From 9921af0af3a5f9792e8f699442fc2a036b31c46b Mon Sep 17 00:00:00 2001 From: Jennifer Thakar Date: Mon, 14 Oct 2024 13:48:55 -0700 Subject: [PATCH 1/5] Fix dependabot configuration --- .github/dependabot.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index a3137eb60..c181c1c92 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -16,6 +16,6 @@ updates: - "/package" - "/pkg/sass-parser" ignore: - dependency-name: "sass" + - dependency-name: "sass" schedule: interval: "weekly" From c33902b7b87d1006d6a39b0b286a5e5269f38ac7 Mon Sep 17 00:00:00 2001 From: Jennifer Thakar Date: Mon, 14 Oct 2024 13:59:24 -0700 Subject: [PATCH 2/5] Update test.yml --- .github/workflows/test.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 72a26521a..bfc9f7b86 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -311,6 +311,7 @@ jobs: run: dart run test -p chrome -j 2 env: CHROME_EXECUTABLE: chrome + CHROME_DEVEL_SANDBOX: /opt/google/chrome/chrome-sandbox sass_parser_tests: name: "sass-parser Tests | Dart ${{ matrix.dart_channel }} | Node ${{ matrix.node-version }}" From 9edcbe12ba2ba7774631e43ff3ba1e7e614bbd9e Mon Sep 17 00:00:00 2001 From: Jennifer Thakar Date: Mon, 14 Oct 2024 14:12:07 -0700 Subject: [PATCH 3/5] Update permissions for sandbox --- .github/workflows/test.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index bfc9f7b86..2847b5c11 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -304,9 +304,10 @@ jobs: with: dart-sdk: ${{ matrix.dart_channel }} github-token: ${{ github.token }} - + - run: dart run grinder pkg-npm-dev env: {UPDATE_SASS_SASS_REPO: false} + - run: sudo chmod 4755 /opt/google/chrome/chrome-sandbox - name: Run tests run: dart run test -p chrome -j 2 env: From e90c5b2dd35047e89358843f928351420aea0c51 Mon Sep 17 00:00:00 2001 From: Jennifer Thakar Date: Mon, 14 Oct 2024 14:14:04 -0700 Subject: [PATCH 4/5] Fix whitespace --- .github/workflows/test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 2847b5c11..b1137c14e 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -304,7 +304,7 @@ jobs: with: dart-sdk: ${{ matrix.dart_channel }} github-token: ${{ github.token }} - + - run: dart run grinder pkg-npm-dev env: {UPDATE_SASS_SASS_REPO: false} - run: sudo chmod 4755 /opt/google/chrome/chrome-sandbox From 3b1bf8e9ea9549fff2d59ae0e8218b32c10b36d5 Mon Sep 17 00:00:00 2001 From: Jennifer Thakar Date: Mon, 14 Oct 2024 15:34:32 -0700 Subject: [PATCH 5/5] Link to Chromium docs --- .github/workflows/test.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index b1137c14e..4ee23575b 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -312,6 +312,7 @@ jobs: run: dart run test -p chrome -j 2 env: CHROME_EXECUTABLE: chrome + # See https://chromium.googlesource.com/chromium/src/+/main/docs/security/apparmor-userns-restrictions.md#option-3_the-safest-way CHROME_DEVEL_SANDBOX: /opt/google/chrome/chrome-sandbox sass_parser_tests: