From dc8185d09c966dcdca970b86925b0678eabfdcbb Mon Sep 17 00:00:00 2001 From: Christoph Wurst Date: Thu, 9 Jan 2025 09:53:45 +0100 Subject: [PATCH] ci: Harden variables in strings Signed-off-by: Christoph Wurst --- .github/workflows/appstore-build-publish.yml | 64 +++++++++---------- .../appstore-conventional-build-publish.yml | 50 +++++++-------- .../block-unconventional-commits.yml | 2 +- .github/workflows/fixup.yml | 2 +- .github/workflows/lint-eslint.yml | 6 +- .github/workflows/lint-php-cs.yml | 2 +- .github/workflows/lint-php.yml | 6 +- .github/workflows/npm-audit-fix.yml | 12 ++-- .github/workflows/openapi.yml | 10 +-- .github/workflows/package.yml | 4 +- .github/workflows/psalm-matrix.yml | 6 +- .github/workflows/stale.yml | 2 +- .github/workflows/test.yml | 20 +++--- .../workflows/update-public-suffix-list.yml | 4 +- 14 files changed, 95 insertions(+), 95 deletions(-) diff --git a/.github/workflows/appstore-build-publish.yml b/.github/workflows/appstore-build-publish.yml index 1e69a04551..3bcb30489e 100644 --- a/.github/workflows/appstore-build-publish.yml +++ b/.github/workflows/appstore-build-publish.yml @@ -34,13 +34,13 @@ jobs: - name: Checkout uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: - path: ${{ env.APP_NAME }} + path: '${{ env.APP_NAME }}' - name: Get appinfo data id: appinfo uses: skjnldsv/xpath-action@7e6a7c379d0e9abc8acaef43df403ab4fc4f770c # master with: - filename: ${{ env.APP_NAME }}/appinfo/info.xml + filename: '${{ env.APP_NAME }}/appinfo/info.xml' expression: "//info//dependencies//nextcloud/@min-version" - name: Read package.json node and npm engines version @@ -49,18 +49,18 @@ jobs: # Continue if no package.json continue-on-error: true with: - path: ${{ env.APP_NAME }} + path: '${{ env.APP_NAME }}' fallbackNode: '^20' fallbackNpm: '^10' - - name: Set up node ${{ steps.versions.outputs.nodeVersion }} + - name: 'Set up node ${{ steps.versions.outputs.nodeVersion }}' # Skip if no package.json if: ${{ steps.versions.outputs.nodeVersion }} uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4 with: - node-version: ${{ steps.versions.outputs.nodeVersion }} + node-version: '${{ steps.versions.outputs.nodeVersion }}' - - name: Set up npm ${{ steps.versions.outputs.npmVersion }} + - name: 'Set up npm ${{ steps.versions.outputs.npmVersion }}' # Skip if no package.json if: ${{ steps.versions.outputs.npmVersion }} run: npm i -g 'npm@${{ steps.versions.outputs.npmVersion }}' @@ -69,26 +69,26 @@ jobs: id: php-versions uses: icewind1991/nextcloud-version-matrix@58becf3b4bb6dc6cef677b15e2fd8e7d48c0908f # v1.3.1 with: - filename: ${{ env.APP_NAME }}/appinfo/info.xml + filename: '${{ env.APP_NAME }}/appinfo/info.xml' - - name: Set up php ${{ steps.php-versions.outputs.php-min }} + - name: 'Set up php ${{ steps.php-versions.outputs.php-min }}' uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 # v2.31.1 with: - php-version: ${{ steps.php-versions.outputs.php-min }} + php-version: '${{ steps.php-versions.outputs.php-min }}' coverage: none env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GITHUB_TOKEN: '${{ secrets.GITHUB_TOKEN }}' - name: Check composer.json id: check_composer uses: andstor/file-existence-action@076e0072799f4942c8bc574a82233e1e4d13e9d6 # v3.0.0 with: - files: "${{ env.APP_NAME }}/composer.json" + files: '${{ env.APP_NAME }}/composer.json' - name: Install composer dependencies if: steps.check_composer.outputs.files_exists == 'true' run: | - cd ${{ env.APP_NAME }} + cd '${{ env.APP_NAME }}' composer install --no-dev - name: Build ${{ env.APP_NAME }} @@ -97,7 +97,7 @@ jobs: env: CYPRESS_INSTALL_BINARY: 0 run: | - cd ${{ env.APP_NAME }} + cd '${{ env.APP_NAME }}' npm ci npm run build --if-present @@ -105,7 +105,7 @@ jobs: id: krankerl uses: andstor/file-existence-action@076e0072799f4942c8bc574a82233e1e4d13e9d6 # v3.0.0 with: - files: ${{ env.APP_NAME }}/krankerl.toml + files: '${{ env.APP_NAME }}/krankerl.toml' - name: Install Krankerl if: steps.krankerl.outputs.files_exists == 'true' @@ -113,19 +113,19 @@ jobs: wget https://github.com/ChristophWurst/krankerl/releases/download/v0.14.0/krankerl_0.14.0_amd64.deb sudo dpkg -i krankerl_0.14.0_amd64.deb - - name: Package ${{ env.APP_NAME }} ${{ env.APP_VERSION }} with krankerl + - name: 'Package ${{ env.APP_NAME }} ${{ env.APP_VERSION }} with krankerl' if: steps.krankerl.outputs.files_exists == 'true' run: | - cd ${{ env.APP_NAME }} + cd '${{ env.APP_NAME }}' krankerl package - - name: Package ${{ env.APP_NAME }} ${{ env.APP_VERSION }} with makefile + - name: 'Package ${{ env.APP_NAME }} ${{ env.APP_VERSION }} with makefile' if: steps.krankerl.outputs.files_exists != 'true' run: | - cd ${{ env.APP_NAME }} + cd '${{ env.APP_NAME }}' make appstore - - name: Checkout server ${{ fromJSON(steps.appinfo.outputs.result).nextcloud.min-version }} + - name: 'Checkout server ${{ fromJSON(steps.appinfo.outputs.result).nextcloud.min-version }}' continue-on-error: true id: server-checkout run: | @@ -144,32 +144,32 @@ jobs: - name: Sign app run: | # Extracting release - cd ${{ env.APP_NAME }}/build/artifacts - tar -xvf ${{ env.APP_NAME }}.tar.gz + cd '${{ env.APP_NAME }}/build/artifacts' + tar -xvf '${{ env.APP_NAME }}.tar.gz' cd ../../../ # Setting up keys echo '${{ secrets.APP_PRIVATE_KEY }}' > ${{ env.APP_NAME }}.key wget --quiet "https://github.com/nextcloud/app-certificate-requests/raw/master/${{ env.APP_NAME }}/${{ env.APP_NAME }}.crt" # Signing - php nextcloud/occ integrity:sign-app --privateKey=../${{ env.APP_NAME }}.key --certificate=../${{ env.APP_NAME }}.crt --path=../${{ env.APP_NAME }}/build/artifacts/${{ env.APP_NAME }} + php nextcloud/occ integrity:sign-app --privateKey='../${{ env.APP_NAME }}.key' --certificate='../${{ env.APP_NAME }}.crt' --path='../${{ env.APP_NAME }}/build/artifacts/${{ env.APP_NAME }}' # Rebuilding archive - cd ${{ env.APP_NAME }}/build/artifacts - tar -zcvf ${{ env.APP_NAME }}.tar.gz ${{ env.APP_NAME }} + cd '${{ env.APP_NAME }}/build/artifacts' + tar -zcvf '${{ env.APP_NAME }}.tar.gz ${{ env.APP_NAME }}' - name: Attach tarball to github release uses: svenstaro/upload-release-action@04733e069f2d7f7f0b4aebc4fbdbce8613b03ccd # v2 id: attach_to_release with: - repo_token: ${{ secrets.GITHUB_TOKEN }} - file: ${{ env.APP_NAME }}/build/artifacts/${{ env.APP_NAME }}.tar.gz - asset_name: ${{ env.APP_NAME }}-${{ env.APP_VERSION }}.tar.gz - tag: ${{ github.ref }} + repo_token: '${{ secrets.GITHUB_TOKEN }}' + file: '${{ env.APP_NAME }}/build/artifacts/${{ env.APP_NAME }}.tar.gz' + asset_name: '${{ env.APP_NAME }}-${{ env.APP_VERSION }}.tar.gz' + tag: '${{ github.ref }}' overwrite: true - name: Upload app to Nextcloud appstore uses: nextcloud-releases/nextcloud-appstore-push-action@a011fe619bcf6e77ddebc96f9908e1af4071b9c1 # v1 with: - app_name: ${{ env.APP_NAME }} - appstore_token: ${{ secrets.APPSTORE_TOKEN }} - download_url: ${{ steps.attach_to_release.outputs.browser_download_url }} - app_private_key: ${{ secrets.APP_PRIVATE_KEY }} + app_name: '${{ env.APP_NAME }}' + appstore_token: '${{ secrets.APPSTORE_TOKEN }}' + download_url: '${{ steps.attach_to_release.outputs.browser_download_url }}' + app_private_key: '${{ secrets.APP_PRIVATE_KEY }}' diff --git a/.github/workflows/appstore-conventional-build-publish.yml b/.github/workflows/appstore-conventional-build-publish.yml index de46984eda..78a35ca02d 100644 --- a/.github/workflows/appstore-conventional-build-publish.yml +++ b/.github/workflows/appstore-conventional-build-publish.yml @@ -35,14 +35,14 @@ jobs: - name: Checkout uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: - path: ${{ env.APP_NAME }} + path: '${{ env.APP_NAME }}' - name: Conventional Changelog Action id: changelog uses: TriPSs/conventional-changelog-action@b7f32a8347e86c26ea2f4823cc7c160b9014c6a0 # v3 - working-directory: ${{ env.APP_NAME }} + working-directory: '${{ env.APP_NAME }}' with: - github-token: ${{ secrets.RELEASE_PAT }} + github-token: '${{ secrets.RELEASE_PAT }}' git-user-email: nextcloud-command@users.noreply.github.com git-user-name: Nextcloud Command Bot skip-git-pull: "true" @@ -55,7 +55,7 @@ jobs: id: appinfo uses: skjnldsv/xpath-action@7e6a7c379d0e9abc8acaef43df403ab4fc4f770c # master with: - filename: ${{ env.APP_NAME }}/appinfo/info.xml + filename: '${{ env.APP_NAME }}/appinfo/info.xml' expression: "//info//dependencies//nextcloud/@min-version" - name: Read package.json node and npm engines version @@ -65,17 +65,17 @@ jobs: # Continue if no package.json continue-on-error: true with: - path: ${{ env.APP_NAME }} + path: '${{ env.APP_NAME }}' fallbackNode: '^20' fallbackNpm: '^9' - - name: Set up node ${{ steps.versions.outputs.nodeVersion }} + - name: 'Set up node ${{ steps.versions.outputs.nodeVersion }}' if: ${{ steps.changelog.outputs.skipped == 'false' }} uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4 with: - node-version: ${{ steps.versions.outputs.nodeVersion }} + node-version: '${{ steps.versions.outputs.nodeVersion }}' - - name: Set up npm ${{ steps.versions.outputs.npmVersion }} + - name: 'Set up npm ${{ steps.versions.outputs.npmVersion }}' if: ${{ steps.changelog.outputs.skipped == 'false' }} run: npm i -g npm@"${{ steps.versions.outputs.npmVersion }}" @@ -83,10 +83,10 @@ jobs: if: ${{ steps.changelog.outputs.skipped == 'false' }} uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 # v2 with: - php-version: ${{ env.PHP_VERSION }} + php-version: '${{ env.PHP_VERSION }}' coverage: none env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GITHUB_TOKEN: '${{ secrets.GITHUB_TOKEN }}' - name: Install Krankerl if: ${{ steps.changelog.outputs.skipped == 'false' }} @@ -94,18 +94,18 @@ jobs: wget https://github.com/ChristophWurst/krankerl/releases/download/v0.14.0/krankerl_0.14.0_amd64.deb sudo dpkg -i krankerl_0.14.0_amd64.deb - - name: Package ${{ env.APP_NAME }} ${{ env.APP_VERSION }} with krankerl + - name: 'Package ${{ env.APP_NAME }} ${{ env.APP_VERSION }} with krankerl' if: ${{ steps.changelog.outputs.skipped == 'false' }} run: | - cd ${{ env.APP_NAME }} + cd '${{ env.APP_NAME }}' krankerl package - - name: Checkout server ${{ fromJSON(steps.appinfo.outputs.result).nextcloud.min-version }} + - name: 'Checkout server ${{ fromJSON(steps.appinfo.outputs.result).nextcloud.min-version }}' if: ${{ steps.changelog.outputs.skipped == 'false' }} continue-on-error: true id: server-checkout run: | - NCVERSION=${{ fromJSON(steps.appinfo.outputs.result).nextcloud.min-version }} + NCVERSION='${{ fromJSON(steps.appinfo.outputs.result).nextcloud.min-version }}' wget --quiet https://download.nextcloud.com/server/releases/latest-$NCVERSION.zip unzip latest-$NCVERSION.zip @@ -121,7 +121,7 @@ jobs: if: ${{ steps.changelog.outputs.skipped == 'false' }} run: | # Extracting release - cd ${{ env.APP_NAME }}/build/artifacts + cd '${{ env.APP_NAME }}/build/artifacts' tar -xvf ${{ env.APP_NAME }}.tar.gz cd ../../../ # Setting up keys @@ -130,7 +130,7 @@ jobs: # Signing php nextcloud/occ integrity:sign-app --privateKey=../${{ env.APP_NAME }}.key --certificate=../${{ env.APP_NAME }}.crt --path=../${{ env.APP_NAME }}/build/artifacts/${{ env.APP_NAME }} # Rebuilding archive - cd ${{ env.APP_NAME }}/build/artifacts + cd '${{ env.APP_NAME }}/build/artifacts' tar -zcvf ${{ env.APP_NAME }}.tar.gz ${{ env.APP_NAME }} - name: Push tag to releases organization @@ -144,18 +144,18 @@ jobs: uses: svenstaro/upload-release-action@04733e069f2d7f7f0b4aebc4fbdbce8613b03ccd # v2 id: attach_to_release with: - repo_token: ${{ secrets.RELEASE_PAT }} - repo_name: nextcloud-releases/${{ env.APP_NAME }} - file: ${{ env.APP_NAME }}/build/artifacts/${{ env.APP_NAME }}.tar.gz - asset_name: ${{ env.APP_NAME }}-${{ env.APP_VERSION }}.tar.gz - tag: ${{ steps.changelog.outputs.tag }} + repo_token: '${{ secrets.RELEASE_PAT }}' + repo_name: 'nextcloud-releases/${{ env.APP_NAME }}' + file: '${{ env.APP_NAME }}/build/artifacts/${{ env.APP_NAME }}.tar.gz' + asset_name: '${{ env.APP_NAME }}-${{ env.APP_VERSION }}.tar.gz' + tag: '${{ steps.changelog.outputs.tag }}' overwrite: true - name: Upload app to Nextcloud appstore if: ${{ steps.changelog.outputs.skipped == 'false' }} uses: nextcloud-releases/nextcloud-appstore-push-action@a011fe619bcf6e77ddebc96f9908e1af4071b9c1 # v1 with: - app_name: ${{ env.APP_NAME }} - appstore_token: ${{ secrets.APPSTORE_TOKEN }} - download_url: ${{ steps.attach_to_release.outputs.browser_download_url }} - app_private_key: ${{ secrets.APP_PRIVATE_KEY }} + app_name: '{{ env.APP_NAME }}' + appstore_token: '${{ secrets.APPSTORE_TOKEN }}' + download_url: '${{ steps.attach_to_release.outputs.browser_download_url }}' + app_private_key: '${{ secrets.APP_PRIVATE_KEY }}' diff --git a/.github/workflows/block-unconventional-commits.yml b/.github/workflows/block-unconventional-commits.yml index 0e7d81efc6..5655871775 100644 --- a/.github/workflows/block-unconventional-commits.yml +++ b/.github/workflows/block-unconventional-commits.yml @@ -31,4 +31,4 @@ jobs: - uses: webiny/action-conventional-commits@8bc41ff4e7d423d56fa4905f6ff79209a78776c7 # v1.3.0 with: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GITHUB_TOKEN: '${{ secrets.GITHUB_TOKEN }}' diff --git a/.github/workflows/fixup.yml b/.github/workflows/fixup.yml index 1444299925..e11d9ca2ea 100644 --- a/.github/workflows/fixup.yml +++ b/.github/workflows/fixup.yml @@ -33,4 +33,4 @@ jobs: - name: Run check uses: skjnldsv/block-fixup-merge-action@c138ea99e45e186567b64cf065ce90f7158c236a # v2 with: - repo-token: ${{ secrets.GITHUB_TOKEN }} + repo-token: '${{ secrets.GITHUB_TOKEN }}' diff --git a/.github/workflows/lint-eslint.yml b/.github/workflows/lint-eslint.yml index 589e8ba3b2..3e738939c6 100644 --- a/.github/workflows/lint-eslint.yml +++ b/.github/workflows/lint-eslint.yml @@ -62,12 +62,12 @@ jobs: fallbackNode: '^20' fallbackNpm: '^9' - - name: Set up node ${{ steps.versions.outputs.nodeVersion }} + - name: 'Set up node ${{ steps.versions.outputs.nodeVersion }}' uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4 with: - node-version: ${{ steps.versions.outputs.nodeVersion }} + node-version: '${{ steps.versions.outputs.nodeVersion }}' - - name: Set up npm ${{ steps.versions.outputs.npmVersion }} + - name: 'Set up npm ${{ steps.versions.outputs.npmVersion }}' run: npm i -g npm@"${{ steps.versions.outputs.npmVersion }}" - name: Install dependencies diff --git a/.github/workflows/lint-php-cs.yml b/.github/workflows/lint-php-cs.yml index a2f103c442..6cc48e5996 100644 --- a/.github/workflows/lint-php-cs.yml +++ b/.github/workflows/lint-php-cs.yml @@ -34,7 +34,7 @@ jobs: coverage: none ini-file: development env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GITHUB_TOKEN: '${{ secrets.GITHUB_TOKEN }}' - name: Install dependencies run: composer i diff --git a/.github/workflows/lint-php.yml b/.github/workflows/lint-php.yml index 9d866b79b7..b3aac31f2e 100644 --- a/.github/workflows/lint-php.yml +++ b/.github/workflows/lint-php.yml @@ -30,14 +30,14 @@ jobs: - name: Checkout uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - name: Set up php ${{ matrix.php-versions }} + - name: 'Set up php ${{ matrix.php-versions }}' uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 # v2 with: - php-version: ${{ matrix.php-versions }} + php-version: '${{ matrix.php-versions }}' coverage: none ini-file: development env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GITHUB_TOKEN: '${{ secrets.GITHUB_TOKEN }}' - name: Lint run: composer run lint diff --git a/.github/workflows/npm-audit-fix.yml b/.github/workflows/npm-audit-fix.yml index 9bc18a9176..99aa446d4d 100644 --- a/.github/workflows/npm-audit-fix.yml +++ b/.github/workflows/npm-audit-fix.yml @@ -23,13 +23,13 @@ jobs: matrix: branches: ['main', 'stable3.7', 'stable3.6'] - name: npm-audit-fix-${{ matrix.branches }} + name: 'npm-audit-fix-${{ matrix.branches }}' steps: - name: Checkout uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: - ref: ${{ matrix.branches }} + ref: '${{ matrix.branches }}' - name: Read package.json node and npm engines version uses: skjnldsv/read-package-engines-version-actions@8205673bab74a63eb9b8093402fd9e0e018663a1 # v2.2 @@ -38,10 +38,10 @@ jobs: fallbackNode: '^20' fallbackNpm: '^10' - - name: Set up node ${{ steps.versions.outputs.nodeVersion }} + - name: 'Set up node ${{ steps.versions.outputs.nodeVersion }}' uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4 with: - node-version: ${{ steps.versions.outputs.nodeVersion }} + node-version: '${{ steps.versions.outputs.nodeVersion }}' - name: Set up npm ${{ steps.versions.outputs.npmVersion }} run: npm i -g npm@"${{ steps.versions.outputs.npmVersion }}" @@ -54,12 +54,12 @@ jobs: if: always() uses: peter-evans/create-pull-request@5e914681df9dc83aa4e4905692ca88beb2f9e91f # v7 with: - token: ${{ secrets.COMMAND_BOT_PAT }} + token: '${{ secrets.COMMAND_BOT_PAT }}' commit-message: "fix(deps): Apply npm audit fix" committer: GitHub author: nextcloud-command signoff: true - branch: automated/noid/${{ matrix.branches }}-fix-npm-audit + branch: 'automated/noid/${{ matrix.branches }}-fix-npm-audit' title: "fix(deps): Apply npm audit fix" body: | Auto-generated fix of npm audit diff --git a/.github/workflows/openapi.yml b/.github/workflows/openapi.yml index 5652a1e074..6db730b402 100644 --- a/.github/workflows/openapi.yml +++ b/.github/workflows/openapi.yml @@ -35,12 +35,12 @@ jobs: - name: Set up php uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 # 2.31.1 with: - php-version: ${{ steps.php_versions.outputs.php-available }} + php-version: '${{ steps.php_versions.outputs.php-available }}' extensions: xml coverage: none ini-file: development env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GITHUB_TOKEN: '${{ secrets.GITHUB_TOKEN }}' - name: Check Typescript OpenApi types id: check_typescript_openapi @@ -58,13 +58,13 @@ jobs: fallbackNode: '^20' fallbackNpm: '^10' - - name: Set up node ${{ steps.node_versions.outputs.nodeVersion }} + - name: 'Set up node ${{ steps.node_versions.outputs.nodeVersion }}' if: ${{ steps.node_versions.outputs.nodeVersion }} uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4 with: - node-version: ${{ steps.node_versions.outputs.nodeVersion }} + node-version: '${{ steps.node_versions.outputs.nodeVersion }}' - - name: Set up npm ${{ steps.node_versions.outputs.npmVersion }} + - name: 'Set up npm ${{ steps.node_versions.outputs.npmVersion }}' if: ${{ steps.node_versions.outputs.nodeVersion }} run: npm i -g 'npm@${{ steps.node_versions.outputs.npmVersion }}' diff --git a/.github/workflows/package.yml b/.github/workflows/package.yml index 59f0e4fbda..781e6152da 100644 --- a/.github/workflows/package.yml +++ b/.github/workflows/package.yml @@ -19,8 +19,8 @@ jobs: - name: Set up Nextcloud env uses: ChristophWurst/setup-nextcloud@fc0790385c175d97e88a7cb0933490de6e990374 # v0.3.2 with: - node-version: ${{ steps.versions.outputs.nodeVersion }} - npm-version: ${{ steps.versions.outputs.npmVersion }} + node-version: '${{ steps.versions.outputs.nodeVersion }}' + npm-version: '${{ steps.versions.outputs.npmVersion }}' tools: 'krankerl' - name: Package app run: krankerl package diff --git a/.github/workflows/psalm-matrix.yml b/.github/workflows/psalm-matrix.yml index 88fba97f4e..86cfcec778 100644 --- a/.github/workflows/psalm-matrix.yml +++ b/.github/workflows/psalm-matrix.yml @@ -23,7 +23,7 @@ jobs: matrix: ocp-version: [ 'dev-master' ] - name: static-psalm-analysis ${{ matrix.ocp-version }} + name: 'static-psalm-analysis ${{ matrix.ocp-version }}' steps: - name: Checkout uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 @@ -35,13 +35,13 @@ jobs: coverage: none ini-file: development env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GITHUB_TOKEN: '${{ secrets.GITHUB_TOKEN }}' - name: Install dependencies run: composer i - name: Install dependencies - run: composer require --dev nextcloud/ocp:${{ matrix.ocp-version }} --ignore-platform-reqs --with-dependencies + run: composer require --dev 'nextcloud/ocp:${{ matrix.ocp-version }}' --ignore-platform-reqs --with-dependencies - name: Run coding standards check run: composer run psalm diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index 2c92ab3fd9..e9de55955c 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -19,7 +19,7 @@ jobs: steps: - uses: actions/stale@v9 with: - repo-token: ${{ secrets.COMMAND_BOT_PAT }} + repo-token: '${{ secrets.COMMAND_BOT_PAT }}' stale-issue-message: > Hi there! It looks like this issue hasn’t seen much activity for a while and might need a bit more information to move forward. If we don’t hear back soon, we may close it to keep things organized. diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 30bf38f7f1..f05a351034 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -16,13 +16,13 @@ jobs: include: - php-versions: '8.4' nextcloud-versions: 'master' - name: Nextcloud ${{ matrix.nextcloud-versions }} php${{ matrix.php-versions }} unit tests + name: 'Nextcloud ${{ matrix.nextcloud-versions }} php${{ matrix.php-versions }} unit tests' steps: - name: Set up Nextcloud env uses: ChristophWurst/setup-nextcloud@fc0790385c175d97e88a7cb0933490de6e990374 # v0.3.2 with: - nextcloud-version: ${{ matrix.nextcloud-versions }} - php-version: ${{ matrix.php-versions }} + nextcloud-version: '${{ matrix.nextcloud-versions }}' + php-version: '${{ matrix.php-versions }}' php-coverage: 'xdebug' patch-php-version-check: ${{ matrix.php-versions == '8.4' }} node-version: 'false' @@ -79,7 +79,7 @@ jobs: nextcloud-versions: stable30 db: 'mysql' cache: 'redis' - name: ${{ matrix.nextcloud-versions }} w/ php${{ matrix.php-versions }}-${{ matrix.db }}-${{ matrix.cache }} integration tests + name: '${{ matrix.nextcloud-versions }} w/ php${{ matrix.php-versions }}-${{ matrix.db }}-${{ matrix.cache }} integration tests' services: mail-service: image: ghcr.io/christophwurst/docker-imap-devel:latest @@ -132,12 +132,12 @@ jobs: - name: Set up Nextcloud env uses: ChristophWurst/setup-nextcloud@fc0790385c175d97e88a7cb0933490de6e990374 # v0.3.2 with: - nextcloud-version: ${{ matrix.nextcloud-versions }} - php-version: ${{ matrix.php-versions }} + nextcloud-version: '${{ matrix.nextcloud-versions }}' + php-version: '${{ matrix.php-versions }}' php-coverage: 'xdebug' patch-php-version-check: ${{ matrix.php-versions == '8.4' }} install: true - database: ${{ matrix.db }} + database: '${{ matrix.db }}' node-version: 'false' - name: Configure caching if: ${{ matrix.cache == 'redis' }} @@ -206,11 +206,11 @@ jobs: with: fallbackNode: '^14' fallbackNpm: '^7' - - name: Set up node ${{ steps.versions.outputs.nodeVersion }} + - name: 'Set up node ${{ steps.versions.outputs.nodeVersion }}' uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4 with: - node-version: ${{ steps.versions.outputs.nodeVersion }} - - name: Set up npm ${{ steps.versions.outputs.npmVersion }} + node-version: '${{ steps.versions.outputs.nodeVersion }}' + - name: 'Set up npm ${{ steps.versions.outputs.npmVersion }}' run: npm i -g npm@"${{ steps.versions.outputs.npmVersion }}" - name: npm install run: npm install diff --git a/.github/workflows/update-public-suffix-list.yml b/.github/workflows/update-public-suffix-list.yml index 38aeb6b0b2..01aae6823c 100644 --- a/.github/workflows/update-public-suffix-list.yml +++ b/.github/workflows/update-public-suffix-list.yml @@ -21,7 +21,7 @@ jobs: steps: - uses: actions/checkout@3b9b8c884f6b4bb4d5be2779c26374abadae0871 with: - ref: ${{ matrix.branches }} + ref: '${{ matrix.branches }}' submodules: true - name: Download public suffix list @@ -30,7 +30,7 @@ jobs: - name: Create Pull Request uses: peter-evans/create-pull-request@7920c48d6af627948130adb390df5809c471ae3b with: - token: ${{ secrets.COMMAND_BOT_PAT }} + token: '${{ secrets.COMMAND_BOT_PAT }}' commit-message: 'fix(dns): Update public suffix list' committer: GitHub author: nextcloud-command