summaryrefslogtreecommitdiffstats
path: root/.github
Commit message (Collapse)AuthorAgeFilesLines
* bpo-42238: Doc CI: Disable suspicious checks. (GH-26575)Julien Palard2021-06-081-1/+1
| | | | They are slow and raise too many false positive, I'm in the slow process to try to change this.
* Removing myself from ssl code ownership (GH-26529)Christian Heimes2021-06-041-3/+3
| | | | | I'm taking a break. Signed-off-by: Christian Heimes <christian@python.org>
* build(deps): bump actions/cache from 2.1.5 to 2.1.6 (GH-26476)dependabot[bot]2021-06-021-2/+2
| | | | | | | | | Bumps [actions/cache](https://github.com/actions/cache) from 2.1.5 to 2.1.6. - [Release notes](https://github.com/actions/cache/releases) - [Commits](https://github.com/actions/cache/compare/v2.1.5...v2.1.6) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* bpo-38820: Test with OpenSSL 3.0.0-alpha17 (#26266)Christian Heimes2021-05-201-1/+1
|
* Update link in SECURITY.md (GH-21320)Marcono12342021-05-201-3/+2
|
* Enable GitHub Actions on the 3.10 branch (GH-26242)Hugo van Kemenade2021-05-193-24/+30
|
* bpo-38820: Test with OpenSSL 3.0.0-alpha16 (GH-25942)Christian Heimes2021-05-061-1/+1
| | | Also use new make target to install FIPS provider.
* build(deps): bump actions/cache from v2.1.4 to v2.1.5 (#25773)dependabot[bot]2021-05-041-2/+2
| | | | | | | | | Bumps [actions/cache](https://github.com/actions/cache) from v2.1.4 to v2.1.5. - [Release notes](https://github.com/actions/cache/releases) - [Commits](https://github.com/actions/cache/compare/v2.1.4...1a9e2138d905efd099035b49d8b7a3888c653ca8) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* build(deps): bump actions/upload-artifact from v2.2.2 to v2.2.3 (#25772)dependabot[bot]2021-05-041-1/+1
| | | | | | | | | Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from v2.2.2 to v2.2.3. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v2.2.2...ee69f02b3dfdecd58bb31b4d133da38ba6fe3700) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Update CI files to account for the master -> main rename (GH-25860)Pablo Galindo2021-05-035-9/+9
|
* Fix broken name in build.yml (GH-25759)Brandt Bucher2021-05-011-1/+1
|
* bpo-43888: Remove coverage builds from CI (GH-25679)Ammar Askar2021-04-302-125/+0
| | | The coverage builds were consistently timing out in CI, suggesting that people were not reviewing the uploaded reports.
* Restrict GITHUB_TOKEN permissions for the 'stale' workflow (GH-25564)Brett Cannon2021-04-231-0/+3
| | | It should only need write-level permissions to pull requests.
* bpo-38820: Test with OpenSSL 3.0.0-alpha15 (GH-25537)Christian Heimes2021-04-231-1/+1
| | | Signed-off-by: Christian Heimes <christian@python.org>
* bpo-43888: Reduce coverage collection timeout to 1h40m in GHA (GH-25471)Sviatoslav Sydorenko2021-04-201-0/+1
| | | | | Ref: Signed-off-by: Sviatoslav Sydorenko <webknjaz@redhat.com>
* bpo-43669: PEP 644: Require OpenSSL 1.1.1 or newer (GH-23014)Christian Heimes2021-04-171-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | - Remove HAVE_X509_VERIFY_PARAM_SET1_HOST check - Update hashopenssl to require OpenSSL 1.1.1 - multissltests only OpenSSL > 1.1.0 - ALPN is always supported - SNI is always supported - Remove deprecated NPN code. Python wrappers are no-op. - ECDH is always supported - Remove OPENSSL_VERSION_1_1 macro - Remove locking callbacks - Drop PY_OPENSSL_1_1_API macro - Drop HAVE_SSL_CTX_CLEAR_OPTIONS macro - SSL_CTRL_GET_MAX_PROTO_VERSION is always defined now - security level is always available now - get_num_tickets is available with TLS 1.3 - X509_V_ERR MISMATCH is always available now - Always set SSL_MODE_RELEASE_BUFFERS - X509_V_FLAG_TRUSTED_FIRST is always available - get_ciphers is always supported - SSL_CTX_set_keylog_callback is always available - Update Modules/Setup with static link example - Mention PEP in whatsnew - Drop 1.0.2 and 1.1.0 from GHA tests
* bpo-43811: Test multiple OpenSSL versions on GHA (GH-25360)Christian Heimes2021-04-132-2/+64
| | | | | The new checks are only executed when one or more OpenSSL-related files are modified. The checks run a handful of networking and hashing test suites. All SSL checks are optional. This PR also introduces ccache to speed up compilation. In common cases it speeds up configure and compile time from about 90 seconds to less than 30 seconds. Signed-off-by: Christian Heimes <christian@python.org>
* Fix Sphinx errors in the documentation and re-activate the suspicious check ↵Pablo Galindo2021-04-121-1/+1
| | | | | | | (GH-25368) The suspicious check is still executed as part of the release process and release managers have been lately fixing some actual errors that the suspicious target can find. For this reason, reactivate the suspicious until we decide what to do in a coordinated fashion.
* try and get a peak at mock-related PRs before they land (#25356)Chris Withers2021-04-121-0/+4
|
* bpo-43631: Update to OpenSSL 1.1.1k (GH-25024)Christian Heimes2021-03-302-2/+2
| | | | | | | | | | - [x] Build OpenSSL 1.1.1k for macOS - [x] Build OpenSSL 1.1.1k for Windows I have also updated multissl tester and various CI configurations to use latest OpenSSL. The versions were all over the place. Signed-off-by: Christian Heimes <christian@python.org> Automerge-Triggered-By: GH:tiran
* bpo-41561: Add workaround for Ubuntu's custom security level (GH-24915)Christian Heimes2021-03-181-1/+1
| | | | | | | | | | Ubuntu 20.04 comes with a patched OpenSSL 1.1.1. Default security level 2 blocks TLS 1.0 and 1.1 connections. Regular OpenSSL 1.1.1 builds allow TLS 1.0 and 1.1 on security level 2. See: See: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1899878 See: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1917625 Signed-off-by: Christian Heimes <christian@python.org>
* Pin test runner to Ubuntu 18 to un-break CI (#24715)Brandt Bucher2021-03-031-1/+1
|
* build(deps): bump actions/cache from v2.1.3 to v2.1.4 (#24446)dependabot[bot]2021-02-042-2/+2
| | | | | | | | | Bumps [actions/cache](https://github.com/actions/cache) from v2.1.3 to v2.1.4. - [Release notes](https://github.com/actions/cache/releases) - [Commits](https://github.com/actions/cache/compare/v2.1.3...26968a09c0ea4f3e233fdddbafd1166051a095f6) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Fix dependabot.yml file (GH-24443)Mariatta Wijaya2021-02-041-4/+0
| | | | The `target-branch` field doesn't seem to support array. Since it defaults to the default branch anyway, we should just remove the `target-branch` field from the config.
* build(deps): bump actions/upload-artifact from v2.2.1 to v2.2.2 (GH-24411)dependabot[bot]2021-02-031-1/+1
| | | | | | | | | Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from v2.2.1 to v2.2.2. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v2.2.1...e448a9b857ee2131e752b06002bf0e093c65e571) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* bpo-42955: Rename module_names to sys.stdlib_module_names (GH-24332)Victor Stinner2021-01-251-1/+1
| | | | * Rename _Py_module_names to _Py_stdlib_module_names. * Rename Python/module_names.h to Python/stdlib_module_names.h.
* bpo-42955: Add Python/module_names.h (GH-24258)Victor Stinner2021-01-191-0/+1
| | | | | | | | | | Add a private list of all stdlib modules: _Py_module_names. * Add Tools/scripts/generate_module_names.py script. * Makefile: Add "make regen-module-names" command. * setup.py: Add --list-module-names option. * GitHub Action and Travis CI also runs "make regen-module-names", not ony "make regen-all", to ensure that the module names remains up to date.
* bpo-42773: fix tests not being run on pushes (GH-24004)Filipe Laíns2020-12-301-1/+1
| | | | | | | | There was a typo, we were checking if the "GITHUB_BASE_REF" string literal was empty instead of the $GITHUB_BASE_REF value. When $GITHUB_BASE_REF is empty, the action that triggered the run was not a pull request, so we always run the full test suite. Signed-off-by: Filipe Laíns <lains@riseup.net>
* [workflow] Use MSVC problem matcher for Windows action build (GH-18532)Ammar Askar2020-12-282-0/+21
| | | | | | | This makes warnings and errors from the compiler very prominent so this should help prevent warnings from sneaking into the code base and catch them in review. See https://discuss.python.org/t/using-github-problem-matchers-to-catch-warnings-early/4254 for more details You can see a demo of this in action here: https://github.com/ammaraskar/cpython/pull/15/files#diff-9ba2eeca0f254ece0a9df4d7cb68e870 GCC and Sphinx matchers have previously been added in GH-18567 and GH-20325, respectively.
* GH: Add isidentical to the CODEOWNERS (GH-23923)Batuhan Taskaya2020-12-241-0/+7
|
* Update Stale action message (GH-23791)Mariatta2020-12-161-1/+1
| | | We don't close PRs after it becomes stale.
* Adding "stale" GitHub Action (GH-21247)Mariatta2020-12-151-0/+19
| | | | | | | | | | | Adding "stale" GitHub Action Added the "stale" GitHub action to the CPython repo. PR's older than 30 days will be labeled as stale using the "stale-pr" label. Closes https://github.com/python/core-workflow/issues/372 Co-authored-by: Brett Cannon <brett@python.org>
* Let dependabot create PRs against the maintenance branches (GH-22992)Mariatta2020-12-151-0/+4
| | | With this, we don't have to manually trigger backport whenever there is update to GitHub Actions dependencies.
* bpo-42545: Check that all symbols in the limited ABI are exported (GH-23616)Pablo Galindo2020-12-041-0/+2
|
* build(deps): bump actions/upload-artifact from v2.2.0 to v2.2.1 (GH-23583)dependabot[bot]2020-12-011-1/+1
| | | | | | | | | Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from v2.2.0 to v2.2.1. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v2.2.0...726a6dcd0199f578459862705eed35cda05af50b) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* build(deps): bump actions/cache from v2.1.2 to v2.1.3 (23582)dependabot[bot]2020-12-012-2/+2
| | | | | | | | | Bumps [actions/cache](https://github.com/actions/cache) from v2.1.2 to v2.1.3. - [Release notes](https://github.com/actions/cache/releases) - [Commits](https://github.com/actions/cache/compare/v2.1.2...0781355a23dac32fd3bac414512f4b903437991a) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* bpo-42238: Doc: Remove make suspicious from the CI and docs builds. (GH-23313)Julien Palard2020-11-251-1/+1
| | | | | It probably helped a lot a while back, but may not be as usefull today. We'll continue monitoring it before deletion, so true positives can be migrated to rstlint.
* bpo-42212: smelly.py also checks the dynamic library (GH-23423)Victor Stinner2020-11-241-1/+2
| | | | | | | | The smelly.py script now also checks the Python dynamic library and extension modules, not only the Python static library. Make also the script more verbose: explain what it does. The GitHub Action job now builds Python with the libpython dynamic library.
* bpo-42212: Check if generated files are up-to-date in GitHub Actions (GH-23042)Filipe Laíns2020-11-201-0/+28
| | | | | See https: //github.com/python/core-workflow/issues/380 Signed-off-by: Filipe Laíns <lains@archlinux.org>
* bpo-42336: Improve PCbuild batch files (GH-23275)Steve Dower2020-11-181-2/+2
|
* GitHub Action: Add gdb to posix dependencies (GH-23043)Victor Stinner2020-10-301-6/+6
| | | Sort also dependencies and remove duplicates (liblzma-dev).
* Automatically add skip news and skip issue label to dependabot PRs (GH-22927)Mariatta2020-10-241-0/+3
| | | Closes https://github.com/python/bedevere/issues/287
* build(deps): bump actions/upload-artifact from v1 to v2.2.0 (GH-22920)dependabot[bot]2020-10-231-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from v1 to v2.2.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's releases</a>.</em></p> <blockquote> <h2>v2.2.0</h2> <ul> <li>Support for artifact retention</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/upload-artifact/commit/27bce4eee761b5bc643f46a8dfb41b430c8d05f6"><code>27bce4e</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/actions/upload-artifact/issues/112">#112</a> from thboop/main</li> <li><a href="https://github.com/actions/upload-artifact/commit/f8b42f7ab442a66b3d51a5ca02855b194a36ae2d"><code>f8b42f7</code></a> update licensed files</li> <li><a href="https://github.com/actions/upload-artifact/commit/2106e8cf10e032ca9d5724c4c676543febe74f0b"><code>2106e8c</code></a> update contributing.md</li> <li><a href="https://github.com/actions/upload-artifact/commit/db66798ebcfbaa7f3f8ff66bce013213265c30d1"><code>db66798</code></a> Ignore Generated Files in Git PR's</li> <li><a href="https://github.com/actions/upload-artifact/commit/d359fd0772ed6802a84728dd6b09ec99f41a67b7"><code>d359fd0</code></a> Manual Verification of licenses</li> <li><a href="https://github.com/actions/upload-artifact/commit/350822c32f871c559dbe1667c24424e06c4f03e3"><code>350822c</code></a> Add Licensed Workflow and config</li> <li><a href="https://github.com/actions/upload-artifact/commit/abecf4abf4b70bc636949d61150be883b87416c2"><code>abecf4a</code></a> Updated README.md (<a href="https://github-redirect.dependabot.com/actions/upload-artifact/issues/118">#118</a>)</li> <li><a href="https://github.com/actions/upload-artifact/commit/604e071d21906545dedcfaf210deae74f8c5276a"><code>604e071</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/actions/upload-artifact/issues/126">#126</a> from yacaovsnc/main</li> <li><a href="https://github.com/actions/upload-artifact/commit/4560c23b396d494f0cb7066e1d6e258e8feb8051"><code>4560c23</code></a> Check for invalid retention-days input</li> <li><a href="https://github.com/actions/upload-artifact/commit/59018c2f85dd0e101b75544aa87f13bb0c94e0b7"><code>59018c2</code></a> Add an option to specify retention period</li> <li>Additional commits viewable in <a href="https://github.com/actions/upload-artifact/compare/v1...27bce4eee761b5bc643f46a8dfb41b430c8d05f6">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Automerge-Triggered-By: GH:Mariatta
* build(deps): bump actions/cache from v1 to v2.1.2 (GH-22919)dependabot[bot]2020-10-232-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [actions/cache](https://github.com/actions/cache) from v1 to v2.1.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/cache/releases">actions/cache's releases</a>.</em></p> <blockquote> <h2>v2.1.2</h2> <ul> <li>Adds input to limit the chunk upload size, useful for self-hosted runners with slower upload speeds</li> <li>No-op when executing on GHES</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/cache/commit/d1255ad9362389eac595a9ae406b8e8cb3331f16"><code>d1255ad</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/actions/cache/issues/424">#424</a> from actions/dhadka/upload-chunk-size</li> <li><a href="https://github.com/actions/cache/commit/68cfb2ccb73b1982be3fa55e3d7c842697d7f1ed"><code>68cfb2c</code></a> Add units to description</li> <li><a href="https://github.com/actions/cache/commit/cce3c03a74623545a53c433d301f3f7725c72454"><code>cce3c03</code></a> Add new input to action.yml</li> <li><a href="https://github.com/actions/cache/commit/4bceb75b5b7743784c63c94b81c50a485cbdcda0"><code>4bceb75</code></a> Use parseInt instead of Number to handle empty strings</li> <li><a href="https://github.com/actions/cache/commit/a6f1f4b32eec85780fedc5b354a583e9b2999100"><code>a6f1f4b</code></a> Adds input for upload chunk size</li> <li><a href="https://github.com/actions/cache/commit/d606e039ae32f64a8593bf4a37b0bf205c695237"><code>d606e03</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/actions/cache/issues/421">#421</a> from actions/dhadka/ghes</li> <li><a href="https://github.com/actions/cache/commit/d3e4f218f30bd71a2c29e2b2a1e4f811f4327162"><code>d3e4f21</code></a> Use warning instead of info</li> <li><a href="https://github.com/actions/cache/commit/55a58944386e69f7c5bad52ef43a61c578b6c1c6"><code>55a5894</code></a> Update dist</li> <li><a href="https://github.com/actions/cache/commit/3f6dfcbcc44a8e2fd9e539c1dd15af6559e74ced"><code>3f6dfcb</code></a> Merge branch 'main' of <a href="http://github.com/actions/cache">http://github.com/actions/cache</a> into dhadka/ghes</li> <li><a href="https://github.com/actions/cache/commit/0f71d4ac9a7f4c36aba5ac3cfc4567d2d4eae813"><code>0f71d4a</code></a> Add tests for isGhes</li> <li>Additional commits viewable in <a href="https://github.com/actions/cache/compare/v1...d1255ad9362389eac595a9ae406b8e8cb3331f16">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Automerge-Triggered-By: GH:Mariatta
* Allow dependabot to check GitHub actions monthly (GH-22787)John Losito2020-10-231-0/+6
| | | | | | | Let Dependabot update GitHub Actions dependency once a month. Here's reference to the dependabot configs. https://docs.github.com/en/free-pro-team@latest/github/administering-a-repository/keeping-your-actions-up-to-date-with-github-dependabot
* Add GitHub sponsor info for Python (GH-22887)Mariatta2020-10-231-0/+1
| | | Sponsor Python on GitHub
* Add Mark Shannon to CODEOWNERS. (#22914)Mark Shannon2020-10-231-2/+8
|
* Add CODEOWNERS for the Grammar file (GH-22898)Lysandros Nikolaou2020-10-221-0/+1
|
* bpo-40548: Fix "Check for source changes (pull_request)" GH Action job ↵Victor Stinner2020-08-101-1/+14
| | | | | | | | | | (GH-21806) On Git 2.28, "git diff master..." (3 dots) no longer works when "fetch --depth=1" is used, whereas it works on Git 2.26. Replace "..." (3 dots) with ".." (2 dots) in the "git diff" command computing the list of modified files between the base branch and the PR branch.
* Add lysnikolaou to CODEOWNERS for the new parser (GH-21252)Lysandros Nikolaou2020-07-011-3/+3
|