Martin von Zweigbergk
10d24ef267
github: remove broken workflow to enable auto-merge for Dependabot
...
The workflow that was supposed to enable auto-merge for PRs from
Dependabot is failing like this:
```
Message: Resource not accessible by integration, Locations: [{Line:1 Column:72}]
```
I can't figure out why it's failing (maybe
https://github.com/cli/cli/issues/1314 ?), so let's just remove it.
2022-09-12 10:23:58 -07:00
dependabot[bot]
210528e8ae
github: bump ossf/scorecard-action from 1.1.2 to 2.0.3
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 1.1.2 to 2.0.3.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](ce330fde6b...865b409285
2022-09-12 09:00:26 -07:00
Martin von Zweigbergk
c7a782b0a1
github: give dependabot auto-merge action permission to update PR
...
Hopefully this is the last bit I was missing to get this to work :)
2022-09-09 12:43:56 -07:00
Martin von Zweigbergk
a33417fa35
github: pass --rebase to gh pr merge since it requires it
...
It seems that there's no way to just enable auto-merge without
specifying a merge strategy (presumably because some projects allow
several GitHub merge strategies), so I guess we'll have to live with
the strategy being duplicated between here and the project settings.
2022-09-06 16:08:24 -07:00
Martin von Zweigbergk
2ff710a131
github: enable auto-merge on Dependabot PRs
...
To merge a Dependabot PR, I have to enable auto-merge (two clicks,
including one to confim) and then review and approve it. Since our
branch protections require the PR to be approved, it seems that that
should be enough. This patch adds a GitHub action that calls runs the
GitHub CLI to do that. It is based on
https://dev.to/slashgear_/how-to-automatically-merge-dependabot-pull-requests-with-github-actions--30pe
2022-09-02 11:49:26 -07:00
dependabot[bot]
f0d7381fa6
github: bump github/codeql-action from 2.1.19 to 2.1.22
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.19 to 2.1.22.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](f5d217be74...b398f525a5
2022-09-01 10:49:04 -07:00
Martin von Zweigbergk
8b049cebd1
github: remove incorrect "v" prefix in a cargo-deny-action hash
2022-08-22 20:29:35 -07:00
Augie Fackler
e0208b9e8c
workflows: pin action versions for cargo-deny checks
2022-08-22 22:33:37 -04:00
Augie Fackler
679cd4cd95
deny: run as a github action so it's tested in CI
...
I think I did this right?
2022-08-22 22:33:37 -04:00
dependabot[bot]
ef987e9049
github: bump github/codeql-action from 2.1.18 to 2.1.19
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.18 to 2.1.19.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](2ca79b6fa8...f5d217be74
2022-08-19 09:02:58 -07:00
dependabot[bot]
7c90f9e18d
github: bump github/codeql-action from 2.1.17 to 2.1.18
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.17 to 2.1.18.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](0c670bbf04...2ca79b6fa8
2022-08-05 18:43:38 +02:00
dependabot[bot]
514fd83663
github: bump github/codeql-action from 2.1.16 to 2.1.17
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.16 to 2.1.17.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](3e7e3b32d0...0c670bbf04
2022-07-29 21:10:07 +02:00
dependabot[bot]
5b31e019cf
github: bump github/codeql-action from 2.1.15 to 2.1.16
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.15 to 2.1.16.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](3f62b754e2...3e7e3b32d0
2022-07-13 08:54:19 -07:00
dependabot[bot]
40293b5f9a
github: bump github/codeql-action from 2.1.14 to 2.1.15
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.14 to 2.1.15.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](41a4ada31b...3f62b754e2
2022-06-30 12:53:45 +08:00
dependabot[bot]
54de880845
github: bump ossf/scorecard-action from 1.1.1 to 1.1.2
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 1.1.1 to 1.1.2.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](3e15ea8318...ce330fde6b
2022-06-29 06:28:31 +08:00
dependabot[bot]
784692007f
github: bump github/codeql-action from 2.1.13 to 2.1.14
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.13 to 2.1.14.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](d00e8c09a3...41a4ada31b
2022-06-27 06:25:48 +08:00
dependabot[bot]
42f24521ad
github: bump github/codeql-action from 2.1.12 to 2.1.13
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.12 to 2.1.13.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](27ea8f8fe5...d00e8c09a3
2022-06-22 04:11:32 +07:00
Martin von Zweigbergk
39fc56dafb
github: include reminder about docs in PR template
2022-06-09 22:43:53 -07:00
dependabot[bot]
92b1ae8006
github: bump github/codeql-action from 2.1.11 to 2.1.12
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.11 to 2.1.12.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](a3a6c128d7...27ea8f8fe5
2022-06-02 08:59:28 -07:00
dependabot[bot]
2905eb390b
github: bump ossf/scorecard-action from 1.1.0 to 1.1.1
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 1.1.0 to 1.1.1.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](5c8bc69dc8...3e15ea8318
2022-06-01 09:07:00 -07:00
dependabot[bot]
9a2502f6b0
github: bump ossf/scorecard-action from 1.0.4 to 1.1.0
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 1.0.4 to 1.1.0.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](c1aec4ac82...5c8bc69dc8
2022-05-26 08:36:59 -07:00
Martin von Zweigbergk
ac82ad892e
github: fail CI on clippy warnings
2022-05-25 11:44:22 -07:00
dependabot[bot]
5d8f7dd0ce
github: bump actions/upload-artifact from 3.0.0 to 3.1.0
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 3.0.0 to 3.1.0.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](6673cd052c...3cea537223
2022-05-20 09:08:59 -07:00
dependabot[bot]
cbe370fdd9
github: bump github/codeql-action from 2.1.10 to 2.1.11
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.10 to 2.1.11.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](2f58583a1b...a3a6c128d7
2022-05-17 09:07:56 -07:00
dependabot[bot]
1e55b790eb
github: bump github/codeql-action from 2.1.9 to 2.1.10
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.9 to 2.1.10.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](7502d6e991...2f58583a1b
2022-05-13 08:41:27 -07:00
Martin von Zweigbergk
31041ef46c
github: trigger all builds on main branch, and PR for any branch
...
The conditions for triggering Nix builds and other builds were
slightly different.
Nix builds triggered by PRs happened on PRs for any branch, not just
the `main` branch. That makes very little difference in practice
because PRs for other branches are very rare. Still, let's be
consistent. I decided to trigger the builds on PRs for any branch.
More importantly, Nix builds triggered by push were only done for
pushes to `master`, which is not what our main branch is called, so
those never happened.
2022-05-06 11:56:50 -07:00
Martin von Zweigbergk
36ae9421ad
github: don't override nixpkgs version (use the lock file's version)
...
I don't know what it was overridden here, but it meant that CI didn't
notice that the package was broken (#299 ).
2022-05-05 11:14:08 -07:00
Martin von Zweigbergk
ffc57310f6
cargo: upgrade protobuf crates to 3.0.1
...
The biggest difference in the API is that fields are now public. The
exception from that is `oneof` fields, which still require setters and
getters.
I couldn't measure any difference in performance. I didn't expect any
difference either, but it's good that it didn't seem to regress. I
timed `jj debug operation <some hash prefix>`, which will read the
whole operation log (to check that the prefix is unambiguous).
2022-05-04 17:02:11 -07:00
Martin von Zweigbergk
efa77fd024
github: run clippy on all targets (including tests and benches)
2022-05-03 15:41:03 -07:00
Martin von Zweigbergk
cce2ca06e2
github: stop running nightly clippy
...
It seems fine to wait for the clippy lints to graduate before we run
them if we can save a bit of GitHub resources.
2022-05-03 15:41:03 -07:00
dependabot[bot]
aff2293e1d
github: bump github/codeql-action from 2.1.8 to 2.1.9
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.8 to 2.1.9.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](1ed1437484...7502d6e991
2022-04-28 08:49:42 -07:00
dependabot[bot]
6076c01d20
github: bump actions/checkout from 3.0.1 to 3.0.2
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.0.1 to 3.0.2.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](dcd71f6466...2541b1294d
2022-04-21 09:10:26 -07:00
Martin von Zweigbergk
5e729eced7
github: also run tests on our MSRV (1.58)
...
This patch sets up an additional CI strategy running tests on 1.58, to
make sure we don't accidentally use newer features. I've only made it
run on one platform (Linux) to avoid wasting resources. There's of
course a small risk that we start depending on platform-specific APIs
from newer versions.
2022-04-19 16:47:42 -07:00
dependabot[bot]
32a39c52e1
github: bump actions/checkout from 3.0.0 to 3.0.1
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.0.0 to 3.0.1.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](a12a3943b4...dcd71f6466
2022-04-15 08:53:12 -07:00
dependabot[bot]
d9c8f49d91
github: bump github/codeql-action from 2.1.7 to 2.1.8
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.7 to 2.1.8.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](0182a2c78c...1ed1437484
2022-04-08 08:46:41 -07:00
Waleed Khan
672f9e85cb
github: remove complete directory for releases
...
This directory doesn't seem to do anything.
2022-04-08 06:08:32 -07:00
dependabot[bot]
f0538a1d06
github: bump cachix/install-nix-action from 16 to 17
...
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action ) from 16 to 17.
- [Release notes](https://github.com/cachix/install-nix-action/releases )
- [Commits](d56f3ce9be...d64e055310
2022-04-07 09:26:26 -07:00
dependabot[bot]
243836ebf3
github: bump github/codeql-action from 2.1.6 to 2.1.7
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.6 to 2.1.7.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](28eead2408...0182a2c78c
2022-04-06 09:46:28 -07:00
dependabot[bot]
e34dfe00df
github: bump github/codeql-action from 1.1.5 to 2.1.6
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 1.1.5 to 2.1.6.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](8834766498...28eead2408
2022-03-30 09:32:32 -07:00
Martin von Zweigbergk
eff615998f
github: add reminder in PR template about updating the changelog
2022-03-23 09:57:42 -07:00
Martin von Zweigbergk
b4e6fab1af
github: restrict Clippy's access again
...
It seems "checks" is the permissions it needs to be able to comment on
pull-requests.
2022-03-18 22:51:25 -07:00
dependabot[bot]
36a575ccbf
github: bump actions-rs/cargo from 1.0.1 to 1.0.3
...
Bumps [actions-rs/cargo](https://github.com/actions-rs/cargo ) from 1.0.1 to 1.0.3.
- [Release notes](https://github.com/actions-rs/cargo/releases )
- [Changelog](https://github.com/actions-rs/cargo/blob/master/CHANGELOG.md )
- [Commits](ae10961054...844f36862e
2022-03-18 08:53:12 -07:00
dependabot[bot]
bde79f7a60
github: bump actions-rs/toolchain from 1.0.6 to 1.0.7
...
Bumps [actions-rs/toolchain](https://github.com/actions-rs/toolchain ) from 1.0.6 to 1.0.7.
- [Release notes](https://github.com/actions-rs/toolchain/releases )
- [Changelog](https://github.com/actions-rs/toolchain/blob/master/CHANGELOG.md )
- [Commits](b2417cde72...16499b5e05
2022-03-18 08:45:06 -07:00
Martin von Zweigbergk
53721f7d25
github: pin cachix/install-nix-action version by hash
2022-03-17 09:19:12 -07:00
Martin von Zweigbergk
23c92ccf45
github: pin actions-rs/clippy-check version by hash
2022-03-17 09:19:12 -07:00
Martin von Zweigbergk
de56053531
github: pin actions-rs/toolchain version by hash
2022-03-17 09:19:12 -07:00
Martin von Zweigbergk
d6967fd690
github: pin actions/upload-release-asset version by hash
2022-03-17 09:19:12 -07:00
Martin von Zweigbergk
13f7354cfe
github: pin actions-rs/cargo version by hash
2022-03-17 09:19:12 -07:00
Martin von Zweigbergk
b36e50c09d
github: pin actions/checkout version by hash
2022-03-17 09:19:12 -07:00
dependabot[bot]
4fab28ffc6
github: bump actions/checkout from 2 to 3
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-03-16 22:57:55 -07:00
