chore(deps): Bump serde_json from 1.0.119 to 1.0.120 #446
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release | |
| on: | |
| push: | |
| tags: | |
| - "v*" | |
| branches: | |
| - main | |
| permissions: | |
| contents: read | |
| jobs: | |
| linux: | |
| if: startsWith(github.ref, 'refs/tags/') && github.event_name == 'push' | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 | |
| with: | |
| egress-policy: block | |
| allowed-endpoints: > | |
| azure.archive.ubuntu.com:80 | |
| crates.io:443 | |
| esm.ubuntu.com:443 | |
| github.com:443 | |
| index.crates.io:443 | |
| motd.ubuntu.com:443 | |
| ppa.launchpadcontent.net:443 | |
| static.crates.io:443 | |
| static.rust-lang.org:443 | |
| - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
| - name: Setup Rust toolchain | |
| run: | | |
| rustup target install x86_64-unknown-linux-musl | |
| sudo apt-get install -y musl musl-dev musl-tools dpkg-dev liblzma-dev | |
| cargo install cargo-deb | |
| - name: Install zlibng | |
| run: | | |
| sudo apt-get install build-essential wget | |
| wget https://github.com/zlib-ng/zlib-ng/archive/refs/tags/2.1.6.tar.gz | |
| tar -xzf 2.1.6.tar.gz | |
| cd zlib-ng-2.1.6/ | |
| ./configure | |
| make | |
| sudo make install | |
| - id: version | |
| run: echo "version=$(cargo metadata --format-version=1 --no-deps | jq '.packages[] | select(.name == "malwaredb") | .version' --raw-output)" >>$GITHUB_OUTPUT | |
| - name: Install GUI dependencies | |
| run: sudo apt-get install -y libxcb-shape0-dev libxcb-xfixes0-dev libx11-dev libxkbcommon-dev libfontconfig-dev libxext-dev libxft-dev libxinerama-dev libxcursor-dev libxrender-dev libxfixes-dev | |
| - name: Build client | |
| run: cargo build --workspace --features=zlibng --bin mdb_client --target x86_64-unknown-linux-musl --release | |
| - name: Package client | |
| run: | | |
| cd client | |
| cargo deb --target x86_64-unknown-linux-musl | |
| - name: Build server | |
| run: cargo build --features=admin,admin-gui,sqlite,vt,zlibng --bin mdb_server --target x86_64-unknown-linux-musl --release | |
| - name: Package server | |
| run: cargo deb --target x86_64-unknown-linux-musl | |
| - run: mv target/x86_64-unknown-linux-musl/release/mdb_server target/x86_64-unknown-linux-musl/release/mdb_server_linux_musl_x86_64 | |
| - name: Upload mdb_server | |
| uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 | |
| with: | |
| name: mdb_server_linux_musl_x86_64 | |
| path: target/x86_64-unknown-linux-musl/release/mdb_server_linux_musl_x86_64 | |
| if-no-files-found: error | |
| retention-days: 5 | |
| - name: Upload mdb_server deb | |
| uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 | |
| with: | |
| name: "malwaredb_${{ steps.version.outputs.version }}-1_amd64.deb" | |
| path: "target/x86_64-unknown-linux-musl/debian/malwaredb_${{ steps.version.outputs.version }}-1_amd64.deb" | |
| if-no-files-found: error | |
| retention-days: 5 | |
| - run: mv target/x86_64-unknown-linux-musl/release/mdb_client target/x86_64-unknown-linux-musl/release/mdb_client_linux_musl_x86_64 | |
| - name: Upload mdb_client | |
| uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 | |
| with: | |
| name: mdb_client_linux_musl_x86_64 | |
| path: target/x86_64-unknown-linux-musl/release/mdb_client_linux_musl_x86_64 | |
| retention-days: 5 | |
| - name: Upload mdb_client deb | |
| uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 | |
| with: | |
| name: "malwaredb-client_${{ steps.version.outputs.version }}-1_amd64.deb" | |
| path: "target/x86_64-unknown-linux-musl/debian/malwaredb-client_${{ steps.version.outputs.version }}-1_amd64.deb" | |
| if-no-files-found: error | |
| retention-days: 5 | |
| # Re-do the SBOM so we can upload in the release | |
| - name: Install cargo-cyclonedx | |
| run: cargo install cargo-cyclonedx | |
| - name: Run cycloneDX and get JSON output | |
| run: cargo cyclonedx --all --all-features --format=json --override-filename sbom | |
| - name: Run cycloneDX and get XML output | |
| run: cargo cyclonedx --all --all-features --format=xml --override-filename sbom | |
| - name: Upload the JSON BOM file | |
| uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 | |
| with: | |
| name: SBOM.json | |
| path: sbom.json | |
| if-no-files-found: error | |
| retention-days: 5 | |
| - name: Upload the XML BOM file | |
| uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 | |
| with: | |
| name: SBOM.xml | |
| path: sbom.xml | |
| if-no-files-found: error | |
| retention-days: 5 | |
| macos-intel: | |
| if: startsWith(github.ref, 'refs/tags/') && github.event_name == 'push' | |
| runs-on: macos-13 | |
| steps: | |
| - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
| - uses: dtolnay/rust-toolchain@53c04d3685fcc3ca67ce478eb9c2ea5c051a4a63 # stable | |
| - name: Set up Homebrew | |
| id: set-up-homebrew | |
| uses: Homebrew/actions/setup-homebrew@55e35ac78132cc31ce174408f40a9676e64aa0e2 # master | |
| - name: Install libmagic and zlib-ng | |
| run: brew install libmagic zlib-ng | |
| - name: Build client | |
| run: cargo build --workspace --features=zlibng --bin mdb_client --release | |
| - name: Build server | |
| run: cargo build --features=admin,admin-gui,sqlite,vt,zlibng --bin mdb_server --release | |
| env: | |
| LIBRARY_PATH: "/opt/homebrew/lib:/opt/homebrew/opt/libmagic/lib" | |
| - name: Upload mdb_server | |
| uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 | |
| with: | |
| name: mdb_server_darwin_x86_64 | |
| path: target/release/mdb_server | |
| if-no-files-found: error | |
| retention-days: 5 | |
| - name: Upload mdb_client | |
| uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 | |
| with: | |
| name: mdb_client_darwin_x86_64 | |
| path: target/release/mdb_client | |
| if-no-files-found: error | |
| retention-days: 5 | |
| macos-m1: | |
| if: startsWith(github.ref, 'refs/tags/') && github.event_name == 'push' | |
| runs-on: macos-14 | |
| needs: macos-intel | |
| steps: | |
| - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
| - uses: dtolnay/rust-toolchain@53c04d3685fcc3ca67ce478eb9c2ea5c051a4a63 # stable | |
| - name: Install libmagic and zlib-ng | |
| run: brew install libmagic zlib-ng | |
| - name: Build client | |
| run: cargo build --workspace --features=zlibng --bin mdb_client --release | |
| - name: Build server | |
| run: cargo build --features=admin,admin-gui,sqlite,vt,zlibng --bin mdb_server --release | |
| env: | |
| LIBRARY_PATH: "/opt/homebrew/lib:/opt/homebrew/opt/libmagic/lib" | |
| - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 | |
| with: | |
| name: mdb_server_darwin_x86_64 | |
| - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 | |
| with: | |
| name: mdb_client_darwin_x86_64 | |
| - run: lipo -create ./mdb_server ./target/release/mdb_server -output ./mdb_server_darwin_universal | |
| - run: lipo -create ./mdb_client ./target/release/mdb_client -output ./mdb_client_darwin_universal | |
| - name: Upload mdb_server | |
| uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 | |
| with: | |
| name: mdb_server_darwin_universal | |
| path: mdb_server_darwin_universal | |
| if-no-files-found: error | |
| retention-days: 5 | |
| - name: Upload mdb_client | |
| uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 | |
| with: | |
| name: mdb_client_darwin_universal | |
| path: mdb_client_darwin_universal | |
| if-no-files-found: error | |
| retention-days: 5 | |
| windows: | |
| if: startsWith(github.ref, 'refs/tags/') && github.event_name == 'push' | |
| runs-on: windows-latest | |
| env: | |
| VCPKG_LIBRARY_LINKAGE: static | |
| steps: | |
| - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
| - uses: dtolnay/rust-toolchain@53c04d3685fcc3ca67ce478eb9c2ea5c051a4a63 # stable | |
| - uses: ChristopheLav/windows-sdk-install@14ad5f172e8fd00da0e21f3acd08d2b902d91524 # v1.0.1 | |
| with: | |
| version-sdk: 22621 | |
| features: 'OptionId.DesktopCPPx64,OptionId.DesktopCPParm64' | |
| - run: rustup target install aarch64-pc-windows-msvc | |
| - name: Install vcpkg | |
| run: | | |
| cargo install cargo-vcpkg | |
| vcpkg install libmagic:x64-windows-static-md | |
| vcpkg install libmagic:arm64-windows-static-md | |
| vcpkg install zlib-ng:x64-windows-static-md | |
| vcpkg install zlib-ng:arm64-windows-static-md | |
| vcpkg integrate install | |
| - name: Build client x86_64 | |
| run: cargo build --workspace --features=zlibng --bin mdb_client --release | |
| - name: Build client arm64 | |
| run: cargo build --workspace --features=zlibng --bin mdb_client --release --target=aarch64-pc-windows-msvc | |
| - name: Build server x86_64 | |
| run: cargo build --features=admin,admin-gui,sqlite,vt,zlibng --release | |
| - name: Build server arm64 | |
| run: cargo build --features=admin,admin-gui,sqlite,vt,zlibng --release --target=aarch64-pc-windows-msvc | |
| - run: | | |
| copy target/release/mdb_server.exe target/release/mdb_server_amd64.exe | |
| copy target/release/mdb_client.exe target/release/mdb_client_amd64.exe | |
| copy target/aarch64-pc-windows-msvc/release/mdb_server.exe target/aarch64-pc-windows-msvc/release/mdb_server_arm64.exe | |
| copy target/aarch64-pc-windows-msvc/release/mdb_client.exe target/aarch64-pc-windows-msvc/release/mdb_client_arm64.exe | |
| - name: Upload mdb_server.exe | |
| uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 | |
| with: | |
| name: mdb_server_amd64.exe | |
| path: target/release/mdb_server_amd64.exe | |
| if-no-files-found: error | |
| retention-days: 5 | |
| - name: Upload mdb_server_arm64.exe | |
| uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 | |
| with: | |
| name: mdb_server_arm64.exe | |
| path: target/aarch64-pc-windows-msvc/release/mdb_server_arm64.exe | |
| if-no-files-found: error | |
| retention-days: 5 | |
| - name: Upload mdb_client.exe | |
| uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 | |
| with: | |
| name: mdb_client_amd64.exe | |
| path: target/release/mdb_client_amd64.exe | |
| if-no-files-found: error | |
| retention-days: 5 | |
| - name: Upload mdb_client_arm64.exe | |
| uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 | |
| with: | |
| name: mdb_client_arm64.exe | |
| path: target/aarch64-pc-windows-msvc/release/mdb_client_arm64.exe | |
| if-no-files-found: error | |
| retention-days: 5 | |
| release: | |
| if: startsWith(github.ref, 'refs/tags/') && github.event_name == 'push' | |
| needs: [ windows, macos-m1, linux ] | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: write | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 | |
| with: | |
| egress-policy: block | |
| allowed-endpoints: > | |
| api.github.com:443 | |
| api.snapcraft.io:443 | |
| azure.archive.ubuntu.com:80 | |
| esm.ubuntu.com:443 | |
| github.com:443 | |
| motd.ubuntu.com:443 | |
| objects.githubusercontent.com:443 | |
| - name: Install wget | |
| run: | | |
| sudo apt-get install wget | |
| - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
| - id: version | |
| run: echo "version=$(cargo metadata --format-version=1 --no-deps | jq '.packages[] | select(.name == "malwaredb") | .version' --raw-output)" >>$GITHUB_OUTPUT | |
| - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 | |
| with: | |
| name: mdb_server_darwin_universal | |
| - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 | |
| with: | |
| name: mdb_client_darwin_universal | |
| - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 | |
| with: | |
| name: mdb_server_amd64.exe | |
| - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 | |
| with: | |
| name: mdb_server_arm64.exe | |
| - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 | |
| with: | |
| name: mdb_client_amd64.exe | |
| - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 | |
| with: | |
| name: mdb_client_arm64.exe | |
| - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 | |
| with: | |
| name: mdb_server_linux_musl_x86_64 | |
| - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 | |
| with: | |
| name: "malwaredb_${{ steps.version.outputs.version }}-1_amd64.deb" | |
| - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 | |
| with: | |
| name: mdb_client_linux_musl_x86_64 | |
| - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 | |
| with: | |
| name: "malwaredb-client_${{ steps.version.outputs.version }}-1_amd64.deb" | |
| - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 | |
| with: | |
| name: SBOM.xml | |
| - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 | |
| with: | |
| name: SBOM.json | |
| - name: Download minisign | |
| run: | | |
| wget https://github.com/jedisct1/minisign/releases/download/0.11/minisign-0.11-linux.tar.gz | |
| tar xzf minisign-0.11-linux.tar.gz | |
| mv minisign-linux/x86_64/minisign . | |
| - name: Sign artifacts | |
| run: | | |
| mkdir ~/.minisign/ | |
| echo "${{ secrets.MINISIGN_KEY }}" > ~/.minisign/minisign.key | |
| echo | ./minisign -Sm mdb_* malwaredb* sbom.* | |
| echo | ./minisign -R | |
| - uses: softprops/action-gh-release@a74c6b72af54cfa997e81df42d94703d6313a2d0 # v2.0.6 | |
| with: | |
| draft: true | |
| prerelease: true | |
| generate_release_notes: true | |
| files: | | |
| mdb_server_darwin_universal | |
| mdb_server_darwin_universal.minisig | |
| mdb_client_darwin_universal | |
| mdb_client_darwin_universal.minisig | |
| mdb_server_amd64.exe | |
| mdb_server_amd64.exe.minisig | |
| mdb_server_arm64.exe | |
| mdb_server_arm64.exe.minisig | |
| mdb_client_amd64.exe | |
| mdb_client_amd64.exe.minisig | |
| mdb_client_arm64.exe | |
| mdb_client_arm64.exe.minisig | |
| mdb_server_linux_x86_64 | |
| mdb_server_linux_x86_64.minisig | |
| mdb_client_linux_x86_64 | |
| mdb_client_linux_x86_64.minisig | |
| malwaredb_${{ steps.version.outputs.version }}-1_amd64.deb | |
| malwaredb_${{ steps.version.outputs.version }}-1_amd64.deb.minisig | |
| malwaredb-client_${{ steps.version.outputs.version }}-1_amd64.deb | |
| malwaredb-client_${{ steps.version.outputs.version }}-1_amd64.deb.minisig | |
| sbom.xml | |
| sbom.xml.minisig | |
| sbom.json | |
| sbom.json.minisig | |
| minisign.pub | |
| - run: echo 00000 > ~/.minisign/minisign.key |