Commit Graph

279 Commits

Author SHA1 Message Date
Ray fa374f9cc9 Update webassembly.yml 2024-08-17 00:44:33 +02:00
Alexandre Almeida 9a8d73e6c3
Fix GLFW runtime platform detection (#3863)
* Fix GLFW runtime platform detection

* Add libwayland-dev package to workflows

* Add libxkbcommon-dev package to workflows

* Add libwayland-bin package to codeql.yml

* Add libwayland-client0 and libwayland-cursor0 packages to codeql.yml

* Use libwayland-dev in codeql.yml

* Add libxkbcommon-dev to codeql.yml

* Remove libwayland-bin from linux.yml and linux_examples.yml (libwayland-dev includes it as a dependency)

---------

Co-authored-by: Ray <raysan5@gmail.com>
2024-03-14 16:54:39 +01:00
Ray 17d631f508
Update codeql.yml 2024-03-12 22:51:16 +01:00
Ray c7b362d19d
Update cmake.yml 2024-03-05 14:04:32 +01:00
Ray 38bdcafea1
Update cmake.yml 2024-03-05 14:02:57 +01:00
Ray 2114e48393
Update cmake.yml 2024-03-05 14:00:56 +01:00
Ray 36dabe485c
Update cmake.yml 2024-03-05 13:59:36 +01:00
Ray 7584b6aa0b
Update cmake.yml 2024-03-04 20:08:59 +01:00
Ray 6e9dcdb599
Update linux_examples.yml 2024-03-04 19:59:04 +01:00
Ray c970afeccd
Update linux.yml 2024-03-04 19:58:49 +01:00
Ray 77eeb0010e Updated workflows 2024-02-18 12:06:16 +01:00
Ray dc7f81a7b0 Update workflows to use latest actions/upload-artifact 2024-02-13 16:15:18 +01:00
Ray abe243d469
Update linux.yml 2024-02-13 16:13:46 +01:00
Ray be78255bea
Update codeql.yml: Exclude src/external files 2024-01-08 01:13:44 +01:00
seiren 0a25a3ed70
Update raylib_api.* by CI (#3692)
* wip: add parse.yml

* Temporarily force run

* Auto commit parse files

* Update raylib_api.* by CI

* Remove temporary setting

* format

---------

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2023-12-31 15:06:46 +01:00
Ray 386bf890a0 Merge branch 'master' of https://github.com/raysan5/raylib 2023-11-06 20:06:46 +01:00
Ray adaecba162 Update codeql.yml 2023-11-06 20:06:30 +01:00
Ray 9c816bbac1
Update codeql.yml 2023-11-06 19:59:30 +01:00
Ray a810976aa6 REVIEWED: `CodeQL` workflow, cleaning and organization 2023-11-06 19:53:44 +01:00
b4yuan b216e2fc98
Add CodeQL Workflow for Code Security Analysis (#3476)
* Add CodeQL Workflow for Code Security Analysis

Add CodeQL Workflow for Code Security Analysis

This pull request introduces a CodeQL workflow to enhance the security analysis of our repository. CodeQL is a powerful static analysis tool that helps identify and mitigate security vulnerabilities in our codebase. By integrating this workflow into our GitHub Actions, we can proactively identify and address potential issues before they become security threats.

We added a new CodeQL workflow file (.github/workflows/codeql.yml) that
- Runs on every push and pull request to the main branch.
- Excludes queries with a high false positive rate or low-severity findings.
- Does not display results for third-party code, focusing only on our own codebase.

Testing:
To validate the functionality of this workflow, we have run several test scans on the codebase and reviewed the results. The workflow successfully compiles the project, identifies issues, and provides actionable insights while reducing noise by excluding certain queries and third-party code.

Deployment:
Once this pull request is merged, the CodeQL workflow will be active and automatically run on every push and pull request to the main branch. To view the results of these code scans, please follow these steps:
1. Under the repository name, click on the Security tab.
2. In the left sidebar, click Code scanning alerts.

Additional Information:
- You can further customize the workflow to adapt to your specific needs by modifying the workflow file.
- For more information on CodeQL and how to interpret its results, refer to the GitHub documentation and the CodeQL documentation.

Signed-off-by: Brian <bayuan@purdue.edu>

* Add CodeQL Workflow for Code Security Analysis

Add CodeQL Workflow for Code Security Analysis

This pull request introduces a CodeQL workflow to enhance the security analysis of our repository. CodeQL is a powerful static analysis tool that helps identify and mitigate security vulnerabilities in our codebase. By integrating this workflow into our GitHub Actions, we can proactively identify and address potential issues before they become security threats.

We added a new CodeQL workflow file (.github/workflows/codeql.yml) that
- Runs on every pull request (functionality to run on every push to main branches is included as a comment for convenience).
- Runs daily.
- Excludes queries with a high false positive rate or low-severity findings.
- Does not display results for git submodules, focusing only on our own codebase.

Testing:
To validate the functionality of this workflow, we have run several test scans on the codebase and reviewed the results. The workflow successfully compiles the project, identifies issues, and provides actionable insights while reducing noise by excluding certain queries and third-party code.

Deployment:
Once this pull request is merged, the CodeQL workflow will be active and automatically run on every push and pull request to the main branch. To view the results of these code scans, please follow these steps:
1. Under the repository name, click on the Security tab.
2. In the left sidebar, click Code scanning alerts.

Additional Information:
- You can further customize the workflow to adapt to your specific needs by modifying the workflow file.
- For more information on CodeQL and how to interpret its results, refer to the GitHub documentation and the CodeQL documentation (https://codeql.github.com/ and https://codeql.github.com/docs/).

Signed-off-by: Brian <bayuan@purdue.edu>

* Add CodeQL Workflow for Code Security Analysis

Add CodeQL Workflow for Code Security Analysis

This pull request introduces a CodeQL workflow to enhance the security analysis of our repository. CodeQL is a powerful static analysis tool that helps identify and mitigate security vulnerabilities in our codebase. By integrating this workflow into our GitHub Actions, we can proactively identify and address potential issues before they become security threats.

We added a new CodeQL workflow file (.github/workflows/codeql.yml) that
- Runs on every pull request (functionality to run on every push to main branches is included as a comment for convenience).
- Runs daily.
- Excludes queries with a high false positive rate or low-severity findings.
- Does not display results for git submodules, focusing only on our own codebase.

Testing:
To validate the functionality of this workflow, we have run several test scans on the codebase and reviewed the results. The workflow successfully compiles the project, identifies issues, and provides actionable insights while reducing noise by excluding certain queries and third-party code.

Deployment:
Once this pull request is merged, the CodeQL workflow will be active and automatically run on every push and pull request to the main branch. To view the results of these code scans, please follow these steps:
1. Under the repository name, click on the Security tab.
2. In the left sidebar, click Code scanning alerts.

Additional Information:
- You can further customize the workflow to adapt to your specific needs by modifying the workflow file.
- For more information on CodeQL and how to interpret its results, refer to the GitHub documentation and the CodeQL documentation (https://codeql.github.com/ and https://codeql.github.com/docs/).

Signed-off-by: Brian <bayuan@purdue.edu>

* Add CodeQL Workflow for Code Security Analysis

Add CodeQL Workflow for Code Security Analysis

This pull request introduces a CodeQL workflow to enhance the security analysis of our repository. CodeQL is a powerful static analysis tool that helps identify and mitigate security vulnerabilities in our codebase. By integrating this workflow into our GitHub Actions, we can proactively identify and address potential issues before they become security threats.

We added a new CodeQL workflow file (.github/workflows/codeql.yml) that
- Runs on every pull request (functionality to run on every push to main branches is included as a comment for convenience).
- Runs daily.
- Excludes queries with a high false positive rate or low-severity findings.
- Does not display results for git submodules, focusing only on our own codebase.

Testing:
To validate the functionality of this workflow, we have run several test scans on the codebase and reviewed the results. The workflow successfully compiles the project, identifies issues, and provides actionable insights while reducing noise by excluding certain queries and third-party code.

Deployment:
Once this pull request is merged, the CodeQL workflow will be active and automatically run on every push and pull request to the main branch. To view the results of these code scans, please follow these steps:
1. Under the repository name, click on the Security tab.
2. In the left sidebar, click Code scanning alerts.

Additional Information:
- You can further customize the workflow to adapt to your specific needs by modifying the workflow file.
- For more information on CodeQL and how to interpret its results, refer to the GitHub documentation and the CodeQL documentation (https://codeql.github.com/ and https://codeql.github.com/docs/).

Signed-off-by: Brian <bayuan@purdue.edu>

* Run CodeQL Analysis weekly + incorporate build script into WF

* remove: fail_on_error.py

* update: codeql.yml

---------

Signed-off-by: Brian <bayuan@purdue.edu>
2023-11-06 19:11:41 +01:00
Ray c9020ece5d Update linux.yml 2023-09-19 18:52:40 +02:00
Ray 2e7a7877a5 Update webassembly.yml 2023-09-12 15:11:16 +02:00
ubkp 8096f142ec
Add a new task the issue template about checking the wiki (#3169) 2023-07-12 12:02:33 +02:00
Ray a3b7bd0891
Update webassembly.yml 2023-03-13 11:44:49 +01:00
Ray c04c3668cb
Update windows.yml 2022-12-10 13:09:05 +01:00
Ray 855a5f3701
Update windows.yml 2022-12-10 13:06:13 +01:00
Ray 6d59a21e99
Update windows.yml 2022-12-10 13:01:57 +01:00
Ray 935a306b29
Update windows.yml 2022-12-10 12:44:25 +01:00
Ray bbf9935828 Update github workflows 2022-11-28 21:03:21 +01:00
Ray 656f47b7cc
Update cmake.yml 2022-11-15 12:23:24 +01:00
Ray 2a88dc9bb7
Update linux_examples.yml 2022-11-15 12:22:26 +01:00
Ray a598754b5b
Update windows.yml 2022-09-01 11:04:10 +02:00
Ray bb4d9297b5
Update windows.yml 2022-09-01 10:52:03 +02:00
Ray 4938966e76
Update windows.yml 2022-09-01 10:45:30 +02:00
Ray cabaa53302
Update windows.yml 2022-09-01 10:44:25 +02:00
Ray bfab101ac2
Update windows.yml 2022-09-01 10:42:11 +02:00
Ray d658e6772d
Update android.yml 2022-08-11 20:26:45 +02:00
Ray 965057dbe2
Update android.yml 2022-08-11 20:25:58 +02:00
Ray b38dceb2de
Update android.yml 2022-08-11 20:22:42 +02:00
Ray 764254d93e
Update android.yml 2022-08-11 20:16:48 +02:00
Ray b55cb32d9b
Update android.yml 2022-08-11 20:10:59 +02:00
Ray 931af3a242
Update windows.yml 2022-08-11 20:04:59 +02:00
Richard Smith f7e1550eea
Fix fat universal (arm64 + x86_64) macos Github Actions build (#2567)
* test if clang supports multiple targets

* didnt work, so trying lipo to join separate targets together

* add CUSTOM_LDFLAGS to try to fix arm64 mac dynamic build

* fix sym links

* try again to fix sym links

* auto extract raylib version numbers from makefile

* fix macos missing gnu grep

* dont use custom name for raylib dlls
2022-07-08 07:57:10 +02:00
Ray 9c676e599e Update android.yml 2022-06-06 20:53:48 +02:00
Ray 609d92003b WARNING: REMOVED `raygui` from `raylib/src/extras` 2022-06-06 11:11:39 +02:00
Naveen 023eb3380d
chore: Set permissions for GitHub actions (#2496)
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.

- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)

Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
2022-05-31 23:23:12 +02:00
Ray 79992a8d50
Update linux.yml 2021-12-29 19:05:23 +01:00
Ray be5f36444d
Update macos.yml 2021-12-29 19:05:00 +01:00
Ray b1607ad9e7
Update linux.yml 2021-12-29 19:01:20 +01:00
Ray 93f05d851d
Update webassembly.yml 2021-12-06 18:37:44 +01:00