Olivier Lamy
270f491ea8
add a step to push tag to a fork ( #8577 )
...
* add a step to push tag to a fork
* add creation of branch release/
2022-09-15 07:14:48 +10:00
Varun Sharma
7a3372fc3f
[GitHub] Add minimum GitHub token permissions for workflows
...
Signed-off-by: Varun Sharma <varunsh@stepsecurity.io>
2022-08-31 15:50:47 -07:00
Olivier Lamy
eb6ff577ae
codeql correctly setup maven to not depend on default installation ( #8334 )
...
* setup Maven via a GHA
2022-07-28 07:02:45 +10:00
Olivier Lamy
e3b0e80857
skip test for CodeQL ( #8324 )
...
* skip test for CodeQL
* remove javascript and use clean
2022-07-21 06:55:13 -05:00
Joakim Erdfelt
5f93e02a6d
Updating issue templates for EOL ( #8321 )
2022-07-20 17:01:05 -05:00
Joakim Erdfelt
ee739ff01e
Remove `jetty-9.4.x` configuration from dependabot ( #8297 )
...
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2022-07-14 13:09:43 +10:00
Jonathan Leitschuh
ea3dd1eca7
Add codeql-analysis.yml GitHub Actions Workflow ( #7961 )
2022-06-30 16:54:27 -05:00
Olivier Lamy
0d13cbe9a7
change-dependabot-interval-to-monthly ( #8140 )
...
* Update dependabot.yml
* modify after review and discussion
2022-06-09 11:33:52 +10:00
Greg Wilkins
9ae1387ed8
Update release-template.md ( #8147 )
...
Update to include an optional step to manually run dependabot and review resulting PRs for inclusion before freezing release.
2022-06-09 09:48:35 +10:00
Joakim Erdfelt
2b9e3db76f
More restrictions on dependencies ( #8127 )
...
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2022-06-07 09:33:33 +10:00
Olivier Lamy
3fba189368
ignore xml bind upgrade >=3 and fix pattern jaxws-rt as star looks to not be supported for artifactId ( #7952 )
...
* ignore xml bind upgrade >=3 and fix pattern jaxws-rt as star looks to not be supported for artifactId
Signed-off-by: Olivier Lamy <oliver.lamy@gmail.com>
* fix duplicate
Signed-off-by: Olivier Lamy <oliver.lamy@gmail.com>
2022-05-05 06:44:03 +10:00
Olivier Lamy
809ed64b12
ignore too recent weld version for 9.4.x branch ( #7607 )
...
Signed-off-by: Olivier Lamy <oliver.lamy@gmail.com>
2022-02-18 13:31:56 +10:00
Joakim Erdfelt
1aaf2835df
Adding back jetty-11 config
...
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2022-01-28 11:12:12 -06:00
Joakim Erdfelt
72eb04a8fa
Fix quoting on infinispan rule
...
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2022-01-27 10:59:54 -06:00
Joakim Erdfelt
9d31dd6089
Adding version range limits for cdi & interceptor APIs
...
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2022-01-27 10:56:41 -06:00
Olivier Lamy
1ee37a850f
dependabot should manage infinispan only < 12
...
Signed-off-by: Olivier Lamy <oliver.lamy@gmail.com>
2022-01-27 14:12:46 +10:00
Simone Bordet
95f5773cb8
Fixed typo.
2022-01-11 16:41:34 +01:00
Joakim Erdfelt
5de3e4901c
Issue #7219 - Migrate to Github Workflow Stale ( #7221 )
...
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2021-12-07 11:55:56 -06:00
Greg Wilkins
80ddc3ba2d
Update CVE releated issues with CVE number ( #6949 )
...
It can be hard to find issues associated with CVEs after the fact. We should update the issue description to include the CVE number once published.
2021-10-18 07:27:54 +11:00
Greg Wilkins
8186a3ebed
Issue template to discourage security issues ( #6960 )
...
Update the issue template to discourage security issues
2021-10-06 14:31:45 +11:00
Simone Bordet
f12c5b668c
Updated release-template.md
...
- Added step to create the next GitHub Projects.
- Updated staging of Jetty 10 and 11 using Java 17.
2021-09-21 21:59:57 +02:00
Olivier Lamy
e4eaedb439
dependabot should ignore jakarta.transaction >= 2.0
...
Signed-off-by: Olivier Lamy <oliver.lamy@gmail.com>
2021-09-15 13:03:18 +10:00
Joakim Erdfelt
1098fc3dff
Restrict com.sun.xml.ws:jaxws version range
...
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2021-09-14 11:26:58 -05:00
Joakim Erdfelt
798d8936a1
Restrict org.jboss.weld.servlet to 3.x series
...
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2021-09-14 10:48:39 -05:00
Joakim Erdfelt
30a0b39e4e
Temporarily disable 11.0.x dependabot config until we catchup with our backlog. ( #6805 )
...
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2021-09-14 14:02:40 +10:00
Joakim Erdfelt
c46875de95
Add milestone hints to created PRs
...
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2021-09-13 11:53:15 -05:00
Joakim Erdfelt
ea15b40913
Ignore jakarta.servlet.jsp.jstl by version
...
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2021-09-13 11:20:31 -05:00
Joakim Erdfelt
8eddbe0a4a
Change dependabot interval to daily ( #6768 )
...
* Only chose to change branches 9.4.x and 10.0.x to daily.
Leaving 11.0.x at weekly, so that it's updates
can trail behind the 10.0.x ones that are
merged forward to 11.0.x
* Remove github-actions config
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2021-09-13 06:10:55 -05:00
Simone Bordet
6023e13a01
Simplified release ticklist. ( #6700 )
...
Integrated test bullets into main ticklist.
Normalized spaces at 2 rather than 3 or 4.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2021-09-08 09:31:08 +02:00
Joakim Erdfelt
eb0755dfb2
Adding back dependabot configuration ( #6686 )
...
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2021-09-08 10:40:51 +10:00
Olivier Lamy
9a4ee7ad16
Extend stale mechanism to Pull Request. Mark them as stale after 15 days inactivity and not assigned to a project (uhmm not sure if this ignore draft) ( #6421 )
...
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
2021-07-07 16:53:16 +10:00
Greg Wilkins
b3322f0f43
Update release-template.md ( #6484 )
...
Add a notification step in testing.
2021-07-01 21:42:55 +10:00
Greg Wilkins
4665f3f718
Update release-template.md
...
quote parameters
2021-06-21 18:12:32 +10:00
Greg Wilkins
8db318e4f0
Update release-template.md
2021-06-21 18:09:39 +10:00
Greg Wilkins
c1867df53b
Release process issue template
...
Release process issue template.
Merging without a positive review as we need a process and this one has been used twice without significant problems. Any concerns can be raised in new PRs against it.
Signed-off-by: Greg Wilkins <gregw@webtide.com>
2021-06-21 11:34:04 +10:00
Greg Wilkins
dceb4184f8
Update enhancement-template.md
...
removed Enhancement from the title since the label is sufficient
2021-06-09 14:22:20 +10:00
Greg Wilkins
fc44ddacf8
Update issue-template.md
...
Added Bug label
2021-06-09 14:21:27 +10:00
Greg Wilkins
3a155e992e
Create enhancement-template.md
...
Added template for enhancement
2021-06-09 14:16:01 +10:00
Greg Wilkins
7aa5ed114b
Create config.yml
...
Added a config.yml in order to add reference to security guideline page
2021-06-09 14:01:48 +10:00
Simone Bordet
cb9abedb54
Removed the release template to avoid confusing users that open issues.
...
Template can be copied/pasted as necessary.
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
2021-06-08 17:50:17 +02:00
Greg Wilkins
842f513397
create release issue template
...
Created template for a release process.
2021-06-08 16:42:59 +10:00
Simone Bordet
8d46d3fc8f
Added hint to use java -version to report the Java version/vendor.
...
Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
(cherry picked from commit e5f28dbc16
)
2021-05-06 22:14:35 +02:00
Joakim Erdfelt
7da43cafba
Removing dependabot.yml temporarily
...
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2020-11-25 15:22:48 -06:00
Joakim Erdfelt
63fba2763b
Minor tweaks to dependabot.yml
...
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2020-11-09 14:40:15 -06:00
olivier lamy
510c1f4b20
too early to test that
...
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
2020-10-13 09:51:38 +10:00
olivier lamy
34365d0919
update labels
...
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
2020-10-13 09:15:22 +10:00
olivier lamy
69abaed168
enable github-branch-release-drafter
...
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
2020-10-13 09:09:00 +10:00
Joakim Erdfelt
28293737bf
Have dependabot monitor all 3 main branches
...
Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>
2020-09-27 08:37:12 -05:00
olivier lamy
ff3ebeff54
add dependabot for 9.4.x branch
...
Signed-off-by: olivier lamy <oliver.lamy@gmail.com>
2020-08-18 14:08:28 +08:00
Olivier Lamy
df85afbc63
Delete maven.yml
2020-07-28 20:32:30 +10:00