Toxic/Opera-Extensions
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

Move Gitea workflows to repository root
All checks were successful
Build / build (push) Successful in 7s
Details
Release Dry Run / release-dry-run (push) Successful in 5s
Details
Template Compliance / template-compliance (push) Successful in 5s
Details

Browse Source
This commit is contained in:
ToxicCrzay270
2026-05-15 00:43:44 +02:00
parent fe17014aff
commit 91a5d19574
5 changed files with 18 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
.gitea/workflows/build.yml Normal file
View File

@@ -0,0 +1,40 @@
name: Build
on:
push:
branches:
- main
- master
workflow_dispatch:
jobs:
build:
runs-on: ubuntu-latest
defaults:
run:
working-directory: opera-cache-cleaner-extension
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Check background script syntax
run: node --check background.js
- name: Check popup script syntax
run: node --check popup/popup.js
- name: Build extension archive
shell: bash
run: |
rm -rf dist
mkdir -p dist/package
cp manifest.json background.js dist/package/
cp -R popup icons dist/package/
cd dist/package
zip -r ../opera-cache-cleaner-extension.zip .
- name: Upload extension archive
uses: actions/upload-artifact@v3
with:
name: opera-cache-cleaner-extension
path: opera-cache-cleaner-extension/dist/opera-cache-cleaner-extension.zip

46
.gitea/workflows/release-dry-run.yml Normal file
View File

@@ -0,0 +1,46 @@
name: Release Dry Run
on:
push:
branches:
- main
- master
workflow_dispatch:
jobs:
release-dry-run:
runs-on: ubuntu-latest
defaults:
run:
working-directory: opera-cache-cleaner-extension
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Verify release documentation
shell: bash
run: |
test -f README.md
test -f CHANGELOG.md
test -f SECURITY.md
test -f docs/release-checklist.md
test -f docs/security-review.md
- name: Check for unresolved template placeholders
shell: bash
run: |
if grep -RInE 'PROJECT[_]NAME|PROJECT[_]DESCRIPTION|REPOSITORY[_]OWNER|REPOSITORY[_]NAME|PACKAGE[_]NAME|ARTIFACT[_]NAME|ARTIFACT[_]OUTPUT[_]DIRECTORY|BUILD[_]COMMAND|TEST[_]COMMAND|LINT[_]COMMAND|AUDIT[_]COMMAND' . --exclude-dir=.git --exclude-dir=dist; then
echo "Unresolved template placeholders found."
exit 1
fi
- name: Build extension archive
shell: bash
run: |
rm -rf dist
mkdir -p dist/package
cp manifest.json background.js dist/package/
cp -R popup icons dist/package/
cd dist/package
zip -r ../opera-cache-cleaner-extension.zip .
test -s ../opera-cache-cleaner-extension.zip

31
.gitea/workflows/repo-cleanup.yml Normal file
View File

@@ -0,0 +1,31 @@
name: Repository Cleanup
on:
schedule:
- cron: "0 5 * * 1"
workflow_dispatch:
jobs:
cleanup-report:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Report generated or sensitive tracked files
shell: bash
run: |
git ls-files | grep -E '(^opera-cache-cleaner-extension/dist/|^opera-cache-cleaner-extension/build/|^opera-cache-cleaner-extension/out/|\.log$|\.tmp$|\.env|\.pem$|\.key$|\.token$)' && {
echo "Tracked generated or sensitive-looking files found."
exit 1
} || true
- name: Report large tracked files
shell: bash
run: |
large_files="$(git ls-files -z | xargs -0 du -k | awk '$1 > 1024 { print }')"
if [ -n "$large_files" ]; then
echo "$large_files"
echo "Tracked files above 1 MiB should be reviewed."
exit 1
fi

37
.gitea/workflows/security-scan.yml Normal file
View File

@@ -0,0 +1,37 @@
name: Security Scan
on:
schedule:
- cron: "0 4 * * 1"
workflow_dispatch:
jobs:
security-scan:
runs-on: ubuntu-latest
defaults:
run:
working-directory: opera-cache-cleaner-extension
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Check JavaScript syntax
run: |
node --check background.js
node --check popup/popup.js
- name: Scan for risky patterns
shell: bash
run: |
if grep -RInE 'eval\s*\(|new Function|innerHTML\s*=|insertAdjacentHTML|fetch\s*\(|XMLHttpRequest|chrome\.tabs|chrome\.cookies|chrome\.history' background.js popup manifest.json; then
echo "Review the matches above before release."
exit 1
fi
- name: Check manifest permissions
shell: bash
run: |
if grep -qE '"(tabs|cookies|history|downloads|<all_urls>)"' manifest.json; then
echo "Unexpected broad permission found in manifest.json."
exit 1
fi

38
.gitea/workflows/template-compliance.yml Normal file
View File

@@ -0,0 +1,38 @@
name: Template Compliance
on:
push:
branches:
- main
- master
pull_request:
workflow_dispatch:
jobs:
template-compliance:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Verify Codex baseline files
shell: bash
run: |
test -f opera-cache-cleaner-extension/AGENTS.md
test -f opera-cache-cleaner-extension/.codex/project.md
test -f opera-cache-cleaner-extension/SECURITY.md
test -f opera-cache-cleaner-extension/CHANGELOG.md
test -f opera-cache-cleaner-extension/docs/security-review.md
test -f opera-cache-cleaner-extension/docs/release-checklist.md
test -f .gitea/workflows/build.yml
test -f .gitea/workflows/security-scan.yml
test -f .gitea/workflows/repo-cleanup.yml
test -f .gitea/workflows/release-dry-run.yml
- name: Check for unresolved template placeholders
shell: bash
run: |
if grep -RInE 'PROJECT[_]NAME|PROJECT[_]DESCRIPTION|REPOSITORY[_]OWNER|REPOSITORY[_]NAME|PACKAGE[_]NAME|ARTIFACT[_]NAME|ARTIFACT[_]OUTPUT[_]DIRECTORY|BUILD[_]COMMAND|TEST[_]COMMAND|LINT[_]COMMAND|AUDIT[_]COMMAND' opera-cache-cleaner-extension --exclude-dir=.git --exclude-dir=dist; then
echo "Unresolved template placeholders found."
exit 1
fi