sqlitebrowser
diff --git a/‎.github/actions/notarize-macos/README.md
Lines changed: 1 addition & 0 deletions b/‎.github/actions/notarize-macos/README.md
Lines changed: 1 addition & 0 deletions
diff --git a/‎.github/actions/notarize-macos/action.yml
Lines changed: 15 additions & 30 deletions b/‎.github/actions/notarize-macos/action.yml
Lines changed: 15 additions & 30 deletions
diff --git a/‎.github/workflows/build-appimage.yml
Lines changed: 5 additions & 9 deletions b/‎.github/workflows/build-appimage.yml
Lines changed: 5 additions & 9 deletions
diff --git a/‎.github/workflows/build-macos.yml
Lines changed: 97 additions & 101 deletions b/‎.github/workflows/build-macos.yml
Lines changed: 97 additions & 101 deletions
diff --git a/‎.github/workflows/build-ubuntu.yml
Lines changed: 4 additions & 5 deletions b/‎.github/workflows/build-ubuntu.yml
Lines changed: 4 additions & 5 deletions
@@ -0,0 +1 @@
+A workflow for notarizing macOS build artifacts during a CI workflow run.
@@ -21,22 +21,18 @@ inputs:
     required: true
 
 runs:
-  using: 'composite'
+  using: "composite"
 
   steps:
     - name: Unlock keychain
-      env:
-        KEYCHAIN_PATH: ${{ inputs.KEYCHAIN_PATH }}
-        KEYCHAIN_PW: ${{ inputs.KEYCHAIN_PW }}
       shell: bash
       run: |
-        security unlock-keychain -p "$KEYCHAIN_PW" "$KEYCHAIN_PATH"
-        security list-keychain -d user -s "$KEYCHAIN_PATH"
+        security unlock-keychain -p "${{ inputs.KEYCHAIN_PW }}" "${{ inputs.KEYCHAIN_PATH}}"
+        security list-keychain -d user -s "${{ inputs.KEYCHAIN_PATH }}"
+
     - name: Include the dependencies in the app bundle
-      env:
-        DEV_ID: ${{ inputs.DEV_ID }}
       shell: bash
-      run: find build -name "DB Browser for SQL*.app" -exec /opt/homebrew/opt/db4subqt@5/bin/macdeployqt {} -sign-for-notarization="$DEV_ID" \;
+      run: find build -name "DB Browser for SQL*.app" -exec /opt/homebrew/opt/db4subqt@5/bin/macdeployqt {} -sign-for-notarization="${{ inputs.DEV_ID }}" \;
 
     - name: Add the extension to the app bundle
       shell: bash
@@ -92,8 +88,6 @@ runs:
         done
 
     - name: Copy the icon file to the app bundle
-      env:
-        DAILY: ${{ inputs.DAILY }}
       shell: bash
       run: |
         for TARGET in $(find build -name "DB Browser for SQL*.app" | sed -e 's/ /_/g'); do
@@ -108,16 +102,14 @@ runs:
         done
 
     - name: Sign the manually added extensions.
-      env:
-        DEV_ID: ${{ inputs.DEV_ID }}
       shell: bash
       run: |
         for TARGET in $(find build -name "DB Browser for SQL*.app" | sed -e 's/ /_/g'); do
           TARGET=$(echo $TARGET | sed -e 's/_/ /g')
-          codesign --sign "$DEV_ID" --deep --force --options=runtime --strict --timestamp "$TARGET/Contents/Extensions/fileio.dylib"
-          codesign --sign "$DEV_ID" --deep --force --options=runtime --strict --timestamp "$TARGET/Contents/Extensions/formats.dylib"
-          codesign --sign "$DEV_ID" --deep --force --options=runtime --strict --timestamp "$TARGET/Contents/Extensions/math.dylib"
-          codesign --sign "$DEV_ID" --deep --force --options=runtime --strict --timestamp "$TARGET"
+          codesign --sign "${{ inputs.DEV_ID }}" --deep --force --options=runtime --strict --timestamp "$TARGET/Contents/Extensions/fileio.dylib"
+          codesign --sign "${{ inputs.DEV_ID }}" --deep --force --options=runtime --strict --timestamp "$TARGET/Contents/Extensions/formats.dylib"
+          codesign --sign "${{ inputs.DEV_ID }}" --deep --force --options=runtime --strict --timestamp "$TARGET/Contents/Extensions/math.dylib"
+          codesign --sign "${{ inputs.DEV_ID }}" --deep --force --options=runtime --strict --timestamp "$TARGET"
         done
 
     - name: Move app bundle to installer folder for DMG creation
@@ -128,9 +120,6 @@ runs:
     # but Composite Actions do not support if statements for steps.
     # For more information, see https://github.com/actions/runner/blob/main/docs/adrs/0549-composite-run-steps.md
     - name: Create the DMG
-      env:
-        DAILY: ${{ inputs.DAILY }}
-        DEV_ID: ${{ inputs.DEV_ID }}
       shell: bash
       run: |
         export DATE=$(date +%Y%m%d)
@@ -141,13 +130,13 @@ runs:
             sed -i "" 's/"DB Browser for SQLCipher Nightly.app"/"DB Browser for SQLCipher-dev-'$(git rev-parse --short --verify HEAD)'.app"/' installer/macos/sqlcipher-nightly.json
             TARGET="DB.Browser.for.SQLCipher-dev-$(git rev-parse --short --verify HEAD).dmg"
             appdmg --quiet installer/macos/sqlcipher-nightly.json "$TARGET"
-            codesign --sign "$DEV_ID" --verbose --options=runtime --timestamp "$TARGET"
+            codesign --sign "${{ inputs.DEV_ID }}" --verbose --options=runtime --timestamp "$TARGET"
             codesign -vvv --deep --strict --verbose=4 "$TARGET"
           else
             # Daily with SQLCipher
             TARGET="DB.Browser.for.SQLCipher-universal_$DATE.dmg"
             appdmg --quiet installer/macos/sqlcipher-nightly.json "$TARGET"
-            codesign --sign "$DEV_ID" --verbose --options=runtime --timestamp "$TARGET"
+            codesign --sign "${{ inputs.DEV_ID }}" --verbose --options=runtime --timestamp "$TARGET"
             codesign -vvv --deep --strict --verbose=4 "$TARGET"
           fi
         else
@@ -156,25 +145,21 @@ runs:
             sed -i "" 's/"DB Browser for SQLite Nightly.app"/"DB Browser for SQLite-dev-'$(git rev-parse --short --verify HEAD)'.app"/' installer/macos/nightly.json
             TARGET="DB.Browser.for.SQLite-dev-$(git rev-parse --short --verify HEAD).dmg"
             appdmg --quiet installer/macos/nightly.json "$TARGET"
-            codesign --sign "$DEV_ID" --verbose --options=runtime --timestamp "$TARGET"
+            codesign --sign "${{ inputs.DEV_ID }}" --verbose --options=runtime --timestamp "$TARGET"
             codesign -vvv --deep --strict --verbose=4 "$TARGET"
           else
             # Daily without SQLCipher
             TARGET="DB.Browser.for.SQLite-universal_$DATE.dmg"
             appdmg --quiet installer/macos/nightly.json "$TARGET"
-            codesign --sign "$DEV_ID" --verbose --options=runtime --timestamp "$TARGET"
+            codesign --sign "${{ inputs.DEV_ID }}" --verbose --options=runtime --timestamp "$TARGET"
             codesign -vvv --deep --strict --verbose=4 "$TARGET"
           fi
         fi
 
     - name: Notarize the dmg
-      env:
-        APPLE_ID: ${{ inputs.APPLE_ID }}
-        APPLE_PW: ${{ inputs.APPLE_PW }}
-        TEAM_ID: ${{ inputs.TEAM_ID }}
       shell: bash
-      run: xcrun notarytool submit *.dmg --apple-id "$APPLE_ID" --password "$APPLE_PW" --team-id "$TEAM_ID" --wait
+      run: xcrun notarytool submit *.dmg --apple-id "${{ inputs.APPLE_ID }}" --password "${{ inputs.APPLE_PW }}" --team-id "${{ inputs.TEAM_ID }}" --wait
 
     - name: Staple the notarization ticket
       shell: bash
-      run: xcrun stapler staple *.dmg
+      run: xcrun stapler staple *.dmg
@@ -4,15 +4,12 @@ on:
   workflow_call:
   workflow_dispatch:
 
-permissions:
-  contents: write
-
 jobs:
   build:
     name: ${{ matrix.os }} - SQLCipher ${{ matrix.sqlcipher }}
     runs-on: ${{ matrix.os }}
     strategy:
-      fail-fast: true
+      fail-fast: false
       matrix:
         os: [ubuntu-20.04]
         sqlcipher: ["0", "1"]
@@ -61,9 +58,8 @@ jobs:
           export FILE=${FILE/SQLite/SQLCipher}
           mv DB_Browser_for_SQLite*.AppImage $FILE
 
-      - name: Release
-        uses: softprops/action-gh-release@v1
+      - name: Upload artifacts
+        uses: actions/upload-artifact@v3
         with:
-          files: DB_Browser_for_*.AppImage
-          prerelease: true
-          tag_name: continuous
+          name: build-artifacts
+          path: DB_Browser_for_*.AppImage
@@ -1,114 +1,110 @@
 name: Build - macOS
 
 on:
-    schedule:
-        - cron: '0 0 * * *' # Every day at midnight (UTC)
-    workflow_call:
-    workflow_dispatch:
-      inputs:
-        assume-triggerd-by-schedule:
-          description: 'Assume this workflow was triggered by the schedule'
-          required: false
-          type: boolean
-
-permissions:
-    contents: write
+  schedule:
+    - cron: "0 0 * * *" # Every day at midnight (UTC)
+  workflow_call:
+  workflow_dispatch:
+    inputs:
+      assume-triggerd-by-schedule:
+        default: 'false'
+        description: "Assume this workflow was triggered by the schedule"
+        required: false
 
 jobs:
-    build:
-        name: ${{ matrix.os }} - SQLCipher ${{ matrix.sqlcipher }}
-        runs-on: ${{ matrix.os }}
-        strategy:
-            fail-fast: true
-            matrix:
-                os: [macos-13-runner]
-                sqlcipher: ["0", "1"]
-        env:
-          DAILY: false
-        steps:
-            - name: Update dependency packages
-              run: |
-                brew update
-                brew upgrade db4subopenssl@3-x86_64 db4subopenssl@3 db4subqt@5 db4subsqlcipher-x86_64 db4subsqlcipher db4subsqlitefts@5
-              
-            - name: Set 'DAILY' environment variable
-              run: |
-                if [ "${{ github.event_name }}" = "schedule" ] || [ "${{ github.event.inputs.assume-triggerd-by-schedule }}" == "true" ]; then
-                  echo "DAILY=true" >> $GITHUB_ENV
-                fi
-                
-            - name: Checkout
-              uses: actions/checkout@v4
+  build:
+    name: ${{ matrix.os }} - SQLCipher ${{ matrix.sqlcipher }}
+    runs-on: ${{ matrix.os }}
+    strategy:
+      fail-fast: false
+      matrix:
+        os: [macos-13-runner]
+        sqlcipher: ["0", "1"]
+    env:
+      DAILY: false
+    steps:
+      - name: Update dependency packages
+        run: |
+          brew update
+          brew upgrade db4subopenssl@3-x86_64 db4subopenssl@3 db4subqt@5 db4subsqlcipher-x86_64 db4subsqlcipher db4subsqlitefts@5
+
+      - name: Set 'DAILY' environment variable
+        run: |
+          if [ "${{ github.event_name }}" = "schedule" ] || [ "${{ github.event.inputs.assume-triggerd-by-schedule }}" = "true" ]; then
+            echo "DAILY=true" >> $GITHUB_ENV
+          fi
+
+      - name: Checkout
+        uses: actions/checkout@v4
 
-            - if: env.DAILY == 'false'
-              name: Configure build (Continuous)
-              run: |
-                if [ "${{ matrix.sqlcipher }}" = "1" ]; then
-                    sed -i "" 's/"DB Browser for SQLite"/"DB Browser for SQLCipher-dev-'$(git rev-parse --short --verify HEAD)'"/' CMakeLists.txt
-                else
-                    sed -i "" 's/"DB Browser for SQLite"/"DB Browser for SQLite-dev-'$(git rev-parse --short --verify HEAD)'"/' CMakeLists.txt
-                fi
-                mkdir build && cd build
-                cmake -G Ninja -DCMAKE_OSX_ARCHITECTURES="arm64;x86_64" -DcustomTap=1 -DENABLE_TESTING=ON -Dsqlcipher=${{ matrix.sqlcipher }} ..
+      - if: env.DAILY == 'false'
+        name: Configure build (Continuous)
+        run: |
+          if [ "${{ matrix.sqlcipher }}" = "1" ]; then
+              sed -i "" 's/"DB Browser for SQLite"/"DB Browser for SQLCipher-dev-'$(git rev-parse --short --verify HEAD)'"/' CMakeLists.txt
+          else
+              sed -i "" 's/"DB Browser for SQLite"/"DB Browser for SQLite-dev-'$(git rev-parse --short --verify HEAD)'"/' CMakeLists.txt
+          fi
+          mkdir build && cd build
+          cmake -G Ninja -DCMAKE_OSX_ARCHITECTURES="arm64;x86_64" -DcustomTap=1 -DENABLE_TESTING=ON -Dsqlcipher=${{ matrix.sqlcipher }} ..
 
-            - if: env.DAILY == 'true'
-              name: Configure build (Daily)
-              run: |
-                if [ "${{ matrix.sqlcipher }}" = "1" ]; then
-                    sed -i "" 's/"DB Browser for SQLite"/"DB Browser for SQLCipher Nightly"/' CMakeLists.txt
-                else
-                    sed -i "" 's/"DB Browser for SQLite"/"DB Browser for SQLite Nightly"/' CMakeLists.txt
-                fi
-                mkdir build && cd build
-                cmake -G Ninja -DCMAKE_OSX_ARCHITECTURES="arm64;x86_64" -DcustomTap=1 -DENABLE_TESTING=ON -Dsqlcipher=${{ matrix.sqlcipher }} ..
+      - if: env.DAILY == 'true'
+        name: Configure build (Daily)
+        run: |
+          if [ "${{ matrix.sqlcipher }}" = "1" ]; then
+              sed -i "" 's/"DB Browser for SQLite"/"DB Browser for SQLCipher Nightly"/' CMakeLists.txt
+          else
+              sed -i "" 's/"DB Browser for SQLite"/"DB Browser for SQLite Nightly"/' CMakeLists.txt
+          fi
+          mkdir build && cd build
+          cmake -G Ninja -DCMAKE_OSX_ARCHITECTURES="arm64;x86_64" -DcustomTap=1 -DENABLE_TESTING=ON -Dsqlcipher=${{ matrix.sqlcipher }} ..
 
-            - name: Build
-              working-directory: ./build
-              run: ninja
+      - name: Build
+        working-directory: ./build
+        run: ninja
 
-            - name: Tests
-              working-directory: ./build
-              run: ninja test
+      - name: Tests
+        working-directory: ./build
+        run: ninja test
 
-            - name: Build Extension
-              run: |
-                clang -I /opt/homebrew/opt/db4subsqlitefts@5/include -L /opt/homebrew/opt/db4subsqlitefts@5/lib -fno-common -dynamiclib src/extensions/extension-formats.c
-                clang -I /opt/homebrew/opt/db4subsqlitefts@5/include -L /opt/homebrew/opt/db4subsqlitefts@5/lib -fno-common -dynamiclib src/extensions/extension-functions.c
-                curl -L -o src/extensions/fileio.c 'https://sqlite.org/src/raw?filename=ext/misc/fileio.c&ci=trunk'
-                curl -L -o src/extensions/test_windirect.c 'https://sqlite.org/src/raw?filename=src/test_windirent.c&ci=trunk'
-                curl -L -o src/extensions/test_windirect.h 'https://sqlite.org/src/raw?filename=src/test_windirent.h&ci=trunk'
-                clang -I /opt/homebrew/opt/db4subsqlitefts@5/include -L /opt/homebrew/opt/db4subsqlitefts@5/lib -fno-common -dynamiclib src/extensions/fileio.c src/extensions/test_windirect.c
+      - name: Build Extension
+        run: |
+          clang -I /opt/homebrew/opt/db4subsqlitefts@5/include -L /opt/homebrew/opt/db4subsqlitefts@5/lib -fno-common -dynamiclib src/extensions/extension-formats.c
+          clang -I /opt/homebrew/opt/db4subsqlitefts@5/include -L /opt/homebrew/opt/db4subsqlitefts@5/lib -fno-common -dynamiclib src/extensions/extension-functions.c
+          curl -L -o src/extensions/fileio.c 'https://sqlite.org/src/raw?filename=ext/misc/fileio.c&ci=trunk'
+          curl -L -o src/extensions/test_windirect.c 'https://sqlite.org/src/raw?filename=src/test_windirent.c&ci=trunk'
+          curl -L -o src/extensions/test_windirect.h 'https://sqlite.org/src/raw?filename=src/test_windirent.h&ci=trunk'
+          clang -I /opt/homebrew/opt/db4subsqlitefts@5/include -L /opt/homebrew/opt/db4subsqlitefts@5/lib -fno-common -dynamiclib src/extensions/fileio.c src/extensions/test_windirect.c
 
-            - if: github.event_name != 'pull_request'
-              name: Notarize the app
-              uses: ./.github/actions/notarize-macos
-              with:
-                APPLE_ID: ${{ secrets.MACOS_CODESIGN_APPLE_ID }}
-                APPLE_PW: ${{ secrets.MACOS_CODESIGN_APPLE_PW }}
-                DAILY: ${{ env.DAILY }}
-                DEV_ID: ${{ secrets.MACOS_CODESIGN_DEV_ID }}
-                KEYCHAIN_PATH: ${{ secrets.MACOS_CODESIGN_KEYCHAIN_PATH }}
-                KEYCHAIN_PW: ${{ secrets.MACOS_CODESIGN_KEYCHAIN_PW }}
-                SQLCIPHER: ${{ matrix.sqlcipher }}
-                TEAM_ID: ${{ secrets.MACOS_CODESIGN_TEAM_ID }}
+      - if: github.event_name != 'pull_request'
+        name: Notarize the app
+        uses: ./.github/actions/notarize-macos
+        with:
+          APPLE_ID: ${{ secrets.MACOS_CODESIGN_APPLE_ID }}
+          APPLE_PW: ${{ secrets.MACOS_CODESIGN_APPLE_PW }}
+          DAILY: ${{ env.DAILY }}
+          DEV_ID: ${{ secrets.MACOS_CODESIGN_DEV_ID }}
+          KEYCHAIN_PATH: ${{ secrets.MACOS_CODESIGN_KEYCHAIN_PATH }}
+          KEYCHAIN_PW: ${{ secrets.MACOS_CODESIGN_KEYCHAIN_PW }}
+          SQLCIPHER: ${{ matrix.sqlcipher }}
+          TEAM_ID: ${{ secrets.MACOS_CODESIGN_TEAM_ID }}
 
-            - if: github.event_name != 'pull_request' && env.DAILY == 'false'
-              name: Release (Continuous)
-              uses: softprops/action-gh-release@v1
-              with:
-                files: DB.Browser.for.*.dmg
-                prerelease: true
-                tag_name: continuous
+      - if: github.event_name != 'pull_request' && env.DAILY == 'false'
+        name: Upload artifacts (Continuous)
+        uses: actions/upload-artifact@v3
+        with:
+          name: build-artifacts
+          path: DB.Browser.for.*.dmg
 
-            - if: env.DAILY == 'true'
-              name: Release (Daily)
-              run: |
-                export DATE=$(date +%Y%m%d)
-                rsync -aP *.dmg ${{ secrets.MACOS_BUILD_ARTIFACTS_UPLOAD_TARGET }}:/nightlies/macos-universal/
-                if [ "${{ matrix.sqlcipher }}" = "1" ]; then
-                  ssh -q ${{ secrets.MACOS_BUILD_ARTIFACTS_UPLOAD_TARGET }} "cd /nightlies/latest && rm -f *SQLC*-universal*dmg*"
-                  ssh -q ${{ secrets.MACOS_BUILD_ARTIFACTS_UPLOAD_TARGET }} "ln -s /nightlies/macos-universal/DB.Browser.for.SQLCipher-universal_$DATE.dmg /nightlies/latest/DB.Browser.for.SQLCipher-universal.dmg"
-                else
-                  ssh -q ${{ secrets.MACOS_BUILD_ARTIFACTS_UPLOAD_TARGET }} "cd /nightlies/latest && rm -f *SQLi*-universal*dmg*"
-                  ssh -q ${{ secrets.MACOS_BUILD_ARTIFACTS_UPLOAD_TARGET }} "ln -s /nightlies/macos-universal/DB.Browser.for.SQLite-universal_$DATE.dmg /nightlies/latest/DB.Browser.for.SQLite-universal.dmg"
-                fi
+      - if: env.DAILY == 'true'
+        name: Release (Daily)
+        run: |
+          export DATE=$(date +%Y%m%d)
+          rsync -aP *.dmg ${{ secrets.MACOS_BUILD_ARTIFACTS_UPLOAD_TARGET }}:/nightlies/macos-universal/
+          if [ "${{ matrix.sqlcipher }}" = "1" ]; then
+            ssh -q ${{ secrets.MACOS_BUILD_ARTIFACTS_UPLOAD_TARGET }} "cd /nightlies/latest && rm -f *SQLC*-universal*dmg*"
+            ssh -q ${{ secrets.MACOS_BUILD_ARTIFACTS_UPLOAD_TARGET }} "ln -s /nightlies/macos-universal/DB.Browser.for.SQLCipher-universal_$DATE.dmg /nightlies/latest/DB.Browser.for.SQLCipher-universal.dmg"
+          else
+            ssh -q ${{ secrets.MACOS_BUILD_ARTIFACTS_UPLOAD_TARGET }} "cd /nightlies/latest && rm -f *SQLi*-universal*dmg*"
+            ssh -q ${{ secrets.MACOS_BUILD_ARTIFACTS_UPLOAD_TARGET }} "ln -s /nightlies/macos-universal/DB.Browser.for.SQLite-universal_$DATE.dmg /nightlies/latest/DB.Browser.for.SQLite-universal.dmg"
+          fi
@@ -1,18 +1,17 @@
 name: Build - Ubuntu
 
 on:
+  release:
+    types: [created]
   workflow_call:
   workflow_dispatch:
 
-permissions:
-  contents: write
-
 jobs:
   build:
     name: ${{ matrix.os }} - SQLCipher ${{ matrix.sqlcipher }}
     runs-on: ${{ matrix.os }}
     strategy:
-      fail-fast: true
+      fail-fast: false
       matrix:
         os: [ubuntu-20.04]
         sqlcipher: ["0", "1"]
@@ -58,4 +57,4 @@ jobs:
             NAME=$(basename $pkg)
             MIME=$(file --mime-type $pkg|cut -d ' ' -f2)
             curl -X POST -H "Accept: application/vnd.github.v3+json" -H "Authorization: token $GITHUB_TOKEN" -H "Content-Type: $MIME" --data-binary @$pkg $UPLOAD_URL?name=$NAME
-          done
+          done
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	`+A workflow for notarizing macOS build artifacts during a CI workflow run.`