Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Boa Constrictor 1.2.1-alpha (nuget-push.yml fix, Gemfile security update) #115

Merged
merged 3 commits into from
Jul 15, 2021
Merged

Boa Constrictor 1.2.1-alpha (nuget-push.yml fix, Gemfile security update) #115

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
307195a
Removed INCLUDE_SYMBOLS from nuget-push.yml
AndyLPK247 Jul 15, 2021
a587439
Gemfile: required addressable >= 2.8.0 to fix security vulnerability
AndyLPK247 Jul 15, 2021
586d6a0
Updated changelog
AndyLPK247 Jul 15, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 0 additions & 3 deletions .github/workflows/nuget-push.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,3 @@ jobs:

# NuGet server uri hosting the packages, defaults to https://api.nuget.org
NUGET_SOURCE: https://api.nuget.org

Copy link

@AraHaan AraHaan Jul 15, 2021
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

With this I think you should instead pin the action to my fork of publish-nuget which is Elskom/publish-nuget. But to use it's edits you would have to have it reference the main branch.

However doing that would require using this action first:

      - name: Restore, Build, test, and pack
        uses: Elskom/build-dotnet@main
        with:
          TEST: true # provided you got unit tests you want to run.

This is because during all the patches I implemented together from the original publish-nuget the only way I could properly make it work was to split all the .NET Command line stuff (other then the ones required for dotnet nuget push) into a separate action.

Also note: when you are still using the original action, it will probably try to override the value to include the symbol packages that is set in the csproj so I think the proper fix is to:

  • wait for the PR to fix it is merged in the original action's repository
  • use the fork I mentioned above (which includes other fixes like file globbing support so publishing multiple packages is done in a single invoke of an action)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks! I'll try this pull request first, and if it doesn't work, I'll try your suggestion.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I tried using your suggestion, but I can't get it working, and I can't figure it out:
https://github.com/q2ebanking/boa-constrictor/runs/3079018775?check_suite_focus=true

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I can help you as soon as I get home with a followup pr.

# Flag to toggle pushing symbols along with nuget package to the server, disabled by default
INCLUDE_SYMBOLS: true
2 changes: 1 addition & 1 deletion Boa.Constrictor/Boa.Constrictor.csproj
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

<PropertyGroup>
<TargetFrameworks>net5.0;netstandard2.0</TargetFrameworks>
<Version>1.2.0</Version>
<Version>1.2.1-alpha</Version>
<Authors>Pandy Knight and the PrecisionLender SETs</Authors>
<Company>PrecisionLender, a Q2 Company</Company>
<Title>Boa Constrictor</Title>
Expand Down
9 changes: 9 additions & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,15 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
(None)


## [1.2.1-alpha] - 2021-07-14

### Fixed

- Removed `INCLUDE_SYMBOLS` from `nuget-push.yml` to fix NuGet publishing error
- See https://github.com/brandedoutcast/publish-nuget/pull/62#issuecomment-860327648
- Gemfile: required `addressable >= 2.8.0` to fix security vulnerability


## [1.2.0] - 2021-06-10

### Added
Expand Down
1 change: 1 addition & 0 deletions docs/Gemfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@ source "https://rubygems.org"
# uncomment the line below. To upgrade, run `bundle update github-pages`.
# gem "github-pages", group: :jekyll_plugins
gem "github-pages", "~> 215", group: :jekyll_plugins
gem "addressable", ">= 2.8.0"
gem "jekyll-seo-tag", group: :jekyll_plugins
gem "jekyll-include-cache", group: :jekyll_plugins
gem "jekyll-remote-theme", group: :jekyll_plugins
Expand Down
23 changes: 14 additions & 9 deletions docs/Gemfile.lock
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,13 +1,13 @@
GEM
remote: https://rubygems.org/
specs:
activesupport (6.0.3.7)
activesupport (6.0.4)
concurrent-ruby (~> 1.0, >= 1.0.2)
i18n (>= 0.7, < 2)
minitest (~> 5.1)
tzinfo (~> 1.1)
zeitwerk (~> 2.2, >= 2.2.2)
addressable (2.7.0)
addressable (2.8.0)
public_suffix (>= 2.0.2, < 5.0)
coffee-script (2.4.1)
coffee-script-source
Expand All @@ -16,8 +16,8 @@ GEM
colorator (1.1.0)
commonmarker (0.17.13)
ruby-enum (~> 0.5)
concurrent-ruby (1.1.8)
dnsruby (1.61.5)
concurrent-ruby (1.1.9)
dnsruby (1.61.7)
simpleidn (~> 0.1)
em-websocket (0.5.2)
eventmachine (>= 0.12.9)
Expand All @@ -26,20 +26,24 @@ GEM
ffi (>= 1.15.0)
eventmachine (1.2.7-x64-mingw32)
execjs (2.8.1)
faraday (1.4.2)
faraday (1.5.1)
faraday-em_http (~> 1.0)
faraday-em_synchrony (~> 1.0)
faraday-excon (~> 1.1)
faraday-httpclient (~> 1.0.1)
faraday-net_http (~> 1.0)
faraday-net_http_persistent (~> 1.1)
faraday-patron (~> 1.0)
multipart-post (>= 1.2, < 3)
ruby2_keywords (>= 0.0.4)
faraday-em_http (1.0.0)
faraday-em_synchrony (1.0.0)
faraday-excon (1.1.0)
faraday-httpclient (1.0.1)
faraday-net_http (1.0.1)
faraday-net_http_persistent (1.1.0)
ffi (1.15.0-x64-mingw32)
faraday-net_http_persistent (1.2.0)
faraday-patron (1.0.0)
ffi (1.15.3-x64-mingw32)
forwardable-extended (2.6.0)
gemoji (3.0.1)
github-pages (215)
Expand Down Expand Up @@ -230,15 +234,15 @@ GEM
forwardable-extended (~> 2.6)
public_suffix (4.0.6)
racc (1.5.2)
rb-fsevent (0.10.4)
rb-fsevent (0.11.0)
rb-inotify (0.10.1)
ffi (~> 1.0)
rexml (3.2.5)
rouge (3.26.0)
ruby-enum (0.9.0)
i18n
ruby2_keywords (0.0.4)
rubyzip (2.3.0)
rubyzip (2.3.2)
safe_yaml (1.0.5)
sass (3.7.4)
sass-listen (~> 4.0.0)
Expand Down Expand Up @@ -270,6 +274,7 @@ PLATFORMS
x64-mingw32

DEPENDENCIES
addressable (>= 2.8.0)
github-pages (~> 215)
jekyll-feed
jekyll-include-cache
Expand Down