From a023bf252c7d58cbeea15626369f59773ce32139 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 27 Oct 2025 16:37:15 -0700 Subject: [PATCH 1/5] Bump actions/upload-artifact from 4.6.2 to 5.0.0 (#8682) Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.6.2 to 5.0.0. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/ea165f8d65b6e75b540449e92b4886f43607fa02...330a01c490aca151604b8cf639adc76d48f6c5d4) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-version: 5.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/scan-for-to-do-comments.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scan-for-to-do-comments.yml b/.github/workflows/scan-for-to-do-comments.yml index c02f46b08c5..94f948d7384 100644 --- a/.github/workflows/scan-for-to-do-comments.yml +++ b/.github/workflows/scan-for-to-do-comments.yml @@ -27,7 +27,7 @@ jobs: COMMENT_AUTHOR: ${{ github.event.comment.user.login }} - name: Upload artifacts - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 with: name: issue-todo path: issue/ From 4ccaaf4d94564c4b0589b7edce847a4dde2f4e6a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 27 Oct 2025 17:14:07 -0700 Subject: [PATCH 2/5] Bump streetsidesoftware/cspell-action from 7.2.0 to 7.2.1 (#8681) Bumps [streetsidesoftware/cspell-action](https://github.com/streetsidesoftware/cspell-action) from 7.2.0 to 7.2.1. - [Release notes](https://github.com/streetsidesoftware/cspell-action/releases) - [Changelog](https://github.com/streetsidesoftware/cspell-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/streetsidesoftware/cspell-action/compare/dcd03dc3e8a59ec2e360d0c62db517baa0b4bb6d...76c6f6d52abd57f4bcab5f3fde1bbd4f19a99eb0) --- updated-dependencies: - dependency-name: streetsidesoftware/cspell-action dependency-version: 7.2.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/spellcheck.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/spellcheck.yml b/.github/workflows/spellcheck.yml index ded1d6c9593..e8b21a4ff78 100644 --- a/.github/workflows/spellcheck.yml +++ b/.github/workflows/spellcheck.yml @@ -17,7 +17,7 @@ jobs: with: persist-credentials: false - - uses: streetsidesoftware/cspell-action@dcd03dc3e8a59ec2e360d0c62db517baa0b4bb6d + - uses: streetsidesoftware/cspell-action@76c6f6d52abd57f4bcab5f3fde1bbd4f19a99eb0 name: Documentation spellcheck if: ${{ !cancelled() }} with: @@ -25,7 +25,7 @@ jobs: inline: error incremental_files_only: true - - uses: streetsidesoftware/cspell-action@dcd03dc3e8a59ec2e360d0c62db517baa0b4bb6d + - uses: streetsidesoftware/cspell-action@76c6f6d52abd57f4bcab5f3fde1bbd4f19a99eb0 name: Resx spellcheck if: ${{ !cancelled() }} with: @@ -33,7 +33,7 @@ jobs: inline: error incremental_files_only: true - - uses: streetsidesoftware/cspell-action@dcd03dc3e8a59ec2e360d0c62db517baa0b4bb6d + - uses: streetsidesoftware/cspell-action@76c6f6d52abd57f4bcab5f3fde1bbd4f19a99eb0 name: Source code spellcheck if: ${{ !cancelled() }} with: From 28b89e4094e516b5d3c710febe65513370228af3 Mon Sep 17 00:00:00 2001 From: Matt Mitchell Date: Tue, 28 Oct 2025 09:41:08 -0700 Subject: [PATCH 3/5] Use arcade backport workflow (#8683) --- .github/workflows/backport.yml | 56 ++------- eng/actions/backport/action.yml | 26 ----- eng/actions/backport/index.js | 200 -------------------------------- 3 files changed, 10 insertions(+), 272 deletions(-) delete mode 100644 eng/actions/backport/action.yml delete mode 100644 eng/actions/backport/index.js diff --git a/.github/workflows/backport.yml b/.github/workflows/backport.yml index e7a8a7f64d9..bde08ba8dec 100644 --- a/.github/workflows/backport.yml +++ b/.github/workflows/backport.yml @@ -2,53 +2,17 @@ name: Backport PR to branch on: issue_comment: types: [created] + schedule: + # once a day at 13:00 UTC to cleanup old runs + - cron: '0 13 * * *' -permissions: {} +permissions: + contents: write + issues: write + pull-requests: write + actions: write jobs: backport: - if: github.event.issue.pull_request != '' && contains(github.event.comment.body, '/backport to') && contains(fromJSON('["OWNER", "MEMBER", "COLLABORATOR"]'), github.event.comment.author_association) - runs-on: ubuntu-24.04 - permissions: - contents: write - issues: write - pull-requests: write - - steps: - - name: Extract backport target branch - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd - id: target-branch-extractor - with: - result-encoding: string - script: | - if (context.eventName !== "issue_comment") throw "Error: This action only works on issue_comment events."; - - // extract the target branch name from the trigger phrase containing these characters: a-z, A-Z, digits, forward slash, dot, hyphen, underscore - const regex = /\/backport to ([a-zA-Z\d\/\.\-\_]+)/; - target_branch = regex.exec(context.payload.comment.body); - if (target_branch == null) throw "Error: No backport branch found in the trigger phrase."; - - return target_branch[1]; - - name: Post backport started comment to pull request - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd - with: - script: | - const backport_start_body = `Started backporting to ${{ steps.target-branch-extractor.outputs.result }}: https://github.com/${context.repo.owner}/${context.repo.repo}/actions/runs/${process.env.GITHUB_RUN_ID}`; - await github.rest.issues.createComment({ - issue_number: context.issue.number, - owner: context.repo.owner, - repo: context.repo.repo, - body: backport_start_body - }); - - name: Checkout repo - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 - with: - persist-credentials: true # We need to persist credentials to push the resulting changes upstream. - fetch-depth: 0 - - name: Run backport - uses: ./eng/actions/backport - with: - target_branch: ${{ steps.target-branch-extractor.outputs.result }} - auth_token: ${{ secrets.GITHUB_TOKEN }} - exclude: 'documentation/**.md' - label: backport + if: ${{ contains(github.event.comment.body, '/backport to') || github.event_name == 'schedule' }} + uses: dotnet/arcade/.github/workflows/backport-base.yml@main diff --git a/eng/actions/backport/action.yml b/eng/actions/backport/action.yml deleted file mode 100644 index 6583c0f4b02..00000000000 --- a/eng/actions/backport/action.yml +++ /dev/null @@ -1,26 +0,0 @@ -name: 'PR Backporter' -description: 'Backports a pull request to a branch using the "/backport to " comment' -inputs: - target_branch: - description: 'Backport target branch.' - auth_token: - description: 'The token used to authenticate to GitHub.' - pr_title_template: - description: 'The template used for the PR title. Special placeholder tokens that will be replaced with a value: %target_branch%, %source_pr_title%, %source_pr_number%, %cc_users%.' - default: '[%target_branch%] %source_pr_title%' - pr_description_template: - description: 'The template used for the PR description. Special placeholder tokens that will be replaced with a value: %target_branch%, %source_pr_title%, %source_pr_number%, %cc_users%.' - default: | - Backport of #%source_pr_number% to %target_branch% - - /cc %cc_users% - exclude: - description: 'Path to exclude from the backport. Supports wildcards.' - required: false - label: - description: 'Label to add to the PR.' - required: false - -runs: - using: 'node16' - main: 'index.js' diff --git a/eng/actions/backport/index.js b/eng/actions/backport/index.js deleted file mode 100644 index 47b9fc695f5..00000000000 --- a/eng/actions/backport/index.js +++ /dev/null @@ -1,200 +0,0 @@ -// Licensed to the .NET Foundation under one or more agreements. -// The .NET Foundation licenses this file to you under the MIT license. - -function BackportException(message, postToGitHub = true) { - this.message = message; - this.postToGitHub = postToGitHub; -} - -async function run() { - const actionUtils = require('../../../.github/actions/action-utils.js'); - const [core, github, exec] = await actionUtils.installAndRequirePackages("@actions/core", "@actions/github", "@actions/exec"); - - const repo_owner = github.context.payload.repository.owner.login; - const repo_name = github.context.payload.repository.name; - const pr_number = github.context.payload.issue.number; - const comment_user = github.context.payload.comment.user.login; - - let octokit = github.getOctokit(core.getInput("auth_token", { required: true })); - let target_branch = core.getInput("target_branch", { required: true }); - let pr_label = core.getInput("label", { required: false }); - let excluded_path = core.getInput("exclude", { required: false }); - - try { - // verify the comment user is a repo collaborator - try { - await octokit.rest.repos.checkCollaborator({ - owner: repo_owner, - repo: repo_name, - username: comment_user - }); - console.log(`Verified ${comment_user} is a repo collaborator.`); - } catch (error) { - console.log(error); - throw new BackportException(`Error: @${comment_user} is not a repo collaborator, backporting is not allowed.`); - } - - try { await exec.exec(`git ls-remote --exit-code --heads origin ${target_branch}`) } catch { throw new BackportException(`Error: The specified backport target branch ${target_branch} wasn't found in the repo.`); } - console.log(`Backport target branch: ${target_branch}`); - - console.log("Applying backport patch"); - - await exec.exec(`git checkout ${target_branch}`); - await exec.exec(`git clean -xdff`); - - // configure git - await exec.exec(`git config user.name "github-actions"`); - await exec.exec(`git config user.email "github-actions@github.com"`); - - // create temporary backport branch - const temp_branch = `backport/pr-${pr_number}-to-${target_branch}`; - await exec.exec(`git checkout -b ${temp_branch}`); - - // skip opening PR if the branch already exists on the origin remote since that means it was opened - // by an earlier backport and force pushing to the branch updates the existing PR - let should_open_pull_request = true; - try { - await exec.exec(`git ls-remote --exit-code --heads origin ${temp_branch}`); - should_open_pull_request = false; - } catch { } - - // download and apply patch. - - // Prefer the merge or squash commit when possible as it'll have the most up-to-date patch context for long-running branches - const pr_context = github.context.payload.issue.pull_request; - let patch_url = `${pr_context.patch_url}`; - - try { - const pr = (await octokit.rest.pulls.get({ - owner: repo_owner, - repo: repo_name, - pull_number: pr_number - })).data; - - if (pr.merged === true && pr.merge_commit_sha !== null) { - patch_url = `${pr.base.repo.html_url}/commit/${pr.merge_commit_sha}.patch`; - } - } catch (error) { - console.log(`Failed to get PR information, falling back to unmerged patch. Error: ${error}`); - } - - await exec.exec(`curl -sSL "${patch_url}" --output changes.patch`); - - const git_am_command_without_patch = `git am --3way --ignore-whitespace --exclude="${excluded_path}" --keep-non-patch`; - const git_am_command = `${git_am_command_without_patch} changes.patch`; - let git_am_output = `$ ${git_am_command}\n\n`; - let git_am_failed = false; - try { - await exec.exec(git_am_command, [], { - listeners: { - stdout: function stdout(data) { git_am_output += data; }, - stderr: function stderr(data) { git_am_output += data; } - } - }); - } catch (error) { - git_am_output += error; - git_am_failed = true; - } - - if (git_am_failed) { - const git_am_failed_body = ` -@${github.context.payload.comment.user.login} backporting to ${target_branch} failed, the patch most likely resulted in conflicts. - -Please backport manually using one of the below commands, followed by \`git am --continue\` once the merge conflict has been resolved. - -PowerShell -\`\`\`ps1 -(Invoke-WebRequest "${patch_url}").Content | ${git_am_command_without_patch} -\`\`\` - -Bash -\`\`\`shell -curl -sSL "${patch_url}" | ${git_am_command_without_patch} -\`\`\` - - ---- -\`git am\` error output: - -\`\`\`shell -${git_am_output} -\`\`\` -`; - - await octokit.rest.issues.createComment({ - owner: repo_owner, - repo: repo_name, - issue_number: pr_number, - body: git_am_failed_body - }); - throw new BackportException("Error: git am failed, most likely due to a merge conflict.", false); - } - else { - // push the temp branch to the repository - await exec.exec(`git push --force --set-upstream origin HEAD:${temp_branch}`); - } - - if (!should_open_pull_request) { - console.log("Backport temp branch already exists, skipping opening a PR."); - return; - } - - // prepate the GitHub PR details - let backport_pr_title = core.getInput("pr_title_template"); - let backport_pr_description = core.getInput("pr_description_template"); - - // get users to cc (append PR author if different from user who issued the backport command) - let cc_users = `@${comment_user}`; - if (comment_user != github.context.payload.issue.user.login) cc_users += ` @${github.context.payload.issue.user.login}`; - - // replace the special placeholder tokens with values - backport_pr_title = backport_pr_title - .replace(/%target_branch%/g, target_branch) - .replace(/%source_pr_title%/g, github.context.payload.issue.title) - .replace(/%source_pr_number%/g, github.context.payload.issue.number) - .replace(/%cc_users%/g, cc_users); - - backport_pr_description = backport_pr_description - .replace(/%target_branch%/g, target_branch) - .replace(/%source_pr_title%/g, github.context.payload.issue.title) - .replace(/%source_pr_number%/g, github.context.payload.issue.number) - .replace(/%cc_users%/g, cc_users); - - // open the GitHub PR - const pr = await octokit.rest.pulls.create({ - owner: repo_owner, - repo: repo_name, - title: backport_pr_title, - body: backport_pr_description, - head: temp_branch, - base: target_branch - }); - - if (pr_label.length !== 0) { - await octokit.rest.issues.addLabels({ - owner: repo_owner, - repo: repo_name, - issue_number: pr.data.number, - labels: [pr_label], - }); - } - - console.log("Successfully opened the GitHub PR."); - } catch (error) { - - core.setFailed(error); - - if (error.postToGitHub === undefined || error.postToGitHub == true) { - // post failure to GitHub comment - const unknown_error_body = `@${comment_user} an error occurred while backporting to ${target_branch}, please check the run log for details!\n\n${error.message}`; - await octokit.rest.issues.createComment({ - owner: repo_owner, - repo: repo_name, - issue_number: pr_number, - body: unknown_error_body - }); - } - } -} - -run(); From aaa60fe22a7a1e3585962500576197b082803c26 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 28 Oct 2025 16:55:10 -0700 Subject: [PATCH 4/5] [main] Bump the identity-dependencies group with 1 update (#8666) Bumps Microsoft.Identity.Web from 3.14.1 to 4.0.1 --- updated-dependencies: - dependency-name: Microsoft.Identity.Web dependency-version: 4.0.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: identity-dependencies ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- eng/dependabot/independent/Versions.props | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/eng/dependabot/independent/Versions.props b/eng/dependabot/independent/Versions.props index 0238018e967..ba6d198fa16 100644 --- a/eng/dependabot/independent/Versions.props +++ b/eng/dependabot/independent/Versions.props @@ -6,7 +6,7 @@ 1.17.0 12.26.0 12.24.0 - 3.14.1 + 4.0.1 1.6.28 4.3.2 5.0.0 From de9b2ea7b9423029f655819447ff9a5c7e4e7f96 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 29 Oct 2025 09:04:22 -0700 Subject: [PATCH 5/5] [main] Bump Newtonsoft.Json from 13.0.3 to 13.0.4 (#8670) --- updated-dependencies: - dependency-name: Newtonsoft.Json dependency-version: 13.0.4 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- eng/dependabot/independent/Versions.props | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/eng/dependabot/independent/Versions.props b/eng/dependabot/independent/Versions.props index ba6d198fa16..8e6a36da093 100644 --- a/eng/dependabot/independent/Versions.props +++ b/eng/dependabot/independent/Versions.props @@ -12,7 +12,7 @@ 5.0.0 - 13.0.3 + 13.0.4 11.0.0 4.0.0.3 4.0.0.2