1
0
mirror of https://github.com/kremalicious/metamask-extension.git synced 2024-12-23 09:52:26 +01:00
Commit Graph

41 Commits

Author SHA1 Message Date
ricky
f58e2552c3
use PAT for GITHUB_TOKEN (#13307)
Use `secrets.METAMASKBOT_CROWDIN_TOKEN` for `GITHUB_TOKEN`

ref: https://docs.github.com/en/actions/security-guides/automatic-token-authentication#using-the-github_token-in-a-workflow

> When you use the repository's GITHUB_TOKEN to perform tasks on behalf of the GitHub Actions app, events triggered by the GITHUB_TOKEN will not create a new workflow run. This prevents you from accidentally creating recursive workflow runs. For example, if a workflow run pushes code using the repository's GITHUB_TOKEN, a new workflow will not run even when the repository contains a workflow configured to run when push events occur.
2022-01-13 17:45:07 -05:00
Mark Stacey
14704917c6
Update Bug Report issue template (#13267)
The "Bug Report" issue template now uses the new "issue form" GitHub
feature[1], which allows creating issues using a web form. This form
should be more effective in encouraging submitters to fill out the
required fields.

This form includes a new field for error messages or log output, and
for the build type the user was using (e.g. Flask).

[1]: https://docs.github.com/en/communities/using-templates-to-encourage-useful-issues-and-pull-requests/configuring-issue-templates-for-your-repository#creating-issue-forms
2022-01-11 15:02:17 -03:30
Alex Donesky
211c5afb7b
add crowdin-bot to the CLA allowlist (#13193) 2022-01-03 13:48:56 -06:00
ricky
163d472fdf
Add crowdin configuration and github action (#12552)
* add crowdin.yml

* add crowdin_action.yml

* remove comments

* test on this branch

* use SHA

* only run on develop
2021-12-09 16:53:58 -05:00
kumavis
0a8f94af81
Create codeql-analysis.yml (#12652) 2021-11-10 17:28:25 -10:00
Ilan
fa52753d00
Update bug-report.md (#12368) 2021-10-18 10:34:04 -07:00
Mark Stacey
fae857d1c0
Fix CLA Signature bot workflow (#11250)
In a recent PR (#11240) the workflow was updated to explicitly add the
required permissions. Unfortunately the "pull-requests" permission was
added with a space instead of a dash, which apparently breaks the
workflow. It now has a dash, as shown in the example in the docs [1].

[1]: https://docs.github.com/en/actions/reference/authentication-in-a-workflow#example-1-passing-the-github_token-as-an-input
2021-06-07 18:13:31 -02:30
Mark Stacey
a58c66af1f
Restore CLA bot permissions (#11240)
The CLA bot had its write permissions revoked recently when our
organization-wide settings were updated to restrict actions to read
access by default. This PR restores write access to PRs and to the
repository itself for the CLA bot. It needs PR write access to leave
comments, and needs write access to the repo itself to commit new
signatures.
2021-06-07 11:27:15 -02:30
ricky
c87f8547a0
Update config.yml (#11217)
Use `community.metamask.io` for "Request a new feature"
2021-06-01 12:22:51 -04:00
Mark Stacey
0c627fa4f3
Update the CLA Signature bot to v3.0.2 (#10947)
This update includes support for PRs with >100 commits.
2021-04-28 20:15:47 -02:30
Erik Marks
9d4b8a4903
@metamask/contract-metadata (#9968) 2020-12-01 14:55:01 -08:00
Whymarrh Whitby
9b4b4a05fa
Add eth-contract-metadata to Dependabot auto-updates (#9734)
This change adds `eth-contract-metadata` to the list of packages that Dependabot will autoupdate.
2020-10-27 14:53:38 -02:30
David Walsh
8edeca83b0 Fix pull request template location 2020-10-23 11:39:41 -05:00
Whymarrh Whitby
055f008c0d
Add a GitHub Dependabot config (#9664)
This change adds a GitHub Dependabot configuration to enable daily checks for dependency updates.

[See the docs for more information.][1]

  [1]:https://docs.github.com/en/free-pro-team@latest/github/administering-a-repository/configuration-options-for-dependency-updates

This config enables checking for dependencies in the root `package.json` file (`directory`) every weekday (`schedule.interval`) only for lockfile updates, ignoring any new versions that would require package manifest changes. (if necessary, `versioning-strategy`). This is all restricted to the organization's `@metamask/*` packages.
2020-10-23 12:24:10 -02:30
David Walsh
f264ed078c Add pull request template 2020-10-21 15:24:30 -05:00
David Walsh
12f0c2161d
Better format the issue template (#9535) 2020-10-09 13:15:41 -02:30
Whymarrh Whitby
bffa035bc7
Add MetaMask Bot to the CLA allow list (#9426) 2020-09-16 17:42:16 -02:30
Whymarrh Whitby
cd7a3a687b
Update allow list for CLA, fix Dependabot (#9400)
This change updates the Dependabot name in the allow list of the CLA workflow.
2020-09-14 14:59:15 -02:30
Mark Stacey
7ba2310726
Update CLA bot (#9389)
The `cla-signature-bot` has been updated to `v3.0.1`. This update
includes a bug fix for PRs that have over 100 comments.
2020-09-10 13:35:03 -03:00
Brad Decker
380ed78a34
add external links to github issue routing (#9351) 2020-09-09 11:49:21 -05:00
Mark Stacey
885bd13160
Add CLA Signature bot (#9310)
The CLA signature bot will check the authors of each PR to ensure they
have all signed the CLA. If any authors still need to sign the CLA, it
will leave a comment explaining how it can be signed, and will check
back upon each comment to see if it has been signed.

The bot used is `MetaMask/cla-signature-bot`, which is a fork of
`Roblox/cla-signature-bot`. The fork has a couple of improvements, and
it updated the PR comment text to be more appropriate for our usage.

Currently the only user on the `allowlist` is `dependabot`, but any public
members of the MetaMask organization will also be exempt from needing
to sign the CLA due to the `allow-organization-members` setting.

The signatures are stored in `cla.json` on the `cla-signatures` branch,
which is in this repository as a distinct root. We can consider moving
this to a separate repository in the future - this was just easier to
setup.
2020-08-26 13:48:35 -03:00
Whymarrh Whitby
1c3d915aa3
Update CODEOWNERS (#8600) 2020-05-15 15:33:28 -02:30
Whymarrh Whitby
e2bf779acd
Add @kumavis for CircleCI and dev directories (#8394) 2020-04-23 14:09:26 -02:30
Whymarrh Whitby
dde5a8aa19
Update CODEOWNERS for the whole repo (#8392)
The whole of the extension team is now an owner // @MetaMask/extension-team
2020-04-23 12:53:23 -02:30
Jenny Pollack
57035c6410
add jenny to codeowners (#8219) 2020-03-19 16:28:38 -03:00
Whymarrh Whitby
126457dee6
Update transactions CODEOWNERS (#8058) 2020-02-17 21:38:31 -03:30
Whymarrh Whitby
739b5dfe72
Move issue template and contributing doc to .github (#7952) 2020-01-30 10:30:30 -03:30
Erik Marks
87b95205fc
Update codeowners (#7813) 2020-01-13 11:04:10 -08:00
Whymarrh Whitby
b19481b259 Update COs for tx module (#7812) 2020-01-13 09:12:38 -08:00
Thomas Huang
4f79b924e4
Upodate Bug Report Template (#7716)
Require Reproduction Steps
Expand examples to get version numbers of browsers and hd wallets
2019-12-19 10:44:45 -08:00
Miranda Ruiz
69def1fcab Create FUNDING.yml (#7669)
* Add our opencollective page
2019-12-12 12:34:40 -04:00
kumavis
e1efb4d7ac
ci - install deps - limit install scripts to whitelist (#7208)
* ci - install deps - limit install scripts to those needed for build

* Update .circleci/scripts/deps-install.sh

Co-Authored-By: Mark Stacey <markjstacey@gmail.com>

* ci - install deps - expand install scripts needed for tests

* ci - install deps - expand install scripts needed for integration tests

* ci - install deps - fix node-sass script ref

* github - set codeowners for scripts/deps-install

* development - add utility to show deps with install scripts

* lint fix

* deps - move read-installed to devDeps
2019-09-25 20:01:10 +08:00
Mark Stacey
dadda918b4
Update code owners of manifest and lockfile (#6953) 2019-08-02 17:44:00 -02:30
Mark Stacey
1fd3dc9ecf
Switch from npm to yarn (#6843)
As a solution to the constant lockfile churn issues we've had with
`npm`, the project now uses `yarn` to manage dependencies.

The `package-lock.json` file has been replaced with `yarn.lock`, which
was created using `yarn import`. It should approximate the contents of
`package-lock.json` fairly well, though there may be some changes due to
deduplication. The codeowners file has been updated to reference this
new lockfile.

All documentation and npm scripts have been updated to reference `yarn`
rather than `npm`. Note that running scripts using `npm run` still works
fine, but it seemed better to switch those to `yarn` as well to avoid
confusion.

The `npm-audit` Bash script has been replaced with `yarn-audit`. The
output of `yarn audit` is a bit different than `npm audit` in that it
returns a bitmask to describe which severity issues were found. This
made it simpler to check the results directly from the Bash script, so
the associated `npm-audit-check.js` script was no longer required. The
output should be exactly the same, and the information is still sourced
from the same place (the npm registry).

The new `yarn-audit` script does have an external dependency: `jq`.
However, `jq` is already assumed to be present by another CI script, and
is present on all CI images we use. `jq` was not added to `package.json`
as a dependency because there is no official package on the npm
registry, just wrapper scripts. We don't need it anywhere exept on CI
anyway.

The section in `CONTRIBUTING` about how to develop inside the
`node_modules` folder was removed, as the advice was a bit dated, and
wasn't specific to this project anyway.
2019-07-30 15:36:23 -03:00
Dan Finlay
91cda027c9 Add Mark Stacey (Kyokan) to UI CodeOwners (#6798) 2019-07-03 22:34:44 -02:30
Whymarrh Whitby
c70ef95338 Add codeowner for package*.json files 2019-06-21 05:50:06 -02:30
Whymarrh Whitby
b4e7e0ec0f
Update UI codeowners 2019-01-30 10:32:04 -03:30
bobby dresser
da0510809b encourage stackexchange in issue templates (#5737) 2018-11-13 13:54:03 -03:30
bobby dresser
438fd5bce0
remove duplicate template (#5016) 2018-08-09 10:48:10 -07:00
bobby dresser
6fb790e9a8
Create issue templates (#4972)
adds issue templates
2018-08-09 10:09:33 -07:00
Dan Finlay
c3c0193a64 Added codeowners file 2018-07-17 20:14:53 -07:00