summaryrefslogtreecommitdiff
path: root/.github
Commit message (Collapse)AuthorAgeFilesLines
* github: fix incomplete permission to label PRs for HacktoberfestMarc Hoersken2021-10-271-1/+3
| | | | | | | Unfortunately the GitHub API requires a token with write permission for both issues and pull-requests to edit labels on even just PRs. Follow up to #7897
* github: fix missing permission to label PRs for HacktoberfestMarc Hoersken2021-10-271-0/+3
| | | | | | | | | Follow up to #7897 Test references to see if permissions are now sufficient: Closes #7832 Closes #7897
* CI: more use of test-ci make target and verbose outputMarc Hoersken2021-10-272-4/+4
| | | | | | | | | | | Replace test-nonflaky with test-ci and enable verbose output in all remaining CIs except Zuul which is customized a lot. Reviewed-by: Daniel Stenberg Reviewed-by: Jay Satiro Follow up to #7785 Closes #7832
* github: add support for Hacktoberfest using labelsMarc Hoersken2021-10-271-0/+53
| | | | | | | | | | | | | | | | | | Automatically add hacktoberfest-accepted label to PRs opened between September 30th and November 1st once a commit with a close reference to it is pushed onto the master branch. With this workflow we can participate in Hacktoberfest while not relying on GitHub to identify PRs as merged due to our rebasing. Requires hacktoberfest-accepted labels to exist for PRs on the participating repository. Also requires hacktoberfest topic on the participating repository to avoid applying to forked repos. Reviewed-by: Daniel Stenberg Fixes #7865 Closes #7897
* CI/makefiles: introduce dedicated test targetMarc Hoersken2021-10-082-2/+2
| | | | | | | | | | Make it easy to use the same set of test flags throughout all current and future CI builds. Reviewed-by: Jay Satiro Follow up to #7690 Closes #7785
* codeql: fix error "Resource not accessible by integration"Jay Satiro2021-08-171-0/+3
| | | | | | | | | | | | | - Enable codeql writing security-events. GitHub set the default permissions to read, apparently since earlier this year. Ref: https://github.com/github/codeql-action/issues/464 Ref: https://github.blog/changelog/2021-04-20-github-actions-control-permissions-for-github_token/ Fixes https://github.com/curl/curl/issues/7575 Closes https://github.com/curl/curl/pull/7576
* GHA: run all tests for hyper tooDaniel Stenberg2021-06-101-1/+0
| | | | | | As it lists disabled ones in DISABLED now Closes #7209
* GHA: add several libcurl tests to the hyper jobDaniel Stenberg2021-06-071-1/+1
| | | | 500 to 512
* GHA: run the newly fixed tests with hyperDaniel Stenberg2021-06-071-1/+1
| | | | Closes #7205
* GHA: add a linux-hyper jobDaniel Stenberg2021-06-074-5/+54
| | | | Closes #7206
* metalink: removeDaniel Stenberg2021-06-071-11/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Warning: this will make existing curl command lines that use metalink to stop working. Reasons for removal: 1. We've found several security problems and issues involving the metalink support in curl. The issues are not detailed here. When working on those, it become apparent to the team that several of the problems are due to the system design, metalink library API and what the metalink RFC says. They are very hard to fix on the curl side only. 2. The metalink usage with curl was only very briefly documented and was not following the "normal" curl usage pattern in several ways, making it surprising and non-intuitive which could lead to further security issues. 3. The metalink library was last updated 6 years ago and wasn't so active the years before that either. An unmaintained library means there's a security problem waiting to happen. This is probably reason enough. 4. Metalink requires an XML parsing library, which is complex code (even the smaller alternatives) and to this day often gets security updates. 5. Metalink is not a widely used curl feature. In the 2020 curl user survey, only 1.4% of the responders said that they'd are using it. In 2021 that number was 1.2%. Searching the web also show very few traces of it being used, even with other tools. 6. The torrent format and associated technology clearly won for downloading large files from multiple sources in parallel. Cloes #7176
* github: remove the cmake macOS gcc-8 jobsDaniel Stenberg2021-06-041-3/+0
| | | | | | | They're too similar to the gcc-9 ones to be useful (and seems to not work anymore). Closes #7187
* github: timeout jobs on macOS after 90 minutesDaniel Stenberg2021-06-021-0/+1
| | | | | Assisted-by: Marc Hoersken Closes #7173
* github: inhibit deprecated declarations for clang on macOSDaniel Stenberg2021-05-171-1/+1
| | | | | | | ... as they otherwise cause ldap build errors in the CI. Fixes #7081 Closes #7082
* github: add a workflow with libssh2 on macOS using cmakeDaniel Stenberg2021-05-161-0/+3
| | | | Closes #7047
* .github/FUNDING: add link to GitHub sponsorsTobias Gabriel2021-05-031-0/+1
| | | | Closes #6985
* docs: camelcase it like GitHub everywhereAyushman Singh Chauhan2021-04-281-1/+1
| | | | Closes #6979
* ci: adapt to configure requiring an explicit TLS choiceDaniel Stenberg2021-04-221-9/+10
|
* configure: provide --with-openssl, deprecate --with-sslDaniel Stenberg2021-04-151-2/+2
| | | | | | Makes the option more explicit. Closes #6887
* github/workflow: add "security-extended" to codeql-analysis.ymlAnthony Shaw2021-04-091-0/+1
| | | | | | Extends the CodeQL code scan. Closes #6815
* github: add torture-ftp for FTP-only torture testingDaniel Stenberg2021-03-121-0/+5
| | | | | | and at 20% to try to keep the run-time reasonable Closes #6728
* CI: fix warning with the latest versionsXhmikosR2020-12-251-9/+0
| | | | | | `git checkout HEAD^2` is no longer needed Closes #6369
* Revert "CI/github: work-around for brew breakage on macOS"Daniel Stenberg2020-12-161-12/+6
| | | | | | | | This reverts commit 4cbb17a2cbbbe6337142d39479e21c3990b9c22f. ... as the work-around now causes failures. Closes #6332
* curl.se: new homeDaniel Stenberg2020-11-043-7/+7
| | | | Closes #6172
* CI/github: work-around for brew breakage on macOSDaniel Stenberg2020-10-261-6/+12
| | | | | | | ... and make it use OpenSSL 1.1 properly Fixes #6130 Closes #6129
* alt-svc: enable by defaultDaniel Stenberg2020-10-251-1/+1
| | | | | | | | Remove CURLALTSVC_IMMEDIATELY, which was never implemented/supported. alt-svc support in curl is no longer considered experimental Closes #5868
* github: remove the duplicate "Security vulnerability" entryDaniel Stenberg2020-09-171-3/+0
| | | | | | ... since github adds an entry automatically by itself. Closes #5970
* github: use new issue template featureEmil Engler2020-09-172-0/+23
| | | | | | | This helps us to avoid getting feature requests as well as security bugs reported into the issue tracker. Closes #5936
* TLS naming: fix more Winssl and Darwinssl leftoversDaniel Stenberg2020-08-081-1/+1
| | | | | | | | | | | | | The CMake option is now called CMAKE_USE_SCHANNEL The winbuild flag is USE_SCHANNEL The CI jobs and build scripts only use the new names and the new name options Tests now require 'Schannel' (when necessary) Closes #5795
* CI/macos: set minimum macOS versionMarcel Raad2020-07-261-3/+17
| | | | | | | This enables some deprecation warnings. Previously, autotools defaulted to 10.8. Closes https://github.com/curl/curl/pull/5723
* CI/macos: enable warnings as errors for CMake buildsMarcel Raad2020-07-251-1/+3
| | | | Closes https://github.com/curl/curl/pull/5716
* CI/macos: unconditionally enable warnings-as-errors with autotoolsMarcel Raad2020-07-191-3/+6
| | | | | | Previously, warnings were only visible in the output for most jobs. Closes https://github.com/curl/curl/pull/5694
* workflows: limit what branches to run CodeQL onMarc Hoersken2020-07-131-4/+9
| | | | | | | | | | Align CodeQL action with existing CI actions: - Update branch filter to avoid duplicate CI runs. - Shorten workflow name due to informative job name. Reviewed-by: Daniel Stenberg Closes #5660
* codeql-analysis.yml: fix the 'languages' settingDaniel Stenberg2020-06-261-2/+3
| | | | It needs a 'with:' in front of it.
* gtihub: codeql-analysis.ymlDaniel Stenberg2020-06-261-0/+49
| | | enables code security scanning with github actions
* CI/macos: fix 'is already installed' errors by using bundleMarc Hoersken2020-06-031-4/+10
| | | | | | Avoid failing CI builds due to nghttp2 being already installed. Closes #5513
* github/workflow: enable MQTT in the macOS debug buildDaniel Stenberg2020-04-141-1/+1
|
* CI/macos: convert CRLF to LF and align indentationMarc Hoersken2020-04-101-97/+97
|
* github actions: run when pushed to master or */ci + PRsDaniel Stenberg2020-04-082-2/+20
| | | | | | | Avoid double-builds when using "local" branches for PRs. For both macos and fuzz jobs. Closes #5201
* CI-fuzz: increase fuzz time to 40 minutesLeo Neat2020-04-021-1/+1
| | | | Closes #5174
* CI: remove default Ubuntu build from GitHub ActionsMarc Hoersken2020-03-241-17/+0
| | | | | We are already running a very similar Ubuntu build on Travis CI. The macOS variant of this default build is kept on Github Actions.
* CI: bring GitHub Actions fuzzing job in line with macOS jobsMarc Hoersken2020-03-241-3/+7
| | | | Update YAML formatting, job naming and triggers.
* CI: migrate macOS jobs from Azure and Travis CI to GitHub ActionsMarc Hoersken2020-03-241-0/+88
| | | | | | | | | Reduce workload on Azure Pipelines and Travis CI while consolidating macOS jobs onto less utilized GitHub Actions. Reviewed-by: Daniel Stenberg Closes #5124
* CIfuzz: switch off 'dry_run' modeDaniel Stenberg2020-02-281-3/+2
| | | | | | Follow-up from #4960: now make it fail if it detects problems. Closes #4998
* github action: add CIFuzzLeo Neat2020-02-211-0/+24
| | | | Closes #4960
* github: Instructions to post "uname -a" on Unix systems in issuesEmil Engler2020-02-081-0/+2
| | | | Closes #4896
* github action/azure pipeline: run 'make test-nonflaky' for testsDaniel Stenberg2019-12-031-1/+1
| | | | To match travis and give more info on failures.
* CI: inintial github action jobDaniel Stenberg2019-09-141-0/+17
| | | First shot at a CI build on github actions
* .github/FUNDING: mention our opencollective "home" [ci skip]Daniel Stenberg2019-05-231-0/+1
|
* docs/BUG-BOUNTY: bug bounty time [skip ci]Daniel Stenberg2019-04-221-2/+3
| | | | | | | | | | Introducing the curl bug bounty program on hackerone. We now recommend filing security issues directly in the hackerone ticket system which only is readable to curl security team members. Assisted-by: Daniel Gustafsson Closes #3488
View Lorry Controller Status