diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index aff2ff22..015bfb36 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -5,7 +5,7 @@ updates:
directory: "/"
schedule:
interval: "daily"
-
+
- package-ecosystem: "bundler"
directory: "/"
schedule:
diff --git a/.github/workflows/github-pages.yml b/.github/workflows/github-pages.yml
index f44ac34e..8a6252dd 100644
--- a/.github/workflows/github-pages.yml
+++ b/.github/workflows/github-pages.yml
@@ -10,26 +10,33 @@ permissions:
contents: write
env:
- python_version: '3.11'
+ python_version: '3.13'
jobs:
github-pages:
- runs-on: ubuntu-latest
+ runs-on: ubuntu-24.04
steps:
- - uses: actions/checkout@v4
+ - name: Harden Runner
+ uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
+ with:
+ egress-policy: audit
+ - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+ - name: Lint with Pre-commit
+ uses: pre-commit/action@2c7b3805fd2a0fd8c1884dcaebf91fc102a13ecd # v3.0.1
- name: Install Linux Dependencies
run: >
sudo apt-get update -qq && sudo apt-get install -qq --no-install-recommends po4a
- name: Set up Python
- uses: actions/setup-python@v5.3.0
+ uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0
with:
python-version: ${{ env.python_version }}
- name: Build translations
run: python po/build.py
- name: Set up Ruby
- uses: ruby/setup-ruby@v1
+ uses: ruby/setup-ruby@4a9ddd6f338a97768b8006bf671dfbad383215f4 # v1.207.0
with:
ruby-version: 3.3.4
+ bundler-cache: true
- name: Build Pages
run: |
bundle install
@@ -40,10 +47,10 @@ jobs:
--disable-external true
--enforce-https false
--allow-missing-href true
- --check-internal-hash false
+ --check-internal-hash false
--checks Links ./_site
- name: Deploy
- uses: peaceiris/actions-gh-pages@v4
+ uses: peaceiris/actions-gh-pages@4f9cc6602d3f66b9c108549d475ec49e8ef4d45e # v4.0.0
if: ${{ github.ref == 'refs/heads/main' }}
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/update.yml b/.github/workflows/update.yml
index c361f4e0..0c61c327 100644
--- a/.github/workflows/update.yml
+++ b/.github/workflows/update.yml
@@ -9,20 +9,25 @@ on:
types: [version-update]
permissions:
- contents: write
+ contents: write
pull-requests: write
jobs:
update:
- runs-on: ubuntu-latest
+ runs-on: ubuntu-24.04
steps:
- - uses: actions/checkout@v4
+ - name: Harden Runner
+ uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
+ with:
+ egress-policy: audit
+
+ - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Update version
run: |
if test -z "${{ github.event.inputs.version }}${{ github.event.client_payload.version }}"; then echo "No version provided"; exit 1; fi
- sed -i 's/^gaphor_version:.*$/gaphor_version: ${{ github.event.inputs.version }}${{ github.event.client_payload.version }}/' _config.yml
+ sed -i 's/^gaphor_version:.*$/gaphor_version: ${{ github.event.inputs.version }}${{ github.event.client_payload.version }}/' _config.yml
- name: Create Pull Request
- uses: peter-evans/create-pull-request@v7
+ uses: peter-evans/create-pull-request@67ccf781d68cd99b580ae25a5c18a1cc84ffff1f # v7.0.6
with:
commit-message: update to version ${{ github.event.inputs.version }}${{ github.event.client_payload.version }}
title: Update to version ${{ github.event.inputs.version }}${{ github.event.client_payload.version }}
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
new file mode 100644
index 00000000..4baee8c0
--- /dev/null
+++ b/.pre-commit-config.yaml
@@ -0,0 +1,10 @@
+repos:
+- repo: https://github.com/gitleaks/gitleaks
+ rev: 5494c3ed33bff63904f7e323281686480dc4eb98 # frozen: v8.22.1
+ hooks:
+ - id: gitleaks
+- repo: https://github.com/pre-commit/pre-commit-hooks
+ rev: cef0300fd0fc4d2a87a85fa2093c6b283ea36f4b # frozen: v5.0.0
+ hooks:
+ - id: end-of-file-fixer
+ - id: trailing-whitespace
diff --git a/CNAME b/CNAME
index ce3fe456..132304a9 100644
--- a/CNAME
+++ b/CNAME
@@ -1 +1 @@
-gaphor.org
\ No newline at end of file
+gaphor.org
diff --git a/Makefile b/Makefile
index 4323c1fe..02aa999d 100644
--- a/Makefile
+++ b/Makefile
@@ -1,6 +1,3 @@
run:
docker run -it --rm -v "$$PWD":/usr/src/app:z -p "4000:4000" starefossen/github-pages
-
-
-
diff --git a/_data/strings.yml b/_data/strings.yml
index 3d48d0f8..63fd7a31 100644
--- a/_data/strings.yml
+++ b/_data/strings.yml
@@ -25,7 +25,7 @@ index:
latest-news-and-blog:
blog-content: |
Do you want to know what's going on with Gaphor? Read our blog!
-
+
[Contact the team](/discuss) if you want to share content related to Gaphor.
see-blog: See blog
read-more: Read more
diff --git a/_layouts/default.html b/_layouts/default.html
index 1c4df09a..4ebc144d 100644
--- a/_layouts/default.html
+++ b/_layouts/default.html
@@ -6,4 +6,4 @@
{{ content }}
-
\ No newline at end of file
+
diff --git a/_pages/blog.md b/_pages/blog.md
index 7c7df0aa..7b1481f4 100644
--- a/_pages/blog.md
+++ b/_pages/blog.md
@@ -3,4 +3,4 @@ layout: blog
title: Blog and News
lang: en
permalink: /blog/
----
\ No newline at end of file
+---
diff --git a/_posts/2020-11-27-simple-services-in-python.md b/_posts/2020-11-27-simple-services-in-python.md
index 48b5f517..4b1a1cb3 100644
--- a/_posts/2020-11-27-simple-services-in-python.md
+++ b/_posts/2020-11-27-simple-services-in-python.md
@@ -27,7 +27,7 @@ which is part of the Python standard library since Python 3.8. For older
versions (Python 3.6 and 3.7) a library
[`importlib_metadata`](https://pypi.org/project/importlib-metadata/) (notice
the underscore) can be used instead, providing the same
-functionality. If you go back in history even more,
+functionality. If you go back in history even more,
setuptools' [`pkg_resources`](https://setuptools.readthedocs.io/en/latest/pkg_resources.html)
was used to provide this functionality.
@@ -37,7 +37,7 @@ To view all entry points available in your python installation:
>>> import importlib.metadata
>>> for ep in importlib.metadata.entry_points():
... print(ep)
-...
+...
console_scripts
distutils.commands
distutils.setup_keywords
diff --git a/_posts/2021-07-02-gaphor-2.5-highlights.md b/_posts/2021-07-02-gaphor-2.5-highlights.md
index 44cba649..8aedbede 100644
--- a/_posts/2021-07-02-gaphor-2.5-highlights.md
+++ b/_posts/2021-07-02-gaphor-2.5-highlights.md
@@ -11,7 +11,7 @@ support for STPA, a systems approach to safety engineering. Minor improvements
include the ability to move diagrams freely around in the tree view, and an extra
option to record notes on model elements.
-The internal model used by Gaphor has been simplified.
+The internal model used by Gaphor has been simplified.
Finally, we'll reflect on the changes made in Gaphor 2.3 and 2.4.
@@ -70,7 +70,7 @@ issue report helps make this application better. If you spot an issues, please
So, what happened with Gaphor 2.3 and 2.4. Well, quite a bit actually:
-* Fault Tree Analysis has been added as part of RAAML
+* Fault Tree Analysis has been added as part of RAAML
* C4 model support has been introduced in Gaphor 2.3.
* The UML model has been updated to UML 2.5 and has been extended by DataType,
ValueType, Primitive, and Enumeration. Containment has been added too.
diff --git a/_posts/2022-12-10-gtk4-macos-keybindings.md b/_posts/2022-12-10-gtk4-macos-keybindings.md
index 2f482290..d1f3f873 100644
--- a/_posts/2022-12-10-gtk4-macos-keybindings.md
+++ b/_posts/2022-12-10-gtk4-macos-keybindings.md
@@ -14,7 +14,7 @@ desktop applications. GTK 4 is the most recent major version, the long awaited
successor of GTK+ 3. For desktop applications there's a lot to gain by porting
to GTK 4. First and foremost because GTK 4 takes full support of your GPU.
-For Gaphor we provide binaries for Linux, Windows and macOS.
+For Gaphor we provide binaries for Linux, Windows and macOS.
GTK 4 no longer maps its keyboard shortcuts to macOS native keybindings. While
Ctrl is used on Linux and Windows, Command is used on
diff --git a/_sass/_header.scss b/_sass/_header.scss
index 553ecee0..ab191967 100644
--- a/_sass/_header.scss
+++ b/_sass/_header.scss
@@ -8,7 +8,7 @@
@media screen {
background-attachment: fixed;
}
-
+
// Safari on iOS does not support fixed backgrounds
// https://developer.mozilla.org/en-US/docs/Web/CSS/-webkit-touch-callout
@supports (-webkit-touch-callout: none) {
diff --git a/_sass/_languages.scss b/_sass/_languages.scss
index 8250431e..87dc1c25 100644
--- a/_sass/_languages.scss
+++ b/_sass/_languages.scss
@@ -30,4 +30,3 @@
#header .language-header {
background-color: transparent;
}
-
diff --git a/_usps/03-beginner-pro.md b/_usps/03-beginner-pro.md
index 598d8430..3f167ab3 100644
--- a/_usps/03-beginner-pro.md
+++ b/_usps/03-beginner-pro.md
@@ -4,4 +4,4 @@ icon: project-diagram
lang: en
---
-Whether you're a casual modeler documenting a project or a Model Driven Development expert, Gaphor has got you covered.
\ No newline at end of file
+Whether you're a casual modeler documenting a project or a Model Driven Development expert, Gaphor has got you covered.
diff --git a/_usps/04-consistent.md b/_usps/04-consistent.md
index 32fe3f46..181590b0 100644
--- a/_usps/04-consistent.md
+++ b/_usps/04-consistent.md
@@ -6,4 +6,4 @@ lang: en
UML is a graphical modeling language, so all information you put in the model
is visible in the diagrams. For example, stereotypes are modeled in diagrams.
-No hidden panels and property pages. Just diagrams!
\ No newline at end of file
+No hidden panels and property pages. Just diagrams!
diff --git a/google2d5dfd6f795cd5fd.html b/google2d5dfd6f795cd5fd.html
index 355bb376..5220b6ff 100644
--- a/google2d5dfd6f795cd5fd.html
+++ b/google2d5dfd6f795cd5fd.html
@@ -1 +1 @@
-google-site-verification: google2d5dfd6f795cd5fd.html
\ No newline at end of file
+google-site-verification: google2d5dfd6f795cd5fd.html
diff --git a/images/matrix_org.svg b/images/matrix_org.svg
index bc41720a..b9f4dff2 100644
--- a/images/matrix_org.svg
+++ b/images/matrix_org.svg
@@ -4,4 +4,4 @@
-
\ No newline at end of file
+