jandieman/searxng
2
0
Fork 0
mirror of https://github.com/searxng/searxng.git synced 2025-12-22 19:50:00 +00:00
Code Issues Projects Releases Wiki Activity
9,072 Commits 6 Branches 0 Tags
20ec01c5f73f3222ec4139f02e67d4cc657249d7
Commit Graph

24 Commits

Author SHA1 Message Date
dependabot[bot]
20ec01c5f7 [upd] github-actions: Bump github/codeql-action from 4.31.3 to 4.31.4 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.31.3 to 4.31.4.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](014f16e7ab...e12f017898)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 4.31.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-21 09:21:20 +00:00
dependabot[bot]
1e200a1107 [upd] github-actions: Bump github/codeql-action from 4.31.2 to 4.31.3 (#5445) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.31.2 to 4.31.3.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](0499de31b9...014f16e7ab)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 4.31.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-11-14 08:33:14 +00:00
dependabot[bot]
b8e4ebdc0c [upd] github-actions: Bump github/codeql-action from 4.30.9 to 4.31.2 (#5403) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.30.9 to 4.31.2.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](16140ae1a1...0499de31b9)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 4.31.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-31 11:31:10 +01:00
dependabot[bot]
c41b769f97 [upd] github-actions: Bump github/codeql-action from 4.30.8 to 4.30.9 (#5369) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.30.8 to 4.30.9.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](f443b600d9...16140ae1a1)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 4.30.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-24 10:04:49 +02:00
dependabot[bot]
f54cf643b2 [upd] github-actions: Bump github/codeql-action from 4.30.7 to 4.30.8 (#5335) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.30.7 to 4.30.8.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](e296a93559...f443b600d9)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 4.30.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-17 10:02:59 +02:00
dependabot[bot]
37f7960266 [upd] github-actions: Bump github/codeql-action from 3.30.6 to 4.30.7 (#5295) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.30.6 to 4.30.7.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](64d10c1313...e296a93559)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 4.30.7
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-10 10:55:50 +02:00
dependabot[bot]
3c63d346d9 [upd] github-actions: Bump github/codeql-action from 3.30.4 to 3.30.6 (#5276) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.30.4 to 3.30.6.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](303c0aef88...64d10c1313)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 3.30.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-03 09:46:04 +02:00
dependabot[bot]
a9ae0163ad [upd] github-actions: Bump github/codeql-action from 3.30.3 to 3.30.4 (#5247) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.30.3 to 3.30.4.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](192325c861...303c0aef88)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 3.30.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-09-26 10:01:01 +02:00
dependabot[bot]
4694ba202a [upd] github-actions: Bump github/codeql-action from 3.30.0 to 3.30.3 (#5201) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.30.0 to 3.30.3.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](2d92b76c45...192325c861)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 3.30.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-09-12 10:15:21 +02:00
dependabot[bot]
02473b68df [upd] github-actions: Bump github/codeql-action from 3.29.11 to 3.30.0 (#5182) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.29.11 to 3.30.0.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](3c3833e0f8...2d92b76c45)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 3.30.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-09-05 11:11:04 +02:00
dependabot[bot]
e22ebd8817 [upd] github-actions: Bump github/codeql-action from 3.29.9 to 3.29.11 (#5143) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.29.9 to 3.29.11.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](df559355d5...3c3833e0f8)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 3.29.11
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-22 10:01:53 +02:00
dependabot[bot]
792ec2afea [upd] github-actions: Bump actions/checkout from 4.2.2 to 5.0.0 (#5118) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.2.2 to 5.0.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](11bd71901b...08c6903cd8)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: 5.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-15 18:06:22 +02:00
dependabot[bot]
90f997c181 [upd] github-actions: Bump github/codeql-action from 3.29.6 to 3.29.9 (#5119) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.29.6 to 3.29.9.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](a4e1a019f5...df559355d5)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 3.29.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-15 18:05:43 +02:00
Ivan Gabaldon
dd170964c7 [mod] ci: strict(er) exec (#5099) 
All actions are pulled using the version hash, versions are handled by
dependabot, and we'll have control over which actions get updated.

Replaces Trivy scanner with Docker Scout, we have recently begun analyzing the
images there, and the action will keep us in sync about the problems on GHCS
dashboard.
 2025-08-08 11:26:45 +02:00
dependabot[bot]
08d8fb7146 [upd] github-actions: Bump aquasecurity/trivy-action (#4969) 
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.31.0 to 0.32.0.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](https://github.com/aquasecurity/trivy-action/compare/0.31.0...0.32.0)

---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
  dependency-version: 0.32.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-04 11:01:23 +02:00
dependabot[bot]
33891e5367 [upd] github-actions: Bump aquasecurity/trivy-action (#4898) 
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.30.0 to 0.31.0.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](https://github.com/aquasecurity/trivy-action/compare/0.30.0...0.31.0)

---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
  dependency-version: 0.31.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-06-06 10:34:07 +02:00
Ivan Gabaldon
14b8a999f3 [mod] ci: exclude some workflows from forks (#4849) 
Excludes some workflows/jobs unneeded on forks.

Closes https://github.com/searxng/searxng/issues/4847
 2025-05-25 14:54:27 +02:00
Ivan Gabaldon
bec76bc2e3 [fix] CI: prevent race condition 
`checker.yml` and `integration.yml` are the only workflows that are currently safe to be executed simultaneously, the others present a risk that the order of completion may not be expected. The ones that are chained from `integration.yml` can be called as many times as `integration.yml` workflows are running at that moment, the same with the trigger "workflow_dispatch".

This can be fatal for workflows like `container.yml` that use a centralized cache to store and load the candidate images in a common tag called "searxng-<arch>".

* For example, a `container.yml` workflow is executed after being chained from `integration.yml` (called "~1"), and seconds later it may be triggered again because another PR merged some breaking changes (called "~2"). While "~1" has already passed the test job successfully and is about to start the release job, "~2" finishes building the container and overwrites the references on the common tag. When "~1" in the release job loads the images using the common tag, it will load the container of "~2" instead of "~1" having skipped the whole test job process.

The example is only set for the container workflow, but the other workflows might occur in a similar way.
 2025-05-15 11:19:28 +02:00
Ivan Gabaldon
5451ab243a [fix] fix security.yml workflow (#4735) 
Uploading SARIFs needs to write into the repository GitHub security tab
 2025-05-08 17:13:07 +02:00
Ivan Gabaldon
01a07f34b2 [mod] CI refactor security.yml - style and cleanup changes (#4731) 2025-05-08 14:44:22 +02:00
Markus Heiser
8c610404bd [upd] upgrade: github actions / to ubuntu: 24.04 / to nvm: node 20.15 
- ubuntu-20.04 --> ubuntu-24.04

Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
 2025-02-07 17:05:06 +01:00
Markus Heiser
c4055e449f [fix] issues reported by make test.yamllint 
Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
 2024-11-06 08:16:21 +01:00
Markus Heiser
b56db4e04e [CI] upgrade actions/checkout@v4 & actions/upload-artifact@v3 
Closes: https://github.com/searxng/searxng/issues/2777#issuecomment-1720958570
Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
 2023-09-15 14:45:54 +02:00
Alexandre FLAMENT
1f78445d88 GitHub worfklow: add daily security check using trivy 2022-08-31 18:38:59 +00:00