diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 6e3c7b60..1cd615c2 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -40,11 +40,16 @@ jobs: runs-on: ${{ matrix.os }} steps: + - name: Harden Runner + uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1 + with: + egress-policy: audit + - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 - name: Setup Python 3.10 - uses: actions/setup-python@v4 + uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0 with: python-version: '3.10' @@ -57,7 +62,7 @@ jobs: run: pip3 install meson pytest - name: Install dependencies - uses: kiwix/kiwix-build/actions/dl_deps_archive@main + uses: kiwix/kiwix-build/actions/dl_deps_archive@804193835086c0bed79f55d4c373302ab729db3d # main with: target_platform: ${{ matrix.target }} @@ -91,11 +96,16 @@ jobs: runs-on: windows-2019 steps: + - name: Harden Runner + uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1 + with: + egress-policy: audit + - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 - name: Setup python 3.10 - uses: actions/setup-python@v4 + uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0 with: python-version: '3.10' @@ -198,14 +208,19 @@ jobs: image: "ghcr.io/kiwix/kiwix-build_ci_${{matrix.image_variant}}:2023-10-30" steps: + - name: Harden Runner + uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1 + with: + egress-policy: audit + - name: Install dependencies if: ${{ !contains(matrix.target, 'musl') }} - uses: kiwix/kiwix-build/actions/dl_deps_archive@main + uses: kiwix/kiwix-build/actions/dl_deps_archive@804193835086c0bed79f55d4c373302ab729db3d # main with: target_platform: ${{ matrix.target }} - name: Retrieve source code - uses: actions/checkout@v3 + uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 - name: Compile source code shell: bash @@ -256,7 +271,7 @@ jobs: fi - name: Upload code coverage - uses: codecov/codecov-action@v3 + uses: codecov/codecov-action@5ecb98a3c6b747ed38dc09f787459979aebb39be # v4.3.1 if: matrix.coverage with: CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} @@ -274,6 +289,11 @@ jobs: # actions: read steps: + - name: Harden Runner + uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1 + with: + egress-policy: audit + - name: "Checkout code" uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: diff --git a/.github/workflows/package.yml b/.github/workflows/package.yml index 9e02fddf..174a05ae 100644 --- a/.github/workflows/package.yml +++ b/.github/workflows/package.yml @@ -20,7 +20,12 @@ jobs: - ubuntu-jammy - ubuntu-focal steps: - - uses: actions/checkout@v3 + - name: Harden Runner + uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1 + with: + egress-policy: audit + + - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 # Determine which PPA we should upload to - name: PPA @@ -35,27 +40,27 @@ jobs: env: REF: ${{ github.ref }} - - uses: legoktm/gh-action-auto-dch@master + - uses: legoktm/gh-action-auto-dch@18025761b70898aac9ddb5bdc726bcd083926714 # master with: fullname: Kiwix builder email: release+launchpad@kiwix.org distro: ${{ matrix.distro }} - - uses: legoktm/gh-action-build-deb@debian-unstable + - uses: legoktm/gh-action-build-deb@4f3fbf87de8bf0870f44624693cae17b7ad34ca2 # debian-unstable if: matrix.distro == 'debian-unstable' name: Build package for debian-unstable id: build-debian-unstable with: args: --no-sign - - uses: legoktm/gh-action-build-deb@debian-bullseye + - uses: legoktm/gh-action-build-deb@1f7501377e7c229f373748af433e5c3818eeae6e # debian-bullseye if: matrix.distro == 'debian-bullseye' name: Build package for debian-bullseye id: build-debian-bullseye with: args: --no-sign - - uses: legoktm/gh-action-build-deb@ubuntu-jammy + - uses: legoktm/gh-action-build-deb@56d1c4bc50f5525fa9b66ac6d7a984ece0428d46 # ubuntu-jammy if: matrix.distro == 'ubuntu-jammy' name: Build package for ubuntu-jammy id: build-ubuntu-jammy @@ -63,7 +68,7 @@ jobs: args: --no-sign ppa: ${{ steps.ppa.outputs.ppa }} - - uses: legoktm/gh-action-build-deb@ubuntu-focal + - uses: legoktm/gh-action-build-deb@e58c0b09a3955e39a4ab83ffe03025d622dda039 # ubuntu-focal if: matrix.distro == 'ubuntu-focal' name: Build package for ubuntu-focal id: build-ubuntu-focal @@ -71,12 +76,12 @@ jobs: args: --no-sign ppa: ${{ steps.ppa.outputs.ppa }} - - uses: actions/upload-artifact@v3 + - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 with: name: Packages for ${{ matrix.distro }} path: output - - uses: legoktm/gh-action-dput@master + - uses: legoktm/gh-action-dput@a41ede69b89b473fb9de31db5f82aef098ca6492 # master name: Upload dev package # Only upload on pushes to main if: github.event_name == 'push' && github.event.ref == 'refs/heads/main' && startswith(matrix.distro, 'ubuntu-') @@ -85,7 +90,7 @@ jobs: repository: ppa:kiwixteam/dev packages: output/*_source.changes - - uses: legoktm/gh-action-dput@master + - uses: legoktm/gh-action-dput@a41ede69b89b473fb9de31db5f82aef098ca6492 # master name: Upload release package if: github.event_name == 'release' && startswith(matrix.distro, 'ubuntu-') with: diff --git a/ChangeLog b/ChangeLog index aeb2d2d2..243f7635 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,9 @@ +libzim 9.2.1 +============ + + * Better handling of split ZIM files (@mgautierfr #879) + * Fix creation of shared_ptr in test (@mgautierfr #881) + libzim 9.2.0 ============ diff --git a/meson.build b/meson.build index bd7fdb56..f9ae9706 100644 --- a/meson.build +++ b/meson.build @@ -1,5 +1,5 @@ project('libzim', ['c', 'cpp'], - version : '9.2.0', + version : '9.2.1', license : 'GPL2', default_options : ['c_std=c11', 'cpp_std=c++17', 'werror=true'])