Commit Graph

397 Commits

Author SHA1 Message Date
Oliver
8f2ef39282
Remove coveralls integration (#7099) 2024-04-23 08:42:31 +10:00
Matthias Mair
2e0b197457
Group dependabot PRs per ecosystem (#7098) 2024-04-23 08:19:26 +10:00
Matthias Mair
ca03562d25
[CI] Small nitpick changes (#7016)
* use global pin for requests

* unify on yaml for workflo files

* format workflow files

* pin action versions

* fix pinned version

* use system venv

* switch args

* remove uv for now and add setting for pyyaml

* fix qc args

* bix doc paths
2024-04-21 22:20:13 +10:00
Oliver
0ba7f7ece5
[PUI] Session authentication (#6970)
* Adjust backend cookie settings

* Allow CORS requests to /accounts/

* Refactor frontend code

- Remove API token functions
- Simplify cookie approach
- Add isLoggedIn method

* Adjust REST_AUTH settings

* Cleanup auth functions in auth.tsx

* Adjust CSRF_COOKIE_SAMESITE value

* Fix login request

* Prevent session auth on login view

- Existing (invalid) session token causes 403

* Refactor ApiImage

- Point to the right host
- Simplify code
- Now we use session cookies, so it *Just Works*

* Fix download for attachment table

- Now works with remote host

* Cleanup settings.py

* Refactor login / logout notifications

* Update API version

* Update src/frontend/src/components/items/AttachmentLink.tsx

Co-authored-by: Lukas <76838159+wolflu05@users.noreply.github.com>

* fix assert url

* Remove comment

* Add explicit page to logout user

* Change tests to first logout

* Prune dead code

* Adjust tests

* Cleanup

* Direct to login view

* Trying something

* Update CUI test

* Fix basic tests

* Refactoring

* Fix basic checks

* Fix for PUI command tests

* More test updates

* Add speciifc test for quick login

* More cleanup of playwright tests

* Add some missing icons

* Fix typo

* Ignore coverage report for playwright test

* Remove coveralls upload task

---------

Co-authored-by: Lukas <76838159+wolflu05@users.noreply.github.com>
Co-authored-by: Matthias Mair <code@mjmair.com>
2024-04-17 21:35:20 +10:00
Oliver
b3f6c8f531
Revert to sqren backport action (#7051)
* Revert to sqren backpor action

* Remove invalid option
2024-04-16 15:17:13 +10:00
Oliver
22a25d4387
backport.yml : Fix copy_labels_pattern (#7050) 2024-04-16 15:01:30 +10:00
Oliver
66ed85e0c0
Fix regex (#7048)
* Fix regex

* Fix permission and step condition
2024-04-16 14:46:20 +10:00
Oliver
251029c62e
Change backport action (#7046)
- Change to korthout/backport-action
- More actively maintained
2024-04-16 13:22:52 +10:00
dependabot[bot]
1c67a92958
Bump sigstore/cosign-installer from 3.4.0 to 3.5.0 (#7035)
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.4.0 to 3.5.0.
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](e1523de757...59acb6260d)

---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-16 09:56:34 +10:00
dependabot[bot]
0575c167aa
Bump github/codeql-action from 3.24.10 to 3.25.0 (#7036)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.24.10 to 3.25.0.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](4355270be1...df5a14dc28)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-16 09:56:27 +10:00
dependabot[bot]
5315886fb4
Bump stefanzweifel/git-auto-commit-action from 5.0.0 to 5.0.1 (#7037)
Bumps [stefanzweifel/git-auto-commit-action](https://github.com/stefanzweifel/git-auto-commit-action) from 5.0.0 to 5.0.1.
- [Release notes](https://github.com/stefanzweifel/git-auto-commit-action/releases)
- [Changelog](https://github.com/stefanzweifel/git-auto-commit-action/blob/master/CHANGELOG.md)
- [Commits](8756aa072e...8621497c8c)

---
updated-dependencies:
- dependency-name: stefanzweifel/git-auto-commit-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-16 09:56:05 +10:00
Oliver
40e867896b
Revert "Trying again to fix backport action (#7018)" (#7021)
This reverts commit bdabdd38cc.
2024-04-14 20:30:08 +10:00
Matthias Mair
f15a3009bb
[PUI] Add more tests (#7010)
* add coverage to PUI

* fix testing command

* always do all steps

* fix test assumptions

* add test for serving and logging into pui from django / cui tech stack

* fix up coverage

* fix intentation

* remove paralell flags

* remove coverage finish step

* remove flag

* change names

* add full clickdown test

* more tests

* more tests

* sprinkle in some timeouts

* try using admin

* disable page 1 tests for now

* remove additional tests for now

* only build sourcemaps if coverage is enabled

* fix sourcemap assumption

* add more tests

* fix test

* Update package.json

* move tests to seperate file

* rename test files

* move defaults to seperate file

* centralise user creds

* lower migration level

* re-add page 1

* rename and split tests

* split out problematic test

* Add thumbnail building step

* remove unneded steps

* fix filename

* add more logging

* add sourounding table

* add missing tabs

* wait instead of click

* fix test

* split tests out more

* disable test for stock

* tes part sub-pages

* split tests more

* add company tests

* more sales testing

* split parts testing

* Add test for settings + admin center
2024-04-14 20:24:22 +10:00
Oliver
bdabdd38cc
Trying again to fix backport action (#7018) 2024-04-13 23:20:14 +10:00
Oliver
83742c01c8
Allow write permission for backport.yml (#7017) 2024-04-13 22:33:22 +10:00
dependabot[bot]
252cc7975a
Bump github/codeql-action from 3.24.9 to 3.24.10 (#6976)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.24.9 to 3.24.10.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](1b1aada464...4355270be1)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-12 07:05:07 +10:00
dependabot[bot]
6fe0f746b6
Bump codecov/codecov-action from 4.0.1 to 4.3.0 (#6994)
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4.0.1 to 4.3.0.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/codecov/codecov-action/compare/v4.0.1...v4.3.0)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-11 20:00:03 +10:00
Matthias Mair
6b858f777b
[CI] Increase migration test coverage (#6995)
* also trigger CI on changes to test files

* dummy change to test file

* fix match pattern
2024-04-11 10:11:12 +10:00
Matthias Mair
0d59f6e8a9
[CI] Re-add playwright reporting (#6992)
* re-add playwright reporting
now a bit more ressource optimised

* only upload if the tests faild
2024-04-11 01:00:30 +10:00
Matthias Mair
80475c57b2
[CI] Optimize runs (#6991)
* only run backend if required

* alwass upload coverage
2024-04-10 18:45:57 +10:00
Oliver
0778a77a41
Revert "Bump sqren/backport-github-action from 8.9.3 to 9.3.1 (#6802)" (#6984)
This reverts commit 34d8f5d65d.
2024-04-09 22:50:06 +10:00
Matthias Mair
8d41234ef7
Use xml for coverage info (#6947)
* append more apps

* set source

* use labels to force full CI suit

* always check for label

* use newer syntax

* remove unneeded carryforward flag

* improve action names

* remove unused upload steps

* enable discovery of locate test

* remove wrong module

* delete all ( :-) )lines for upload

* remove init for now

* add carryfoward back in again

* disable flaky test

* always run finsh step

* deactivate machine test for now

* specify refs explicitly

* add docker exception

* use xml for coverage info

* dummy fix

* remove dummy fix

* dummy change

* always export

* change path to ensure basepath is submitted

* add more paths

* reverst isort change

* remove unused html export

* remove paralell

* add plain InvenTree too

* Update pyproject.toml

* reset paths

* Update qc_checks.yaml

* Update qc_checks.yaml

* fix coverage runner setting

* fix coverage tool path

* use move, not copy

* ignore tmp

* reset isort settings

* use relative files for reporting

* Revert "use relative files for reporting"

This reverts commit 1f662bfb97.

* only run after at least 1 succeeds

* add TODO

* remove coverage subdir run

* also force migrations

* add coverage to migrations

* fix conditional for migration force check

* always upload coverage

* disable flaky test

* fix tests

* wait for migrations

* re-add function arg?

* adjust coverage targets

* add no-cov for fixes of flaky tests

* remove dummy

* revert to "old" upload method"
2024-04-09 10:33:27 +10:00
Matthias Mair
4adce85ef9
Fix test coverage (#6945)
* append more apps

* set source

* use labels to force full CI suit

* always check for label

* use newer syntax

* remove unneeded carryforward flag

* improve action names

* remove unused upload steps

* enable discovery of locate test

* remove wrong module

* delete all ( :-) )lines for upload

* remove init for now

* add carryfoward back in again

* disable flaky test

* always run finsh step

* deactivate machine test for now

* specify refs explicitly

* add docker exception

* remove paralell

* Update qc_checks.yaml

* Update qc_checks.yaml

* fix coverage tool path

* use move, not copy

* ignore tmp

* only run after at least 1 succeeds

* add TODO

* remove coverage subdir run

* also force migrations

* add coverage to migrations

* fix conditional for migration force check

* always upload coverage

* fix tests

* wait for migrations

* re-add function arg?

* adjust coverage targets

* add no-cov for fixes of flaky tests

* add migration checks to codecov
2024-04-08 21:55:03 +10:00
Matthias Mair
cc045bcc70
Add codecov (#6967)
* add codecov upload

* add to readme

* add flags

* dummy change

* dummy change

* switch to inventree org

* add codecov yaml

* lower threshold (for now)
see https://github.com/inventree/InvenTree/pull/6945 for a possibility to get it up again
2024-04-08 07:33:26 +10:00
Matthias Mair
3b87c84ae7
[BUG] Include .vite subdir in PUI releases (#6973)
* use yarn to build

* use different path annotation

* fix path

* include vite explicitly
2024-04-08 06:50:10 +10:00
Matthias Mair
3457eebf5c
Use pinned eslint version (#6968)
* pin eslint version

* use subdir instead

* move eslint
2024-04-06 14:27:13 +11:00
Oliver
3bb90d6894
Revert "Update backport.yml (#6958)" (#6959)
This reverts commit 8d1cb2c7ab.
2024-04-05 09:51:57 +11:00
Oliver
8d1cb2c7ab
Update backport.yml (#6958)
Seems to require global write permissions to function correctly.

Ref: https://github.com/inventree/InvenTree/actions/runs/8555011959/job/23441517102
2024-04-05 09:25:04 +11:00
Oliver
6730cdbccf
[Docker] Fix broken production image (#6953)
* Check for presense of manage.py

* Fix directory copying
2024-04-04 23:55:55 +11:00
Matthias Mair
fddcb629b6
[PUI] Add licenses texts to PUI (#6855)
* compile a license texts bundle

* add backend license extraction on install

* change path for licenses

* add to gitignore

* Add api to expose license paths

* add texts

* add frontend rendering of licensing files

* Handle errors when fetching license information

* Format backend packages.txt in json

* Improved API rendering:

- Handle file errors
- Render as JSON object

* Improve frontend modal rendering

- Separate frontend / backend into tabs
- Split packages into accordion

* Generate JSON file for fronten deps

* Fix rendering for frontend deps

* Update src/frontend/src/components/modals/LicenseModal.tsx

Co-authored-by: Lukas <76838159+wolflu05@users.noreply.github.com>

* Update src/frontend/src/components/modals/LicenseModal.tsx

Co-authored-by: Lukas <76838159+wolflu05@users.noreply.github.com>

* make reading of licenses objects dynamic

* remove unsued import

* style fixes

* style fixes

* default to first value

* use new syntax to call docker compose

* merge fix

* fix path

* Roll back #6942

* Update qc_checks.yaml

Run migration checks when requirements file changes

---------

Co-authored-by: Oliver Walters <oliver.henry.walters@gmail.com>
Co-authored-by: Lukas <76838159+wolflu05@users.noreply.github.com>
2024-04-04 10:31:20 +11:00
Matthias Mair
7b77fd31a7
Cleanups for refactor (#6933)
* adjust depandabot targets and interval

* add git blame ignore to make git diff more useable

* adjust test path

* fix ci path
2024-04-03 19:59:02 +11:00
Oliver
d0fccaf14e
Fix docker push action (#6934) 2024-04-03 08:58:17 +00:00
Matthias Mair
f58eacf64e
[PUI] Add coverage testing (#6881)
* add coverage to PUI

* fix testing command

* always do all steps

* fix test assumptions

* add test for serving and logging into pui from django / cui tech stack

* fix up coverage

* fix intentation

* remove paralell flags

* remove coverage finish step

* remove flag

* change names

* add full clickdown test

* more tests

* more tests

* sprinkle in some timeouts

* try using admin

* disable page 1 tests for now

* remove additional tests for now

* only build sourcemaps if coverage is enabled

* fix sourcemap assumption

* Update .github/workflows/qc_checks.yaml

Co-authored-by: Lukas <76838159+wolflu05@users.noreply.github.com>

* fix package.json

* add finish step

---------

Co-authored-by: Lukas <76838159+wolflu05@users.noreply.github.com>
2024-04-03 19:26:38 +11:00
Oliver
6be2ede5e8
Fix unit tests (#6932)
* Fix unit test

* Fix script pathing

* Fix pathing in version_check.py

* Fix mkdocs.yml
2024-04-03 06:50:13 +00:00
Matthias Mair
0bace3f3af
Code structure refactor (#5582)
* moved docker files to /contrib/container

* changed code owners to make more precise

* updated CI to use new subdirs

* added manual trigger for testing

* moved ci files

* moved assets into subdir

* moved deploy template file to contrib

* moved django files to src/backend

* updated paths in scripts etc

* updated reqs path

* fixed version file path

* fixed flake8 path

* fixed path to node ressources

* fixed task paths

* added dep path for node

* removed unused yarn lockfile

* removed unused ci script

* updated internal backend paths for tasks

* updated translation stats path

* fixed source path for coverage

* fixed main commit repo path

* fit in changes from testing

* gather packager improvements (#149)

* Matmair/issue5578 (#143)

* moved docker files to /contrib/container

* changed code owners to make more precise

* updated CI to use new subdirs

* added manual trigger for testing

* moved ci files

* moved assets into subdir

* moved deploy template file to contrib

* moved django files to src/backend

* updated paths in scripts etc

* updated reqs path

* fixed version file path

* fixed flake8 path

* fixed path to node ressources

* fixed task paths

* added dep path for node

* removed unused yarn lockfile

* removed unused ci script

* updated internal backend paths for tasks

* updated translation stats path

* fixed source path for coverage

* fixed main commit repo path

* fix docker path

* use project dir

* move project dir command

* fixed docker paths

* another fix?

* seperate tasks out

* remove tasks

* some debugging

* ci: add .deepsource.toml

* Update .deepsource.toml

* also ignore migrations

* more debugging

* fix path issues

* remove debug script

* fix style

* change locale path

* Fixed paths for requirements

* Added dummy requirements to fool packager

* fixed exec path

* remove deepsource

---------

Co-authored-by: deepsource-io[bot] <42547082+deepsource-io[bot]@users.noreply.github.com>

* Added docs for file structure

* Fixed style errors

* updated deepsource paths

* fix deepsource paths

* fixed reqs

* merge fixes

* move newly added dirs too

* fix reqs files

* another dep fix

* merge upstream/master

* revert removal of tags

* merge upstream

* enabled detection of old config files

* adapt coverage src

* also detect and support old location for plugins.txt

* style fix

* fix ~/init.sh location

* fix requirements path

* fix config to current master

* move new folders

* fix import order

* fix paths for qc_check

* fix docs build

* fix fix path

* set docker project dir

* just use a cd

* set image path?

* set file correct

* fix copy path

* fix tasks dir

* fix init path

* fix copy path

* set prject dir

* fix paths

* remove old prod files

* fix dev env path

* set docker file

* Fix devcontainer docker compose file

* fix login attempt values

* fix init.sh path

* Fix pathing for Docker

* Docker build fix

- Set INVENTREE_BACKEND_DIR separately

* Update init.sh

* Fix path

* Update requirements.txt

* merge

* fix rq merge

* fix docker compose usage

---------

Co-authored-by: deepsource-io[bot] <42547082+deepsource-io[bot]@users.noreply.github.com>
Co-authored-by: Oliver <oliver.henry.walters@gmail.com>
2024-04-03 12:16:59 +11:00
Matthias Mair
2591df3b11
Set write permission on specific job (#6915)
* set wirte permission on specific job

* only allow read
2024-04-02 17:35:32 +11:00
Matthias Mair
4db61df8cd
Security improvements (#6890)
* Set write permissions at job level

* publish scorecard results

* Update scorecard.yml

* Update scorecard.yml

* Create .sonarcloud.properties

* Delete .deepsource.toml

* replace badge

* pin requests, pyyaml, jc

* pin yarn version

* pin uv

* reduce settings

* set test path
2024-04-02 17:35:01 +11:00
Oliver
364a9d4fc1
New Crowdin updates (#6908)
* updated translation base

* Fix: New translations messages.po from Crowdin

* Fix: New translations messages.po from Crowdin

* Fix: New translations messages.po from Crowdin

* Fix: New translations messages.po from Crowdin

* Fix: New translations messages.po from Crowdin

* Fix: New translations messages.po from Crowdin

* Fix: New translations messages.po from Crowdin

* Fix: New translations messages.po from Crowdin

* Fix: New translations messages.po from Crowdin

* Fix: New translations messages.po from Crowdin

* Fix: New translations messages.po from Crowdin

* Fix: New translations messages.po from Crowdin

* Fix: New translations messages.po from Crowdin

* Fix: New translations messages.po from Crowdin

* Fix: New translations messages.po from Crowdin

* Fix: New translations messages.po from Crowdin

* Fix: New translations messages.po from Crowdin

* Fix: New translations messages.po from Crowdin

* Fix: New translations messages.po from Crowdin

* Fix: New translations messages.po from Crowdin

* Fix: New translations messages.po from Crowdin

* Fix: New translations messages.po from Crowdin

* Fix: New translations django.po from Crowdin

* Fix: New translations messages.po from Crowdin

* Fix: New translations messages.po from Crowdin

* Fix: New translations messages.po from Crowdin

* Fix: New translations messages.po from Crowdin

* Fix: New translations messages.po from Crowdin

* Fix: New translations messages.po from Crowdin

* Fix: New translations messages.po from Crowdin

* Fix: New translations messages.po from Crowdin

* Fix: New translations messages.po from Crowdin

* Fix: New translations messages.po from Crowdin

* Fix: New translations messages.po from Crowdin

* Set INVENTREE_SITE_URL

* Fix incorrect zh trans

---------

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2024-04-02 16:13:15 +11:00
Oliver
3518377e2c
allow write access for backport action (#6912) 2024-04-02 15:12:12 +11:00
Matthias Mair
34e86bfbeb
Add current deployment methods to bug template (#6893) 2024-03-30 08:48:17 +11:00
Matthias Mair
785b3b0e68
fix translation permissions to workflow (#6865) 2024-03-27 09:47:38 +11:00
dependabot[bot]
7ed51dfff5
Bump actions/setup-python from 5.0.0 to 5.1.0 (#6864)
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 5.0.0 to 5.1.0.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](0a5c615913...82c7e631bb)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-27 07:11:37 +11:00
dependabot[bot]
8e5ebf49a9
Bump actions/upload-artifact from 3.1.0 to 4.3.1 (#6851)
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3.1.0 to 4.3.1.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v3.1.0...5d5d22a31266ced268874388b861e4b58bb5c2f3)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-26 07:52:51 +11:00
dependabot[bot]
1fea796b25
Bump docker/setup-buildx-action from 3.0.0 to 3.2.0 (#6850)
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 3.0.0 to 3.2.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](f95db51fdd...2b51285047)

---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-26 07:49:03 +11:00
dependabot[bot]
7328fc0af5
Bump sigstore/cosign-installer from 3.1.2 to 3.4.0 (#6853)
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.1.2 to 3.4.0.
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](11086d2504...e1523de757)

---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-26 07:48:49 +11:00
dependabot[bot]
d935936295
Bump github/codeql-action from 2.2.4 to 3.24.9 (#6852)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.2.4 to 3.24.9.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](17573ee1cc...1b1aada464)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-26 07:48:33 +11:00
Matthias Mair
4cefbe5171
bump upload to v4 to ensure schema-push still works (#6837) 2024-03-25 11:40:04 +11:00
Matthias Mair
7c6eefbcdf
CI-Actions: Security fixes (#6835)
* add security commitment

* fix badge path

* set token permissions
see https://github.com/inventree/InvenTree/security/code-scanning/48

* add more chapters

* break up flow text

* spellchecking

* clean diff

* bump setup-python to node 20 version

* fix docker version too
2024-03-25 09:11:16 +11:00
dependabot[bot]
7169b5de26
Bump actions/stale from 8.0.0 to 9.0.0 (#6799)
Bumps [actions/stale](https://github.com/actions/stale) from 8.0.0 to 9.0.0.
- [Release notes](https://github.com/actions/stale/releases)
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md)
- [Commits](1160a22402...28ca103628)

---
updated-dependencies:
- dependency-name: actions/stale
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-23 18:11:57 +11:00
dependabot[bot]
08ad0f8e28
Bump docker/login-action from 3.0.0 to 3.1.0 (#6800)
Bumps [docker/login-action](https://github.com/docker/login-action) from 3.0.0 to 3.1.0.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](343f7c4344...e92390c5fb)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-23 18:11:47 +11:00