From dba7a976be7c0f2bc735994474b534907e77c679 Mon Sep 17 00:00:00 2001 From: "Project Mu UEFI Bot [bot]" <45776386+uefibot@users.noreply.github.com> Date: Fri, 3 Feb 2023 04:54:09 -0500 Subject: [PATCH] Repo File Sync: synced file(s) with microsoft/mu_devops (#12) --- .azurepipelines/Ubuntu-GCC5.yml | 2 +- .azurepipelines/Windows-VS.yml | 2 +- .github/workflows/auto-approve.yml | 2 +- .github/workflows/auto-merge.yml | 2 +- .github/workflows/label-issues.yml | 2 +- .github/workflows/label-sync.yml | 2 +- .github/workflows/release-draft.yml | 30 +++++++++++++++++++++++++++++ .github/workflows/stale.yml | 2 +- .github/workflows/triage-issues.yml | 2 +- SECURITY.md | 6 ++---- 10 files changed, 40 insertions(+), 12 deletions(-) create mode 100644 .github/workflows/release-draft.yml diff --git a/.azurepipelines/Ubuntu-GCC5.yml b/.azurepipelines/Ubuntu-GCC5.yml index 736662d7..072f6b9a 100644 --- a/.azurepipelines/Ubuntu-GCC5.yml +++ b/.azurepipelines/Ubuntu-GCC5.yml @@ -20,7 +20,7 @@ resources: type: github endpoint: microsoft name: microsoft/mu_devops - ref: refs/tags/v1.4.2 + ref: refs/tags/v1.7.4 containers: - container: linux-gcc image: ghcr.io/tianocore/containers/fedora-35-build:5b8a008 diff --git a/.azurepipelines/Windows-VS.yml b/.azurepipelines/Windows-VS.yml index eab6622b..87886e23 100644 --- a/.azurepipelines/Windows-VS.yml +++ b/.azurepipelines/Windows-VS.yml @@ -20,7 +20,7 @@ resources: type: github endpoint: microsoft name: microsoft/mu_devops - ref: refs/tags/v1.4.2 + ref: refs/tags/v1.7.4 variables: - group: architectures-x86-64 diff --git a/.github/workflows/auto-approve.yml b/.github/workflows/auto-approve.yml index 7c987d6f..af63f71e 100644 --- a/.github/workflows/auto-approve.yml +++ b/.github/workflows/auto-approve.yml @@ -25,5 +25,5 @@ jobs: approval_check: if: | github.event.pull_request.user.login == 'dependabot[bot]' || github.event.pull_request.user.login == 'uefibot' - uses: microsoft/mu_devops/.github/workflows/AutoApprover.yml@v1.4.2 + uses: microsoft/mu_devops/.github/workflows/AutoApprover.yml@v1.7.4 secrets: inherit diff --git a/.github/workflows/auto-merge.yml b/.github/workflows/auto-merge.yml index 124ab935..785858df 100644 --- a/.github/workflows/auto-merge.yml +++ b/.github/workflows/auto-merge.yml @@ -26,5 +26,5 @@ jobs: merge_check: if: | github.event.pull_request.user.login == 'dependabot[bot]' || github.event.pull_request.user.login == 'uefibot' - uses: microsoft/mu_devops/.github/workflows/AutoMerger.yml@v1.4.2 + uses: microsoft/mu_devops/.github/workflows/AutoMerger.yml@v1.7.4 secrets: inherit diff --git a/.github/workflows/label-issues.yml b/.github/workflows/label-issues.yml index 202c3d6c..c7a47359 100644 --- a/.github/workflows/label-issues.yml +++ b/.github/workflows/label-issues.yml @@ -31,4 +31,4 @@ on: jobs: apply: - uses: microsoft/mu_devops/.github/workflows/Labeler.yml@v1.4.2 + uses: microsoft/mu_devops/.github/workflows/Labeler.yml@v1.7.4 diff --git a/.github/workflows/label-sync.yml b/.github/workflows/label-sync.yml index 55ca5604..64018420 100644 --- a/.github/workflows/label-sync.yml +++ b/.github/workflows/label-sync.yml @@ -24,4 +24,4 @@ on: jobs: sync: - uses: microsoft/mu_devops/.github/workflows/LabelSyncer.yml@v1.4.2 + uses: microsoft/mu_devops/.github/workflows/LabelSyncer.yml@v1.7.4 diff --git a/.github/workflows/release-draft.yml b/.github/workflows/release-draft.yml new file mode 100644 index 00000000..a25bee81 --- /dev/null +++ b/.github/workflows/release-draft.yml @@ -0,0 +1,30 @@ +# This workflow automatically drafts new project releases so it is obvious +# what a current release will look like at any time. +# +# It takes advantage of the labels used in Project Mu to automatically categorize +# the types of changes in a given release. In addition, the semantic version of +# the code is constantly maintained based on Project Mu label conventions to ensure +# semantic versioning is followed and a release version is always ready. +# +# NOTE: This file is automatically synchronized from Mu DevOps. Update the original file there +# instead of the file in this repo. +# +# - Mu DevOps Repo: https://github.com/microsoft/mu_devops +# - File Sync Settings: https://github.com/microsoft/mu_devops/blob/main/.sync/Files.yml +# +# Copyright (c) Microsoft Corporation. +# SPDX-License-Identifier: BSD-2-Clause-Patent +# +# For more information, see: +# https://github.com/release-drafter/release-drafter + +name: Update Release Draft + +on: + push: + branches: + - main + +jobs: + draft: + uses: microsoft/mu_devops/.github/workflows/ReleaseDrafter.yml@v1.7.4 diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index d3c548e1..b7ec738f 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -24,4 +24,4 @@ on: jobs: check: - uses: microsoft/mu_devops/.github/workflows/Stale.yml@v1.4.2 + uses: microsoft/mu_devops/.github/workflows/Stale.yml@v1.7.4 diff --git a/.github/workflows/triage-issues.yml b/.github/workflows/triage-issues.yml index 49830d23..89addee6 100644 --- a/.github/workflows/triage-issues.yml +++ b/.github/workflows/triage-issues.yml @@ -19,4 +19,4 @@ on: jobs: triage: - uses: microsoft/mu_devops/.github/workflows/IssueTriager.yml@v1.4.2 + uses: microsoft/mu_devops/.github/workflows/IssueTriager.yml@v1.7.4 diff --git a/SECURITY.md b/SECURITY.md index 4af52553..3ad20948 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -6,8 +6,7 @@ code with the intent that any consuming projects can use this code as-is. If fe or fixes are necessary we ask that they contribute them back to the project. **But**, that said, in the firmware ecosystem there is a lot of variation and differentiation, and the license in this project allows flexibility for use without contribution back to -Project Mu. Therefore, any issues found here may or may not exist in products using Project Mu. - +Project Mu. Therefore, any issues found here may or may not exist in products using Project Mu. ## Supported Versions @@ -19,7 +18,7 @@ For a serious vulnerability we may patch older release branches. Project Mu contains code that is available and/or originally authored in other repositories (see as one such example). For any vulnerability found, we may be subject to their security policy and may need to work -with those groups to resolve amicably and patch the "upstream". This might involve +with those groups to resolve amicably and patch the "upstream". This might involve additional time to release and/or additional confidentiality requirements. ## Reporting a Vulnerability @@ -31,7 +30,6 @@ repository. This process is well documented by github in their documentation [he This process will allow us to privately discuss the issue, collaborate on a solution, and then disclose the vulnerability. - ## Preferred Languages We prefer all communications to be in English.