diff --git a/.github/actions/sbom/action.yml b/.github/actions/sbom/action.yml index 0749d4f9..fac4a287 100644 --- a/.github/actions/sbom/action.yml +++ b/.github/actions/sbom/action.yml @@ -50,7 +50,7 @@ runs: - name: "Scan SBOM (private repo)" uses: anchore/scan-action@v3 - if: inputs.REPO_VISIBILITY == 'private' + if: always() with: sbom: "${{ github.event.repository.name }}-sbom.spdx.json" fail-build: false diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 99cee969..a808ab8c 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -1,8 +1,6 @@ version: 2 updates: - - -- package-ecosystem: nuget +- package-ecosystem: github-actions directory: "/" schedule: interval: daily @@ -15,76 +13,10 @@ updates: - credfeto allow: - dependency-type: all - ignore: - - dependency-name: "AWSSDK.*" - - dependency-name: "codecracker.CSharp" - - dependency-name: "Coverlet.*" - - dependency-name: "Credfeto.*" - - dependency-name: "FunFair.*" - - dependency-name: "Mediator.*" - - dependency-name: "Microsoft.AspNetCore.*" - - dependency-name: "Microsoft.CodeAnalysis.*" - - dependency-name: "Microsoft.Extensions.*" - - dependency-name: "NuGet.*" - - dependency-name: "Serilog.*" - - dependency-name: "Swashbuckle.*" - - dependency-name: "AsyncFixer" - - dependency-name: "BenchmarkDotNet" - - dependency-name: "BenchmarkDotNet.Diagnostics.dotTrace" - - dependency-name: "Castle.Core" - - dependency-name: "Cryptography.ECDSA.Secp256K1" - - dependency-name: "Dapper" - - dependency-name: "DisableDateTimeNow" - - dependency-name: "Discord.Net" - - dependency-name: "dotnetstandard-bip39" - - dependency-name: "FluentValidation" - - dependency-name: "FluentValidation.AspNetCore" - - dependency-name: "HexMate" - - dependency-name: "HtmlAgilityPack" - - dependency-name: "IPAddressRange" - - dependency-name: "Jetbrains.Annotations" - - dependency-name: "LibGit2Sharp" - - dependency-name: "Meziantou.Analyzer" - - dependency-name: "Meziantou.Framework.InlineSnapshotTesting" - - dependency-name: "MaxMind.GeoIP2" - - dependency-name: "MaxMind.MinFraud" - - dependency-name: "Microsoft.ApplicationInsights.AspNetCore" - - dependency-name: "Microsoft.NET.Test.Sdk" - - dependency-name: "Microsoft.VisualStudio.Threading.Analyzers" - - dependency-name: "MSBuild.Sdk.SqlProj" - - dependency-name: "NBitcoin" - - dependency-name: "Newtonsoft.Json" - - dependency-name: "NonBlocking" - - dependency-name: "Npgsql" - - dependency-name: "NSubstitute" - - dependency-name: "NSubstitute.Analyzers.CSharp" - - dependency-name: "Nullable.Extended.Analyzer" - - dependency-name: "Octopus.Client" - - dependency-name: "Philips.CodeAnalysis.DuplicateCodeAnalyzer" - - dependency-name: "Philips.CodeAnalysis.MaintainabilityAnalyzers" - - dependency-name: "Polly" - - dependency-name: "Portable.BouncyCastle" - - dependency-name: "Profanity.Detector" - - dependency-name: "Roslynator.Analyzers" - - dependency-name: "ScottPlot" - - dependency-name: "SecurityCodeScan.*" - - dependency-name: "SmartAnalyzers.CSharpExtensions.Annotations" - - dependency-name: "SonarAnalyzer.CSharp" - - dependency-name: "SourceLink.Create.CommandLine" - - dependency-name: "System.Data.SqlClient" - - dependency-name: "TeamCity.VSTest.TestAdapter" - - dependency-name: "ToStringWithoutOverrideAnalyzer" - - dependency-name: "TwitchLib.Api" - - dependency-name: "UAParser" - - dependency-name: "xunit" - - dependency-name: "xunit.analyzers" - - dependency-name: "xunit.runner.visualstudio" - - dependency-name: "Yoti" commit-message: prefix: "[Dependencies]" rebase-strategy: "auto" labels: - - "dotnet" + - "github-actions" - "dependencies" - "Changelog Not Required" - diff --git a/.github/labeler.yml b/.github/labeler.yml index 82d8f821..1b826798 100644 --- a/.github/labeler.yml +++ b/.github/labeler.yml @@ -1,48 +1,43 @@ "C#": - - any: [ './**/*.cs', './**/*.csproj' ] -"C# Project": - - any: [ './**/*.csproj' ] -"C# Solution": - - any: [ './**/*.sln' ] -"Powershell": - - any: [ './**/*.ps1', './**/*.psm1' ] + - src/**/*.cs + - src/**/*.csproj + "SQL": - - any: [ 'db/**/*', './**/*.sql' ] + - db/**/* + - tools/**/*.sql + "Solidity": - - any: [ './**/*.sol' ] + - src/**/*.sol + "unit-tests": - - any: [ 'src/*.Tests.*/**/*', 'src/*.Tests/**/*', 'src/*.Tests.Integration.*/**/*', 'src/*.Tests.Integration/**/*' ] + - src/*.Tests.*/**/* + - src/*.Tests.Integration.*/**/* + - src/*.Tests/**/* + - src/*.Tests.Integration/**/* + ".NET update": - - any: [ 'src/global.json' ] + - src/global.json + "Config Change": - - any: [ 'src/**/*.json', '!src/global.json' ] + - src/**/*.json + "Static Code Analysis Rules": - - any: [ 'src/CodeAnalysis.ruleset' ] + - src/CodeAnalysis.ruleset + "Migration Script": - - any: [ 'tools/MigrationScripts/**/*' ] + - tools/MigrationScripts/**/* + "Legal Text": - - any: [ 'tools/LegalText/**/*' ] + - tools/LegalText/**/* + "Change Log": - - any: [ 'CHANGELOG.md' ] + - CHANGELOG.md + "Read Me": - - any: [ 'README.md' ] + - README.md + "Setup": - - any: [ 'SETUP.md' ] -"Markdown": - - any: [ './**/*.md' ] + - SETUP.md + "github-actions": - - any: [ '.github/workflows/*.yml' ] -"FunFair.BuildVersion": - - any: [ 'src/FunFair.BuildVersion/**/*' ] -"Detection": - - any: [ 'src/FunFair.BuildVersion.Detection/**/*' ] -"Detection.Tests": - - any: [ 'src/FunFair.BuildVersion.Detection.Tests/**/*' ] -"Interfaces": - - any: [ 'src/FunFair.BuildVersion.Interfaces/**/*' ] -"Publishers": - - any: [ 'src/FunFair.BuildVersion.Publishers/**/*' ] -"Publishers.Tests": - - any: [ 'src/FunFair.BuildVersion.Publishers.Tests/**/*' ] -"prepublish": - - any: [ 'src/prepublish/**/*' ] + - ".github/workflows/*.yml" diff --git a/.github/labels.yml b/.github/labels.yml index 66936f66..9e33498f 100644 --- a/.github/labels.yml +++ b/.github/labels.yml @@ -1,144 +1,5 @@ - - name: "C#" - color: "db6baa" - description: "C# Source Files" - - - name: "C# Project" - color: "db6baa" - description: "C# Project Files" - - - name: "C# Solution" - color: "db6baa" - description: "C# Solutions" - - - name: "Powershell" - color: "23bc12" - description: "Powershell Source Files" - - - name: "SQL" - color: "413cd1" - description: "SQL Source Files" - - - name: "Solidity" - color: "413cd1" - description: "Solidity Source Files" - - - name: "unit-tests" - color: "0e8a16" - description: "Unit test and integration test projects" - - - name: ".NET update" - color: "a870c9" - description: "Update to .net global.json" - - - name: "Config Change" - color: "d8bb50" - description: "Configuration files changes" - - - name: "Static Code Analysis Rules" - color: "00dead" - description: "Ruleset for static code analysis files" - - - name: "Migration Script" - color: "b680e5" - description: "SQL Migration scripts" - - - name: "Legal Text" - color: "facef0" - description: "Legal text files" - - - name: "Change Log" - color: "53fcd4" - description: "Changelog tracking file" - - - name: "Read Me" - color: "5319e7" - description: "Repository readme file" - - - name: "Setup" - color: "5319e7" - description: "Setup instructions" - - - name: "Markdown" - color: "5319e7" - description: "Markdown files" - - - name: "github-actions" - color: "e09cf4" - description: "Github actions workflow files" - - - name: "Tech Debt" - color: "30027a" - description: "Technical debt" - - - name: "auto-pr" - color: "0000aa" - description: "Pull request created automatically" - - - name: "no-pr-activity" - color: "ffff00" - description: "Pull Request has had no activity for a long time" - - - name: "!!! WAITING FOR CLIENT PR" - color: "ffff00" - description: "Pull request needs a client pull request to be merged at the same time" - - - name: "!!! WAITING FOR WALLET PR" - color: "ffff00" - description: "Pull request needs a wallet pull request to be merged at the same time" - - - name: "!!! WAITING FOR SERVER PR" - color: "ffff00" - description: "Pull request needs a server pull request to be merged at the same time" - - - name: "!!! WAITING FOR QA SIGNOFF" - color: "ffff00" - description: "Pull request needs a QA Signoff before it can be merged" - - - name: "!!! WAITING FOR ETHEREUM PR" - color: "ffff00" - description: "Pull request needs a server ethereum pull request to be merged at the same time" - - - name: "dependencies" - color: "0366d6" - description: "Updates to dependencies" - - - name: "dotnet" - color: "db6baa" - description: "Dotnet package updates" - - - name: "npm" - color: "e99695" - description: "npm package upate" - - - name: "DO NOT MERGE" - color: "ff0000" - description: "This pull request should not be merged yey" - - - name: "FunFair.BuildVersion" - color: "96f7d2" - description: "Changes in FunFair.BuildVersion project" - - - name: "Detection" - color: "96f7d2" - description: "Changes in FunFair.BuildVersion.Detection project" - - - name: "Detection.Tests" - color: "0e8a16" - description: "Changes in FunFair.BuildVersion.Detection.Tests project" - - - name: "Interfaces" - color: "96f7d2" - description: "Changes in FunFair.BuildVersion.Interfaces project" - - - name: "Publishers" - color: "96f7d2" - description: "Changes in FunFair.BuildVersion.Publishers project" - - - name: "Publishers.Tests" - color: "0e8a16" - description: "Changes in FunFair.BuildVersion.Publishers.Tests project" - - - name: "prepublish" - color: "96f7d2" - description: "Changes in prepublish project" +"Config Change": + - any: [ 'src/**/*.json', '!src/global.json' ] +"Github Actions": + - any: [ '.github/workflows/*.yml' ]