outputs.users }}'
exempt-bots: true
diff --git a/.github/workflows/reuse.yml b/.github/workflows/reuse.yml
index b682855..d65f3b0 100644
--- a/.github/workflows/reuse.yml
+++ b/.github/workflows/reuse.yml
@@ -11,14 +11,17 @@ name: REUSE Compliance Check
on: [pull_request]
+permissions:
+ contents: read
+
jobs:
reuse-compliance-check:
- runs-on: ubuntu-latest
+ runs-on: ubuntu-latest-low
steps:
- name: Checkout
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+ uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
with:
persist-credentials: false
- name: REUSE Compliance Check
- uses: fsfe/reuse-action@bb774aa972c2a89ff34781233d275075cbddf542 # v5.0.0
+ uses: fsfe/reuse-action@676e2d560c9a403aa252096d99fcab3e1132b0f5 # v6.0.0
diff --git a/.github/workflows/test-repositories.yml b/.github/workflows/test-repositories.yml
index 1aa1138..1ca4d71 100644
--- a/.github/workflows/test-repositories.yml
+++ b/.github/workflows/test-repositories.yml
@@ -29,7 +29,7 @@ jobs:
strategy:
fail-fast: false
matrix:
- php-versions: [ "8.1" ]
+ php-versions: [ "8.3" ]
repositories:
- "nextcloud/app_template"
- "nextcloud/approve_links"
@@ -50,10 +50,12 @@ jobs:
steps:
- name: Checkout
- uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
+ uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+ with:
+ persist-credentials: false
- name: Set up php ${{ matrix.php-versions }}
- uses: shivammathur/setup-php@4bd44f22a98a19e0950cbad5f31095157cc9621b # v2
+ uses: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1 # v2.36.0
with:
php-version: ${{ matrix.php-versions }}
coverage: none
@@ -62,8 +64,9 @@ jobs:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Checkout repository for testing
- uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
+ uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
with:
+ persist-credentials: false
repository: ${{ matrix.repositories }}
path: temp-repository
@@ -107,7 +110,7 @@ jobs:
summary:
permissions:
contents: none
- runs-on: ubuntu-latest
+ runs-on: ubuntu-latest-low
needs: openapi-repositories
if: always()
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index 248d408..dec4679 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -34,10 +34,12 @@ jobs:
steps:
- name: Checkout
- uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
+ uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+ with:
+ persist-credentials: false
- name: Set up php ${{ matrix.php-versions }}
- uses: shivammathur/setup-php@4bd44f22a98a19e0950cbad5f31095157cc9621b # v2
+ uses: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1 # v2.36.0
with:
php-version: ${{ matrix.php-versions }}
coverage: none
diff --git a/.github/workflows/update-nextcloud-ocp-approve-merge.yml b/.github/workflows/update-nextcloud-ocp-approve-merge.yml
new file mode 100644
index 0000000..dfe0ef4
--- /dev/null
+++ b/.github/workflows/update-nextcloud-ocp-approve-merge.yml
@@ -0,0 +1,58 @@
+# This workflow is provided via the organization template repository
+#
+# https://github.com/nextcloud/.github
+# https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization
+#
+# SPDX-FileCopyrightText: 2023-2024 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: MIT
+
+name: Auto approve nextcloud/ocp
+
+on:
+ pull_request_target: # zizmor: ignore[dangerous-triggers]
+ branches:
+ - main
+ - master
+ - stable*
+
+permissions:
+ contents: read
+
+concurrency:
+ group: update-nextcloud-ocp-approve-merge-${{ github.head_ref || github.run_id }}
+ cancel-in-progress: true
+
+jobs:
+ auto-approve-merge:
+ if: github.actor == 'nextcloud-command'
+ runs-on: ubuntu-latest-low
+ permissions:
+ # for hmarr/auto-approve-action to approve PRs
+ pull-requests: write
+ # for alexwilson/enable-github-automerge-action to approve PRs
+ contents: write
+
+ steps:
+ - name: Disabled on forks
+ if: ${{ github.event.pull_request.head.repo.full_name != github.repository }}
+ run: |
+ echo 'Can not approve PRs from forks'
+ exit 1
+
+ - uses: mdecoleman/pr-branch-name@55795d86b4566d300d237883103f052125cc7508 # v3.0.0
+ id: branchname
+ with:
+ repo-token: ${{ secrets.GITHUB_TOKEN }}
+
+ # GitHub actions bot approve
+ - uses: hmarr/auto-approve-action@b40d6c9ed2fa10c9a2749eca7eb004418a705501 # v2
+ if: startsWith(steps.branchname.outputs.branch, 'automated/noid/') && endsWith(steps.branchname.outputs.branch, 'update-nextcloud-ocp')
+ with:
+ github-token: ${{ secrets.GITHUB_TOKEN }}
+
+ # Enable GitHub auto merge
+ - name: Auto merge
+ uses: alexwilson/enable-github-automerge-action@56e3117d1ae1540309dc8f7a9f2825bc3c5f06ff # v2.0.0
+ if: startsWith(steps.branchname.outputs.branch, 'automated/noid/') && endsWith(steps.branchname.outputs.branch, 'update-nextcloud-ocp')
+ with:
+ github-token: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/update-nextcloud-ocp.yml b/.github/workflows/update-nextcloud-ocp.yml
new file mode 100644
index 0000000..673d152
--- /dev/null
+++ b/.github/workflows/update-nextcloud-ocp.yml
@@ -0,0 +1,127 @@
+# This workflow is provided via the organization template repository
+#
+# https://github.com/nextcloud/.github
+# https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization
+#
+# SPDX-FileCopyrightText: 2022-2024 Nextcloud GmbH and Nextcloud contributors
+# SPDX-License-Identifier: MIT
+
+name: Update nextcloud/ocp
+
+on:
+ workflow_dispatch:
+ schedule:
+ - cron: "5 2 * * 0"
+
+permissions:
+ contents: read
+ issues: write
+
+jobs:
+ update-nextcloud-ocp:
+ runs-on: ubuntu-latest
+
+ strategy:
+ fail-fast: false
+ matrix:
+ branches:
+ - ${{ github.event.repository.default_branch }}
+ - 'stable32'
+ - 'stable31'
+
+ name: update-nextcloud-ocp-${{ matrix.branches }}
+
+ steps:
+ - id: checkout
+ uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+ with:
+ persist-credentials: false
+ ref: ${{ matrix.branches }}
+ submodules: true
+ continue-on-error: true
+
+ - name: Set up php8.2
+ if: steps.checkout.outcome == 'success'
+ uses: shivammathur/setup-php@bf6b4fbd49ca58e4608c9c89fba0b8d90bd2a39f # v2.35.5
+ with:
+ php-version: 8.2
+ # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation
+ extensions: bz2, ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, session, simplexml, xmlreader, xmlwriter, zip, zlib, sqlite, pdo_sqlite
+ coverage: none
+ env:
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+ - name: Read codeowners
+ if: steps.checkout.outcome == 'success'
+ id: codeowners
+ run: |
+ grep '/appinfo/info.xml' .github/CODEOWNERS | cut -f 2- -d ' ' | xargs | awk '{ print "codeowners="$0 }' >> $GITHUB_OUTPUT
+ continue-on-error: true
+
+ - name: Composer install
+ if: steps.checkout.outcome == 'success'
+ run: composer install
+
+ - name: Composer update nextcloud/ocp # zizmor: ignore[template-injection]
+ id: update_branch
+ if: ${{ steps.checkout.outcome == 'success' && matrix.branches != 'main' }}
+ run: composer require --dev 'nextcloud/ocp:dev-${{ matrix.branches }}'
+
+ - name: Raise on issue on failure
+ uses: dacbd/create-issue-action@cdb57ab6ff8862aa09fee2be6ba77a59581921c2 # v2.0.0
+ if: ${{ steps.checkout.outcome == 'success' && failure() && steps.update_branch.conclusion == 'failure' }}
+ with:
+ token: ${{ secrets.GITHUB_TOKEN }}
+ title: 'Failed to update nextcloud/ocp package on branch ${{ matrix.branches }}'
+ body: 'Please check the output of the GitHub action and manually resolve the issues
${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
${{ steps.codeowners.outputs.codeowners }}'
+
+ - name: Composer update nextcloud/ocp
+ id: update_main
+ if: ${{ steps.checkout.outcome == 'success' && matrix.branches == 'main' }}
+ run: composer require --dev nextcloud/ocp:dev-master
+
+ - name: Raise on issue on failure
+ uses: dacbd/create-issue-action@cdb57ab6ff8862aa09fee2be6ba77a59581921c2 # v2.0.0
+ if: ${{ steps.checkout.outcome == 'success' && failure() && steps.update_main.conclusion == 'failure' }}
+ with:
+ token: ${{ secrets.GITHUB_TOKEN }}
+ title: 'Failed to update nextcloud/ocp package on branch ${{ matrix.branches }}'
+ body: 'Please check the output of the GitHub action and manually resolve the issues
${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
${{ steps.codeowners.outputs.codeowners }}'
+
+ - name: Reset checkout 3rdparty
+ if: steps.checkout.outcome == 'success'
+ run: |
+ git clean -f 3rdparty
+ git checkout 3rdparty
+ continue-on-error: true
+
+ - name: Reset checkout vendor
+ if: steps.checkout.outcome == 'success'
+ run: |
+ git clean -f vendor
+ git checkout vendor
+ continue-on-error: true
+
+ - name: Reset checkout vendor-bin
+ if: steps.checkout.outcome == 'success'
+ run: |
+ git clean -f vendor-bin
+ git checkout vendor-bin
+ continue-on-error: true
+
+ - name: Create Pull Request
+ if: steps.checkout.outcome == 'success'
+ uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e # v7.0.8
+ with:
+ token: ${{ secrets.COMMAND_BOT_PAT }}
+ commit-message: 'chore(dev-deps): Bump nextcloud/ocp package'
+ committer: GitHub
+ author: nextcloud-command
+ signoff: true
+ branch: 'automated/noid/${{ matrix.branches }}-update-nextcloud-ocp'
+ title: '[${{ matrix.branches }}] Update nextcloud/ocp dependency'
+ body: |
+ Auto-generated update of [nextcloud/ocp](https://github.com/nextcloud-deps/ocp/) dependency
+ labels: |
+ dependencies
+ 3. to review