Skip to content

Update act #23512

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 5 commits into from
Mar 16, 2023
Merged

Update act #23512

merged 5 commits into from
Mar 16, 2023

Conversation

wolfogre
Copy link
Member

@wolfogre wolfogre commented Mar 16, 2023
edited
Loading

Update replace:

- replace github.com/nektos/act => gitea.com/gitea/act v0.234.2-0.20230131074955-e46ede1b1744
+ replace github.com/nektos/act => gitea.com/gitea/act v0.243.1

Update require:

-	github.com/nektos/act v0.0.0
+	github.com/nektos/act v0.2.43

Actually, v0.2.43 doesn't work, it will be replaced by gitea/act, so it's OK to put any version here. But gitea/act is based on nektos/act, so keeping the right upstream version will make security dependabot help.

BTW, the security report is false positive, we don't use the artifact server in act, see #22738.

@wolfogre wolfogre added topic/security Something leaks user information or is otherwise vulnerable. Should be fixed! dependencies skip-changelog This PR is irrelevant for the (next) changelog, for example bug fixes for unreleased features. outdated/backport/v1.19 This PR should be backported to Gitea 1.19 labels Mar 16, 2023
@wolfogre wolfogre added this to the 1.20.0 milestone Mar 16, 2023
@GiteaBot GiteaBot added the lgtm/need 1 This PR needs approval from one additional maintainer to be merged. label Mar 16, 2023
@codecov-commenter

This comment was marked as off-topic.

Sign in to view
@GiteaBot GiteaBot added lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. and removed lgtm/need 1 This PR needs approval from one additional maintainer to be merged. labels Mar 16, 2023
@lunny lunny merged commit 19bfea6 into go-gitea:main Mar 16, 2023
@GiteaBot
Copy link
Collaborator

I was unable to create a backport for 1.19, please send one manually. 🍵

@GiteaBot GiteaBot added the backport/manual No power to the bots! Create your backport yourself! label Mar 16, 2023
@lunny lunny mentioned this pull request Mar 16, 2023
Merged
@wolfogre wolfogre mentioned this pull request Mar 16, 2023
Merged
@wolfogre wolfogre added the backport/done All backports for this PR have been created label Mar 16, 2023
jolheiser pushed a commit that referenced this pull request Mar 16, 2023
@wolfogre
Update act (#23512) (#23518)
b7c2f48 
Backport #23512.

Update replace:
```diff
- replace github.com/nektos/act => gitea.com/gitea/act v0.234.2-0.20230131074955-e46ede1b1744
+ replace github.com/nektos/act => gitea.com/gitea/act v0.243.1
```

Update require:
```diff
-	github.com/nektos/act v0.0.0
+	github.com/nektos/act v0.2.43
```

Actually, `v0.2.43` doesn't work, it will be replaced by `gitea/act`, so
it's OK to put any version here. But `gitea/act` is based on
`nektos/act`, so keeping the right upstream version will make security
dependabot help.

BTW, the [security
report](https://github.com/go-gitea/gitea/security/dependabot/20) is
false positive, we don't use the artifact server in act, see #22738.
zjjhot added a commit to zjjhot/gitea that referenced this pull request Mar 17, 2023
@zjjhot
Merge remote-tracking branch 'giteaofficial/main'
7e6f996 
* giteaofficial/main:
  Use `<nav>` instead of `<div>` in the global navbar (go-gitea#23125)
  Fix aria.js bugs: incorrect role element problem, mobile focus problem, tippy problem (go-gitea#23450)
  [skip ci] Updated translations via Crowdin
  Make time tooltips interactive (go-gitea#23526)
  Update mini-css-extract-plugin, remove postcss (go-gitea#23520)
  Fix review comment context menu clipped bug (go-gitea#23523)
  Add absent repounits to create/edit repo API (go-gitea#23500)
  Fix tags sort by creation time (descending) on branch/tag dropdowns  (go-gitea#23491)
  Allow both fullname and username search when `DEFAULT_SHOW_FULL_NAME` is true (go-gitea#23463)
  Handle files starting with colons in WalkGitLog (go-gitea#22935)
  Change `Close` to either `Close issue` or `Close pull request` (go-gitea#23506)
  Update act (go-gitea#23512)
  Move pidfile creation from setting to web cmd package (go-gitea#23285)
@go-gitea go-gitea locked and limited conversation to collaborators May 3, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@lunny lunny lunny approved these changes

@delvh delvh delvh approved these changes

Assignees
No one assigned
Labels
backport/done All backports for this PR have been created backport/manual No power to the bots! Create your backport yourself! lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. outdated/backport/v1.19 This PR should be backported to Gitea 1.19 skip-changelog This PR is irrelevant for the (next) changelog, for example bug fixes for unreleased features. topic/security Something leaks user information or is otherwise vulnerable. Should be fixed!
Projects
None yet
Milestone
1.20.0
Development

Successfully merging this pull request may close these issues.
5 participants
@wolfogre @codecov-commenter @GiteaBot @lunny @delvh