tendermint

mirror of https://github.com/tendermint/tendermint.git synced 2026-01-07 13:55:17 +00:00

Author	SHA1	Message	Date
Thane Thomson	160a33fdb1	ci: Only allow automated security-related dependency updates on release branches (#9600 ) At present we allow automated dependency updates on release branches via Dependabot. This seems fine for `main`, but is risky for release branches. This PR enables _daily_ checks for security-related dependency updates on release branches, but only performs automated non-security-related updates for `main` (weekly). --- #### PR checklist - [x] Tests written/updated, or no tests needed - [x] `CHANGELOG_PENDING.md` updated, or no changelog entry needed - [x] Updated relevant documentation (`docs/`) and code comments, or no documentation updates needed	2022-10-26 21:02:42 +00:00
Thane Thomson	10f3626e6f	ci: Only allow automated security-related updates until v0.37.0 release (#9430 ) As per discussion with @sergio-mena, this should disable all automated dependency updates that are not security-related. We should make this part of our standard practice when cutting new major releases, given that our QA process for major releases is expensive at present and we cannot re-run it for every dependency update. Once we have cut a final major release, we can consider re-enabling automated dependency updates here that can be rolled out in minor releases. Signed-off-by: Thane Thomson <connect@thanethomson.com> Signed-off-by: Thane Thomson <connect@thanethomson.com>	2022-09-13 16:46:34 -04:00
Thane Thomson	bdf0217bd8	ci: Prepare for v0.37 release branch (#9338 ) * Add nightly E2E tests on v0.37.x branch Signed-off-by: Thane Thomson <connect@thanethomson.com> * Add mergify config to backport to v0.37.x Signed-off-by: Thane Thomson <connect@thanethomson.com> * Update dependabot config for v0.37.x Signed-off-by: Thane Thomson <connect@thanethomson.com> Signed-off-by: Thane Thomson <connect@thanethomson.com>	2022-08-30 22:53:12 -04:00
Thane Thomson	85636f6a00	Prepare `main` to become new default branch (#9095 ) * Update Makefile with changes from #7372 Signed-off-by: Thane Thomson <connect@thanethomson.com> * Sync main GitHub config with master and update Signed-off-by: Thane Thomson <connect@thanethomson.com> * Remove unnecesary dot folders Signed-off-by: Thane Thomson <connect@thanethomson.com> * Sync dotfiles Signed-off-by: Thane Thomson <connect@thanethomson.com> * Remove unused Jepsen tests for now Signed-off-by: Thane Thomson <connect@thanethomson.com> * tools: remove k8s (#6625) Remove mintnet as discussed on team call. closes #1941 * Restore nightly fuzz testing of P2P addrbook and pex Signed-off-by: Thane Thomson <connect@thanethomson.com> * Fix YAML lints Signed-off-by: Thane Thomson <connect@thanethomson.com> * Fix YAML formatting nits Signed-off-by: Thane Thomson <connect@thanethomson.com> * More YAML nits Signed-off-by: Thane Thomson <connect@thanethomson.com> * github: fix linter configuration errors and occluded errors (#6400) * Minor fixes to OpenAPI spec to sync with structs on main Signed-off-by: Thane Thomson <connect@thanethomson.com> * Remove .github/auto-comment.yml - does not appear to be used Signed-off-by: Thane Thomson <connect@thanethomson.com> * Add issue config with link to discussions Signed-off-by: Thane Thomson <connect@thanethomson.com> * Adjust issue/PR templates to suit current process Signed-off-by: Thane Thomson <connect@thanethomson.com> * Remove unused RC branch config from release workflow Signed-off-by: Thane Thomson <connect@thanethomson.com> * Fix wildcard matching in build jobs config Signed-off-by: Thane Thomson <connect@thanethomson.com> * Document markdownlint config Signed-off-by: Thane Thomson <connect@thanethomson.com> * Restore manual E2E test group config Signed-off-by: Thane Thomson <connect@thanethomson.com> * Document linter workflow with local execution instructions Signed-off-by: Thane Thomson <connect@thanethomson.com> * Document and fix minor nit in Super-Linter markdownlint config Signed-off-by: Thane Thomson <connect@thanethomson.com> * Update .github/ISSUE_TEMPLATE/bug-report.md Co-authored-by: William Banfield <4561443+williambanfield@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: William Banfield <4561443+williambanfield@users.noreply.github.com> * Update pull request template to add language around discussions/issues Signed-off-by: Thane Thomson <connect@thanethomson.com> * .golangci.yml: Deleted commented-out lines Signed-off-by: Thane Thomson <connect@thanethomson.com> * ci: Drop "-2" from e2e-nightly-fail workflow Signed-off-by: Thane Thomson <connect@thanethomson.com> * Address triviality concern in PR template Signed-off-by: Thane Thomson <connect@thanethomson.com> Co-authored-by: Marko <marbar3778@yahoo.com> Co-authored-by: Sam Kleinman <garen@tychoish.com> Co-authored-by: William Banfield <4561443+williambanfield@users.noreply.github.com>	2022-07-29 15:20:03 -04:00
M. J. Fromberger	b06540b5ff	Remove backport-specific Dependabot config (v0.34.x). (#8519 ) After #8518, this separate configuration is no longer needed. The master copy will target updates to this branch.	2022-05-13 08:09:42 -07:00
Callum Waters	5ee2ada942	.github: remove erik as reviewer from dependapot (#6076 )	2021-02-11 17:29:52 +01:00
Marko	913f5010c8	add dependabot config (#5243 ) ## Description This also adds dependabot for github actions Closes: #XXX	2020-08-13 15:07:50 +00:00

7 Commits