From 926748cf7324413968cff9ec4d85d5411a8a082a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 4 Mar 2025 23:46:15 +0000 Subject: [PATCH 01/20] github-actions(deps): bump ergebnis/.github from 1.9.2 to 1.9.3 Bumps [ergebnis/.github](https://github.com/ergebnis/.github) from 1.9.2 to 1.9.3. - [Release notes](https://github.com/ergebnis/.github/releases) - [Changelog](https://github.com/ergebnis/.github/blob/main/CHANGELOG.md) - [Commits](https://github.com/ergebnis/.github/compare/1.9.2...1.9.3) --- updated-dependencies: - dependency-name: ergebnis/.github dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/merge.yaml | 8 ++++---- .github/workflows/release.yaml | 2 +- .github/workflows/triage.yaml | 2 +- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/merge.yaml b/.github/workflows/merge.yaml index 1a34635..99e0637 100644 --- a/.github/workflows/merge.yaml +++ b/.github/workflows/merge.yaml @@ -26,23 +26,23 @@ jobs: steps: - name: "Request review from @ergebnis-bot" - uses: "ergebnis/.github/actions/github/pull-request/request-review@1.9.2" + uses: "ergebnis/.github/actions/github/pull-request/request-review@1.9.3" with: github-token: "${{ secrets.ERGEBNIS_BOT_TOKEN }}" reviewer: "ergebnis-bot" - name: "Assign @ergebnis-bot" - uses: "ergebnis/.github/actions/github/pull-request/add-assignee@1.9.2" + uses: "ergebnis/.github/actions/github/pull-request/add-assignee@1.9.3" with: assignee: "ergebnis-bot" github-token: "${{ secrets.ERGEBNIS_BOT_TOKEN }}" - name: "Approve pull request" - uses: "ergebnis/.github/actions/github/pull-request/approve@1.9.2" + uses: "ergebnis/.github/actions/github/pull-request/approve@1.9.3" with: github-token: "${{ secrets.ERGEBNIS_BOT_TOKEN }}" - name: "Merge pull request" - uses: "ergebnis/.github/actions/github/pull-request/merge@1.9.2" + uses: "ergebnis/.github/actions/github/pull-request/merge@1.9.3" with: github-token: "${{ secrets.ERGEBNIS_BOT_TOKEN }}" diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 8cd75a1..885dc53 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -17,7 +17,7 @@ jobs: steps: - name: "Create release" - uses: "ergebnis/.github/actions/github/release/create@1.9.2" + uses: "ergebnis/.github/actions/github/release/create@1.9.3" with: github-token: "${{ secrets.ERGEBNIS_BOT_TOKEN }}" diff --git a/.github/workflows/triage.yaml b/.github/workflows/triage.yaml index 4f0f504..ccad00a 100644 --- a/.github/workflows/triage.yaml +++ b/.github/workflows/triage.yaml @@ -17,6 +17,6 @@ jobs: steps: - name: "Add labels based on branch name" - uses: "ergebnis/.github/actions/github/pull-request/add-label-based-on-branch-name@1.9.2" + uses: "ergebnis/.github/actions/github/pull-request/add-label-based-on-branch-name@1.9.3" with: github-token: "${{ secrets.ERGEBNIS_BOT_TOKEN }}" From 826932ad8851302db61b3a6d453ec6fae6fe5953 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 25 Mar 2025 00:35:25 +0000 Subject: [PATCH 02/20] github-actions(deps): bump actions/cache in /actions/phive/install Bumps [actions/cache](https://github.com/actions/cache) from 4.2.2 to 4.2.3. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/v4.2.2...v4.2.3) --- updated-dependencies: - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- actions/phive/install/action.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/actions/phive/install/action.yaml b/actions/phive/install/action.yaml index 50810df..94e2c7c 100644 --- a/actions/phive/install/action.yaml +++ b/actions/phive/install/action.yaml @@ -26,7 +26,7 @@ runs: shell: "bash" - name: "Cache dependencies installed with phive" - uses: "actions/cache@v4.2.2" + uses: "actions/cache@v4.2.3" with: path: "${{ inputs.phive-home }}" key: "phive-${{ hashFiles('**/phars.xml') }}" From eacdd88ed2c6f3402b9536a8c246c271780f37ba Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Andreas=20M=C3=B6ller?= Date: Mon, 23 Jun 2025 19:59:42 +0200 Subject: [PATCH 03/20] Fix: Adjust note related to sponsoring --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index a1000a2..9046d07 100644 --- a/README.md +++ b/README.md @@ -732,7 +732,7 @@ The maintainers of this project ask contributors to follow the [code of conduct] The maintainers of this project provide limited support. -You can support the maintenance of this project by [sponsoring @localheinz](https://github.com/sponsors/localheinz) or [requesting an invoice for services related to this project](mailto:am@localheinz.com?subject=ergebnis/.github:%20Requesting%20invoice%20for%20services). +You can support the maintenance of this project by [sponsoring @ergebnis](https://github.com/sponsors/ergebnis). ## Security Policy From c5b97674e1346a6bc43be46be6713eaeb7d30116 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Andreas=20M=C3=B6ller?= Date: Mon, 23 Jun 2025 20:14:17 +0200 Subject: [PATCH 04/20] Fix: Remove @localheinz from FUNDING.yaml --- FUNDING.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/FUNDING.yaml b/FUNDING.yaml index 8730580..7f9e90b 100644 --- a/FUNDING.yaml +++ b/FUNDING.yaml @@ -2,4 +2,3 @@ github: - "ergebnis" - - "localheinz" From 081775417ad8dfe220ab609c50ba06045c63cd54 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Andreas=20M=C3=B6ller?= Date: Wed, 9 Jul 2025 08:46:11 +0200 Subject: [PATCH 05/20] Fix: Remove FUNDING.yaml --- FUNDING.yaml | 4 ---- profile/README.md | 4 ---- 2 files changed, 8 deletions(-) delete mode 100644 FUNDING.yaml diff --git a/FUNDING.yaml b/FUNDING.yaml deleted file mode 100644 index 7f9e90b..0000000 --- a/FUNDING.yaml +++ /dev/null @@ -1,4 +0,0 @@ -# https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/displaying-a-sponsor-button-in-your-repository - -github: - - "ergebnis" diff --git a/profile/README.md b/profile/README.md index 5b84524..c4c419c 100644 --- a/profile/README.md +++ b/profile/README.md @@ -1,5 +1 @@ :wave: - -Do you like what you see? - -[Sponsor @ergebnis](https://github.com/sponsors/ergebnis)! From f00ca55b8cf6ba19f768ca6dc007c81b08317fda Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 12 Aug 2025 06:13:05 +0000 Subject: [PATCH 06/20] github-actions(deps): bump actions/checkout from 4.2.2 to 5.0.0 Bumps [actions/checkout](https://github.com/actions/checkout) from 4.2.2 to 5.0.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v4.2.2...v5.0.0) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 5.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/integrate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/integrate.yaml b/.github/workflows/integrate.yaml index 4e8e1a6..ded9d74 100644 --- a/.github/workflows/integrate.yaml +++ b/.github/workflows/integrate.yaml @@ -18,7 +18,7 @@ jobs: steps: - name: "Checkout" - uses: "actions/checkout@v4.2.2" + uses: "actions/checkout@v5.0.0" - name: "Lint YAML files" uses: "ibiqlik/action-yamllint@v3.1.1" From 2e9896d3b1a5007f983e33fa8c1907cb440fe4d5 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 12 Aug 2025 08:22:47 +0000 Subject: [PATCH 07/20] github-actions(deps): bump actions/cache in /actions/phive/install Bumps [actions/cache](https://github.com/actions/cache) from 4.2.3 to 4.2.4. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/v4.2.3...v4.2.4) --- updated-dependencies: - dependency-name: actions/cache dependency-version: 4.2.4 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- actions/phive/install/action.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/actions/phive/install/action.yaml b/actions/phive/install/action.yaml index 94e2c7c..ad48c0c 100644 --- a/actions/phive/install/action.yaml +++ b/actions/phive/install/action.yaml @@ -26,7 +26,7 @@ runs: shell: "bash" - name: "Cache dependencies installed with phive" - uses: "actions/cache@v4.2.3" + uses: "actions/cache@v4.2.4" with: path: "${{ inputs.phive-home }}" key: "phive-${{ hashFiles('**/phars.xml') }}" From 1dcb80f2d39e87f241869cf74b5893fc43cd7ff3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Andreas=20M=C3=B6ller?= Date: Mon, 1 Sep 2025 07:06:00 +0200 Subject: [PATCH 08/20] Enhancement: Allow creating releases in draft mode --- CHANGELOG.md | 5 +++++ README.md | 1 + actions/github/release/create/action.yaml | 6 +++++- 3 files changed, 11 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 8183fdb..ea34c6c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,6 +8,10 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), For a full diff see [`1.9.3...main`][1.9.3...main]. +### Changed + +- Adjusted `github/release/create` to allow creating releases in draft mode ([#214]), by [@localheinz] + ## [`1.9.3`][1.9.3] For a full diff see [`1.9.2...1.9.3`][1.9.2...1.9.3]. @@ -222,6 +226,7 @@ For a full diff see [`1.0.0...main`][1.0.0...main]. [#207]: https://github.com/ergebnis/.github/pull/207 [#208]: https://github.com/ergebnis/.github/pull/208 [#209]: https://github.com/ergebnis/.github/pull/209 +[#214]: https://github.com/ergebnis/.github/pull/214 [@dependabot]: https://github.com/dependabot [@jaymecd]: https://github.com/jaymecd diff --git a/README.md b/README.md index 9046d07..a6a8eba 100644 --- a/README.md +++ b/README.md @@ -511,6 +511,7 @@ For details, see [`actions/github/release/create/action.yaml`](actions/github/re #### Inputs +- `draft`, optional: Whether to create a draft or a published release. - `github-token`, required: The GitHub token of a user with permission to create a release. #### Outputs diff --git a/actions/github/release/create/action.yaml b/actions/github/release/create/action.yaml index 5898cf0..91e8fd6 100644 --- a/actions/github/release/create/action.yaml +++ b/actions/github/release/create/action.yaml @@ -9,6 +9,10 @@ name: "Create a release" description: "Creates a release" inputs: + draft: + description: "Whether to create a draft or a published release" + required: false + default: "false" github-token: description: "GitHub token of a user with permission to create a release" required: true @@ -35,7 +39,7 @@ runs: try { const response = await github.rest.repos.createRelease({ - draft: false, + draft: ${{ fromJSON(inputs.draft) }}, generate_release_notes: true, name: process.env.RELEASE_TAG, owner: context.repo.owner, From 100215e142d76bddd718f0d0c6d3c88a48d0b0d9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Andreas=20M=C3=B6ller?= Date: Mon, 1 Sep 2025 07:22:30 +0200 Subject: [PATCH 09/20] Fix: Wording --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index ea34c6c..bc192c7 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -10,7 +10,7 @@ For a full diff see [`1.9.3...main`][1.9.3...main]. ### Changed -- Adjusted `github/release/create` to allow creating releases in draft mode ([#214]), by [@localheinz] +- Added a `draft` input to `github/release/create` to allow creating releases in draft mode ([#214]), by [@localheinz] ## [`1.9.3`][1.9.3] From 9b6bb602acd8b47dbc80743d8e4b37340a38591e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Andreas=20M=C3=B6ller?= Date: Mon, 1 Sep 2025 07:27:00 +0200 Subject: [PATCH 10/20] Enhancement: Add github/actions/publish to allow publishing a release --- CHANGELOG.md | 5 +++ README.md | 44 ++++++++++++++++++++++ actions/github/release/publish/action.yaml | 37 ++++++++++++++++++ 3 files changed, 86 insertions(+) create mode 100644 actions/github/release/publish/action.yaml diff --git a/CHANGELOG.md b/CHANGELOG.md index bc192c7..d619782 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,6 +8,10 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), For a full diff see [`1.9.3...main`][1.9.3...main]. +### Added + +- Added `github/release/publish` to allow publishing a release ([#215]), by [@localheinz] + ### Changed - Added a `draft` input to `github/release/create` to allow creating releases in draft mode ([#214]), by [@localheinz] @@ -227,6 +231,7 @@ For a full diff see [`1.0.0...main`][1.0.0...main]. [#208]: https://github.com/ergebnis/.github/pull/208 [#209]: https://github.com/ergebnis/.github/pull/209 [#214]: https://github.com/ergebnis/.github/pull/214 +[#215]: https://github.com/ergebnis/.github/pull/215 [@dependabot]: https://github.com/dependabot [@jaymecd]: https://github.com/jaymecd diff --git a/README.md b/README.md index a6a8eba..498e3c9 100644 --- a/README.md +++ b/README.md @@ -525,6 +525,50 @@ none - The `RELEASE_ID` environment variable contains the release identifier. - The `RELEASE_TAG` environment variable contains the release tag. - The `RELEASE_UPLOAD_URL` environment variable contains the URL for uploading release assets. +- +### `ergebnis/.github/actions/github/release/publish` + +This action publishes a release. + +This is useful when you want to publish a release created in draft mode. + +```yaml + +name: "Release" + +on: + push: + tags: + - "**" + +jobs: + release: + name: "Release" + + runs-on: "ubuntu-latest" + + steps: + - name: "Publish release" + uses: "ergebnis/.github/actions/github/release/publish@1.10.0" + with: + release-id: "9001" + github-token: "${{ secrets.ERGEBNIS_BOT_TOKEN }}" +``` + +For details, see [`actions/github/release/publish/action.yaml`](actions/github/release/publish/action.yaml). + +#### Inputs + +- `github-token`, required: The GitHub token of a user with permission to create a release. +- `release-id`, required: The release identifier. + +#### Outputs + +none + +#### Side Effects + +- The release identified by the release identifier is published by the user who owns the GitHub token specified with the `github-token` input. ### `ergebnis/.github/actions/oh-dear/check/request-run` diff --git a/actions/github/release/publish/action.yaml b/actions/github/release/publish/action.yaml new file mode 100644 index 0000000..f9615b3 --- /dev/null +++ b/actions/github/release/publish/action.yaml @@ -0,0 +1,37 @@ +# https://docs.github.com/en/actions/creating-actions/creating-a-composite-action +# https://docs.github.com/en/actions/creating-actions/metadata-syntax-for-github-actions#inputs +# https://docs.github.com/en/actions/creating-actions/metadata-syntax-for-github-actions#runs-for-composite-run-steps-actions +# https://docs.github.com/en/rest/releases/releases#update-a-release +# https://docs.github.com/en/developers/webhooks-and-events/webhooks/webhook-events-and-payloads#push + +name: "Publish a release" + +description: "Publishes a release" + +inputs: + github-token: + description: "GitHub token of a user with permission to publish a release" + required: true + release-id: + description: "The release identifier" + required: true + +runs: + using: "composite" + + steps: + - name: "Publish release" + uses: "actions/github-script@v7.0.1" + with: + github-token: "${{ inputs.github-token }}" + script: | + try { + const response = await github.rest.repos.updateRelease({ + draft: false, + owner: context.repo.owner, + release_id: ${{ inputs.release-id }}, + repo: context.repo.repo, + }); + } catch (error) { + core.setFailed(error.message); + } From 38ffd824c4638e3b16445b45da2c563903a37cb9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Andreas=20M=C3=B6ller?= Date: Mon, 1 Sep 2025 07:31:36 +0200 Subject: [PATCH 11/20] Fix: Reference --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 498e3c9..9f3e252 100644 --- a/README.md +++ b/README.md @@ -19,6 +19,7 @@ This project provides the following composite actions: - [`ergebnis/.github/actions/github/pull-request/merge`](#github-pull-request-merge) - [`ergebnis/.github/actions/github/pull-request/request-review`](#github-pull-request-review) - [`ergebnis/.github/actions/github/release/create`](#github-release-create) +- [`ergebnis/.github/actions/github/release/publish`](#github-release-publish) - [`ergebnis/.github/actions/oh-dear/check/request-run`](#oh-dear-check-request-run) - [`ergebnis/.github/actions/oh-dear/maintenance-period/start`](#oh-dear-maintenance-period-start) - [`ergebnis/.github/actions/oh-dear/maintenance-period/stop`](#oh-dear-maintenance-period-stop) From 5902aef6f5d7c631f3978df92bce4abe1895b36a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Andreas=20M=C3=B6ller?= Date: Mon, 1 Sep 2025 07:35:34 +0200 Subject: [PATCH 12/20] Fix: Versions --- README.md | 54 +++++++++++++++++++++++++++--------------------------- 1 file changed, 27 insertions(+), 27 deletions(-) diff --git a/README.md b/README.md index 9f3e252..ad20f03 100644 --- a/README.md +++ b/README.md @@ -48,19 +48,19 @@ jobs: steps: - name: "Checkout" - uses: "actions/checkout@v3.0.2" + uses: "actions/checkout@v5.0.0" - name: "Set up PHP" - uses: "shivammathur/setup-php@2.21.2" + uses: "shivammathur/setup-php@2.35.4" with: coverage: "none" php-version: "8.1" - name: "Determine composer cache directory" - uses: "ergebnis/.github/actions/composer/determine-cache-directory@1.8.0" + uses: "ergebnis/.github/actions/composer/determine-cache-directory@1.9.3" - name: "Cache dependencies installed with composer" - uses: "actions/cache@v3.0.8" + uses: "actions/cache@v4.2.4" with: path: "${{ env.COMPOSER_CACHE_DIR }}" key: "composer-${{ hashFiles('composer.lock') }}" @@ -104,16 +104,16 @@ jobs: steps: - name: "Checkout" - uses: "actions/checkout@v3.0.2" + uses: "actions/checkout@v5.0.0" - name: "Set up PHP" - uses: "shivammathur/setup-php@2.21.2" + uses: "shivammathur/setup-php@2.35.4" with: coverage: "none" php-version: "8.1" - name: "Determine composer root version" - uses: "ergebnis/.github/actions/composer/determine-root-version@1.8.0" + uses: "ergebnis/.github/actions/composer/determine-root-version@1.9.3" ``` For details, see [`actions/composer/determine-root-version/action.yaml`](actions/composer/determine-root-version/action.yaml). @@ -169,26 +169,26 @@ jobs: steps: - name: "Checkout" - uses: "actions/checkout@v3.0.2" + uses: "actions/checkout@v5.0.0" - name: "Set up PHP" - uses: "shivammathur/setup-php@2.21.2" + uses: "shivammathur/setup-php@2.35.4" with: coverage: "none" php-version: "8.1" - name: "Determine composer cache directory" - uses: "ergebnis/.github/actions/composer/determine-cache-directory@1.8.0" + uses: "ergebnis/.github/actions/composer/determine-cache-directory@1.9.3" - name: "Cache dependencies installed with composer" - uses: "actions/cache@v3.0.8" + uses: "actions/cache@v4.2.4" with: path: "${{ env.COMPOSER_CACHE_DIR }}" key: "composer-${{ matrix.dependencies }}-${{ hashFiles('composer.lock') }}" restore-keys: "composer-${{ matrix.dependencies }}-" - name: "Install ${{ matrix.dependencies }} dependencies with composer" - uses: "ergebnis/.github/actions/composer/install@1.8.0" + uses: "ergebnis/.github/actions/composer/install@1.9.3" with: dependencies: "${{ matrix.dependencies }}" ``` @@ -255,7 +255,7 @@ jobs: steps: - name: "Assign @ergebnis-bot" - uses: "ergebnis/.github/actions/github/pull-request/add-assignee@1.8.0" + uses: "ergebnis/.github/actions/github/pull-request/add-assignee@1.9.3" with: assignee: "ergebnis-bot" github-token: "${{ secrets.ERGEBNIS_BOT_TOKEN }}" @@ -299,7 +299,7 @@ jobs: steps: - name: "Add labels based on branch name" - uses: "ergebnis/.github/actions/github/pull-request/add-label-based-on-branch-name@1.8.0" + uses: "ergebnis/.github/actions/github/pull-request/add-label-based-on-branch-name@1.9.3" with: github-token: "${{ secrets.ERGEBNIS_BOT_TOKEN }}" ``` @@ -353,7 +353,7 @@ jobs: steps: - name: "Approve pull request" - uses: "ergebnis/.github/actions/github/pull-request/approve@1.8.0" + uses: "ergebnis/.github/actions/github/pull-request/approve@1.9.3" with: github-token: "${{ secrets.ERGEBNIS_BOT_TOKEN }}" ``` @@ -405,7 +405,7 @@ jobs: steps: - name: "Merge pull request" - uses: "ergebnis/.github/actions/github/pull-request/merge@1.8.0" + uses: "ergebnis/.github/actions/github/pull-request/merge@1.9.3" with: github-token: "${{ secrets.ERGEBNIS_BOT_TOKEN }}" ``` @@ -458,7 +458,7 @@ jobs: steps: - name: "Request review from @ergebnis-bot" - uses: "ergebnis/.github/actions/github/pull-request/request-review@1.8.0" + uses: "ergebnis/.github/actions/github/pull-request/request-review@1.9.3" with: github-token: "${{ secrets.ERGEBNIS_BOT_TOKEN }}" reviewer: "ergebnis-bot" @@ -503,7 +503,7 @@ jobs: steps: - name: "Create release" - uses: "ergebnis/.github/actions/github/release/create@1.8.0" + uses: "ergebnis/.github/actions/github/release/create@1.9.3" with: github-token: "${{ secrets.ERGEBNIS_BOT_TOKEN }}" ``` @@ -591,12 +591,12 @@ jobs: steps: - name: "Checkout" - uses: "actions/checkout@v3.0.2" + uses: "actions/checkout@v5.0.0" with: fetch-depth: 50 - name: "Request broken links check on ohdear.app" - uses: "ergebnis/.github/actions/oh-dear/maintenance-period/start@1.8.0" + uses: "ergebnis/.github/actions/oh-dear/maintenance-period/start@1.9.3" with: oh-dear-api-token: "${{ secrets.OH_DEAR_API_TOKEN }}" oh-dear-check-id: "${{ secrets.OH_DEAR_BROKEN_LINKS_CHECK_ID }}" @@ -637,12 +637,12 @@ jobs: steps: - name: "Checkout" - uses: "actions/checkout@v3.0.2" + uses: "actions/checkout@v5.0.0" with: fetch-depth: 50 - name: "Start maintenance period on ohdear.app" - uses: "ergebnis/.github/actions/oh-dear/maintenance-period/start@1.8.0" + uses: "ergebnis/.github/actions/oh-dear/maintenance-period/start@1.9.3" with: oh-dear-api-token: "${{ secrets.OH_DEAR_API_TOKEN }}" oh-dear-site-id: "${{ secrets.OH_DEAR_SITE_ID }}" @@ -683,12 +683,12 @@ jobs: steps: - name: "Checkout" - uses: "actions/checkout@v3.0.2" + uses: "actions/checkout@v5.0.0" with: fetch-depth: 50 - name: "Stop maintenance period on ohdear.app" - uses: "ergebnis/.github/actions/oh-dear/maintenance-period/stop@1.8.0" + uses: "ergebnis/.github/actions/oh-dear/maintenance-period/stop@1.9.3" with: oh-dear-api-token: "${{ secrets.OH_DEAR_API_TOKEN }}" oh-dear-site-id: "${{ secrets.OH_DEAR_SITE_ID }}" @@ -730,17 +730,17 @@ jobs: steps: - name: "Checkout" - uses: "actions/checkout@v3.0.2" + uses: "actions/checkout@v5.0.0" - name: "Set up PHP" - uses: "shivammathur/setup-php@2.21.2" + uses: "shivammathur/setup-php@2.35.4" with: coverage: "none" php-version: "8.1" tools: "phive" - name: "Install dependencies with phive" - uses: "ergebnis/.github/actions/phive/install@1.8.0" + uses: "ergebnis/.github/actions/phive/install@1.9.3" with: trust-gpg-keys: "0x033E5F8D801A2F8D,0x2A8299CE842DD38C" ``` From 4103ff7c010d2c18dc84f72d6704227868412482 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Andreas=20M=C3=B6ller?= Date: Mon, 1 Sep 2025 07:36:08 +0200 Subject: [PATCH 13/20] Enhancement: Prepare release --- .github/SECURITY.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/SECURITY.md b/.github/SECURITY.md index b3344d9..cf38dba 100644 --- a/.github/SECURITY.md +++ b/.github/SECURITY.md @@ -4,13 +4,13 @@ The following versions of `ergebnis/.github` have active support: -- `^1.9.3` +- `^1.10.0` ## Unsupported Versions The following versions of `ergebnis/.github` have reached their end of life: -- `<1.9.3` +- `<1.10.0` ## Reporting a Vulnerability From aed9e06f5e1e76d034dca0e909b4adf9e8e93edf Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 2 Sep 2025 14:08:52 +0000 Subject: [PATCH 14/20] github-actions(deps): bump ergebnis/.github from 1.9.3 to 1.10.0 Bumps [ergebnis/.github](https://github.com/ergebnis/.github) from 1.9.3 to 1.10.0. - [Release notes](https://github.com/ergebnis/.github/releases) - [Changelog](https://github.com/ergebnis/.github/blob/main/CHANGELOG.md) - [Commits](https://github.com/ergebnis/.github/compare/1.9.3...1.10.0) --- updated-dependencies: - dependency-name: ergebnis/.github dependency-version: 1.10.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/merge.yaml | 8 ++++---- .github/workflows/release.yaml | 2 +- .github/workflows/triage.yaml | 2 +- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/merge.yaml b/.github/workflows/merge.yaml index 99e0637..61d417f 100644 --- a/.github/workflows/merge.yaml +++ b/.github/workflows/merge.yaml @@ -26,23 +26,23 @@ jobs: steps: - name: "Request review from @ergebnis-bot" - uses: "ergebnis/.github/actions/github/pull-request/request-review@1.9.3" + uses: "ergebnis/.github/actions/github/pull-request/request-review@1.10.0" with: github-token: "${{ secrets.ERGEBNIS_BOT_TOKEN }}" reviewer: "ergebnis-bot" - name: "Assign @ergebnis-bot" - uses: "ergebnis/.github/actions/github/pull-request/add-assignee@1.9.3" + uses: "ergebnis/.github/actions/github/pull-request/add-assignee@1.10.0" with: assignee: "ergebnis-bot" github-token: "${{ secrets.ERGEBNIS_BOT_TOKEN }}" - name: "Approve pull request" - uses: "ergebnis/.github/actions/github/pull-request/approve@1.9.3" + uses: "ergebnis/.github/actions/github/pull-request/approve@1.10.0" with: github-token: "${{ secrets.ERGEBNIS_BOT_TOKEN }}" - name: "Merge pull request" - uses: "ergebnis/.github/actions/github/pull-request/merge@1.9.3" + uses: "ergebnis/.github/actions/github/pull-request/merge@1.10.0" with: github-token: "${{ secrets.ERGEBNIS_BOT_TOKEN }}" diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 885dc53..9b17703 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -17,7 +17,7 @@ jobs: steps: - name: "Create release" - uses: "ergebnis/.github/actions/github/release/create@1.9.3" + uses: "ergebnis/.github/actions/github/release/create@1.10.0" with: github-token: "${{ secrets.ERGEBNIS_BOT_TOKEN }}" diff --git a/.github/workflows/triage.yaml b/.github/workflows/triage.yaml index ccad00a..1218ec2 100644 --- a/.github/workflows/triage.yaml +++ b/.github/workflows/triage.yaml @@ -17,6 +17,6 @@ jobs: steps: - name: "Add labels based on branch name" - uses: "ergebnis/.github/actions/github/pull-request/add-label-based-on-branch-name@1.9.3" + uses: "ergebnis/.github/actions/github/pull-request/add-label-based-on-branch-name@1.10.0" with: github-token: "${{ secrets.ERGEBNIS_BOT_TOKEN }}" From 5216823684bf534e73a54316b73fd8c7882d64c7 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 8 Sep 2025 22:02:07 +0000 Subject: [PATCH 15/20] github-actions(deps): bump actions/github-script Bumps [actions/github-script](https://github.com/actions/github-script) from 7.0.1 to 8.0.0. - [Release notes](https://github.com/actions/github-script/releases) - [Commits](https://github.com/actions/github-script/compare/v7.0.1...v8.0.0) --- updated-dependencies: - dependency-name: actions/github-script dependency-version: 8.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- actions/github/pull-request/approve/action.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/actions/github/pull-request/approve/action.yaml b/actions/github/pull-request/approve/action.yaml index 960d917..1706036 100644 --- a/actions/github/pull-request/approve/action.yaml +++ b/actions/github/pull-request/approve/action.yaml @@ -19,7 +19,7 @@ runs: steps: - name: "Determine pull request number" - uses: "actions/github-script@v7.0.1" + uses: "actions/github-script@v8.0.0" with: github-token: "${{ inputs.github-token }}" script: | @@ -41,7 +41,7 @@ runs: core.setFailed(`Unable to determine the pull request number for event "${context.eventName}"`); - name: "Approve pull request" - uses: "actions/github-script@v7.0.1" + uses: "actions/github-script@v8.0.0" with: github-token: "${{ inputs.github-token }}" script: | From 9e6b7862a36d1208fff47f11d0e7a74d1a7e4d41 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 8 Sep 2025 22:02:19 +0000 Subject: [PATCH 16/20] github-actions(deps): bump actions/github-script Bumps [actions/github-script](https://github.com/actions/github-script) from 7.0.1 to 8.0.0. - [Release notes](https://github.com/actions/github-script/releases) - [Commits](https://github.com/actions/github-script/compare/v7.0.1...v8.0.0) --- updated-dependencies: - dependency-name: actions/github-script dependency-version: 8.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .../pull-request/add-label-based-on-branch-name/action.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/actions/github/pull-request/add-label-based-on-branch-name/action.yaml b/actions/github/pull-request/add-label-based-on-branch-name/action.yaml index e753ad1..c19114c 100644 --- a/actions/github/pull-request/add-label-based-on-branch-name/action.yaml +++ b/actions/github/pull-request/add-label-based-on-branch-name/action.yaml @@ -19,7 +19,7 @@ runs: steps: - name: "Determine pull request number" - uses: "actions/github-script@v7.0.1" + uses: "actions/github-script@v8.0.0" with: github-token: "${{ inputs.github-token }}" script: | @@ -43,7 +43,7 @@ runs: core.setFailed(`Unable to determine the pull request number and branch name for event "${context.eventName}"`); - name: "Add label to pull request based on branch name" - uses: "actions/github-script@v7.0.1" + uses: "actions/github-script@v8.0.0" with: github-token: "${{ inputs.github-token }}" script: | From e308fa0ae95a4b1d80bf86b7269c9c42dc6a19a0 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 8 Sep 2025 22:02:27 +0000 Subject: [PATCH 17/20] github-actions(deps): bump actions/github-script Bumps [actions/github-script](https://github.com/actions/github-script) from 7.0.1 to 8.0.0. - [Release notes](https://github.com/actions/github-script/releases) - [Commits](https://github.com/actions/github-script/compare/v7.0.1...v8.0.0) --- updated-dependencies: - dependency-name: actions/github-script dependency-version: 8.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- actions/github/release/create/action.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/actions/github/release/create/action.yaml b/actions/github/release/create/action.yaml index 91e8fd6..1c90e25 100644 --- a/actions/github/release/create/action.yaml +++ b/actions/github/release/create/action.yaml @@ -27,7 +27,7 @@ runs: shell: "bash" - name: "Create release" - uses: "actions/github-script@v7.0.1" + uses: "actions/github-script@v8.0.0" with: github-token: "${{ inputs.github-token }}" script: | From 64a7590c4a885aa9b046bf2142bda60b1f84e94a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 8 Sep 2025 22:02:54 +0000 Subject: [PATCH 18/20] github-actions(deps): bump actions/github-script Bumps [actions/github-script](https://github.com/actions/github-script) from 7.0.1 to 8.0.0. - [Release notes](https://github.com/actions/github-script/releases) - [Commits](https://github.com/actions/github-script/compare/v7.0.1...v8.0.0) --- updated-dependencies: - dependency-name: actions/github-script dependency-version: 8.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- actions/github/pull-request/request-review/action.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/actions/github/pull-request/request-review/action.yaml b/actions/github/pull-request/request-review/action.yaml index c3c5dbb..e134fb8 100644 --- a/actions/github/pull-request/request-review/action.yaml +++ b/actions/github/pull-request/request-review/action.yaml @@ -22,7 +22,7 @@ runs: steps: - name: "Determine pull request number" - uses: "actions/github-script@v7.0.1" + uses: "actions/github-script@v8.0.0" with: github-token: "${{ inputs.github-token }}" script: | @@ -44,7 +44,7 @@ runs: core.setFailed(`Unable to determine the pull request number for event "${context.eventName}"`); - name: "Request reviewer" - uses: "actions/github-script@v7.0.1" + uses: "actions/github-script@v8.0.0" env: REVIEWER: "${{ inputs.reviewer }}" with: From 3e817d2d8ae639750d21c1c27474403b2e969ffc Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 8 Sep 2025 22:03:05 +0000 Subject: [PATCH 19/20] github-actions(deps): bump actions/github-script Bumps [actions/github-script](https://github.com/actions/github-script) from 7.0.1 to 8.0.0. - [Release notes](https://github.com/actions/github-script/releases) - [Commits](https://github.com/actions/github-script/compare/v7.0.1...v8.0.0) --- updated-dependencies: - dependency-name: actions/github-script dependency-version: 8.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- actions/github/pull-request/add-assignee/action.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/actions/github/pull-request/add-assignee/action.yaml b/actions/github/pull-request/add-assignee/action.yaml index 2836deb..c3c1599 100644 --- a/actions/github/pull-request/add-assignee/action.yaml +++ b/actions/github/pull-request/add-assignee/action.yaml @@ -22,7 +22,7 @@ runs: steps: - name: "Determine pull request number" - uses: "actions/github-script@v7.0.1" + uses: "actions/github-script@v8.0.0" with: github-token: "${{ inputs.github-token }}" script: | @@ -44,7 +44,7 @@ runs: core.setFailed(`Unable to determine the pull request number for event "${context.eventName}"`); - name: "Add assignee to pull request" - uses: "actions/github-script@v7.0.1" + uses: "actions/github-script@v8.0.0" env: ASSIGNEE: "${{ inputs.assignee }}" with: From e65cde1e2f8cc9923cac264c43479ec49611eb86 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 30 Sep 2025 00:21:42 +0000 Subject: [PATCH 20/20] github-actions(deps): bump actions/cache in /actions/phive/install Bumps [actions/cache](https://github.com/actions/cache) from 4.2.4 to 4.3.0. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/v4.2.4...v4.3.0) --- updated-dependencies: - dependency-name: actions/cache dependency-version: 4.3.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- actions/phive/install/action.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/actions/phive/install/action.yaml b/actions/phive/install/action.yaml index ad48c0c..2261c0c 100644 --- a/actions/phive/install/action.yaml +++ b/actions/phive/install/action.yaml @@ -26,7 +26,7 @@ runs: shell: "bash" - name: "Cache dependencies installed with phive" - uses: "actions/cache@v4.2.4" + uses: "actions/cache@v4.3.0" with: path: "${{ inputs.phive-home }}" key: "phive-${{ hashFiles('**/phars.xml') }}"