Skip to content

ci(release): Switch from action-prepare-release to Craft #707

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
BYK wants to merge 6 commits into
base: main
Choose a base branch
from
Open

ci(release): Switch from action-prepare-release to Craft #707

BYK wants to merge 6 commits into from

Conversation

@BYK
Copy link
Member

@BYK BYK commented Jan 9, 2026

Summary

This PR migrates from the deprecated action-prepare-release to the new Craft GitHub Actions.

Changes

  • Migrated .github/workflows/release.yml to Craft reusable workflow

Documentation

See https://getsentry.github.io/craft/github-actions/ for more information.

@BYK
ci(release): Switch from action-prepare-release to Craft
7833606 
This PR migrates from the deprecated action-prepare-release to the new
Craft GitHub Actions (reusable workflow or composite action).

Changes:
- Migrate .github/workflows/release.yml to Craft reusable workflow
@github-actions
Copy link

github-actions bot commented Jan 9, 2026
edited
Loading

Semver Impact of This PR

🟢 Patch (bug fixes)

📋 Changelog Preview

This is how your changes will appear in the changelog.
Entries from this PR are highlighted with a left border (blockquote style).

New Features ✨

Cloudflare

  • Add /mcp.json metadata endpoint by dcramer in #691
  • Add Amp and OpenCode IDE integrations by dcramer in #690

Other

  • (tools) Add user feedback support to search_issues by jshchnz in #697

Bug Fixes 🐛

Cloudflare

  • Simplify OpenCode oauth config to empty object by codyde in #694
  • Add oauth scope to OpenCode remote config by codyde in #692

Other

  • (ci) Handle fork PR permissions for check runs and comments by dcramer in #701
  • (landing) Scrollbar offset fix by PickleNik in #704
  • (oauth) RFC8707 resource param validation by geoffg-sentry in #608

Build / dependencies / internal 🔧

  • (cloudflare) Co-locate IDE integration instructions and add URL state persistence by dcramer in #693
  • (release) Switch from action-prepare-release to Craft by BYK in #707
  • Expand Claude Code default permissions by dcramer in #703

Other

  • Correct spelling of 'Github' to 'GitHub' by bruno-garcia in #699

🤖 This preview updates automatically when you update the PR.

github-advanced-security[bot]
github-advanced-security bot found potential problems Jan 9, 2026
View reviewed changes
@BYK
ci(release): Restore GitHub App token authentication
3f57768 
The previous migration incorrectly removed the GitHub App token
authentication step. This commit restores it by switching to the
composite action pattern which preserves the auth flow.
cursor[bot]
cursor bot reviewed Jan 9, 2026
View reviewed changes
@dcramer
Copy link
Member

dcramer commented Jan 10, 2026

will defer to you on this one, try the fix-bugs etc flows we added to the sentry skill tho migh be helpful (also deslop is helpful potentially)

cursor[bot]
cursor bot reviewed Jan 10, 2026
View reviewed changes
.github/workflows/deploy.yml Outdated

steps:
- uses: actions/checkout@v4
- uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v2
Copy link

@cursor cursor bot Jan 10, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Checkout action downgraded from v4 to v2

High Severity

The actions/checkout action is being changed from @v4 to a SHA with comment # v2 across multiple workflow files. This represents a significant version downgrade. Version 2 uses deprecated Node.js 12 (EOL since 2022), which may cause deprecation warnings or failures in GitHub Actions runners. The correct SHA for v4 (or newer) should be used instead. This affects deploy.yml, eval.yml, merge-jobs.yml, release.yml, smoke-tests.yml, test.yml, and token-cost.yml.

🔬 Verification Test

Why verification test was not possible: This is a GitHub Actions workflow configuration issue that cannot be verified through local testing. The bug is evident from the diff itself - the comment # v2 explicitly indicates the SHA corresponds to actions/checkout version 2, while the previous configuration used @v4. The impact would only be visible when the workflows run on GitHub's infrastructure, where Node 12 deprecation warnings or errors would occur.

Additional Locations (2)

Fix in Cursor Fix in Web

@BYK BYK deployed to Actions January 10, 2026 02:01 — with GitHub Actions Active
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cursor cursor[bot] cursor[bot] left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@BYK @dcramer