diff --git a/.github/dependabot.yml b/.github/dependabot.yml index db721365..356b0263 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -11,7 +11,7 @@ updates: interval: "weekly" open-pull-requests-limit: 10 rebase-strategy: "auto" - + - package-ecosystem: "docker" directory: "/" # Location of Dockerfile schedule: diff --git a/.github/release.yml b/.github/release.yml index 90841a8d..361e7d70 100644 --- a/.github/release.yml +++ b/.github/release.yml @@ -9,7 +9,7 @@ changelog: - title: Bug Fixes labels: - Bug - + - title: Enhancements labels: - enhancement @@ -26,7 +26,7 @@ changelog: - title: Translation Changes labels: - Translation - + - title: Other Changes labels: - "*" diff --git a/.github/workflows/PR-Demo-Comment.yml b/.github/workflows/PR-Demo-Comment.yml index 75ac9b66..0ad56889 100644 --- a/.github/workflows/PR-Demo-Comment.yml +++ b/.github/workflows/PR-Demo-Comment.yml @@ -8,14 +8,14 @@ jobs: check-comment: runs-on: ubuntu-latest if: | - github.event.issue.pull_request && + github.event.issue.pull_request && ( contains(github.event.comment.body, 'prdeploy') || contains(github.event.comment.body, 'deploypr') ) - && + && ( - github.event.comment.user.login == 'frooodle' || + github.event.comment.user.login == 'frooodle' || github.event.comment.user.login == 'sf298' || github.event.comment.user.login == 'Ludy87' || github.event.comment.user.login == 'LaserKaspar' || @@ -49,26 +49,26 @@ jobs: script: | const { owner, repo } = context.repo; const prNumber = context.payload.issue.number; - + const { data: pr } = await github.rest.pulls.get({ owner, repo, pull_number: prNumber, }); - + // For forks, use the full repository name, for internal PRs use the current repo const repository = pr.head.repo.fork ? pr.head.repo.full_name : `${owner}/${repo}`; - + console.log(`PR Repository: ${repository}`); console.log(`PR Branch: ${pr.head.ref}`); - + core.setOutput('repository', repository); core.setOutput('ref', pr.head.ref); deploy-pr: needs: check-comment runs-on: ubuntu-latest - + steps: - name: Harden Runner uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 @@ -81,7 +81,7 @@ jobs: repository: ${{ needs.check-comment.outputs.pr_repository }} ref: ${{ needs.check-comment.outputs.pr_ref }} token: ${{ secrets.GITHUB_TOKEN }} - + - name: Set up JDK uses: actions/setup-java@7a6d8a8234af8eb26422e24e3006232cccaa061b # v4.6.0 with: @@ -156,10 +156,10 @@ jobs: ssh -i ../private.key -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -T ${{ secrets.VPS_USERNAME }}@${{ secrets.VPS_HOST }} << 'ENDSSH' # Create PR-specific directories mkdir -p /stirling/PR-${{ needs.check-comment.outputs.pr_number }}/{data,config,logs} - + # Move docker-compose file to correct location mv /tmp/docker-compose.yml /stirling/PR-${{ needs.check-comment.outputs.pr_number }}/docker-compose.yml - + # Start or restart the container cd /stirling/PR-${{ needs.check-comment.outputs.pr_number }} docker-compose pull diff --git a/.github/workflows/PR-Demo-cleanup.yml b/.github/workflows/PR-Demo-cleanup.yml index f0c40504..593dbe88 100644 --- a/.github/workflows/PR-Demo-cleanup.yml +++ b/.github/workflows/PR-Demo-cleanup.yml @@ -16,7 +16,7 @@ jobs: cleanup: runs-on: ubuntu-latest if: github.event.action == 'closed' - + steps: - name: Harden Runner uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 @@ -35,20 +35,20 @@ jobs: CLEANUP_STATUS=$(ssh -i ../private.key -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -T ${{ secrets.VPS_USERNAME }}@${{ secrets.VPS_HOST }} << 'ENDSSH' if [ -d "/stirling/PR-${{ github.event.pull_request.number }}" ]; then echo "Found PR directory, proceeding with cleanup..." - + # Stop and remove containers cd /stirling/PR-${{ github.event.pull_request.number }} docker-compose down || true - + # Go back to root before removal cd / - + # Remove PR-specific directories rm -rf /stirling/PR-${{ github.event.pull_request.number }} - + # Remove the Docker image docker rmi --no-prune ${{ secrets.DOCKER_HUB_USERNAME }}/test:pr-${{ github.event.pull_request.number }} || true - + echo "PERFORMED_CLEANUP" else echo "PR directory not found, nothing to clean up" @@ -56,7 +56,7 @@ jobs: fi ENDSSH ) - + if [[ $CLEANUP_STATUS == *"PERFORMED_CLEANUP"* ]]; then echo "cleanup_performed=true" >> $GITHUB_OUTPUT else diff --git a/.github/workflows/manage-label.yml b/.github/workflows/manage-label.yml index 87e1ed79..a58c3681 100644 --- a/.github/workflows/manage-label.yml +++ b/.github/workflows/manage-label.yml @@ -26,4 +26,4 @@ jobs: with: github-token: ${{ secrets.GITHUB_TOKEN }} yaml-file: .github/labels.yml - skip-delete: true \ No newline at end of file + skip-delete: true diff --git a/.github/workflows/multiOSReleases.yml b/.github/workflows/multiOSReleases.yml index bc88fa14..b3973d39 100644 --- a/.github/workflows/multiOSReleases.yml +++ b/.github/workflows/multiOSReleases.yml @@ -22,7 +22,7 @@ jobs: # platform: linux # ext: deb runs-on: ${{ matrix.os }} - + steps: - name: Harden Runner uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 @@ -47,7 +47,7 @@ jobs: run: | curl -L -o wix.exe https://github.com/wixtoolset/wix3/releases/download/wix3141rtm/wix314.exe .\wix.exe /install /quiet - + # Install Linux dependencies - name: Install Linux Dependencies if: matrix.os == 'ubuntu-latest' @@ -89,7 +89,7 @@ jobs: # Upload installer as artifact for testing - name: Upload Installer Artifact uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 - with: + with: name: Stirling-PDF-${{ matrix.platform }}-installer.${{ matrix.ext }} path: Stirling-PDF-${{ matrix.platform }}-installer.${{ matrix.ext }} retention-days: 1 diff --git a/.github/workflows/releaseArtifacts.yml b/.github/workflows/releaseArtifacts.yml index 0358b277..5bee97c5 100644 --- a/.github/workflows/releaseArtifacts.yml +++ b/.github/workflows/releaseArtifacts.yml @@ -57,7 +57,7 @@ jobs: overwrite: true retention-days: 1 if-no-files-found: error - + - name: Upload binaries to release uses: softprops/action-gh-release@7b4da11513bf3f43f9999e90eabced41ab8bb048 # v2.2.0 with: diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 297f22c7..b603099d 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -1,6 +1,6 @@ repos: - repo: https://github.com/astral-sh/ruff-pre-commit - rev: v0.2.1 + rev: v0.8.4 hooks: - id: ruff args: @@ -12,7 +12,7 @@ repos: files: ^((.github/scripts|scripts)/.+)?[^/]+\.py$ exclude: (split_photos.py) - repo: https://github.com/codespell-project/codespell - rev: v2.2.6 + rev: v2.3.0 hooks: - id: codespell args: @@ -21,6 +21,25 @@ repos: - --quiet-level=2 files: \.(properties|html|css|js|py|md)$ exclude: (.vscode|.devcontainer|src/main/resources|Dockerfile) + - repo: https://github.com/gitleaks/gitleaks + rev: v8.22.0 + hooks: + - id: gitleaks + - repo: https://github.com/jumanjihouse/pre-commit-hooks + rev: 3.0.0 + hooks: + - id: shellcheck + files: ^.*(\.bash|\.sh|\.ksh|\.zsh)$ + - repo: https://github.com/pre-commit/pre-commit-hooks + rev: v5.0.0 + hooks: + - id: end-of-file-fixer + files: ^.*(\.js|\.java|\.py|\.yml)$ + exclude: ^(.*/pdfjs.*|.*/thirdParty.*|bootstrap.*|.*\.min\..*|.*diff\.js$) + - id: trailing-whitespace + files: ^.*(\.js|\.java|\.py|\.yml)$ + exclude: ^(.*/pdfjs.*|.*/thirdParty.*|bootstrap.*|.*\.min\..*|.*diff\.js$) + - repo: local hooks: - id: check-duplicate-properties-keys @@ -28,37 +47,11 @@ repos: entry: python .github/scripts/check_duplicates.py language: python files: ^(src)/.+\.properties$ - - repo: local - hooks: - id: check-html-tabs name: Check HTML for tabs + description: Ensures HTML/CSS/JS files do not contain tab characters # args: ["--replace_with= "] entry: python .github/scripts/check_tabulator.py language: python - exclude: ^(src/main/resources/static/pdfjs|src/main/resources/static/pdfjs-legacy) - files: ^.*(\.html|\.css|\.js)$ -# - repo: https://github.com/gherynos/pre-commit-java -# rev: v0.2.4 -# hooks: -# - id: Checkstyle - - repo: https://github.com/gitleaks/gitleaks - rev: v8.16.3 - hooks: - - id: gitleaks - - repo: https://github.com/jumanjihouse/pre-commit-hooks - rev: 3.0.0 - hooks: - - id: shellcheck -# - repo: https://github.com/pre-commit/mirrors-eslint -# rev: v8.38.0 -# hooks: -# - id: eslint - - repo: https://github.com/pre-commit/pre-commit-hooks - rev: v4.4.0 - hooks: - - id: end-of-file-fixer - - id: trailing-whitespace -# - repo: https://github.com/pylint-dev/pylint -# rev: v2.17.2 -# hooks: -# - id: pylint + exclude: ^(.*/pdfjs.*|.*/thirdParty.*|bootstrap.*|.*\.min\..*|.*diff\.js$) + files: ^.*(\.html|\.css|\.js)$ \ No newline at end of file