From aa9a32c0894ba692827341dbe40cfc263601e3ad Mon Sep 17 00:00:00 2001 From: Florian Apolloner Date: Mon, 8 Jan 2024 12:34:24 +0100 Subject: [PATCH 01/11] Fix `ms-python.python` build (#736) --- extensions.json | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/extensions.json b/extensions.json index 528b7f073..90c3b4b90 100644 --- a/extensions.json +++ b/extensions.json @@ -854,7 +854,18 @@ }, "ms-python.python": { "repository": "https://github.com/microsoft/vscode-python", - "prepublish": "npx gulp installPythonLibs && python3 -m pip --disable-pip-version-check install packaging && python3 ./pythonFiles/install_debugpy.py && python3 ./pythonFiles/download_get_pip.py && python3 ./build/update_ext_version.py --release --for-publishing && npm run addExtensionPackDependencies && DISABLE_TRANSLATIONS=true npm run package", + "custom": [ + "python -m pip install -U pip", + "python -m pip install wheel", + "python -m pip install --no-deps --require-hashes --only-binary :all: -t ./pythonFiles/lib/python --implementation py -r requirements.txt", + "python -m pip --disable-pip-version-check install packaging", + "python ./pythonFiles/install_debugpy.py", + "python ./pythonFiles/download_get_pip.py", + "python -m pip install --no-deps --require-hashes --only-binary :all: -t ./pythonFiles/lib/jedilsp --implementation py --platform any --abi none -r ./pythonFiles/jedilsp_requirements/requirements.txt", + "npm ci --prefer-offline", + "npm run addExtensionPackDependencies", + "npm run package" + ], "extensionFile": "ms-python-insiders.vsix", "pythonVersion": "3.8", "timeout": 30 From 36df98f1308c05cae1e210ebd617fc14c7383187 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 7 Feb 2024 23:36:43 +0100 Subject: [PATCH 02/11] =?UTF-8?q?=E2=AC=86=EF=B8=8F=20deps(gha):=20Bump=20?= =?UTF-8?q?actions/setup-node=20from=204.0.1=20to=204.0.2=20(#739)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/publish-extensions.yml | 4 ++-- .github/workflows/publish-once.yml | 2 +- .github/workflows/validate-pr.yml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/publish-extensions.yml b/.github/workflows/publish-extensions.yml index e96b0a814..a7670e2e0 100644 --- a/.github/workflows/publish-extensions.yml +++ b/.github/workflows/publish-extensions.yml @@ -31,7 +31,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - - uses: actions/setup-node@v4.0.1 + - uses: actions/setup-node@v4.0.2 with: node-version: "18.x" - uses: oven-sh/setup-bun@v1 @@ -93,7 +93,7 @@ jobs: if: ${{ !github.event.inputs.extensions }} # only run on full runs steps: - uses: actions/checkout@v4 - - uses: actions/setup-node@v4.0.1 + - uses: actions/setup-node@v4.0.2 with: node-version: "18.x" - run: npm install diff --git a/.github/workflows/publish-once.yml b/.github/workflows/publish-once.yml index 739ce1037..81e0635c5 100644 --- a/.github/workflows/publish-once.yml +++ b/.github/workflows/publish-once.yml @@ -19,7 +19,7 @@ jobs: name: node publish-extensions runs-on: ubuntu-latest steps: - - uses: actions/setup-node@v4.0.1 + - uses: actions/setup-node@v4.0.2 with: node-version: "18.x" - name: Download extension file diff --git a/.github/workflows/validate-pr.yml b/.github/workflows/validate-pr.yml index c72566c69..f627e4eaf 100644 --- a/.github/workflows/validate-pr.yml +++ b/.github/workflows/validate-pr.yml @@ -14,7 +14,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - - uses: actions/setup-node@v4.0.1 + - uses: actions/setup-node@v4.0.2 with: node-version: "18.x" - uses: oven-sh/setup-bun@v1 From ea81ba01062843d094c480b694bb8d7a0284beac Mon Sep 17 00:00:00 2001 From: Alexandre ZANNI <16578570+noraj@users.noreply.github.com> Date: Tue, 13 Feb 2024 11:09:09 +0100 Subject: [PATCH 03/11] add MS-SarifVSCode.sarif-viewer (#738) --- extensions.json | 3 +++ 1 file changed, 3 insertions(+) diff --git a/extensions.json b/extensions.json index 90c3b4b90..ef48a9164 100644 --- a/extensions.json +++ b/extensions.json @@ -870,6 +870,9 @@ "pythonVersion": "3.8", "timeout": 30 }, + "MS-SarifVSCode.sarif-viewer": { + "repository": "https://github.com/Microsoft/sarif-vscode-extension" + }, "ms-toolsai.jupyter": { "repository": "https://github.com/microsoft/vscode-jupyter", "custom": [ From a9c877034d9a9245fc8158893cd2f401e10deeeb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Filip=20Tron=C3=AD=C4=8Dek?= Date: Tue, 13 Feb 2024 14:49:17 +0100 Subject: [PATCH 04/11] Add `ms-python.debugpy` (#744) --- extensions.json | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/extensions.json b/extensions.json index ef48a9164..fc618e981 100644 --- a/extensions.json +++ b/extensions.json @@ -803,6 +803,18 @@ ], "extensionFile": "black-formatter.vsix" }, + "ms-python.debugpy": { + "repository": "https://github.com/microsoft/vscode-python-debugger", + "custom": [ + "python -m pip install -U pip pipx wheel", + "npm ci --prefer-offline", + "python -m pipx run nox --session install_bundled_libs", + "vsce package --target=linux-x64", + "vsce package --target=darwin-arm64", + "vsce package --target=win32-x64" + ], + "target": ["linux-x64", "darwin-arm64", "win32-x64"] + }, "ms-python.flake8": { "repository": "https://github.com/microsoft/vscode-flake8", "custom": [ From 967e44ef54022446d5ca8cbacfefc5fc602976af Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Filip=20Tron=C3=AD=C4=8Dek?= Date: Tue, 13 Feb 2024 20:59:29 +0100 Subject: [PATCH 05/11] [Snyk] Security upgrade octokit from 2.1.0 to 3.1.2 (#728) Co-authored-by: snyk-bot --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 55bf65a2a..2ea8aa488 100644 --- a/package.json +++ b/package.json @@ -34,7 +34,7 @@ "find-up": "^5.0.0", "human-number": "^2.0.0", "minimist": "^1.2.5", - "octokit": "^2.0.2", + "octokit": "^3.1.2", "ovsx": "latest", "semver": "^7.1.3" }, From e70fe035c6e2ccfd735eeb07d43034d38d61b33a Mon Sep 17 00:00:00 2001 From: Aart van Baren Date: Tue, 13 Feb 2024 21:27:02 +0100 Subject: [PATCH 06/11] Add SonarCloud to repository (#720) --- .github/workflows/sonar.yml | 69 +++++++++++++++++++++++++++++++ .github/workflows/validate-pr.yml | 11 +++++ sonar-project.properties | 12 ++++++ 3 files changed, 92 insertions(+) create mode 100644 .github/workflows/sonar.yml create mode 100644 sonar-project.properties diff --git a/.github/workflows/sonar.yml b/.github/workflows/sonar.yml new file mode 100644 index 000000000..de926f2ea --- /dev/null +++ b/.github/workflows/sonar.yml @@ -0,0 +1,69 @@ +name: Sonar +on: + workflow_run: + workflows: [Validate PR] + types: [completed] +jobs: + sonar: + name: Sonar + runs-on: ubuntu-latest + if: github.event.workflow_run.conclusion == 'success' + steps: + - name: Download PR number artifact + if: github.event.workflow_run.event == 'pull_request' + uses: dawidd6/action-download-artifact@v2 + with: + workflow: Validate PR + run_id: ${{ github.event.workflow_run.id }} + name: PR_NUMBER + - name: Read PR_NUMBER.txt + if: github.event.workflow_run.event == 'pull_request' + id: pr_number + uses: juliangruber/read-file-action@v1 + with: + path: ./PR_NUMBER.txt + - name: Request GitHub API for PR data + if: github.event.workflow_run.event == 'pull_request' + uses: octokit/request-action@v2.x + id: get_pr_data + with: + route: GET /repos/{full_name}/pulls/{number} + number: ${{ steps.pr_number.outputs.content }} + full_name: ${{ github.event.repository.full_name }} + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + - uses: actions/checkout@v3 + with: + repository: ${{ github.event.workflow_run.head_repository.full_name }} + ref: ${{ github.event.workflow_run.head_branch }} + fetch-depth: 0 + - name: Checkout base branch + if: github.event.workflow_run.event == 'pull_request' + run: | + git remote add upstream ${{ github.event.repository.clone_url }} + git fetch upstream + git checkout -B ${{ fromJson(steps.get_pr_data.outputs.data).base.ref }} upstream/${{ fromJson(steps.get_pr_data.outputs.data).base.ref }} + git checkout ${{ github.event.workflow_run.head_branch }} + git clean -ffdx && git reset --hard HEAD + - name: SonarCloud Scan on PR + if: github.event.workflow_run.event == 'pull_request' + uses: sonarsource/sonarcloud-github-action@master + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + with: + args: > + -Dsonar.scm.revision=${{ github.event.workflow_run.head_sha }} + -Dsonar.pullrequest.key=${{ fromJson(steps.get_pr_data.outputs.data).number }} + -Dsonar.pullrequest.branch=${{ fromJson(steps.get_pr_data.outputs.data).head.ref }} + -Dsonar.pullrequest.base=${{ fromJson(steps.get_pr_data.outputs.data).base.ref }} + - name: SonarCloud Scan on push + if: github.event.workflow_run.event == 'push' && github.event.workflow_run.head_repository.full_name == github.event.repository.full_name + uses: sonarsource/sonarcloud-github-action@master + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + with: + args: > + -Dsonar.scm.revision=${{ github.event.workflow_run.head_sha }} + -Dsonar.branch.name=${{ github.event.workflow_run.head_branch }} diff --git a/.github/workflows/validate-pr.yml b/.github/workflows/validate-pr.yml index f627e4eaf..8f7618ecc 100644 --- a/.github/workflows/validate-pr.yml +++ b/.github/workflows/validate-pr.yml @@ -44,3 +44,14 @@ jobs: /tmp/result.md - name: Upload job summary run: cat /tmp/result.md >> $GITHUB_STEP_SUMMARY + - name: Save PR number to file + if: github.event_name == 'pull_request' + run: echo ${{ github.event.number }} > PR_NUMBER.txt + - name: Archive PR number + if: github.event_name == 'pull_request' + uses: actions/upload-artifact@v3 + with: + name: PR_NUMBER + path: PR_NUMBER.txt + + diff --git a/sonar-project.properties b/sonar-project.properties new file mode 100644 index 000000000..a4713829d --- /dev/null +++ b/sonar-project.properties @@ -0,0 +1,12 @@ +sonar.projectKey=open-vsx_publish-extensions +sonar.organization=open-vsx + +# This is the name and version displayed in the SonarCloud UI. +#sonar.projectName=publish-extensions +#sonar.projectVersion=1.0 + +# Path is relative to the sonar-project.properties file. Replace "\" by "/" on Windows. +#sonar.sources=. + +# Encoding of the source code. Default is default system encoding +#sonar.sourceEncoding=UTF-8 From 695ce05cfcecaa3a76c08c0ec510651c86435c99 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 14 Feb 2024 21:57:42 +0100 Subject: [PATCH 07/11] =?UTF-8?q?=E2=AC=86=EF=B8=8F=20deps(gha):=20Bump=20?= =?UTF-8?q?actions/upload-artifact=20from=203=20to=204=20(#747)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/validate-pr.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/validate-pr.yml b/.github/workflows/validate-pr.yml index 8f7618ecc..c97e48868 100644 --- a/.github/workflows/validate-pr.yml +++ b/.github/workflows/validate-pr.yml @@ -49,7 +49,7 @@ jobs: run: echo ${{ github.event.number }} > PR_NUMBER.txt - name: Archive PR number if: github.event_name == 'pull_request' - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: PR_NUMBER path: PR_NUMBER.txt From f12f9b68e9bcdc490363ef86c244c7c170157d14 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 14 Feb 2024 21:57:50 +0100 Subject: [PATCH 08/11] =?UTF-8?q?=E2=AC=86=EF=B8=8F=20deps(gha):=20Bump=20?= =?UTF-8?q?actions/checkout=20from=203=20to=204=20(#745)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/sonar.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/sonar.yml b/.github/workflows/sonar.yml index de926f2ea..f6cb6e1a6 100644 --- a/.github/workflows/sonar.yml +++ b/.github/workflows/sonar.yml @@ -32,7 +32,7 @@ jobs: full_name: ${{ github.event.repository.full_name }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: repository: ${{ github.event.workflow_run.head_repository.full_name }} ref: ${{ github.event.workflow_run.head_branch }} From ff82c870ce203ce9df6b660e1985ff84f443112b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 14 Feb 2024 21:57:57 +0100 Subject: [PATCH 09/11] =?UTF-8?q?=E2=AC=86=EF=B8=8F=20deps(gha):=20Bump=20?= =?UTF-8?q?dawidd6/action-download-artifact=20from=202=20to=203=20(#746)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/sonar.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/sonar.yml b/.github/workflows/sonar.yml index f6cb6e1a6..24b263c90 100644 --- a/.github/workflows/sonar.yml +++ b/.github/workflows/sonar.yml @@ -11,7 +11,7 @@ jobs: steps: - name: Download PR number artifact if: github.event.workflow_run.event == 'pull_request' - uses: dawidd6/action-download-artifact@v2 + uses: dawidd6/action-download-artifact@v3 with: workflow: Validate PR run_id: ${{ github.event.workflow_run.id }} From 72d59b6644d7b9a02c73786c61dccda0c0d56668 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Filip=20Tron=C3=AD=C4=8Dek?= Date: Thu, 15 Feb 2024 13:17:21 +0000 Subject: [PATCH 10/11] Add devcontainer file --- .devcontainer/devcontainer.json | 9 +++++++++ 1 file changed, 9 insertions(+) create mode 100644 .devcontainer/devcontainer.json diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json new file mode 100644 index 000000000..877a350dd --- /dev/null +++ b/.devcontainer/devcontainer.json @@ -0,0 +1,9 @@ +{ + "name": "publish-extensions", + "image": "mcr.microsoft.com/devcontainers/base", + // Features to add to the dev container. More info: https://containers.dev/features. + "features": { + "ghcr.io/shyim/devcontainers-features/bun:0": {}, + "ghcr.io/devcontainers/features/node:1": {} + } +} \ No newline at end of file From 7c598f29463e9ee1a9752d23f580d9d4535c8716 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Filip=20Tron=C3=AD=C4=8Dek?= Date: Thu, 15 Feb 2024 13:45:47 +0000 Subject: [PATCH 11/11] Add some more devcontainer features --- .devcontainer/devcontainer.json | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json index 877a350dd..3d530326f 100644 --- a/.devcontainer/devcontainer.json +++ b/.devcontainer/devcontainer.json @@ -4,6 +4,9 @@ // Features to add to the dev container. More info: https://containers.dev/features. "features": { "ghcr.io/shyim/devcontainers-features/bun:0": {}, - "ghcr.io/devcontainers/features/node:1": {} + "ghcr.io/devcontainers/features/node:1": {}, + "ghcr.io/devcontainers/features/python:1": {}, + "ghcr.io/devcontainers/features/docker-in-docker:2": {}, + "ghcr.io/devcontainers/features/java:1": {} } } \ No newline at end of file