From 82acb1e8f5a2ed0277cf4d5d1b2b7cbd6c2a1e39 Mon Sep 17 00:00:00 2001 From: jaybuidl Date: Mon, 20 Feb 2023 15:32:48 +0100 Subject: [PATCH 1/3] chore: dependabot config --- .github/dependabot.yml | 35 +++++++++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) create mode 100644 .github/dependabot.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..888d22f --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,35 @@ +# To get started with Dependabot version updates, you'll need to specify which +# package ecosystems to update and where the package manifests are located. +# Please see the documentation for all configuration options: +# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates + +version: 2 +enable-beta-ecosystems: true +updates: + - package-ecosystem: "npm" + directory: "/" + schedule: + interval: "weekly" + open-pull-requests-limit: 10 + labels: + - "dependencies" + assignees: + - shotaronowhere + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "weekly" + open-pull-requests-limit: 10 + labels: + - "dependencies" + assignees: + - shotaronowhere + - package-ecosystem: "docker" + directory: "/bots" + schedule: + interval: "weekly" + labels: + - "dependencies" + assignees: + - shotaronowhere + From d58016ed76b8b0fd767a706e31cfbf7c359ed770 Mon Sep 17 00:00:00 2001 From: jaybuidl Date: Mon, 20 Feb 2023 15:35:24 +0100 Subject: [PATCH 2/3] docs: security policy --- SECURITY.md | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 SECURITY.md diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 0000000..233b539 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,6 @@ +# Security Policy + +## Reporting a Vulnerability + +You can privately disclose vulnerabilities to us at any time, by sending an email to clement@kleros.io and contact@kleros.io. +We can then discuss the best way to handle things on a case by case basis. From 9e623808523d31169592b45132d792ee0f8cb612 Mon Sep 17 00:00:00 2001 From: jaybuidl Date: Mon, 20 Feb 2023 16:06:59 +0100 Subject: [PATCH 3/3] chore: subgraph workflow --- .github/workflows/deploy-subgraph.yml | 53 +++++++++++++++++++++++++++ 1 file changed, 53 insertions(+) create mode 100644 .github/workflows/deploy-subgraph.yml diff --git a/.github/workflows/deploy-subgraph.yml b/.github/workflows/deploy-subgraph.yml new file mode 100644 index 0000000..2f242e6 --- /dev/null +++ b/.github/workflows/deploy-subgraph.yml @@ -0,0 +1,53 @@ +name: Deploy Subgraph + +on: + workflow_dispatch: + inputs: + network: + description: The network to deploy the subgraph to + default: 'gnosis' + required: true + type: choice + options: + - gnosis + - goerli + subgraph_name: + description: The subgraph project name typically as [account]/[project]-[network] + default: kleros/moderate-gnosis + required: true + environment: + description: 'The environment to deploy to' + default: 'production' + required: true + type: environment + +jobs: + buildAndDeploy: + runs-on: ubuntu-latest + environment: ${{ inputs.environment }} + steps: + - name: Checkout code + uses: actions/checkout@v2 + + - name: Set up Node.js + uses: actions/setup-node@v2 + with: + node-version: 16 + + - name: Install dependencies + run: yarn install + + - name: Build subgraph + run: | + yarn graph codegen + yarn graph build --network ${{ inputs.network }} + working-directory: subgraph + + - name: Authenticate with TheGraph + run: yarn graph auth --product hosted-service "${{ secrets.SUBGRAPH_AUTH_TOKEN }}" + working-directory: subgraph + + - name: Deploy subgraph + run: yarn graph deploy --product hosted-service --network "${{ inputs.network }}" "${{ inputs.subgraph_name }}" + working-directory: subgraph +