Commit graph

11 commits

Author SHA1 Message Date
Marshall Bowers
e20db039d6
Upgrade pnpm/action-setup to v4.0.0 (#15427)
This PR upgrades the `pnpm/action-setup` GitHub Action to v4.0.0.

Trying to see if I can fix the Renovate warning stemming from
https://github.com/pnpm/action-setup/issues/95.

Release Notes:

- N/A
2024-07-29 09:06:19 -04:00
Marshall Bowers
58755a6c88
docs: Check formatting in CI (#15355)
This PR adds a CI step to ensure the docs are properly formatted.

Release Notes:

- N/A
2024-07-27 15:47:48 -04:00
renovate[bot]
cd9a42e8da
Pin dependencies (#15188)
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
|
[2428392/gh-truncate-string-action](https://togithub.com/2428392/gh-truncate-string-action)
| action | pinDigest | -> `67b1b81` |
| [actions/checkout](https://togithub.com/actions/checkout) | action |
pinDigest | -> `692973e` |
| [actions/checkout](https://togithub.com/actions/checkout) | action |
pinDigest | -> `ee0669b` |
| [actions/setup-node](https://togithub.com/actions/setup-node) | action
| pinDigest | -> `1e60f62` |
| [actions/setup-python](https://togithub.com/actions/setup-python) |
action | pinDigest | -> `39cd149` |
|
[actions/upload-artifact](https://togithub.com/actions/upload-artifact)
| action | pinDigest | -> `0b2256b` |
|
[cloudflare/wrangler-action](https://togithub.com/cloudflare/wrangler-action)
| action | pinDigest | -> `f84a562` |
|
[dcarbone/install-jq-action](https://togithub.com/dcarbone/install-jq-action)
| action | pinDigest | -> `8867ddb` |
|
[peaceiris/actions-mdbook](https://togithub.com/peaceiris/actions-mdbook)
| action | pinDigest | -> `ee69d23` |
| [rui314/setup-mold](https://togithub.com/rui314/setup-mold) | action |
pinDigest | -> `2e332a0` |
|
[softprops/action-gh-release](https://togithub.com/softprops/action-gh-release)
| action | pinDigest | -> `de2c0eb` |
| [swatinem/rust-cache](https://togithub.com/swatinem/rust-cache) |
action | pinDigest | -> `23bce25` |
|
[tsickert/discord-webhook](https://togithub.com/tsickert/discord-webhook)
| action | pinDigest | -> `c840d45` |

---

### Configuration

📅 **Schedule**: Branch creation - "after 3pm on Wednesday" in timezone
America/New_York, Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config help](https://togithub.com/renovatebot/renovate/discussions) if
that's undesired.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

Release Notes:

- N/A

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy40MzguMCIsInVwZGF0ZWRJblZlciI6IjM3LjQzOC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-07-25 09:19:05 -04:00
Marshall Bowers
bf03f66d02
danger: Upgrade to pnpm v9 (#13051)
This PR upgrades Danger to use pnpm v9.

Release Notes:

- N/A
2024-06-14 11:08:15 -04:00
Marshall Bowers
13c14d9b96
Proxy Danger requests through a proxy service (#10395)
This PR updates Danger to proxy its requests to GitHub through a proxy
service.

## Motivation

Currently Danger is not able to run on PRs opened from forks of Zed.

This is due to GitHub Actions' security policies. Forks are not able to
see any of the repository secrets, and the built-in
`secrets.GITHUB_TOKEN` has its permissions
[restricted](https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token)
to only reads when running on forks.

I asked around on the Danger repo, and some big projects
(DefinitelyTyped) are working around this by using a publicly-listed
(although slightly obfuscated) token:
https://github.com/danger/danger-js/issues/918#issuecomment-2048629487.

While this approach is _probably_ okay given the limited scope and
permissions of the GitHub token, I would still prefer a solution that
avoids disclosing the token at all.

## Explanation

I ended up writing a small proxy service, [Danger
Proxy](https://github.com/maxdeviant/danger-proxy), that can be used to
provide Danger with the ability to make authenticated GitHub requests,
but without disclosing the token.

From the README:

> Danger Proxy will:
>
> - Proxy all requests to `/github/*` to the GitHub API. The provided
GitHub API token will be used for authentication.
> - Restrict requests to the list of repositories specified in the
`ALLOWED_REPOS` environment variable.
> - Restrict requests to the subset of the GitHub API that Danger
requires.

I have an instance of this service deployed to
[danger-proxy.fly.dev](https://danger-proxy.fly.dev/).

Release Notes:

- N/A
2024-04-11 00:01:20 -04:00
Marshall Bowers
3cf93dfcf6 Revert "Update GITHUB_TOKEN environment variable for Danger (#10365)"
Danger doesn't appear to work with PRs from forks: https://github.com/danger/danger-js/issues/918

Will need to research this some more.

This reverts commit 53d0cc6146.
2024-04-10 13:29:54 -04:00
Marshall Bowers
53d0cc6146
Update GITHUB_TOKEN environment variable for Danger (#10365)
This PR updates the `GITHUB_TOKEN` environment variable that we use for
Danger so that it should (hopefully) be able to run for PRs of external
contributors.

Followed the instructions outlined
[here](https://danger.systems/js/guides/getting_started#setting-up-danger-to-run-on-your-ci).

Danger comments will now by left by the @zed-industries-bot:

<img width="951" alt="Screenshot 2024-04-10 at 1 07 15 PM"
src="https://github.com/zed-industries/zed/assets/1486634/d28cd537-9626-47df-8878-75a778824ef4">

Release Notes:

- N/A
2024-04-10 13:09:27 -04:00
Marshall Bowers
a161a7d0c9
Format YAML files (#7887)
This PR formats the YAML files in the repo with Prettier.

Release Notes:

- N/A
2024-02-15 22:04:57 -05:00
Kirill Bulatov
25c4cfe1d0 Bump action runners versions 2024-02-09 15:25:16 +02:00
Kirill Bulatov
b59f925933
Upgrade GH actions to reduce CI warnings (#7403)
Deals with one of the warnings GH shows on our actions run:

https://github.com/zed-industries/zed/actions/runs/7790218555
<img width="1383" alt="image"
src="https://github.com/zed-industries/zed/assets/2690773/e523ec7c-bf43-4b0d-8c36-8540aef6fae9">

bufbuild/* actions seem to have no new major versions so there's nothing
new to upgrade to.

Release Notes:

- N/A
2024-02-05 22:26:56 +02:00
Marshall Bowers
d60ef81ede
Setup Danger (#6994)
This PR sets up [Danger](https://danger.systems/js/) to help us codify
some of our PR rules.

As an initial rule, Danger will check to ensure that every PR has a
`Release Notes` section:

<img width="943" alt="Screenshot 2024-01-29 at 11 50 12 AM"
src="https://github.com/zed-industries/zed/assets/1486634/4d56e759-e72f-4bc0-8e74-42c55e2e6888">

Release Notes:

- N/A
2024-01-29 11:58:24 -05:00