Mend Renovate
b05b86b3a0
[Github] Update GHA Dependencies ( #173804 )
...
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
|
[EnricoMi/publish-unit-test-result-action](https://redirect.github.com/EnricoMi/publish-unit-test-result-action )
| action | minor | `v2.21.0` → `v2.22.0` |
|
[actions/attest-build-provenance](https://redirect.github.com/actions/attest-build-provenance )
| action | minor | `v3.0.0` → `v3.1.0` |
| ghcr.io/llvm/ci-ubuntu-24.04-abi-tests | container | digest |
`9138b6a` → `ef869c1` |
|
[github/codeql-action](https://redirect.github.com/github/codeql-action )
| action | patch | `v4.31.6` → `v4.31.9` |
| llvm/actions | action | digest | `5dd9550` → `89a8cf8` |
|
[tj-actions/changed-files](https://redirect.github.com/tj-actions/changed-files )
| action | patch | `v47.0.0` → `v47.0.1` |
2025-12-31 10:49:59 -08:00
Mend Renovate
f0408c72ec
[Github] Update GitHub Artifact Actions (major) ( #173805 )
...
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
|
[actions/download-artifact](https://redirect.github.com/actions/download-artifact )
| action | major | `v6.0.0` → `v7.0.0` |
|
[actions/upload-artifact](https://redirect.github.com/actions/upload-artifact )
| action | major | `v5.0.0` → `v6.0.0` |
|
[actions/upload-artifact](https://redirect.github.com/actions/upload-artifact )
| action | major | `5.0.0` → `6.0.0` |
2025-12-31 10:02:18 -08:00
Mend Renovate
f1af9b027e
Update [Github] Update GHA Dependencies ( #171064 )
...
This PR contains the following updates:
| Package | Type | Update | Change | Pending |
|---|---|---|---|---|
| [actions/checkout](https://redirect.github.com/actions/checkout ) |
action | patch | `v6.0.0` -> `v6.0.1` | |
| [actions/setup-node](https://redirect.github.com/actions/setup-node ) |
action | minor | `v6.0.0` -> `v6.1.0` | |
|
[github/codeql-action](https://redirect.github.com/github/codeql-action )
| action | patch | `v4.31.5` -> `v4.31.6` | `v4.31.7` |
2025-12-08 06:06:43 -08:00
Mend Renovate
196f6de75a
Update actions/checkout action to v6 ( #169258 )
...
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| [actions/checkout](https://redirect.github.com/actions/checkout ) |
action | major | `v5.0.0` -> `v6.0.0` |
2025-11-24 17:27:20 -08:00
Mend Renovate
2fd3bf3680
[Github] Update GHA Dependencies (major) ( #161108 )
...
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
|
[actions/attest-build-provenance](https://redirect.github.com/actions/attest-build-provenance )
| action | major | `v1.4.4` -> `v3.0.0` |
| [actions/checkout](https://redirect.github.com/actions/checkout ) |
action | major | `v4.3.0` -> `v5.0.0` |
|
[actions/github-script](https://redirect.github.com/actions/github-script )
| action | major | `v7.1.0` -> `v8.0.0` |
|
[actions/github-script](https://redirect.github.com/actions/github-script )
| action | major | `v6.4.1` -> `v8.0.0` |
| [actions/labeler](https://redirect.github.com/actions/labeler ) |
action | major | `v4.3.0` -> `v6.0.1` |
| [actions/setup-node](https://redirect.github.com/actions/setup-node ) |
action | major | `v4.4.0` -> `v6.0.0` |
|
[actions/setup-python](https://redirect.github.com/actions/setup-python )
| action | major | `v5.6.0` -> `v6.0.0` |
|
[github/codeql-action](https://redirect.github.com/github/codeql-action )
| action | major | `v2.28.1` -> `v4.31.2` |
|
[github/codeql-action](https://redirect.github.com/github/codeql-action )
| action | major | `v3.31.2` -> `v4.31.2` |
| [node](https://redirect.github.com/actions/node-versions ) | uses-with
| major | `18` -> `24` |
|
[tj-actions/changed-files](https://redirect.github.com/tj-actions/changed-files )
| action | major | `v46.0.5` -> `v47.0.0` |
2025-11-06 15:39:56 -08:00
Mend Renovate
210b9a58f6
[Github] Update GitHub Artifact Actions (major) ( #166112 )
...
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
|
[actions/download-artifact](https://redirect.github.com/actions/download-artifact )
| action | major | `v5.0.0` -> `v6.0.0` |
|
[actions/upload-artifact](https://redirect.github.com/actions/upload-artifact )
| action | major | `v4.6.2` -> `v5.0.0` |
|
[actions/upload-artifact](https://redirect.github.com/actions/upload-artifact )
| action | major | `4.6.2` -> `5.0.0` |
2025-11-06 09:17:50 -08:00
Baranov Victor
e68cf1ebcf
[GitHub][CI] Remove 'Set Safe Directory' step ( #165052 )
2025-10-25 01:57:21 +03:00
Aiden Grossman
145f21cfe3
[Github] Make pr-code-format.yml use ci-*-format container ( #163044 )
...
This allows us to not spend 60-90s per job installing all of the tools
as they are prebuilt into the container.
2025-10-14 06:10:50 -07:00
Mend Renovate
250854d376
[Github] Update GHA Dependencies ( #161107 )
...
This PR contains the following updates:
| Package | Type | Update | Change | Pending |
|---|---|---|---|---|
|
[EnricoMi/publish-unit-test-result-action](https://redirect.github.com/EnricoMi/publish-unit-test-result-action )
| action | digest | `170bf24` -> `3a74b29` | |
|
[actions/attest-build-provenance](https://redirect.github.com/actions/attest-build-provenance )
| action | minor | `v1.0.0` -> `v1.4.4` | |
| [actions/checkout](https://redirect.github.com/actions/checkout ) |
action | minor | `v4.1.1` -> `v4.3.0` | |
|
[actions/github-script](https://redirect.github.com/actions/github-script )
| action | minor | `v7.0.1` -> `v7.1.0` | |
| [actions/setup-node](https://redirect.github.com/actions/setup-node ) |
action | minor | `v4.2.0` -> `v4.4.0` | |
|
[actions/setup-python](https://redirect.github.com/actions/setup-python )
| action | minor | `v5.4.0` -> `v5.6.0` | |
| actions/setup-python | action | digest | `39cd149` -> `2e3e4b1` | |
|
[actions/upload-artifact](https://redirect.github.com/actions/upload-artifact )
| action | patch | `v4.6.0` -> `v4.6.2` | |
|
[actions/upload-artifact](https://redirect.github.com/actions/upload-artifact )
| action | minor | `v4.3.3` -> `v4.6.2` | |
|
[actions/upload-artifact](https://redirect.github.com/actions/upload-artifact )
| action | patch | `4.6.0` -> `4.6.2` | |
|
[actions/upload-artifact](https://redirect.github.com/actions/upload-artifact )
| action | minor | `v4.3.0` -> `v4.6.2` | |
| [aminya/setup-cpp](https://redirect.github.com/aminya/setup-cpp ) |
action | minor | `v1.1.1` -> `v1.7.1` | |
| [docker/login-action](https://redirect.github.com/docker/login-action )
| action | minor | `v3.3.0` -> `v3.5.0` | |
|
[github/codeql-action](https://redirect.github.com/github/codeql-action )
| action | minor | `v2.20.6` -> `v2.28.1` | |
|
[github/codeql-action](https://redirect.github.com/github/codeql-action )
| action | patch | `v3.30.3` -> `v3.30.4` | `v3.30.5` |
|
[hendrikmuhs/ccache-action](https://redirect.github.com/hendrikmuhs/ccache-action )
| action | patch | `v1.2.17` -> `v1.2.19` | |
| llvm/actions | action | digest | `22e9f90` -> `a1ea791` | |
|
[ossf/scorecard-action](https://redirect.github.com/ossf/scorecard-action )
| action | patch | `v2.4.1` -> `v2.4.2` | |
|
[pypa/gh-action-pypi-publish](https://redirect.github.com/pypa/gh-action-pypi-publish )
| action | minor | `v1.12.4` -> `v1.13.0` | |
| [python](https://redirect.github.com/actions/python-versions ) |
uses-with | minor | `3.12` -> `3.13` | |
| [python](https://redirect.github.com/actions/python-versions ) |
uses-with | minor | `3.11` -> `3.13` | |
| [python](https://redirect.github.com/actions/python-versions ) |
uses-with | minor | `3.10` -> `3.13` | |
---
> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.
---
### Release Notes
<details>
<summary>actions/attest-build-provenance
(actions/attest-build-provenance)</summary>
###
[`v1.4.4`](https://redirect.github.com/actions/attest-build-provenance/releases/tag/v1.4.4 )
[Compare
Source](https://redirect.github.com/actions/attest-build-provenance/compare/v1.4.3...v1.4.4 )
##### What's Changed
- Bump predicate action from 1.1.3 to 1.1.4 by
[@​bdehamer](https://redirect.github.com/bdehamer ) in
[#​310](https://redirect.github.com/actions/attest-build-provenance/pull/310 )
- Bump [@​actions/core](https://redirect.github.com/actions/core )
from 1.10.1 to 1.11.1 by
[@​dependabot](https://redirect.github.com/dependabot ) in
[#​275](https://redirect.github.com/actions/attest-build-provenance/pull/275 )
- Bump
[@​actions/attest](https://redirect.github.com/actions/attest )
from 1.4.2 to 1.5.0 by
[@​bdehamer](https://redirect.github.com/bdehamer ) in
[#​309](https://redirect.github.com/actions/attest-build-provenance/pull/309 )
- Fix SLSA provenance bug related to `workflow_ref` OIDC token claims
containing the "@​" symbol in the tag name
([actions/toolkit#1863 ](https://redirect.github.com/actions/toolkit/pull/1863 ))
**Full Changelog**:
<https://github.com/actions/attest-build-provenance/compare/v1.4.3...v1.4.4 >
###
[`v1.4.3`](https://redirect.github.com/actions/attest-build-provenance/releases/tag/v1.4.3 )
[Compare
Source](https://redirect.github.com/actions/attest-build-provenance/compare/v1.4.2...v1.4.3 )
##### What's Changed
- Bump predicate from 1.1.2 to 1.1.3 by
[@​bdehamer](https://redirect.github.com/bdehamer ) in
[#​226](https://redirect.github.com/actions/attest-build-provenance/pull/226 )
- Bump
[@​actions/attest](https://redirect.github.com/actions/attest )
from 1.3.1 to 1.4.1 by
[@​dependabot](https://redirect.github.com/dependabot ) in
[#​212](https://redirect.github.com/actions/attest-build-provenance/pull/212 )
- Bump
[@​actions/attest](https://redirect.github.com/actions/attest )
from 1.4.1 to 1.4.2 by
[@​bdehamer](https://redirect.github.com/bdehamer ) in
[#​225](https://redirect.github.com/actions/attest-build-provenance/pull/225 )
- Fix bug w/ customized OIDC issuer URL for enterprise accounts
([#​222](https://redirect.github.com/actions/attest-build-provenance/issues/222 ))
**Full Changelog**:
<https://github.com/actions/attest-build-provenance/compare/v1.4.2...v1.4.3 >
###
[`v1.4.2`](https://redirect.github.com/actions/attest-build-provenance/releases/tag/v1.4.2 )
[Compare
Source](https://redirect.github.com/actions/attest-build-provenance/compare/v1.4.1...v1.4.2 )
##### What's Changed
- Bump actions/attest from 1.4.0 to 1.4.1 by
[@​bdehamer](https://redirect.github.com/bdehamer ) in
[#​209](https://redirect.github.com/actions/attest-build-provenance/pull/209 )
- Includes bug fix for issue with authenticated proxies
([actions/toolkit#1798 ](https://redirect.github.com/actions/toolkit/issues/1798 ))
**Full Changelog**:
<https://github.com/actions/attest-build-provenance/compare/v1.4.1...v1.4.2 >
###
[`v1.4.1`](https://redirect.github.com/actions/attest-build-provenance/releases/tag/v1.4.1 )
[Compare
Source](https://redirect.github.com/actions/attest-build-provenance/compare/v1.4.0...v1.4.1 )
##### What's Changed
- Update predicate action to 1.1.2 by
[@​bdehamer](https://redirect.github.com/bdehamer ) in
[#​197](https://redirect.github.com/actions/attest-build-provenance/pull/197 )
- Dynamic construction of oidc issuer by
[@​bdehamer](https://redirect.github.com/bdehamer ) in
[#​195](https://redirect.github.com/actions/attest-build-provenance/pull/195 )
**Full Changelog**:
<https://github.com/actions/attest-build-provenance/compare/v1.4.0...v1.4.1 >
###
[`v1.4.0`](https://redirect.github.com/actions/attest-build-provenance/releases/tag/v1.4.0 )
[Compare
Source](https://redirect.github.com/actions/attest-build-provenance/compare/v1.3.3...v1.4.0 )
##### What's Changed
- Bump predicate action from 1.1.0 to 1.1.1 by
[@​bdehamer](https://redirect.github.com/bdehamer ) in
[#​182](https://redirect.github.com/actions/attest-build-provenance/pull/182 )
- Fix for JWKS proxy bug
- Bump actions/attest from 1.3.3 to 1.4.0 by
[@​bdehamer](https://redirect.github.com/bdehamer ) in
[#​183](https://redirect.github.com/actions/attest-build-provenance/pull/183 )
- Add `show-summary` input
- Format summary output as list
**Full Changelog**:
<https://github.com/actions/attest-build-provenance/compare/v1.3.3...v1.4.0 >
###
[`v1.3.3`](https://redirect.github.com/actions/attest-build-provenance/releases/tag/v1.3.3 )
[Compare
Source](https://redirect.github.com/actions/attest-build-provenance/compare/v1.3.2...v1.3.3 )
##### What's Changed
- Bump actions/attest from 1.3.2 to 1.3.3 by
[@​bdehamer](https://redirect.github.com/bdehamer ) in
[#​152](https://redirect.github.com/actions/attest-build-provenance/pull/152 )
- Bugfix for properly handling glob exclusion patterns in `subject-path`
input
**Full Changelog**:
<https://github.com/actions/attest-build-provenance/compare/v1.3.2...v1.3.3 >
###
[`v1.3.2`](https://redirect.github.com/actions/attest-build-provenance/releases/tag/v1.3.2 )
[Compare
Source](https://redirect.github.com/actions/attest-build-provenance/compare/v1.3.1...v1.3.2 )
##### What's Changed
- Bump actions/attest from 1.3.1 to 1.3.2 by
[@​bdehamer](https://redirect.github.com/bdehamer ) in
[#​123](https://redirect.github.com/actions/attest-build-provenance/pull/123 )
- Increase timeout for OCI operations
**Full Changelog**:
<https://github.com/actions/attest-build-provenance/compare/v1.3.1...v1.3.2 >
###
[`v1.3.1`](https://redirect.github.com/actions/attest-build-provenance/releases/tag/v1.3.1 )
[Compare
Source](https://redirect.github.com/actions/attest-build-provenance/compare/v1.3.0...v1.3.1 )
##### What's Changed
- Bump actions/attest from 1.3.0 to 1.3.1 by
[@​bdehamer](https://redirect.github.com/bdehamer ) in
[#​117](https://redirect.github.com/actions/attest-build-provenance/pull/117 )
- Bugfix when detecting support for the referrers API with OCI
registries
**Full Changelog**:
<https://github.com/actions/attest-build-provenance/compare/v1.3.0...v1.3.1 >
###
[`v1.3.0`](https://redirect.github.com/actions/attest-build-provenance/releases/tag/v1.3.0 )
[Compare
Source](https://redirect.github.com/actions/attest-build-provenance/compare/v1.2.0...v1.3.0 )
##### What's Changed
- Bump actions/attest-build-provenance/predicate from 1.0.0 to 1.1.0 by
[@​bdehamer](https://redirect.github.com/bdehamer ) in
[#​116](https://redirect.github.com/actions/attest-build-provenance/pull/116 )
- Switch to new GH provenance [build
type](https://actions.github.io/buildtypes/workflow/v1 )
- Bump actions/attest from 1.2.0 to 1.3.0 by
[@​bdehamer](https://redirect.github.com/bdehamer ) in
[#​116](https://redirect.github.com/actions/attest-build-provenance/pull/116 )
- Dynamic construction of GitHub API URLs based on GITHUB\_SERVER\_URL
- Improved handling of Rekor 409 responses
- Bugfix - detection of registries with support for the OCI referrers
API
**Full Changelog**:
<https://github.com/actions/attest-build-provenance/compare/v1.2.0...v1.3.0 >
###
[`v1.2.0`](https://redirect.github.com/actions/attest-build-provenance/releases/tag/v1.2.0 )
[Compare
Source](https://redirect.github.com/actions/attest-build-provenance/compare/v1.1.2...v1.2.0 )
##### What's Changed
- Bump actions/attest from 1.1.2 to 1.2.0 by
[@​bdehamer](https://redirect.github.com/bdehamer ) in
[#​101](https://redirect.github.com/actions/attest-build-provenance/pull/101 )
- Batch processing w/ exponential backoff
- Bugfix when pushing attestation to OCI registry
**Full Changelog**:
<https://github.com/actions/attest-build-provenance/compare/v1.1.2...v1.2.0 >
###
[`v1.1.2`](https://redirect.github.com/actions/attest-build-provenance/releases/tag/v1.1.2 )
[Compare
Source](https://redirect.github.com/actions/attest-build-provenance/compare/v1.1.1...v1.1.2 )
##### What's Changed
- Bump actions/attest from 1.1.1 to 1.1.2 by
[@​bdehamer](https://redirect.github.com/bdehamer ) in
[#​79](https://redirect.github.com/actions/attest-build-provenance/pull/79 )
- Downcase subject name for OCI images
- Fix accept header when retrieving image manifest
- Support variants of the Docker Hub registry name
**Full Changelog**:
<https://github.com/actions/attest-build-provenance/compare/v1.1.1...v1.1.2 >
###
[`v1.1.1`](https://redirect.github.com/actions/attest-build-provenance/releases/tag/v1.1.1 )
[Compare
Source](https://redirect.github.com/actions/attest-build-provenance/compare/v1.1.0...v1.1.1 )
##### What's Changed
- Bump actions/attest from v1.1.0 to v1.1.1 by
[@​bdehamer](https://redirect.github.com/bdehamer ) in
[#​67](https://redirect.github.com/actions/attest-build-provenance/pull/67 )
- Bump
[@​sigstore/sign](https://redirect.github.com/sigstore/sign ) from
2.3.0 to 2.3.1
- Bump [@​sigstore/oci](https://redirect.github.com/sigstore/oci )
from 0.3.0 to 0.3.2
- Include more detail in error logging
- Send API errors to GHA debug log
- Fix bug preventing failed API requests from being retried
**Full Changelog**:
<https://github.com/actions/attest-build-provenance/compare/v1.1.0...v1.1.1 >
###
[`v1.1.0`](https://redirect.github.com/actions/attest-build-provenance/releases/tag/v1.1.0 )
[Compare
Source](https://redirect.github.com/actions/attest-build-provenance/compare/v1.0.0...v1.1.0 )
##### What's Changed
- Bump actions/attest to v1.1.0 by
[@​bdehamer](https://redirect.github.com/bdehamer ) in
[#​65](https://redirect.github.com/actions/attest-build-provenance/pull/65 )
- adds list support for `subjectPath` input
- limit attestation subject count
- ensure subject globs match only files
**Full Changelog**:
<https://github.com/actions/attest-build-provenance/compare/v1.0.0...v1.1.0 >
</details>
<details>
<summary>actions/checkout (actions/checkout)</summary>
###
[`v4.3.0`](https://redirect.github.com/actions/checkout/releases/tag/v4.3.0 )
[Compare
Source](https://redirect.github.com/actions/checkout/compare/v4.2.2...v4.3.0 )
##### What's Changed
- docs: update README.md by
[@​motss](https://redirect.github.com/motss ) in
[https://github.com/actions/checkout/pull/1971 ](https://redirect.github.com/actions/checkout/pull/1971 )
- Add internal repos for checking out multiple repositories by
[@​mouismail](https://redirect.github.com/mouismail ) in
[https://github.com/actions/checkout/pull/1977 ](https://redirect.github.com/actions/checkout/pull/1977 )
- Documentation update - add recommended permissions to Readme by
[@​benwells](https://redirect.github.com/benwells ) in
[https://github.com/actions/checkout/pull/2043 ](https://redirect.github.com/actions/checkout/pull/2043 )
- Adjust positioning of user email note and permissions heading by
[@​joshmgross](https://redirect.github.com/joshmgross ) in
[https://github.com/actions/checkout/pull/2044 ](https://redirect.github.com/actions/checkout/pull/2044 )
- Update README.md by
[@​nebuk89](https://redirect.github.com/nebuk89 ) in
[https://github.com/actions/checkout/pull/2194 ](https://redirect.github.com/actions/checkout/pull/2194 )
- Update CODEOWNERS for actions by
[@​TingluoHuang](https://redirect.github.com/TingluoHuang ) in
[https://github.com/actions/checkout/pull/2224 ](https://redirect.github.com/actions/checkout/pull/2224 )
- Update package dependencies by
[@​salmanmkc](https://redirect.github.com/salmanmkc ) in
[https://github.com/actions/checkout/pull/2236 ](https://redirect.github.com/actions/checkout/pull/2236 )
- Prepare release v4.3.0 by
[@​salmanmkc](https://redirect.github.com/salmanmkc ) in
[https://github.com/actions/checkout/pull/2237 ](https://redirect.github.com/actions/checkout/pull/2237 )
##### New Contributors
- [@​motss](https://redirect.github.com/motss ) made their first
contribution in
[https://github.com/actions/checkout/pull/1971 ](https://redirect.github.com/actions/checkout/pull/1971 )
- [@​mouismail](https://redirect.github.com/mouismail ) made their
first contribution in
[https://github.com/actions/checkout/pull/1977 ](https://redirect.github.com/actions/checkout/pull/1977 )
- [@​benwells](https://redirect.github.com/benwells ) made their
first contribution in
[https://github.com/actions/checkout/pull/2043 ](https://redirect.github.com/actions/checkout/pull/2043 )
- [@​nebuk89](https://redirect.github.com/nebuk89 ) made their
first contribution in
[https://github.com/actions/checkout/pull/2194 ](https://redirect.github.com/actions/checkout/pull/2194 )
- [@​salmanmkc](https://redirect.github.com/salmanmkc ) made their
first contribution in
[https://github.com/actions/checkout/pull/2236 ](https://redirect.github.com/actions/checkout/pull/2236 )
**Full Changelog**:
https://github.com/actions/checkout/compare/v4...v4.3.0
###
[`v4.2.2`](https://redirect.github.com/actions/checkout/blob/HEAD/CHANGELOG.md#v422 )
[Compare
Source](https://redirect.github.com/actions/checkout/compare/v4.2.1...v4.2.2 )
- `url-helper.ts` now leverages well-known environment variables by
[@​jww3](https://redirect.github.com/jww3 ) in
[#​1941](https://redirect.github.com/actions/checkout/pull/1941 )
- Expand unit test coverage for `isGhes` by
[@​jww3](https://redirect.github.com/jww3 ) in
[#​1946](https://redirect.github.com/actions/checkout/pull/1946 )
###
[`v4.2.1`](https://redirect.github.com/actions/checkout/blob/HEAD/CHANGELOG.md#v421 )
[Compare
Source](https://redirect.github.com/actions/checkout/compare/v4.2.0...v4.2.1 )
- Check out other refs/\* by commit if provided, fall back to ref by
[@​orhantoy](https://redirect.github.com/orhantoy ) in
[#​1924](https://redirect.github.com/actions/checkout/pull/1924 )
###
[`v4.2.0`](https://redirect.github.com/actions/checkout/blob/HEAD/CHANGELOG.md#v420 )
[Compare
Source](https://redirect.github.com/actions/checkout/compare/v4.1.7...v4.2.0 )
- Add Ref and Commit outputs by
[@​lucacome](https://redirect.github.com/lucacome ) in
[#​1180](https://redirect.github.com/actions/checkout/pull/1180 )
- Dependency updates by
[@​dependabot-](https://redirect.github.com/dependabot- )
[#​1777](https://redirect.github.com/actions/checkout/pull/1777 ),
[#​1872](https://redirect.github.com/actions/checkout/pull/1872 )
###
[`v4.1.7`](https://redirect.github.com/actions/checkout/blob/HEAD/CHANGELOG.md#v417 )
[Compare
Source](https://redirect.github.com/actions/checkout/compare/v4.1.6...v4.1.7 )
- Bump the minor-npm-dependencies group across 1 directory with 4
updates by [@​dependabot](https://redirect.github.com/dependabot )
in
[#​1739](https://redirect.github.com/actions/checkout/pull/1739 )
- Bump actions/checkout from 3 to 4 by
[@​dependabot](https://redirect.github.com/dependabot ) in
[#​1697](https://redirect.github.com/actions/checkout/pull/1697 )
- Check out other refs/\* by commit by
[@​orhantoy](https://redirect.github.com/orhantoy ) in
[#​1774](https://redirect.github.com/actions/checkout/pull/1774 )
- Pin actions/checkout's own workflows to a known, good, stable version.
by [@​jww3](https://redirect.github.com/jww3 ) in
[#​1776](https://redirect.github.com/actions/checkout/pull/1776 )
###
[`v4.1.6`](https://redirect.github.com/actions/checkout/blob/HEAD/CHANGELOG.md#v416 )
[Compare
Source](https://redirect.github.com/actions/checkout/compare/v4.1.5...v4.1.6 )
- Check platform to set archive extension appropriately by
[@​cory-miller](https://redirect.github.com/cory-miller ) in
[#​1732](https://redirect.github.com/actions/checkout/pull/1732 )
###
[`v4.1.5`](https://redirect.github.com/actions/checkout/blob/HEAD/CHANGELOG.md#v415 )
[Compare
Source](https://redirect.github.com/actions/checkout/compare/v4.1.4...v4.1.5 )
- Update NPM dependencies by
[@​cory-miller](https://redirect.github.com/cory-miller ) in
[#​1703](https://redirect.github.com/actions/checkout/pull/1703 )
- Bump github/codeql-action from 2 to 3 by
[@​dependabot](https://redirect.github.com/dependabot ) in
[#​1694](https://redirect.github.com/actions/checkout/pull/1694 )
- Bump actions/setup-node from 1 to 4 by
[@​dependabot](https://redirect.github.com/dependabot ) in
[#​1696](https://redirect.github.com/actions/checkout/pull/1696 )
- Bump actions/upload-artifact from 2 to 4 by
[@​dependabot](https://redirect.github.com/dependabot ) in
[#​1695](https://redirect.github.com/actions/checkout/pull/1695 )
- README: Suggest `user.email` to be
`41898282+github-actions[bot]@​users.noreply.github.com` by
[@​cory-miller](https://redirect.github.com/cory-miller ) in
[#​1707](https://redirect.github.com/actions/checkout/pull/1707 )
###
[`v4.1.4`](https://redirect.github.com/actions/checkout/blob/HEAD/CHANGELOG.md#v414 )
[Compare
Source](https://redirect.github.com/actions/checkout/compare/v4.1.3...v4.1.4 )
- Disable `extensions.worktreeConfig` when disabling `sparse-checkout`
by [@​jww3](https://redirect.github.com/jww3 ) in
[#​1692](https://redirect.github.com/actions/checkout/pull/1692 )
- Add dependabot config by
[@​cory-miller](https://redirect.github.com/cory-miller ) in
[#​1688](https://redirect.github.com/actions/checkout/pull/1688 )
- Bump the minor-actions-dependencies group with 2 updates by
[@​dependabot](https://redirect.github.com/dependabot ) in
[#​1693](https://redirect.github.com/actions/checkout/pull/1693 )
- Bump word-wrap from 1.2.3 to 1.2.5 by
[@​dependabot](https://redirect.github.com/dependabot ) in
[#​1643](https://redirect.github.com/actions/checkout/pull/1643 )
###
[`v4.1.3`](https://redirect.github.com/actions/checkout/blob/HEAD/CHANGELOG.md#v413 )
[Compare
Source](https://redirect.github.com/actions/checkout/compare/v4.1.2...v4.1.3 )
- Check git version before attempting to disable `sparse-checkout` by
[@​jww3](https://redirect.github.com/jww3 ) in
[#​1656](https://redirect.github.com/actions/checkout/pull/1656 )
- Add SSH user parameter by
[@​cory-miller](https://redirect.github.com/cory-miller ) in
[#​1685](https://redirect.github.com/actions/checkout/pull/1685 )
- Update `actions/checkout` version in `update-main-version.yml` by
[@​jww3](https://redirect.github.com/jww3 ) in
[#​1650](https://redirect.github.com/actions/checkout/pull/1650 )
###
[`v4.1.2`](https://redirect.github.com/actions/checkout/blob/HEAD/CHANGELOG.md#v412 )
[Compare
Source](https://redirect.github.com/actions/checkout/compare/v4.1.1...v4.1.2 )
- Fix: Disable sparse checkout whenever `sparse-checkout` option is not
present [@​dscho](https://redirect.github.com/dscho ) in
[#​1598](https://redirect.github.com/actions/checkout/pull/1598 )
</details>
<details>
<summary>actions/github-script (actions/github-script)</summary>
###
[`v7.1.0`](https://redirect.github.com/actions/github-script/releases/tag/v7.1.0 )
[Compare
Source](https://redirect.github.com/actions/github-script/compare/v7.0.1...v7.1.0 )
#### What's Changed
- Upgrade husky to v9 by
[@​benelan](https://redirect.github.com/benelan ) in
[#​482](https://redirect.github.com/actions/github-script/pull/482 )
- Add workflow file for publishing releases to immutable action package
by [@​Jcambass](https://redirect.github.com/Jcambass ) in
[#​485](https://redirect.github.com/actions/github-script/pull/485 )
- Upgrade IA Publish by
[@​Jcambass](https://redirect.github.com/Jcambass ) in
[#​486](https://redirect.github.com/actions/github-script/pull/486 )
- Fix workflow status badges by
[@​joshmgross](https://redirect.github.com/joshmgross ) in
[#​497](https://redirect.github.com/actions/github-script/pull/497 )
- Update usage of `actions/upload-artifact` by
[@​joshmgross](https://redirect.github.com/joshmgross ) in
[#​512](https://redirect.github.com/actions/github-script/pull/512 )
- Clear up package name confusion by
[@​joshmgross](https://redirect.github.com/joshmgross ) in
[#​514](https://redirect.github.com/actions/github-script/pull/514 )
- Update dependencies with `npm audit fix` by
[@​joshmgross](https://redirect.github.com/joshmgross ) in
[#​515](https://redirect.github.com/actions/github-script/pull/515 )
- Specify that the used script is JavaScript by
[@​timotk](https://redirect.github.com/timotk ) in
[#​478](https://redirect.github.com/actions/github-script/pull/478 )
- chore: Add Dependabot for NPM and Actions by
[@​nschonni](https://redirect.github.com/nschonni ) in
[#​472](https://redirect.github.com/actions/github-script/pull/472 )
- Define `permissions` in workflows and update actions by
[@​joshmgross](https://redirect.github.com/joshmgross ) in
[#​531](https://redirect.github.com/actions/github-script/pull/531 )
- chore: Add Dependabot for .github/actions/install-dependencies by
[@​nschonni](https://redirect.github.com/nschonni ) in
[#​532](https://redirect.github.com/actions/github-script/pull/532 )
- chore: Remove .vscode settings by
[@​nschonni](https://redirect.github.com/nschonni ) in
[#​533](https://redirect.github.com/actions/github-script/pull/533 )
- ci: Use github/setup-licensed by
[@​nschonni](https://redirect.github.com/nschonni ) in
[#​473](https://redirect.github.com/actions/github-script/pull/473 )
- make octokit instance available as octokit on top of github, to make
it easier to seamlessly copy examples from GitHub rest api or octokit
documentations by
[@​iamstarkov](https://redirect.github.com/iamstarkov ) in
[#​508](https://redirect.github.com/actions/github-script/pull/508 )
- Remove `octokit` README updates for v7 by
[@​joshmgross](https://redirect.github.com/joshmgross ) in
[#​557](https://redirect.github.com/actions/github-script/pull/557 )
- docs: add "exec" usage examples by
[@​neilime](https://redirect.github.com/neilime ) in
[#​546](https://redirect.github.com/actions/github-script/pull/546 )
- Bump ruby/setup-ruby from 1.213.0 to 1.222.0 by
[@​dependabot](https://redirect.github.com/dependabot )\[bot] in
[#​563](https://redirect.github.com/actions/github-script/pull/563 )
- Bump ruby/setup-ruby from 1.222.0 to 1.229.0 by
[@​dependabot](https://redirect.github.com/dependabot )\[bot] in
[#​575](https://redirect.github.com/actions/github-script/pull/575 )
- Clearly document passing inputs to the `script` by
[@​joshmgross](https://redirect.github.com/joshmgross ) in
[#​603](https://redirect.github.com/actions/github-script/pull/603 )
- Update README.md by
[@​nebuk89](https://redirect.github.com/nebuk89 ) in
[#​610](https://redirect.github.com/actions/github-script/pull/610 )
#### New Contributors
- [@​benelan](https://redirect.github.com/benelan ) made their
first contribution in
[#​482](https://redirect.github.com/actions/github-script/pull/482 )
- [@​Jcambass](https://redirect.github.com/Jcambass ) made their
first contribution in
[#​485](https://redirect.github.com/actions/github-script/pull/485 )
- [@​timotk](https://redirect.github.com/timotk ) made their first
contribution in
[#​478](https://redirect.github.com/actions/github-script/pull/478 )
- [@​iamstarkov](https://redirect.github.com/iamstarkov ) made
their first contribution in
[#​508](https://redirect.github.com/actions/github-script/pull/508 )
- [@​neilime](https://redirect.github.com/neilime ) made their
first contribution in
[#​546](https://redirect.github.com/actions/github-script/pull/546 )
- [@​nebuk89](https://redirect.github.com/nebuk89 ) made their
first contribution in
[#​610](https://redirect.github.com/actions/github-script/pull/610 )
**Full Changelog**:
<https://github.com/actions/github-script/compare/v7...v7.1.0 >
</details>
<details>
<summary>actions/setup-node (actions/setup-node)</summary>
###
[`v4.4.0`](https://redirect.github.com/actions/setup-node/releases/tag/v4.4.0 )
[Compare
Source](https://redirect.github.com/actions/setup-node/compare/v4.3.0...v4.4.0 )
##### What's Changed
##### Bug fixes:
- Make eslint-compact matcher compatible with Stylelint by
[@​FloEdelmann](https://redirect.github.com/FloEdelmann )
in [#​98](https://redirect.github.com/actions/setup-node/pull/98 )
- Add support for indented eslint output by
[@​fregante](https://redirect.github.com/fregante )
in [#​1245](https://redirect.github.com/actions/setup-node/pull/1245 )
##### Enhancement:
- Support private mirrors by
[@​marco-ippolito](https://redirect.github.com/marco-ippolito )
in [#​1240](https://redirect.github.com/actions/setup-node/pull/1240 )
##### Dependency update:
- Upgrade
[@​action/cache](https://redirect.github.com/action/cache ) from
4.0.2 to 4.0.3
by [@​aparnajyothi-y](https://redirect.github.com/aparnajyothi-y )
in [#​1262](https://redirect.github.com/actions/setup-node/pull/1262 )
##### New Contributors
- [@​FloEdelmann](https://redirect.github.com/FloEdelmann ) made
their first contribution
in [#​98](https://redirect.github.com/actions/setup-node/pull/98 )
- [@​fregante](https://redirect.github.com/fregante ) made their
first contribution
in [#​1245](https://redirect.github.com/actions/setup-node/pull/1245 )
- [@​marco-ippolito](https://redirect.github.com/marco-ippolito )
made their first contribution
in [#​1240](https://redirect.github.com/actions/setup-node/pull/1240 )
**Full
Changelog**: <https://github.com/actions/setup-node/compare/v4...v4.4.0 >
###
[`v4.3.0`](https://redirect.github.com/actions/setup-node/releases/tag/v4.3.0 )
[Compare
Source](https://redirect.github.com/actions/setup-node/compare/v4.2.0...v4.3.0 )
#### What's Changed
##### Dependency updates
- Upgrade
[@​actions/glob](https://redirect.github.com/actions/glob ) from
0.4.0 to 0.5.0 by
[@​dependabot](https://redirect.github.com/dependabot ) in
[#​1200](https://redirect.github.com/actions/setup-node/pull/1200 )
- Upgrade
[@​action/cache](https://redirect.github.com/action/cache ) from
4.0.0 to 4.0.2 by
[@​gowridurgad](https://redirect.github.com/gowridurgad ) in
[#​1251](https://redirect.github.com/actions/setup-node/pull/1251 )
- Upgrade [@​vercel/ncc](https://redirect.github.com/vercel/ncc )
from 0.38.1 to 0.38.3 by
[@​dependabot](https://redirect.github.com/dependabot ) in
[#​1203](https://redirect.github.com/actions/setup-node/pull/1203 )
- Upgrade
[@​actions/tool-cache](https://redirect.github.com/actions/tool-cache )
from 2.0.1 to 2.0.2 by
[@​dependabot](https://redirect.github.com/dependabot ) in
[#​1220](https://redirect.github.com/actions/setup-node/pull/1220 )
#### New Contributors
- [@​gowridurgad](https://redirect.github.com/gowridurgad ) made
their first contribution in
[#​1251](https://redirect.github.com/actions/setup-node/pull/1251 )
**Full Changelog**:
<https://github.com/actions/setup-node/compare/v4...v4.3.0 >
</details>
<details>
<summary>actions/setup-python (actions/setup-python)</summary>
###
[`v5.6.0`](https://redirect.github.com/actions/setup-python/releases/tag/v5.6.0 )
[Compare
Source](https://redirect.github.com/actions/setup-python/compare/v5.5.0...v5.6.0 )
##### What's Changed
- Workflow updates related to Ubuntu 20.04 by
[@​aparnajyothi-y](https://redirect.github.com/aparnajyothi-y ) in
[#​1065](https://redirect.github.com/actions/setup-python/pull/1065 )
- Fix for Candidate Not Iterable Error by
[@​aparnajyothi-y](https://redirect.github.com/aparnajyothi-y ) in
[#​1082](https://redirect.github.com/actions/setup-python/pull/1082 )
- Upgrade semver and
[@​types/semver](https://redirect.github.com/types/semver ) by
[@​dependabot](https://redirect.github.com/dependabot ) in
[#​1091](https://redirect.github.com/actions/setup-python/pull/1091 )
- Upgrade prettier from 2.8.8 to 3.5.3 by
[@​dependabot](https://redirect.github.com/dependabot ) in
[#​1046](https://redirect.github.com/actions/setup-python/pull/1046 )
- Upgrade ts-jest from 29.1.2 to 29.3.2 by
[@​dependabot](https://redirect.github.com/dependabot ) in
[#​1081](https://redirect.github.com/actions/setup-python/pull/1081 )
**Full Changelog**:
<https://github.com/actions/setup-python/compare/v5...v5.6.0 >
###
[`v5.5.0`](https://redirect.github.com/actions/setup-python/releases/tag/v5.5.0 )
[Compare
Source](https://redirect.github.com/actions/setup-python/compare/v5.4.0...v5.5.0 )
#### What's Changed
##### Enhancements:
- Support free threaded Python versions like '3.13t' by
[@​colesbury](https://redirect.github.com/colesbury ) in
[#​973](https://redirect.github.com/actions/setup-python/pull/973 )
- Enhance Workflows: Include ubuntu-arm runners, Add e2e Testing for
free threaded and Upgrade
[@​action/cache](https://redirect.github.com/action/cache ) from
4.0.0 to 4.0.3 by
[@​priya-kinthali](https://redirect.github.com/priya-kinthali ) in
[#​1056](https://redirect.github.com/actions/setup-python/pull/1056 )
- Add support for .tool-versions file in setup-python by
[@​mahabaleshwars](https://redirect.github.com/mahabaleshwars ) in
[#​1043](https://redirect.github.com/actions/setup-python/pull/1043 )
##### Bug fixes:
- Fix architecture for pypy on Linux ARM64 by
[@​mayeut](https://redirect.github.com/mayeut ) in
[#​1011](https://redirect.github.com/actions/setup-python/pull/1011 )
This update maps arm64 to aarch64 for Linux ARM64 PyPy installations.
##### Dependency updates:
- Upgrade [@​vercel/ncc](https://redirect.github.com/vercel/ncc )
from 0.38.1 to 0.38.3 by
[@​dependabot](https://redirect.github.com/dependabot ) in
[#​1016](https://redirect.github.com/actions/setup-python/pull/1016 )
- Upgrade
[@​actions/glob](https://redirect.github.com/actions/glob ) from
0.4.0 to 0.5.0 by
[@​dependabot](https://redirect.github.com/dependabot ) in
[#​1015](https://redirect.github.com/actions/setup-python/pull/1015 )
#### New Contributors
- [@​colesbury](https://redirect.github.com/colesbury ) made their
first contribution in
[#​973](https://redirect.github.com/actions/setup-python/pull/973 )
- [@​mahabaleshwars](https://redirect.github.com/mahabaleshwars )
made their first contribution in
[#​1043](https://redirect.github.com/actions/setup-python/pull/1043 )
**Full Changelog**:
<https://github.com/actions/setup-python/compare/v5...v5.5.0 >
</details>
<details>
<summary>actions/upload-artifact (actions/upload-artifact)</summary>
###
[`v4.6.2`](https://redirect.github.com/actions/upload-artifact/releases/tag/v4.6.2 )
[Compare
Source](https://redirect.github.com/actions/upload-artifact/compare/v4.6.1...v4.6.2 )
#### What's Changed
- Update to use artifact 2.3.2 package & prepare for new upload-artifact
release by [@​salmanmkc](https://redirect.github.com/salmanmkc ) in
[#​685](https://redirect.github.com/actions/upload-artifact/pull/685 )
#### New Contributors
- [@​salmanmkc](https://redirect.github.com/salmanmkc ) made their
first contribution in
[#​685](https://redirect.github.com/actions/upload-artifact/pull/685 )
**Full Changelog**:
<https://github.com/actions/upload-artifact/compare/v4...v4.6.2 >
###
[`v4.6.1`](https://redirect.github.com/actions/upload-artifact/releases/tag/v4.6.1 )
[Compare
Source](https://redirect.github.com/actions/upload-artifact/compare/v4.6.0...v4.6.1 )
#### What's Changed
- Update to use artifact 2.2.2 package by
[@​yacaovsnc](https://redirect.github.com/yacaovsnc ) in
[#​673](https://redirect.github.com/actions/upload-artifact/pull/673 )
**Full Changelog**:
<https://github.com/actions/upload-artifact/compare/v4...v4.6.1 >
</details>
<details>
<summary>aminya/setup-cpp (aminya/setup-cpp)</summary>
###
[`v1.7.1`](https://redirect.github.com/aminya/setup-cpp/releases/tag/v1.7.1 )
[Compare
Source](https://redirect.github.com/aminya/setup-cpp/compare/v1.7.0...v1.7.1 )
##### What's Changed
- fix: prefer complete Window LLVM package
[@​aminya](https://redirect.github.com/aminya ) in
[#​425](https://redirect.github.com/aminya/setup-cpp/pull/425 )
- fix: add LLVM 20.1.7 by
[@​aminya](https://redirect.github.com/aminya ) in
[#​424](https://redirect.github.com/aminya/setup-cpp/pull/424 )
- fix: add mingw 15.1-r2 by
[@​aminya](https://redirect.github.com/aminya ) in
[#​424](https://redirect.github.com/aminya/setup-cpp/pull/424 )
- fix: install gcovr via apt on Ubuntu by default by
[@​aminya](https://redirect.github.com/aminya ) in
[#​424](https://redirect.github.com/aminya/setup-cpp/pull/424 )
- feat: add tar tool by
[@​aminya](https://redirect.github.com/aminya ) in
[#​425](https://redirect.github.com/aminya/setup-cpp/pull/425 )
**Full Changelog**:
<https://github.com/aminya/setup-cpp/compare/v1.7.0...v1.7.1 >
###
[`v1.7.0`](https://redirect.github.com/aminya/setup-cpp/releases/tag/v1.7.0 )
[Compare
Source](https://redirect.github.com/aminya/setup-cpp/compare/v1.6.2...v1.7.0 )
##### What's Changed
- feat: update default LLVM to v20 by
[@​aminya](https://redirect.github.com/aminya ) in
[#​387](https://redirect.github.com/aminya/setup-cpp/pull/387 )
- feat: default to GCC 15 on Windows and MacOS by
[@​aminya](https://redirect.github.com/aminya ) in
[#​387](https://redirect.github.com/aminya/setup-cpp/pull/387 )
- fix: update cmake, task, powershell, meson, doxygen by
[@​aminya](https://redirect.github.com/aminya ) in
[#​414](https://redirect.github.com/aminya/setup-cpp/pull/414 )
**Full Changelog**:
<https://github.com/aminya/setup-cpp/compare/v1.6.2...v1.7.0 >
###
[`v1.6.2`](https://redirect.github.com/aminya/setup-cpp/releases/tag/v1.6.2 )
[Compare
Source](https://redirect.github.com/aminya/setup-cpp/compare/v1.6.1...v1.6.2 )
**Full Changelog**:
<https://github.com/aminya/setup-cpp/compare/v1.6.1...v1.6.2 >
###
[`v1.6.1`](https://redirect.github.com/aminya/setup-cpp/compare/v1.6.0...v1.6.1 )
[Compare
Source](https://redirect.github.com/aminya/setup-cpp/compare/v1.6.0...v1.6.1 )
###
[`v1.6.0`](https://redirect.github.com/aminya/setup-cpp/releases/tag/v1.6.0 )
[Compare
Source](https://redirect.github.com/aminya/setup-cpp/compare/v1.5.4...v1.6.0 )
##### What's Changed
- feat: add apt-fast as an installable tool by
[@​aminya](https://redirect.github.com/aminya ) in
[#​401](https://redirect.github.com/aminya/setup-cpp/pull/401 )
- fix: add apt-fast optimizations by
[@​aminya](https://redirect.github.com/aminya ) in
[#​402](https://redirect.github.com/aminya/setup-cpp/pull/402 )
**Full Changelog**:
<https://github.com/aminya/setup-cpp/compare/v1.5.4...v1.6.0 >
###
[`v1.5.4`](https://redirect.github.com/aminya/setup-cpp/releases/tag/v1.5.4 )
[Compare
Source](https://redirect.github.com/aminya/setup-cpp/compare/v1.5.3...v1.5.4 )
##### What's Changed
- fix: avoid rc sourcing loops + fix: always add guards for sourcing rc
files by [@​aminya](https://redirect.github.com/aminya ) in
[#​397](https://redirect.github.com/aminya/setup-cpp/pull/397 )
- [fix: add missing git option for
actions](d0235b0adbhttps://redirect.github.com/aminya )
- [fix: ignore setup-cpp cli installation
errors](d10f4b6db0https://redirect.github.com/aminya )
- [fix: fix addition of git to PATH on
Windows](75890615f7https://redirect.github.com/aminya )
- [fix: fix add-apt-repository in
Debian](55f022dea4https://redirect.github.com/aminya )
- [fix: fix llvm add-apt-repository for
debian](05bd2b5297https://redirect.github.com/aminya )
**Full Changelog**:
<https://github.com/aminya/setup-cpp/compare/v1.5.3...v1.5.4 >
###
[`v1.5.3`](https://redirect.github.com/aminya/setup-cpp/releases/tag/v1.5.3 )
[Compare
Source](https://redirect.github.com/aminya/setup-cpp/compare/v1.5.2...v1.5.3 )
- fix: remove exports map from package by
[@​aminya](https://redirect.github.com/aminya ) in
[7f46810eeda56](6370aaa025https://github.com/aminya/setup-cpp/compare/v1.5.2...v1.5.3 >
###
[`v1.5.2`](https://redirect.github.com/aminya/setup-cpp/releases/tag/v1.5.2 )
[Compare
Source](https://redirect.github.com/aminya/setup-cpp/compare/v1.5.1...v1.5.2 )
- fix: fix CLI shabang not working - independent lib by
[@​aminya](https://redirect.github.com/aminya ) in
[c88b4364ef50](95a7de4f2ehttps://github.com/aminya/setup-cpp/compare/v1.5.1...v1.5.2 >
###
[`v1.5.1`](https://redirect.github.com/aminya/setup-cpp/compare/v1.5.0...v1.5.1 )
[Compare
Source](https://redirect.github.com/aminya/setup-cpp/compare/v1.5.0...v1.5.1 )
###
[`v1.5.0`](https://redirect.github.com/aminya/setup-cpp/releases/tag/v1.5.0 )
[Compare
Source](https://redirect.github.com/aminya/setup-cpp/compare/v1.4.0...v1.5.0 )
##### What's Changed
- feat: allow using setup-cpp as a library by
[@​aminya](https://redirect.github.com/aminya ) in
[#​386](https://redirect.github.com/aminya/setup-cpp/pull/386 )
- fix: pin vcpkg on Alpine Arm64 by
[@​aminya](https://redirect.github.com/aminya ) in
[#​389](https://redirect.github.com/aminya/setup-cpp/pull/389 )
- fix: do not add LLVM libraries to dyld by default by
[@​aminya](https://redirect.github.com/aminya ) in
[#​388](https://redirect.github.com/aminya/setup-cpp/pull/388 )
**Full Changelog**:
<https://github.com/aminya/setup-cpp/compare/v1.4.0...v1.5.0 >
###
[`v1.4.0`](https://redirect.github.com/aminya/setup-cpp/releases/tag/v1.4.0 )
[Compare
Source](https://redirect.github.com/aminya/setup-cpp/compare/v1.3.0...v1.4.0 )
##### What's Changed
- 🎉 feat: support Alpine + add setup-alpine package by
[@​aminya](https://redirect.github.com/aminya ) in
[#​379](https://redirect.github.com/aminya/setup-cpp/pull/379 )
- ci: add docker tags with the base platform versions by
[@​aminya](https://redirect.github.com/aminya ) in
[#​381](https://redirect.github.com/aminya/setup-cpp/pull/381 )
(e.g. `setup-cpp-ubuntu:20.04`)
- fix: detect externally managed Python to avoid warnings by
[@​aminya](https://redirect.github.com/aminya ) in
[#​379](https://redirect.github.com/aminya/setup-cpp/pull/379 )
##### Alpine Images (amd64 and arm64)
Setup-cpp now provides prebuilt images for Alpine with support for base
tools, and compilers `llvm`, `gcc`, and `mingw` available for `amd64`
and `arm64` architectures.
Base image with `cmake, ninja, task, vcpkg, python, make, cppcheck,
gcovr, doxygen, ccache, conan, meson, cmakelang` for Alpine:
```dockerfile
FROM aminya/setup-cpp-alpine:3.21 AS builder
```
Image with `llvm` and the base tools:
```dockerfile
FROM aminya/setup-cpp-alpine-llvm:3.21 AS builder
```
Image with `gcc` and the base tools:
```dockerfile
FROM aminya/setup-cpp-alpine-gcc:3.21 AS builder
```
Image with `mingw` and the base tools:
```dockerfile
FROM aminya/setup-cpp-alpine-mingw:3.21 AS builder
```
**Full Changelog**:
<https://github.com/aminya/setup-cpp/compare/v1.3.0...v1.4.0 >
###
[`v1.3.0`](https://redirect.github.com/aminya/setup-cpp/releases/tag/v1.3.0 )
[Compare
Source](https://redirect.github.com/aminya/setup-cpp/compare/v1.2.2...v1.3.0 )
##### What's Changed
- feat: add Ubuntu 20 and 24 docker builds by
[@​aminya](https://redirect.github.com/aminya ) in
[#​375](https://redirect.github.com/aminya/setup-cpp/pull/375 )
- fix: fix python installation on Ubuntu 20 by
[@​aminya](https://redirect.github.com/aminya ) in
[#​375](https://redirect.github.com/aminya/setup-cpp/pull/375 )
- chore(deps): update devdependencies by
[@​renovate](https://redirect.github.com/renovate ) in
[#​376](https://redirect.github.com/aminya/setup-cpp/pull/376 )
##### Breaking changes for Ubuntu Docker images
The `latest` tag for `setup-cpp` on Docker now points to Ubuntu `24.04`.
Please pin the specific version if needed:
Base image with `cmake, ninja, task, vcpkg, python, make, cppcheck,
gcovr, doxygen, ccache, conan, meson, cmakelang` for Ubuntu 24.04:
```dockerfile
FROM aminya/setup-cpp-ubuntu:24.04-1.3.0 AS builder
```
Image with `llvm` and the base tools:
```dockerfile
FROM aminya/setup-cpp-ubuntu-llvm:24.04-1.3.0 AS builder
```
Image with `gcc` and the base tools:
```dockerfile
FROM aminya/setup-cpp-ubuntu-gcc:24.04-1.3.0 AS builder
```
Image with `mingw` and the base tools:
```dockerfile
FROM aminya/setup-cpp-ubuntu-mingw:24.04-1.3.0 AS builder
```
There are also the variants for Ubuntu `22.04`
```dockerfile
FROM aminya/setup-cpp-ubuntu:22.04-1.3.0 AS builder
FROM aminya/setup-cpp-ubuntu-llvm:22.04-1.3.0 AS builder
FROM aminya/setup-cpp-ubuntu-gcc:22.04-1.3.0 AS builder
FROM aminya/setup-cpp-ubuntu-mingw:22.04-1.3.0 AS builder
```
And for Ubuntu `20.04`:
```dockerfile
FROM aminya/setup-cpp-ubuntu:20.04-1.3.0 AS builder
FROM aminya/setup-cpp-ubuntu-llvm:20.04-1.3.0 AS builder
FROM aminya/setup-cpp-ubuntu-gcc:20.04-1.3.0 AS builder
FROM aminya/setup-cpp-ubuntu-mingw:20.04-1.3.0 AS builder
```
Note that `nala` is no longer included in the setup-cpp images by
default. You can install it manually via `setup-cpp --nala true` in your
Docker image if you rely on it.
**Full Changelog**:
<https://github.com/aminya/setup-cpp/compare/v1.2.2...v1.3.0 >
###
[`v1.2.2`](https://redirect.github.com/aminya/setup-cpp/releases/tag/v1.2.2 )
[Compare
Source](https://redirect.github.com/aminya/setup-cpp/compare/v1.2.1...v1.2.2 )
##### What's Changed
- 🎉 ci: tests and executables for Linux arm by
[@​aminya](https://redirect.github.com/aminya ) in
[#​363](https://redirect.github.com/aminya/setup-cpp/pull/363 )
- fix apt installation fallbacks to latest by
[@​aminya](https://redirect.github.com/aminya ) in
[#​363](https://redirect.github.com/aminya/setup-cpp/pull/363 )
- fix old LLVM on latest Ubuntu arm by
[@​aminya](https://redirect.github.com/aminya ) in
[#​363](https://redirect.github.com/aminya/setup-cpp/pull/363 )
- feat: install sccache on latest ubuntu arm by
[@​aminya](https://redirect.github.com/aminya ) in
[#​373](https://redirect.github.com/aminya/setup-cpp/pull/373 )
- fix Doxygen on Linux Arm by
[@​aminya](https://redirect.github.com/aminya ) in
[#​363](https://redirect.github.com/aminya/setup-cpp/pull/363 )
**Full Changelog**:
<https://github.com/aminya/setup-cpp/compare/v1.2.1...v1.2.2 >
###
[`v1.2.1`](https://redirect.github.com/aminya/setup-cpp/releases/tag/v1.2.1 )
[Compare
Source](https://redirect.github.com/aminya/setup-cpp/compare/v1.2.0...v1.2.1 )
##### What's Changed
- 🎉 feat: add multi-architecture Docker images for setup-cpp by
[@​aminya](https://redirect.github.com/aminya ) in
[#​361](https://redirect.github.com/aminya/setup-cpp/pull/361 )
- 🎉 feat: install LLVM via brew on Mac if possible by
[@​aminya](https://redirect.github.com/aminya ) in
[#​367](https://redirect.github.com/aminya/setup-cpp/pull/367 ) and
[#​364](https://redirect.github.com/aminya/setup-cpp/pull/364 )
- 🎉 fix: avoid already installed warnings for brew by
[@​aminya](https://redirect.github.com/aminya ) in
[#​369](https://redirect.github.com/aminya/setup-cpp/pull/369 )
- feat: add git as an installable tool by
[@​aminya](https://redirect.github.com/aminya ) in
[#​362](https://redirect.github.com/aminya/setup-cpp/pull/362 )
- fix: add polyfill for crypto.randomuuid for Node 12 by
[@​aminya](https://redirect.github.com/aminya ) in
[#​368](https://redirect.github.com/aminya/setup-cpp/pull/368 ) and
[#​370](https://redirect.github.com/aminya/setup-cpp/pull/370 )
**Full Changelog**:
<https://github.com/aminya/setup-cpp/compare/v1.1.1...v1.2.0 >
###
[`v1.2.0`](https://redirect.github.com/aminya/setup-cpp/releases/tag/v1.2.0 )
[Compare
Source](https://redirect.github.com/aminya/setup-cpp/compare/v1.1.1...v1.2.0 )
##### What's Changed
Note: superseded by v1.2.1
- feat: add multi-architecture Docker images for setup-cpp by
[@​aminya](https://redirect.github.com/aminya ) in
[#​361](https://redirect.github.com/aminya/setup-cpp/pull/361 )
- feat: install LLVM via brew on Mac if possible by
[@​aminya](https://redirect.github.com/aminya ) in
[#​367](https://redirect.github.com/aminya/setup-cpp/pull/367 ) and
[#​364](https://redirect.github.com/aminya/setup-cpp/pull/364 )
- feat: add git as an installable tool by
[@​aminya](https://redirect.github.com/aminya ) in
[#​362](https://redirect.github.com/aminya/setup-cpp/pull/362 )
- fix: avoid already installed warnings for brew by
[@​aminya](https://redirect.github.com/aminya ) in
[#​369](https://redirect.github.com/aminya/setup-cpp/pull/369 )
- fix: add polyfill for crypto.randomuuid for Node 12 by
[@​aminya](https://redirect.github.com/aminya ) in
[#​368](https://redirect.github.com/aminya/setup-cpp/pull/368 ) and
[#​370](https://redirect.github.com/aminya/setup-cpp/pull/370 )
**Full Changelog**:
<https://github.com/aminya/setup-cpp/compare/v1.1.1...v1.2.0 >
</details>
<details>
<summary>docker/login-action (docker/login-action)</summary>
###
[`v3.5.0`](https://redirect.github.com/docker/login-action/releases/tag/v3.5.0 )
[Compare
Source](https://redirect.github.com/docker/login-action/compare/v3.4.0...v3.5.0 )
- Support dual-stack endpoints for AWS ECR by
[@​Spacefish](https://redirect.github.com/Spacefish )
[@​crazy-max](https://redirect.github.com/crazy-max ) in
[#​874](https://redirect.github.com/docker/login-action/pull/874 )
[#​876](https://redirect.github.com/docker/login-action/pull/876 )
- Bump
[@​aws-sdk/client-ecr](https://redirect.github.com/aws-sdk/client-ecr )
to 3.859.0 in
[#​860](https://redirect.github.com/docker/login-action/pull/860 )
[#​878](https://redirect.github.com/docker/login-action/pull/878 )
- Bump
[@​aws-sdk/client-ecr-public](https://redirect.github.com/aws-sdk/client-ecr-public )
to 3.859.0 in
[#​860](https://redirect.github.com/docker/login-action/pull/860 )
[#​878](https://redirect.github.com/docker/login-action/pull/878 )
- Bump
[@​docker/actions-toolkit](https://redirect.github.com/docker/actions-toolkit )
from 0.57.0 to 0.62.1 in
[#​870](https://redirect.github.com/docker/login-action/pull/870 )
- Bump form-data from 2.5.1 to 2.5.5 in
[#​875](https://redirect.github.com/docker/login-action/pull/875 )
**Full Changelog**:
<https://github.com/docker/login-action/compare/v3.4.0...v3.5.0 >
###
[`v3.4.0`](https://redirect.github.com/docker/login-action/releases/tag/v3.4.0 )
[Compare
Source](https://redirect.github.com/docker/login-action/compare/v3.3.0...v3.4.0 )
- Bump [@​actions/core](https://redirect.github.com/actions/core )
from 1.10.1 to 1.11.1 in
[#​791](https://redirect.github.com/docker/login-action/pull/791 )
- Bump
[@​aws-sdk/client-ecr](https://redirect.github.com/aws-sdk/client-ecr )
to 3.766.0 in
[#​789](https://redirect.github.com/docker/login-action/pull/789 )
[#​856](https://redirect.github.com/docker/login-action/pull/856 )
- Bump
[@​aws-sdk/client-ecr-public](https://redirect.github.com/aws-sdk/client-ecr-public )
to 3.758.0 in
[#​789](https://redirect.github.com/docker/login-action/pull/789 )
[#​856](https://redirect.github.com/docker/login-action/pull/856 )
- Bump
[@​docker/actions-toolkit](https://redirect.github.com/docker/actions-toolkit )
from 0.35.0 to 0.57.0 in
[#​801](https://redirect.github.com/docker/login-action/pull/801 )
[#​806](https://redirect.github.com/docker/login-action/pull/806 )
[#​858](https://redirect.github.com/docker/login-action/pull/858 )
- Bump cross-spawn from 7.0.3 to 7.0.6 in
[#​814](https://redirect.github.com/docker/login-action/pull/814 )
- Bump https-proxy-agent from 7.0.5 to 7.0.6 in
[#​823](https://redirect.github.com/docker/login-action/pull/823 )
- Bump path-to-regexp from 6.2.2 to 6.3.0 in
[#​777](https://redirect.github.com/docker/login-action/pull/777 )
**Full Changelog**:
<https://github.com/docker/login-action/compare/v3.3.0...v3.4.0 >
</details>
<details>
<summary>github/codeql-action (github/codeql-action)</summary>
###
[`v2.28.1`](https://redirect.github.com/github/codeql-action/releases/tag/v2.28.1 )
[Compare
Source](https://redirect.github.com/github/codeql-action/compare/v2.28.0...v2.28.1 )
### CodeQL Action Changelog
See the [releases
page](https://redirect.github.com/github/codeql-action/releases ) for the
relevant changes to the CodeQL CLI and language packs.
**This is the last planned release of the `v2`. To continue getting
updates for the CodeQL Action, please switch to `v3`.**
#### 2.28.1 - 10 Jan 2025
- CodeQL Action v2 is now deprecated, and is no longer updated or
supported. For better performance, improved security, and new features,
upgrade to v3. For more information, see [this changelog
post](https://github.blog/changelog/2025-01-10-code-scanning-codeql-action-v2-is-now-deprecated/ ).
[#​2677](https://redirect.github.com/github/codeql-action/pull/2677 )
- Update default CodeQL bundle version to 2.20.1.
[#​2678](https://redirect.github.com/github/codeql-action/pull/2678 )
See the full
[CHANGELOG.md](https://redirect.github.com/github/codeql-action/blob/v2.28.1/CHANGELOG.md )
for more information.
###
[`v2.28.0`](https://redirect.github.com/github/codeql-action/releases/tag/v2.28.0 )
[Compare
Source](https://redirect.github.com/github/codeql-action/compare/v2.27.9...v2.28.0 )
### CodeQL Action Changelog
See the [releases
page](https://redirect.github.com/github/codeql-action/releases ) for the
relevant changes to the CodeQL CLI and language packs.
Note that the only difference between `v2` and `v3` of the CodeQL Action
is the node version they support, with `v3` running on node 20 while we
continue to release `v2` to support running on node 16. For example
`3.22.11` was the first `v3` release and is functionally identical to
`2.22.11`. This approach ensures an easy way to track exactly which
features are included in different versions, indicated by the minor and
patch version numbers.
**This is the last planned release of the `v2`. To continue getting
updates for the CodeQL Action, please switch to `v3`.**
#### 2.28.0 - 20 Dec 2024
- Bump the minimum CodeQL bundle version to 2.15.5.
[#​2655](https://redirect.github.com/github/codeql-action/pull/2655 )
- Don't fail in the unusual case that a file is on the search path.
[#​2660](https://redirect.github.com/github/codeql-action/pull/2660 ).
See the full
[CHANGELOG.md](https://redirect.github.com/github/codeql-action/blob/v2.28.0/CHANGELOG.md )
for more information.
###
[`v2.27.9`](https://redirect.github.com/github/codeql-action/releases/tag/v2.27.9 )
[Compare
Source](https://redirect.github.com/github/codeql-action/compare/v2.27.8...v2.27.9 )
### CodeQL Action Changelog
See the [releases
page](https://redirect.github.com/github/codeql-action/releases ) for the
relevant changes to the CodeQL CLI and language packs.
Note that the only difference between `v2` and `v3` of the CodeQL Action
is the node version they support, with `v3` running on node 20 while we
continue to release `v2` to support running on node 16. For example
`3.22.11` was the first `v3` release and is functionally identical to
`2.22.11`. This approach ensures an easy way to track exactly which
features are included in different versions, indicated by the minor and
patch version numbers.
#### 2.27.9 - 12 Dec 2024
No user facing changes.
See the full
[CHANGELOG.md](https://redirect.github.com/github/codeql-action/blob/v2.27.9/CHANGELOG.md )
for more information.
###
[`v2.27.8`](https://redirect.github.com/github/codeql-action/compare/v2.27.7...v2.27.8 )
[Compare
Source](https://redirect.github.com/github/codeql-action/compare/v2.27.7...v2.27.8 )
###
[`v2.27.7`](https://redirect.github.com/github/codeql-action/releases/tag/v2.27.7 )
[Compare
Source](https://redirect.github.com/github/codeql-action/compare/v2.27.6...v2.27.7 )
### CodeQL Action Changelog
See the [releases
page](https://redirect.github.com/github/codeql-action/releases ) for the
relevant changes to the CodeQL CLI and language packs.
Note that the only difference between `v2` and `v3` of the CodeQL Action
is the node version they support, with `v3` running on node 20 while we
continue to release `v2` to support running on node 16. For example
`3.22.11` was the first `v3` release and is functionally identical to
`2.22.11`. This approach ensures an easy way to track exactly which
features are included in different versions, indicated by the minor and
patch version numbers.
#### 2.27.7 - 10 Dec 2024
- We are rolling out a change in December 2024 that will extract the
CodeQL bundle directly to the toolcache to improve performance.
[#​2631](https://redirect.github.com/github/codeql-action/pull/2631 )
- Update default CodeQL bundle version to 2.20.0.
[#​2636](https://redirect.github.com/github/codeql-action/pull/2636 )
See the full
[CHANGELOG.md](https://redirect.github.com/github/codeql-action/blob/v2.27.7/CHANGELOG.md )
for more information.
###
[`v2.27.6`](https://redirect.github.com/github/codeql-action/releases/tag/v2
</details>
---
### Configuration
📅 **Schedule**: Branch creation - Between 12:00 AM and 12:59 AM, only on
Monday ( * 0 * * 1 ) (UTC), Automerge - At any time (no schedule
defined).
🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.
👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config
help](https://redirect.github.com/renovatebot/renovate/discussions ) if
that's undesired.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box
---
This PR was generated by [Mend Renovate](https://mend.io/renovate/ ).
View the [repository job
log](https://developer.mend.io/github/llvm/llvm-project ).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MS4xMzEuOSIsInVwZGF0ZWRJblZlciI6IjQxLjEzMS45IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119-->
2025-09-28 22:26:48 -07:00
Aiden Grossman
e764e190ee
[Github] Remove separate tools checkout from pr-code workflows ( #159967 )
...
These separate checkouts I believe were originally carried over from
when we were using pull_request_target. We needed two checkouts to
ensure we were not executing user supplied code. We kept them to ensure
we were using the latest version of the tools, but this was born mostly
out of a misunderstanding of how Github Actions works. All PRs directly
against main are executed as if merged into main, so already are using
the latest version of the tools no matter the branch point. Stacked PRs
still need to be rebased for changes to propagate but these files have
been pretty stable for the past two years or so and I can't imagine any
changes needed to keep things running on release/stacked PR branches.
2025-09-21 11:26:56 -07:00
Aiden Grossman
ba3bce0779
[Github] Switch back to tj-actions/changed-files ( #158335 )
...
We were using the step security fork after the tj-actions/changed-files
supply chain attack given Github disabled the repo and all our actions
were failing during that time. Switch away from the fork back to the
main repository to avoid an extra level of indirection until we can
probably just stop using this action/roll our own.
2025-09-12 15:25:28 -07:00
Aiden Grossman
b7d2bd6edd
[Github] Bump clang-format to 21.1.0 ( #155660 )
...
This patch bumps the clang-format version in the pr-code-format action
to the latest release version, in line with how we have handled this
before.
2025-08-28 07:36:49 -07:00
Baranov Victor
ef3ce0dcb2
[Github] Remove redundant 'START_REV', 'END_REV' env variables (NFC) ( #154218 )
...
After https://github.com/llvm/llvm-project/pull/133023 , `START_REV` and
`END_REV` env variables became redundant.
2025-08-19 11:41:37 +03:00
Aiden Grossman
ca44e11e00
[CI][Github] Bump actions/checkout to v5.0.0 ( #153340 )
...
https://github.com/actions/checkout/releases/tag/v5.0.0 was released a
couple of days ago (still new, sufficient bake time that there probably
is not a significant security issue). There are few changes, with the
most notable ones being dependency bumps, specifically the node version
bump to v24. This requires actions runner v2.327.1. I will land this
after all of the infrastructure has been moved over to the new runner
version.
2025-08-13 21:17:53 -07:00
Owen Pan
b01ef20c5b
[GitHub][workflows] Use latest clang-format version 20.1.8 ( #148099 )
2025-07-10 22:26:33 -07:00
Aiden Grossman
46f90165be
[Github] Bump PR Code Format clang-format version ( #141819 )
...
As we have discussed in the past, we should be using the latest version.
This has not been updated in a while.
2025-05-28 12:16:01 -07:00
Aiden Grossman
f11d46c151
[Github] Remove invalid comment from pr-code-format.yaml
...
The comment was originally added in
b3af755254599f474601d0d7b7374dcc36af279a, but
2898c3e0bbf904c68efb194525bcdfeedb3014c2 greatly simplified things
making the previous comment invalid. We no longer need to look at
diffing main versus the PR and whether we are doing a two dot or three
dot diff as we are just diffing the merge commit.
2025-04-27 04:12:54 +00:00
Aiden Grossman
2898c3e0bb
[Github] Simplify Getting Changed Files in Code Formatting Workflow ( #133023 )
...
This patch changes getting changed files in the pr code format job to
just checking out the previous two commits (the merge commit and its
porent, the current commit latest in main), which allows us to just diff
the merge commit. This means we do not have to checkout the ref through
the merge base, which should save approximately a minute per job (or
much more in some cases where the PR is particularly out of date).
2025-03-28 21:45:07 -07:00
Aiden Grossman
6616acd80c
[Github] Change to step-security fork of changed actions
...
The tj-actions/changed-files repo has been taken down to the security
incident
(https://www.stepsecurity.io/blog/harden-runner-detection-tj-actions-changed-files-action-is-compromised ).
This patch moves these jobs over step-security's fork, which has been
loosely audited and has had the malicious commits removed. This is
mainly intended as a stop-gap to get these actions running again while
we figure out the best path forward.
2025-03-15 20:56:29 +00:00
Aiden Grossman
0ce4b685d2
[Github] Prefer ubuntu-24.04 over ubuntu-latest ( #129936 )
...
This patch replaces all instances of ubuntu-latest with ubuntu-24.04
(outside of the entries in libc++) based on the guidelines in the LLVM
CI best practices doc (https://llvm.org/docs/CIBestPractices.html ).
2025-03-06 10:32:02 -08:00
Aiden Grossman
705decc860
[Github] Hash Pin Actions in Most Workflows ( #129486 )
...
This patch haspins all actions in most of the LLVM Github workflows.
This is something we try to do, but no one has gone through and combed
through all of the workflows before this patch.
Notably, this patch does not bump any major versions of actions just in
case there are subtle breaking changes introduced between versions that
could impact us. Also, this patch omits the libc/libc++ workflows so
that they can be split into separate PRs for the respective subproject
maintainers to review.
2025-03-03 08:37:20 -08:00
Louis Dionne
858f025a00
[ci] Bump the version of clang-format used in the CI ( #119915 )
...
The version of clang-format we use in the CI to format all PRs is a bit
outdated, leading to some confusion when the CI job produces different
output from what people have locally.
2025-01-07 16:40:22 -05:00
Aiden Grossman
1293ab35e4
[Github] Cancel previous in-progress code formatting jobs ( #106701 )
2024-08-30 14:43:15 -07:00
Aiden Grossman
54916e5784
[Github] Set code formatting job timeout to 30 minutes ( #106674 )
...
This patch sets the timeout of the code formatting job to 30 minutes.
The job is currently failing in specific circumstances and needs to be
reworked, but as a temp hack, change the timeout to 30 minutes so that
we can catch these jobs before they hit the Github Actions timeout limit
of six hours.
Somewhat (hackily) alleviates #79661 slightly.
2024-08-30 01:08:38 -07:00
Tobias Stadler
9811971860
[GitHub] Run format job on stacked PRs ( #102957 )
...
Currently the formatter only runs for the main branch, which prevents
the formatter from running for stacked PRs, which have to target user
branches instead of main.
2024-08-14 14:10:57 +02:00
Owen Pan
5914a5671a
[GitHub][workflows] Use latest clang-format version 18.1.7 ( #95757 )
...
Since clang-format 18.1.4, there have been a number of commits that
fixed various kinds of issues:
- Bug
3ceccbdb1995
- Regression
6dbaa89433f7
51ff7f38b633
35fea1032741
7699b341b763
768118d1ad38
8c0fe0d65ed8
- Crash
f1491c7460e7
- Invalid code generation
0abb89a80f5c
2024-06-17 09:49:12 -07:00
Jannick Kremer
e38729968b
[CI] Update setup-python action to v5 for GHA ( #95414 )
...
We currently receive a warning on all Github Actions workflows that use
`setup-python`, since they all use v4 of the action, which uses the
deprecated Node.js 16. This PR upgrades the action in all places to v5,
which uses Node.js 20 (see [setup-python release
page](https://github.com/actions/setup-python/releases/tag/v5.0.0 ))
2024-06-13 10:16:59 -07:00
Marius Brehler
a952c12388
[GitHub] Set top level token permission ( #87326 )
2024-04-11 22:58:47 +02:00
Aiden Grossman
f6c87be1dd
[Github] Fix typo in PR code formatting job
...
The recent change to split the PR code formatting job accidentally
misspelled the repository field when specifying the repository to fetch
the code formatting utils from. This patch fixes the spelling so that
the job does not throw a warning and clones the tools from the specified
repository.
2024-04-02 00:33:50 -07:00
Tom Stellard
de917dc20e
[workflow] Don't add a comment when the first run of the formatter passes ( #86335 )
...
This was inadvertently changed in
2120f574103c487787390263b3692c4b167f6bdf.
2024-03-25 15:04:11 -07:00
Tom Stellard
2120f57410
Reapply [workflows] Split pr-code-format into two parts to make it more secure ( #78215 ) ( #80495 )
...
Actions triggered by pull_request_target events have access to all
repository secrets, so it is unsafe to use them when executing untrusted
code. The pr-code-format workflow does not execute any untrusted code,
but it passes untrused input into clang-format. An attacker could use
this to exploit a flaw in clang-format and potentially gain access to
the repository secrets.
By splitting the workflow, we can use the pull_request target which is
more secure and isolate the issue write permissions in a separate job.
The pull_request target also makes it easier to test changes to the
code-format-helepr.py script, because the version of the script from the
pull request will be used rather than the version of the script from
main.
Fixes #77142
2024-03-22 11:45:51 -07:00
Owen Pan
6f39c1e284
[GitHub][workflows] Use latest clang-format version 18.1.1 ( #85502 )
2024-03-16 04:23:15 -07:00
Aiden Grossman
f1ca0b6ce8
Revert "[GitHub][workflows] Use latest clang-format version 18.1.1 ( #85502 )"
...
This reverts commit dec63221d56e8092557f29f1f2c127828d7521bb.
This probably needs more discussion before we can land it. The consensus
(from what I can gather) in https://discourse.llvm.org/t/rfc-clang-format-all-the-things/76614
is that we should be careful with version upgrades for consistency.
2024-03-16 02:45:27 -07:00
Owen Pan
dec63221d5
[GitHub][workflows] Use latest clang-format version 18.1.1 ( #85502 )
2024-03-16 02:17:49 -07:00
Aiden Grossman
4b34558f43
[Github] Fix triggers formatting in code format action
...
A recent comment modified the job to only run on the main branch, but
the formatting was slightly off, causing the job to not run. This patch
fixes the formatting so the job will run as expected.
2024-02-04 21:33:30 -08:00
Tom Stellard
2193c95e24
[workflows] Only run code formatter on the main branch ( #80348 )
...
Modifying a cherry-picked patch to fix code formatting issues can be
risky, so we don't typically do this. Therefore, it's not necessary to
run this job on the release branches.
2024-02-03 21:42:40 -08:00
Tom Stellard
06c14c03da
Revert "[workflows] Split pr-code-format into two parts to make it more secure ( #78216 )"
...
This reverts commit bc06cd5cbcfc22dd976f6742d10bc934e1353b8a.
This caused the job to fail for PRs which still had an older version
of code-format-helper.py in their tree.
2024-02-02 12:03:38 -08:00
Tom Stellard
bc06cd5cbc
[workflows] Split pr-code-format into two parts to make it more secure ( #78216 )
...
Actions triggered by pull_request_target events have access to all
repository secrets, so it is unsafe to use them when executing untrusted
code. The pr-code-format workflow does not execute any untrusted code,
but it passes untrused input into clang-format. An attacker could use
this to exploit a flaw in clang-format and potentially gain access to
the repository secrets.
By splitting the workflow, we can use the pull_request target which is
more secure and isolate the issue write permissions in a separate job.
The pull_request target also makes it easier to test changes to the
code-format-helepr.py script, because the version of the script from the
pull request will be used rather than the version of the script from
main.
Fixes #77142
2024-02-02 11:31:23 -08:00
Aiden Grossman
b3af755254
[Github] Set start rev to merge base in code format action ( #75132 )
...
This patch sets the start revision to the merge base so that the c++
formatting action won't produce any diffs related to changes in main but
not in the PR branch. This also leaves a TODO to migrate over to the
--diff_from_common_commit option in git-clang-format once LLVM v18 is
released.
2023-12-11 21:46:51 -08:00
Chris Bieneman
488d900209
[NFC] Map changed file through envar
...
This sanitizes the string for printing.
2023-11-27 16:41:25 -06:00
Aiden Grossman
688664fd19
[Github] Make code formatting action checkout SHA rather than ref
...
Checking out a ref of the branch requires the remote to be the same as
the fork whereas setting it to be the commit SHA allows for us to avoid
changing the remote. This should fix the action not working on PRs made
from forks (essentially all of them).
2023-11-11 20:33:03 -08:00
Aiden Grossman
1a66465c72
[Github] Fetch through merge base in code formatting action ( #72020 )
...
This commit adds another step to the Github workflow that runs the code
formatting check to fetch through the merge base. This ensures that the
necessary history is present to find the changed files and also to run
clang-format over. This change massively increases the speed of the
action (~10 minutes down to ~2 minutes in most cases from my testing)
and also increases the reliability significantly.
2023-11-11 19:48:03 -08:00
Aiden Grossman
83888a5404
[Github] Only run github actions on main monorepo ( #69774 )
...
There are currently a couple jobs that run on all forks of LLVM too (if
there is a PR opened, or in the case of the documentation builds, upon
pushing to main). This isn't desired behavior. This commit disables that
behavior, forcing the jobs to not run if they aren't running against
llvm/llvm-project or a PR against that repo.
2023-11-04 00:17:06 -07:00
Chris B
f2c24cceed
Increase git fetch depth ( #70946 )
...
We've gotten ~750 commits in the last 7 days. Upping the fetch depth to
2000 will make it more likely that PRs up to 2 weeks old will have
enough fetch history to find a common parent. This _might_ address some
of the failures we're seeing in the clang-format action where it cannot
find a common base commit.
2023-11-01 13:24:28 -05:00
Aiden Grossman
96410a6b14
Revert "[Github] Fetch all commits in PR for code formatting checks ( #69766 )"
...
This reverts commit 4aa12afb967bd7c5f051f3b72271f787f1a7538b.
This change introduced failures upon checking out the PR source code.
Pulling this out of tree while I investigate further.
2023-10-30 12:33:35 -07:00
Aiden Grossman
4aa12afb96
[Github] Fetch all commits in PR for code formatting checks ( #69766 )
...
This patch makes a couple changes to the PR code formatting check:
- Moves the `changed-files` action to before the checkout to make sure
that it pulls
information from the Github API rather than by running `git diff` to
alleviate some
performance problems.
- Checkout the head of the pull request head instead of the base of the
pull request
to ensure that we have the PR commits inside the checkout.
- Add an additional sparse checkout of the necessary LLVM tools to run
the action
to alleviate security problems introduced by checking out the head of
the pull
request. Only code from the base of the pull request runs.
- Adjust the commit references to be based on `HEAD` as Github doesn't
give
exact commit SHAs for the first commit in the PR.
2023-10-30 12:23:51 -07:00
Aiden Grossman
cd205efb9d
Revert "[Github] Make PR formatting job only run with C/C++ changes ( #69556 )"
...
This reverts commit 80b2aac2c671771d74bc5d7426f7bd4ffa0b8a8e.
I mistakenly assumed this job didn't also do python formatting
(should've grepped for more than just black in the python portion of
this script). Pulling it out for now to get python formatting working
again while the patch is iterated further.
2023-10-18 23:28:20 -07:00
Aiden Grossman
80b2aac2c6
[Github] Make PR formatting job only run with C/C++ changes ( #69556 )
...
Currently the PR formatting job only runs clang-format. There isn't a
lot of utility in running it if there aren't any C/C++ changes as there
will be nothing to format. This isn't super noisy currently as the job
doesn't fail if there aren't any C/C++ changes, but it's a bit of a
waste.
In addition, this patch names the code formatting job "Check C++
Formatting" to make it clear that this job only checks C/C++ formatting
rather than Python formatting/other languages.
2023-10-18 22:53:17 -07:00
Tobias Hieta
db777db25c
[Workflow] Update clang-format to 17.0.1 ( #67402 )
...
17.0.1 is our most recent stable version which we decided to follow and
it fixes the issue described in llvm/llvm-project#67343
2023-09-28 08:37:30 +02:00
Tobias Hieta
a6e81df289
[Workflow] Roll back some settings since they caused more issues
...
This needs more investigation.
2023-09-23 17:53:51 +02:00
