diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index c70eb15..0108cc2 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -11,7 +11,7 @@ # ── Synced workflows (managed by MokoStandards — do not edit manually) ──── /.github/workflows/deploy-dev.yml @jmiller-moko /.github/workflows/deploy-demo.yml @jmiller-moko -/.github/workflows/deploy-rs.yml @jmiller-moko +/.github/workflows/deploy-manual.yml @jmiller-moko /.github/workflows/auto-release.yml @jmiller-moko /.github/workflows/auto-dev-issue.yml @jmiller-moko /.github/workflows/auto-assign.yml @jmiller-moko diff --git a/.github/workflows/auto-assign.yml b/.github/workflows/auto-assign.yml index 08d0dab..d0b70f6 100644 --- a/.github/workflows/auto-assign.yml +++ b/.github/workflows/auto-assign.yml @@ -6,7 +6,7 @@ # INGROUP: MokoStandards.Workflows.Shared # REPO: https://github.com/mokoconsulting-tech/MokoStandards # PATH: /.github/workflows/auto-assign.yml -# VERSION: 03.09.03 +# VERSION: 04.06.00 # BRIEF: Auto-assign jmiller-moko to unassigned issues and PRs every 15 minutes name: Auto-Assign Issues & PRs diff --git a/.github/workflows/auto-dev-issue.yml b/.github/workflows/auto-dev-issue.yml index 75c1dae..9b5fbe2 100644 --- a/.github/workflows/auto-dev-issue.yml +++ b/.github/workflows/auto-dev-issue.yml @@ -9,7 +9,7 @@ # INGROUP: MokoStandards.Automation # REPO: https://github.com/mokoconsulting-tech/MokoStandards # PATH: /templates/workflows/shared/auto-dev-issue.yml.template -# VERSION: 03.09.03 +# VERSION: 04.06.00 # BRIEF: Auto-create tracking issue with sub-issues for dev/rc branch workflow # NOTE: Synced via bulk-repo-sync to .github/workflows/auto-dev-issue.yml in all governed repos. diff --git a/.github/workflows/auto-release.yml b/.github/workflows/auto-release.yml index 52c01c1..4b4706a 100644 --- a/.github/workflows/auto-release.yml +++ b/.github/workflows/auto-release.yml @@ -7,7 +7,7 @@ # INGROUP: MokoStandards.Release # REPO: https://github.com/mokoconsulting-tech/MokoStandards # PATH: /templates/workflows/joomla/auto-release.yml.template -# VERSION: 03.09.03 +# VERSION: 04.06.00 # BRIEF: Joomla build & release — ZIP package, updates.xml, SHA-256 checksum # # +========================================================================+ @@ -477,7 +477,7 @@ jobs: [ ! -d "$SOURCE_DIR" ] && { echo "No src/ or htdocs/ — skipping package"; exit 0; } cd "$SOURCE_DIR" - zip -r "/tmp/${PACKAGE_NAME}" . -x '.ftpignore' + zip -r "/tmp/${PACKAGE_NAME}" . -x '.ftpignore' 'sftp-config*' '*.ppk' '*.pem' '*.key' '.env*' cd .. FILESIZE=$(stat -c%s "/tmp/${PACKAGE_NAME}" 2>/dev/null || stat -f%z "/tmp/${PACKAGE_NAME}" 2>/dev/null || echo "unknown") diff --git a/.github/workflows/auto-update-sha.yml b/.github/workflows/auto-update-sha.yml index c379a87..bbcfaaf 100644 --- a/.github/workflows/auto-update-sha.yml +++ b/.github/workflows/auto-update-sha.yml @@ -31,7 +31,7 @@ jobs: steps: - name: Checkout Repository - uses: actions/checkout@v6 + uses: actions/checkout@v4 with: fetch-depth: 0 ref: main diff --git a/.github/workflows/changelog-validation.yml b/.github/workflows/changelog-validation.yml index 67dfc76..e2ec667 100644 --- a/.github/workflows/changelog-validation.yml +++ b/.github/workflows/changelog-validation.yml @@ -9,7 +9,7 @@ # INGROUP: MokoStandards.CI # REPO: https://github.com/mokoconsulting-tech/MokoStandards # PATH: /templates/workflows/shared/changelog-validation.yml.template -# VERSION: 03.09.03 +# VERSION: 04.06.00 # BRIEF: Validates CHANGELOG.md format and version consistency # NOTE: Deployed to .github/workflows/changelog-validation.yml in governed repos. diff --git a/.github/workflows/ci-joomla.yml b/.github/workflows/ci-joomla.yml index 861770c..01e1edb 100644 --- a/.github/workflows/ci-joomla.yml +++ b/.github/workflows/ci-joomla.yml @@ -9,7 +9,7 @@ # INGROUP: MokoStandards.CI # REPO: https://github.com/mokoconsulting-tech/MokoStandards # PATH: /templates/workflows/joomla/ci-joomla.yml.template -# VERSION: 03.09.03 +# VERSION: 04.06.00 # BRIEF: CI workflow for Joomla extensions — lint, validate, test # NOTE: Deployed to .github/workflows/ci-joomla.yml in governed Joomla extension repos. diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 4ce64c4..1639497 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -55,19 +55,19 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize CodeQL - uses: github/codeql-action/init@v4 + uses: github/codeql-action/init@v3 with: languages: ${{ matrix.language }} queries: security-extended,security-and-quality - name: Autobuild - uses: github/codeql-action/autobuild@v4 + uses: github/codeql-action/autobuild@v3 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v4 + uses: github/codeql-action/analyze@v3 with: category: "/language:${{ matrix.language }}" upload: true @@ -76,7 +76,7 @@ jobs: - name: Upload SARIF results if: always() - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v4.5.0 + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.5.0 with: name: codeql-results-${{ matrix.language }} path: sarif-results diff --git a/.github/workflows/deploy-manual.yml b/.github/workflows/deploy-manual.yml index de5143c..e127f0e 100644 --- a/.github/workflows/deploy-manual.yml +++ b/.github/workflows/deploy-manual.yml @@ -7,7 +7,7 @@ # INGROUP: MokoStandards.Deploy # REPO: https://github.com/mokoconsulting-tech/MokoStandards # PATH: /templates/workflows/joomla/deploy-manual.yml.template -# VERSION: 03.09.03 +# VERSION: 04.06.00 # BRIEF: Manual SFTP deploy to dev server for Joomla repos # NOTE: Joomla repos use update.xml for distribution. This is for manual # dev server testing only — triggered via workflow_dispatch. diff --git a/.github/workflows/enterprise-firewall-setup.yml b/.github/workflows/enterprise-firewall-setup.yml index 08c3b90..46ef7d2 100644 --- a/.github/workflows/enterprise-firewall-setup.yml +++ b/.github/workflows/enterprise-firewall-setup.yml @@ -22,7 +22,7 @@ # INGROUP: MokoStandards.Firewall # REPO: https://github.com/mokoconsulting-tech/MokoStandards # PATH: /templates/workflows/shared/enterprise-firewall-setup.yml.template -# VERSION: 03.09.03 +# VERSION: 04.06.00 # BRIEF: Enterprise firewall configuration — generates outbound allow-rules including SFTP deployment server # NOTE: Reads DEV_FTP_HOST / DEV_FTP_PORT variables to include SFTP egress rules alongside HTTPS rules. @@ -678,7 +678,7 @@ jobs: python3 generate_firewall_config.py - name: Upload Firewall Configuration Artifacts - uses: actions/upload-artifact@v7 + uses: actions/upload-artifact@v6 with: name: firewall-configurations path: | diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 539a9f4..4af1d59 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -54,7 +54,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v6 + uses: actions/checkout@v4 with: fetch-depth: 0 @@ -127,7 +127,7 @@ jobs: echo "SHA-256: ${SHA256_HASH}" - name: Upload build artifacts - uses: actions/upload-artifact@v7 + uses: actions/upload-artifact@v4 with: name: release-package path: | @@ -142,10 +142,10 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v6 + uses: actions/checkout@v4 - name: Download build artifacts - uses: actions/download-artifact@v8 + uses: actions/download-artifact@v4 with: name: release-package path: ./artifacts @@ -178,7 +178,7 @@ jobs: fi - name: Create Release - uses: softprops/action-gh-release@v2 + uses: softprops/action-gh-release@v1 with: tag_name: ${{ steps.version.outputs.version }} name: Release ${{ steps.version.outputs.version }} diff --git a/.github/workflows/repo_health.yml b/.github/workflows/repo_health.yml index 0a943d5..73308be 100644 --- a/.github/workflows/repo_health.yml +++ b/.github/workflows/repo_health.yml @@ -10,7 +10,7 @@ # INGROUP: MokoStandards.Validation # REPO: https://github.com/mokoconsulting-tech/MokoStandards # PATH: /.github/workflows/repo_health.yml -# VERSION: 03.09.03 +# VERSION: 04.06.00 # BRIEF: Enforces repository guardrails by validating release configuration, scripts governance, tooling availability, and core repository health artifacts. # NOTE: Field is user-managed. # ============================================================================ @@ -87,7 +87,7 @@ jobs: steps: - name: Check actor permission (admin only) id: perm - uses: actions/github-script@v8 + uses: actions/github-script@v7 with: github-token: ${{ secrets.GH_TOKEN }} script: | diff --git a/.github/workflows/repository-cleanup.yml b/.github/workflows/repository-cleanup.yml index ea4c07b..ea9219d 100644 --- a/.github/workflows/repository-cleanup.yml +++ b/.github/workflows/repository-cleanup.yml @@ -9,7 +9,7 @@ # INGROUP: MokoStandards.Maintenance # REPO: https://github.com/mokoconsulting-tech/MokoStandards # PATH: /templates/workflows/shared/repository-cleanup.yml.template -# VERSION: 03.09.03 +# VERSION: 04.06.00 # BRIEF: Recurring repository maintenance — labels, branches, workflows, logs, doc indexes # NOTE: Synced via bulk-repo-sync to .github/workflows/repository-cleanup.yml in all governed repos. # Runs on the 1st and 15th of each month at 6:00 AM UTC, and on manual dispatch. @@ -154,6 +154,10 @@ jobs: ".github/workflows/auto-version-branch.yml" ".github/workflows/publish-to-mokodolibarr.yml" ".github/workflows/ci.yml" + ".github/workflows/deploy-rs.yml" + "sftp-config.json" + "sftp-config.json.template" + "scripts/sftp-config" ) DELETED=0 diff --git a/.github/workflows/standards-compliance.yml b/.github/workflows/standards-compliance.yml index 24ab00d..79aaedd 100644 --- a/.github/workflows/standards-compliance.yml +++ b/.github/workflows/standards-compliance.yml @@ -5,7 +5,7 @@ # INGROUP: MokoStandards.Compliance # REPO: https://github.com/mokoconsulting-tech/MokoStandards # PATH: /.github/workflows/standards-compliance.yml -# VERSION: 03.09.03 +# VERSION: 04.06.00 # BRIEF: MokoStandards compliance validation workflow # NOTE: Validates repository structure, documentation, and coding standards diff --git a/.github/workflows/sync-version-on-merge.yml b/.github/workflows/sync-version-on-merge.yml index 59acc9e..60715f6 100644 --- a/.github/workflows/sync-version-on-merge.yml +++ b/.github/workflows/sync-version-on-merge.yml @@ -9,7 +9,7 @@ # INGROUP: MokoStandards.Automation # REPO: https://github.com/mokoconsulting-tech/MokoStandards # PATH: /templates/workflows/shared/sync-version-on-merge.yml.template -# VERSION: 03.09.03 +# VERSION: 04.06.00 # BRIEF: Auto-bump patch version on every push to main and propagate to all file headers # NOTE: Synced via bulk-repo-sync to .github/workflows/sync-version-on-merge.yml in all governed repos. # README.md is the single source of truth for the repository version. diff --git a/.github/workflows/update-server.yml b/.github/workflows/update-server.yml index c0becfa..90482e5 100644 --- a/.github/workflows/update-server.yml +++ b/.github/workflows/update-server.yml @@ -7,7 +7,7 @@ # INGROUP: MokoStandards.Joomla # REPO: https://github.com/mokoconsulting-tech/MokoStandards # PATH: /templates/workflows/joomla/update-server.yml.template -# VERSION: 03.09.03 +# VERSION: 04.06.00 # BRIEF: Update Joomla update server XML feed with stable/rc/dev entries # # Writes updates.xml with multiple entries: @@ -165,7 +165,7 @@ jobs: [ ! -d "$SOURCE_DIR" ] && SOURCE_DIR="htdocs" if [ -d "$SOURCE_DIR" ]; then cd "$SOURCE_DIR" - zip -r "/tmp/${PACKAGE_NAME}" . -x '.ftpignore' + zip -r "/tmp/${PACKAGE_NAME}" . -x '.ftpignore' 'sftp-config*' '*.ppk' '*.pem' '*.key' '.env*' cd .. SHA256=$(sha256sum "/tmp/${PACKAGE_NAME}" | cut -d' ' -f1)