coder

mirror of https://github.com/coder/coder.git synced 2026-06-03 21:18:24 +00:00

Author	SHA1	Message	Date
david-fraley	03a1653324	ci: add triage workflow using Coder Chat API (#23154 )	2026-03-20 09:54:37 -05:00
dependabot[bot]	abd7b7aeba	ci: bump the github-actions group across 1 directory with 9 updates (#23345 ) Bumps the github-actions group with 10 updates in the / directory: \| Package \| From \| To \| \| --- \| --- \| --- \| \| [crate-ci/typos](https://github.com/crate-ci/typos) \| `1.40.0` \| `1.44.0` \| \| [actions/upload-artifact](https://github.com/actions/upload-artifact) \| `6.0.0` \| `7.0.0` \| \| [docker/login-action](https://github.com/docker/login-action) \| `3.7.0` \| `4.0.0` \| \| [actions/attest](https://github.com/actions/attest) \| `3.2.0` \| `4.1.0` \| \| [tj-actions/changed-files](https://github.com/tj-actions/changed-files) \| `47.0.1` \| `47.0.5` \| \| [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) \| `3.12.0` \| `4.0.0` \| \| [linear/linear-release-action](https://github.com/linear/linear-release-action) \| `0.4.0` \| `0.5.0` \| \| [benc-uk/workflow-dispatch](https://github.com/benc-uk/workflow-dispatch) \| `1.2.4` \| `1.3.1` \| \| [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) \| `c1824fd6edce30d7ab345a9989de00bbd46ef284` \| `57a97c7e7821a5776cebc9bb87c984fa69cba8f1` \| \| [step-security/harden-runner](https://github.com/step-security/harden-runner) \| `2.14.2` \| `2.16.0` \| Updates `crate-ci/typos` from 1.40.0 to 1.44.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/crate-ci/typos/releases">crate-ci/typos's releases</a>.</em></p> <blockquote> <h2>v1.44.0</h2> <h2>[1.44.0] - 2026-02-27</h2> <h3>Features</h3> <ul> <li>Updated the dictionary with the <a href="https://redirect.github.com/crate-ci/typos/issues/1488">February 2026</a> changes</li> </ul> <h2>v1.43.5</h2> <h2>[1.43.5] - 2026-02-16</h2> <h3>Fixes</h3> <ul> <li><em>(pypi)</em> Hopefully fix the sdist build</li> </ul> <h2>v1.43.4</h2> <h2>[1.43.4] - 2026-02-09</h2> <h3>Fixes</h3> <ul> <li>Don't correct <code>pincher</code></li> </ul> <h2>v1.43.3</h2> <h2>[1.43.3] - 2026-02-06</h2> <h3>Fixes</h3> <ul> <li><em>(action)</em> Adjust how typos are reported to github</li> </ul> <h2>v1.43.2</h2> <h2>[1.43.2] - 2026-02-05</h2> <h3>Fixes</h3> <ul> <li>Don't correct <code>certifi</code> in Python</li> </ul> <h2>v1.43.1</h2> <h2>[1.43.1] - 2026-02-03</h2> <h3>Fixes</h3> <ul> <li>Don't correct <code>consts</code></li> </ul> <h2>v1.43.0</h2> <h2>[1.43.0] - 2026-02-02</h2> <h3>Features</h3> <ul> <li>Updated the dictionary with the <a href="https://redirect.github.com/crate-ci/typos/issues/1453">January 2026</a> changes</li> </ul> <h2>v1.42.3</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/crate-ci/typos/blob/master/CHANGELOG.md">crate-ci/typos's changelog</a>.</em></p> <blockquote> <h1>Change Log</h1> <p>All notable changes to this project will be documented in this file.</p> <p>The format is based on <a href="https://keepachangelog.com/">Keep a Changelog</a> and this project adheres to <a href="https://semver.org/">Semantic Versioning</a>.</p> <!-- raw HTML omitted --> <h2>[Unreleased] - ReleaseDate</h2> <h2>[1.44.0] - 2026-02-27</h2> <h3>Features</h3> <ul> <li>Updated the dictionary with the <a href="https://redirect.github.com/crate-ci/typos/issues/1488">February 2026</a> changes</li> </ul> <h2>[1.43.5] - 2026-02-16</h2> <h3>Fixes</h3> <ul> <li><em>(pypi)</em> Hopefully fix the sdist build</li> </ul> <h2>[1.43.4] - 2026-02-09</h2> <h3>Fixes</h3> <ul> <li>Don't correct <code>pincher</code></li> </ul> <h2>[1.43.3] - 2026-02-06</h2> <h3>Fixes</h3> <ul> <li><em>(action)</em> Adjust how typos are reported to github</li> </ul> <h2>[1.43.2] - 2026-02-05</h2> <h3>Fixes</h3> <ul> <li>Don't correct <code>certifi</code> in Python</li> </ul> <h2>[1.43.1] - 2026-02-03</h2> <h3>Fixes</h3> <ul> <li>Don't correct <code>consts</code></li> </ul> <h2>[1.43.0] - 2026-02-02</h2> <h3>Compatibility</h3> <ul> <li>Bumped MSRV to 1.91</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/crate-ci/typos/commit/631208b7aac2daa8b707f55e7331f9112b0e062d"><code>631208b</code></a> chore: Release</li> <li><a href="https://github.com/crate-ci/typos/commit/3d3c6e376823e66c4f3e2583fc47b8be83b66d71"><code>3d3c6e3</code></a> chore: Release</li> <li><a href="https://github.com/crate-ci/typos/commit/ba1f545443d223c6bc2c821dad76c210fa78b46f"><code>ba1f545</code></a> docs: Update changelog</li> <li><a href="https://github.com/crate-ci/typos/commit/102f66c093f0eb1a69937d3d1c589d5f16c5569b"><code>102f66c</code></a> Merge pull request <a href="https://redirect.github.com/crate-ci/typos/issues/1510">#1510</a> from epage/feb</li> <li><a href="https://github.com/crate-ci/typos/commit/d303c9398affd88fc562292a2ec9433a37817b28"><code>d303c93</code></a> feat(dict): February updates</li> <li><a href="https://github.com/crate-ci/typos/commit/30eea72e385d435c00a24eeba0d96f87048f42ec"><code>30eea72</code></a> chore(ci): Update pre-build binary workflow</li> <li><a href="https://github.com/crate-ci/typos/commit/57b11c6b7e54c402ccd9cda953f1072ec4f78e33"><code>57b11c6</code></a> chore: Release</li> <li><a href="https://github.com/crate-ci/typos/commit/105ced22a5a7fedc36cbef6e5dec31b708e9ec5b"><code>105ced2</code></a> docs: Update changelog</li> <li><a href="https://github.com/crate-ci/typos/commit/4f89be7e4a7933f8d9693a9da7a9e9258a8671ba"><code>4f89be7</code></a> Merge pull request <a href="https://redirect.github.com/crate-ci/typos/issues/1504">#1504</a> from schnellerhase/bump-maturin</li> <li><a href="https://github.com/crate-ci/typos/commit/d8547ad9c141d0e2c568b2344f0804a446ff25ab"><code>d8547ad</code></a> Merge pull request <a href="https://redirect.github.com/crate-ci/typos/issues/1503">#1503</a> from 1195343015/patch-1</li> <li>Additional commits viewable in <a href="https://github.com/crate-ci/typos/compare/2d0ce569feab1f8752f1dde43cc2f2aa53236e06...631208b7aac2daa8b707f55e7331f9112b0e062d">compare view</a></li> </ul> </details> <br /> Updates `actions/upload-artifact` from 6.0.0 to 7.0.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's releases</a>.</em></p> <blockquote> <h2>v7.0.0</h2> <h2>v7 What's new</h2> <h3>Direct Uploads</h3> <p>Adds support for uploading single files directly (unzipped). Callers can set the new <code>archive</code> parameter to <code>false</code> to skip zipping the file during upload. Right now, we only support single files. The action will fail if the glob passed resolves to multiple files. The <code>name</code> parameter is also ignored with this setting. Instead, the name of the artifact will be the name of the uploaded file.</p> <h3>ESM</h3> <p>To support new versions of the <code>@actions/*</code> packages, we've upgraded the package to ESM.</p> <h2>What's Changed</h2> <ul> <li>Add proxy integration test by <a href="https://github.com/Link"><code>@Link</code></a>- in <a href="https://redirect.github.com/actions/upload-artifact/pull/754">actions/upload-artifact#754</a></li> <li>Upgrade the module to ESM and bump dependencies by <a href="https://github.com/danwkennedy"><code>@danwkennedy</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/762">actions/upload-artifact#762</a></li> <li>Support direct file uploads by <a href="https://github.com/danwkennedy"><code>@danwkennedy</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/764">actions/upload-artifact#764</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/Link"><code>@Link</code></a>- made their first contribution in <a href="https://redirect.github.com/actions/upload-artifact/pull/754">actions/upload-artifact#754</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/upload-artifact/compare/v6...v7.0.0">https://github.com/actions/upload-artifact/compare/v6...v7.0.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/upload-artifact/commit/bbbca2ddaa5d8feaa63e36b76fdaad77386f024f"><code>bbbca2d</code></a> Support direct file uploads (<a href="https://redirect.github.com/actions/upload-artifact/issues/764">#764</a>)</li> <li><a href="https://github.com/actions/upload-artifact/commit/589182c5a4cec8920b8c1bce3e2fab1c97a02296"><code>589182c</code></a> Upgrade the module to ESM and bump dependencies (<a href="https://redirect.github.com/actions/upload-artifact/issues/762">#762</a>)</li> <li><a href="https://github.com/actions/upload-artifact/commit/47309c993abb98030a35d55ef7ff34b7fa1074b5"><code>47309c9</code></a> Merge pull request <a href="https://redirect.github.com/actions/upload-artifact/issues/754">#754</a> from actions/Link-/add-proxy-integration-tests</li> <li><a href="https://github.com/actions/upload-artifact/commit/02a8460834e70dab0ce194c64360c59dc1475ef0"><code>02a8460</code></a> Add proxy integration test</li> <li>See full diff in <a href="https://github.com/actions/upload-artifact/compare/b7c566a772e6b6bfb58ed0dc250532a479d7789f...bbbca2ddaa5d8feaa63e36b76fdaad77386f024f">compare view</a></li> </ul> </details> <br /> Updates `docker/login-action` from 3.7.0 to 4.0.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/login-action/releases">docker/login-action's releases</a>.</em></p> <blockquote> <h2>v4.0.0</h2> <ul> <li>Node 24 as default runtime (requires <a href="https://github.com/actions/runner/releases/tag/v2.327.1">Actions Runner v2.327.1</a> or later) by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/login-action/pull/929">docker/login-action#929</a></li> <li>Switch to ESM and update config/test wiring by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/login-action/pull/927">docker/login-action#927</a></li> <li>Bump <code>@actions/core</code> from 1.11.1 to 3.0.0 in <a href="https://redirect.github.com/docker/login-action/pull/919">docker/login-action#919</a></li> <li>Bump <code>@aws-sdk/client-ecr</code> from 3.890.0 to 3.1000.0 in <a href="https://redirect.github.com/docker/login-action/pull/909">docker/login-action#909</a> <a href="https://redirect.github.com/docker/login-action/pull/920">docker/login-action#920</a></li> <li>Bump <code>@aws-sdk/client-ecr-public</code> from 3.890.0 to 3.1000.0 in <a href="https://redirect.github.com/docker/login-action/pull/909">docker/login-action#909</a> <a href="https://redirect.github.com/docker/login-action/pull/920">docker/login-action#920</a></li> <li>Bump <code>@docker/actions-toolkit</code> from 0.63.0 to 0.77.0 in <a href="https://redirect.github.com/docker/login-action/pull/910">docker/login-action#910</a> <a href="https://redirect.github.com/docker/login-action/pull/928">docker/login-action#928</a></li> <li>Bump <code>@isaacs/brace-expansion</code> from 5.0.0 to 5.0.1 in <a href="https://redirect.github.com/docker/login-action/pull/921">docker/login-action#921</a></li> <li>Bump js-yaml from 4.1.0 to 4.1.1 in <a href="https://redirect.github.com/docker/login-action/pull/901">docker/login-action#901</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/login-action/compare/v3.7.0...v4.0.0">https://github.com/docker/login-action/compare/v3.7.0...v4.0.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/docker/login-action/commit/b45d80f862d83dbcd57f89517bcf500b2ab88fb2"><code>b45d80f</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/929">#929</a> from crazy-max/node24</li> <li><a href="https://github.com/docker/login-action/commit/176cb9c12abea98dfe844071c0999ff6ee9688a7"><code>176cb9c</code></a> node 24 as default runtime</li> <li><a href="https://github.com/docker/login-action/commit/cad89843109a11cb6f69f52fe695c42cf69d57d3"><code>cad8984</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/920">#920</a> from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...</li> <li><a href="https://github.com/docker/login-action/commit/92cbcb231ed341e7dc71693351b21f5ba65f8349"><code>92cbcb2</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/login-action/commit/5a2d6a71bd3e0cb4abb6faae33f3dde61ece8e5b"><code>5a2d6a7</code></a> build(deps): bump the aws-sdk-dependencies group with 2 updates</li> <li><a href="https://github.com/docker/login-action/commit/44512b6b2e08b878e82b107b394fcd1af5748e63"><code>44512b6</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/928">#928</a> from docker/dependabot/npm_and_yarn/docker/actions-to...</li> <li><a href="https://github.com/docker/login-action/commit/28737a5e46bc0c62910ef429b2e55f9cabbbd5df"><code>28737a5</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/login-action/commit/dac079354afbd8db4c3b58b8cc6946573479b2a6"><code>dac0793</code></a> build(deps): bump <code>@docker/actions-toolkit</code> from 0.76.0 to 0.77.0</li> <li><a href="https://github.com/docker/login-action/commit/62029f315d6d05c8646343320e4a1552e5f1c77a"><code>62029f3</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/919">#919</a> from docker/dependabot/npm_and_yarn/actions/core-3.0.0</li> <li><a href="https://github.com/docker/login-action/commit/08c8f064bf22a1c55918ee608a81d87b13cc4461"><code>08c8f06</code></a> chore: update generated content</li> <li>Additional commits viewable in <a href="https://github.com/docker/login-action/compare/c94ce9fb468520275223c153574b00df6fe4bcc9...b45d80f862d83dbcd57f89517bcf500b2ab88fb2">compare view</a></li> </ul> </details> <br /> Updates `actions/attest` from 3.2.0 to 4.1.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/attest/releases">actions/attest's releases</a>.</em></p> <blockquote> <h2>v4.1.0</h2> <h2>What's Changed</h2> <ul> <li>Bump <code>@actions/attest</code> from 3.0.0 to 3.1.0 by <a href="https://github.com/bdehamer"><code>@bdehamer</code></a> in <a href="https://redirect.github.com/actions/attest/pull/362">actions/attest#362</a></li> <li>Bump <code>@actions/attest</code> from 3.1.0 to 3.2.0 by <a href="https://github.com/bdehamer"><code>@bdehamer</code></a> in <a href="https://redirect.github.com/actions/attest/pull/365">actions/attest#365</a></li> <li>Add new <code>subject-version</code> input for inclusion in storage record by <a href="https://github.com/bdehamer"><code>@bdehamer</code></a> in <a href="https://redirect.github.com/actions/attest/pull/364">actions/attest#364</a></li> <li>Add storage record content to README by <a href="https://github.com/bdehamer"><code>@bdehamer</code></a> in <a href="https://redirect.github.com/actions/attest/pull/366">actions/attest#366</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/attest/compare/v4.0.0...v4.1.0">https://github.com/actions/attest/compare/v4.0.0...v4.1.0</a></p> <h2>v4.0.0</h2> <p>All of the capabilities of <a href="https://github.com/actions/attest-build-provenance"><code>actions/attest-build-provenance</code></a>, and <a href="https://github.com/actions/attest-sbom"><code>actions/attest-sbom</code></a> have now been folded into <code>actions/attest</code>.</p> <h2>What's Changed</h2> <ul> <li>Bump <code>@actions/core</code> from 2.0.1 to 2.0.2 in the npm-production group by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/attest/pull/323">actions/attest#323</a></li> <li>Bump tar from 7.4.3 to 7.5.6 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/attest/pull/333">actions/attest#333</a></li> <li>Bump <code>@actions/github</code> from 6.0.1 to 7.0.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/attest/pull/324">actions/attest#324</a></li> <li>Bump <code>@actions/attest</code> from 2.1.0 to 2.2.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/attest/pull/325">actions/attest#325</a></li> <li>Bump tar from 7.4.3 to 7.5.7 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/attest/pull/337">actions/attest#337</a></li> <li>Bump <code>@isaacs/brace-expansion</code> from 5.0.0 to 5.0.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/attest/pull/342">actions/attest#342</a></li> <li>Consolidate attestation actions by <a href="https://github.com/bdehamer"><code>@bdehamer</code></a> in <a href="https://redirect.github.com/actions/attest/pull/346">actions/attest#346</a></li> <li>ESM Conversion by <a href="https://github.com/bdehamer"><code>@bdehamer</code></a> in <a href="https://redirect.github.com/actions/attest/pull/347">actions/attest#347</a></li> <li>Test suite refactor by <a href="https://github.com/bdehamer"><code>@bdehamer</code></a> in <a href="https://redirect.github.com/actions/attest/pull/356">actions/attest#356</a></li> <li>Bump tar from 7.5.7 to 7.5.9 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/attest/pull/354">actions/attest#354</a></li> <li>Bump version in package.json to v4.0.0 by <a href="https://github.com/bdehamer"><code>@bdehamer</code></a> in <a href="https://redirect.github.com/actions/attest/pull/360">actions/attest#360</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/attest/compare/v3.2.0...v4.0.0">https://github.com/actions/attest/compare/v3.2.0...v4.0.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/attest/commit/59d89421af93a897026c735860bf21b6eb4f7b26"><code>59d8942</code></a> add storage record content to README (<a href="https://redirect.github.com/actions/attest/issues/366">#366</a>)</li> <li><a href="https://github.com/actions/attest/commit/ec072a1cb2a95a9fb38f16ee92f72e0270cbf263"><code>ec072a1</code></a> add new subject-version input (<a href="https://redirect.github.com/actions/attest/issues/364">#364</a>)</li> <li><a href="https://github.com/actions/attest/commit/8b290b8d865f4d5d2caca84a45d0de9620d2187a"><code>8b290b8</code></a> bump <code>@actions/attest</code> from 3.1.0 to 3.2.0 (<a href="https://redirect.github.com/actions/attest/issues/365">#365</a>)</li> <li><a href="https://github.com/actions/attest/commit/35cfe2422ed5658cfc87b5cca7e50507f7d478da"><code>35cfe24</code></a> bump <code>@actions/attest</code> from 3.0.0 to 3.1.0 (<a href="https://redirect.github.com/actions/attest/issues/362">#362</a>)</li> <li><a href="https://github.com/actions/attest/commit/c32b4b8b198b65d0bd9d63490e847ff7b53989d4"><code>c32b4b8</code></a> bump version in package.json to v4.0.0 (<a href="https://redirect.github.com/actions/attest/issues/360">#360</a>)</li> <li><a href="https://github.com/actions/attest/commit/1e73be196c8840af1fa1fbff376890066093a323"><code>1e73be1</code></a> Bump typescript-eslint in the npm-development group (<a href="https://redirect.github.com/actions/attest/issues/358">#358</a>)</li> <li><a href="https://github.com/actions/attest/commit/e1345cbec46c2ad797722d96bfa19e14e3548b70"><code>e1345cb</code></a> Bump the npm-development group across 1 directory with 3 updates (<a href="https://redirect.github.com/actions/attest/issues/357">#357</a>)</li> <li><a href="https://github.com/actions/attest/commit/09cd5f66cb420c0389c6f725c641e08df274410e"><code>09cd5f6</code></a> Bump tar from 7.5.7 to 7.5.9 (<a href="https://redirect.github.com/actions/attest/issues/354">#354</a>)</li> <li><a href="https://github.com/actions/attest/commit/19ad753d23453c7b9e9caf8a907f1d9e08816359"><code>19ad753</code></a> test suite re-write (<a href="https://redirect.github.com/actions/attest/issues/356">#356</a>)</li> <li><a href="https://github.com/actions/attest/commit/7d7ff4475a8e98e172944ad0b6687ab116043a85"><code>7d7ff44</code></a> ESM Conversion (<a href="https://redirect.github.com/actions/attest/issues/347">#347</a>)</li> <li>Additional commits viewable in <a href="https://github.com/actions/attest/compare/e59cbc1ad1ac2d59339667419eb8cdde6eb61e3d...59d89421af93a897026c735860bf21b6eb4f7b26">compare view</a></li> </ul> </details> <br /> Updates `tj-actions/changed-files` from 47.0.1 to 47.0.5 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tj-actions/changed-files/releases">tj-actions/changed-files's releases</a>.</em></p> <blockquote> <h2>v47.0.5</h2> <h2>What's Changed</h2> <ul> <li>Upgraded to v47.0.4 by <a href="https://github.com/github-actions"><code>@github-actions</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2802">tj-actions/changed-files#2802</a></li> <li>Updated README.md by <a href="https://github.com/github-actions"><code>@github-actions</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2803">tj-actions/changed-files#2803</a></li> <li>Updated README.md by <a href="https://github.com/github-actions"><code>@github-actions</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2805">tj-actions/changed-files#2805</a></li> <li>chore(deps-dev): bump <code>@types/node</code> from 25.2.2 to 25.3.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2811">tj-actions/changed-files#2811</a></li> <li>chore(deps): bump actions/download-artifact from 7.0.0 to 8.0.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2810">tj-actions/changed-files#2810</a></li> <li>chore(deps): bump actions/upload-artifact from 6.0.0 to 7.0.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2809">tj-actions/changed-files#2809</a></li> <li>chore(deps-dev): bump eslint-plugin-jest from 29.12.1 to 29.15.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2799">tj-actions/changed-files#2799</a></li> <li>chore(deps): bump github/codeql-action from 4.32.2 to 4.32.4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2806">tj-actions/changed-files#2806</a></li> <li>chore(deps-dev): bump prettier from 3.7.4 to 3.8.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2775">tj-actions/changed-files#2775</a></li> <li>chore(deps): bump peter-evans/create-pull-request from 8.0.0 to 8.1.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2774">tj-actions/changed-files#2774</a></li> <li>chore(deps): bump lodash and <code>@types/lodash</code> by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2807">tj-actions/changed-files#2807</a></li> <li>chore(deps-dev): bump eslint-plugin-prettier from 5.5.4 to 5.5.5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2764">tj-actions/changed-files#2764</a></li> <li>chore(deps): bump github/codeql-action from 4.32.4 to 4.32.5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2815">tj-actions/changed-files#2815</a></li> <li>chore(deps-dev): bump <code>@types/node</code> from 25.3.2 to 25.3.3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2814">tj-actions/changed-files#2814</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/tj-actions/changed-files/compare/v47.0.4...v47.0.5">https://github.com/tj-actions/changed-files/compare/v47.0.4...v47.0.5</a></p> <h2>v47.0.4</h2> <h2>What's Changed</h2> <ul> <li>update: release-tagger action to version 6.0.6 by <a href="https://github.com/jackton1"><code>@jackton1</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2801">tj-actions/changed-files#2801</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/tj-actions/changed-files/compare/v47.0.3...v47.0.4">https://github.com/tj-actions/changed-files/compare/v47.0.3...v47.0.4</a></p> <h2>v47.0.3</h2> <h2>What's Changed</h2> <ul> <li>chore(deps): bump github/codeql-action from 4.31.10 to 4.32.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2790">tj-actions/changed-files#2790</a></li> <li>update: release-tagger action to version 6.0.0 by <a href="https://github.com/jackton1"><code>@jackton1</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2800">tj-actions/changed-files#2800</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/tj-actions/changed-files/compare/v47.0.2...v47.0.3">https://github.com/tj-actions/changed-files/compare/v47.0.2...v47.0.3</a></p> <h2>v47.0.2</h2> <h2>What's Changed</h2> <ul> <li>chore(deps-dev): bump eslint-plugin-jest from 29.2.1 to 29.11.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2751">tj-actions/changed-files#2751</a></li> <li>chore(deps): bump actions/upload-artifact from 5.0.0 to 6.0.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2741">tj-actions/changed-files#2741</a></li> <li>chore(deps): bump actions/download-artifact from 6.0.0 to 7.0.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2743">tj-actions/changed-files#2743</a></li> <li>chore(deps): bump <code>@actions/core</code> from 2.0.0 to 2.0.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2757">tj-actions/changed-files#2757</a></li> <li>Updated README.md by <a href="https://github.com/github-actions"><code>@github-actions</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2768">tj-actions/changed-files#2768</a></li> <li>chore: update dist by <a href="https://github.com/jackton1"><code>@jackton1</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2769">tj-actions/changed-files#2769</a></li> <li>chore: update matrix-example.yml by <a href="https://github.com/jackton1"><code>@jackton1</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2752">tj-actions/changed-files#2752</a></li> <li>feat: add support for excluding symlinks and fix bug with commit not found by <a href="https://github.com/jackton1"><code>@jackton1</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2770">tj-actions/changed-files#2770</a></li> <li>chore(deps): bump github/codeql-action from 4.31.7 to 4.31.10 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2761">tj-actions/changed-files#2761</a></li> <li>Updated README.md by <a href="https://github.com/github-actions"><code>@github-actions</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2771">tj-actions/changed-files#2771</a></li> <li>chore(deps-dev): bump eslint-plugin-jest from 29.11.0 to 29.12.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2756">tj-actions/changed-files#2756</a></li> <li>chore(deps-dev): bump <code>@types/lodash</code> from 4.17.21 to 4.17.23 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2759">tj-actions/changed-files#2759</a></li> <li>fix: Update test.yml by <a href="https://github.com/jackton1"><code>@jackton1</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2781">tj-actions/changed-files#2781</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h1><a href="https://github.com/tj-actions/changed-files/compare/v47.0.4...v47.0.5">47.0.5</a> - (2026-03-03)</h1> <h2><!-- raw HTML omitted -->🔄 Update</h2> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2805">#2805</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/35dace0375d89e25e78db5f0a44127b61f4e5c20">35dace0</a>) - (github-actions[bot])</p> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2803">#2803</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> Co-authored-by: Tonye Jack <a href="mailto:jtonye@ymail.com">jtonye@ymail.com</a> (<a href="https://github.com/tj-actions/changed-files/commit/9ee99eb5bda5d6a67fedcd50ecd24fb10add2f41">9ee99eb</a>) - (github-actions[bot])</p> <h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2> <ul> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 25.3.2 to 25.3.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2814">#2814</a>) (<a href="https://github.com/tj-actions/changed-files/commit/22103cc46bda19c2b464ffe86db46df6922fd323">22103cc</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 4.32.4 to 4.32.5 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2815">#2815</a>) (<a href="https://github.com/tj-actions/changed-files/commit/6c02e900a24488df269842eb1cf6ffe3391ce182">6c02e90</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump eslint-plugin-prettier from 5.5.4 to 5.5.5 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2764">#2764</a>) (<a href="https://github.com/tj-actions/changed-files/commit/05f9457d921137103bb9687b6b571075f75a65f2">05f9457</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump lodash and <code>@types/lodash</code> (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2807">#2807</a>) (<a href="https://github.com/tj-actions/changed-files/commit/52ed872dd71bea01a73ce5c7c595e78cb9566401">52ed872</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump peter-evans/create-pull-request from 8.0.0 to 8.1.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2774">#2774</a>) (<a href="https://github.com/tj-actions/changed-files/commit/1cc574637935a98713e34cbd4e8cf01a985f942c">1cc5746</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump prettier from 3.7.4 to 3.8.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2775">#2775</a>) (<a href="https://github.com/tj-actions/changed-files/commit/de2962f9f408abd241f7c1a8b6cac3ab44358d1a">de2962f</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 4.32.2 to 4.32.4 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2806">#2806</a>) (<a href="https://github.com/tj-actions/changed-files/commit/37e96ccbfefb9100f34f87d75c890c50c6e78d15">37e96cc</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump eslint-plugin-jest from 29.12.1 to 29.15.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2799">#2799</a>) (<a href="https://github.com/tj-actions/changed-files/commit/2180b0f05d03655e0bedd1657d13f6abc6313014">2180b0f</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump actions/upload-artifact from 6.0.0 to 7.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2809">#2809</a>) (<a href="https://github.com/tj-actions/changed-files/commit/cf021c158c722f81dea97fe5edc8bd2de1cc2bc1">cf021c1</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump actions/download-artifact from 7.0.0 to 8.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2810">#2810</a>) (<a href="https://github.com/tj-actions/changed-files/commit/b54ac6f17f95fdc4ec5ee3bf355ea7c354dc9c53">b54ac6f</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 25.2.2 to 25.3.2 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2811">#2811</a>) (<a href="https://github.com/tj-actions/changed-files/commit/0f2a510bd7ac84bc12cdc52c2094298bc26b1692">0f2a510</a>) - (dependabot[bot])</li> </ul> <h2><!-- raw HTML omitted -->⬆️ Upgrades</h2> <ul> <li>Upgraded to v47.0.4 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2802">#2802</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> Co-authored-by: Tonye Jack <a href="mailto:jtonye@ymail.com">jtonye@ymail.com</a> (<a href="https://github.com/tj-actions/changed-files/commit/b7ac303c8684d5e668c6c810e61a6fe32a53fe25">b7ac303</a>) - (github-actions[bot])</p> <h1><a href="https://github.com/tj-actions/changed-files/compare/v47.0.3...v47.0.4">47.0.4</a> - (2026-02-17)</h1> <h2><!-- raw HTML omitted -->🔄 Update</h2> <ul> <li>Release-tagger action to version 6.0.6 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2801">#2801</a>) (<a href="https://github.com/tj-actions/changed-files/commit/7dee1b0c1557f278e5c7dc244927139d78c0e22a">7dee1b0</a>) - (Tonye Jack)</li> </ul> <h1><a href="https://github.com/tj-actions/changed-files/compare/v47.0.2...v47.0.3">47.0.3</a> - (2026-02-17)</h1> <h2><!-- raw HTML omitted -->🔄 Update</h2> <ul> <li>Release-tagger action to version 6.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2800">#2800</a>) (<a href="https://github.com/tj-actions/changed-files/commit/28b28f6e4e9e3d997beb9dce86cfd8cf0ce7c7f6">28b28f6</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2> <ul> <li><strong>deps:</strong> Bump github/codeql-action from 4.31.10 to 4.32.2 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2790">#2790</a>) (<a href="https://github.com/tj-actions/changed-files/commit/875e6e5df8b8b00995fe6f0afd7ff1531ac1c47d">875e6e5</a>) - (dependabot[bot])</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tj-actions/changed-files/commit/22103cc46bda19c2b464ffe86db46df6922fd323"><code>22103cc</code></a> chore(deps-dev): bump <code>@types/node</code> from 25.3.2 to 25.3.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2814">#2814</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/6c02e900a24488df269842eb1cf6ffe3391ce182"><code>6c02e90</code></a> chore(deps): bump github/codeql-action from 4.32.4 to 4.32.5 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2815">#2815</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/05f9457d921137103bb9687b6b571075f75a65f2"><code>05f9457</code></a> chore(deps-dev): bump eslint-plugin-prettier from 5.5.4 to 5.5.5 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2764">#2764</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/52ed872dd71bea01a73ce5c7c595e78cb9566401"><code>52ed872</code></a> chore(deps): bump lodash and <code>@types/lodash</code> (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2807">#2807</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/1cc574637935a98713e34cbd4e8cf01a985f942c"><code>1cc5746</code></a> chore(deps): bump peter-evans/create-pull-request from 8.0.0 to 8.1.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2774">#2774</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/de2962f9f408abd241f7c1a8b6cac3ab44358d1a"><code>de2962f</code></a> chore(deps-dev): bump prettier from 3.7.4 to 3.8.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2775">#2775</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/37e96ccbfefb9100f34f87d75c890c50c6e78d15"><code>37e96cc</code></a> chore(deps): bump github/codeql-action from 4.32.2 to 4.32.4 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2806">#2806</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/2180b0f05d03655e0bedd1657d13f6abc6313014"><code>2180b0f</code></a> chore(deps-dev): bump eslint-plugin-jest from 29.12.1 to 29.15.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2799">#2799</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/cf021c158c722f81dea97fe5edc8bd2de1cc2bc1"><code>cf021c1</code></a> chore(deps): bump actions/upload-artifact from 6.0.0 to 7.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2809">#2809</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/b54ac6f17f95fdc4ec5ee3bf355ea7c354dc9c53"><code>b54ac6f</code></a> chore(deps): bump actions/download-artifact from 7.0.0 to 8.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2810">#2810</a>)</li> <li>Additional commits viewable in <a href="https://github.com/tj-actions/changed-files/compare/e0021407031f5be11a464abee9a0776171c79891...22103cc46bda19c2b464ffe86db46df6922fd323">compare view</a></li> </ul> </details> <br /> Updates `docker/setup-buildx-action` from 3.12.0 to 4.0.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's releases</a>.</em></p> <blockquote> <h2>v4.0.0</h2> <ul> <li>Node 24 as default runtime (requires <a href="https://github.com/actions/runner/releases/tag/v2.327.1">Actions Runner v2.327.1</a> or later) by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/483">docker/setup-buildx-action#483</a></li> <li>Remove deprecated inputs/outputs by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/464">docker/setup-buildx-action#464</a></li> <li>Switch to ESM and update config/test wiring by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/481">docker/setup-buildx-action#481</a></li> <li>Bump <code>@actions/core</code> from 1.11.1 to 3.0.0 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/475">docker/setup-buildx-action#475</a></li> <li>Bump <code>@docker/actions-toolkit</code> from 0.63.0 to 0.79.0 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/482">docker/setup-buildx-action#482</a> <a href="https://redirect.github.com/docker/setup-buildx-action/pull/485">docker/setup-buildx-action#485</a></li> <li>Bump js-yaml from 4.1.0 to 4.1.1 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/452">docker/setup-buildx-action#452</a></li> <li>Bump lodash from 4.17.21 to 4.17.23 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/472">docker/setup-buildx-action#472</a></li> <li>Bump minimatch from 3.1.2 to 3.1.5 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/480">docker/setup-buildx-action#480</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/setup-buildx-action/compare/v3.12.0...v4.0.0">https://github.com/docker/setup-buildx-action/compare/v3.12.0...v4.0.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/docker/setup-buildx-action/commit/4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd"><code>4d04d5d</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-buildx-action/issues/485">#485</a> from docker/dependabot/npm_and_yarn/docker/actions-to...</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/cd74e05d9bae4eeec789f90ba15dc6fb4b60ae5d"><code>cd74e05</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/eee38ec7b3ed034ee896d3e212e5d11c04562b84"><code>eee38ec</code></a> build(deps): bump <code>@docker/actions-toolkit</code> from 0.77.0 to 0.79.0</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/7a83f65b5a215b3c81b210dafdc20362bd2b4e24"><code>7a83f65</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-buildx-action/issues/484">#484</a> from docker/dependabot/github_actions/docker/setup-qe...</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/a5aa96747d67f62520b42af91aeb306e7374b327"><code>a5aa967</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-buildx-action/issues/464">#464</a> from crazy-max/rm-deprecated</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/e73d53fa4ed86ff46faaf2b13a228d6e93c51af3"><code>e73d53f</code></a> build(deps): bump docker/setup-qemu-action from 3 to 4</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/28a438e9ed9ef7ae2ebd0bf839039005c9501312"><code>28a438e</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-buildx-action/issues/483">#483</a> from crazy-max/node24</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/034e9d37dd436b56b0167bea5a11ab731413e8cf"><code>034e9d3</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/b4664d8fd0ba15ff14560ab001737c666076d5be"><code>b4664d8</code></a> remove deprecated inputs/outputs</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/a8257dec35f244ad06b4ff6c90fdd2ba97f262ba"><code>a8257de</code></a> node 24 as default runtime</li> <li>Additional commits viewable in <a href="https://github.com/docker/setup-buildx-action/compare/8d2750c68a42422c14e847fe6c8ac0403b4cbd6f...4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd">compare view</a></li> </ul> </details> <br /> Updates `linear/linear-release-action` from 0.4.0 to 0.5.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/linear/linear-release-action/releases">linear/linear-release-action's releases</a>.</em></p> <blockquote> <h2>v0.5.0</h2> <h2>What's Changed</h2> <ul> <li>Documentation improvements by <a href="https://github.com/RomainCscn"><code>@RomainCscn</code></a> in <a href="https://redirect.github.com/linear/linear-release-action/pull/8">linear/linear-release-action#8</a></li> <li>Add support for release_version, same as the CLI by <a href="https://github.com/RomainCscn"><code>@RomainCscn</code></a> in <a href="https://redirect.github.com/linear/linear-release-action/pull/9">linear/linear-release-action#9</a></li> <li>Set CLI version default to latest</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/linear/linear-release-action/compare/v0.4.0...v0.5.0">https://github.com/linear/linear-release-action/compare/v0.4.0...v0.5.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/linear/linear-release-action/commit/5cbaabc187ceb63eee9d446e62e68e5c29a03ae8"><code>5cbaabc</code></a> Make latest the default cli version</li> <li><a href="https://github.com/linear/linear-release-action/commit/7fb27ceb7e17ef4353a87f85f4fc1e3d3416c057"><code>7fb27ce</code></a> Add support for release_version, same as the CLI (<a href="https://redirect.github.com/linear/linear-release-action/issues/9">#9</a>)</li> <li><a href="https://github.com/linear/linear-release-action/commit/fbf0176c7348aa6444e5e3d14db454cb4f4baab8"><code>fbf0176</code></a> Ensure name is properly used when creating scheduled release (<a href="https://redirect.github.com/linear/linear-release-action/issues/8">#8</a>)</li> <li>See full diff in <a href="https://github.com/linear/linear-release-action/compare/v0.4.0...5cbaabc187ceb63eee9d446e62e68e5c29a03ae8">compare view</a></li> </ul> </details> <br /> Updates `benc-uk/workflow-dispatch` from 1.2.4 to 1.3.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/benc-uk/workflow-dispatch/releases">benc-uk/workflow-dispatch's releases</a>.</em></p> <blockquote> <h2>v1.3.1</h2> <h2>Features</h2> <ul> <li><strong>New <code>sync-status</code> input</strong> — when used with <code>wait-for-completion</code>, mirrors the triggered workflow's conclusion (failure/cancelled) back to this action's status (<a href="https://redirect.github.com/benc-uk/workflow-dispatch/issues/84">#84</a>)</li> <li><strong>Alternate <code>ref</code> default for PRs</strong> — automatically uses <code>github.head_ref</code> when running in a pull request context, avoiding <code>refs/pull/.../merge</code> errors (<a href="https://redirect.github.com/benc-uk/workflow-dispatch/issues/79">#79</a>)</li> </ul> <h2>Bug Fixes</h2> <ul> <li><strong>Safer JSON input parsing</strong> — invalid <code>inputs</code> JSON now logs an error instead of throwing an unhandled exception (<a href="https://redirect.github.com/benc-uk/workflow-dispatch/issues/84">#84</a>)</li> <li><strong>Improved timeout handling</strong> — timeout now sets a distinct <code>timed_out</code> status and emits a warning instead of silently breaking (<a href="https://redirect.github.com/benc-uk/workflow-dispatch/issues/84">#84</a>)</li> <li><strong>Improved warning message formatting</strong> for workflow run timeout</li> </ul> <h2>Internal Changes & Chores</h2> <ul> <li>Replaced <code>console.log</code> calls with <code>core.info</code> for proper Actions log integration (<a href="https://redirect.github.com/benc-uk/workflow-dispatch/issues/84">#84</a>)</li> <li>Removed stale <code>ref</code>/<code>inputs</code> parameters from the workflow list API call (<a href="https://redirect.github.com/benc-uk/workflow-dispatch/issues/84">#84</a>)</li> <li>Expanded CI test matrix from 3 sequential steps to 9 parallel test jobs covering workflow lookup, output assertions, wait-for-completion, sync-status, and error handling (<a href="https://redirect.github.com/benc-uk/workflow-dispatch/issues/84">#84</a>)</li> <li>Added CI path filters to skip docs-only changes (<a href="https://redirect.github.com/benc-uk/workflow-dispatch/issues/84">#84</a>)</li> <li>Changed echo-3 test fixture from <code>workflow_call</code> to <code>workflow_dispatch</code> with deterministic failure (<a href="https://redirect.github.com/benc-uk/workflow-dispatch/issues/84">#84</a>)</li> <li>Removed unused <code>.vscode/settings.json</code> (<a href="https://redirect.github.com/benc-uk/workflow-dispatch/issues/84">#84</a>)</li> <li>Added <code>.github/copilot-instructions.md</code> (<a href="https://redirect.github.com/benc-uk/workflow-dispatch/issues/84">#84</a>)</li> <li>General project chores</li> </ul> <h2>Documentation Updates</h2> <ul> <li>No documentation updates in this release</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/benc-uk/workflow-dispatch/commit/7a027648b88c2413826b6ddd6c76114894dc5ec4"><code>7a02764</code></a> Improvements: sync-status, error handling, CI test coverage & path filters (<a href="https://redirect.github.com/benc-uk/workflow-dispatch/issues/84">#84</a>)</li> <li><a href="https://github.com/benc-uk/workflow-dispatch/commit/3162154e5e0697f47fb76f12ed5508c5f3c066d7"><code>3162154</code></a> Use alternate <code>ref</code> default for PRs (<a href="https://redirect.github.com/benc-uk/workflow-dispatch/issues/79">#79</a>)</li> <li><a href="https://github.com/benc-uk/workflow-dispatch/commit/4085c9787530f7d3f497838f77fce7b96a554397"><code>4085c97</code></a> project chores</li> <li><a href="https://github.com/benc-uk/workflow-dispatch/commit/6fd6de2826a993af5b50dfb55da903d4f1ca05ee"><code>6fd6de2</code></a> Improve warning message formatting for workflow run timeout</li> <li><a href="https://github.com/benc-uk/workflow-dispatch/commit/a54f9d194fed472732282ed1597dc4909e4b4080"><code>a54f9d1</code></a> 2026 refresh (<a href="https://redirect.github.com/benc-uk/workflow-dispatch/issues/83">#83</a>)</li> <li>See full diff in <a href="https://github.com/benc-uk/workflow-dispatch/compare/e2e5e9a103e331dad343f381a29e654aea3cf8fc...7a027648b88c2413826b6ddd6c76114894dc5ec4">compare view</a></li> </ul> </details> <br /> Updates `aquasecurity/trivy-action` from c1824fd6edce30d7ab345a9989de00bbd46ef284 to 57a97c7e7821a5776cebc9bb87c984fa69cba8f1 \| [step-security/harden-runner](https://github.com/step-security/harden-runner) \| `2.14.2` \| `2.16.0` \| <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/aquasecurity/trivy-action/commit/57a97c7e7821a5776cebc9bb87c984fa69cba8f1"><code>57a97c7</code></a> chore(deps): Update trivy to v0.69.3 (<a href="https://redirect.github.com/aquasecurity/trivy-action/issues/519">#519</a>)</li> \| [step-security/harden-runner](https://github.com/step-security/harden-runner) \| `2.14.2` \| `2.16.0` \| <li><a href="https://github.com/aquasecurity/trivy-action/commit/97e0b3872f55f89b95b2f65b3dbab56962816478"><code>97e0b38</code></a> chore: bump Trivy version to v0.69.2 in test workflow and README (<a href="https://redirect.github.com/aquasecurity/trivy-action/issues/515">#515</a>)</li> \| [step-security/harden-runner](https://github.com/step-security/harden-runner) \| `2.14.2` \| `2.16.0` \| <li><a href="https://github.com/aquasecurity/trivy-action/commit/4c61e6329bab9be735ca35291551614bc663dff3"><code>4c61e63</code></a> chore: bump default Trivy version to v0.69.2 (<a href="https://redirect.github.com/aquasecurity/trivy-action/issues/513">#513</a>)</li> \| [step-security/harden-runner](https://github.com/step-security/harden-runner) \| `2.14.2` \| `2.16.0` \| <li><a href="https://github.com/aquasecurity/trivy-action/commit/1bd062560b422f5944df1de50abd05162bea079e"><code>1bd0625</code></a> Merge pull request <a href="https://redirect.github.com/aquasecurity/trivy-action/issues/508">#508</a> from nikpivkin/feat/pass-yaml-ignore-file</li> \| [step-security/harden-runner](https://github.com/step-security/harden-runner) \| `2.14.2` \| `2.16.0` \| <li><a href="https://github.com/aquasecurity/trivy-action/commit/bce3086c4aa186dadd6671d45ad6dd5d1b8440ac"><code>bce3086</code></a> remove unused init-cache target</li> \| [step-security/harden-runner](https://github.com/step-security/harden-runner) \| `2.14.2` \| `2.16.0` \| <li><a href="https://github.com/aquasecurity/trivy-action/commit/5a9fbb1236dc1b5ee9e73b5a515009a1dc684548"><code>5a9fbb1</code></a> supress progress bar when download db</li> \| [step-security/harden-runner](https://github.com/step-security/harden-runner) \| `2.14.2` \| `2.16.0` \| <li><a href="https://github.com/aquasecurity/trivy-action/commit/16154502cae788884830e8df2671639b8cbaa03f"><code>1615450</code></a> update trivyignores input description</li> \| [step-security/harden-runner](https://github.com/step-security/harden-runner) \| `2.14.2` \| `2.16.0` \| <li><a href="https://github.com/aquasecurity/trivy-action/commit/df85774a457f1f0a32a8e5744c2bced057257d65"><code>df85774</code></a> add comment about fd3</li> \| [step-security/harden-runner](https://github.com/step-security/harden-runner) \| `2.14.2` \| `2.16.0` \| <li><a href="https://github.com/aquasecurity/trivy-action/commit/56c8daebb96c35cabeeda8187a6dd3ec711d0a72"><code>56c8dae</code></a> remove unused variable</li> \| [step-security/harden-runner](https://github.com/step-security/harden-runner) \| `2.14.2` \| `2.16.0` \| <li><a href="https://github.com/aquasecurity/trivy-action/commit/e368e328979b113139d6f9068e03accaed98a518"><code>e368e32</code></a> ci(test): add zizmor security linter for GitHub Actions (<a href="https://redirect.github.com/aquasecurity/trivy-action/issues/502">#502</a>)</li> \| [step-security/harden-runner](https://github.com/step-security/harden-runner) \| `2.14.2` \| `2.16.0` \| <li>Additional commits viewable in <a href="https://github.com/aquasecurity/trivy-action/compare/c1824fd6edce30d7ab345a9989de00bbd46ef284...57a97c7e7821a5776cebc9bb87c984fa69cba8f1">compare view</a></li> \| [step-security/harden-runner](https://github.com/step-security/harden-runner) \| `2.14.2` \| `2.16.0` \| </ul> </details> <br /> <details> <summary>Most Recent Ignore Conditions Applied to This Pull Request</summary> \| Dependency Name \| Ignore Conditions \| \| --- \| --- \| \| crate-ci/typos \| [>= 1.30.a, < 1.31] \| </details> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Atif Ali <atif@coder.com>	2026-03-20 02:59:50 +00:00
Atif Ali	135c4d0f42	ci: update linear-release-action to version 0.5.0 (#23342 )	2026-03-20 07:03:20 +05:00
Danny Kopping	2ee90dfd84	revert: "ci: add verbose flag to flux reconcile and increase helmrelease timeout" (#23276 ) Reverts coder/coder#23240	2026-03-19 10:01:16 +02:00
Danny Kopping	4b8a5e2b10	ci: add verbose flag to flux reconcile and increase helmrelease timeout (#23240 ) Disclaimer: implemented by a Coder Agent using Claude Opus 4.6 Ref: https://github.com/coder/coder/actions/runs/23251163568/job/67597250364 The deploy workflow Flux reconciliation step failed with no visibility into what went wrong. Two changes: - Add `--verbose` to every `flux reconcile` invocation to print generated objects on failure - Increase `--timeout` for the four `helmrelease` reconciliations from the default 5m to 10m	2026-03-18 17:12:14 +00:00
Garrett Delfosse	1f5f6c9ccb	chore: add new interactive release package (#22624 )	2026-03-18 12:19:54 -04:00
Atif Ali	677f90b78a	chore: label community PRs on open (#23157 )	2026-03-18 18:15:37 +05:00
Kyle Carberry	89bb5bb945	ci: fix build job disk exhaustion on Depot runners (#23136 ) ## Problem The `build` job on `main` has been failing intermittently (and now consistently) with `no space left on device` on the `depot-ubuntu-22.04-8` runner. The runner's disk fills up during Docker image builds or SBOM generation, depending on how close to the limit a given run lands. The build was already at the boundary — the Go build cache alone is ~1.3 GB, build artifacts are ~2 GB, and Docker image builds + SBOM scans need several hundred MB of headroom in `/tmp`. No single commit caused this; cumulative growth in dependencies and the scheduled `coder-base:latest` rebuild on Monday morning nudged it past the limit. ## Fix Three changes to reclaim ~2 GB of disk before Docker runs: 1. Build all platform archives and packages in the Build step — moves arm64/armv7 `.tar.gz` and `.deb` from the Docker step to the Build step so we can clean caches in between. 2. Clean up Go caches between Build and Docker — once binaries are compiled, the Go build cache and module cache aren't needed. Also removes `.apk`/`.rpm` packages that are never uploaded. 3. Set `DOCKER_IMAGE_NO_PREREQUISITES` — tells make to skip redundantly building `.deb`/`.rpm`/`.apk`/`.tar.gz` as prerequisites of Docker image targets. The Makefile already supports this flag for exactly this purpose.	2026-03-16 15:38:58 -04:00
Mathias Fredriksson	aa6f301305	ci: add conventional commit PR title linting (#23096 ) Restore PR title validation that was removed in `828f33a` when cdr-bot was expected to handle it. That bot has since been disabled. The new title job in contrib.yaml validates: - Conventional commit format (type(scope): description) - Type from the same set used by release notes generation - Scope validity derived from the changed files in the PR diff - All changed files fall under the declared scope Uses actions/github-script (no third-party marketplace actions). Also fixes feat(api) examples across docs (no api folder exists) and consolidates commit rules into CONTRIBUTING.md as the single source of truth.	2026-03-16 12:24:59 +02:00
Kyle Carberry	3d9628c27e	ci: split build artifacts into per-platform uploads (#23081 ) Splits the single `coder` artifact (containing all platforms in a 1.3GB zip) into individual artifacts per OS/arch/format. ## Problem All CI build artifacts are uploaded as a single artifact named `coder`, producing a 1.3GB zip containing every platform's binary. This makes it impossible to download a single platform's binary without pulling the entire bundle. ## Solution Upload each platform/format combination as a separate artifact: \| Artifact Name \| Contents \| \|---\|---\| \| `coder-linux-amd64.tar.gz` \| Linux amd64 tarball \| \| `coder-linux-amd64.deb` \| Linux amd64 deb package \| \| `coder-linux-arm64.tar.gz` \| Linux arm64 tarball \| \| `coder-linux-arm64.deb` \| Linux arm64 deb package \| \| `coder-linux-armv7.tar.gz` \| Linux armv7 tarball \| \| `coder-linux-armv7.deb` \| Linux armv7 deb package \| \| `coder-windows-amd64.zip` \| Windows amd64 zip \| ## Plan This is the first step toward letting customers install directly from `main` via: ```bash curl -L https://coder.com/install.sh \| sh -s -- --unsafe-unstable ``` GitHub Actions artifact downloads require authentication even for public repos, so the next steps are to add a small Cloudflare Worker (similar to the one we already have for `install.sh`) that: 1. Lists artifacts via the GitHub API (unauthenticated) to find the latest artifact ID for the requested platform 2. Calls the download endpoint with a GitHub token (CF Worker secret) to get a 302 redirect to a time-limited Azure Blob URL 3. Redirects the caller to that URL (which requires no auth) This gives us publicly accessible per-platform URLs that the `--unsafe-unstable` flag would point at. The worker doesn't proxy the binary itself — it only proxies the metadata API call (~1KB) and redirects for the actual download. This PR splits the artifacts so the worker can serve individual platform downloads (~200MB each) instead of forcing a 1.3GB bundle.	2026-03-15 09:56:18 -04:00
Dean Sheather	a2b8564c48	chore: update deploy to use EKS (#23084 )	2026-03-16 00:55:09 +11:00
Mathias Fredriksson	c8079a5b8c	ci(docs): rewrite same-repo links to PR head SHA in linkspector (#22995 ) When a PR introduces new files and docs link to them via github.com/coder/coder/blob/main/..., linkspector returns 404 because the files don't exist on main yet. Add a step that, for PR events only, appends replacementPatterns to the linkspector config rewriting blob/main/ and tree/main/ URLs to use the PR's head commit SHA. Refs #22922	2026-03-12 17:45:40 +02:00
Atif Ali	a21f00d250	chore(ci): tighten permissions for AI workflows (#22471 )	2026-03-10 16:43:36 +05:00
Atif Ali	e6983648aa	chore: add Linear release integration workflow (#22310 )	2026-03-09 21:32:06 +05:00
Mathias Fredriksson	a96ec4c397	build: remove defunct test-postgres rule (#22839 ) The `test-postgres` Makefile rule was redundant — CI never used it (it runs `test-postgres-docker` + `make test` via the `test-go-pg` action), and `make test` auto-starts a Postgres Docker container when needed via `dbtestutil`. - Remove the `test-postgres` rule from Makefile - Update `pre-push` to run `test-postgres-docker` in the first phase (alongside gen/fmt) and `make test` in the second phase - Fix stale comments in CI workflows referencing `make test-postgres` - Remove redundant "Test Postgres" entries from docs since `make test` handles Postgres automatically	2026-03-09 16:24:40 +02:00
Ethan	51a627c107	ci: remove unnecessary `brew install google-chrome` from macOS CI (#22835 ) Closes https://github.com/coder/internal/issues/1391 ## Problem The `test-go-pg (macos-latest)` job hit its 25m timeout without ever running tests because `brew install google-chrome` stalled for 23+ minutes downloading from the Homebrew CDN: ``` ==> Fetching downloads for: google-chrome Error: The operation was canceled. ``` ## Why this is safe to remove `brew install google-chrome` was added in Oct 2023 (`70a4e56c0`) the day after chromedp was integrated into the scaletest/dashboard package (`1c48610d5`). At that time, `run.go` called `initChromeDPCtx` directly (hardcoded), so the unit test actually launched a real Chrome process. In Jun 2024, #13650 refactored this to accept a mock `InitChromeDPCtx` via the `Config` struct, and the test now passes a stub that never launches a browser. No test file in the repo references `chromedp` directly — the only test (`scaletest/dashboard/run_test.go`) fully mocks Chrome initialization. The `chromedp` Go library compiles fine without Chrome installed; it only needs the binary at runtime, and no test exercises that path. ## Impact - Removes a ~200MB+ download from every macOS CI run - Eliminates a fragile external dependency on Homebrew CDN availability - Saves several minutes per run even when the download succeeds _Generated with mux but reviewed by a human_	2026-03-10 00:07:35 +11:00
Mathias Fredriksson	4c83a7021f	fix: update offlinedocs/next-env.d.ts to match Next.js 15 output (#22739 ) ## Problem `offlinedocs/next-env.d.ts` was committed with content from an older Next.js version. Next.js 15 rewrites this file on every `next build` with two changes: 1. Adds `/// <reference path="./.next/types/routes.d.ts" />` 2. Updates the docs URL from `basic-features/typescript` to `pages/api-reference/config/typescript` During `make pre-commit` / `make pre-push`, the `pnpm export` step triggers `next build`, which silently rewrites the file. The `check-unstaged` guard then detects the diff and fails. If the hook is interrupted, the regenerated file persists as an unstaged change, blocking subsequent commits/pushes. ## Fix Update the committed file to match what the current Next.js 15 produces, making the build idempotent.	2026-03-06 18:22:00 -05:00
Kyle Carberry	76076de1ca	feat(site): polish right panel tabs, diff stats, and file headers (#22636 ) Polishes the right panel UI introduced in #22633: <img width="3138" height="1596" alt="image" src="https://github.com/user-attachments/assets/d3947db0-6600-4469-b7e2-6eb80aadb7bc" /> Over 2k lines of this is just the Seti font definition. The file tree view isn't actually adjusting much, it's just a scroll helper. Soon I'll add a comment system so users can leave agents feedback directly from the code.	2026-03-05 07:38:49 -05:00
Mathias Fredriksson	a6a8fd94d7	build(Makefile): enable parallel `make -j gen` with correct dependency graph (#22612 ) `make gen` could not run with `-j` because inter-target dependency edges were missing. Multiple recipes compile `coderd/rbac` (which includes generated files like `object_gen.go`), and without explicit ordering, parallel runs produced syntax errors from mid-write reads. Three main changes: Dependency graph fixes declare the compile-time chain through `coderd/rbac` so that `object_gen.go` is written before anything that imports it is compiled. The DB generation targets use a GNU Make 4.3+ grouped target (`&:`) so Make knows `generate.sh` co-produces `querier.go`, `unique_constraint.go`, `dbmetrics`, and `dbauthz` in a single invocation. `SKIP_DUMP_SQL=1` avoids re-entrant `make` inside `generate.sh` when the Makefile already guarantees `dump.sql` is fresh. `scripts/atomicwrite` package replaces `os.WriteFile` in all gen scripts with a temp-file-in-same-dir + rename pattern, preventing interrupted runs from leaving partial files. `.PRECIOUS` and shell atomic writes protect git-tracked generated files from Make's default delete-on-error behavior. Since these files are committed, deletion is worse than staleness -- `git restore` is the recovery path. CI now runs `make -j --output-sync -B gen` (~32s, down from ~85s serial). \| Scenario \| Before \| After \| \|-----------------------------------\|--------------------\|----------\| \| `make gen` (serial) \| 95s \| 95s \| \| `make -j gen` (parallel) \| race error \| 22s \| \| CI `make -j --output-sync -B gen` \| forced serial ~85s \| ~32s \|	2026-03-05 11:58:10 +00:00
Ethan	e738ff5299	ci: remove dylib build pipeline (#22592 ) ## Summary The macOS `.dylib` is only used by Coder Desktop macOS v0.7.2 or older. v0.7.2 was released in August 2025. v0.8.0 of Coder Desktop macOS, also released in August 2025, uses a signed Coder slim binary from the deployment instead. It's unlikely customers will be using Coder Desktop macOS v0.7.2 and the next release of Coder simultaneously, so I think we can safely remove this process, given it slows down CI & release processes. ## Changes - Makefile: Remove `DYLIB_ARCHES`, `CODER_DYLIBS` variables and `build/coder-dylib` target - scripts/build_go.sh: Remove `--dylib` flag and all dylib-specific logic (c-shared buildmode, CGO, plist embedding, vpn/dylib entrypoint) - scripts/sign_darwin.sh: Remove dylib-specific comment - CI (ci.yaml): Remove `build-dylib` job, artifact download/insert steps, and `build-dylib` dependency from `build` job - Release (release.yaml): Remove `build-dylib` job, artifact download/insert steps, and `build-dylib` dependency from `release` job - vpn/dylib/: Delete entire directory (`lib.go` + `info.plist.tmpl`) - vpn/router.go, vpn/dns.go: Clean up comments referencing dylib The slim and fat binary builds are completely unaffected — the dylib was an independent build target with its own CI job. _Generated by mux but reviewed by a human_	2026-03-05 01:50:50 +11:00
Steven Masley	f6b4b7edab	ci: remove sqlc push to cloud (#22574 ) I left a vestigial piece, whooops	2026-03-03 14:49:00 -06:00
Steven Masley	8ea0c2f3bc	ci: remove ci action to push schema to sqlc cloud (#22572 ) SQLc cloud no longer exists	2026-03-03 14:21:07 -06:00
Andrew Aquino	ef2e408c0c	chore: add GitHub Action to build+deploy coder.com whenever docs paths change (#22283 ) ## problem Fixes an issue where updates to docs resulted in docs links returning HTTP 404, sometimes taking 4-12 hours before returning HTTP 200 (OK). coder.com is deployed to Vercel from a separate Next.js repo, which has no knowledge of when docs pages in this repo get updated. ### examples (non-exhaustive) PR \| 404 description ---\|--- #19625 \| URL for https://coder.com/docs/install/offline was updated to https://coder.com/docs/install/airgap, but the latter returned 404 for 3 hr 56 min after the PR was merged #21434 \| URLs https://coder.com/docs/ai-coder/nsjail and https://coder.com/docs/ai-coder/landjail were added, but both paths 404ed for 1 hr 30 min after the PR was merged. Note that these paths have changed since then--don't be alarmed if clicking those links returns 404s while reviewing this PR #21708 \| URL https://coder.com/docs/ai-coder/boundary/agent-boundary was added, but it returned 404 for 1 hr 19 min after the PR was merged ## solution All 3 PRs listed above modify manifest.json. This file is fetched during coder.com's `getStaticPaths` for docs pages, defining which docs URLs get statically generated at build time. In the latter 2 cases, the 404s were resolved by manually triggering a redeploy of coder.com in the Vercel dashboard. The new CI workflow in this PR automatically triggers a Vercel deploy hook ([see docs](https://vercel.com/docs/deploy-hooks#triggering-a-deploy-hook)) with a POST request that runs whenever commits are pushed to main that modify manifest.json. The deploy hook initiates a new build+deploy of the coder.com Next.js app, which reruns `getStaticPaths`, updating docs pages' URLs. Note: I have not tested this workflow yet. I will verify that it works after this PR is merged. I confirmed in a local terminal that the webhook URL does successfully initiate a new Vercel build. I also tested with a malformed URL and received error JSON output, so if the action fails for some reason, we should see error output in the workflow logs ([example](https://github.com/coder/coder/actions/runs/22361453442/job/64722503802)).	2026-03-03 00:38:49 -08:00
Zach	2b9baffdcb	chore: update setup-go action to fix Go download failures (#22306 ) setup-go has been sporadically failing to download Go, and we were advised by a member of the Go team that downloading Go from `storage.googleapis.com` is not guaranteed (which is what setup-go <= v5.6.0 does). Also remove the use-preinstalled-go optimization for Windows runners. setup-go v6 sets GOTOOLCHAIN=local, which prevents the pre-installed Go from auto-downloading the toolchain specified in go.mod. The windows optimization with v5 relied on GOTOOLCHAIN=auto. setup-go uses the runner cache, which is a different caching path but should serve the same purpose.	2026-02-27 08:43:53 -07:00
dependabot[bot]	89301f62c5	ci: bump actions/stale from 10.1.1 to 10.2.0 in the github-actions group (#22254 ) Bumps the github-actions group with 1 update: [actions/stale](https://github.com/actions/stale). Updates `actions/stale` from 10.1.1 to 10.2.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/stale/releases">actions/stale's releases</a>.</em></p> <blockquote> <h2>v10.2.0</h2> <h2>What's Changed</h2> <h3>Bug Fix</h3> <ul> <li>Fix checking state cache (fix <a href="https://redirect.github.com/actions/stale/issues/1136">#1136</a>) and switch to Octokit helper methods by <a href="https://github.com/itchyny"><code>@itchyny</code></a> in <a href="https://redirect.github.com/actions/stale/pull/1152">actions/stale#1152</a></li> </ul> <h3>Dependency Updates</h3> <ul> <li>Upgrade js-yaml from 4.1.0 to 4.1.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/stale/pull/1304">actions/stale#1304</a></li> <li>Upgrade lodash from 4.17.21 to 4.17.23 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/stale/pull/1313">actions/stale#1313</a></li> <li>Upgrade actions/cache from 4.0.3 to 5.0.2 and actions/github from 5.1.1 to 7.0.0 by <a href="https://github.com/chiranjib-swain"><code>@chiranjib-swain</code></a> in <a href="https://redirect.github.com/actions/stale/pull/1312">actions/stale#1312</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/itchyny"><code>@itchyny</code></a> made their first contribution in <a href="https://redirect.github.com/actions/stale/pull/1152">actions/stale#1152</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/stale/compare/v10...v10.2.0">https://github.com/actions/stale/compare/v10...v10.2.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/stale/commit/b5d41d4e1d5dceea10e7104786b73624c18a190f"><code>b5d41d4</code></a> build(deps-dev): bump lodash from 4.17.21 to 4.17.23 (<a href="https://redirect.github.com/actions/stale/issues/1313">#1313</a>)</li> <li><a href="https://github.com/actions/stale/commit/dcd2b9469d2220b7e8d08aedc00c105d277fd46b"><code>dcd2b94</code></a> Fix punycode and url.parse Deprecation Warnings (<a href="https://redirect.github.com/actions/stale/issues/1312">#1312</a>)</li> <li><a href="https://github.com/actions/stale/commit/d6f8a33132340b15a7006f552936e4b9b39c00ec"><code>d6f8a33</code></a> build(deps-dev): bump js-yaml from 4.1.0 to 4.1.1 (<a href="https://redirect.github.com/actions/stale/issues/1304">#1304</a>)</li> <li><a href="https://github.com/actions/stale/commit/a21a0816299b11691f9592ef0d63d08e02f06d9d"><code>a21a081</code></a> Fix checking state cache (fix <a href="https://redirect.github.com/actions/stale/issues/1136">#1136</a>), also switch to octokit methods (<a href="https://redirect.github.com/actions/stale/issues/1152">#1152</a>)</li> <li>See full diff in <a href="https://github.com/actions/stale/compare/997185467fa4f803885201cee163a9f38240193d...b5d41d4e1d5dceea10e7104786b73624c18a190f">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/stale&package-manager=github_actions&previous-version=10.1.1&new-version=10.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-02-23 13:00:46 +00:00
Lukasz	9bbe3c6af9	chore: update trivy-action to v0.34.0 (#22216 ) Update trivy-action to v0.34.0.	2026-02-20 12:27:44 +01:00
Yevhenii Shcherbina	dcdca814d6	chore: fix pty-max-limit flake (#22147 ) ### Notes - Closes https://github.com/coder/internal/issues/558 - I closed previous attempt with `ptySemaphore`: https://github.com/coder/coder/pull/21981 - We can consider implementing the retries proposed by Spike in: https://github.com/coder/coder/pull/21981#pullrequestreview-3783200423, if increasing the limit isn’t enough. - I looked into Datadog — this particular test doesn’t seem very flaky right now. It failed once in the Nightly gauntlet (3 weeks ago), but it hasn’t failed again in the last 3 months (at least I couldn’t find any other failures in Datadog). ## Fix PTY exhaustion flake on macOS CI ### Problem macOS CI runners were experiencing PTY exhaustion during test runs, causing flakes. The default PTY limit on macOS is 511, which can be insufficient when running parallel tests. ### Solution Added a CI step to increase the PTY limit on macOS runners from the default 511 to the maximum allowed value of 999 before running tests. ### Changes - Added `Increase PTY limit (macOS)` step in `.github/workflows/ci.yaml` - Sets `kern.tty.ptmx_max=999` using `sysctl` (maximum value on our CI runners) - Runs only on macOS runners before the test-go-pg action	2026-02-18 08:38:35 -05:00
dependabot[bot]	06cfe2705a	ci: bump the github-actions group with 3 updates (#22125 ) Bumps the github-actions group with 3 updates: [step-security/harden-runner](https://github.com/step-security/harden-runner), [depot/setup-action](https://github.com/depot/setup-action) and [depot/build-push-action](https://github.com/depot/build-push-action). Updates `step-security/harden-runner` from 2.14.1 to 2.14.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's releases</a>.</em></p> <blockquote> <h2>v2.14.2</h2> <h2>What's Changed</h2> <p>Security fix: Fixed a medium severity vulnerability where outbound network connections using sendto, sendmsg, and sendmmsg socket system calls could bypass audit logging when using egress-policy: audit. This issue only affects the Community Tier in audit mode; block mode and Enterprise Tier were not affected. See <a href="https://github.com/step-security/harden-runner/security/advisories/GHSA-cpmj-h4f6-r6pq">GHSA-cpmj-h4f6-r6pq</a> for details.</p> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2.14.1...v2.14.2">https://github.com/step-security/harden-runner/compare/v2.14.1...v2.14.2</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/step-security/harden-runner/commit/5ef0c079ce82195b2a36a210272d6b661572d83e"><code>5ef0c07</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/635">#635</a> from step-security/rc-34</li> <li><a href="https://github.com/step-security/harden-runner/commit/eb43c7b3fd5a30c42ff1ab84b494f1cc6c7cc3b6"><code>eb43c7b</code></a> update agent</li> <li>See full diff in <a href="https://github.com/step-security/harden-runner/compare/e3f713f2d8f53843e71c69a996d56f51aa9adfb9...5ef0c079ce82195b2a36a210272d6b661572d83e">compare view</a></li> </ul> </details> <br /> Updates `depot/setup-action` from 1.6.0 to 1.7.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/depot/setup-action/releases">depot/setup-action's releases</a>.</em></p> <blockquote> <h2>v1.7.1</h2> <h2>What's Changed</h2> <ul> <li>Update release workflow to ubuntu-latest (<a href="https://redirect.github.com/depot/setup-action/issues/19">#19</a>) <a href="https://github.com/jacobwgillespie"><code>@jacobwgillespie</code></a></li> </ul> <h2>v1.7.0</h2> <h2>What's Changed</h2> <ul> <li>chore: update node to v24 (<a href="https://redirect.github.com/depot/setup-action/issues/18">#18</a>) <a href="https://github.com/WitoDelnat"><code>@WitoDelnat</code></a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/depot/setup-action/commit/15c09a5f77a0840ad4bce955686522a257853461"><code>15c09a5</code></a> Merge pull request <a href="https://redirect.github.com/depot/setup-action/issues/19">#19</a> from depot/jacobwgillespie-patch-1</li> <li><a href="https://github.com/depot/setup-action/commit/3194a53ed0aa42e00bc88f2411ab49d3f60219ba"><code>3194a53</code></a> Update release workflow to ubuntu-latest</li> <li><a href="https://github.com/depot/setup-action/commit/c0b08c3ba30137f89e75961508b587484558ff0f"><code>c0b08c3</code></a> Merge pull request <a href="https://redirect.github.com/depot/setup-action/issues/18">#18</a> from depot/wito/dep-2955-update-our-actions-to-use-nod...</li> <li><a href="https://github.com/depot/setup-action/commit/23e67ebf8b5a313459580616cd34c7787607ac86"><code>23e67eb</code></a> chore: update action dependencies</li> <li><a href="https://github.com/depot/setup-action/commit/0886069e678860faf0d22c46e9f154d35beaa529"><code>0886069</code></a> chore: update node to v24</li> <li>See full diff in <a href="https://github.com/depot/setup-action/compare/b0b1ea4f69e92ebf5dea3f8713a1b0c37b2126a5...15c09a5f77a0840ad4bce955686522a257853461">compare view</a></li> </ul> </details> <br /> Updates `depot/build-push-action` from 1.16.2 to 1.17.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/depot/build-push-action/releases">depot/build-push-action's releases</a>.</em></p> <blockquote> <h2>v1.17.0</h2> <h2>What's Changed</h2> <ul> <li>chore: update node to v24 (<a href="https://redirect.github.com/depot/build-push-action/issues/46">#46</a>) <a href="https://github.com/WitoDelnat"><code>@WitoDelnat</code></a></li> <li>Fix typo (<a href="https://redirect.github.com/depot/build-push-action/issues/45">#45</a>) <a href="https://github.com/gavrie"><code>@gavrie</code></a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/depot/build-push-action/commit/5f3b3c2e5a00f0093de47f657aeaefcedff27d18"><code>5f3b3c2</code></a> Merge pull request <a href="https://redirect.github.com/depot/build-push-action/issues/46">#46</a> from depot/wito/dep-2955-update-our-actions-to-use-nod...</li> <li><a href="https://github.com/depot/build-push-action/commit/1c8a5de5bf842e36234a9f65b76b66173541193f"><code>1c8a5de</code></a> chore: update actions dependency</li> <li><a href="https://github.com/depot/build-push-action/commit/88deb2d202089ac6bada8368187086a1d5cb6daa"><code>88deb2d</code></a> chore: update node to v24</li> <li><a href="https://github.com/depot/build-push-action/commit/eb4edcff909a80720d31732b633e4691b0c7cf02"><code>eb4edcf</code></a> Merge pull request <a href="https://redirect.github.com/depot/build-push-action/issues/45">#45</a> from gavrie/fix-typo</li> <li><a href="https://github.com/depot/build-push-action/commit/b7a09de6c74816aaa562b09c2d4082c63c68629a"><code>b7a09de</code></a> Fix typo</li> <li>See full diff in <a href="https://github.com/depot/build-push-action/compare/9785b135c3c76c33db102e45be96a25ab55cd507...5f3b3c2e5a00f0093de47f657aeaefcedff27d18">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-02-16 13:24:16 +00:00
dependabot[bot]	19d24075da	ci: bump the github-actions group with 4 updates (#22010 ) Bumps the github-actions group with 4 updates: [actions/cache](https://github.com/actions/cache), [docker/login-action](https://github.com/docker/login-action), [actions/attest](https://github.com/actions/attest) and [nix-community/cache-nix-action](https://github.com/nix-community/cache-nix-action). Updates `actions/cache` from 5.0.2 to 5.0.3 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/cache/releases">actions/cache's releases</a>.</em></p> <blockquote> <h2>v5.0.3</h2> <h2>What's Changed</h2> <ul> <li>Bump <code>@actions/cache</code> to v5.0.5 (Resolves: <a href="https://github.com/actions/cache/security/dependabot/33">https://github.com/actions/cache/security/dependabot/33</a>)</li> <li>Bump <code>@actions/core</code> to v2.0.3</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/cache/compare/v5...v5.0.3">https://github.com/actions/cache/compare/v5...v5.0.3</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/cache/blob/main/RELEASES.md">actions/cache's changelog</a>.</em></p> <blockquote> <h1>Releases</h1> <h2>How to prepare a release</h2> <blockquote> <p>[!NOTE]<br /> Relevant for maintainers with write access only.</p> </blockquote> <ol> <li>Switch to a new branch from <code>main</code>.</li> <li>Run <code>npm test</code> to ensure all tests are passing.</li> <li>Update the version in <a href="https://github.com/actions/cache/blob/main/package.json"><code>https://github.com/actions/cache/blob/main/package.json</code></a>.</li> <li>Run <code>npm run build</code> to update the compiled files.</li> <li>Update this <a href="https://github.com/actions/cache/blob/main/RELEASES.md"><code>https://github.com/actions/cache/blob/main/RELEASES.md</code></a> with the new version and changes in the <code>## Changelog</code> section.</li> <li>Run <code>licensed cache</code> to update the license report.</li> <li>Run <code>licensed status</code> and resolve any warnings by updating the <a href="https://github.com/actions/cache/blob/main/.licensed.yml"><code>https://github.com/actions/cache/blob/main/.licensed.yml</code></a> file with the exceptions.</li> <li>Commit your changes and push your branch upstream.</li> <li>Open a pull request against <code>main</code> and get it reviewed and merged.</li> <li>Draft a new release <a href="https://github.com/actions/cache/releases">https://github.com/actions/cache/releases</a> use the same version number used in <code>package.json</code> <ol> <li>Create a new tag with the version number.</li> <li>Auto generate release notes and update them to match the changes you made in <code>RELEASES.md</code>.</li> <li>Toggle the set as the latest release option.</li> <li>Publish the release.</li> </ol> </li> <li>Navigate to <a href="https://github.com/actions/cache/actions/workflows/release-new-action-version.yml">https://github.com/actions/cache/actions/workflows/release-new-action-version.yml</a> <ol> <li>There should be a workflow run queued with the same version number.</li> <li>Approve the run to publish the new version and update the major tags for this action.</li> </ol> </li> </ol> <h2>Changelog</h2> <h3>5.0.3</h3> <ul> <li>Bump <code>@actions/cache</code> to v5.0.5 (Resolves: <a href="https://github.com/actions/cache/security/dependabot/33">https://github.com/actions/cache/security/dependabot/33</a>)</li> <li>Bump <code>@actions/core</code> to v2.0.3</li> </ul> <h3>5.0.2</h3> <ul> <li>Bump <code>@actions/cache</code> to v5.0.3 <a href="https://redirect.github.com/actions/cache/pull/1692">#1692</a></li> </ul> <h3>5.0.1</h3> <ul> <li>Update <code>@azure/storage-blob</code> to <code>^12.29.1</code> via <code>@actions/cache@5.0.1</code> <a href="https://redirect.github.com/actions/cache/pull/1685">#1685</a></li> </ul> <h3>5.0.0</h3> <blockquote> <p>[!IMPORTANT] <code>actions/cache@v5</code> runs on the Node.js 24 runtime and requires a minimum Actions Runner version of <code>2.327.1</code>. If you are using self-hosted runners, ensure they are updated before upgrading.</p> </blockquote> <h3>4.3.0</h3> <ul> <li>Bump <code>@actions/cache</code> to <a href="https://redirect.github.com/actions/toolkit/pull/2132">v4.1.0</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/cache/commit/cdf6c1fa76f9f475f3d7449005a359c84ca0f306"><code>cdf6c1f</code></a> Merge pull request <a href="https://redirect.github.com/actions/cache/issues/1695">#1695</a> from actions/Link-/prepare-5.0.3</li> <li><a href="https://github.com/actions/cache/commit/a1bee22673bee4afb9ce4e0a1dc3da1c44060b7d"><code>a1bee22</code></a> Add review for the <code>@actions/http-client</code> license</li> <li><a href="https://github.com/actions/cache/commit/46957638dc5c5ff0c34c0143f443c07d3a7c769f"><code>4695763</code></a> Add licensed output</li> <li><a href="https://github.com/actions/cache/commit/dc73bb9f7bf74a733c05ccd2edfd1f2ac9e5f502"><code>dc73bb9</code></a> Upgrade dependencies and address security warnings</li> <li><a href="https://github.com/actions/cache/commit/345d5c2f761565bace4b6da356737147e9041e3a"><code>345d5c2</code></a> Add 5.0.3 builds</li> <li>See full diff in <a href="https://github.com/actions/cache/compare/8b402f58fbc84540c8b491a91e594a4576fec3d7...cdf6c1fa76f9f475f3d7449005a359c84ca0f306">compare view</a></li> </ul> </details> <br /> Updates `docker/login-action` from 3.6.0 to 3.7.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/login-action/releases">docker/login-action's releases</a>.</em></p> <blockquote> <h2>v3.7.0</h2> <ul> <li>Add <code>scope</code> input to set scopes for the authentication token by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/login-action/pull/912">docker/login-action#912</a></li> <li>Add support for AWS European Sovereign Cloud ECR by <a href="https://github.com/dphi"><code>@dphi</code></a> in <a href="https://redirect.github.com/docker/login-action/pull/914">docker/login-action#914</a></li> <li>Ensure passwords are redacted with <code>registry-auth</code> input by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/login-action/pull/911">docker/login-action#911</a></li> <li>build(deps): bump lodash from 4.17.21 to 4.17.23 in <a href="https://redirect.github.com/docker/login-action/pull/915">docker/login-action#915</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/login-action/compare/v3.6.0...v3.7.0">https://github.com/docker/login-action/compare/v3.6.0...v3.7.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/docker/login-action/commit/c94ce9fb468520275223c153574b00df6fe4bcc9"><code>c94ce9f</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/915">#915</a> from docker/dependabot/npm_and_yarn/lodash-4.17.23</li> <li><a href="https://github.com/docker/login-action/commit/8339c958ce8511f38d0c474c1886a87c802bf1ef"><code>8339c95</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/912">#912</a> from docker/scope</li> <li><a href="https://github.com/docker/login-action/commit/c83e9320c8beb50b77dd007c46d5c8161f0cac4a"><code>c83e932</code></a> build(deps): bump lodash from 4.17.21 to 4.17.23</li> <li><a href="https://github.com/docker/login-action/commit/b268aa57e39ff0a5386d2fd1eded4e2e1d60d705"><code>b268aa5</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/login-action/commit/a60322927812ddc99316dd6252b4fba6d8f09ac1"><code>a603229</code></a> documentation for scope input</li> <li><a href="https://github.com/docker/login-action/commit/7567f92a74b2639be1bd8bc932a112a0d81283da"><code>7567f92</code></a> Add scope input to set scopes for the authentication token</li> <li><a href="https://github.com/docker/login-action/commit/0567fa5ae8c9a197cb207537dc5cbb43ca3d803f"><code>0567fa5</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/914">#914</a> from dphi/add-support-for-amazonaws.eu</li> <li><a href="https://github.com/docker/login-action/commit/f6ef57754547a85003a0e18f789be661346d4a6e"><code>f6ef577</code></a> feat: add support for AWS European Sovereign Cloud ECR registries</li> <li><a href="https://github.com/docker/login-action/commit/916386b00027d425839f8da46d302dab33f5875b"><code>916386b</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/911">#911</a> from crazy-max/ensure-redact</li> <li><a href="https://github.com/docker/login-action/commit/5b3f94a294ea5478af3af437baa6ad0d3dcd04fd"><code>5b3f94a</code></a> chore: update generated content</li> <li>Additional commits viewable in <a href="https://github.com/docker/login-action/compare/5e57cd118135c172c3672efd75eb46360885c0ef...c94ce9fb468520275223c153574b00df6fe4bcc9">compare view</a></li> </ul> </details> <br /> Updates `actions/attest` from 3.1.0 to 3.2.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/attest/releases">actions/attest's releases</a>.</em></p> <blockquote> <h2>v3.2.0</h2> <h2>What's Changed</h2> <ul> <li>Bump the npm-development group with 3 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/attest/pull/320">actions/attest#320</a></li> <li>Validate repository org-ownership before storage record creation by <a href="https://github.com/malancas"><code>@malancas</code></a> in <a href="https://redirect.github.com/actions/attest/pull/328">actions/attest#328</a></li> <li>Update version to 3.2.0 by <a href="https://github.com/malancas"><code>@malancas</code></a> in <a href="https://redirect.github.com/actions/attest/pull/334">actions/attest#334</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/attest/compare/v3.1.0...v3.2.0">https://github.com/actions/attest/compare/v3.1.0...v3.2.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/attest/commit/e59cbc1ad1ac2d59339667419eb8cdde6eb61e3d"><code>e59cbc1</code></a> Update version to 3.2.0 (<a href="https://redirect.github.com/actions/attest/issues/334">#334</a>)</li> <li><a href="https://github.com/actions/attest/commit/20eb46ce7aac0a8d0fb0ba74463460bff36cc0bd"><code>20eb46c</code></a> Validate repository org-ownership before storage record creation (<a href="https://redirect.github.com/actions/attest/issues/328">#328</a>)</li> <li><a href="https://github.com/actions/attest/commit/7433fa7e7a4d4084bbd71358379fa9b45ce9d4d7"><code>7433fa7</code></a> Update <code>undici</code> development dependency to the latest version (<a href="https://redirect.github.com/actions/attest/issues/332">#332</a>)</li> <li><a href="https://github.com/actions/attest/commit/c03bf4160d4018cb293f5dcbf204e47c1b2808e1"><code>c03bf41</code></a> Bump the npm-development group with 3 updates (<a href="https://redirect.github.com/actions/attest/issues/320">#320</a>)</li> <li>See full diff in <a href="https://github.com/actions/attest/compare/7667f588f2f73a90cea6c7ac70e78266c4f76616...e59cbc1ad1ac2d59339667419eb8cdde6eb61e3d">compare view</a></li> </ul> </details> <br /> Updates `nix-community/cache-nix-action` from 7.0.1 to 7.0.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/nix-community/cache-nix-action/releases">nix-community/cache-nix-action's releases</a>.</em></p> <blockquote> <h2>v7.0.2</h2> <h2>What's Changed</h2> <h2>Fixed</h2> <ul> <li>Fix: Nix versions under <code>v2.33</code> not supported by <a href="https://github.com/deemp"><code>@deemp</code></a> in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/295">nix-community/cache-nix-action#295</a></li> <li>Use a more precise check by <a href="https://github.com/deemp"><code>@deemp</code></a> in 47869c4cbb023c803424e7311f07a744a2d66296</li> </ul> <h2>Changed (deps)</h2> <!-- raw HTML omitted --> <ul> <li>chore(deps-dev): bump <code>@typescript-eslint/eslint-plugin</code> from 8.53.0 to 8.53.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/284">nix-community/cache-nix-action#284</a></li> <li>chore(deps): bump DeterminateSystems/determinate-nix-action from 3.15.1 to 3.15.2 in the minor-actions-dependencies group by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/288">nix-community/cache-nix-action#288</a></li> <li>chore(deps-dev): bump eslint-config-love from 144.0.0 to 147.0.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/287">nix-community/cache-nix-action#287</a></li> <li>chore(deps-dev): bump prettier from 3.8.0 to 3.8.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/286">nix-community/cache-nix-action#286</a></li> <li>chore(deps-dev): bump <code>@typescript-eslint/parser</code> from 8.53.1 to 8.54.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/290">nix-community/cache-nix-action#290</a></li> <li>chore(deps): bump <code>@actions/github</code> from 7.0.0 to 8.0.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/291">nix-community/cache-nix-action#291</a></li> <li>chore(deps-dev): bump <code>@typescript-eslint/eslint-plugin</code> from 8.53.1 to 8.54.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/289">nix-community/cache-nix-action#289</a></li> <li>chore(deps-dev): bump eslint-config-love from 147.0.0 to 149.0.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/294">nix-community/cache-nix-action#294</a></li> </ul> <!-- raw HTML omitted --> <p><strong>Full Changelog</strong>: <a href="https://github.com/nix-community/cache-nix-action/compare/v7...v7.0.2">https://github.com/nix-community/cache-nix-action/compare/v7...v7.0.2</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/nix-community/cache-nix-action/commit/7df957e333c1e5da7721f60227dbba6d06080569"><code>7df957e</code></a> chore: build the action</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/47869c4cbb023c803424e7311f07a744a2d66296"><code>47869c4</code></a> fix(action): use a more precise check</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/eca69c462eda8455304862773d53bfe08a7c1fad"><code>eca69c4</code></a> Merge pull request <a href="https://redirect.github.com/nix-community/cache-nix-action/issues/295">#295</a> from nix-community/nix-versions-under-v233-not-supported</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/b6fd2e3f7b9992c952409248b26c3806976ca922"><code>b6fd2e3</code></a> feat(ci): add test with Nix version <2.33</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/ddd9cbc8ee25d0dbd64bc7bf380398d810fedcc0"><code>ddd9cbc</code></a> fix(ci): bump action version</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/922e9060c19ec2c406a055d4255ec1760e0af798"><code>922e906</code></a> chore: build the action</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/4038f94ae961f71f156295e34fc27af3846cb555"><code>4038f94</code></a> refactor(action): rename constants for command results</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/dfde4d35b86aa2875e5829cfc8b6c2d4c203ab9b"><code>dfde4d3</code></a> fix(action): choose command based on the Nix version</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/4b2dd9ec99b6d72fad66eeff381bc94d20d7207d"><code>4b2dd9e</code></a> Merge pull request <a href="https://redirect.github.com/nix-community/cache-nix-action/issues/294">#294</a> from nix-community/dependabot/npm_and_yarn/eslint-con...</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/273d1a77100543feec627c2bdd09b6c7060b88ab"><code>273d1a7</code></a> chore(deps-dev): bump eslint-config-love from 147.0.0 to 149.0.0</li> <li>Additional commits viewable in <a href="https://github.com/nix-community/cache-nix-action/compare/106bba72ed8e29c8357661199511ef07790175e9...7df957e333c1e5da7721f60227dbba6d06080569">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-02-09 13:35:13 +00:00
Dean Sheather	d3036d569e	chore: only run lint-actions job on CI changes (#21999 ) It was split to reduce flaking, but still always ran on `main` anyways	2026-02-09 05:31:17 +00:00
DevCats	a5bc0eb37d	fix: limit doc-check comments by restricting to one sticky comment and updating logic (#21933 ) This pull request updates the documentation review workflow in `.github/workflows/doc-check.yaml` to improve clarity and introduce sticky comment logic for doc-check reviews. The changes focus on refining the review context messages and providing detailed instructions for updating existing doc-check comments, ensuring more consistent and actionable documentation feedback. Workflow message and prompt improvements: * Refined the context messages for different PR trigger types to be clearer and less repetitive, making instructions more concise for the agent. Sticky comment logic and instructions: * Updated the task prompt to instruct the agent to look for an existing doc-check comment containing `<!-- doc-check-sticky -->` and update it instead of creating a new one, supporting more efficient and organized review threads. * Added detailed instructions for how to update sticky comments, including checking off addressed items, striking through items no longer needed, adding new items, and warning if changes can't be verified. * Modified the comment format example to include sticky comment conventions, such as strikethrough for reverted items, checkboxes for addressed items, and warnings for unverifiable documentation changes. * Ensured the `<!-- doc-check-sticky -->` marker is placed at the end of the comment for easier identification and updates in future runs.	2026-02-06 09:26:31 -06:00
Ethan	dc633e22a3	ci: add setup-gnu-tools action for macOS runners (#21938 ) macOS runners lack GNU toolchain dependencies (bash 4+, GNU getopt, make 4+) required by `scripts/lib.sh`. When any script sources `lib.sh`, it checks for these dependencies and fails if they're missing. This caused consistent failures in the `test-go-pg (macos-latest)` job in `nightly-gauntlet.yaml`, which didn't have the GNU tools setup that `ci.yaml` had. Commit `9a417df` ("ci: add retry logic for Go module operations") added a macOS GNU tools step to `ci.yaml`, but `nightly-gauntlet.yaml` was not updated. This PR adds a reusable `setup-gnu-tools` action and uses it consistently across all workflows with macOS jobs, replacing the inline brew install steps. Closes https://github.com/coder/internal/issues/1133	2026-02-05 05:06:10 +00:00
Danny Kopping	29b1aea736	chore: make AI code review opt-in (#21883 ) The comments generated are too noisy and not of sufficiently high signal that we should automatically opt every PR in. This PR moves the trigger to the `code-review` label _only_. Signed-off-by: Danny Kopping <danny@coder.com>	2026-02-04 17:23:23 +02:00
Dean Sheather	b8b8387b27	chore: allow blinkagent[bot] to bypass CLA check (#21872 )	2026-02-03 03:03:51 +00:00
DevCats	885aeed91b	feat: add code-review skill and align workflow with doc-check (#21668 ) This pull request adds a new documentation file that defines the "code-review" skill for use in the project. The document outlines a standard workflow, severity levels, key areas to focus on during code reviews, and Coder-specific review guidelines. This aims to standardize and improve the quality and consistency of code reviews across the team. Documentation and process standardization: * Added `.claude/skills/code-review/SKILL.md`, which describes the code-review skill, including workflow steps, severity levels, what to look for in reviews, and what not to comment on. It also provides Coder-specific patterns and best practices for authorization, error handling, and shell scripting.	2026-02-02 17:49:45 +00:00
dependabot[bot]	1276b9d9b7	ci: bump the github-actions group with 2 updates (#21846 ) [//]: # (dependabot-start) ⚠️ Dependabot is rebasing this PR ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps the github-actions group with 2 updates: [step-security/harden-runner](https://github.com/step-security/harden-runner) and [actions/setup-java](https://github.com/actions/setup-java). Updates `step-security/harden-runner` from 2.14.0 to 2.14.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's releases</a>.</em></p> <blockquote> <h2>v2.14.1</h2> <h2>What's Changed</h2> <ol> <li> <p>In some self-hosted environments, the agent could briefly fall back to public DNS resolvers during startup if the system DNS was not yet available. This behavior was unintended for GitHub-hosted runners and has now been fixed to prevent any use of public DNS resolvers.</p> </li> <li> <p>Fixed npm audit vulnerabilities</p> </li> </ol> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2.14.0...v2.14.1">https://github.com/step-security/harden-runner/compare/v2.14.0...v2.14.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/step-security/harden-runner/commit/e3f713f2d8f53843e71c69a996d56f51aa9adfb9"><code>e3f713f</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/631">#631</a> from step-security/rc-31</li> <li><a href="https://github.com/step-security/harden-runner/commit/423acdda6fd4f75f197b7c305a3f2e3d700dc00b"><code>423acdd</code></a> chore: fix npm audit vulnerabilities</li> <li><a href="https://github.com/step-security/harden-runner/commit/0ddb86cf0353b79dbed5bb8cef4103700cea70a7"><code>0ddb86c</code></a> update agent</li> <li>See full diff in <a href="https://github.com/step-security/harden-runner/compare/20cf305ff2072d973412fa9b1e3a4f227bda3c76...e3f713f2d8f53843e71c69a996d56f51aa9adfb9">compare view</a></li> </ul> </details> <br /> Updates `actions/setup-java` from 5.1.0 to 5.2.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/setup-java/releases">actions/setup-java's releases</a>.</em></p> <blockquote> <h2>v5.2.0</h2> <h2>What's Changed</h2> <h3>Enhancement</h3> <ul> <li>Retry on HTTP 522 Connection timed out by <a href="https://github.com/findepi"><code>@findepi</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/964">actions/setup-java#964</a></li> </ul> <h3>Documentation Changes</h3> <ul> <li>Update gradle caching by <a href="https://github.com/priya-kinthali"><code>@priya-kinthali</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/972">actions/setup-java#972</a></li> <li>Update checkout to v6 by <a href="https://github.com/mahabaleshwars"><code>@mahabaleshwars</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/973">actions/setup-java#973</a></li> </ul> <h3>Dependency Updates</h3> <ul> <li>Upgrade <code>@actions/cache</code> to v5 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/968">actions/setup-java#968</a></li> <li>Upgrade actions/checkout from 5 to 6 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/961">actions/setup-java#961</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/findepi"><code>@findepi</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-java/pull/964">actions/setup-java#964</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/setup-java/compare/v5...v5.2.0">https://github.com/actions/setup-java/compare/v5...v5.2.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/setup-java/commit/be666c2fcd27ec809703dec50e508c2fdc7f6654"><code>be666c2</code></a> Chore: Version Update and Checkout Update to v6 (<a href="https://redirect.github.com/actions/setup-java/issues/973">#973</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/f7a6fefba97e80156950e16f2a9dafc8579b7d05"><code>f7a6fef</code></a> Bump actions/checkout from 5 to 6 (<a href="https://redirect.github.com/actions/setup-java/issues/961">#961</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/d81c4e45f3ac973cc936d79104023e20054ba578"><code>d81c4e4</code></a> Upgrade <code>@actions/cache</code> to v5 (<a href="https://redirect.github.com/actions/setup-java/issues/968">#968</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/1b1bbe1085cb6ab21b5b19b7bebc091a9430026a"><code>1b1bbe1</code></a> readme update (<a href="https://redirect.github.com/actions/setup-java/issues/972">#972</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/5d7b2146334bacf88728daaa70414a99f5164e0f"><code>5d7b214</code></a> Retry on HTTP 522 Connection timed out (<a href="https://redirect.github.com/actions/setup-java/issues/964">#964</a>)</li> <li>See full diff in <a href="https://github.com/actions/setup-java/compare/f2beeb24e141e01a676f977032f5a29d81c9e27e...be666c2fcd27ec809703dec50e508c2fdc7f6654">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-02-02 13:53:07 +00:00
Dean Sheather	bcc57632dd	ci: split lint-actions into separate job to reduce flakes (#21834 ) ## Summary The `lint/actions/zizmor` target flakes in CI due to network connectivity issues when running on depot runners (https://github.com/coder/internal/issues/1233). The zizmor tool needs to reach GitHub's API but intermittently fails with "Connection refused" errors. ## Changes - Creates a new `lint-actions` CI job that only runs when `.github/**` files are touched (using existing `ci` filter) - Removes zizmor from the main `lint` job - Uses a Makefile conditional to include actionlint in `make lint` locally but skip it in CI (where `lint-actions` handles it) This reduces unnecessary flake exposure for PRs that don't modify GitHub Actions files. ## Testing - `actionlint` passes on the modified ci.yaml - Verified Makefile conditional works: actionlint included locally, skipped when `CI=true` Fixes https://github.com/coder/internal/issues/1233	2026-02-03 00:32:09 +11:00
Kacper Sawicki	9a417df940	ci: add retry logic for Go module operations (#21609 ) ## Description Add exponential backoff retries to all `go install` and `go mod download` commands across CI workflows and actions. ## Why Fixes [coder/internal#1276](https://github.com/coder/internal/issues/1276) - CI fails when `sum.golang.org` returns 500 errors during Go module verification. This is an infrastructure-level flake that can't be controlled. ## Changes - Created `.github/scripts/retry.sh` - reusable retry helper with exponential backoff (2s, 4s, 8s delays, max 3 attempts), using `scripts/lib.sh` helpers - Wrapped all `go install` and `go mod download` commands with retry in: - `.github/actions/setup-go/action.yaml` - `.github/actions/setup-sqlc/action.yaml` - `.github/actions/setup-go-tools/action.yaml` - `.github/workflows/ci.yaml` - `.github/workflows/release.yaml` - `.github/workflows/security.yaml` - Added GNU tools setup (bash 4+, GNU getopt, make 4+) for macOS in `test-go-pg` job, since `retry.sh` uses `lib.sh` which requires these tools	2026-01-29 16:05:49 +01:00
DevCats	1b31279506	chore: update doc-check workflow to prevent unnecessary comments (#21737 ) This pull request makes a minor update to the documentation check workflow. It clarifies that a comment should not be posted if there are no documentation changes needed and simplifies the comment format instructions.	2026-01-28 22:02:16 +00:00
Jon Ayers	4ce4b5ef9f	chore: fix trivy dependency (#21736 )	2026-01-28 22:36:42 +01:00
DevCats	2ee3386cc5	chore: add ready_for_review trigger and disable auto-commenting to doc-check worfklow (#21667 ) This pull request updates the `.github/workflows/doc-check.yaml` workflow to improve how documentation reviews are triggered and handled, particularly for pull requests that are converted from draft to ready for review. The changes ensure that documentation checks are performed at the appropriate times and clarify the workflow's behavior. Workflow trigger and logic enhancements: * Added support for triggering the documentation check when a pull request is marked as "ready for review" (converted from draft), both in the workflow triggers and in the workflow logic. [[1]](diffhunk://#diff-46e6065a312f35e5d294476e7865089afd10e6072fed80ac77b257e090def149R9) [[2]](diffhunk://#diff-46e6065a312f35e5d294476e7865089afd10e6072fed80ac77b257e090def149R24) [[3]](diffhunk://#diff-46e6065a312f35e5d294476e7865089afd10e6072fed80ac77b257e090def149L39-R48) * Updated the internal context and trigger type handling to recognize and describe the "ready_for_review" event, providing more accurate context for the agent. [[1]](diffhunk://#diff-46e6065a312f35e5d294476e7865089afd10e6072fed80ac77b257e090def149R138-R140) [[2]](diffhunk://#diff-46e6065a312f35e5d294476e7865089afd10e6072fed80ac77b257e090def149R171-R173) Workflow behavior adjustment: * Changed the `comment-on-issue` setting to `false`, so the workflow will no longer automatically comment on the PR issue when running which was creating unnecessary noise.	2026-01-27 08:09:54 -06:00
dependabot[bot]	bb186b8699	ci: bump the github-actions group across 1 directory with 4 updates (#21683 ) Bumps the github-actions group with 4 updates in the / directory: [actions/checkout](https://github.com/actions/checkout), [actions/cache](https://github.com/actions/cache), [chromaui/action](https://github.com/chromaui/action) and [nix-community/cache-nix-action](https://github.com/nix-community/cache-nix-action). Updates `actions/checkout` from 6.0.1 to 6.0.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p> <blockquote> <h2>v6.0.2</h2> <h2>What's Changed</h2> <ul> <li>Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set by <a href="https://github.com/TingluoHuang"><code>@TingluoHuang</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2355">actions/checkout#2355</a></li> <li>Fix tag handling: preserve annotations and explicit fetch-tags by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2356">actions/checkout#2356</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v6.0.1...v6.0.2">https://github.com/actions/checkout/compare/v6.0.1...v6.0.2</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h2>v6.0.2</h2> <ul> <li>Fix tag handling: preserve annotations and explicit fetch-tags by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2356">actions/checkout#2356</a></li> </ul> <h2>v6.0.1</h2> <ul> <li>Add worktree support for persist-credentials includeIf by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2327">actions/checkout#2327</a></li> </ul> <h2>v6.0.0</h2> <ul> <li>Persist creds to a separate file by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2286">actions/checkout#2286</a></li> <li>Update README to include Node.js 24 support details and requirements by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2248">actions/checkout#2248</a></li> </ul> <h2>v5.0.1</h2> <ul> <li>Port v6 cleanup to v5 by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2301">actions/checkout#2301</a></li> </ul> <h2>v5.0.0</h2> <ul> <li>Update actions checkout to use node 24 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2226">actions/checkout#2226</a></li> </ul> <h2>v4.3.1</h2> <ul> <li>Port v6 cleanup to v4 by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2305">actions/checkout#2305</a></li> </ul> <h2>v4.3.0</h2> <ul> <li>docs: update README.md by <a href="https://github.com/motss"><code>@motss</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li> <li>Add internal repos for checking out multiple repositories by <a href="https://github.com/mouismail"><code>@mouismail</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li> <li>Documentation update - add recommended permissions to Readme by <a href="https://github.com/benwells"><code>@benwells</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li> <li>Adjust positioning of user email note and permissions heading by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2044">actions/checkout#2044</a></li> <li>Update README.md by <a href="https://github.com/nebuk89"><code>@nebuk89</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li> <li>Update CODEOWNERS for actions by <a href="https://github.com/TingluoHuang"><code>@TingluoHuang</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2224">actions/checkout#2224</a></li> <li>Update package dependencies by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li> </ul> <h2>v4.2.2</h2> <ul> <li><code>url-helper.ts</code> now leverages well-known environment variables by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1941">actions/checkout#1941</a></li> <li>Expand unit test coverage for <code>isGhes</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1946">actions/checkout#1946</a></li> </ul> <h2>v4.2.1</h2> <ul> <li>Check out other refs/* by commit if provided, fall back to ref by <a href="https://github.com/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1924">actions/checkout#1924</a></li> </ul> <h2>v4.2.0</h2> <ul> <li>Add Ref and Commit outputs by <a href="https://github.com/lucacome"><code>@lucacome</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1180">actions/checkout#1180</a></li> <li>Dependency updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>- <a href="https://redirect.github.com/actions/checkout/pull/1777">actions/checkout#1777</a>, <a href="https://redirect.github.com/actions/checkout/pull/1872">actions/checkout#1872</a></li> </ul> <h2>v4.1.7</h2> <ul> <li>Bump the minor-npm-dependencies group across 1 directory with 4 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1739">actions/checkout#1739</a></li> <li>Bump actions/checkout from 3 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1697">actions/checkout#1697</a></li> <li>Check out other refs/* by commit by <a href="https://github.com/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1774">actions/checkout#1774</a></li> <li>Pin actions/checkout's own workflows to a known, good, stable version. by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1776">actions/checkout#1776</a></li> </ul> <h2>v4.1.6</h2> <ul> <li>Check platform to set archive extension appropriately by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1732">actions/checkout#1732</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/checkout/commit/de0fac2e4500dabe0009e67214ff5f5447ce83dd"><code>de0fac2</code></a> Fix tag handling: preserve annotations and explicit fetch-tags (<a href="https://redirect.github.com/actions/checkout/issues/2356">#2356</a>)</li> <li><a href="https://github.com/actions/checkout/commit/064fe7f3312418007dea2b49a19844a9ee378f49"><code>064fe7f</code></a> Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set (...</li> <li>See full diff in <a href="https://github.com/actions/checkout/compare/8e8c483db84b4bee98b60c0593521ed34d9990e8...de0fac2e4500dabe0009e67214ff5f5447ce83dd">compare view</a></li> </ul> </details> <br /> Updates `actions/cache` from 5.0.1 to 5.0.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/cache/releases">actions/cache's releases</a>.</em></p> <blockquote> <h2>v.5.0.2</h2> <h1>v5.0.2</h1> <h2>What's Changed</h2> <p>When creating cache entries, 429s returned from the cache service will not be retried.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/cache/blob/main/RELEASES.md">actions/cache's changelog</a>.</em></p> <blockquote> <h1>Releases</h1> <h2>Changelog</h2> <h3>5.0.2</h3> <ul> <li>Bump <code>@actions/cache</code> to v5.0.3 <a href="https://redirect.github.com/actions/cache/pull/1692">#1692</a></li> </ul> <h3>5.0.1</h3> <ul> <li>Update <code>@azure/storage-blob</code> to <code>^12.29.1</code> via <code>@actions/cache@5.0.1</code> <a href="https://redirect.github.com/actions/cache/pull/1685">#1685</a></li> </ul> <h3>5.0.0</h3> <blockquote> <p>[!IMPORTANT] <code>actions/cache@v5</code> runs on the Node.js 24 runtime and requires a minimum Actions Runner version of <code>2.327.1</code>. If you are using self-hosted runners, ensure they are updated before upgrading.</p> </blockquote> <h3>4.3.0</h3> <ul> <li>Bump <code>@actions/cache</code> to <a href="https://redirect.github.com/actions/toolkit/pull/2132">v4.1.0</a></li> </ul> <h3>4.2.4</h3> <ul> <li>Bump <code>@actions/cache</code> to v4.0.5</li> </ul> <h3>4.2.3</h3> <ul> <li>Bump <code>@actions/cache</code> to v4.0.3 (obfuscates SAS token in debug logs for cache entries)</li> </ul> <h3>4.2.2</h3> <ul> <li>Bump <code>@actions/cache</code> to v4.0.2</li> </ul> <h3>4.2.1</h3> <ul> <li>Bump <code>@actions/cache</code> to v4.0.1</li> </ul> <h3>4.2.0</h3> <p>TLDR; The cache backend service has been rewritten from the ground up for improved performance and reliability. <a href="https://github.com/actions/cache">actions/cache</a> now integrates with the new cache service (v2) APIs.</p> <p>The new service will gradually roll out as of <strong>February 1st, 2025</strong>. The legacy service will also be sunset on the same date. Changes in these release are <strong>fully backward compatible</strong>.</p> <p><strong>We are deprecating some versions of this action</strong>. We recommend upgrading to version <code>v4</code> or <code>v3</code> as soon as possible before <strong>February 1st, 2025.</strong> (Upgrade instructions below).</p> <p>If you are using pinned SHAs, please use the SHAs of versions <code>v4.2.0</code> or <code>v3.4.0</code></p> <p>If you do not upgrade, all workflow runs using any of the deprecated <a href="https://github.com/actions/cache">actions/cache</a> will fail.</p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/cache/commit/8b402f58fbc84540c8b491a91e594a4576fec3d7"><code>8b402f5</code></a> Merge pull request <a href="https://redirect.github.com/actions/cache/issues/1692">#1692</a> from GhadimiR/main</li> <li><a href="https://github.com/actions/cache/commit/304ab5a0701ee61908ccb4b5822347949a2e2002"><code>304ab5a</code></a> license for httpclient</li> <li><a href="https://github.com/actions/cache/commit/609fc19e67cd310e97eb36af42355843ffcb35be"><code>609fc19</code></a> Update licensed record for cache</li> <li><a href="https://github.com/actions/cache/commit/b22231e43df11a67538c05e88835f1fa097599c5"><code>b22231e</code></a> Build</li> <li><a href="https://github.com/actions/cache/commit/93150cdfb36a9d84d4e8628c8870bec84aedcf8a"><code>93150cd</code></a> Add PR link to releases</li> <li><a href="https://github.com/actions/cache/commit/9b8ca9f07e012351dafbf1c878e8fe2ee9a01c84"><code>9b8ca9f</code></a> Bump actions/cache to 5.0.3</li> <li>See full diff in <a href="https://github.com/actions/cache/compare/9255dc7a253b0ccc959486e2bca901246202afeb...8b402f58fbc84540c8b491a91e594a4576fec3d7">compare view</a></li> </ul> </details> <br /> Updates `chromaui/action` from 13.3.4 to 13.3.5 <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/chromaui/action/commit/07791f8243f4cb2698bf4d00426baf4b2d1cb7e0"><code>07791f8</code></a> v13.3.5</li> <li>See full diff in <a href="https://github.com/chromaui/action/compare/4c20b95e9d3209ecfdf9cd6aace6bbde71ba1694...07791f8243f4cb2698bf4d00426baf4b2d1cb7e0">compare view</a></li> </ul> </details> <br /> Updates `nix-community/cache-nix-action` from 7.0.0 to 7.0.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/nix-community/cache-nix-action/releases">nix-community/cache-nix-action's releases</a>.</em></p> <blockquote> <h2>v7.0.1</h2> <h2>What's Changed</h2> <h2>Fixed</h2> <ul> <li>Checkpoint Nix store database before saving cache by <a href="https://github.com/CathalMullan"><code>@CathalMullan</code></a> in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/278">nix-community/cache-nix-action#278</a></li> <li>Checkpoint Nix store database before copying it by <a href="https://github.com/deemp"><code>@deemp</code></a> in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/279">nix-community/cache-nix-action#279</a></li> </ul> <h2>Fixed (CI)</h2> <ul> <li>Fix formatting in CI by <a href="https://github.com/deemp"><code>@deemp</code></a> in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/280">nix-community/cache-nix-action#280</a></li> <li>Fix workflows for PRs in CI by <a href="https://github.com/deemp"><code>@deemp</code></a> in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/281">nix-community/cache-nix-action#281</a></li> </ul> <h2>Changed (deps)</h2> <!-- raw HTML omitted --> <ul> <li>chore(deps): bump <code>@actions/github</code> from 6.0.1 to 7.0.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/272">nix-community/cache-nix-action#272</a></li> <li>chore(deps-dev): bump eslint-config-love from 140.0.0 to 144.0.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/271">nix-community/cache-nix-action#271</a></li> <li>chore(deps-dev): bump <code>@typescript-eslint/parser</code> from 8.51.0 to 8.52.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/269">nix-community/cache-nix-action#269</a></li> <li>chore(deps-dev): bump eslint-plugin-jest from 29.12.0 to 29.12.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/266">nix-community/cache-nix-action#266</a></li> <li>chore(deps-dev): bump <code>@typescript-eslint/eslint-plugin</code> from 8.51.0 to 8.52.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/268">nix-community/cache-nix-action#268</a></li> <li>chore(deps-dev): bump <code>@typescript-eslint/parser</code> from 8.52.0 to 8.53.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/273">nix-community/cache-nix-action#273</a></li> <li>chore(deps-dev): bump prettier from 3.7.4 to 3.8.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/277">nix-community/cache-nix-action#277</a></li> <li>chore(deps-dev): bump <code>@typescript-eslint/eslint-plugin</code> from 8.52.0 to 8.53.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/274">nix-community/cache-nix-action#274</a></li> </ul> <!-- raw HTML omitted --> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/CathalMullan"><code>@CathalMullan</code></a> made their first contribution in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/278">nix-community/cache-nix-action#278</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/nix-community/cache-nix-action/compare/v7...v7.0.1">https://github.com/nix-community/cache-nix-action/compare/v7...v7.0.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/nix-community/cache-nix-action/commit/106bba72ed8e29c8357661199511ef07790175e9"><code>106bba7</code></a> fix(ci): use a modern command</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/b244431fab1b7abe5a59cdf0a5333321adfc040f"><code>b244431</code></a> chore: update src</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/052bf75174c2526e286675ef224b3ed819ca069b"><code>052bf75</code></a> chore: update docs</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/c19319ee78cf2c8fdae7caec6d618d8d2f103a63"><code>c19319e</code></a> chore: build the action</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/e3b90182d2cfa77237ff1a124c0017402fe96732"><code>e3b9018</code></a> feat(action): add comment about checkpointing after database merging</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/05419d3e13bd8048ce71089f751a60193e8b2520"><code>05419d3</code></a> feat(readme): mention that the action may affect the workflow speed</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/0c043090a02147aa5edf074d1b0b7ccae887fd53"><code>0c04309</code></a> refactor(readme): group limitations and list them in separate sections</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/084a7ec7cc80327648e51c57b90e12b596675f40"><code>084a7ec</code></a> fix(github): adress linter comments and format templates</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/b23f7c961d5d57e86f703e0526f2b35fc9223c12"><code>b23f7c9</code></a> fix(ci): don't fail-fast</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/6b5a012f6e29cda21881bcb0432a5350d18b44ad"><code>6b5a012</code></a> Merge pull request <a href="https://redirect.github.com/nix-community/cache-nix-action/issues/281">#281</a> from nix-community/fix-prs</li> <li>Additional commits viewable in <a href="https://github.com/nix-community/cache-nix-action/compare/b426b118b6dc86d6952988d396aa7c6b09776d08...106bba72ed8e29c8357661199511ef07790175e9">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-01-26 13:20:40 +00:00
DevCats	338b952d71	chore: skip doc-check when secrets are not available (#21637 ) This pull request updates the `.github/workflows/doc-check.yaml` workflow to improve its handling of required secrets. The workflow now checks for the presence of necessary secrets before proceeding, and conditionally skips all subsequent steps if the secrets are unavailable. This prevents failures on pull requests where secrets are not accessible (such as from forks), and provides clear messaging for maintainers about manual triggering options. Key improvements: Secret availability checks and conditional execution: * Added an explicit step at the start of the workflow to check if required secrets (`DOC_CHECK_CODER_URL` and `DOC_CHECK_CODER_SESSION_TOKEN`) are available, and set an output flag (`skip`) accordingly. * Updated all subsequent workflow steps to include a conditional (`if: steps.check-secrets.outputs.skip != 'true'`), ensuring they only run if the secrets are present. This includes setup, context extraction, task creation, waiting, and summary steps. [[1]](diffhunk://#diff-46e6065a312f35e5d294476e7865089afd10e6072fed80ac77b257e090def149R59-R82) [[2]](diffhunk://#diff-46e6065a312f35e5d294476e7865089afd10e6072fed80ac77b257e090def149R140) [[3]](diffhunk://#diff-46e6065a312f35e5d294476e7865089afd10e6072fed80ac77b257e090def149R205) [[4]](diffhunk://#diff-46e6065a312f35e5d294476e7865089afd10e6072fed80ac77b257e090def149R215) [[5]](diffhunk://#diff-46e6065a312f35e5d294476e7865089afd10e6072fed80ac77b257e090def149R232) [[6]](diffhunk://#diff-46e6065a312f35e5d294476e7865089afd10e6072fed80ac77b257e090def149R250) * Modified the "Fetch Task Logs", "Cleanup Task", and "Write Final Summary" steps to combine their existing `always()` condition with the new secrets check, preventing unnecessary errors when secrets are missing. [[1]](diffhunk://#diff-46e6065a312f35e5d294476e7865089afd10e6072fed80ac77b257e090def149L314-R340) [[2]](diffhunk://#diff-46e6065a312f35e5d294476e7865089afd10e6072fed80ac77b257e090def149L327-R353) [[3]](diffhunk://#diff-46e6065a312f35e5d294476e7865089afd10e6072fed80ac77b257e090def149L339-R365) Documentation and messaging: * Added comments at the top of the workflow file to explain the secret requirements and the expected behavior for PRs without secrets, including instructions for maintainers on manual triggering.…se on pr's originating from forks. <!-- If you have used AI to produce some or all of this PR, please ensure you have read our [AI Contribution guidelines](https://coder.com/docs/about/contributing/AI_CONTRIBUTING) before submitting. -->	2026-01-23 12:15:07 -06:00
DevCats	26ce070393	feat: update doc-check workflow to utilize claude-skills (#21588 ) ## Summary Updates our existing doc-check workflow to utilize new claude-skills that exist in the repository for better contextual behavior with less prompting requirements in the workflow ## Changes ### New: Claude Skill (`.claude/skills/doc-check/SKILL.md`) Defines the doc-check workflow for Claude: - Check PR title first to skip irrelevant reviews (refactors, tests, chores) - Read code changes and search existing docs for related content - Post structured comments with specific recommendations ### Updated: GitHub Workflow (`.github/workflows/doc-check.yaml`) - Triggers: PR opened, updated (synchronize), `doc-check` label added, or manual dispatch - Task lifecycle: Creates task → monitors completion → fetches logs → cleans up - Context-aware prompts: Tells Claude if this is a new PR, update, or manual request - Uses `coder-username` parameter to run as `doc-check-bot` service account	2026-01-21 16:14:43 -06:00
dependabot[bot]	2c2c67665f	ci: bump the github-actions group across 1 directory with 3 updates (#21482 ) Bumps the github-actions group with 3 updates in the / directory: [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata), [nix-community/cache-nix-action](https://github.com/nix-community/cache-nix-action) and [toshimaru/auto-author-assign](https://github.com/toshimaru/auto-author-assign). Updates `dependabot/fetch-metadata` from 2.4.0 to 2.5.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/dependabot/fetch-metadata/releases">dependabot/fetch-metadata's releases</a>.</em></p> <blockquote> <h2>v2.5.0</h2> <h2>What's Changed</h2> <ul> <li>Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/628">dependabot/fetch-metadata#628</a></li> <li>Bump the dev-dependencies group with 11 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/629">dependabot/fetch-metadata#629</a></li> <li>Bump actions/create-github-app-token from 2.0.6 to 2.1.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/635">dependabot/fetch-metadata#635</a></li> <li>Bump actions/create-github-app-token from 2.1.1 to 2.1.4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/638">dependabot/fetch-metadata#638</a></li> <li>Bump actions/checkout from 4 to 5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/636">dependabot/fetch-metadata#636</a></li> <li>Bump actions/setup-node from 4 to 5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/637">dependabot/fetch-metadata#637</a></li> <li>Bump actions/setup-node from 5 to 6 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/639">dependabot/fetch-metadata#639</a></li> <li>Bump actions/create-github-app-token from 2.1.4 to 2.2.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/643">dependabot/fetch-metadata#643</a></li> <li>Bump actions/checkout from 5 to 6 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/642">dependabot/fetch-metadata#642</a></li> <li>Bump actions/create-github-app-token from 2.2.0 to 2.2.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/648">dependabot/fetch-metadata#648</a></li> <li>Bump js-yaml from 3.14.1 to 3.14.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/644">dependabot/fetch-metadata#644</a></li> <li>Bump express from 5.1.0 to 5.2.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/645">dependabot/fetch-metadata#645</a></li> <li>Bump <code>@modelcontextprotocol/sdk</code> from 1.11.2 to 1.24.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/647">dependabot/fetch-metadata#647</a></li> <li>v2.5.0 by <a href="https://github.com/fetch-metadata-action-automation"><code>@fetch-metadata-action-automation</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/631">dependabot/fetch-metadata#631</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/dependabot/fetch-metadata/compare/v2...v2.5.0">https://github.com/dependabot/fetch-metadata/compare/v2...v2.5.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/dependabot/fetch-metadata/commit/21025c705c08248db411dc16f3619e6b5f9ea21a"><code>21025c7</code></a> v2.5.0</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/252291c4909623444d34d29176583b6bae564c4a"><code>252291c</code></a> Merge pull request <a href="https://redirect.github.com/dependabot/fetch-metadata/issues/647">#647</a> from dependabot/dependabot/npm_and_yarn/modelcontextp...</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/fa144c97df0d508a206af2a27295ecc2935effbd"><code>fa144c9</code></a> chore: Migrate jest expectation function</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/33c7a0bfc8c64c28af2c81b3431ef4c59ec496b4"><code>33c7a0b</code></a> bug: Mock PR body in test</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/99c27add52552e57615946e8e3e30bb1e06c907f"><code>99c27ad</code></a> Bump <code>@modelcontextprotocol/sdk</code> from 1.11.2 to 1.24.0</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/3837dcc013fa49857b3ce43e5e985c87b36856fe"><code>3837dcc</code></a> Merge pull request <a href="https://redirect.github.com/dependabot/fetch-metadata/issues/645">#645</a> from dependabot/dependabot/npm_and_yarn/express-5.2.1</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/d411582f801e564114e3c0e221a9301030b6b7dd"><code>d411582</code></a> Bump express from 5.1.0 to 5.2.1</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/186ccbbe83ea100061d2a4e5ad1e78372b949c3f"><code>186ccbb</code></a> Merge pull request <a href="https://redirect.github.com/dependabot/fetch-metadata/issues/644">#644</a> from dependabot/dependabot/npm_and_yarn/js-yaml-3.14.2</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/84c891ecc223caac49af317368a1df9d6fb72ff7"><code>84c891e</code></a> Bump js-yaml from 3.14.1 to 3.14.2</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/4542092e926ee0072c057475cbe8b76968714a21"><code>4542092</code></a> Merge pull request <a href="https://redirect.github.com/dependabot/fetch-metadata/issues/648">#648</a> from dependabot/dependabot/github_actions/actions/cre...</li> <li>Additional commits viewable in <a href="https://github.com/dependabot/fetch-metadata/compare/08eff52bf64351f401fb50d4972fa95b9f2c2d1b...21025c705c08248db411dc16f3619e6b5f9ea21a">compare view</a></li> </ul> </details> <br /> Updates `nix-community/cache-nix-action` from 6.1.3 to 7.0.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/nix-community/cache-nix-action/releases">nix-community/cache-nix-action's releases</a>.</em></p> <blockquote> <h2>v7.0.0</h2> <h2>What's Changed</h2> <h3>Breaking changes</h3> <ul> <li>Cache only <code>/nix</code> by default by <a href="https://github.com/deemp"><code>@deemp</code></a> in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/261">nix-community/cache-nix-action#261</a></li> <li>Improve <code>saveFromGC</code> by <a href="https://github.com/deemp"><code>@deemp</code></a> in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/253">nix-community/cache-nix-action#253</a></li> <li>Update dependencies by <a href="https://github.com/deemp"><code>@deemp</code></a> in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/228">nix-community/cache-nix-action#228</a></li> </ul> <h3>Added</h3> <ul> <li>Support ca-derivations by <a href="https://github.com/deemp"><code>@deemp</code></a> in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/130">nix-community/cache-nix-action#130</a></li> <li>Support <code>cachix/install-nix-action</code> and <code>DeterminateSystems/determinate-nix-action</code> by <a href="https://github.com/deemp"><code>@deemp</code></a> in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/234">nix-community/cache-nix-action#234</a></li> <li>Support custom cache URL by <a href="https://github.com/deemp"><code>@deemp</code></a> in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/244">nix-community/cache-nix-action#244</a></li> <li>Use Temporal by <a href="https://github.com/deemp"><code>@deemp</code></a> in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/260">nix-community/cache-nix-action#260</a></li> </ul> <h3>Fixed</h3> <ul> <li>Fix assumptions in nix commands by <a href="https://github.com/deemp"><code>@deemp</code></a> in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/240">nix-community/cache-nix-action#240</a></li> <li>Install sqlite on macOS only when it's missing and if there's at least one cache to restore by <a href="https://github.com/deemp"><code>@deemp</code></a> in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/241">nix-community/cache-nix-action#241</a></li> <li>Run <code>zstd</code> in multi-threaded mode by <a href="https://github.com/deemp"><code>@deemp</code></a> in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/243">nix-community/cache-nix-action#243</a></li> <li>Align with upstream by <a href="https://github.com/deemp"><code>@deemp</code></a> in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/249">nix-community/cache-nix-action#249</a></li> <li>Update saveFromGC package by <a href="https://github.com/deemp"><code>@deemp</code></a> in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/254">nix-community/cache-nix-action#254</a></li> <li>Fix skipping restore on hit primary key by <a href="https://github.com/deemp"><code>@deemp</code></a> in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/259">nix-community/cache-nix-action#259</a></li> </ul> <h3>Changed (docs)</h3> <ul> <li>fix <code>nix_conf</code> example in readme by <a href="https://github.com/peterbecich"><code>@peterbecich</code></a> in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/132">nix-community/cache-nix-action#132</a></li> <li>add <code>nothing-but-nix</code> to readme by <a href="https://github.com/peterbecich"><code>@peterbecich</code></a> in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/162">nix-community/cache-nix-action#162</a></li> <li>Update status of <code>magic-nix-cache-action</code> by <a href="https://github.com/lucperkins"><code>@lucperkins</code></a> in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/161">nix-community/cache-nix-action#161</a></li> </ul> <h3>Changed (deps)</h3> <!-- raw HTML omitted --> <ul> <li>chore(deps): bump actions/checkout from 4 to 5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/183">nix-community/cache-nix-action#183</a></li> <li>chore(deps-dev): bump eslint from 9.22.0 to 9.37.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/207">nix-community/cache-nix-action#207</a></li> <li>chore(deps-dev): bump eslint-plugin-import from 2.31.0 to 2.32.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/210">nix-community/cache-nix-action#210</a></li> <li>chore(deps-dev): bump <code>@typescript-eslint/parser</code> from 8.26.1 to 8.46.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/208">nix-community/cache-nix-action#208</a></li> <li>chore(deps-dev): bump ts-jest from 29.2.6 to 29.4.4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/200">nix-community/cache-nix-action#200</a></li> <li>chore(deps): bump nixbuild/nix-quick-install-action from 30 to 34 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/204">nix-community/cache-nix-action#204</a></li> <li>chore(deps-dev): bump <code>@typescript-eslint/eslint-plugin</code> from 8.26.1 to 8.46.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/209">nix-community/cache-nix-action#209</a></li> <li>chore(deps-dev): bump eslint-import-resolver-typescript from 3.8.3 to 4.4.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/143">nix-community/cache-nix-action#143</a></li> <li>chore(deps-dev): bump eslint-plugin-n from 17.16.2 to 17.23.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/215">nix-community/cache-nix-action#215</a></li> <li>chore(deps-dev): bump nock from 14.0.1 to 14.0.10 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/213">nix-community/cache-nix-action#213</a></li> <li>chore(deps-dev): bump ts-jest from 29.4.4 to 29.4.5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/211">nix-community/cache-nix-action#211</a></li> <li>chore(deps-dev): bump eslint-plugin-jest from 28.11.0 to 29.0.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/214">nix-community/cache-nix-action#214</a></li> <li>chore(deps): bump actions/checkout from 5 to 6 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/220">nix-community/cache-nix-action#220</a></li> <li>chore(deps): bump dedent from 1.5.3 to 1.7.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/218">nix-community/cache-nix-action#218</a></li> <li>chore(deps-dev): bump prettier from 3.5.3 to 3.6.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/216">nix-community/cache-nix-action#216</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/nix-community/cache-nix-action/commit/b426b118b6dc86d6952988d396aa7c6b09776d08"><code>b426b11</code></a> chore: update docs</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/4bec4a908ea92e7c1b67b20cc4fd603014a22e1c"><code>4bec4a9</code></a> fix(readme): improve the typical job explanation</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/a084f54b888218ed2c3f358e3d5a6ae5af164b25"><code>a084f54</code></a> chore: update docs</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/f0ee4ceeda6370d9059e4d1356124668f4cf0bfe"><code>f0ee4ce</code></a> fix(readme): improve the section about caching approaches</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/5764445d30f0763098b7a4ccbdaf01419d666e99"><code>5764445</code></a> fix(readme): improve example - show how to use ISO 8601 duration format in `p...</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/7b6e0ca65529ad4f25cc125059556d432556f564"><code>7b6e0ca</code></a> fix(readme): improve comments</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/01b2c9a1def1aa05e61ea0fd5772ffa018f3f677"><code>01b2c9a</code></a> Merge pull request <a href="https://redirect.github.com/nix-community/cache-nix-action/issues/264">#264</a> from nix-community/dependabot/npm_and_yarn/eslint-plu...</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/c62435b446f5eac45d711e3e9301350e8ac4bb16"><code>c62435b</code></a> chore(deps-dev): bump eslint-plugin-jest from 29.11.2 to 29.12.0</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/69bb33a85010f6093f94a43682182f5455b2c18d"><code>69bb33a</code></a> fix(readme): explain which files get restored</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/507f991008894d9be5f9cf90f38caaf3dcb650a2"><code>507f991</code></a> Merge pull request <a href="https://redirect.github.com/nix-community/cache-nix-action/issues/261">#261</a> from nix-community/cache-only-nix-store</li> <li>Additional commits viewable in <a href="https://github.com/nix-community/cache-nix-action/compare/135667ec418502fa5a3598af6fb9eb733888ce6a...b426b118b6dc86d6952988d396aa7c6b09776d08">compare view</a></li> </ul> </details> <br /> Updates `toshimaru/auto-author-assign` from 2.1.1 to 3.0.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/toshimaru/auto-author-assign/releases">toshimaru/auto-author-assign's releases</a>.</em></p> <blockquote> <h2>v3.0.1</h2> <!-- raw HTML omitted --> <h2>What's Changed</h2> <h3>Dependencies</h3> <ul> <li>build(deps): bump <code>@actions/core</code> from 1.11.1 to 2.0.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/toshimaru/auto-author-assign/pull/122">toshimaru/auto-author-assign#122</a></li> </ul> <h3>Chores</h3> <ul> <li>chore(main): release 3.0.1 by <a href="https://github.com/github-actions"><code>@github-actions</code></a>[bot] in <a href="https://redirect.github.com/toshimaru/auto-author-assign/pull/138">toshimaru/auto-author-assign#138</a></li> <li>Replace ubuntu-latest with ubuntu-slim across workflows and documentation by <a href="https://github.com/Copilot"><code>@Copilot</code></a> in <a href="https://redirect.github.com/toshimaru/auto-author-assign/pull/137">toshimaru/auto-author-assign#137</a></li> <li>Add workflow_dispatch trigger to release-please workflow by <a href="https://github.com/Copilot"><code>@Copilot</code></a> in <a href="https://redirect.github.com/toshimaru/auto-author-assign/pull/136">toshimaru/auto-author-assign#136</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/toshimaru/auto-author-assign/compare/v3.0.0...v3.0.1">https://github.com/toshimaru/auto-author-assign/compare/v3.0.0...v3.0.1</a></p> <h2>v3.0.0</h2> <!-- raw HTML omitted --> <h2>What's Changed</h2> <ul> <li>Bump Node.js from 20 to 24 by <a href="https://github.com/toshimaru"><code>@toshimaru</code></a> in <a href="https://redirect.github.com/toshimaru/auto-author-assign/pull/128">toshimaru/auto-author-assign#128</a></li> <li>Migrate from standard-version to release-please by <a href="https://github.com/toshimaru"><code>@toshimaru</code></a> in <a href="https://redirect.github.com/toshimaru/auto-author-assign/pull/129">toshimaru/auto-author-assign#129</a></li> <li>feat: Add <code>npm run package</code> instead of <code>build</code> by <a href="https://github.com/toshimaru"><code>@toshimaru</code></a> in <a href="https://redirect.github.com/toshimaru/auto-author-assign/pull/130">toshimaru/auto-author-assign#130</a></li> </ul> <h3>Chores</h3> <ul> <li>chore(main): release 3.0.0 by <a href="https://github.com/github-actions"><code>@github-actions</code></a>[bot] in <a href="https://redirect.github.com/toshimaru/auto-author-assign/pull/135">toshimaru/auto-author-assign#135</a></li> <li>chore: Remove reviewers from dependabot.yml by <a href="https://github.com/google-labs-jules"><code>@google-labs-jules</code></a>[bot] in <a href="https://redirect.github.com/toshimaru/auto-author-assign/pull/127">toshimaru/auto-author-assign#127</a></li> </ul> <h3>Docs</h3> <ul> <li>docs(ai): Create <code>AGENTS.md</code>(<code>CLAUDE.md</code>) file by <a href="https://github.com/toshimaru"><code>@toshimaru</code></a> in <a href="https://redirect.github.com/toshimaru/auto-author-assign/pull/125">toshimaru/auto-author-assign#125</a></li> <li>docs: bump version to 2.1.2 in <code>README.md</code> by <a href="https://github.com/toshimaru"><code>@toshimaru</code></a> in <a href="https://redirect.github.com/toshimaru/auto-author-assign/pull/134">toshimaru/auto-author-assign#134</a></li> <li>docs(ai): Create build-script.md for Claude Code / Restore <code>CHANGELOG.md</code> by <a href="https://github.com/toshimaru"><code>@toshimaru</code></a> in <a href="https://redirect.github.com/toshimaru/auto-author-assign/pull/132">toshimaru/auto-author-assign#132</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/toshimaru/auto-author-assign/compare/v2.1.2...v3.0.0">https://github.com/toshimaru/auto-author-assign/compare/v2.1.2...v3.0.0</a></p> <h2>v2.1.2</h2> <!-- raw HTML omitted --> <h2>What's Changed</h2> <h3>Dependencies</h3> <ul> <li>build(deps): bump actions/setup-node from 4 to 6 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/toshimaru/auto-author-assign/pull/110">toshimaru/auto-author-assign#110</a></li> <li>build(deps): bump actions/checkout from 4 to 6 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/toshimaru/auto-author-assign/pull/111">toshimaru/auto-author-assign#111</a></li> <li>build(deps): bump undici from 5.28.4 to 5.29.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/toshimaru/auto-author-assign/pull/118">toshimaru/auto-author-assign#118</a></li> <li>build(deps): bump <code>@octokit/plugin-paginate-rest</code> from 9.1.5 to 9.2.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/toshimaru/auto-author-assign/pull/115">toshimaru/auto-author-assign#115</a></li> <li>build(deps-dev): bump <code>@vercel/ncc</code> from 0.38.1 to 0.38.4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/toshimaru/auto-author-assign/pull/114">toshimaru/auto-author-assign#114</a></li> <li>build(deps): bump <code>@actions/core</code> from 1.10.1 to 1.11.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/toshimaru/auto-author-assign/pull/105">toshimaru/auto-author-assign#105</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/toshimaru/auto-author-assign/blob/main/CHANGELOG.md">toshimaru/auto-author-assign's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h2><a href="https://github.com/toshimaru/auto-author-assign/compare/v3.0.0...v3.0.1">3.0.1</a> (2025-12-25)</h2> <h3>Miscellaneous Chores</h3> <ul> <li>release 3.0.1 (<a href="https://github.com/toshimaru/auto-author-assign/commit/718d4ed5349747d47952ae841ae03fcbdd74ebea">718d4ed</a>)</li> </ul> <h2><a href="https://github.com/toshimaru/auto-author-assign/compare/v2.1.2...v3.0.0">3.0.0</a> (2025-12-21)</h2> <h3>Features</h3> <ul> <li>Add <code>npm run package</code> instead of <code>build</code> (<a href="https://redirect.github.com/toshimaru/auto-author-assign/issues/130">#130</a>) (<a href="https://github.com/toshimaru/auto-author-assign/commit/972720f0403d2873e807f16e350c5b0b1be4dda3">972720f</a>)</li> </ul> <h3>Miscellaneous Chores</h3> <ul> <li>release 3.0.0 (<a href="https://github.com/toshimaru/auto-author-assign/commit/d100ceff34d1e9cd2c4ea5b8055922f1409f3068">d100cef</a>)</li> </ul> <h3><a href="https://github.com/toshimaru/auto-author-assign/compare/v2.1.1...v2.1.2">2.1.2</a> (2025-12-16)</h3> <h3><a href="https://github.com/toshimaru/auto-author-assign/compare/v2.1.0...v2.1.1">2.1.1</a> (2024-06-26)</h3> <h2><a href="https://github.com/toshimaru/auto-author-assign/compare/v2.0.1...v2.1.0">2.1.0</a> (2024-01-17)</h2> <h3><a href="https://github.com/toshimaru/auto-author-assign/compare/v2.0.0...v2.0.1">2.0.1</a> (2023-09-26)</h3> <h2><a href="https://github.com/toshimaru/auto-author-assign/compare/v1.6.2...v2.0.0">2.0.0</a> (2023-09-24)</h2> <h3><a href="https://github.com/toshimaru/auto-author-assign/compare/v1.6.1...v1.6.2">1.6.2</a> (2023-01-03)</h3> <ul> <li>chore: dependencies update</li> </ul> <h3><a href="https://github.com/toshimaru/auto-author-assign/compare/v1.6.0...v1.6.1">1.6.1</a> (2022-08-01)</h3> <ul> <li>doc: README Update</li> </ul> <h3><a href="https://github.com/toshimaru/auto-author-assign/compare/v1.5.1...v1.6.0">1.6.0</a> (2022-07-28)</h3> <ul> <li>feat: Add auto-author-assign for the issues</li> </ul> <h3><a href="https://github.com/toshimaru/auto-author-assign/compare/v1.5.0...v1.5.1">1.5.1</a> (2022-07-22)</h3> <h3><a href="https://github.com/toshimaru/auto-author-assign/compare/v1.4.0...v1.5.0">1.5.0</a> (2022-03-28)</h3> <ul> <li>Bump node from node12 to node16</li> </ul> <h3><a href="https://github.com/toshimaru/auto-author-assign/compare/v1.3.7...v1.4.0">1.4.0</a> (2021-10-17)</h3> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/toshimaru/auto-author-assign/commit/4d585cc37690897bd9015942ed6e766aa7cdb97f"><code>4d585cc</code></a> chore(main): release 3.0.1 (<a href="https://redirect.github.com/toshimaru/auto-author-assign/issues/138">#138</a>)</li> <li><a href="https://github.com/toshimaru/auto-author-assign/commit/718d4ed5349747d47952ae841ae03fcbdd74ebea"><code>718d4ed</code></a> chore: release 3.0.1</li> <li><a href="https://github.com/toshimaru/auto-author-assign/commit/4a5388d22f6d4ff1d3dd731718ecef020b6ba4d7"><code>4a5388d</code></a> build(deps): bump <code>@actions/core</code> from 1.11.1 to 2.0.1 (<a href="https://redirect.github.com/toshimaru/auto-author-assign/issues/122">#122</a>)</li> <li><a href="https://github.com/toshimaru/auto-author-assign/commit/988cabb6fa31f6fbe7445a9404c4a81c595da880"><code>988cabb</code></a> Add workflow_dispatch to release-please.yml (<a href="https://redirect.github.com/toshimaru/auto-author-assign/issues/136">#136</a>)</li> <li><a href="https://github.com/toshimaru/auto-author-assign/commit/fccc493a2659c5efe9f9f5afbbba91afb29a8a2f"><code>fccc493</code></a> Replace ubuntu-latest with ubuntu-slim across workflows and documentation (<a href="https://redirect.github.com/toshimaru/auto-author-assign/issues/137">#137</a>)</li> <li><a href="https://github.com/toshimaru/auto-author-assign/commit/c66af760da33f680c9baa5e8aa27c3a933b11593"><code>c66af76</code></a> chore(main): release 3.0.0 (<a href="https://redirect.github.com/toshimaru/auto-author-assign/issues/135">#135</a>)</li> <li><a href="https://github.com/toshimaru/auto-author-assign/commit/d100ceff34d1e9cd2c4ea5b8055922f1409f3068"><code>d100cef</code></a> chore: release 3.0.0</li> <li><a href="https://github.com/toshimaru/auto-author-assign/commit/a076d1056015d81890e49a0cea0d907609200384"><code>a076d10</code></a> docs: bump version to 2.1.2 in <code>README.md</code> (<a href="https://redirect.github.com/toshimaru/auto-author-assign/issues/134">#134</a>)</li> <li><a href="https://github.com/toshimaru/auto-author-assign/commit/e7df92b95b730fface0fd16ad67929d77df07251"><code>e7df92b</code></a> docs(ai): Create build-script.md for Claude Code / Restore <code>CHANGELOG.md</code> (<a href="https://redirect.github.com/toshimaru/auto-author-assign/issues/132">#132</a>)</li> <li><a href="https://github.com/toshimaru/auto-author-assign/commit/972720f0403d2873e807f16e350c5b0b1be4dda3"><code>972720f</code></a> feat: Add <code>npm run package</code> instead of <code>build</code> (<a href="https://redirect.github.com/toshimaru/auto-author-assign/issues/130">#130</a>)</li> <li>Additional commits viewable in <a href="https://github.com/toshimaru/auto-author-assign/compare/16f0022cf3d7970c106d8d1105f75a1165edb516...4d585cc37690897bd9015942ed6e766aa7cdb97f">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-01-12 15:07:29 +00:00
dependabot[bot]	61c379dba6	ci: bump the github-actions group with 3 updates (#21394 ) Bumps the github-actions group with 3 updates: [actions/attest](https://github.com/actions/attest), [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) and [github/codeql-action](https://github.com/github/codeql-action). Updates `actions/attest` from 3.0.0 to 3.1.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/attest/releases">actions/attest's releases</a>.</em></p> <blockquote> <h2>v3.1.0</h2> <h2>What's Changed</h2> <ul> <li>Bump <code>@actions/attest</code> from 1.6.0 to 2.0.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/attest/pull/299">actions/attest#299</a></li> <li>Bump <code>@actions/core</code> from 1.11.1 to 2.0.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/attest/pull/318">actions/attest#318</a></li> <li>Create Artifact Metadata Storage Record on registry push by <a href="https://github.com/malancas"><code>@malancas</code></a> in <a href="https://redirect.github.com/actions/attest/pull/313">actions/attest#313</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/malancas"><code>@malancas</code></a> made their first contribution in <a href="https://redirect.github.com/actions/attest/pull/313">actions/attest#313</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/attest/compare/v3...v3.1.0">https://github.com/actions/attest/compare/v3...v3.1.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/attest/commit/7667f588f2f73a90cea6c7ac70e78266c4f76616"><code>7667f58</code></a> Create Artifact Metadata Storage Record on registry push (<a href="https://redirect.github.com/actions/attest/issues/313">#313</a>)</li> <li><a href="https://github.com/actions/attest/commit/0512723b049f456232eb06b040bc579727752a6a"><code>0512723</code></a> Bump <code>@actions/core</code> from 1.11.1 to 2.0.1 (<a href="https://redirect.github.com/actions/attest/issues/318">#318</a>)</li> <li><a href="https://github.com/actions/attest/commit/c16e6655b77834c757beac502b8f2013705f92f4"><code>c16e665</code></a> Bump the npm-development group with 5 updates (<a href="https://redirect.github.com/actions/attest/issues/315">#315</a>)</li> <li><a href="https://github.com/actions/attest/commit/3374a04c9f423bc0e4e5560f82ebe38956064fd0"><code>3374a04</code></a> Bump <code>@types/node</code> from 24.10.1 to 25.0.2 (<a href="https://redirect.github.com/actions/attest/issues/317">#317</a>)</li> <li><a href="https://github.com/actions/attest/commit/8ed7eda47c4480c843fdfd8850cbc514a728d335"><code>8ed7eda</code></a> Bump actions/upload-artifact from 5 to 6 (<a href="https://redirect.github.com/actions/attest/issues/314">#314</a>)</li> <li><a href="https://github.com/actions/attest/commit/6440a037b10d2a829cc9882a533f3d9138424c0d"><code>6440a03</code></a> Bump the npm-development group with 2 updates (<a href="https://redirect.github.com/actions/attest/issues/312">#312</a>)</li> <li><a href="https://github.com/actions/attest/commit/70b5d87a50d4136d848a73c7cf376b97b7a70223"><code>70b5d87</code></a> Bump the actions-minor group with 2 updates (<a href="https://redirect.github.com/actions/attest/issues/311">#311</a>)</li> <li><a href="https://github.com/actions/attest/commit/9902fb2594e0b5bbab9995737abd2547cde67f22"><code>9902fb2</code></a> Bump the npm-development group with 2 updates (<a href="https://redirect.github.com/actions/attest/issues/310">#310</a>)</li> <li><a href="https://github.com/actions/attest/commit/32938749009952fa9f8278fe546fd1f7ed2c5eeb"><code>3293874</code></a> Bump actions/checkout from 5.0.1 to 6.0.0 (<a href="https://redirect.github.com/actions/attest/issues/308">#308</a>)</li> <li><a href="https://github.com/actions/attest/commit/88adb8653690c030561da54074f99d467b74741b"><code>88adb86</code></a> Bump the npm-development group with 2 updates (<a href="https://redirect.github.com/actions/attest/issues/307">#307</a>)</li> <li>Additional commits viewable in <a href="https://github.com/actions/attest/compare/daf44fb950173508f38bd2406030372c1d1162b1...7667f588f2f73a90cea6c7ac70e78266c4f76616">compare view</a></li> </ul> </details> <br /> Updates `docker/setup-buildx-action` from 3.11.1 to 3.12.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's releases</a>.</em></p> <blockquote> <h2>v3.12.0</h2> <ul> <li>Deprecate <code>install</code> input by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/455">docker/setup-buildx-action#455</a></li> <li>Bump <code>@docker/actions-toolkit</code> from 0.62.1 to 0.63.0 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/434">docker/setup-buildx-action#434</a></li> <li>Bump brace-expansion from 1.1.11 to 1.1.12 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/436">docker/setup-buildx-action#436</a></li> <li>Bump form-data from 2.5.1 to 2.5.5 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/432">docker/setup-buildx-action#432</a></li> <li>Bump undici from 5.28.4 to 5.29.0 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/435">docker/setup-buildx-action#435</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/setup-buildx-action/compare/v3.11.1...v3.12.0">https://github.com/docker/setup-buildx-action/compare/v3.11.1...v3.12.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/docker/setup-buildx-action/commit/8d2750c68a42422c14e847fe6c8ac0403b4cbd6f"><code>8d2750c</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-buildx-action/issues/455">#455</a> from crazy-max/install-deprecated</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/e81846bcc4416a0bf18b8389e4f6fce279619ddc"><code>e81846b</code></a> deprecate install input</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/65d18f8f8a05aab1b2d761032bec9cd5578caadb"><code>65d18f8</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-buildx-action/issues/454">#454</a> from docker/dependabot/github_actions/actions/checkout-6</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/000d75d273dec231f74115df50b6ee04c9b25e55"><code>000d75d</code></a> build(deps): bump actions/checkout from 5 to 6</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/1583c0f09d26c58c59d25b0eef29792b7ce99d9a"><code>1583c0f</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-buildx-action/issues/443">#443</a> from nicolasleger/patch-1</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/ed158e796328af702db08c75bebb92f2fb10be88"><code>ed158e7</code></a> doc: bump actions/checkout from 4 to 5</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/4cc794f83e4b7488282e879f4469e86246e52ddd"><code>4cc794f</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-buildx-action/issues/441">#441</a> from docker/dependabot/github_actions/actions/checkout-5</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/4dfc3d6c5d9e9534040f8d8b55bd4a98459b62b7"><code>4dfc3d6</code></a> build(deps): bump actions/checkout from 4 to 5</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/af1b253b8dc984466d22633f04ef341c1520ed2f"><code>af1b253</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-buildx-action/issues/440">#440</a> from crazy-max/k3s-build</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/3c6ab92b04d9f3e63233e0e0168ba114c6b448bc"><code>3c6ab92</code></a> ci: k3s test with latest buildx</li> <li>Additional commits viewable in <a href="https://github.com/docker/setup-buildx-action/compare/e468171a9de216ec08956ac3ada2f0791b6bd435...8d2750c68a42422c14e847fe6c8ac0403b4cbd6f">compare view</a></li> </ul> </details> <br /> Updates `github/codeql-action` from 4.31.6 to 4.31.9 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action's releases</a>.</em></p> <blockquote> <h2>v4.31.9</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>4.31.9 - 16 Dec 2025</h2> <p>No user facing changes.</p> <p>See the full <a href="https://github.com/github/codeql-action/blob/v4.31.9/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> <h2>v4.31.8</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>4.31.8 - 11 Dec 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.23.8. <a href="https://redirect.github.com/github/codeql-action/pull/3354">#3354</a></li> </ul> <p>See the full <a href="https://github.com/github/codeql-action/blob/v4.31.8/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> <h2>v4.31.7</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>4.31.7 - 05 Dec 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.23.7. <a href="https://redirect.github.com/github/codeql-action/pull/3343">#3343</a></li> </ul> <p>See the full <a href="https://github.com/github/codeql-action/blob/v4.31.7/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>4.31.9 - 16 Dec 2025</h2> <p>No user facing changes.</p> <h2>4.31.8 - 11 Dec 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.23.8. <a href="https://redirect.github.com/github/codeql-action/pull/3354">#3354</a></li> </ul> <h2>4.31.7 - 05 Dec 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.23.7. <a href="https://redirect.github.com/github/codeql-action/pull/3343">#3343</a></li> </ul> <h2>4.31.6 - 01 Dec 2025</h2> <p>No user facing changes.</p> <h2>4.31.5 - 24 Nov 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.23.6. <a href="https://redirect.github.com/github/codeql-action/pull/3321">#3321</a></li> </ul> <h2>4.31.4 - 18 Nov 2025</h2> <p>No user facing changes.</p> <h2>4.31.3 - 13 Nov 2025</h2> <ul> <li>CodeQL Action v3 will be deprecated in December 2026. The Action now logs a warning for customers who are running v3 but could be running v4. For more information, see <a href="https://github.blog/changelog/2025-10-28-upcoming-deprecation-of-codeql-action-v3/">Upcoming deprecation of CodeQL Action v3</a>.</li> <li>Update default CodeQL bundle version to 2.23.5. <a href="https://redirect.github.com/github/codeql-action/pull/3288">#3288</a></li> </ul> <h2>4.31.2 - 30 Oct 2025</h2> <p>No user facing changes.</p> <h2>4.31.1 - 30 Oct 2025</h2> <ul> <li>The <code>add-snippets</code> input has been removed from the <code>analyze</code> action. This input has been deprecated since CodeQL Action 3.26.4 in August 2024 when this removal was announced.</li> </ul> <h2>4.31.0 - 24 Oct 2025</h2> <ul> <li>Bump minimum CodeQL bundle version to 2.17.6. <a href="https://redirect.github.com/github/codeql-action/pull/3223">#3223</a></li> <li>When SARIF files are uploaded by the <code>analyze</code> or <code>upload-sarif</code> actions, the CodeQL Action automatically performs post-processing steps to prepare the data for the upload. Previously, these post-processing steps were only performed before an upload took place. We are now changing this so that the post-processing steps will always be performed, even when the SARIF files are not uploaded. This does not change anything for the <code>upload-sarif</code> action. For <code>analyze</code>, this may affect Advanced Setup for CodeQL users who specify a value other than <code>always</code> for the <code>upload</code> input. <a href="https://redirect.github.com/github/codeql-action/pull/3222">#3222</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/5d4e8d1aca955e8d8589aabd499c5cae939e33c7"><code>5d4e8d1</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3371">#3371</a> from github/update-v4.31.9-998798e34</li> <li><a href="https://github.com/github/codeql-action/commit/1dc115f17a8c6966e94a6477313dd3df6319bc83"><code>1dc115f</code></a> Update changelog for v4.31.9</li> <li><a href="https://github.com/github/codeql-action/commit/998798e34d79baddb1566c60bbb8f68a901c04e6"><code>998798e</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3352">#3352</a> from github/nickrolfe/jar-min-ff-cleanup</li> <li><a href="https://github.com/github/codeql-action/commit/5eb751966fe18977cdefa4e41e0f90e92801ce90"><code>5eb7519</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3358">#3358</a> from github/henrymercer/database-upload-telemetry</li> <li><a href="https://github.com/github/codeql-action/commit/d29eddb39b7c33171bb0250114b1c9e3ff8fe2bc"><code>d29eddb</code></a> Extract version number to constant</li> <li><a href="https://github.com/github/codeql-action/commit/e9626872ef3347a9c18091d60da647084c2451a6"><code>e962687</code></a> Merge branch 'main' into henrymercer/database-upload-telemetry</li> <li><a href="https://github.com/github/codeql-action/commit/19c7f96922a6269458f2cadcc23faf0ebaa1368b"><code>19c7f96</code></a> Rename <code>isOverlayBase</code></li> <li><a href="https://github.com/github/codeql-action/commit/ae5de9a20d0468cc3818a0dc5c99e456f996d9cf"><code>ae5de9a</code></a> Use <code>getErrorMessage</code> in log too</li> <li><a href="https://github.com/github/codeql-action/commit/0cb86337c5111af4ff3dc7e8f9b98c479c9ea954"><code>0cb8633</code></a> Prefer <code>performance.now()</code></li> <li><a href="https://github.com/github/codeql-action/commit/c07cc0d3a95a282fc5a54477464931c776d124ec"><code>c07cc0d</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3351">#3351</a> from github/henrymercer/ghec-dr-determine-tools-vers...</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/fe4161a26a8629af62121b670040955b330f9af2...5d4e8d1aca955e8d8589aabd499c5cae939e33c7">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-12-29 12:21:08 +00:00
Danny Kopping	11275330a6	chore: revert runner sizes & parallelism from #21091 (#21380 ) The juice wasn't worth the squeeze. We reduced our median run times by 33% but also increased the failure rate. Even if the latter is a misattribution to this change, doubling costs for only a 33% speedup is not worth it. The refactorings from #21091 are worthwhile keeping, so I've just reverted the runner sizes & parallelism to [previous levels](https://github.com/coder/coder/blob/8ed1c1d3720b40a5dcc41c8a17debf93b36d3537/.github/workflows/ci.yaml). --- Before: <img width="2028" height="373" alt="image" src="https://github.com/user-attachments/assets/be527e63-d14d-4bab-ac35-214e7a73c675" /> After: <img width="2040" height="403" alt="image" src="https://github.com/user-attachments/assets/fd834ae6-f310-492a-90c4-814545cda7f5" /> Signed-off-by: Danny Kopping <danny@coder.com>	2025-12-23 11:42:04 +02:00
dependabot[bot]	3f13859ade	ci: bump the github-actions group with 4 updates (#21370 ) Bumps the github-actions group with 4 updates: [step-security/harden-runner](https://github.com/step-security/harden-runner), [actions/cache](https://github.com/actions/cache), [actions/upload-artifact](https://github.com/actions/upload-artifact) and [actions/download-artifact](https://github.com/actions/download-artifact). Updates `step-security/harden-runner` from 2.13.2 to 2.14.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's releases</a>.</em></p> <blockquote> <h2>v2.14.0</h2> <h2>What's Changed</h2> <ul> <li>Selective installation: Harden-Runner now skips installation on GitHub-hosted runners when the repository has a custom property skip_harden_runner, allowing organizations to opt out specific repos.</li> <li>Avoid double install: The action no longer installs Harden-Runner if it’s already present on a GitHub-hosted runner, which could happen when a composite action also installs it.</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2.13.3...v2.14.0">https://github.com/step-security/harden-runner/compare/v2.13.3...v2.14.0</a></p> <h2>v2.13.3</h2> <h2>What's Changed</h2> <ul> <li>Fixed an issue where process events were not uploaded in certain edge cases.</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2.13.2...v2.13.3">https://github.com/step-security/harden-runner/compare/v2.13.2...v2.13.3</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/step-security/harden-runner/commit/20cf305ff2072d973412fa9b1e3a4f227bda3c76"><code>20cf305</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/622">#622</a> from step-security/feature/custom-property-skip</li> <li><a href="https://github.com/step-security/harden-runner/commit/c51e8eeb6c4fdcd08f65e43a051dacdbfaa69702"><code>c51e8ee</code></a> feat: skip agent install and post step on subsequent runs for GitHub-hosted r...</li> <li><a href="https://github.com/step-security/harden-runner/commit/e152b90204c3d85cefa1441b701a47a13ed28bd7"><code>e152b90</code></a> feat: skip harden-runner based on repository custom property</li> <li><a href="https://github.com/step-security/harden-runner/commit/ee1faec052d1000061fa79a13e030db11b3f86bd"><code>ee1faec</code></a> feat: replace skip-harden-runner with skip-on-custom-property input</li> <li><a href="https://github.com/step-security/harden-runner/commit/1dc7c1764659d537dab2a854b8e165a801103eb1"><code>1dc7c17</code></a> feat: add skip-harden-runner input to conditionally skip execution</li> <li><a href="https://github.com/step-security/harden-runner/commit/df199fb7be9f65074067a9eb93f12bb4c5547cf2"><code>df199fb</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/620">#620</a> from step-security/rc-29</li> <li><a href="https://github.com/step-security/harden-runner/commit/03d096a772368b1f0222005a6899d3e35a7f62df"><code>03d096a</code></a> update agent</li> <li><a href="https://github.com/step-security/harden-runner/commit/40901073af04afd40408833437092a7467798f33"><code>4090107</code></a> fix: update agent</li> <li>See full diff in <a href="https://github.com/step-security/harden-runner/compare/95d9a5deda9de15063e7595e9719c11c38c90ae2...20cf305ff2072d973412fa9b1e3a4f227bda3c76">compare view</a></li> </ul> </details> <br /> Updates `actions/cache` from 4.3.0 to 5.0.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/cache/releases">actions/cache's releases</a>.</em></p> <blockquote> <h2>v5.0.1</h2> <blockquote> <p>[!IMPORTANT] <strong><code>actions/cache@v5</code> runs on the Node.js 24 runtime and requires a minimum Actions Runner version of <code>2.327.1</code>.</strong></p> <p>If you are using self-hosted runners, ensure they are updated before upgrading.</p> </blockquote> <hr /> <h1>v5.0.1</h1> <h2>What's Changed</h2> <ul> <li>fix: update <code>@actions/cache</code> for Node.js 24 punycode deprecation by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1685">actions/cache#1685</a></li> <li>prepare release v5.0.1 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1686">actions/cache#1686</a></li> </ul> <h1>v5.0.0</h1> <h2>What's Changed</h2> <ul> <li>Upgrade to use node24 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1630">actions/cache#1630</a></li> <li>Prepare v5.0.0 release by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1684">actions/cache#1684</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/cache/compare/v5...v5.0.1">https://github.com/actions/cache/compare/v5...v5.0.1</a></p> <h2>v5.0.0</h2> <blockquote> <p>[!IMPORTANT] <strong><code>actions/cache@v5</code> runs on the Node.js 24 runtime and requires a minimum Actions Runner version of <code>2.327.1</code>.</strong></p> <p>If you are using self-hosted runners, ensure they are updated before upgrading.</p> </blockquote> <hr /> <h2>What's Changed</h2> <ul> <li>Upgrade to use node24 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1630">actions/cache#1630</a></li> <li>Prepare v5.0.0 release by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1684">actions/cache#1684</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/cache/compare/v4.3.0...v5.0.0">https://github.com/actions/cache/compare/v4.3.0...v5.0.0</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/cache/blob/main/RELEASES.md">actions/cache's changelog</a>.</em></p> <blockquote> <h1>Releases</h1> <h2>Changelog</h2> <h3>5.0.1</h3> <ul> <li>Update <code>@azure/storage-blob</code> to <code>^12.29.1</code> via <code>@actions/cache@5.0.1</code> <a href="https://redirect.github.com/actions/cache/pull/1685">#1685</a></li> </ul> <h3>5.0.0</h3> <blockquote> <p>[!IMPORTANT] <code>actions/cache@v5</code> runs on the Node.js 24 runtime and requires a minimum Actions Runner version of <code>2.327.1</code>. If you are using self-hosted runners, ensure they are updated before upgrading.</p> </blockquote> <h3>4.3.0</h3> <ul> <li>Bump <code>@actions/cache</code> to <a href="https://redirect.github.com/actions/toolkit/pull/2132">v4.1.0</a></li> </ul> <h3>4.2.4</h3> <ul> <li>Bump <code>@actions/cache</code> to v4.0.5</li> </ul> <h3>4.2.3</h3> <ul> <li>Bump <code>@actions/cache</code> to v4.0.3 (obfuscates SAS token in debug logs for cache entries)</li> </ul> <h3>4.2.2</h3> <ul> <li>Bump <code>@actions/cache</code> to v4.0.2</li> </ul> <h3>4.2.1</h3> <ul> <li>Bump <code>@actions/cache</code> to v4.0.1</li> </ul> <h3>4.2.0</h3> <p>TLDR; The cache backend service has been rewritten from the ground up for improved performance and reliability. <a href="https://github.com/actions/cache">actions/cache</a> now integrates with the new cache service (v2) APIs.</p> <p>The new service will gradually roll out as of <strong>February 1st, 2025</strong>. The legacy service will also be sunset on the same date. Changes in these release are <strong>fully backward compatible</strong>.</p> <p><strong>We are deprecating some versions of this action</strong>. We recommend upgrading to version <code>v4</code> or <code>v3</code> as soon as possible before <strong>February 1st, 2025.</strong> (Upgrade instructions below).</p> <p>If you are using pinned SHAs, please use the SHAs of versions <code>v4.2.0</code> or <code>v3.4.0</code></p> <p>If you do not upgrade, all workflow runs using any of the deprecated <a href="https://github.com/actions/cache">actions/cache</a> will fail.</p> <p>Upgrading to the recommended versions will not break your workflows.</p> <h3>4.1.2</h3> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/cache/commit/9255dc7a253b0ccc959486e2bca901246202afeb"><code>9255dc7</code></a> Merge pull request <a href="https://redirect.github.com/actions/cache/issues/1686">#1686</a> from actions/cache-v5.0.1-release</li> <li><a href="https://github.com/actions/cache/commit/8ff5423e8b66eacab4e638ee52abbd2cb831366a"><code>8ff5423</code></a> chore: release v5.0.1</li> <li><a href="https://github.com/actions/cache/commit/9233019a152bc768059ac1768b8e4403b5da16c1"><code>9233019</code></a> Merge pull request <a href="https://redirect.github.com/actions/cache/issues/1685">#1685</a> from salmanmkc/node24-storage-blob-fix</li> <li><a href="https://github.com/actions/cache/commit/b975f2bb844529e1063ad882c609b224bcd66eb6"><code>b975f2b</code></a> fix: add peer property to package-lock.json for dependencies</li> <li><a href="https://github.com/actions/cache/commit/d0a0e1813491d01d574c95f8d189f62622bbb2ae"><code>d0a0e18</code></a> fix: update license files for <code>@actions/cache</code>, fast-xml-parser, and strnum</li> <li><a href="https://github.com/actions/cache/commit/74de208dcfcbe85c0e7154e7b17e4105fe2554ff"><code>74de208</code></a> fix: update <code>@actions/cache</code> to ^5.0.1 for Node.js 24 punycode fix</li> <li><a href="https://github.com/actions/cache/commit/ac7f1152ead02e89c14b5456d14ab17591e74cfb"><code>ac7f115</code></a> peer</li> <li><a href="https://github.com/actions/cache/commit/b0f846b50b6061d7a2ca6f1a2fea61d4a65d1a16"><code>b0f846b</code></a> fix: update <code>@actions/cache</code> with storage-blob fix for Node.js 24 punycode depr...</li> <li><a href="https://github.com/actions/cache/commit/a7833574556fa59680c1b7cb190c1735db73ebf0"><code>a783357</code></a> Merge pull request <a href="https://redirect.github.com/actions/cache/issues/1684">#1684</a> from actions/prepare-cache-v5-release</li> <li><a href="https://github.com/actions/cache/commit/3bb0d78750a39cefce0c2b5a0a9801052b4359ad"><code>3bb0d78</code></a> docs: highlight v5 runner requirement in releases</li> <li>Additional commits viewable in <a href="https://github.com/actions/cache/compare/0057852bfaa89a56745cba8c7296529d2fc39830...9255dc7a253b0ccc959486e2bca901246202afeb">compare view</a></li> </ul> </details> <br /> Updates `actions/upload-artifact` from 5.0.0 to 6.0.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's releases</a>.</em></p> <blockquote> <h2>v6.0.0</h2> <h2>v6 - What's new</h2> <blockquote> <p>[!IMPORTANT] actions/upload-artifact@v6 now runs on Node.js 24 (<code>runs.using: node24</code>) and requires a minimum Actions Runner version of 2.327.1. If you are using self-hosted runners, ensure they are updated before upgrading.</p> </blockquote> <h3>Node.js 24</h3> <p>This release updates the runtime to Node.js 24. v5 had preliminary support for Node.js 24, however this action was by default still running on Node.js 20. Now this action by default will run on Node.js 24.</p> <h2>What's Changed</h2> <ul> <li>Upload Artifact Node 24 support by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/719">actions/upload-artifact#719</a></li> <li>fix: update <code>@actions/artifact</code> for Node.js 24 punycode deprecation by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/744">actions/upload-artifact#744</a></li> <li>prepare release v6.0.0 for Node.js 24 support by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/745">actions/upload-artifact#745</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/upload-artifact/compare/v5.0.0...v6.0.0">https://github.com/actions/upload-artifact/compare/v5.0.0...v6.0.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/upload-artifact/commit/b7c566a772e6b6bfb58ed0dc250532a479d7789f"><code>b7c566a</code></a> Merge pull request <a href="https://redirect.github.com/actions/upload-artifact/issues/745">#745</a> from actions/upload-artifact-v6-release</li> <li><a href="https://github.com/actions/upload-artifact/commit/e516bc8500aaf3d07d591fcd4ae6ab5f9c391d5b"><code>e516bc8</code></a> docs: correct description of Node.js 24 support in README</li> <li><a href="https://github.com/actions/upload-artifact/commit/ddc45ed9bca9b38dbd643978d88e3981cdc91415"><code>ddc45ed</code></a> docs: update README to correct action name for Node.js 24 support</li> <li><a href="https://github.com/actions/upload-artifact/commit/615b319bd27bb32c3d64dca6b6ed6974d5fbe653"><code>615b319</code></a> chore: release v6.0.0 for Node.js 24 support</li> <li><a href="https://github.com/actions/upload-artifact/commit/017748b48f8610ca8e6af1222f4a618e84a9c703"><code>017748b</code></a> Merge pull request <a href="https://redirect.github.com/actions/upload-artifact/issues/744">#744</a> from actions/fix-storage-blob</li> <li><a href="https://github.com/actions/upload-artifact/commit/38d4c7997f5510fcc41fc4aae2a6b97becdbe7fc"><code>38d4c79</code></a> chore: rebuild dist</li> <li><a href="https://github.com/actions/upload-artifact/commit/7d27270e0cfd253e666c44abac0711308d2d042f"><code>7d27270</code></a> chore: add missing license cache files for <code>@actions/core</code>, <code>@actions/io</code>, and mi...</li> <li><a href="https://github.com/actions/upload-artifact/commit/5f643d3c9475505ccaf26d686ffbfb71a8387261"><code>5f643d3</code></a> chore: update license files for <code>@actions/artifact</code><a href="https://github.com/5"><code>@5</code></a>.0.1 dependencies</li> <li><a href="https://github.com/actions/upload-artifact/commit/1df1684032c88614064493e1a0478fcb3583e1d0"><code>1df1684</code></a> chore: update package-lock.json with <code>@actions/artifact</code><a href="https://github.com/5"><code>@5</code></a>.0.1</li> <li><a href="https://github.com/actions/upload-artifact/commit/b5b1a918401ee270935b6b1d857ae66c85f3be6f"><code>b5b1a91</code></a> fix: update <code>@actions/artifact</code> to ^5.0.0 for Node.js 24 punycode fix</li> <li>Additional commits viewable in <a href="https://github.com/actions/upload-artifact/compare/330a01c490aca151604b8cf639adc76d48f6c5d4...b7c566a772e6b6bfb58ed0dc250532a479d7789f">compare view</a></li> </ul> </details> <br /> Updates `actions/download-artifact` from 6.0.0 to 7.0.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/download-artifact/releases">actions/download-artifact's releases</a>.</em></p> <blockquote> <h2>v7.0.0</h2> <h2>v7 - What's new</h2> <blockquote> <p>[!IMPORTANT] actions/download-artifact@v7 now runs on Node.js 24 (<code>runs.using: node24</code>) and requires a minimum Actions Runner version of 2.327.1. If you are using self-hosted runners, ensure they are updated before upgrading.</p> </blockquote> <h3>Node.js 24</h3> <p>This release updates the runtime to Node.js 24. v6 had preliminary support for Node 24, however this action was by default still running on Node.js 20. Now this action by default will run on Node.js 24.</p> <h2>What's Changed</h2> <ul> <li>Update GHES guidance to include reference to Node 20 version by <a href="https://github.com/patrikpolyak"><code>@patrikpolyak</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/440">actions/download-artifact#440</a></li> <li>Download Artifact Node24 support by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/415">actions/download-artifact#415</a></li> <li>fix: update <code>@actions/artifact</code> to fix Node.js 24 punycode deprecation by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/451">actions/download-artifact#451</a></li> <li>prepare release v7.0.0 for Node.js 24 support by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/452">actions/download-artifact#452</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/patrikpolyak"><code>@patrikpolyak</code></a> made their first contribution in <a href="https://redirect.github.com/actions/download-artifact/pull/440">actions/download-artifact#440</a></li> <li><a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> made their first contribution in <a href="https://redirect.github.com/actions/download-artifact/pull/415">actions/download-artifact#415</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/download-artifact/compare/v6.0.0...v7.0.0">https://github.com/actions/download-artifact/compare/v6.0.0...v7.0.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/download-artifact/commit/37930b1c2abaa49bbe596cd826c3c89aef350131"><code>37930b1</code></a> Merge pull request <a href="https://redirect.github.com/actions/download-artifact/issues/452">#452</a> from actions/download-artifact-v7-release</li> <li><a href="https://github.com/actions/download-artifact/commit/72582b9e0acd370909e83fa4a1fd0fca3ad452d8"><code>72582b9</code></a> doc: update readme</li> <li><a href="https://github.com/actions/download-artifact/commit/0d2ec9d4cbcefe257d822f108de2a1f15f8da9f6"><code>0d2ec9d</code></a> chore: release v7.0.0 for Node.js 24 support</li> <li><a href="https://github.com/actions/download-artifact/commit/fd7ae8fda6dc16277a9ffbc91cdb0eedf156e912"><code>fd7ae8f</code></a> Merge pull request <a href="https://redirect.github.com/actions/download-artifact/issues/451">#451</a> from actions/fix-storage-blob</li> <li><a href="https://github.com/actions/download-artifact/commit/d484700543354b15886d6a52910cf61b7f1d2b27"><code>d484700</code></a> chore: restore minimatch.dep.yml license file</li> <li><a href="https://github.com/actions/download-artifact/commit/03a808050efe42bb6ad85281890afd4e4546672c"><code>03a8080</code></a> chore: remove obsolete dependency license files</li> <li><a href="https://github.com/actions/download-artifact/commit/56fe6d904b0968950f8b68ea17774c54973ed5e2"><code>56fe6d9</code></a> chore: update <code>@actions/artifact</code> license file to 5.0.1</li> <li><a href="https://github.com/actions/download-artifact/commit/8e3ebc4ab4d2e095e5eb44ba1a4a53b6b03976ad"><code>8e3ebc4</code></a> chore: update package-lock.json with <code>@actions/artifact</code><a href="https://github.com/5"><code>@5</code></a>.0.1</li> <li><a href="https://github.com/actions/download-artifact/commit/1e3c4b4d4906c98ab57453c24efefdf16c078044"><code>1e3c4b4</code></a> fix: update <code>@actions/artifact</code> to ^5.0.0 for Node.js 24 punycode fix</li> <li><a href="https://github.com/actions/download-artifact/commit/458627d354794c71bc386c8d5839d20b5885fe2a"><code>458627d</code></a> chore: use local <code>@actions/artifact</code> package for Node.js 24 testing</li> <li>Additional commits viewable in <a href="https://github.com/actions/download-artifact/compare/018cc2cf5baa6db3ef3c5f8a56943fffe632ef53...37930b1c2abaa49bbe596cd826c3c89aef350131">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-12-22 12:32:48 +00:00
Mathias Fredriksson	089b67761a	ci: remove start-workspace workflow (deprecated) (#21291 ) This workflow is no longer used and can be removed. Refs #21023	2025-12-16 18:14:30 +02:00
Kacper Sawicki	134924ded0	ci: add fallback for helm install when get.helm.sh is down (#21268 ) Add a fallback step that installs helm via apt from Buildkite's repository if the primary `azure/setup-helm` action fails. This makes CI resilient to `get.helm.sh` outages while preserving the caching benefits of the action when it works. ## Changes - Primary: `azure/setup-helm` with `continue-on-error: true` - Fallback: apt install from Buildkite's helm-debian repository (only runs if primary fails) The fallback uses GPG-signed packages from the [official Helm apt repository](https://helm.sh/docs/intro/install/#from-apt-debianubuntu) hosted by Buildkite. ## Background On Oct 29, 2025, `get.helm.sh` experienced an outage that broke CI. A workaround was applied (#20552) but later reverted. This PR makes the workaround automatic - it only kicks in when needed. Fixes: https://github.com/coder/internal/issues/1109	2025-12-16 12:20:35 +01:00

1 2 3 4 5 ...

926 Commits