Cutlery/caddy
1
0
Fork 0
mirror of https://github.com/caddyserver/caddy.git synced 2026-03-09 11:35:38 -04:00
Code Issues Actions Packages Projects Releases Wiki Activity
2,504 Commits 33 Branches 152 Tags
Commit Graph

11 Commits

Author SHA1 Message Date
dependabot[bot]
9371ee67c6
build(deps): bump the actions-deps group across 1 directory with 12 updates (#7536)
Some checks failed
Tests / test (./cmd/caddy/caddy, ~1.26.0, ubuntu-latest, 0, 1.26, linux) (push) Failing after 2m39s
Details
Tests / test (s390x on IBM Z) (push) Has been skipped
Details
Tests / goreleaser-check (push) Has been skipped
Details
Cross-Build / build (~1.26.0, 1.26, aix) (push) Successful in 1m28s
Details
Cross-Build / build (~1.26.0, 1.26, darwin) (push) Successful in 1m24s
Details
Cross-Build / build (~1.26.0, 1.26, dragonfly) (push) Successful in 1m22s
Details
Cross-Build / build (~1.26.0, 1.26, freebsd) (push) Successful in 1m25s
Details
Cross-Build / build (~1.26.0, 1.26, illumos) (push) Successful in 1m23s
Details
Cross-Build / build (~1.26.0, 1.26, linux) (push) Successful in 1m23s
Details
Cross-Build / build (~1.26.0, 1.26, netbsd) (push) Successful in 1m28s
Details
Cross-Build / build (~1.26.0, 1.26, openbsd) (push) Successful in 1m24s
Details
Cross-Build / build (~1.26.0, 1.26, solaris) (push) Successful in 1m27s
Details
Cross-Build / build (~1.26.0, 1.26, windows) (push) Successful in 1m27s
Details
Lint / lint (ubuntu-latest, linux) (push) Successful in 2m34s
Details
Lint / govulncheck (push) Successful in 1m26s
Details
Lint / dependency-review (push) Failing after 1m2s
Details
OpenSSF Scorecard supply-chain security / Scorecard analysis (push) Failing after 5m36s
Details
Tests / test (./cmd/caddy/caddy, ~1.26.0, macos-14, 0, 1.26, mac) (push) Has been cancelled
Details
Tests / test (./cmd/caddy/caddy.exe, ~1.26.0, windows-latest, True, 1.26, windows) (push) Has been cancelled
Details
Lint / lint (macos-14, mac) (push) Has been cancelled
Details
Lint / lint (windows-latest, windows) (push) Has been cancelled
Details 
Bumps the actions-deps group with 12 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [actions/checkout](https://github.com/actions/checkout) | `5.0.0` | `6.0.2` |
| [github/ai-moderator](https://github.com/github/ai-moderator) | `1.1.2` | `1.1.4` |
| [step-security/harden-runner](https://github.com/step-security/harden-runner) | `2.13.1` | `2.15.0` |
| [actions/setup-go](https://github.com/actions/setup-go) | `6.0.0` | `6.3.0` |
| [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.6.2` | `7.0.0` |
| [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action) | `6.4.0` | `7.0.0` |
| [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) | `8.0.0` | `9.2.0` |
| [actions/dependency-review-action](https://github.com/actions/dependency-review-action) | `4.8.0` | `4.8.3` |
| [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) | `3.10.0` | `4.0.0` |
| [anchore/sbom-action](https://github.com/anchore/sbom-action) | `0.20.6` | `0.23.0` |
| [peter-evans/repository-dispatch](https://github.com/peter-evans/repository-dispatch) | `4.0.0` | `4.0.1` |
| [github/codeql-action](https://github.com/github/codeql-action) | `3.30.5` | `4.32.4` |



Updates `actions/checkout` from 5.0.0 to 6.0.2
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](08c6903cd8...de0fac2e45)

Updates `github/ai-moderator` from 1.1.2 to 1.1.4
- [Release notes](https://github.com/github/ai-moderator/releases)
- [Commits](6bcdb2a79c...81159c3707)

Updates `step-security/harden-runner` from 2.13.1 to 2.15.0
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](f4a75cfd61...a90bcbc653)

Updates `actions/setup-go` from 6.0.0 to 6.3.0
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](4469467582...4b73464bb3)

Updates `actions/upload-artifact` from 4.6.2 to 7.0.0
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](ea165f8d65...bbbca2ddaa)

Updates `goreleaser/goreleaser-action` from 6.4.0 to 7.0.0
- [Release notes](https://github.com/goreleaser/goreleaser-action/releases)
- [Commits](e435ccd777...ec59f474b9)

Updates `golangci/golangci-lint-action` from 8.0.0 to 9.2.0
- [Release notes](https://github.com/golangci/golangci-lint-action/releases)
- [Commits](4afd733a84...1e7e51e771)

Updates `actions/dependency-review-action` from 4.8.0 to 4.8.3
- [Release notes](https://github.com/actions/dependency-review-action/releases)
- [Commits](56339e523c...05fe457637)

Updates `sigstore/cosign-installer` from 3.10.0 to 4.0.0
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](d7543c93d8...faadad0cce)

Updates `anchore/sbom-action` from 0.20.6 to 0.23.0
- [Release notes](https://github.com/anchore/sbom-action/releases)
- [Changelog](https://github.com/anchore/sbom-action/blob/main/RELEASE.md)
- [Commits](f8bdd1d8ac...17ae174017)

Updates `peter-evans/repository-dispatch` from 4.0.0 to 4.0.1
- [Release notes](https://github.com/peter-evans/repository-dispatch/releases)
- [Commits](5fc4efd1a4...28959ce8df)

Updates `github/codeql-action` from 3.30.5 to 4.32.4
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](3599b3baa1...89a39a4e59)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: 6.0.2
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions-deps
- dependency-name: github/ai-moderator
  dependency-version: 1.1.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions-deps
- dependency-name: step-security/harden-runner
  dependency-version: 2.15.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions-deps
- dependency-name: actions/setup-go
  dependency-version: 6.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions-deps
- dependency-name: actions/upload-artifact
  dependency-version: 7.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions-deps
- dependency-name: goreleaser/goreleaser-action
  dependency-version: 7.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions-deps
- dependency-name: golangci/golangci-lint-action
  dependency-version: 9.2.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions-deps
- dependency-name: actions/dependency-review-action
  dependency-version: 4.8.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions-deps
- dependency-name: sigstore/cosign-installer
  dependency-version: 4.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions-deps
- dependency-name: anchore/sbom-action
  dependency-version: 0.23.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions-deps
- dependency-name: peter-evans/repository-dispatch
  dependency-version: 4.0.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions-deps
- dependency-name: github/codeql-action
  dependency-version: 4.32.4
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-04 21:29:44 -07:00
dependabot[bot]
afbdcec08b
build(deps): bump the actions-deps group with 8 updates (#7284) 
Bumps the actions-deps group with 8 updates:

| Package | From | To |
| --- | --- | --- |
| [step-security/harden-runner](https://github.com/step-security/harden-runner) | `2.13.0` | `2.13.1` |
| [actions/setup-go](https://github.com/actions/setup-go) | `5.5.0` | `6.0.0` |
| [actions/dependency-review-action](https://github.com/actions/dependency-review-action) | `4.7.3` | `4.8.0` |
| [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) | `3.9.2` | `3.10.0` |
| [anchore/sbom-action](https://github.com/anchore/sbom-action) | `0.20.5` | `0.20.6` |
| [peter-evans/repository-dispatch](https://github.com/peter-evans/repository-dispatch) | `3.0.0` | `4.0.0` |
| [ossf/scorecard-action](https://github.com/ossf/scorecard-action) | `2.4.2` | `2.4.3` |
| [github/codeql-action](https://github.com/github/codeql-action) | `3.30.0` | `3.30.5` |


Updates `step-security/harden-runner` from 2.13.0 to 2.13.1
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](ec9f2d5744...f4a75cfd61)

Updates `actions/setup-go` from 5.5.0 to 6.0.0
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](d35c59abb0...4469467582)

Updates `actions/dependency-review-action` from 4.7.3 to 4.8.0
- [Release notes](https://github.com/actions/dependency-review-action/releases)
- [Commits](595b5aeba7...56339e523c)

Updates `sigstore/cosign-installer` from 3.9.2 to 3.10.0
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](d58896d6a1...d7543c93d8)

Updates `anchore/sbom-action` from 0.20.5 to 0.20.6
- [Release notes](https://github.com/anchore/sbom-action/releases)
- [Changelog](https://github.com/anchore/sbom-action/blob/main/RELEASE.md)
- [Commits](da167eac91...f8bdd1d8ac)

Updates `peter-evans/repository-dispatch` from 3.0.0 to 4.0.0
- [Release notes](https://github.com/peter-evans/repository-dispatch/releases)
- [Commits](ff45666b94...5fc4efd1a4)

Updates `ossf/scorecard-action` from 2.4.2 to 2.4.3
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](05b42c6244...4eaacf0543)

Updates `github/codeql-action` from 3.30.0 to 3.30.5
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](2d92b76c45...3599b3baa1)

---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-version: 2.13.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions-deps
- dependency-name: actions/setup-go
  dependency-version: 6.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions-deps
- dependency-name: actions/dependency-review-action
  dependency-version: 4.8.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions-deps
- dependency-name: sigstore/cosign-installer
  dependency-version: 3.10.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions-deps
- dependency-name: anchore/sbom-action
  dependency-version: 0.20.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions-deps
- dependency-name: peter-evans/repository-dispatch
  dependency-version: 4.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions-deps
- dependency-name: ossf/scorecard-action
  dependency-version: 2.4.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions-deps
- dependency-name: github/codeql-action
  dependency-version: 3.30.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-01 23:11:09 +00:00
dependabot[bot]
5bc2afbbb6
build(deps): bump the actions-deps group with 6 updates (#7142) 
Bumps the actions-deps group with 6 updates:

| Package | From | To |
| --- | --- | --- |
| [step-security/harden-runner](https://github.com/step-security/harden-runner) | `2.12.1` | `2.13.0` |
| [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.6.1` | `4.6.2` |
| [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) | `e9a05e6d32d7ed22b5656cd874ef31af58d05bfa` | `d58896d6a1865668819e1d91763c7751a165e159` |
| [anchore/sbom-action](https://github.com/anchore/sbom-action) | `0.20.1` | `0.20.4` |
| [ossf/scorecard-action](https://github.com/ossf/scorecard-action) | `2.4.1` | `2.4.2` |
| [github/codeql-action](https://github.com/github/codeql-action) | `3.29.0` | `3.29.4` |


Updates `step-security/harden-runner` from 2.12.1 to 2.13.0
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](002fdce3c6...ec9f2d5744)

Updates `actions/upload-artifact` from 4.6.1 to 4.6.2
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v4.6.1...ea165f8d65b6e75b540449e92b4886f43607fa02)

Updates `sigstore/cosign-installer` from e9a05e6d32d7ed22b5656cd874ef31af58d05bfa to d58896d6a1865668819e1d91763c7751a165e159
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](e9a05e6d32...d58896d6a1)

Updates `anchore/sbom-action` from 0.20.1 to 0.20.4
- [Release notes](https://github.com/anchore/sbom-action/releases)
- [Changelog](https://github.com/anchore/sbom-action/blob/main/RELEASE.md)
- [Commits](9246b90769...7b36ad622f)

Updates `ossf/scorecard-action` from 2.4.1 to 2.4.2
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](f49aabe0b5...05b42c6244)

Updates `github/codeql-action` from 3.29.0 to 3.29.4
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](ce28f5bb42...4e828ff8d4)

---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-version: 2.13.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions-deps
- dependency-name: actions/upload-artifact
  dependency-version: 4.6.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions-deps
- dependency-name: sigstore/cosign-installer
  dependency-version: d58896d6a1865668819e1d91763c7751a165e159
  dependency-type: direct:production
  dependency-group: actions-deps
- dependency-name: anchore/sbom-action
  dependency-version: 0.20.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions-deps
- dependency-name: ossf/scorecard-action
  dependency-version: 2.4.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions-deps
- dependency-name: github/codeql-action
  dependency-version: 3.29.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-01 04:34:14 +03:00
Mohammed Al Sahaf
2f0fc62b34
chore: apply security best practices for CI (#7066)
Some checks failed
Tests / test (./cmd/caddy/caddy, ~1.24.1, ubuntu-latest, 0, 1.24, linux) (push) Failing after 3m9s
Details
Tests / test (s390x on IBM Z) (push) Has been skipped
Details
Tests / goreleaser-check (push) Has been skipped
Details
Cross-Build / build (~1.24.1, 1.24, aix) (push) Successful in 1m37s
Details
Cross-Build / build (~1.24.1, 1.24, darwin) (push) Successful in 1m32s
Details
Cross-Build / build (~1.24.1, 1.24, dragonfly) (push) Successful in 1m42s
Details
Cross-Build / build (~1.24.1, 1.24, freebsd) (push) Successful in 1m47s
Details
Cross-Build / build (~1.24.1, 1.24, illumos) (push) Successful in 1m44s
Details
Cross-Build / build (~1.24.1, 1.24, linux) (push) Successful in 1m46s
Details
Cross-Build / build (~1.24.1, 1.24, netbsd) (push) Successful in 1m32s
Details
Cross-Build / build (~1.24.1, 1.24, openbsd) (push) Successful in 1m27s
Details
Cross-Build / build (~1.24.1, 1.24, solaris) (push) Successful in 1m26s
Details
Cross-Build / build (~1.24.1, 1.24, windows) (push) Successful in 1m30s
Details
Lint / lint (ubuntu-latest, linux) (push) Successful in 2m18s
Details
Lint / govulncheck (push) Successful in 1m24s
Details
Lint / dependency-review (push) Failing after 1m1s
Details
OpenSSF Scorecard supply-chain security / Scorecard analysis (push) Failing after 2s
Details
Tests / test (./cmd/caddy/caddy, ~1.24.1, macos-14, 0, 1.24, mac) (push) Has been cancelled
Details
Tests / test (./cmd/caddy/caddy.exe, ~1.24.1, windows-latest, True, 1.24, windows) (push) Has been cancelled
Details
Lint / lint (macos-14, mac) (push) Has been cancelled
Details
Lint / lint (windows-latest, windows) (push) Has been cancelled
Details 
* chore: apply security best practices for CI

Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>

* remove redundant codeql job

Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>

* run scorecard flow on PRs

Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>

---------

Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
 2025-06-16 20:14:09 +00:00
Mohammed Al Sahaf
7a33f481f1
ci: add dep review, OSSF scorecard actions (#7063) 
* ci: add dep review action

Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>

* sprinkle permissions on Actions jobs

Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>

* README: add OpenSSF best practices badge

Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>

* add draft OpenSSF Scorecard workflow

Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>

---------

Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
 2025-06-12 23:40:51 +00:00
dependabot[bot]
223f314331
build(deps): bump peter-evans/repository-dispatch from 2 to 3 (#6080) 
Bumps [peter-evans/repository-dispatch](https://github.com/peter-evans/repository-dispatch) from 2 to 3.
- [Release notes](https://github.com/peter-evans/repository-dispatch/releases)
- [Commits](https://github.com/peter-evans/repository-dispatch/compare/v2...v3)

---
updated-dependencies:
- dependency-name: peter-evans/repository-dispatch
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-02-01 18:34:40 -05:00
Marten Seemann
f45a6de20d
go.mod: Update quic-go to v0.37.0, bump to Go 1.20 minimum (#5644) 
* update quic-go to v0.37.0

* Bump to Go 1.20

* Bump golangci-lint version, yml syntax consistency

* Use skip-pkg-cache workaround

* Workaround needed for both?

* Seeding weakrand is no longer necessary

---------

Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
 2023-07-21 22:00:48 -06:00
dependabot[bot]
cd49847edb
build(deps): bump peter-evans/repository-dispatch from 1 to 2 (#5261) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-12-19 18:44:54 -05:00
Francis Lavoie
2d0f8831f8
ci: Fix another oops with publish workflow (#3536) 2020-06-30 15:36:17 -04:00
Francis Lavoie
caca55e582
ci: Fix release publish trigger (#3524) 
Looks like event payloads need to be prefixed with `github.event` to get the actual payload contents. Didn't dig deep enough.

https://help.github.com/en/actions/reference/context-and-expression-syntax-for-github-actions#github-context
 2020-06-26 16:00:54 -04:00
Francis Lavoie
7211101c52
ci: Fix gemfury upload condition, move triggers to publish event (#3483) 2020-06-08 12:21:20 -06:00