Mirrors/Stirling-PDF
Mirrors/Stirling-PDF
1
0
Fork 0
mirror of https://github.com/Frooodle/Stirling-PDF.git synced 2025-02-07 00:17:07 +01:00
Code Issues Packages Projects Releases Wiki Activity
2d3611fd00
Stirling-PDF/.github/workflows/licenses-update.yml

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

93 lines
3.1 KiB
YAML
Raw Normal View History

test
2024-01-04 20:17:38 +01:00
name: License Report Workflow
on:
push:
branches:
- main
paths:
updating the build files (#1100)
2024-04-21 17:30:17 +02:00
- "build.gradle"
test
2024-01-04 20:17:38 +01:00
Token-Permissions & Pinned-Dependencies (#2586) # Description Please provide a summary of the changes, including relevant motivation and context. Closes #(issue_number) ## Checklist - [ ] I have read the [Contribution Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md) - [ ] I have performed a self-review of my own code - [ ] I have attached images of the change if it is UI based - [ ] I have commented my code, particularly in hard-to-understand areas - [ ] If my code has heavily changed functionality I have updated relevant docs on [Stirling-PDFs doc repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/) - [ ] My changes generate no new warnings - [ ] I have read the section [Add New Translation Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags) (for new translation tags only)
2025-01-02 19:22:14 +01:00
permissions:
contents: read
test
2024-01-04 20:17:38 +01:00
jobs:
generate-license-report:
runs-on: ubuntu-latest
[Security] Token permissions no. 2
2024-12-22 00:33:41 +01:00
permissions:
contents: write
pull-requests: write
test
2024-01-04 20:17:38 +01:00
steps:
[StepSecurity] Apply security best practices Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
2024-12-21 13:28:35 +01:00
- name: Harden Runner
Bump step-security/harden-runner from 2.10.3 to 2.10.4 (#2761) [//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.10.3 to 2.10.4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's releases</a>.</em></p> <blockquote> <h2>v2.10.4</h2> <h2>What's Changed</h2> <p>Fixed a potential Harden-Runner post step failure that could occur when printing agent service logs. The fix gracefully handles failures without failing the post step.</p> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2...v2.10.4">https://github.com/step-security/harden-runner/compare/v2...v2.10.4</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/step-security/harden-runner/commit/cb605e52c26070c328afc4562f0b4ada7618a84e"><code>cb605e5</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/496">#496</a> from step-security/fix-enobufs</li> <li><a href="https://github.com/step-security/harden-runner/commit/61144dda3ba7a45a4e879e99c548ff785b492364"><code>61144dd</code></a> Update log statement</li> <li><a href="https://github.com/step-security/harden-runner/commit/b8be370ff4fa3a7b5d97afe5cbb1921a734fffcc"><code>b8be370</code></a> Add try catch block</li> <li><a href="https://github.com/step-security/harden-runner/commit/6f6fa07e47155133e69ca8a751aad4ff01a292b1"><code>6f6fa07</code></a> Fix ENOBUFS issue</li> <li><a href="https://github.com/step-security/harden-runner/commit/18f6947f131da60743dc12d2a22ff28c2b4ea87f"><code>18f6947</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/495">#495</a> from AkhigbeEromo/Update-README</li> <li><a href="https://github.com/step-security/harden-runner/commit/81f844e74365cf557ddf3715c247f745a115a5b2"><code>81f844e</code></a> Edit docs</li> <li><a href="https://github.com/step-security/harden-runner/commit/4c766de2db7a0b0a47e5728947c16e113c64f377"><code>4c766de</code></a> Merge branch 'Update-README' of <a href="https://github.com/AkhigbeEromo/harden-runner">https://github.com/AkhigbeEromo/harden-runner</a>...</li> <li><a href="https://github.com/step-security/harden-runner/commit/c9c5f3273c74d0365949a3aa120e85977f51d1ef"><code>c9c5f32</code></a> Handle Ashish reviews</li> <li><a href="https://github.com/step-security/harden-runner/commit/2877824267faf8efc084b00de71c0fe737ff0a76"><code>2877824</code></a> Merge branch 'main' into Update-README</li> <li><a href="https://github.com/step-security/harden-runner/commit/be87de076dd7a9aa9a9220dc9488dea2f8775db0"><code>be87de0</code></a> Clean up</li> <li>Additional commits viewable in <a href="https://github.com/step-security/harden-runner/compare/c95a14d0e5bab51a9f56296a4eb0e416910cd350...cb605e52c26070c328afc4562f0b4ada7618a84e">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=step-security/harden-runner&package-manager=github_actions&previous-version=2.10.3&new-version=2.10.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-01-21 12:11:01 +01:00
uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
[StepSecurity] Apply security best practices Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
2024-12-21 13:28:35 +01:00
with:
egress-policy: audit
Auto merge test (#2706) # Description Please provide a summary of the changes, including relevant motivation and context. Closes #(issue_number) ## Checklist - [ ] I have read the [Contribution Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md) - [ ] I have performed a self-review of my own code - [ ] I have attached images of the change if it is UI based - [ ] I have commented my code, particularly in hard-to-understand areas - [ ] If my code has heavily changed functionality I have updated relevant docs on [Stirling-PDFs doc repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/) - [ ] My changes generate no new warnings - [ ] I have read the section [Add New Translation Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags) (for new translation tags only)
2025-01-15 20:43:14 +01:00
- name: Generate GitHub App Token
id: generate-token
Bump actions/create-github-app-token from 1.11.1 to 1.11.2 (#2853) Bumps [actions/create-github-app-token](https://github.com/actions/create-github-app-token) from 1.11.1 to 1.11.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/create-github-app-token/releases">actions/create-github-app-token's releases</a>.</em></p> <blockquote> <h2>v1.11.2</h2> <h2><a href="https://github.com/actions/create-github-app-token/compare/v1.11.1...v1.11.2">1.11.2</a> (2025-01-30)</h2> <h3>Bug Fixes</h3> <ul> <li><strong>deps:</strong> bump <code>@​octokit/request</code> from 9.1.3 to 9.1.4 in the production-dependencies group (<a href="https://redirect.github.com/actions/create-github-app-token/issues/196">#196</a>) (<a href="https://github.com/actions/create-github-app-token/commit/b4192a5b3659c0e5875f868c44727ef4ecc5d579">b4192a5</a>), closes <a href="https://redirect.github.com/actions/create-github-app-token/issues/730">#730</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/730">#730</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/729">#729</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/727">#727</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/726">#726</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/723">#723</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/724">#724</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/722">#722</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/721">#721</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/720">#720</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/719">#719</a></li> <li><strong>deps:</strong> bump undici from 6.19.8 to 7.2.0 (<a href="https://redirect.github.com/actions/create-github-app-token/issues/198">#198</a>) (<a href="https://github.com/actions/create-github-app-token/commit/29aa0514a79f3b4aa8b1547173a41455949e4bf6">29aa051</a>), closes <a href="https://redirect.github.com/nodejs/undici/issues/3958">nodejs/undici#3958</a> <a href="https://redirect.github.com/nodejs/undici/issues/3955">nodejs/undici#3955</a> <a href="https://redirect.github.com/nodejs/undici/issues/3962">nodejs/undici#3962</a> <a href="https://redirect.github.com/nodejs/undici/issues/3921">nodejs/undici#3921</a> <a href="https://redirect.github.com/nodejs/undici/issues/3923">nodejs/undici#3923</a> <a href="https://redirect.github.com/nodejs/undici/issues/3925">nodejs/undici#3925</a> <a href="https://redirect.github.com/nodejs/undici/issues/3926">nodejs/undici#3926</a> <a href="https://redirect.github.com/nodejs/undici/issues/3924">nodejs/undici#3924</a> <a href="https://redirect.github.com/nodejs/undici/issues/3933">nodejs/undici#3933</a> <a href="https://redirect.github.com/nodejs/undici/issues/3916">nodejs/undici#3916</a> <a href="https://redirect.github.com/nodejs/undici/issues/3930">nodejs/undici#3930</a> <a href="https://redirect.github.com/nodejs/undici/issues/3938">nodejs/undici#3938</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/3937">#3937</a> <a href="https://redirect.github.com/nodejs/undici/issues/3940">nodejs/undici#3940</a> <a href="https://redirect.github.com/nodejs/undici/issues/3931">nodejs/undici#3931</a> <a href="https://redirect.github.com/nodejs/undici/issues/3941">nodejs/undici#3941</a> <a href="https://redirect.github.com/nodejs/undici/issues/3911">nodejs/undici#3911</a> <a href="https://redirect.github.com/nodejs/undici/issues/3888">nodejs/undici#3888</a> <a href="https://redirect.github.com/nodejs/undici/issues/3939">nodejs/undici#3939</a> <a href="https://redirect.github.com/nodejs/undici/issues/3947">nodejs/undici#3947</a> <a href="https://redirect.github.com/nodejs/undici/issues/3945">nodejs/undici#3945</a> <a href="https://redirect.github.com/nodejs/undici/issues/3916">nodejs/undici#3916</a> <a href="https://redirect.github.com/nodejs/undici/issues/3893">nodejs/undici#3893</a> <a href="https://redirect.github.com/nodejs/undici/issues/3902">nodejs/undici#3902</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/3901">#3901</a> <a href="https://redirect.github.com/nodejs/undici/issues/3903">nodejs/undici#3903</a> <a href="https://redirect.github.com/nodejs/undici/issues/3905">nodejs/undici#3905</a> <a href="https://redirect.github.com/nodejs/undici/issues/3900">nodejs/undici#3900</a> <a href="https://redirect.github.com/nodejs/undici/issues/3913">nodejs/undici#3913</a> <a href="https://redirect.github.com/nodejs/undici/issues/3910">nodejs/undici#3910</a> <a href="https://redirect.github.com/nodejs/undici/issues/3909">nodejs/undici#3909</a> <a href="https://redirect.github.com/nodejs/undici/issues/3906">nodejs/undici#3906</a> <a href="https://redirect.github.com/nodejs/undici/issues/3922">nodejs/undici#3922</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/3962">#3962</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/3955">#3955</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/3958">#3958</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/3945">#3945</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/3947">#3947</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/3939">#3939</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/3888">#3888</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/3911">#3911</a> <a href="https://redirect.github.com/actions/create-github-app-token/issues/3941">#3941</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/create-github-app-token/commit/136412a57a7081aa63c935a2cc2918f76c34f514"><code>136412a</code></a> build(release): 1.11.2 [skip ci]</li> <li><a href="https://github.com/actions/create-github-app-token/commit/b4192a5b3659c0e5875f868c44727ef4ecc5d579"><code>b4192a5</code></a> fix(deps): bump <code>@​octokit/request</code> from 9.1.3 to 9.1.4 in the production-depend...</li> <li><a href="https://github.com/actions/create-github-app-token/commit/29aa0514a79f3b4aa8b1547173a41455949e4bf6"><code>29aa051</code></a> fix(deps): bump undici from 6.19.8 to 7.2.0 (<a href="https://redirect.github.com/actions/create-github-app-token/issues/198">#198</a>)</li> <li><a href="https://github.com/actions/create-github-app-token/commit/a5f8600f5881d59ee9299dfd57605d0ccbd561f5"><code>a5f8600</code></a> build(deps-dev): bump <code>@​sinonjs/fake-timers</code> from 13.0.2 to 14.0.0 (<a href="https://redirect.github.com/actions/create-github-app-token/issues/199">#199</a>)</li> <li><a href="https://github.com/actions/create-github-app-token/commit/0edddd70c80d313f6d5fac3b29df92440abb9e33"><code>0edddd7</code></a> build(deps-dev): bump the development-dependencies group with 2 updates (<a href="https://redirect.github.com/actions/create-github-app-token/issues/197">#197</a>)</li> <li><a href="https://github.com/actions/create-github-app-token/commit/bb3ca765afdde129dbde9599979c21f6d97e9b0a"><code>bb3ca76</code></a> docs(README): remove extra space in variable syntax in README example (<a href="https://redirect.github.com/actions/create-github-app-token/issues/201">#201</a>)</li> <li>See full diff in <a href="https://github.com/actions/create-github-app-token/compare/c1a285145b9d317df6ced56c09f525b5c2b6f755...136412a57a7081aa63c935a2cc2918f76c34f514">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/create-github-app-token&package-manager=github_actions&previous-version=1.11.1&new-version=1.11.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-02-03 11:07:37 +01:00
uses: actions/create-github-app-token@136412a57a7081aa63c935a2cc2918f76c34f514 # v1.11.2
Auto merge test (#2706) # Description Please provide a summary of the changes, including relevant motivation and context. Closes #(issue_number) ## Checklist - [ ] I have read the [Contribution Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md) - [ ] I have performed a self-review of my own code - [ ] I have attached images of the change if it is UI based - [ ] I have commented my code, particularly in hard-to-understand areas - [ ] If my code has heavily changed functionality I have updated relevant docs on [Stirling-PDFs doc repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/) - [ ] My changes generate no new warnings - [ ] I have read the section [Add New Translation Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags) (for new translation tags only)
2025-01-15 20:43:14 +01:00
with:
quick fix var to secret (#2707) # Description Please provide a summary of the changes, including relevant motivation and context. Closes #(issue_number) ## Checklist - [ ] I have read the [Contribution Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md) - [ ] I have performed a self-review of my own code - [ ] I have attached images of the change if it is UI based - [ ] I have commented my code, particularly in hard-to-understand areas - [ ] If my code has heavily changed functionality I have updated relevant docs on [Stirling-PDFs doc repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/) - [ ] My changes generate no new warnings - [ ] I have read the section [Add New Translation Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags) (for new translation tags only)
2025-01-15 20:50:06 +01:00
app-id: ${{ secrets.GH_APP_ID }}
Auto merge test (#2706) # Description Please provide a summary of the changes, including relevant motivation and context. Closes #(issue_number) ## Checklist - [ ] I have read the [Contribution Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md) - [ ] I have performed a self-review of my own code - [ ] I have attached images of the change if it is UI based - [ ] I have commented my code, particularly in hard-to-understand areas - [ ] If my code has heavily changed functionality I have updated relevant docs on [Stirling-PDFs doc repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/) - [ ] My changes generate no new warnings - [ ] I have read the section [Add New Translation Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags) (for new translation tags only)
2025-01-15 20:43:14 +01:00
private-key: ${{ secrets.GH_APP_PRIVATE_KEY }}
checks the compatibility of the licenses (#2844) # Description of Changes ### What was changed - An **automated license check** was integrated into the CI/CD workflow (`build.yml` and `licenses-update.yml`). - A new file, `allowed-licenses.json`, was added to explicitly define the permitted licenses. - The **Gradle build process** was updated to run `checkLicense` and detect any non-compliant licenses. ### Why the change was made - **Improved license compliance** to ensure only compatible licenses are used. - **Automated license validation** within the CI/CD workflow to detect potential incompatibilities early. - **Legal risk mitigation** by excluding problematic licenses like **GPL-2.0 (without Classpath Exception)**. ### Any challenges encountered - The **allowed license list had to be manually curated** to ensure all relevant open-source libraries were covered. - Some dependencies use **slightly different license names** (e.g., `"Apache License, Version 2.0"` vs. `"Apache-2.0"`), which needed to be handled in the validation process. --- ## Checklist ### General - [x] I have read the [Contribution Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md) - [x] I have read the [Stirling-PDF Developer Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md) (if applicable) - [x] I have read the [How to add new languages to Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md) (if applicable) - [x] I have performed a self-review of my own code - [x] My changes generate no new warnings ### Documentation - [x] I have updated relevant docs on [Stirling-PDF's doc repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/) (if functionality has heavily changed) - [ ] I have read the section [Add New Translation Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags) (for new translation tags only) ### UI Changes (if applicable) - [ ] Screenshots or videos demonstrating the UI changes are attached (e.g., as comments or direct attachments in the PR) ### Testing (if applicable) - [x] I have tested my changes locally. Refer to the [Testing Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md#6-testing) for more details.
2025-02-03 11:13:02 +01:00
test
2024-01-04 20:17:38 +01:00
- name: Check out code
[StepSecurity] Apply security best practices Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
2024-12-21 13:28:35 +01:00
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
test
2024-01-04 20:17:38 +01:00
- name: Set up JDK 17
Bump actions/setup-java from 4.6.0 to 4.7.0 (#2855) [//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps [actions/setup-java](https://github.com/actions/setup-java) from 4.6.0 to 4.7.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/setup-java/releases">actions/setup-java's releases</a>.</em></p> <blockquote> <h2>v4.7.0</h2> <h2>What's Changed</h2> <ul> <li>Configure Dependabot settings by <a href="https://github.com/HarithaVattikuti"><code>@​HarithaVattikuti</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/722">actions/setup-java#722</a></li> <li>README Update: Added a permissions section by <a href="https://github.com/benwells"><code>@​benwells</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/723">actions/setup-java#723</a></li> <li>Upgrade <code>cache</code> from version 3.2.4 to 4.0.0 by <a href="https://github.com/aparnajyothi-y"><code>@​aparnajyothi-y</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/724">actions/setup-java#724</a></li> <li>Upgrade <code>@actions/http-client</code> from 2.2.1 to 2.2.3 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/728">actions/setup-java#728</a></li> <li>Upgrade <code>actions/publish-immutable-action</code> from 0.0.3 to 0.0.4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/727">actions/setup-java#727</a></li> <li>Upgrade <code>@types/jest</code> from 29.5.12 to 29.5.14 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/729">actions/setup-java#729</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/benwells"><code>@​benwells</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-java/pull/723">actions/setup-java#723</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/setup-java/compare/v4...v4.7.0">https://github.com/actions/setup-java/compare/v4...v4.7.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/setup-java/commit/3a4f6e1af504cf6a31855fa899c6aa5355ba6c12"><code>3a4f6e1</code></a> Bump <code>@​types/jest</code> from 29.5.12 to 29.5.14 (<a href="https://redirect.github.com/actions/setup-java/issues/729">#729</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/25f376e3482f0dca3da72062bdab5082495705ff"><code>25f376e</code></a> Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 (<a href="https://redirect.github.com/actions/setup-java/issues/727">#727</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/d4e4b6bbc1a6e93198eade3e6adfedd3c01f79c4"><code>d4e4b6b</code></a> Bump <code>@​actions/http-client</code> from 2.2.1 to 2.2.3 (<a href="https://redirect.github.com/actions/setup-java/issues/728">#728</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/28b532bcb39ad928b00bc3cbce25c94d11654854"><code>28b532b</code></a> Create dependabot.yml (<a href="https://redirect.github.com/actions/setup-java/issues/722">#722</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/51ab6d2e3070fda1eac8cfaab8ffd90e6019d7e1"><code>51ab6d2</code></a> Update cache from 3.2.4 to 4.0.0 (<a href="https://redirect.github.com/actions/setup-java/issues/724">#724</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/99d3141d9ba96520552bfd7a9545bc1d74da9251"><code>99d3141</code></a> Update README.md (<a href="https://redirect.github.com/actions/setup-java/issues/723">#723</a>)</li> <li>See full diff in <a href="https://github.com/actions/setup-java/compare/7a6d8a8234af8eb26422e24e3006232cccaa061b...3a4f6e1af504cf6a31855fa899c6aa5355ba6c12">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/setup-java&package-manager=github_actions&previous-version=4.6.0&new-version=4.7.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-02-03 11:08:34 +01:00
uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # v4.7.0
test
2024-01-04 20:17:38 +01:00
with:
updating the build files (#1100)
2024-04-21 17:30:17 +02:00
java-version: "17"
distribution: "adopt"
Bump gradle/actions from 4.2.2 to 4.3.0 (#2870) Bumps [gradle/actions](https://github.com/gradle/actions) from 4.2.2 to 4.3.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/gradle/actions/releases">gradle/actions's releases</a>.</em></p> <blockquote> <h2>v4.3.0</h2> <p>This release brings some significant improvements to cache-cleanup and dependency-submission:</p> <ul> <li>Cleanup cache entries written by newly released Gradle versions (<a href="https://redirect.github.com/gradle/actions/issues/436">#436</a>)</li> <li>Use existing Gradle wrapper distribution for cache-cleanup where possible (<a href="https://redirect.github.com/gradle/actions/issues/515">#515</a>)</li> <li>Automatically save each dependency-graph that is submitted by <code>dependency-submission</code> (<a href="https://redirect.github.com/gradle/actions/issues/519">#519</a>)</li> <li>Fix deprecation warnings emitted by Gradle 8.12+ when: <ul> <li>Using <code>build-scan-publish: true</code> or Develocity injection (<a href="https://redirect.github.com/gradle/actions/issues/543">#543</a>)</li> <li>Using dependency-submission with an authenticated plugin repository with Gradle (<a href="https://redirect.github.com/gradle/actions/issues/541">#541</a>)</li> </ul> </li> <li>Fix warning when using toolchain support with Gradle 7.x (<a href="https://redirect.github.com/gradle/actions/issues/511">#511</a>)</li> </ul> <h2>What's Changed</h2> <ul> <li>Update known wrapper checksums by <a href="https://github.com/github-actions"><code>@​github-actions</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/493">gradle/actions#493</a></li> <li>Fix typo in <code>cache-reporting.ts</code> by <a href="https://github.com/SimonMarquis"><code>@​SimonMarquis</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/492">gradle/actions#492</a></li> <li>Bump Gradle Wrappers by <a href="https://github.com/github-actions"><code>@​github-actions</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/499">gradle/actions#499</a></li> <li>Bump the github-actions group across 3 directories with 7 updates by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/510">gradle/actions#510</a></li> <li>Bump the npm-dependencies group across 1 directory with 6 updates by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/512">gradle/actions#512</a></li> <li>Clean-up missing imports for tests by <a href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/513">gradle/actions#513</a></li> <li>Bump the npm-dependencies group in /sources with 3 updates by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/521">gradle/actions#521</a></li> <li>Add npm build scans by <a href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/517">gradle/actions#517</a></li> <li>Avoid env-var interpolation in toolchains.xml by <a href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/518">gradle/actions#518</a></li> <li>Avoid saving build-results for cache cleanup by <a href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/520">gradle/actions#520</a></li> <li>Save dependency graph as workflow artifact by <a href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/522">gradle/actions#522</a></li> <li>Update to CCUDGP 2.1 by <a href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/524">gradle/actions#524</a></li> <li>Bump references to Develocity Gradle plugin from 3.19 to 3.19.1 by <a href="https://github.com/bot-githubaction"><code>@​bot-githubaction</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/527">gradle/actions#527</a></li> <li>Choose best Gradle version to use for cache cleanup by <a href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/526">gradle/actions#526</a></li> <li>Uppercase cache-encryption-key by <a href="https://github.com/Goooler"><code>@​Goooler</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/528">gradle/actions#528</a></li> <li>Attempt to use gradle wrapper for cache cleanup by <a href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/525">gradle/actions#525</a></li> <li>Document GRADLE_ACTIONS_SKIP_BUILD_RESULT_CAPTURE by <a href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/529">gradle/actions#529</a></li> <li>Update known wrapper checksums by <a href="https://github.com/github-actions"><code>@​github-actions</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/509">gradle/actions#509</a></li> <li>Bump Gradle Wrappers by <a href="https://github.com/github-actions"><code>@​github-actions</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/535">gradle/actions#535</a></li> <li>Bump the github-actions group across 2 directories with 2 updates by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/538">gradle/actions#538</a></li> <li>Update undici to resolve vulnerability by <a href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/536">gradle/actions#536</a></li> <li>Bump the npm-dependencies group across 1 directory with 2 updates by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/539">gradle/actions#539</a></li> <li>Update docs for dependency review by <a href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/540">gradle/actions#540</a></li> <li>Fix space assignment deprecations in init-scripts by <a href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/542">gradle/actions#542</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/SimonMarquis"><code>@​SimonMarquis</code></a> made their first contribution in <a href="https://redirect.github.com/gradle/actions/pull/492">gradle/actions#492</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/gradle/actions/compare/v4.2.2...v4.3.0">https://github.com/gradle/actions/compare/v4.2.2...v4.3.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/gradle/actions/commit/94baf225fe0a508e581a564467443d0e2379123b"><code>94baf22</code></a> Fix space assignment deprecations in init-scripts (<a href="https://redirect.github.com/gradle/actions/issues/542">#542</a>)</li> <li><a href="https://github.com/gradle/actions/commit/6f10c21ec5f599a0b89667926d38072802b3d6fc"><code>6f10c21</code></a> Make it easier to produce 'prerelease' versions</li> <li><a href="https://github.com/gradle/actions/commit/0b492c475f504e36ead18a16150445eff0744fbc"><code>0b492c4</code></a> Fix deprecation warnings in develocity init-script</li> <li><a href="https://github.com/gradle/actions/commit/79bad900c08bc46eaf2277d99d548b968994ebbe"><code>79bad90</code></a> Fix deprecation warnings in dependency-graph init-script</li> <li><a href="https://github.com/gradle/actions/commit/986922f6a6cae731e74a1101cfb48c1928f94d64"><code>986922f</code></a> Update docs for dependency review (<a href="https://redirect.github.com/gradle/actions/issues/540">#540</a>)</li> <li><a href="https://github.com/gradle/actions/commit/65a3beb9413b5a43f94e1eea10a51c507e62b78f"><code>65a3beb</code></a> [bot] Update dist directory</li> <li><a href="https://github.com/gradle/actions/commit/0e67f6d83b0113c903ae9b9cf26c587076a01d82"><code>0e67f6d</code></a> Bump the npm-dependencies group across 1 directory with 2 updates</li> <li><a href="https://github.com/gradle/actions/commit/b6ac71fd86906618fa352cfa92ab29a0b53daa81"><code>b6ac71f</code></a> [bot] Update dist directory</li> <li><a href="https://github.com/gradle/actions/commit/9053a599ae356ff00d824e690d556ddbec068864"><code>9053a59</code></a> Update undici to resolve vulnerability</li> <li><a href="https://github.com/gradle/actions/commit/7560c304a61cfac10bf3a196e0769a30d4ecd4aa"><code>7560c30</code></a> Bump the github-actions group across 2 directories with 2 updates</li> <li>Additional commits viewable in <a href="https://github.com/gradle/actions/compare/0bdd871935719febd78681f197cd39af5b6e16a6...94baf225fe0a508e581a564467443d0e2379123b">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=gradle/actions&package-manager=github_actions&previous-version=4.2.2&new-version=4.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Anthony Stirling <77850077+Frooodle@users.noreply.github.com>
2025-02-04 11:42:29 +01:00
- uses: gradle/actions/setup-gradle@94baf225fe0a508e581a564467443d0e2379123b # v4.3.0
test
2024-01-04 20:17:38 +01:00
checks the compatibility of the licenses (#2844) # Description of Changes ### What was changed - An **automated license check** was integrated into the CI/CD workflow (`build.yml` and `licenses-update.yml`). - A new file, `allowed-licenses.json`, was added to explicitly define the permitted licenses. - The **Gradle build process** was updated to run `checkLicense` and detect any non-compliant licenses. ### Why the change was made - **Improved license compliance** to ensure only compatible licenses are used. - **Automated license validation** within the CI/CD workflow to detect potential incompatibilities early. - **Legal risk mitigation** by excluding problematic licenses like **GPL-2.0 (without Classpath Exception)**. ### Any challenges encountered - The **allowed license list had to be manually curated** to ensure all relevant open-source libraries were covered. - Some dependencies use **slightly different license names** (e.g., `"Apache License, Version 2.0"` vs. `"Apache-2.0"`), which needed to be handled in the validation process. --- ## Checklist ### General - [x] I have read the [Contribution Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md) - [x] I have read the [Stirling-PDF Developer Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md) (if applicable) - [x] I have read the [How to add new languages to Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md) (if applicable) - [x] I have performed a self-review of my own code - [x] My changes generate no new warnings ### Documentation - [x] I have updated relevant docs on [Stirling-PDF's doc repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/) (if functionality has heavily changed) - [ ] I have read the section [Add New Translation Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags) (for new translation tags only) ### UI Changes (if applicable) - [ ] Screenshots or videos demonstrating the UI changes are attached (e.g., as comments or direct attachments in the PR) ### Testing (if applicable) - [x] I have tested my changes locally. Refer to the [Testing Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md#6-testing) for more details.
2025-02-03 11:13:02 +01:00
- name: check the licenses for compatibility
run: ./gradlew clean checkLicense
- name: FAILED - check the licenses for compatibility
if: failure()
uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
with:
name: dependencies-without-allowed-license.json
path: |
build/reports/dependency-license/dependencies-without-allowed-license.json
retention-days: 3
test
2024-01-04 20:17:38 +01:00
- name: Move and Rename License File
run: |
mv build/reports/dependency-license/index.json src/main/resources/static/3rdPartyLicenses.json
Update licenses-update.yml (#911)
2024-03-13 23:26:39 +01:00
- name: Set up git config
lang and footer updates
2024-01-04 21:59:52 +01:00
run: |
Auto merge test (#2706) # Description Please provide a summary of the changes, including relevant motivation and context. Closes #(issue_number) ## Checklist - [ ] I have read the [Contribution Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md) - [ ] I have performed a self-review of my own code - [ ] I have attached images of the change if it is UI based - [ ] I have commented my code, particularly in hard-to-understand areas - [ ] If my code has heavily changed functionality I have updated relevant docs on [Stirling-PDFs doc repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/) - [ ] My changes generate no new warnings - [ ] I have read the section [Add New Translation Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags) (for new translation tags only)
2025-01-15 20:43:14 +01:00
git config --global user.name "stirlingbot[bot]"
git config --global user.email "1113334+stirlingbot[bot]@users.noreply.github.com"
lang and footer updates
2024-01-04 21:59:52 +01:00
Update licenses-update.yml (#911)
2024-03-13 23:26:39 +01:00
- name: Run git add
test
2024-01-04 20:17:38 +01:00
run: |
Update licenses-update.yml (#911)
2024-03-13 23:26:39 +01:00
git add src/main/resources/static/3rdPartyLicenses.json
Frooodle patch 2 (#913) * Update licenses-update.yml * Update build.gradle
2024-03-13 23:34:24 +01:00
git diff --staged --quiet || echo "CHANGES_DETECTED=true" >> $GITHUB_ENV
Update licenses-update.yml (#911)
2024-03-13 23:26:39 +01:00
- name: Create Pull Request
Update licenses-update.yml
2024-08-16 13:15:07 +02:00
id: cpr
Update licenses-update.yml (#911)
2024-03-13 23:26:39 +01:00
if: env.CHANGES_DETECTED == 'true'
Bump peter-evans/create-pull-request from 7.0.5 to 7.0.6 (#2574) Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 7.0.5 to 7.0.6. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/peter-evans/create-pull-request/releases">peter-evans/create-pull-request's releases</a>.</em></p> <blockquote> <h2>Create Pull Request v7.0.6</h2> <p>⚙️ Fixes an issue with commit signing where unicode characters in file paths were not preserved.</p> <h2>What's Changed</h2> <ul> <li>build(deps-dev): bump <code>@​vercel/ncc</code> from 0.38.1 to 0.38.2 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3365">peter-evans/create-pull-request#3365</a></li> <li>Update distribution by <a href="https://github.com/actions-bot"><code>@​actions-bot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3370">peter-evans/create-pull-request#3370</a></li> <li>build(deps): bump <code>@​octokit/plugin-rest-endpoint-methods</code> from 13.2.4 to 13.2.5 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3375">peter-evans/create-pull-request#3375</a></li> <li>build(deps-dev): bump <code>@​types/node</code> from 18.19.50 to 18.19.54 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3376">peter-evans/create-pull-request#3376</a></li> <li>build(deps): bump <code>@​octokit/plugin-paginate-rest</code> from 11.3.3 to 11.3.5 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3377">peter-evans/create-pull-request#3377</a></li> <li>Update distribution by <a href="https://github.com/actions-bot"><code>@​actions-bot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3388">peter-evans/create-pull-request#3388</a></li> <li>build(deps-dev): bump <code>@​types/node</code> from 18.19.54 to 18.19.55 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3400">peter-evans/create-pull-request#3400</a></li> <li>build(deps): bump <code>@​actions/core</code> from 1.10.1 to 1.11.1 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3401">peter-evans/create-pull-request#3401</a></li> <li>build(deps): bump <code>@​octokit/plugin-rest-endpoint-methods</code> from 13.2.5 to 13.2.6 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3403">peter-evans/create-pull-request#3403</a></li> <li>build(deps-dev): bump eslint-plugin-import from 2.30.0 to 2.31.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3402">peter-evans/create-pull-request#3402</a></li> <li>build(deps): bump <code>@​octokit/plugin-throttling</code> from 9.3.1 to 9.3.2 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3404">peter-evans/create-pull-request#3404</a></li> <li>Update distribution by <a href="https://github.com/actions-bot"><code>@​actions-bot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3423">peter-evans/create-pull-request#3423</a></li> <li>build(deps-dev): bump typescript from 5.6.2 to 5.6.3 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3441">peter-evans/create-pull-request#3441</a></li> <li>build(deps): bump undici from 6.19.8 to 6.20.1 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3442">peter-evans/create-pull-request#3442</a></li> <li>Update distribution by <a href="https://github.com/actions-bot"><code>@​actions-bot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3451">peter-evans/create-pull-request#3451</a></li> <li>build(deps-dev): bump <code>@​types/node</code> from 18.19.55 to 18.19.58 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3457">peter-evans/create-pull-request#3457</a></li> <li>build(deps-dev): bump <code>@​types/jest</code> from 29.5.13 to 29.5.14 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3462">peter-evans/create-pull-request#3462</a></li> <li>build(deps-dev): bump <code>@​types/node</code> from 18.19.58 to 18.19.60 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3463">peter-evans/create-pull-request#3463</a></li> <li>chore: don't bundle undici by <a href="https://github.com/benmccann"><code>@​benmccann</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3475">peter-evans/create-pull-request#3475</a></li> <li>Update distribution by <a href="https://github.com/actions-bot"><code>@​actions-bot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3478">peter-evans/create-pull-request#3478</a></li> <li>chore: use node-fetch-native support for proxy env vars by <a href="https://github.com/peter-evans"><code>@​peter-evans</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3483">peter-evans/create-pull-request#3483</a></li> <li>build(deps-dev): bump <code>@​types/node</code> from 18.19.60 to 18.19.64 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3488">peter-evans/create-pull-request#3488</a></li> <li>build(deps-dev): bump undici from 6.20.1 to 6.21.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3499">peter-evans/create-pull-request#3499</a></li> <li>build(deps-dev): bump <code>@​vercel/ncc</code> from 0.38.2 to 0.38.3 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3500">peter-evans/create-pull-request#3500</a></li> <li>docs: note <code>push-to-repo</code> classic PAT <code>workflow</code> scope requirement by <a href="https://github.com/scop"><code>@​scop</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3511">peter-evans/create-pull-request#3511</a></li> <li>docs: spelling fixes by <a href="https://github.com/scop"><code>@​scop</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3512">peter-evans/create-pull-request#3512</a></li> <li>build(deps-dev): bump typescript from 5.6.3 to 5.7.2 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3516">peter-evans/create-pull-request#3516</a></li> <li>build(deps-dev): bump prettier from 3.3.3 to 3.4.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3517">peter-evans/create-pull-request#3517</a></li> <li>build(deps-dev): bump <code>@​types/node</code> from 18.19.64 to 18.19.66 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3518">peter-evans/create-pull-request#3518</a></li> <li>docs(README): clarify that an existing open PR is managed by <a href="https://github.com/caugner"><code>@​caugner</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3498">peter-evans/create-pull-request#3498</a></li> <li>Update distribution by <a href="https://github.com/actions-bot"><code>@​actions-bot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3529">peter-evans/create-pull-request#3529</a></li> <li>build(deps): bump <code>@​octokit/plugin-paginate-rest</code> from 11.3.5 to 11.3.6 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3542">peter-evans/create-pull-request#3542</a></li> <li>build(deps-dev): bump <code>@​types/node</code> from 18.19.66 to 18.19.67 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3543">peter-evans/create-pull-request#3543</a></li> <li>build(deps-dev): bump prettier from 3.4.0 to 3.4.1 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3544">peter-evans/create-pull-request#3544</a></li> <li>build(deps-dev): bump eslint-import-resolver-typescript from 3.6.3 to 3.7.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3559">peter-evans/create-pull-request#3559</a></li> <li>build(deps-dev): bump prettier from 3.4.1 to 3.4.2 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3560">peter-evans/create-pull-request#3560</a></li> <li>build(deps-dev): bump <code>@​types/node</code> from 18.19.67 to 18.19.68 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3570">peter-evans/create-pull-request#3570</a></li> <li>build(deps): bump p-limit from 6.1.0 to 6.2.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3578">peter-evans/create-pull-request#3578</a></li> <li>Update distribution by <a href="https://github.com/actions-bot"><code>@​actions-bot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3583">peter-evans/create-pull-request#3583</a></li> <li>fix: preserve unicode in filepaths when commit signing by <a href="https://github.com/peter-evans"><code>@​peter-evans</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3588">peter-evans/create-pull-request#3588</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/benmccann"><code>@​benmccann</code></a> made their first contribution in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3475">peter-evans/create-pull-request#3475</a></li> <li><a href="https://github.com/scop"><code>@​scop</code></a> made their first contribution in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3511">peter-evans/create-pull-request#3511</a></li> <li><a href="https://github.com/caugner"><code>@​caugner</code></a> made their first contribution in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/3498">peter-evans/create-pull-request#3498</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/peter-evans/create-pull-request/commit/67ccf781d68cd99b580ae25a5c18a1cc84ffff1f"><code>67ccf78</code></a> fix: preserve unicode in filepaths when commit signing (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/3588">#3588</a>)</li> <li><a href="https://github.com/peter-evans/create-pull-request/commit/bb88e27d3f9cc69c8bc689eba126096c6fe3dded"><code>bb88e27</code></a> build: update distribution (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/3583">#3583</a>)</li> <li><a href="https://github.com/peter-evans/create-pull-request/commit/b378ed537a3374cbb7642141277ace10488f9318"><code>b378ed5</code></a> build(deps): bump p-limit from 6.1.0 to 6.2.0 (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/3578">#3578</a>)</li> <li><a href="https://github.com/peter-evans/create-pull-request/commit/fa9200e5b4f0d3fe4adc6d4a980fdb27ca333ed2"><code>fa9200e</code></a> build(deps-dev): bump <code>@​types/node</code> from 18.19.67 to 18.19.68 (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/3570">#3570</a>)</li> <li><a href="https://github.com/peter-evans/create-pull-request/commit/16e0059bfd236716f0191bfcfa63d9ded4cf325f"><code>16e0059</code></a> build(deps-dev): bump prettier from 3.4.1 to 3.4.2 (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/3560">#3560</a>)</li> <li><a href="https://github.com/peter-evans/create-pull-request/commit/5bffd5ae80c9e3cdce3fdaba74ba437193643add"><code>5bffd5a</code></a> build(deps-dev): bump eslint-import-resolver-typescript (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/3559">#3559</a>)</li> <li><a href="https://github.com/peter-evans/create-pull-request/commit/a22a0ddc2127a4161a9f144623d1e51be98d81aa"><code>a22a0dd</code></a> build(deps-dev): bump prettier from 3.4.0 to 3.4.1 (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/3544">#3544</a>)</li> <li><a href="https://github.com/peter-evans/create-pull-request/commit/b27ce378c8a71596550fb729c05c9a998f8ff26f"><code>b27ce37</code></a> build(deps-dev): bump <code>@​types/node</code> from 18.19.66 to 18.19.67 (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/3543">#3543</a>)</li> <li><a href="https://github.com/peter-evans/create-pull-request/commit/4e0cc19e22f9071762b3542aa9fa90a1d682dd32"><code>4e0cc19</code></a> build(deps): bump <code>@​octokit/plugin-paginate-rest</code> from 11.3.5 to 11.3.6 (<a href="https://redirect.github.com/peter-evans/create-pull-request/issues/3542">#3542</a>)</li> <li><a href="https://github.com/peter-evans/create-pull-request/commit/25b6871a4ebe4c3585f47c7a687ac6fd0ec0e32d"><code>25b6871</code></a> docs: update scopes for push-to-fork</li> <li>Additional commits viewable in <a href="https://github.com/peter-evans/create-pull-request/compare/5e914681df9dc83aa4e4905692ca88beb2f9e91f...67ccf781d68cd99b580ae25a5c18a1cc84ffff1f">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=peter-evans/create-pull-request&package-manager=github_actions&previous-version=7.0.5&new-version=7.0.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-01-02 15:24:04 +01:00
uses: peter-evans/create-pull-request@67ccf781d68cd99b580ae25a5c18a1cc84ffff1f # v7.0.6
Update licenses-update.yml (#911)
2024-03-13 23:26:39 +01:00
with:
Auto merge test (#2706) # Description Please provide a summary of the changes, including relevant motivation and context. Closes #(issue_number) ## Checklist - [ ] I have read the [Contribution Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md) - [ ] I have performed a self-review of my own code - [ ] I have attached images of the change if it is UI based - [ ] I have commented my code, particularly in hard-to-understand areas - [ ] If my code has heavily changed functionality I have updated relevant docs on [Stirling-PDFs doc repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/) - [ ] My changes generate no new warnings - [ ] I have read the section [Add New Translation Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags) (for new translation tags only)
2025-01-15 20:43:14 +01:00
token: ${{ steps.generate-token.outputs.token }}
Update licenses-update.yml (#911)
2024-03-13 23:26:39 +01:00
commit-message: "Update 3rd Party Licenses"
Auto merge test (#2706) # Description Please provide a summary of the changes, including relevant motivation and context. Closes #(issue_number) ## Checklist - [ ] I have read the [Contribution Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md) - [ ] I have performed a self-review of my own code - [ ] I have attached images of the change if it is UI based - [ ] I have commented my code, particularly in hard-to-understand areas - [ ] If my code has heavily changed functionality I have updated relevant docs on [Stirling-PDFs doc repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/) - [ ] My changes generate no new warnings - [ ] I have read the section [Add New Translation Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags) (for new translation tags only)
2025-01-15 20:43:14 +01:00
committer: "stirlingbot[bot] <1113334+stirlingbot[bot]@users.noreply.github.com>"
author: "stirlingbot[bot] <1113334+stirlingbot[bot]@users.noreply.github.com>"
Update licenses-update.yml (#911)
2024-03-13 23:26:39 +01:00
signoff: true
branch: update-3rd-party-licenses
title: "Update 3rd Party Licenses"
body: |
Auto merge test (#2706) # Description Please provide a summary of the changes, including relevant motivation and context. Closes #(issue_number) ## Checklist - [ ] I have read the [Contribution Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md) - [ ] I have performed a self-review of my own code - [ ] I have attached images of the change if it is UI based - [ ] I have commented my code, particularly in hard-to-understand areas - [ ] If my code has heavily changed functionality I have updated relevant docs on [Stirling-PDFs doc repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/) - [ ] My changes generate no new warnings - [ ] I have read the section [Add New Translation Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags) (for new translation tags only)
2025-01-15 20:43:14 +01:00
Auto-generated by StirlingBot
Bump peter-evans/create-pull-request from 6.1.0 to 7.0.5
2024-12-22 01:41:45 +01:00
labels: licenses,github-actions
Update licenses-update.yml (#911)
2024-03-13 23:26:39 +01:00
draft: false
delete-branch: true
Bump peter-evans/create-pull-request from 6.1.0 to 7.0.5
2024-12-22 01:41:45 +01:00
sign-commits: true
PR changes (#1693) * Update licenses-update.yml * Update build.yml * Update test.yml * Delete .github/workflows/test.yml * Update build.yml * Update build.yml * Update auto-labeler.yml * Update build.yml * Update auto-labeler.yml * Update labeler-config.yml
2024-08-16 12:00:10 +02:00
Auto merge test (#2706) # Description Please provide a summary of the changes, including relevant motivation and context. Closes #(issue_number) ## Checklist - [ ] I have read the [Contribution Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md) - [ ] I have performed a self-review of my own code - [ ] I have attached images of the change if it is UI based - [ ] I have commented my code, particularly in hard-to-understand areas - [ ] If my code has heavily changed functionality I have updated relevant docs on [Stirling-PDFs doc repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/) - [ ] My changes generate no new warnings - [ ] I have read the section [Add New Translation Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags) (for new translation tags only)
2025-01-15 20:43:14 +01:00
- name: Enable Pull Request Automerge
Update licenses-update.yml
2024-08-16 13:15:07 +02:00
if: steps.cpr.outputs.pull-request-operation == 'created'
Auto merge test (#2706) # Description Please provide a summary of the changes, including relevant motivation and context. Closes #(issue_number) ## Checklist - [ ] I have read the [Contribution Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md) - [ ] I have performed a self-review of my own code - [ ] I have attached images of the change if it is UI based - [ ] I have commented my code, particularly in hard-to-understand areas - [ ] If my code has heavily changed functionality I have updated relevant docs on [Stirling-PDFs doc repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/) - [ ] My changes generate no new warnings - [ ] I have read the section [Add New Translation Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags) (for new translation tags only)
2025-01-15 20:43:14 +01:00
run: gh pr merge --squash --auto "${{ steps.cpr.outputs.pull-request-number }}"
Update licenses-update.yml
2024-08-16 13:15:07 +02:00
env:
Auto merge test (#2706) # Description Please provide a summary of the changes, including relevant motivation and context. Closes #(issue_number) ## Checklist - [ ] I have read the [Contribution Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md) - [ ] I have performed a self-review of my own code - [ ] I have attached images of the change if it is UI based - [ ] I have commented my code, particularly in hard-to-understand areas - [ ] If my code has heavily changed functionality I have updated relevant docs on [Stirling-PDFs doc repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/) - [ ] My changes generate no new warnings - [ ] I have read the section [Add New Translation Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags) (for new translation tags only)
2025-01-15 20:43:14 +01:00
GH_TOKEN: ${{ steps.generate-token.outputs.token }}
Reference in New Issue Copy Permalink