From 3b64a37585ca44b5d7dbecb5904bac8bc3f5f202 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 9 Jan 2026 03:30:50 +0000 Subject: [PATCH 1/3] chore(deps)(deps): bump actions/checkout from 4 to 6 Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 6. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v4...v6) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/dependency-review.yml | 8 ++++---- .github/workflows/release_pipeline.yml | 12 ++++++------ .github/workflows/standards-compliance.yml | 12 ++++++------ .github/workflows/version_branch.yml | 2 +- 4 files changed, 17 insertions(+), 17 deletions(-) diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 8f3d3ac..c231948 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -47,7 +47,7 @@ jobs: steps: - name: Checkout Repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Dependency Review uses: actions/dependency-review-action@v4 @@ -81,7 +81,7 @@ jobs: steps: - name: Checkout Repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Setup PHP uses: shivammathur/setup-php@v2 @@ -117,7 +117,7 @@ jobs: steps: - name: Checkout Repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Setup Python uses: actions/setup-python@v5 @@ -152,7 +152,7 @@ jobs: steps: - name: Checkout Repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Check License File run: | diff --git a/.github/workflows/release_pipeline.yml b/.github/workflows/release_pipeline.yml index f532151..9a5cfe7 100644 --- a/.github/workflows/release_pipeline.yml +++ b/.github/workflows/release_pipeline.yml @@ -51,7 +51,7 @@ jobs: steps: - name: Checkout (best effort) - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: fetch-depth: 1 @@ -260,7 +260,7 @@ jobs: steps: - name: Checkout source branch - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: ref: ${{ needs.guard.outputs.source_branch }} fetch-depth: 0 @@ -344,7 +344,7 @@ jobs: steps: - name: Checkout promoted branch - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: ref: ${{ needs.guard.outputs.promoted_branch }} fetch-depth: 0 @@ -461,7 +461,7 @@ jobs: steps: - name: Checkout promoted branch - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: ref: ${{ needs.guard.outputs.promoted_branch }} fetch-depth: 0 @@ -971,7 +971,7 @@ jobs: steps: - name: Checkout main - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: ref: main fetch-depth: 0 @@ -1039,7 +1039,7 @@ jobs: steps: - name: Checkout tag - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: ref: ${{ github.ref_name }} fetch-depth: 1 diff --git a/.github/workflows/standards-compliance.yml b/.github/workflows/standards-compliance.yml index a6a4354..cb31ad7 100644 --- a/.github/workflows/standards-compliance.yml +++ b/.github/workflows/standards-compliance.yml @@ -54,7 +54,7 @@ jobs: steps: - name: Checkout Repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Check Required Directories run: | @@ -108,7 +108,7 @@ jobs: steps: - name: Checkout Repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Validate README.md run: | @@ -172,7 +172,7 @@ jobs: steps: - name: Checkout Repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Check for Tab Characters run: | @@ -246,7 +246,7 @@ jobs: steps: - name: Checkout Repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Check SPDX Headers run: | @@ -304,7 +304,7 @@ jobs: steps: - name: Checkout Repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: fetch-depth: 0 @@ -352,7 +352,7 @@ jobs: steps: - name: Checkout Repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Check Required Workflows run: | diff --git a/.github/workflows/version_branch.yml b/.github/workflows/version_branch.yml index 577ec15..dd45cc2 100644 --- a/.github/workflows/version_branch.yml +++ b/.github/workflows/version_branch.yml @@ -68,7 +68,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: fetch-depth: 0 ref: ${{ github.ref_name }} From 285eda2dd2c038d98aa1e9781661b5b0a248dcdd Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 9 Jan 2026 03:32:38 +0000 Subject: [PATCH 2/3] Initial plan From 4439f1c17fde1900a60326192e6fe5ff5ee6b28b Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 9 Jan 2026 03:35:48 +0000 Subject: [PATCH 3/3] Fix workflow file errors: update references and hashFiles usage Co-authored-by: jmiller-moko <230051081+jmiller-moko@users.noreply.github.com> --- .github/workflows/ci.yml | 2 +- .github/workflows/dependency-review.yml | 39 +++++++++++++++++++++++-- .github/workflows/joomla_testing.yml | 2 +- .github/workflows/php_quality.yml | 2 +- 4 files changed, 40 insertions(+), 5 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 80087d9..14bfb47 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -19,7 +19,7 @@ permissions: jobs: validation: - uses: mokoconsulting-tech/MokoStandards/.github/workflows/reusable-ci-validation.yml@v1 + uses: mokoconsulting-tech/MokoStandards/.github/workflows/reusable-ci-validation.yml@main with: validation-scripts-path: 'scripts/validate' secrets: inherit diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 8f3d3ac..b56caba 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -77,22 +77,33 @@ jobs: composer-audit: name: Composer Audit runs-on: ubuntu-latest - if: hashFiles('composer.json') != '' steps: - name: Checkout Repository uses: actions/checkout@v4 + - name: Check for composer.json + id: check-composer + run: | + if [ -f "composer.json" ]; then + echo "exists=true" >> $GITHUB_OUTPUT + else + echo "exists=false" >> $GITHUB_OUTPUT + fi + - name: Setup PHP + if: steps.check-composer.outputs.exists == 'true' uses: shivammathur/setup-php@v2 with: php-version: '8.1' tools: composer:v2 - name: Install Dependencies + if: steps.check-composer.outputs.exists == 'true' run: composer install --no-interaction --prefer-dist - name: Run Composer Audit + if: steps.check-composer.outputs.exists == 'true' run: | echo "### Composer Audit Results" >> $GITHUB_STEP_SUMMARY @@ -105,29 +116,47 @@ jobs: fi - name: Check for Outdated Packages + if: steps.check-composer.outputs.exists == 'true' run: | echo "" >> $GITHUB_STEP_SUMMARY echo "### Outdated Composer Packages" >> $GITHUB_STEP_SUMMARY composer outdated --direct || echo "All packages are up to date" >> $GITHUB_STEP_SUMMARY + + - name: Skip Composer Audit + if: steps.check-composer.outputs.exists == 'false' + run: | + echo "### Composer Audit Results" >> $GITHUB_STEP_SUMMARY + echo "ℹ️ No composer.json found - skipping Composer audit" >> $GITHUB_STEP_SUMMARY python-safety: name: Python Safety Check runs-on: ubuntu-latest - if: hashFiles('requirements.txt', 'pyproject.toml', 'Pipfile') != '' steps: - name: Checkout Repository uses: actions/checkout@v4 + - name: Check for Python dependency files + id: check-python + run: | + if [ -f "requirements.txt" ] || [ -f "pyproject.toml" ] || [ -f "Pipfile" ]; then + echo "exists=true" >> $GITHUB_OUTPUT + else + echo "exists=false" >> $GITHUB_OUTPUT + fi + - name: Setup Python + if: steps.check-python.outputs.exists == 'true' uses: actions/setup-python@v5 with: python-version: '3.11' - name: Install Safety + if: steps.check-python.outputs.exists == 'true' run: pip install safety - name: Run Safety Check + if: steps.check-python.outputs.exists == 'true' run: | echo "### Python Safety Check Results" >> $GITHUB_STEP_SUMMARY @@ -145,6 +174,12 @@ jobs: else echo "ℹ️ No requirements.txt found" >> $GITHUB_STEP_SUMMARY fi + + - name: Skip Python Safety Check + if: steps.check-python.outputs.exists == 'false' + run: | + echo "### Python Safety Check Results" >> $GITHUB_STEP_SUMMARY + echo "ℹ️ No Python dependency files found - skipping Python safety check" >> $GITHUB_STEP_SUMMARY license-check: name: License Compliance Check diff --git a/.github/workflows/joomla_testing.yml b/.github/workflows/joomla_testing.yml index eb9705d..7d649ae 100644 --- a/.github/workflows/joomla_testing.yml +++ b/.github/workflows/joomla_testing.yml @@ -17,7 +17,7 @@ permissions: jobs: testing: - uses: mokoconsulting-tech/MokoStandards/.github/workflows/reusable-joomla-testing.yml@v1 + uses: mokoconsulting-tech/MokoStandards/.github/workflows/reusable-joomla-testing.yml@main with: php-versions: '["8.0", "8.1", "8.2", "8.3"]' joomla-versions: '["4.4", "5.0", "5.1"]' diff --git a/.github/workflows/php_quality.yml b/.github/workflows/php_quality.yml index 720e1fd..3e8cec8 100644 --- a/.github/workflows/php_quality.yml +++ b/.github/workflows/php_quality.yml @@ -19,7 +19,7 @@ permissions: jobs: quality: - uses: mokoconsulting-tech/MokoStandards/.github/workflows/reusable-php-quality.yml@v1 + uses: mokoconsulting-tech/MokoStandards/.github/workflows/reusable-php-quality.yml@main with: php-versions: '["8.0", "8.1", "8.2", "8.3"]' php-extensions: 'mbstring, xml, ctype, json, zip'