diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 80087d9..14bfb47 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -19,7 +19,7 @@ permissions: jobs: validation: - uses: mokoconsulting-tech/MokoStandards/.github/workflows/reusable-ci-validation.yml@v1 + uses: mokoconsulting-tech/MokoStandards/.github/workflows/reusable-ci-validation.yml@main with: validation-scripts-path: 'scripts/validate' secrets: inherit diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 43d3f5b..7b0b5e6 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -47,7 +47,7 @@ jobs: steps: - name: Checkout Repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Dependency Review uses: actions/dependency-review-action@v4 @@ -77,22 +77,33 @@ jobs: composer-audit: name: Composer Audit runs-on: ubuntu-latest - if: hashFiles('composer.json') != '' steps: - name: Checkout Repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 + + - name: Check for composer.json + id: check-composer + run: | + if [ -f "composer.json" ]; then + echo "exists=true" >> $GITHUB_OUTPUT + else + echo "exists=false" >> $GITHUB_OUTPUT + fi - name: Setup PHP + if: steps.check-composer.outputs.exists == 'true' uses: shivammathur/setup-php@v2 with: php-version: '8.1' tools: composer:v2 - name: Install Dependencies + if: steps.check-composer.outputs.exists == 'true' run: composer install --no-interaction --prefer-dist - name: Run Composer Audit + if: steps.check-composer.outputs.exists == 'true' run: | echo "### Composer Audit Results" >> $GITHUB_STEP_SUMMARY @@ -105,29 +116,48 @@ jobs: fi - name: Check for Outdated Packages + if: steps.check-composer.outputs.exists == 'true' run: | echo "" >> $GITHUB_STEP_SUMMARY echo "### Outdated Composer Packages" >> $GITHUB_STEP_SUMMARY composer outdated --direct || echo "All packages are up to date" >> $GITHUB_STEP_SUMMARY + + - name: Skip Composer Audit + if: steps.check-composer.outputs.exists == 'false' + run: | + echo "### Composer Audit Results" >> $GITHUB_STEP_SUMMARY + echo "ℹ️ No composer.json found - skipping Composer audit" >> $GITHUB_STEP_SUMMARY python-safety: name: Python Safety Check runs-on: ubuntu-latest - if: hashFiles('requirements.txt', 'pyproject.toml', 'Pipfile') != '' steps: - name: Checkout Repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 + + - name: Check for Python dependency files + id: check-python + run: | + if [ -f "requirements.txt" ] || [ -f "pyproject.toml" ] || [ -f "Pipfile" ]; then + echo "exists=true" >> $GITHUB_OUTPUT + else + echo "exists=false" >> $GITHUB_OUTPUT + fi - name: Setup Python uses: actions/setup-python@v6 + if: steps.check-python.outputs.exists == 'true' + uses: actions/setup-python@v5 with: python-version: '3.11' - name: Install Safety + if: steps.check-python.outputs.exists == 'true' run: pip install safety - name: Run Safety Check + if: steps.check-python.outputs.exists == 'true' run: | echo "### Python Safety Check Results" >> $GITHUB_STEP_SUMMARY @@ -145,6 +175,12 @@ jobs: else echo "ℹ️ No requirements.txt found" >> $GITHUB_STEP_SUMMARY fi + + - name: Skip Python Safety Check + if: steps.check-python.outputs.exists == 'false' + run: | + echo "### Python Safety Check Results" >> $GITHUB_STEP_SUMMARY + echo "ℹ️ No Python dependency files found - skipping Python safety check" >> $GITHUB_STEP_SUMMARY license-check: name: License Compliance Check @@ -152,7 +188,7 @@ jobs: steps: - name: Checkout Repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Check License File run: | diff --git a/.github/workflows/joomla_testing.yml b/.github/workflows/joomla_testing.yml index eb9705d..7d649ae 100644 --- a/.github/workflows/joomla_testing.yml +++ b/.github/workflows/joomla_testing.yml @@ -17,7 +17,7 @@ permissions: jobs: testing: - uses: mokoconsulting-tech/MokoStandards/.github/workflows/reusable-joomla-testing.yml@v1 + uses: mokoconsulting-tech/MokoStandards/.github/workflows/reusable-joomla-testing.yml@main with: php-versions: '["8.0", "8.1", "8.2", "8.3"]' joomla-versions: '["4.4", "5.0", "5.1"]' diff --git a/.github/workflows/php_quality.yml b/.github/workflows/php_quality.yml index 720e1fd..3e8cec8 100644 --- a/.github/workflows/php_quality.yml +++ b/.github/workflows/php_quality.yml @@ -19,7 +19,7 @@ permissions: jobs: quality: - uses: mokoconsulting-tech/MokoStandards/.github/workflows/reusable-php-quality.yml@v1 + uses: mokoconsulting-tech/MokoStandards/.github/workflows/reusable-php-quality.yml@main with: php-versions: '["8.0", "8.1", "8.2", "8.3"]' php-extensions: 'mbstring, xml, ctype, json, zip' diff --git a/.github/workflows/release_pipeline.yml b/.github/workflows/release_pipeline.yml index f532151..9a5cfe7 100644 --- a/.github/workflows/release_pipeline.yml +++ b/.github/workflows/release_pipeline.yml @@ -51,7 +51,7 @@ jobs: steps: - name: Checkout (best effort) - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: fetch-depth: 1 @@ -260,7 +260,7 @@ jobs: steps: - name: Checkout source branch - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: ref: ${{ needs.guard.outputs.source_branch }} fetch-depth: 0 @@ -344,7 +344,7 @@ jobs: steps: - name: Checkout promoted branch - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: ref: ${{ needs.guard.outputs.promoted_branch }} fetch-depth: 0 @@ -461,7 +461,7 @@ jobs: steps: - name: Checkout promoted branch - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: ref: ${{ needs.guard.outputs.promoted_branch }} fetch-depth: 0 @@ -971,7 +971,7 @@ jobs: steps: - name: Checkout main - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: ref: main fetch-depth: 0 @@ -1039,7 +1039,7 @@ jobs: steps: - name: Checkout tag - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: ref: ${{ github.ref_name }} fetch-depth: 1 diff --git a/.github/workflows/standards-compliance.yml b/.github/workflows/standards-compliance.yml index a6a4354..cb31ad7 100644 --- a/.github/workflows/standards-compliance.yml +++ b/.github/workflows/standards-compliance.yml @@ -54,7 +54,7 @@ jobs: steps: - name: Checkout Repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Check Required Directories run: | @@ -108,7 +108,7 @@ jobs: steps: - name: Checkout Repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Validate README.md run: | @@ -172,7 +172,7 @@ jobs: steps: - name: Checkout Repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Check for Tab Characters run: | @@ -246,7 +246,7 @@ jobs: steps: - name: Checkout Repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Check SPDX Headers run: | @@ -304,7 +304,7 @@ jobs: steps: - name: Checkout Repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: fetch-depth: 0 @@ -352,7 +352,7 @@ jobs: steps: - name: Checkout Repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Check Required Workflows run: | diff --git a/.github/workflows/version_branch.yml b/.github/workflows/version_branch.yml index 577ec15..dd45cc2 100644 --- a/.github/workflows/version_branch.yml +++ b/.github/workflows/version_branch.yml @@ -68,7 +68,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: fetch-depth: 0 ref: ${{ github.ref_name }}