oysteikt
/
mpd
0
0
Fork 0
Code Issues Pull Requests Releases Activity
17,942 Commits 1 Branch 144 Tags 56 MiB
Commit Graph

28 Commits

Author SHA1 Message Date
Max Kellermann 3cc770a00b remove obsolete Boost dependency 
Boost makes building a piece of software much more difficult than
necessary.  It's a huge library, and just uncompressing it takes a
considerable amount of time. MPD only used a tiny fraction of it, yet
its header bloat made the MPD build very slow.  Locating Boost was
difficult due to its arcane build system and its resistance to use
pkg-config; it's always a special case.  MPD could never use features
of newer Boost versions because Linux distributions always shipped old
Boost versions.  Boost made everything complicated and slow.

So, finally, after getting rid of GLib (commit ccdb94b06c), switching
to C++ and using Boost (commit 0801b3f495), we've finally get rid of
it 8 years later.

Unfortunately, I had to reimplement parts of it along the way
(e.g. IntrusiveList).  Kind of NIH, but on the other hand, compiling
MPD has become much easier for users.
 2023-01-23 15:06:58 +01:00
Alex 8b1ff3f005
build: harden build.yml permissions 
This PR adds explicit [permissions section](https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions) to workflows. This is a security best practice because by default workflows run with [extended set of permissions](https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token) (except from `on: pull_request` [from external forks](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)). By specifying any permission explicitly all others are set to none. By using the principle of least privilege the damage a compromised workflow can do (because of an [injection](https://securitylab.github.com/research/github-actions-untrusted-input/) or compromised third party tool or action) is restricted.
It is recommended to have [most strict permissions on the top level](https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions) and grant write permissions on [job level](https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs) case by case.

Signed-off-by: Alex <aleksandrosansan@gmail.com>
 2022-12-09 11:28:26 +01:00
Max Kellermann 20310437d0 .github/workflows/build.yml: build with Ubuntu 22.04 as well 2022-07-13 12:41:04 +02:00
Max Kellermann d29e1544bf .github/workflows/build.yml: explicitly select ubuntu-20.04 
According to https://github.com/actions/virtual-environments
"ubuntu-latest" maps to "ubuntu-20.04", even though "ubuntu-22.04" is
also available.  Since our job description is very specific to
"ubuntu-20.04", let's select this explicitly.
 2022-07-13 12:37:02 +02:00
Marceline Cramer 18ebd42c52
.github: Add reminder to include backtrace in issue template 2022-07-04 10:32:58 -06:00
Max Kellermann dcf39ee44e .github/workflows/build.yml: add "python-version: 3.x" 
This appears to be necessary as of actions/setup-python@v4 (commit
45d908e25f).
 2022-06-13 21:37:04 +02:00
dependabot[bot] 45d908e25f
build(deps): bump actions/setup-python from 3 to 4 
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 3 to 4.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](https://github.com/actions/setup-python/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-06-13 15:23:52 +00:00
Max Kellermann b4f454a553
Merge pull request #1548 from MusicPlayerDaemon/dependabot/github_actions/actions/setup-python-3 
build(deps): bump actions/setup-python from 1 to 3
 2022-06-08 12:56:55 +02:00
dependabot[bot] e2d6bb7444
build(deps): bump actions/checkout from 2 to 3 
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-06-05 08:28:29 +00:00
dependabot[bot] f89916e6fb
build(deps): bump actions/setup-python from 1 to 3 
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 1 to 3.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](https://github.com/actions/setup-python/compare/v1...v3)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-06-05 08:28:27 +00:00
naveen 7d95b15cbc chore: Included githubactions in the dependabot config 
This should help with keeping the GitHub actions updated on new releases. This will also help with keeping it secure.

Dependabot helps in keeping the supply chain secure https://docs.github.com/en/code-security/dependabot

GitHub actions up to date https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot

https://github.com/ossf/scorecard/blob/main/docs/checks.md#dependency-update-tool
Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
 2022-06-05 01:30:13 +00:00
Max Kellermann 2730f91872 .github/workflows/build.yml: build everything, not just unit tests (Linux) 2022-05-23 21:32:42 +02:00
Max Kellermann 97ca85e155 .github/workflows/build.yml: verbose build (Linux) 2022-05-23 21:32:02 +02:00
Max Kellermann 39bb4c5871 .github/workflows/build.yml: build everything, not just unit tests 2022-05-23 21:28:28 +02:00
Max Kellermann bdceb90c59 .github/workflows/build.yml: verbose build 2022-05-23 21:25:28 +02:00
Max Kellermann a009e95afd .github/ISSUE_TEMPLATE/bug_report.md: add "Configuration" section 2022-05-19 09:26:21 +02:00
Max Kellermann 32aafb3572 .github/ISSUE_TEMPLATE/question.md: remove, we have GitHub discussions now 2022-05-19 09:25:00 +02:00
Max Kellermann b577783cf0 .github/FUNDING.yml: remove, no funding 
This was an experiment, but I decided I don't need that.
 2022-05-19 09:24:22 +02:00
Max Kellermann aa7b872a14 .github/workflows/build.yml: run "apt-get update" 
The build has been failing for a week or two because the package lists
in the image are outdated.
 2022-05-19 09:23:08 +02:00
Max Kellermann b9cc036703 .github/workflows/build.yml: rebuild branch v0.23.x 2021-12-03 23:00:42 +01:00
Max Kellermann f01388559f .github/workflows/build.yml: fix the ccache.key 2021-11-26 13:32:48 +01:00
Max Kellermann 27edd4a610 .github/workflows: merge build-{linux,macos}.yml into one 2021-11-26 13:32:08 +01:00
Max Kellermann fd5b195879 .github/workflows/build-macos.yml: use actions/setup-python@v1 
Without it, BSFishy/meson-build defaults to /usr/local/bin/python,
which is Python 2.
 2021-11-23 12:17:32 +01:00
Max Kellermann bb5df9839d .github/workflows/build-macos.yml: install Meson, ninja and Boost 2021-11-23 12:17:32 +01:00
Max Kellermann be34d55291 .github/workflows: add macOS build 2021-11-23 11:41:40 +01:00
Max Kellermann c13911b171 .github/workflows: auto-build with GitHub Actions 2021-11-23 10:45:14 +01:00
Max Kellermann ff2e584bde
Create FUNDING.yml 2020-01-20 14:30:52 +01:00
Max Kellermann 45a091c00c .github: add issue templates 2019-05-20 16:44:02 +02:00