diff --git a/.github/workflows/command-compile.yml b/.github/workflows/command-compile.yml index b3989ff6390..c517120a144 100644 --- a/.github/workflows/command-compile.yml +++ b/.github/workflows/command-compile.yml @@ -52,20 +52,20 @@ jobs: exit 1 - name: Check actor permission - uses: skjnldsv/check-actor-permission@69e92a3c4711150929bca9fcf34448c5bf5526e7 # v2 + uses: skjnldsv/check-actor-permission@69e92a3c4711150929bca9fcf34448c5bf5526e7 # v3.0 with: require: write - name: Add reaction on start uses: peter-evans/create-or-update-comment@e8674b075228eee787fea43ef493e45ece1004c9 # v5.0.0 with: - token: ${{ secrets.COMMAND_BOT_PAT }} # zizmor: ignore[secrets-outside-env] + token: ${{ secrets.COMMAND_BOT_PAT }} repository: ${{ github.event.repository.full_name }} comment-id: ${{ github.event.comment.id }} reactions: '+1' - name: Parse command - uses: skjnldsv/parse-command-comment@5c955203c52424151e6d0e58fb9de8a9f6a605a1 # v2 + uses: skjnldsv/parse-command-comment@5c955203c52424151e6d0e58fb9de8a9f6a605a1 # v3.1 id: command # Init path depending on which command is run @@ -86,7 +86,7 @@ jobs: uses: peter-evans/create-or-update-comment@e8674b075228eee787fea43ef493e45ece1004c9 # v5.0.0 if: failure() with: - token: ${{ secrets.COMMAND_BOT_PAT }} # zizmor: ignore[secrets-outside-env] + token: ${{ secrets.COMMAND_BOT_PAT }} repository: ${{ github.event.repository.full_name }} comment-id: ${{ github.event.comment.id }} reactions: '-1' @@ -105,9 +105,8 @@ jobs: - name: Checkout ${{ needs.init.outputs.head_ref }} uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: - # Needed to allow force push later - persist-credentials: true - token: ${{ secrets.COMMAND_BOT_PAT }} # zizmor: ignore[secrets-outside-env] + persist-credentials: false + token: ${{ secrets.COMMAND_BOT_PAT }} fetch-depth: 0 ref: ${{ needs.init.outputs.head_ref }} @@ -124,7 +123,7 @@ jobs: fallbackNpm: '^11.3' - name: Set up node ${{ steps.package-engines-versions.outputs.nodeVersion }} - uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0 + uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0 with: node-version: ${{ steps.package-engines-versions.outputs.nodeVersion }} cache: npm @@ -134,11 +133,13 @@ jobs: - name: Rebase to ${{ needs.init.outputs.base_ref }} if: ${{ contains(needs.init.outputs.arg1, 'rebase') }} + env: + BASE_REF: ${{ needs.init.outputs.base_ref }} run: | - git fetch origin '${{ needs.init.outputs.base_ref }}:${{ needs.init.outputs.base_ref }}' + git fetch origin "${BASE_REF}:${BASE_REF}" # Start the rebase - git rebase 'origin/${{ needs.init.outputs.base_ref }}' || { + git rebase "origin/${BASE_REF}" || { # Handle rebase conflicts in a loop while [ -d .git/rebase-merge ] || [ -d .git/rebase-apply ]; do echo "Handling rebase conflict..." @@ -146,11 +147,11 @@ jobs: # Remove and checkout /dist and /js folders from the base branch if [ -d "dist" ]; then rm -rf dist - git checkout origin/${{ needs.init.outputs.base_ref }} -- dist/ 2>/dev/null || echo "No dist folder in base branch" + git checkout "origin/${BASE_REF}" -- dist/ 2>/dev/null || echo "No dist folder in base branch" fi if [ -d "js" ]; then rm -rf js - git checkout origin/${{ needs.init.outputs.base_ref }} -- js/ 2>/dev/null || echo "No js folder in base branch" + git checkout "origin/${BASE_REF}" -- js/ 2>/dev/null || echo "No js folder in base branch" fi # Stage all changes @@ -182,20 +183,26 @@ jobs: - name: Commit default if: ${{ !contains(needs.init.outputs.arg1, 'fixup') && !contains(needs.init.outputs.arg1, 'amend') }} + env: + GIT_PATH: ${{ needs.init.outputs.git_path }} run: | - git add '${{ github.workspace }}${{ needs.init.outputs.git_path }}' + git add "${GITHUB_WORKSPACE}${GIT_PATH}" git commit --signoff -m 'chore(assets): Recompile assets' - name: Commit fixup if: ${{ contains(needs.init.outputs.arg1, 'fixup') }} + env: + GIT_PATH: ${{ needs.init.outputs.git_path }} run: | - git add '${{ github.workspace }}${{ needs.init.outputs.git_path }}' + git add "${GITHUB_WORKSPACE}${GIT_PATH}" git commit --fixup=HEAD --signoff - name: Commit amend if: ${{ contains(needs.init.outputs.arg1, 'amend') }} + env: + GIT_PATH: ${{ needs.init.outputs.git_path }} run: | - git add '${{ github.workspace }}${{ needs.init.outputs.git_path }}' + git add "${GITHUB_WORKSPACE}${GIT_PATH}" git commit --amend --no-edit --signoff # Remove any [skip ci] from the amended commit git commit --amend -m "$(git log -1 --format='%B' | sed '/\[skip ci\]/d')" @@ -204,19 +211,25 @@ jobs: if: ${{ !contains(needs.init.outputs.arg1, 'rebase') && !contains(needs.init.outputs.arg1, 'amend') }} env: HEAD_REF: ${{ needs.init.outputs.head_ref }} - run: git push origin "$HEAD_REF" + BOT_TOKEN: ${{ secrets.COMMAND_BOT_PAT }} # zizmor: ignore[secrets-outside-env] + run: | + git remote set-url origin "https://x-access-token:${BOT_TOKEN}@github.com/${{ github.repository }}.git" + git push origin "$HEAD_REF" - name: Force push if: ${{ contains(needs.init.outputs.arg1, 'rebase') || contains(needs.init.outputs.arg1, 'amend') }} env: HEAD_REF: ${{ needs.init.outputs.head_ref }} - run: git push --force-with-lease origin "$HEAD_REF" + BOT_TOKEN: ${{ secrets.COMMAND_BOT_PAT }} # zizmor: ignore[secrets-outside-env] + run: | + git remote set-url origin "https://x-access-token:${BOT_TOKEN}@github.com/${{ github.repository }}.git" + git push --force-with-lease origin "$HEAD_REF" - name: Add reaction on failure uses: peter-evans/create-or-update-comment@e8674b075228eee787fea43ef493e45ece1004c9 # v5.0.0 if: failure() with: - token: ${{ secrets.COMMAND_BOT_PAT }} # zizmor: ignore[secrets-outside-env] + token: ${{ secrets.COMMAND_BOT_PAT }} repository: ${{ github.event.repository.full_name }} comment-id: ${{ github.event.comment.id }} reactions: '-1' diff --git a/.github/workflows/dependabot-approve-merge.yml b/.github/workflows/dependabot-approve-merge.yml index 71261f465d7..dd28a484a4f 100644 --- a/.github/workflows/dependabot-approve-merge.yml +++ b/.github/workflows/dependabot-approve-merge.yml @@ -27,7 +27,7 @@ jobs: if: github.event.pull_request.user.login == 'dependabot[bot]' runs-on: ubuntu-latest-low permissions: - # for hmarr/auto-approve-action to approve PRs + # for auto-approve step to work pull-requests: write # for alexwilson/enable-github-automerge-action to approve PRs contents: write @@ -44,15 +44,22 @@ jobs: with: repo-token: ${{ secrets.GITHUB_TOKEN }} - # GitHub actions bot approve - - uses: hmarr/auto-approve-action@f0939ea97e9205ef24d872e76833fa908a770363 # v4.0.0 - if: startsWith(steps.branchname.outputs.branch, 'dependabot/') + - name: Dependabot metadata + id: metadata + uses: dependabot/fetch-metadata@25dd0e34f4fe68f24cc83900b1fe3fe149efef98 # v3.1.0 with: github-token: ${{ secrets.GITHUB_TOKEN }} + - name: GitHub actions bot approve + if: startsWith(steps.branchname.outputs.branch, 'dependabot/') + run: gh pr review --approve "$PR_URL" + env: + PR_URL: ${{ github.event.pull_request.html_url }} + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + # Enable GitHub auto merge - name: Auto merge - uses: alexwilson/enable-github-automerge-action@56e3117d1ae1540309dc8f7a9f2825bc3c5f06ff # v2.0.0 - if: startsWith(steps.branchname.outputs.branch, 'dependabot/') && (github.event.pull_request.action == 'opened' || github.event.pull_request.action == 'reopened') + uses: alexwilson/enable-github-automerge-action@2c32e18a76e0726ffe7a573bfff2d42a20885126 # 3.0.0 + if: startsWith(steps.branchname.outputs.branch, 'dependabot/') && (github.event.action == 'opened' || github.event.action == 'reopened') && (steps.metadata.outputs.update-type == 'version-update:semver-patch' || steps.metadata.outputs.update-type == 'version-update:semver-minor') with: github-token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/lint-eslint.yml b/.github/workflows/lint-eslint.yml index af1187119ad..73436854651 100644 --- a/.github/workflows/lint-eslint.yml +++ b/.github/workflows/lint-eslint.yml @@ -68,7 +68,7 @@ jobs: fallbackNpm: '^11.3' - name: Set up node ${{ steps.versions.outputs.nodeVersion }} - uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0 + uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0 with: node-version: ${{ steps.versions.outputs.nodeVersion }} diff --git a/.github/workflows/lint-php-cs.yml b/.github/workflows/lint-php-cs.yml index da402086adf..60102e89225 100644 --- a/.github/workflows/lint-php-cs.yml +++ b/.github/workflows/lint-php-cs.yml @@ -34,7 +34,7 @@ jobs: uses: icewind1991/nextcloud-version-matrix@8a7bac6300b2f0f3100088b297995a229558ddba # v1.3.2 - name: Set up php${{ steps.versions.outputs.php-min }} - uses: shivammathur/setup-php@accd6127cb78bee3e8082180cb391013d204ef9f # v2.37.0 + uses: shivammathur/setup-php@7c071dfe9dc99bdf297fa79cb49ea005b9fcadbc # 2.37.1 with: php-version: ${{ steps.versions.outputs.php-min }} extensions: bz2, ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, session, simplexml, xmlreader, xmlwriter, zip, zlib, sqlite, pdo_sqlite diff --git a/.github/workflows/lint-php.yml b/.github/workflows/lint-php.yml index d1eafea62a8..98503725182 100644 --- a/.github/workflows/lint-php.yml +++ b/.github/workflows/lint-php.yml @@ -49,7 +49,7 @@ jobs: persist-credentials: false - name: Set up php ${{ matrix.php-versions }} - uses: shivammathur/setup-php@accd6127cb78bee3e8082180cb391013d204ef9f # v2.37.0 + uses: shivammathur/setup-php@7c071dfe9dc99bdf297fa79cb49ea005b9fcadbc # 2.37.1 with: php-version: ${{ matrix.php-versions }} extensions: bz2, ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, session, simplexml, xmlreader, xmlwriter, zip, zlib, sqlite, pdo_sqlite diff --git a/.github/workflows/node-test.yml b/.github/workflows/node-test.yml index df17e370b7b..5d1d1220915 100644 --- a/.github/workflows/node-test.yml +++ b/.github/workflows/node-test.yml @@ -93,7 +93,7 @@ jobs: run: npm run test:coverage --if-present - name: Collect coverage - uses: codecov/codecov-action@57e3a136b779b570ffcdbf80b3bdc90e7fab3de2 # v6.0.0 + uses: codecov/codecov-action@e79a6962e0d4c0c17b229090214935d2e33f8354 # v6.0.1 with: files: ./coverage/lcov.info diff --git a/.github/workflows/npm-audit-fix.yml b/.github/workflows/npm-audit-fix.yml index c46a1137b63..4d29049376a 100644 --- a/.github/workflows/npm-audit-fix.yml +++ b/.github/workflows/npm-audit-fix.yml @@ -49,7 +49,7 @@ jobs: fallbackNpm: '^11.3' - name: Set up node ${{ steps.versions.outputs.nodeVersion }} - uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0 + uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0 with: node-version: ${{ steps.versions.outputs.nodeVersion }} @@ -71,7 +71,7 @@ jobs: if: steps.checkout.outcome == 'success' uses: peter-evans/create-pull-request@5f6978faf089d4d20b00c7766989d076bb2fc7f1 # v8.1.1 with: - token: ${{ secrets.COMMAND_BOT_PAT }} # zizmor: ignore[secrets-outside-env] + token: ${{ secrets.COMMAND_BOT_PAT }} commit-message: 'fix(deps): Fix npm audit' committer: GitHub author: nextcloud-command diff --git a/.github/workflows/node.yml b/.github/workflows/npm-build.yml similarity index 96% rename from .github/workflows/node.yml rename to .github/workflows/npm-build.yml index 66e3929d66b..0a690d356e4 100644 --- a/.github/workflows/node.yml +++ b/.github/workflows/npm-build.yml @@ -6,7 +6,7 @@ # SPDX-FileCopyrightText: 2021-2024 Nextcloud GmbH and Nextcloud contributors # SPDX-License-Identifier: MIT -name: Node +name: Build Javascript on: pull_request @@ -65,7 +65,7 @@ jobs: fallbackNpm: '^11.3' - name: Set up node ${{ steps.versions.outputs.nodeVersion }} - uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0 + uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0 with: node-version: ${{ steps.versions.outputs.nodeVersion }} diff --git a/.github/workflows/phpunit-mariadb.yml b/.github/workflows/phpunit-mariadb.yml index 3a2389b5791..3edc8f7fcd4 100644 --- a/.github/workflows/phpunit-mariadb.yml +++ b/.github/workflows/phpunit-mariadb.yml @@ -105,7 +105,7 @@ jobs: path: apps/${{ env.APP_NAME }} - name: Set up php ${{ matrix.php-versions }} - uses: shivammathur/setup-php@accd6127cb78bee3e8082180cb391013d204ef9f # v2.37.0 + uses: shivammathur/setup-php@7c071dfe9dc99bdf297fa79cb49ea005b9fcadbc # 2.37.1 with: php-version: ${{ matrix.php-versions }} # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation diff --git a/.github/workflows/phpunit-mysql.yml b/.github/workflows/phpunit-mysql.yml index e0216816f18..fe87c2bd3fc 100644 --- a/.github/workflows/phpunit-mysql.yml +++ b/.github/workflows/phpunit-mysql.yml @@ -103,7 +103,7 @@ jobs: path: apps/${{ env.APP_NAME }} - name: Set up php ${{ matrix.php-versions }} - uses: shivammathur/setup-php@accd6127cb78bee3e8082180cb391013d204ef9f # v2.37.0 + uses: shivammathur/setup-php@7c071dfe9dc99bdf297fa79cb49ea005b9fcadbc # 2.37.1 with: php-version: ${{ matrix.php-versions }} # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation diff --git a/.github/workflows/phpunit-oci.yml b/.github/workflows/phpunit-oci.yml index 5355382658c..7d7afeb35d1 100644 --- a/.github/workflows/phpunit-oci.yml +++ b/.github/workflows/phpunit-oci.yml @@ -115,7 +115,7 @@ jobs: path: apps/${{ env.APP_NAME }} - name: Set up php ${{ matrix.php-versions }} - uses: shivammathur/setup-php@accd6127cb78bee3e8082180cb391013d204ef9f # v2.37.0 + uses: shivammathur/setup-php@7c071dfe9dc99bdf297fa79cb49ea005b9fcadbc # 2.37.1 with: php-version: ${{ matrix.php-versions }} # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation diff --git a/.github/workflows/phpunit-pgsql.yml b/.github/workflows/phpunit-pgsql.yml index 4592e625035..1923ad8e18c 100644 --- a/.github/workflows/phpunit-pgsql.yml +++ b/.github/workflows/phpunit-pgsql.yml @@ -106,7 +106,7 @@ jobs: path: apps/${{ env.APP_NAME }} - name: Set up php ${{ matrix.php-versions }} - uses: shivammathur/setup-php@accd6127cb78bee3e8082180cb391013d204ef9f # v2.37.0 + uses: shivammathur/setup-php@7c071dfe9dc99bdf297fa79cb49ea005b9fcadbc # 2.37.1 with: php-version: ${{ matrix.php-versions }} # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation diff --git a/.github/workflows/phpunit-sqlite.yml b/.github/workflows/phpunit-sqlite.yml index e2e299ab1af..8be2c0c1cfe 100644 --- a/.github/workflows/phpunit-sqlite.yml +++ b/.github/workflows/phpunit-sqlite.yml @@ -95,7 +95,7 @@ jobs: path: apps/${{ env.APP_NAME }} - name: Set up php ${{ matrix.php-versions }} - uses: shivammathur/setup-php@accd6127cb78bee3e8082180cb391013d204ef9f # v2.37.0 + uses: shivammathur/setup-php@7c071dfe9dc99bdf297fa79cb49ea005b9fcadbc # 2.37.1 with: php-version: ${{ matrix.php-versions }} # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation diff --git a/.github/workflows/psalm.yml b/.github/workflows/psalm.yml index d69fd28849c..ff2884e3b59 100644 --- a/.github/workflows/psalm.yml +++ b/.github/workflows/psalm.yml @@ -36,7 +36,7 @@ jobs: run: grep 'phpVersion="${{ steps.versions.outputs.php-min }}' psalm.xml - name: Set up php${{ steps.versions.outputs.php-available }} - uses: shivammathur/setup-php@accd6127cb78bee3e8082180cb391013d204ef9f # v2.37.0 + uses: shivammathur/setup-php@7c071dfe9dc99bdf297fa79cb49ea005b9fcadbc # 2.37.1 with: php-version: ${{ steps.versions.outputs.php-available }} extensions: bz2, ctype, curl, dom, fileinfo, gd, iconv, intl, json, libxml, mbstring, openssl, pcntl, posix, session, simplexml, xmlreader, xmlwriter, zip, zlib, sqlite, pdo_sqlite @@ -52,9 +52,6 @@ jobs: composer remove nextcloud/ocp --dev --no-scripts composer i - - name: Check for vulnerable PHP dependencies - run: composer require --dev roave/security-advisories:dev-latest - - name: Install nextcloud/ocp run: composer require --dev nextcloud/ocp:dev-${{ steps.versions.outputs.branches-max }} --ignore-platform-reqs --with-dependencies diff --git a/.github/workflows/renovate-approve-merge.yml b/.github/workflows/renovate-approve-merge.yml index decbabf29af..c3187c354a4 100644 --- a/.github/workflows/renovate-approve-merge.yml +++ b/.github/workflows/renovate-approve-merge.yml @@ -27,7 +27,7 @@ jobs: if: github.event.pull_request.user.login == 'renovate[bot]' runs-on: ubuntu-latest permissions: - # for hmarr/auto-approve-action to approve PRs + # for auto-approve step to work pull-requests: write # for alexwilson/enable-github-automerge-action to approve PRs contents: write @@ -44,15 +44,16 @@ jobs: with: repo-token: ${{ secrets.GITHUB_TOKEN }} - # GitHub actions bot approve - - uses: hmarr/auto-approve-action@f0939ea97e9205ef24d872e76833fa908a770363 # v4.0.0 + - name: GitHub actions bot approve if: startsWith(steps.branchname.outputs.branch, 'renovate/') - with: - github-token: ${{ secrets.GITHUB_TOKEN }} + run: gh pr review --approve "$PR_URL" + env: + PR_URL: ${{ github.event.pull_request.html_url }} + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Enable GitHub auto merge - name: Auto merge - uses: alexwilson/enable-github-automerge-action@56e3117d1ae1540309dc8f7a9f2825bc3c5f06ff # v2.0.0 - if: startsWith(steps.branchname.outputs.branch, 'renovate/') && (github.event.pull_request.action == 'opened' || github.event.pull_request.action == 'reopened') + uses: alexwilson/enable-github-automerge-action@2c32e18a76e0726ffe7a573bfff2d42a20885126 # 3.0.0 + if: startsWith(steps.branchname.outputs.branch, 'renovate/') && (github.event.action == 'opened' || github.event.action == 'reopened') with: github-token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/update-nextcloud-ocp-approve-merge.yml b/.github/workflows/update-nextcloud-ocp-approve-merge.yml index dfe0ef4e972..88c54da0ab3 100644 --- a/.github/workflows/update-nextcloud-ocp-approve-merge.yml +++ b/.github/workflows/update-nextcloud-ocp-approve-merge.yml @@ -27,7 +27,7 @@ jobs: if: github.actor == 'nextcloud-command' runs-on: ubuntu-latest-low permissions: - # for hmarr/auto-approve-action to approve PRs + # for auto-approve-action to approve PRs pull-requests: write # for alexwilson/enable-github-automerge-action to approve PRs contents: write @@ -44,15 +44,16 @@ jobs: with: repo-token: ${{ secrets.GITHUB_TOKEN }} - # GitHub actions bot approve - - uses: hmarr/auto-approve-action@b40d6c9ed2fa10c9a2749eca7eb004418a705501 # v2 + - name: GitHub actions bot approve if: startsWith(steps.branchname.outputs.branch, 'automated/noid/') && endsWith(steps.branchname.outputs.branch, 'update-nextcloud-ocp') - with: - github-token: ${{ secrets.GITHUB_TOKEN }} + run: gh pr review --approve "$PR_URL" + env: + PR_URL: ${{ github.event.pull_request.html_url }} + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Enable GitHub auto merge - name: Auto merge - uses: alexwilson/enable-github-automerge-action@56e3117d1ae1540309dc8f7a9f2825bc3c5f06ff # v2.0.0 + uses: alexwilson/enable-github-automerge-action@2c32e18a76e0726ffe7a573bfff2d42a20885126 # 3.0.0 if: startsWith(steps.branchname.outputs.branch, 'automated/noid/') && endsWith(steps.branchname.outputs.branch, 'update-nextcloud-ocp') with: github-token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/update-nextcloud-ocp.yml b/.github/workflows/update-nextcloud-ocp.yml index efb5d65007d..ba9f3d70f36 100644 --- a/.github/workflows/update-nextcloud-ocp.yml +++ b/.github/workflows/update-nextcloud-ocp.yml @@ -43,7 +43,7 @@ jobs: - name: Set up php8.2 if: steps.checkout.outcome == 'success' - uses: shivammathur/setup-php@accd6127cb78bee3e8082180cb391013d204ef9f # v2.37.0 + uses: shivammathur/setup-php@7c071dfe9dc99bdf297fa79cb49ea005b9fcadbc # 2.37.1 with: php-version: 8.2 # https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html#prerequisites-for-manual-installation @@ -100,7 +100,7 @@ jobs: if: steps.checkout.outcome == 'success' uses: peter-evans/create-pull-request@5f6978faf089d4d20b00c7766989d076bb2fc7f1 # v8.1.1 with: - token: ${{ secrets.COMMAND_BOT_PAT }} # zizmor: ignore[secrets-outside-env] + token: ${{ secrets.COMMAND_BOT_PAT }} commit-message: 'chore(dev-deps): Bump nextcloud/ocp package' committer: GitHub author: nextcloud-command