From 4aa3b9bd016ef5d9ce9bb63f260b7f6e35b649ff Mon Sep 17 00:00:00 2001 From: luzpaz Date: Sun, 28 Aug 2022 11:44:34 -0400 Subject: Fix typos (#18604) * Fix typos Found via `codespell -q 3 -S ./CHANGELOG.md,./AUTHORS.md,./config/locales,./app/javascript/mastodon/locales -L ba,keypair,medias,pixelx,ro` * Follow-up typo fix --- .github/workflows/linter.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to '.github') diff --git a/.github/workflows/linter.yml b/.github/workflows/linter.yml index f77a9720e..cd8cb12c4 100644 --- a/.github/workflows/linter.yml +++ b/.github/workflows/linter.yml @@ -55,7 +55,7 @@ jobs: with: node-version: 16.x cache: yarn - - name: Intall dependencies + - name: Install dependencies run: yarn install --frozen-lockfile - name: Set-up RuboCop Problem Mathcher uses: r7kamura/rubocop-problem-matchers-action@v1 -- cgit From af46584f826165687611d97c08dbecb8f1a0416b Mon Sep 17 00:00:00 2001 From: Ashish Kurmi <100655670+boahc077@users.noreply.github.com> Date: Thu, 8 Sep 2022 00:44:24 -0700 Subject: ci: add minimum GitHub token permissions for workflows (#19138) Signed-off-by: Ashish Kurmi Signed-off-by: Ashish Kurmi --- .github/workflows/build-image.yml | 3 +++ .github/workflows/check-i18n.yml | 3 +++ 2 files changed, 6 insertions(+) (limited to '.github') diff --git a/.github/workflows/build-image.yml b/.github/workflows/build-image.yml index 157c2fcde..624aabbe7 100644 --- a/.github/workflows/build-image.yml +++ b/.github/workflows/build-image.yml @@ -10,6 +10,9 @@ on: paths: - .github/workflows/build-image.yml - Dockerfile +permissions: + contents: read + jobs: build-image: runs-on: ubuntu-latest diff --git a/.github/workflows/check-i18n.yml b/.github/workflows/check-i18n.yml index 1c60515f8..a9d8ea2ea 100644 --- a/.github/workflows/check-i18n.yml +++ b/.github/workflows/check-i18n.yml @@ -9,6 +9,9 @@ on: env: RAILS_ENV: test +permissions: + contents: read + jobs: check-i18n: runs-on: ubuntu-latest -- cgit From 32c3bd3c53d14e3b43dd17e639475046bcb41183 Mon Sep 17 00:00:00 2001 From: Yamagishi Kazutoshi Date: Mon, 10 Oct 2022 07:32:40 +0900 Subject: Use pep440 for Docker image tag rules (#19332) --- .github/workflows/build-image.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to '.github') diff --git a/.github/workflows/build-image.yml b/.github/workflows/build-image.yml index 624aabbe7..39fe1bd0b 100644 --- a/.github/workflows/build-image.yml +++ b/.github/workflows/build-image.yml @@ -33,7 +33,8 @@ jobs: latest=auto tags: | type=edge,branch=main - type=match,pattern=v(.*),group=0 + type=pep440,pattern={{raw}} + type=pep440,pattern=v{{major}}.{{minor}} type=ref,event=pr - uses: docker/build-push-action@v3 with: @@ -41,5 +42,5 @@ jobs: platforms: linux/amd64,linux/arm64 push: ${{ github.event_name != 'pull_request' }} tags: ${{ steps.meta.outputs.tags }} - cache-from: type=registry,ref=tootsuite/mastodon:latest + cache-from: type=registry,ref=tootsuite/mastodon:edge cache-to: type=inline -- cgit From 3702afec9f0a0009297baab5636000fa3a5b7789 Mon Sep 17 00:00:00 2001 From: Yamagishi Kazutoshi Date: Mon, 17 Oct 2022 15:32:48 +0900 Subject: Add detailed description section to issue template (#19365) --- .github/ISSUE_TEMPLATE/1.bug_report.yml | 14 ++++++++++++++ 1 file changed, 14 insertions(+) (limited to '.github') diff --git a/.github/ISSUE_TEMPLATE/1.bug_report.yml b/.github/ISSUE_TEMPLATE/1.bug_report.yml index 9cdf813f7..cdd08d2b0 100644 --- a/.github/ISSUE_TEMPLATE/1.bug_report.yml +++ b/.github/ISSUE_TEMPLATE/1.bug_report.yml @@ -31,6 +31,11 @@ body: description: What happened? validations: required: true + - type: textarea + attributes: + label: Detailed description + validations: + required: false - type: textarea attributes: label: Specifications @@ -38,5 +43,14 @@ body: What version or commit hash of Mastodon did you find this bug in? If a front-end issue, what browser and operating systems were you using? + placeholder: | + Mastodon 3.5.3 (or Edge) + Ruby 2.7.6 (or v3.1.2) + Node.js 16.18.0 + + Google Chrome 106.0.5249.119 + Firefox 105.0.3 + + etc... validations: required: true -- cgit From 29604763d7e8b639a21afeb6c8d8386d2226ddc8 Mon Sep 17 00:00:00 2001 From: Yarden Shoham Date: Sat, 5 Nov 2022 18:27:44 +0200 Subject: Remove broken link references to bug bounty program (#19779) The link https://app.intigriti.com/programs/mastodon/mastodonio/detail no longer works * Closes #19491 Signed-off-by: Yarden Shoham Signed-off-by: Yarden Shoham --- .github/ISSUE_TEMPLATE/config.yml | 5 +---- SECURITY.md | 4 +--- 2 files changed, 2 insertions(+), 7 deletions(-) (limited to '.github') diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml index 7c0dbaf67..fd62889d0 100644 --- a/.github/ISSUE_TEMPLATE/config.yml +++ b/.github/ISSUE_TEMPLATE/config.yml @@ -2,7 +2,4 @@ blank_issues_enabled: false contact_links: - name: GitHub Discussions url: https://github.com/mastodon/mastodon/discussions - about: Please ask and answer questions here. - - name: Bug Bounty Program - url: https://app.intigriti.com/programs/mastodon/mastodonio/detail - about: Please report security vulnerabilities here. + about: Please ask and answer questions here. \ No newline at end of file diff --git a/SECURITY.md b/SECURITY.md index 62e23f736..9a72f3640 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -1,6 +1,6 @@ # Security Policy -If you believe you've identified a security vulnerability in Mastodon (a bug that allows something to happen that shouldn't be possible), you should submit the report through our [Bug Bounty Program][bug-bounty]. Alternatively, you can reach us at . +If you believe you've identified a security vulnerability in Mastodon (a bug that allows something to happen that shouldn't be possible), you can reach us at . You should *not* report such issues on GitHub or in other public spaces to give us time to publish a fix for the issue without exposing Mastodon's users to increased risk. @@ -16,5 +16,3 @@ A "vulnerability in Mastodon" is a vulnerability in the code distributed through | 3.4.x | Yes | | 3.3.x | No | | < 3.3 | No | - -[bug-bounty]: https://app.intigriti.com/programs/mastodon/mastodonio/detail -- cgit