diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..cad22b2 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,16 @@ +version: 2 +updates: + + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "daily" + assignees: + - "alexandreteles" + + - package-ecosystem: "pip" + directory: "/" + schedule: + interval: "daily" + assignees: + - "alexandreteles" diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml new file mode 100644 index 0000000..2cebbb0 --- /dev/null +++ b/.github/workflows/codeql.yml @@ -0,0 +1,55 @@ +name: "CodeQL" + +on: + pull_request: + branches: [ "dev" ] + workflow_dispatch: + +env: + default_branch: dev + +jobs: + analyze: + name: Analyze + runs-on: ubuntu-latest + permissions: + actions: read + contents: read + security-events: write + + strategy: + fail-fast: false + matrix: + language: [ 'python' ] + + steps: + - name: Checkout repository + uses: actions/checkout@v3 + with: + ref: ${{ env.default_branch }} + + - name: Set up Python + uses: actions/setup-python@v4 + with: + python-version: '3.11.3' + - name: Install dependencies + run: | + python -m pip install --upgrade pip + if [ -f requirements.txt ]; + then pip install -r requirements.txt; + fi + echo "CODEQL_PYTHON=$(which python)" >> $GITHUB_ENV + + - name: Initialize CodeQL + uses: github/codeql-action/init@v2 + with: + languages: ${{ matrix.language }} + setup-python-dependencies: false + + - name: Autobuild + uses: github/codeql-action/autobuild@v2 + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v2 + with: + category: "/language:${{matrix.language}}" diff --git a/.github/workflows/mypy.yml b/.github/workflows/mypy.yml new file mode 100644 index 0000000..b70c77e --- /dev/null +++ b/.github/workflows/mypy.yml @@ -0,0 +1,26 @@ +name: MyPy + +on: + pull_request: + branches: [ "dev" ] + workflow_dispatch: + +jobs: + mypy: + runs-on: ubuntu-latest + steps: + - name: Setup Python + uses: actions/setup-python@v4 + with: + python-version: 3.11.3 + architecture: x64 + - name: Checkout + uses: actions/checkout@v3 + - name: Install mypy + run: pip install mypy + - name: Run mypy + uses: sasanquaneuf/mypy-github-action@main + with: + checkName: 'mypy' + env: + GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml new file mode 100644 index 0000000..03faef2 --- /dev/null +++ b/.pre-commit-config.yaml @@ -0,0 +1,35 @@ +repos: +- repo: https://github.com/pre-commit/pre-commit-hooks + rev: v3.2.0 + hooks: + - id: trailing-whitespace + - id: end-of-file-fixer + - id: check-yaml + - id: check-added-large-files + - id: check-docstring-first + - id: debug-statements + - id: double-quote-string-fixer + - id: name-tests-test + - id: requirements-txt-fixer + - id: pretty-format-json + - id: check-toml + - id: check-merge-conflict + - id: double-quote-string-fixer +- repo: https://github.com/asottile/reorder_python_imports + rev: v3.9.0 + hooks: + - id: reorder-python-imports +- repo: https://github.com/psf/black + rev: 23.3.0 + hooks: + - id: black + language_version: python3.9 +- repo: https://github.com/iamthefij/docker-pre-commit + rev: master + hooks: + - id: docker-compose-check +- repo: https://github.com/pryorda/dockerfilelint-precommit-hooks + rev: v0.1.0 + hooks: + - id: dockerfilelint + stages: [commit] diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 0000000..a96b0b4 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,11 @@ +# Security Policy + +## Supported Tags + +| Tag | ReVanced Version | +| ------- | ------------------ | +| latest | latest upstream | + +## Reporting a Vulnerability + +To report a vulnerability, please open an Issue in our issue tracker here on GitHub.