mozilla/fxa - fxa

Граф коммитов

Автор	SHA1	Сообщение	Дата
Reino Muhl	9fc1193385	feat(scripts): pull pdfs from legal-docs Because: - We need to pull the latest pdfs from legal-docs into the fxa assets folder. This commit: - Create a script to copy the latest pdfs into assets/legal. - Create a Github Action to automatically pull in the pdfs from legal-docs, and open a pull request to move pdfs into assets/legal. Closes #fxa-5100	2022-10-20 18:22:29 -04:00
dependabot[bot]	106d8467a4	chore(deps): bump slackapi/slack-github-action from 1.22.0 to 1.23.0 Bumps [slackapi/slack-github-action](https://github.com/slackapi/slack-github-action) from 1.22.0 to 1.23.0. - [Release notes](https://github.com/slackapi/slack-github-action/releases) - [Commits](https://github.com/slackapi/slack-github-action/compare/v1.22.0...v1.23.0) --- updated-dependencies: - dependency-name: slackapi/slack-github-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2022-10-13 06:27:24 +00:00
Bryan Olsson	e6899f4b33	chore(l10n): improve checking of reviewer status to reduce redundant review requests	2022-10-11 16:45:57 -07:00
Bryan Olsson	c93cae02aa	chore(l10n): Revise workflow to fetch base commit Because: * Action fails under certain conditions when it tries to checkout the base SHA but it cannot be found This commit: * Adds an explicit fetch for the base SHA to ensure it can be checked out	2022-10-03 12:44:24 -07:00
Bryan Olsson	9a0e344e7b	chore(l10n): check if PR breaks build, flag gettext reviews Because: * Certain modern javascript syntax breaks the l10n-extract process. * Gettext strings currently are not reviewed for localization issues until export to Pontoon This commit: * Runs "npx grunt l10n-extract" whenever a PR makes a change to fxa-content-server. An unsupported syntax will cause the build to fail, alerting ahead of time. * Flags mozilla/fxa-l10n for review if a change creates new gettext strings	2022-09-22 15:31:04 -07:00
dependabot[bot]	2934ce6d41	chore(deps): bump slackapi/slack-github-action from 1.21.0 to 1.22.0 Bumps [slackapi/slack-github-action](https://github.com/slackapi/slack-github-action) from 1.21.0 to 1.22.0. - [Release notes](https://github.com/slackapi/slack-github-action/releases) - [Commits](https://github.com/slackapi/slack-github-action/compare/v1.21.0...v1.22.0) --- updated-dependencies: - dependency-name: slackapi/slack-github-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2022-09-14 06:49:54 +00:00
Lisa Chan	9d86c48789	fix(dependabot): fix ignore patch releases	2022-08-26 09:17:17 -04:00
Wil Clouser	7707fcbf3f	chore(dependabot): ignore patch releases Because: * we have too much dependabot traffic This commit: * ignores patch releases Closes FXA-5684	2022-08-19 15:06:25 -07:00
dependabot[bot]	26b79218c8	chore(deps): bump slackapi/slack-github-action from 1.19.0 to 1.21.0 Bumps [slackapi/slack-github-action](https://github.com/slackapi/slack-github-action) from 1.19.0 to 1.21.0. - [Release notes](https://github.com/slackapi/slack-github-action/releases) - [Commits](https://github.com/slackapi/slack-github-action/compare/v1.19.0...v1.21.0) --- updated-dependencies: - dependency-name: slackapi/slack-github-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2022-07-28 06:58:07 +00:00
Dustin Lactin	fd1344009a	Updated upload-assets-to-cdn workflow to use github context for slack-message variables	2022-06-15 09:27:14 -06:00
Dustin Lactin	3426d29c88	Added workflow_dispatch trigger to allow manual runs	2022-06-14 11:22:41 -06:00
Dustin Lactin	26d3a77ba2	Using context property syntax for variables in slack notifcation	2022-06-14 10:02:42 -06:00
Bryan Olsson	7db7a5db31	chore(repo): set l10n drivers as owners of .ftl files Because: * localization team should be notified for changes to Fluent files, so that review can happen during development instead of after landing This commit: * update CODEOWNERS with l10n project owners Co-authored-by: Francesco Lodolo <flod@lodolo.net>	2022-06-01 20:56:32 +02:00
Jon Buckley	17ce8ede79	fix(ci): Interpolate Slack message correctly	2022-05-19 13:15:50 -04:00
Wil Clouser	cf7a078d98	Merge pull request #12648 from turrisxyz/setup-permissions chore: Set permissions for GitHub actions	2022-05-06 15:34:28 -07:00
naveen	a65e6ebb17	chore: Set permissions for GitHub actions Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much. - Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs [Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/) Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com> Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>	2022-05-06 17:22:53 -05:00
Wil Clouser	5c0fde3070	Merge pull request #12792 from mozilla/dependabot/github_actions/actions/checkout-3 chore(deps): bump actions/checkout from 2 to 3	2022-05-06 13:04:58 -07:00
Wil Clouser	9cc9617141	Merge pull request #12793 from mozilla/dependabot/github_actions/slackapi/slack-github-action-1.19.0 chore(deps): bump slackapi/slack-github-action from 1.16.0 to 1.19.0	2022-05-06 13:04:16 -07:00
dependabot[bot]	519c94e47a	chore(deps): bump slackapi/slack-github-action from 1.16.0 to 1.19.0 Bumps [slackapi/slack-github-action](https://github.com/slackapi/slack-github-action) from 1.16.0 to 1.19.0. - [Release notes](https://github.com/slackapi/slack-github-action/releases) - [Commits](https://github.com/slackapi/slack-github-action/compare/v1.16.0...v1.19.0) --- updated-dependencies: - dependency-name: slackapi/slack-github-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2022-05-06 16:19:24 +00:00
dependabot[bot]	be50585368	chore(deps): bump actions/checkout from 2 to 3 Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v2...v3) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2022-05-06 16:19:20 +00:00
dependabot[bot]	4d893140b5	chore(deps): bump github/codeql-action from 1 to 2 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 1 to 2. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/v1...v2) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2022-05-06 16:19:16 +00:00
naveensrinivasan	b9aeed5163	chore: Included githubactions in the dependabot config This should help with keeping the GitHub actions updated on new releases. This will also help with keeping it secure. Dependabot helps in keeping the supply chain secure https://docs.github.com/en/code-security/dependabot GitHub actions up to date https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot https://github.com/ossf/scorecard/blob/main/docs/checks.md#dependency-update-tool Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>	2022-05-06 10:18:35 -05:00
Dustin Lactin	37fd02e782	Added missing permissions needed to interact with GitHub's OIDC Token endpoint	2022-02-16 10:13:43 -07:00
Wil Clouser	719696a816	Merge pull request #11733 from mozilla/FXA-4478-add-other-directory-to-asset-push-automation chore(scripts): Add 'other' assets directory to upload script	2022-01-31 08:39:31 -08:00
Barry Chen	abe42d1e32	chore(repo): set fxa-devs to own all things Because: - we shouldn't depend on humans to remember to request a PR review from mozilla/fxa-devs This commit: - update and move CODEOWNERS so that mozilla/fxa-devs is the owner of the entire repo	2022-01-27 12:58:49 -06:00
Wil Clouser	f3e3a8f86c	chore(scripts): Add 'other' assets directory to upload script Because: * the /other/ directory doesn't get uploaded for some reason This commit: * adds it to the upload script Closes #4478	2022-01-24 16:04:04 -08:00
Danny Coates	50e124b518	feat(services): remove fxa-auth-db-mysql, fxa-email-event-proxy, and fxa-email-service and fxa-metrics-processor	2022-01-13 16:23:22 -08:00
Jon Buckley	aa74ddceef	Merge pull request #11013 from mozilla/automatic-asset-upload Automatic asset upload	2021-12-08 00:00:48 -05:00
Dustin Lactin	546f0e6dc1	Changed aws s3 cp to sync and fixed argument ordering	2021-11-25 08:39:23 -07:00
Dustin Lactin	d98a1c75b7	Added slack message to fxa-team channel when assets have been uploaded.	2021-11-24 14:21:00 -07:00
Dustin Lactin	b9435059b3	Limited asset scope to file types required for each bucket path. (pdf/svg/png)	2021-11-24 12:08:52 -07:00
Reino Muhl	06cea5b97e	Revert "chore(deps-dev): bump jest-watch-typeahead from 0.6.5 to 1.0.0" (#11148 ) * Revert "chore(deps-dev): bump jest-watch-typeahead from 0.6.5 to 1.0.0 (#11123)" This reverts commit `a7460d79d6` * Add exception to dependabot	2021-11-24 14:08:20 -05:00
Dustin Lactin	655c772ab4	Updated aws-region to match stage infrastructure region	2021-11-17 10:02:37 -07:00
Dustin Lactin	d674243b53	Updated action to use OIDC provider instead of user access keys, added stage step	2021-11-15 13:52:35 -07:00
Dustin Lactin	dfda61f2cb	Github action to upload product-icons & legal assets to CDN origin S3 bucket	2021-11-15 13:22:27 -07:00
Danny Coates	6b5e90c67e	chore(deps): changed dependabot config	2021-08-23 10:52:14 -07:00
Danny Coates	694ff5f6af	chore(deps): update deps and start ignoring @types/* in dependabot	2021-06-23 08:11:07 -07:00
Wil Clouser	d4b899a2a7	fix dependabot syntax	2021-01-28 11:24:15 -08:00
Wil Clouser	a262ba2296	Up the dependabot limit to 6	2021-01-27 14:45:14 -08:00
Wil Clouser	5be3d1bde5	Create codeql-analysis.yml Maybe we can try this again now that we have Actions?	2020-12-17 12:38:04 -08:00
Dave Justice	81274d6f75	task(monorepo): add rtl checkbox to pr template	2020-10-21 06:07:31 +00:00
Wil Clouser	1eda19df43	chore(codeql): remove codeql yaml Because: * Github's codeql analysis is based on actions it won't for for `mozilla` organization. This file is unnecessary and will just lead to confusion having it here since it isn't working. This commit: * Removes the codeql-analysis file	2020-10-20 16:12:56 -07:00
Wil Clouser	ae7b611c49	Create codeql-analysis.yml	2020-10-09 12:33:27 -07:00
Vijay Budhram	a43361834b	fix(tests): Add codecov carry flags to circleci	2020-09-28 12:33:09 -04:00
Danny Coates	668edcd4f3	chore(deps): updated dependabot.yml	2020-09-17 23:56:19 -07:00
Vijay Budhram	e698388b23	fix(tests): disable codecov beta check annotations	2020-09-15 11:05:12 -04:00
Wil Clouser	6905488f2f	move dependabot config	2020-08-25 13:26:03 -07:00
Vijay Budhram	091fa09040	chore(coverage): disable codecov comments	2020-07-30 12:21:45 -04:00
Jody Heavener	01db98af8d	chore(github): minor updates to pull request template	2020-07-13 14:05:53 -04:00
Vijay Budhram	d7a7859ed0	fix(coverage): disable codecov for overall project since it varies so much	2020-06-30 15:20:01 -04:00

1 2

56 Коммитов