fix: audit remediation — 6 fixes across quality, performance, security
Update PKGBUILD version / update-pkgver (push) Successful in 2s
Update PKGBUILD version / update-pkgver (push) Successful in 2s
Q-01: Fix broken upower regex in moonarch-btnote (lookaheads never matched)
Q-02: Fix transform.sh paru repo section name ([moonarch] → [moonarch-pkgbuilds]),
config path (~/.config → /etc), and partial sync (-Sy → -Syu)
Q-03: Add missing stasis package to aur.txt (idle management broken on fresh install)
S-01: Switch CI git clones from HTTP to HTTPS (MITM risk in Docker network)
S-02: Restrict CI builder sudo to /usr/bin/pacman only
P-01: Refactor moonarch-waybar-gpustat — remove while loop, use jq --arg style
This commit is contained in:
@@ -14,7 +14,7 @@ jobs:
|
||||
steps:
|
||||
- name: Checkout source repo
|
||||
run: |
|
||||
git clone --bare http://gitea:3000/nevaforget/moonarch.git source.git
|
||||
git clone --bare https://gitea.moonarch.de/nevaforget/moonarch.git source.git
|
||||
cd source.git
|
||||
PKGVER=$(printf "r%s.%s" "$(git rev-list --count HEAD)" "$(git rev-parse --short HEAD)")
|
||||
echo "New pkgver: $PKGVER"
|
||||
@@ -23,7 +23,7 @@ jobs:
|
||||
- name: Update PKGBUILD
|
||||
run: |
|
||||
PKGVER=$(cat /tmp/pkgver)
|
||||
git clone http://gitea:3000/nevaforget/moonarch-pkgbuilds.git pkgbuilds
|
||||
git clone https://gitea.moonarch.de/nevaforget/moonarch-pkgbuilds.git pkgbuilds
|
||||
cd pkgbuilds
|
||||
|
||||
OLD_VER=$(grep '^pkgver=' moonarch-git/PKGBUILD | cut -d= -f2)
|
||||
|
||||
Reference in New Issue
Block a user