shadowfacts/fonttools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
11,519 Commits 1 Branch 0 Tags
Commit Graph

67 Commits

Author SHA1 Message Date
Cosimo Lupo
81efdb8b6c
CI: test on 3.8 and 3.11, no longer 3.7 2022-11-03 11:22:30 +00:00
Cosimo Lupo
e8efe9817e
Explicitly add codecov token to action, see codecov/codecov-action#557 
Fixes #2763
 2022-09-20 10:33:50 +01:00
Cosimo Lupo
b3a5b1b8ad
Merge pull request #2683 from fonttools/dependabot/github_actions/actions/setup-python-4 
build(deps): bump actions/setup-python from 3 to 4
 2022-07-06 11:17:26 +01:00
dependabot[bot]
ef82649c2d
build(deps): bump actions/setup-python from 3 to 4 
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 3 to 4.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](https://github.com/actions/setup-python/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-07-06 09:58:50 +00:00
dependabot[bot]
5e7ce0a725
build(deps): bump codecov/codecov-action from 2 to 3 
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 2 to 3.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/master/CHANGELOG.md)
- [Commits](https://github.com/codecov/codecov-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-07-06 09:58:48 +00:00
nathannaveen
83f69028a3 chore: Set permissions for GitHub actions 
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.

- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)

Signed-off-by: nathannaveen <42319948+nathannaveen@users.noreply.github.com>
 2022-06-23 00:58:26 +00:00
Nikolaus Waxweiler
2ff36bcef8 Test Cython on Python 3.10 2022-04-26 11:19:28 +01:00
Nikolaus Waxweiler
82319c31fa Test on 3.7 and 3.10 only 2022-04-26 11:16:58 +01:00
Nikolaus Waxweiler
40015efe60 Update GitHub Actions 2022-04-26 11:16:49 +01:00
Cosimo Lupo
c194a18be7 update codecov gh action to v2 
apparently v1 is deprecated now
https://github.com/codecov/codecov-action#%EF%B8%8F--deprecration-of-v1

hopefully fixes #2435
 2021-10-25 17:29:50 +02:00
Cosimo Lupo
91d7877420 ci: pin python to 3.9 for test-cython job 
at least until scipy is not available for 3.10, or else it fails with

https://github.com/fonttools/fonttools/runs/3997161938?check_suite_focus=true#step:5:23
 2021-10-25 16:33:44 +02:00
Cosimo Lupo
37b2687a9b test on latest pypy that supports python 3.7 2021-09-27 14:37:20 +02:00
Cosimo Lupo
64299aa4b1 drop Python 3.6, require >= 3.7 
3.10 is out next week, while 3.6 reaches end of life by the end of this year.
It's time to require 3.7 or greater, so we can finally use built-in dataclasses and more.

Fixes https://github.com/fonttools/fonttools/issues/2350
 2021-09-27 13:21:08 +02:00
Cosimo Lupo
b77d520b48
remame 'master' -> 'main' in worflows/test.yml 2021-02-18 15:39:52 +00:00
Cosimo Lupo
8f50e22278
test.workflow: respect 'skip ci' 2020-12-16 11:56:12 +00:00
Cosimo Lupo
4af216dde4
publish.yml: fix tag pattern 
we don't use the leading 'v' for fonttools tags
 2020-12-04 19:32:05 +00:00
Nikolaus Waxweiler
018a798fdd Add GitHub Actions integration 2020-11-20 10:06:27 +00:00