Commit Graph

564 Commits (59e2c5a40c655a667690fc2df231300aef02e586)

Author SHA1 Message Date
Jason Ish 40503f6602 github-ci: fix new authors check
Shortly after minimizing the new authors check to one workflow, github
released an action update that required more permissions due to an
attack scenario, which didn't really apply to us as we didn't run code
from the remotes fork.

However, to avoid extending permissions, rework the authors check to
pull the OISF repo, checkout the PR fork as history, then do the new
authors check. This safely allows the check to run in the context of our
repo without the fork being able to inject code execution.
5 days ago
dependabot[bot] 6cbf511f65 github-actions: bump github/codeql-action/upload-sarif
Bumps [github/codeql-action/upload-sarif](https://github.com/github/codeql-action) from eda5730a8bfb740e03a28087a958444c646e5842 to 1f34ec16430d82636d18716acc7aaa6d843b35a9.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](eda5730a8b...1f34ec1643)

---
updated-dependencies:
- dependency-name: github/codeql-action/upload-sarif
  dependency-version: 1f34ec16430d82636d18716acc7aaa6d843b35a9
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
1 week ago
dependabot[bot] 8002b59993 github-actions: bump actions/checkout from 6.0.2 to 7.0.0
Bumps [actions/checkout](https://github.com/actions/checkout) from 6.0.2 to 7.0.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Commits](https://github.com/actions/checkout/compare/v6.0.2...v7)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: 7.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
1 week ago
dependabot[bot] 0a2b024317 github-actions: bump vmactions/freebsd-vm from 1.4.6 to 1.5.0
Bumps [vmactions/freebsd-vm](https://github.com/vmactions/freebsd-vm) from 1.4.6 to 1.5.0.
- [Release notes](https://github.com/vmactions/freebsd-vm/releases)
- [Commits](a6de9343ef...5a72679103)

---
updated-dependencies:
- dependency-name: vmactions/freebsd-vm
  dependency-version: 1.5.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
1 week ago
dependabot[bot] 7a419071c8 github-actions: bump actions/cache from 5 to 6
Bumps [actions/cache](https://github.com/actions/cache) from 5 to 6.
- [Release notes](https://github.com/actions/cache/releases)
- [Commits](https://github.com/actions/cache/compare/v5...v6)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
1 week ago
Lukas Sismis 376db8fc6b ci: upgrade FreeBSD Python package to 3.12
FreeBSD upgraded the default Python package to 3.12.
With that the pip packages also updated to the new
version.
2 weeks ago
Philippe Antoine 399ee1e360 ci: check multi uint keywords
Ticket: 7929
2 weeks ago
Jason Ish 26cf56bf54 github-ci: consolidate new authors check into a single workflow
Replace the two-workflow pattern (authors.yml + authors-done.yml) with a
single pull_request_target workflow.

I'm not sure this was possible when this job was originally created, but
apparently it is now.
3 weeks ago
Victor Julien 1eff94f2b2 github-ci: add gcc analyzer build
Make sure to not run against lua rust crate build, as it's not clean.
4 weeks ago
dependabot[bot] 39688a6252 github-actions: bump codecov/codecov-action from 6.0.1 to 7.0.0
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 6.0.1 to 7.0.0.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](e79a6962e0...fb8b3582c8)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-version: 7.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
1 month ago
dependabot[bot] 6150d61d79 github-actions: bump github/codeql-action from 4.36.1 to 4.36.2
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.36.1 to 4.36.2.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Commits](https://github.com/github/codeql-action/compare/v4.36.1...v4.36.2)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 4.36.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
1 month ago
dependabot[bot] 0eda09f302 github-actions: bump codecov/codecov-action from 6.0.0 to 6.0.1
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 6.0.0 to 6.0.1.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](57e3a136b7...e79a6962e0)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-version: 6.0.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
1 month ago
dependabot[bot] aa24d7022b github-actions: bump github/codeql-action from 4.35.3 to 4.36.1
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.35.3 to 4.36.1.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Commits](https://github.com/github/codeql-action/compare/v4.35.3...v4.36.1)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 4.36.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
1 month ago
dependabot[bot] 87a1521019 github-actions: bump actions/checkout from 6.0.2 to 6.0.3
Bumps [actions/checkout](https://github.com/actions/checkout) from 6.0.2 to 6.0.3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Commits](https://github.com/actions/checkout/compare/v6.0.2...v6.0.3)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: 6.0.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
1 month ago
dependabot[bot] 9febbf6149 github-actions: bump vmactions/freebsd-vm from 1.4.5 to 1.4.6
Bumps [vmactions/freebsd-vm](https://github.com/vmactions/freebsd-vm) from 1.4.5 to 1.4.6.
- [Release notes](https://github.com/vmactions/freebsd-vm/releases)
- [Commits](d1e6581156...a6de9343ef)

---
updated-dependencies:
- dependency-name: vmactions/freebsd-vm
  dependency-version: 1.4.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
1 month ago
Philippe Antoine c8a86cdffa ci: move rustfmt to a helper script 1 month ago
Jason Ish 7ec82740cd github-ci: cancel previous nix workflow for branch
On push, cancel previous nix workflows for the same branch.
1 month ago
Jason Ish c0fd86f5b6 github-ci: close PRs updated after being opened
Enforce our policy of requiring a new pull request whenever changes are
made to an existing one. On any push to an open, non-draft pull request
the workflow comments with the policy and closes the pull request.
1 month ago
Jason Ish 3806bf4260 util-time: relocate timestamp format unit test from log-cf-common
log-cf-common is not longer needed with the removal of http-log, but this test
is still valid, so move until util-time.
1 month ago
Victor Julien 781bd5184e clang-format: support clang 17
Update Github CI runner to use it.

Bump to Ubuntu 24.04 as well.
1 month ago
Philippe Antoine 73193c7e6a rust: format pgsql files
Ticket: 3836
1 month ago
Philippe Antoine 3bfe6cf4b9 rust: format nfs files
Ticket: 3836
1 month ago
Jason Ish f269e22b67 github-ci: add coverage reporting for the rust example plugin
Should help reporting coverage on the ffi wrappers only used by plugins.
1 month ago
Philippe Antoine 07112bc7ae rust: format mqtt files
Ticket: 3836
1 month ago
Philippe Antoine 844f2effa3 rust: format modbus files
Ticket: 3836
1 month ago
Philippe Antoine db019ebefe rust: format ike files
Ticket: 3836
1 month ago
Philippe Antoine bcc1e6ae32 rust: format http2 files
Ticket: 3836
2 months ago
Philippe Antoine a35760db9b rust: enforce already formatted directories in CI 2 months ago
Philippe Antoine 1070e733d8 rust: format websocket files
Ticket: 3836
2 months ago
Philippe Antoine 89e5332d88 rust: format utils files
Ticket: 3836
2 months ago
Philippe Antoine edf29b0000 rust: format ssh files
Ticket: 3836
2 months ago
Philippe Antoine fe27a2159c rust: format rfb files
Ticket: 3836
2 months ago
Philippe Antoine 5cca346f16 rust: format quic files
Ticket: 3836
2 months ago
Philippe Antoine 415360d9e8 rust: format ntp files
Ticket: 3836
2 months ago
Philippe Antoine fa864f9c2f rust: format mime files
Ticket: 3836
2 months ago
Philippe Antoine 2cfcaec1b0 rust: format ldap files
Ticket: 3836
2 months ago
Philippe Antoine 64e7c671cc rust: format ftp files
Ticket: 3836
2 months ago
Philippe Antoine f217e249cb rust: format ffi files
Ticket: 3836
2 months ago
Philippe Antoine f7c14809f4 rust: format enip files
Ticket: 3836
2 months ago
Philippe Antoine e526eb8e2b rust: format bittorrent_dht files
Ticket: 3836
2 months ago
Philippe Antoine f5ac0e201c rust: format asn1 files
Ticket: 3836
2 months ago
Philippe Antoine 1ced97bdbb rust: format applayertemplate files
Ticket: 3836
2 months ago
Jason Ish 57f76a2462 github-ci: update Fedora builds to Fedora 44 2 months ago
Victor Julien 95b7f2b998 scan-build: support taint filtering
Support scan-build's taint filtering logic. Adds a yaml config to mark
a dedicated debug validation function as filtering a taint.

Use to suppress warnings in reference, threshold and classification file
handling.

Ticket: #3153.
2 months ago
Victor Julien fbaaa9dcae github-actions: update scan-build to clang-22
Run it on Ubuntu 26.04.

Update enabled checkers.

Ticket: #3153.
2 months ago
Lukas Sismis 7b0afb3bbd github-ci: add FreeBSD build test
Expand the Github-CI build coverage by adding another OS that
Suricata targets.

Ticket: 8487
2 months ago
Jason Ish aa4946547b github-ci: check formatting and clippy on example rust plugin 2 months ago
Philippe Antoine 5bbe99188b ci: update rust version to 1.95 2 months ago
Philippe Antoine 891b17277e ci: check dist rules
So that we catch if we add a typo like
app-layer-event:snmp.version_mismatchZZZ;
2 months ago
dependabot[bot] 98979dbfe9 github-actions: bump actions/github-script from 8.0.0 to 9.0.0
Bumps [actions/github-script](https://github.com/actions/github-script) from 8.0.0 to 9.0.0.
- [Release notes](https://github.com/actions/github-script/releases)
- [Commits](ed597411d8...3a2844b7e9)

---
updated-dependencies:
- dependency-name: actions/github-script
  dependency-version: 9.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2 months ago