From 9cc1f607edab14c301b24aa71cf7e5cdf9d52080 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 12 Aug 2025 09:08:06 +0000 Subject: [PATCH 1/2] build(deps): bump the actions group across 1 directory with 3 updates Bumps the actions group with 3 updates in the / directory: [actions/checkout](https://github.com/actions/checkout), [actions/download-artifact](https://github.com/actions/download-artifact) and [cross-platform-actions/action](https://github.com/cross-platform-actions/action). Updates `actions/checkout` from 4 to 5 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v4...v5) Updates `actions/download-artifact` from 4 to 5 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](https://github.com/actions/download-artifact/compare/v4...v5) Updates `cross-platform-actions/action` from 0.28.0 to 0.29.0 - [Release notes](https://github.com/cross-platform-actions/action/releases) - [Changelog](https://github.com/cross-platform-actions/action/blob/master/changelog.md) - [Commits](https://github.com/cross-platform-actions/action/compare/v0.28.0...v0.29.0) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: actions/download-artifact dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: cross-platform-actions/action dependency-version: 0.29.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions ... Signed-off-by: dependabot[bot] --- .github/workflows/benchmark.yml | 4 ++-- .github/workflows/binary-builds.yml | 6 +++--- .github/workflows/build-docs.yml | 6 +++--- .github/workflows/bump-n-release.yml | 4 ++-- .github/workflows/node-js-packaging.yml | 18 +++++++++--------- .github/workflows/pre-commit-hooks.yml | 6 +++--- .github/workflows/python-packaging.yml | 10 +++++----- .github/workflows/run-dev-tests.yml | 2 +- 8 files changed, 28 insertions(+), 28 deletions(-) diff --git a/.github/workflows/benchmark.yml b/.github/workflows/benchmark.yml index f6dd2c23..fbec12fc 100644 --- a/.github/workflows/benchmark.yml +++ b/.github/workflows/benchmark.yml @@ -28,11 +28,11 @@ jobs: benchmark: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 # using the generated compilation database, # we will use cpp-linter to scan libgit2 src/libgit2/**.c files. - name: Checkout libgit2 - uses: actions/checkout@v4 + uses: actions/checkout@v5 with: repository: libgit2/libgit2 ref: v1.8.1 diff --git a/.github/workflows/binary-builds.yml b/.github/workflows/binary-builds.yml index 21980039..f285f025 100644 --- a/.github/workflows/binary-builds.yml +++ b/.github/workflows/binary-builds.yml @@ -102,7 +102,7 @@ jobs: contents: write steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Setup Rust uses: dtolnay/rust-toolchain@stable @@ -143,7 +143,7 @@ jobs: permissions: contents: write steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 with: persist-credentials: false - name: Install Rust @@ -152,7 +152,7 @@ jobs: with: python-version: 3.x - name: Download built assets - uses: actions/download-artifact@v4 + uses: actions/download-artifact@v5 with: pattern: cpp-linter-* path: dist diff --git a/.github/workflows/build-docs.yml b/.github/workflows/build-docs.yml index 6368d089..7c7df6d3 100644 --- a/.github/workflows/build-docs.yml +++ b/.github/workflows/build-docs.yml @@ -27,7 +27,7 @@ jobs: cache-deps: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - run: rustup update --no-self-update - name: Cache .cargo locked resources uses: actions/cache@v4 @@ -42,7 +42,7 @@ jobs: permissions: contents: write steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - name: Cache .cargo locked resources uses: actions/cache/restore@v4 with: @@ -72,7 +72,7 @@ jobs: runs-on: ubuntu-latest needs: [cache-deps] steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - run: rustup update --no-self-update - name: Cache .cargo locked resources uses: actions/cache/restore@v4 diff --git a/.github/workflows/bump-n-release.yml b/.github/workflows/bump-n-release.yml index 22e60066..188f94cf 100644 --- a/.github/workflows/bump-n-release.yml +++ b/.github/workflows/bump-n-release.yml @@ -27,7 +27,7 @@ jobs: if: github.event_name == 'workflow_dispatch' runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 with: token: ${{ secrets.BUMP_N_RELEASE }} fetch-depth: 0 @@ -54,7 +54,7 @@ jobs: if: github.event_name != 'workflow_dispatch' runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 with: fetch-depth: 0 - name: Generate a changelog diff --git a/.github/workflows/node-js-packaging.yml b/.github/workflows/node-js-packaging.yml index 4d70f663..adb18cfa 100644 --- a/.github/workflows/node-js-packaging.yml +++ b/.github/workflows/node-js-packaging.yml @@ -71,7 +71,7 @@ jobs: name: Build ${{ matrix.settings.target }} runs-on: ${{ matrix.settings.host }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - name: Setup node uses: actions/setup-node@v4 with: @@ -125,10 +125,10 @@ jobs: runs-on: ubuntu-latest name: Build fFreeBSD steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - name: Build id: build - uses: cross-platform-actions/action@v0.28.0 + uses: cross-platform-actions/action@v0.29.0 env: DEBUG: napi:* RUSTUP_IO_THREADS: 1 @@ -192,7 +192,7 @@ jobs: - '22' runs-on: ${{ matrix.settings.host }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - name: Setup node uses: actions/setup-node@v4 with: @@ -202,7 +202,7 @@ jobs: - name: Install dependencies run: yarn install - name: Download artifacts - uses: actions/download-artifact@v4 + uses: actions/download-artifact@v5 with: name: bindings-${{ matrix.settings.target }} path: bindings/node @@ -229,7 +229,7 @@ jobs: - '22' runs-on: ${{ contains(matrix.target, 'aarch64') && 'ubuntu-24.04-arm' || 'ubuntu-latest' }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - name: Setup node uses: actions/setup-node@v4 with: @@ -260,7 +260,7 @@ jobs: yarn config set --json supportedArchitectures.libc '["current", "musl", "gnu"]' yarn install - name: Download artifacts - uses: actions/download-artifact@v4 + uses: actions/download-artifact@v5 with: name: bindings-${{ matrix.target }} path: bindings/node @@ -293,7 +293,7 @@ jobs: - test-macOS-windows-binding - test-linux-binding steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - name: Setup node uses: actions/setup-node@v4 with: @@ -305,7 +305,7 @@ jobs: working-directory: bindings/node run: yarn napi create-npm-dirs - name: Download all artifacts - uses: actions/download-artifact@v4 + uses: actions/download-artifact@v5 with: path: bindings/node/artifacts - name: Move artifacts diff --git a/.github/workflows/pre-commit-hooks.yml b/.github/workflows/pre-commit-hooks.yml index 02aab9d4..7cb35476 100644 --- a/.github/workflows/pre-commit-hooks.yml +++ b/.github/workflows/pre-commit-hooks.yml @@ -18,7 +18,7 @@ jobs: RUST_BACKTRACE: 1 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - run: rustup update - name: Cache .cargo locked resources uses: actions/cache@v4 @@ -33,7 +33,7 @@ jobs: lint-js: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - uses: actions/setup-node@v4 with: node-version: 22 @@ -45,7 +45,7 @@ jobs: if: github.event_name == 'pull_request' runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - run: rustup update --no-self-update - name: Install cargo-binstall uses: cargo-bins/cargo-binstall@main diff --git a/.github/workflows/python-packaging.yml b/.github/workflows/python-packaging.yml index 839b3449..e2b7b5b9 100644 --- a/.github/workflows/python-packaging.yml +++ b/.github/workflows/python-packaging.yml @@ -58,7 +58,7 @@ jobs: - runner: ubuntu-latest target: ppc64le steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - uses: actions/setup-python@v5 with: python-version: '3.x' @@ -109,7 +109,7 @@ jobs: - runner: windows-latest target: x86 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - uses: actions/setup-python@v5 with: python-version: '3.x' @@ -137,7 +137,7 @@ jobs: - runner: macos-14 target: aarch64 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - uses: actions/setup-python@v5 with: python-version: '3.x' @@ -156,7 +156,7 @@ jobs: sdist: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - uses: actions/setup-python@v5 with: python-version: 3.x @@ -179,7 +179,7 @@ jobs: permissions: id-token: write steps: - - uses: actions/download-artifact@v4 + - uses: actions/download-artifact@v5 with: pattern: wheels-* path: dist diff --git a/.github/workflows/run-dev-tests.yml b/.github/workflows/run-dev-tests.yml index 2abb7fdd..3454a351 100644 --- a/.github/workflows/run-dev-tests.yml +++ b/.github/workflows/run-dev-tests.yml @@ -29,7 +29,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - run: rustup update --no-self-update - run: rustup component add llvm-tools-preview From f568e7c4966d5b75aca991aafdc3a358002b3052 Mon Sep 17 00:00:00 2001 From: Brendan <2bndy5@gmail.com> Date: Mon, 18 Aug 2025 17:33:45 -0700 Subject: [PATCH 2/2] dry run bindings' publish step --- .github/workflows/node-js-packaging.yml | 4 ++-- .github/workflows/python-packaging.yml | 8 +++++++- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/.github/workflows/node-js-packaging.yml b/.github/workflows/node-js-packaging.yml index adb18cfa..bdf2145b 100644 --- a/.github/workflows/node-js-packaging.yml +++ b/.github/workflows/node-js-packaging.yml @@ -123,7 +123,7 @@ jobs: if-no-files-found: error build-freebsd: runs-on: ubuntu-latest - name: Build fFreeBSD + name: Build FreeBSD steps: - uses: actions/checkout@v5 - name: Build @@ -286,7 +286,6 @@ jobs: run: yarn test publish: name: Publish - if: startsWith(github.ref, 'refs/tags/') runs-on: ubuntu-latest needs: - build-freebsd @@ -315,6 +314,7 @@ jobs: working-directory: bindings/node shell: bash - name: Publish + if: startsWith(github.ref, 'refs/tags/') working-directory: bindings/node run: | echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" >> ~/.npmrc diff --git a/.github/workflows/python-packaging.yml b/.github/workflows/python-packaging.yml index e2b7b5b9..78cdb03f 100644 --- a/.github/workflows/python-packaging.yml +++ b/.github/workflows/python-packaging.yml @@ -174,7 +174,6 @@ jobs: release: name: Release runs-on: ubuntu-latest - if: startsWith(github.ref, 'refs/tags/') needs: [linux, windows, macos, sdist] permissions: id-token: write @@ -184,7 +183,14 @@ jobs: pattern: wheels-* path: dist merge-multiple: true + - name: Install uv + if: ${{ !startsWith(github.ref, 'refs/tags/') }} + uses: astral-sh/setup-uv@v6 + - name: Check distributions + if: ${{ !startsWith(github.ref, 'refs/tags/') }} + run: uvx twine check dist/* - name: Publish to PyPI + if: startsWith(github.ref, 'refs/tags/') uses: pypa/gh-action-pypi-publish@76f52bc884231f62b9a034ebfe128415bbaabdfc with: attestations: true