admin/uptime-kuma
1
0
Fork 0
mirror of https://github.com/louislam/uptime-kuma.git synced 2026-01-31 11:03:11 +08:00
Code Issues Packages Projects Releases Wiki Activity

chore: format the .github folder (#6654)

Browse Source
This commit is contained in:
Frank Elsinga
2026-01-09 01:25:03 +01:00
committed by GitHub
parent af26601f1e
commit 6658f2ce41
11 changed files with 132 additions and 125 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
.github/ISSUE_TEMPLATE/security_issue.yml vendored
View File

@@ -12,10 +12,10 @@ body:
## ❗ IMPORTANT: DO NOT SHARE VULNERABILITY DETAILS HERE
## Please do not open issues for upstream dependency scan results.
Automated security tools often report false-positive issues that are not exploitable in the context of Uptime Kuma.
Reviewing these without concrete impact does not scale for us.
If you can demonstrate that an upstream issue is actually exploitable in Uptime Kuma (e.g. with a PoC or reproducible steps), were happy to take a look.
### ⚠️ Report a Security Vulnerability

2
.github/PULL_REQUEST_TEMPLATE.md vendored
View File

@@ -4,10 +4,10 @@
<!-- Provide a clear summary of the purpose and scope of this pull request-->
## 📋 Related issues
<!--Please link any GitHub issues or tasks that this pull request addresses-->
- Relates to #issue-number <!--this links related the issue-->
- Resolves #issue-number <!--this auto-closes the issue-->

12
.github/REVIEW_GUIDELINES.md vendored
View File

@@ -90,9 +90,9 @@ correct authorization and authentication mechanisms are in place.
### Security Best Practices
- Ensure that the code is free from common vulnerabilities like **SQL
injection**, **XSS attacks**, and **insecure API calls**.
injection**, **XSS attacks**, and **insecure API calls**.
- Check for proper encryption of sensitive data, and ensure that **passwords**
or **API tokens** are not hardcoded in the code.
or **API tokens** are not hardcoded in the code.
## Performance
@@ -105,7 +105,7 @@ like load times, memory usage, or other performance aspects.
- Have the right libraries been chosen?
- Are there unnecessary dependencies that might reduce performance or increase
code complexity?
code complexity?
- Are these dependencies actively maintained and free of known vulnerabilities?
### Performance Best Practices
@@ -113,7 +113,7 @@ like load times, memory usage, or other performance aspects.
- **Measure performance** using tools like Lighthouse or profiling libraries.
- **Avoid unnecessary dependencies** that may bloat the codebase.
- Ensure that the **code does not degrade the user experience** (e.g., by
increasing load times or memory consumption).
increasing load times or memory consumption).
## Compliance and Integration
@@ -187,9 +187,9 @@ the PR can be approved. Some examples of **significant issues** include:
- Missing tests for new functionality.
- Identified **security vulnerabilities**.
- Code changes that break **backward compatibility** without a proper migration
plan.
plan.
- Code that causes **major performance regressions** (e.g., high CPU/memory
usage).
usage).
## After the Review

9
.github/copilot-instructions.md vendored
View File

@@ -18,22 +18,26 @@
## Build & Validation Commands
### Prerequisites
- Node.js >= 20.4.0, npm >= 9.3, Git
### Essential Command Sequence
1. **Install Dependencies**:
```bash
npm ci # Use npm ci NOT npm install (~60-90 seconds)
```
2. **Linting** (required before committing):
```bash
npm run lint # Both linters (~15-30 seconds)
npm run lint:prod # For production (zero warnings)
```
3. **Build Frontend**:
```bash
npm run build # Takes ~90-120 seconds, builds to dist/
```
@@ -105,6 +109,7 @@ npm run dev # Starts frontend (port 3000) and backend (port 3001)
## CI/CD Workflows
**auto-test.yml** (runs on PR/push to master/1.23.X):
- Linting, building, backend tests on multiple OS/Node versions (15 min timeout)
- E2E Playwright tests
@@ -142,7 +147,9 @@ npm run dev # Starts frontend (port 3000) and backend (port 3001)
## Adding New Features
### New Notification Provider
Files to modify:
1. `server/notification-providers/PROVIDER_NAME.js` (backend logic)
2. `server/notification.js` (register provider)
3. `src/components/notifications/PROVIDER_NAME.vue` (frontend UI)
@@ -151,7 +158,9 @@ Files to modify:
6. `src/lang/en.json` (add translation keys)
### New Monitor Type
Files to modify:
1. `server/monitor-types/MONITORING_TYPE.js` (backend logic)
2. `server/uptime-kuma-server.js` (register monitor type)
3. `src/pages/EditMonitor.vue` (frontend UI)

126
.github/workflows/auto-test.yml vendored
View File

@@ -5,7 +5,7 @@ name: Auto Test
on:
push:
branches: [ master, 1.23.X, 3.0.0 ]
branches: [master, 1.23.X, 3.0.0]
pull_request:
permissions: {}
@@ -21,39 +21,39 @@ jobs:
matrix:
os: [macos-latest, ubuntu-22.04, windows-latest, ubuntu-22.04-arm]
# See supported Node.js release schedule at https://nodejs.org/en/about/releases/
node: [ 20, 24 ]
node: [20, 24]
# Also test non-LTS, but only on Ubuntu.
include:
- os: ubuntu-22.04
node: 25
steps:
- run: git config --global core.autocrlf false # Mainly for Windows
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with: { persist-credentials: false }
- run: git config --global core.autocrlf false # Mainly for Windows
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with: { persist-credentials: false }
- name: Cache/Restore node_modules
uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1
id: node-modules-cache
with:
path: node_modules
key: node-modules-${{ runner.os }}-node${{ matrix.node }}-${{ hashFiles('**/package-lock.json') }}
- name: Cache/Restore node_modules
uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1
id: node-modules-cache
with:
path: node_modules
key: node-modules-${{ runner.os }}-node${{ matrix.node }}-${{ hashFiles('**/package-lock.json') }}
- name: Use Node.js ${{ matrix.node }}
uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0
with:
node-version: ${{ matrix.node }}
- run: npm clean-install --no-fund
- name: Rebuild native modules for ARM64
if: matrix.os == 'ubuntu-22.04-arm'
run: npm rebuild @louislam/sqlite3
- run: npm run build
- run: npm run test-backend
env:
HEADLESS_TEST: 1
JUST_FOR_TEST: ${{ secrets.JUST_FOR_TEST }}
- name: Use Node.js ${{ matrix.node }}
uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0
with:
node-version: ${{ matrix.node }}
- run: npm clean-install --no-fund
- name: Rebuild native modules for ARM64
if: matrix.os == 'ubuntu-22.04-arm'
run: npm rebuild @louislam/sqlite3
- run: npm run build
- run: npm run test-backend
env:
HEADLESS_TEST: 1
JUST_FOR_TEST: ${{ secrets.JUST_FOR_TEST }}
# As a lot of dev dependencies are not supported on ARMv7, we have to test it separately and just test if `npm ci --production` works
armv7-simple-test:
@@ -63,7 +63,7 @@ jobs:
strategy:
fail-fast: false
matrix:
node: [ 20, 22 ]
node: [20, 22]
# See supported Node.js release schedule at https://nodejs.org/en/about/releases/
steps:
@@ -92,23 +92,23 @@ jobs:
contents: read
steps:
- run: git config --global core.autocrlf false # Mainly for Windows
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with: { persist-credentials: false }
- run: git config --global core.autocrlf false # Mainly for Windows
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with: { persist-credentials: false }
- name: Cache/Restore node_modules
uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1
id: node-modules-cache
with:
path: node_modules
key: node-modules-${{ runner.os }}-node${{ matrix.node }}-${{ hashFiles('**/package-lock.json') }}
- name: Cache/Restore node_modules
uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1
id: node-modules-cache
with:
path: node_modules
key: node-modules-${{ runner.os }}-node${{ matrix.node }}-${{ hashFiles('**/package-lock.json') }}
- name: Use Node.js 20
uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0
with:
node-version: 20
- run: npm clean-install --no-fund
- run: npm run lint:prod
- name: Use Node.js 20
uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0
with:
node-version: 20
- run: npm clean-install --no-fund
- run: npm run lint:prod
e2e-test:
runs-on: ubuntu-22.04-arm
@@ -117,28 +117,28 @@ jobs:
env:
PLAYWRIGHT_VERSION: ~1.39.0
steps:
- run: git config --global core.autocrlf false # Mainly for Windows
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with: { persist-credentials: false }
- run: git config --global core.autocrlf false # Mainly for Windows
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with: { persist-credentials: false }
- name: Cache/Restore node_modules
uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1
id: node-modules-cache
with:
path: node_modules
key: node-modules-${{ runner.os }}-node${{ matrix.node }}-${{ hashFiles('**/package-lock.json') }}
- name: Cache/Restore node_modules
uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1
id: node-modules-cache
with:
path: node_modules
key: node-modules-${{ runner.os }}-node${{ matrix.node }}-${{ hashFiles('**/package-lock.json') }}
- name: Setup Node.js
uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0
with:
node-version: 22
- run: npm clean-install --no-fund
- name: Rebuild native modules for ARM64
run: npm rebuild @louislam/sqlite3
- name: Setup Node.js
uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0
with:
node-version: 22
- run: npm clean-install --no-fund
- name: Install Playwright ${{ env.PLAYWRIGHT_VERSION }}
run: npx playwright@${{ env.PLAYWRIGHT_VERSION }} install
- name: Rebuild native modules for ARM64
run: npm rebuild @louislam/sqlite3
- run: npm run build
- run: npm run test-e2e
- name: Install Playwright ${{ env.PLAYWRIGHT_VERSION }}
run: npx playwright@${{ env.PLAYWRIGHT_VERSION }} install
- run: npm run build
- run: npm run test-e2e

8
.github/workflows/autofix.yml vendored
View File

@@ -2,7 +2,7 @@ name: autofix.ci
on:
push:
branches: [ "master", "1.23.X"]
branches: ["master", "1.23.X"]
pull_request:
permissions: {}
@@ -14,7 +14,7 @@ jobs:
steps:
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with: { persist-credentials: false }
- name: Cache/Restore node_modules
uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1
id: node-modules-cache
@@ -42,5 +42,5 @@ jobs:
# - name: Auto-format code with Prettier
# run: npm run fmt
# continue-on-error: true
- uses: autofix-ci/action@635ffb0c9798bd160680f18fd73371e355b85f27
- uses: autofix-ci/action@635ffb0c9798bd160680f18fd73371e355b85f27

22
.github/workflows/close-incorrect-issue.yml vendored
View File

@@ -17,15 +17,15 @@ jobs:
node-version: [20]
steps:
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with: { persist-credentials: false }
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with: { persist-credentials: false }
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0
with:
node-version: ${{ matrix.node-version }}
- run: npm ci
- name: Close incorrect issue
run: node extra/close-incorrect-issue.js ${{ secrets.GITHUB_TOKEN }} ${{ github.event.issue.number }} "$ISSUE_USER_LOGIN"
env:
ISSUE_USER_LOGIN: ${{ github.event.issue.user.login }}
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0
with:
node-version: ${{ matrix.node-version }}
- run: npm ci
- name: Close incorrect issue
run: node extra/close-incorrect-issue.js ${{ secrets.GITHUB_TOKEN }} ${{ github.event.issue.number }} "$ISSUE_USER_LOGIN"
env:
ISSUE_USER_LOGIN: ${{ github.event.issue.user.login }}

56
.github/workflows/codeql-analysis.yml vendored
View File

@@ -2,11 +2,11 @@ name: "CodeQL"
on:
push:
branches: [ "master", "1.23.X"]
branches: ["master", "1.23.X"]
pull_request:
branches: [ "master", "1.23.X"]
branches: ["master", "1.23.X"]
schedule:
- cron: '16 22 * * 0'
- cron: "16 22 * * 0"
jobs:
analyze:
@@ -22,34 +22,34 @@ jobs:
strategy:
fail-fast: false
matrix:
language: [ 'go', 'javascript-typescript' ]
language: ["go", "javascript-typescript"]
steps:
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with: { persist-credentials: false }
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with: { persist-credentials: false }
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9
with:
languages: ${{ matrix.language }}
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9
with:
languages: ${{ matrix.language }}
- name: Autobuild
uses: github/codeql-action/autobuild@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9
- name: Autobuild
uses: github/codeql-action/autobuild@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9
with:
category: "/language:${{matrix.language}}"
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9
with:
category: "/language:${{matrix.language}}"
zizmor:
runs-on: ubuntu-latest
permissions:
security-events: write
contents: read
actions: read
steps:
- name: Checkout repository
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with: { persist-credentials: false }
- name: Run zizmor
uses: zizmorcore/zizmor-action@e639db99335bc9038abc0e066dfcd72e23d26fb4 # v0.3.0
runs-on: ubuntu-latest
permissions:
security-events: write
contents: read
actions: read
steps:
- name: Checkout repository
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with: { persist-credentials: false }
- name: Run zizmor
uses: zizmorcore/zizmor-action@e639db99335bc9038abc0e066dfcd72e23d26fb4 # v0.3.0

4
.github/workflows/conflict_labeler.yml vendored
View File

@@ -26,5 +26,5 @@ jobs:
- name: Apply label
uses: eps1lon/actions-label-merge-conflict@1df065ebe6e3310545d4f4c4e862e43bdca146f0 # v3.0.3
with:
dirtyLabel: 'needs:resolve-merge-conflict'
repoToken: '${{ secrets.GITHUB_TOKEN }}'
dirtyLabel: "needs:resolve-merge-conflict"
repoToken: "${{ secrets.GITHUB_TOKEN }}"

1
.github/workflows/prevent-file-change.yml vendored
View File

@@ -17,4 +17,3 @@ jobs:
# Regex, /src/lang/*.json is not allowed to be changed, except for /src/lang/en.json
pattern: '^(?!src/lang/en\.json$)src/lang/.*\.json$'
trustedAuthors: UptimeKumaBot

13
.github/workflows/stale-bot.yml vendored
View File

@@ -1,8 +1,8 @@
name: 'Automatically close stale issues'
name: "Automatically close stale issues"
on:
workflow_dispatch:
schedule:
- cron: '0 */6 * * *'
- cron: "0 */6 * * *"
#Run every 6 hours
permissions: {}
@@ -22,8 +22,8 @@ jobs:
days-before-close: 7
days-before-pr-stale: -1
days-before-pr-close: -1
exempt-issue-labels: 'News,discussion,bug,doc,feature-request'
exempt-issue-assignees: 'louislam'
exempt-issue-labels: "News,discussion,bug,doc,feature-request"
exempt-issue-assignees: "louislam"
operations-per-run: 200
- uses: actions/stale@997185467fa4f803885201cee163a9f38240193d # v10.1.1
with:
@@ -31,7 +31,7 @@ jobs:
This issue was marked as `cannot-reproduce` by a maintainer.
If an issue is non-reproducible, we cannot fix it, as we do not know what the underlying issue is.
If you have any ideas how we can reproduce this issue, we would love to hear them.
We don't have a good way to deal with truely unreproducible issues and are going to close this issue in a month.
If think there might be other differences in our environment or in how we tried to reproduce this, we would appreciate any ideas.
close-issue-message: |-
@@ -41,6 +41,5 @@ jobs:
days-before-close: 30
days-before-pr-stale: -1
days-before-pr-close: -1
any-of-issue-labels: 'cannot-reproduce'
any-of-issue-labels: "cannot-reproduce"
operations-per-run: 200