Skip to content

update expo fp version #3

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
arys merged 2 commits into from
Sep 24, 2024
Merged

update expo fp version #3

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
aa21b71
update expo fp version
arys Sep 24, 2024
af56515
add tagpr
arys Sep 24, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
151 changes: 0 additions & 151 deletions .github/workflows/ci.yml
View file
Open in desktop

This file was deleted.

13 changes: 13 additions & 0 deletions .github/workflows/tagpr.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
name: tagpr
on:
push:
branches: ["main"]
jobs:
tagpr:
permissions: write-all
Comment on lines +5 to +7
Copy link

@coderabbitai coderabbitai bot Sep 24, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Consider restricting permissions.

While the job name "tagpr" is consistent with the workflow name, the "write-all" permission is very broad. It's generally recommended to follow the principle of least privilege.

Consider restricting the permissions to only what's necessary for the tagpr action. For example:

permissions:
  contents: write
  pull-requests: write

This would allow the action to create tags, releases, and pull requests without granting unnecessary permissions.

runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: Songmu/tagpr@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
Comment on lines +11 to +13
Copy link

@coderabbitai coderabbitai bot Sep 24, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Consider using a more specific version of tagpr and add a comment explaining its purpose.

While using the tagpr action is good for automated versioning and tagging, and the GITHUB_TOKEN usage is secure, there are a couple of suggestions:

  1. It's generally better to pin to a more specific version of actions to avoid unexpected changes. Consider using a specific minor or patch version.
  2. Add a comment explaining the purpose of this action for better maintainability.

Here's a suggested improvement:

    - name: Run tagpr
      uses: Songmu/tagpr@v1.1.1  # Pin to a specific version
      env:
        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
      # This action automates versioning and tagging based on conventional commits

Also, ensure that your commit messages follow the conventional commits format for this action to work effectively.

6 changes: 3 additions & 3 deletions android/build.gradle
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -91,10 +91,10 @@ dependencies {
implementation "com.facebook.react:react-native:+"
implementation "org.jetbrains.kotlin:kotlin-stdlib:$kotlin_version"

implementation 'com.expofp:common:4.4.3'
implementation 'com.expofp:fplan:4.4.3'
implementation 'com.expofp:common:4.6.0'
implementation 'com.expofp:fplan:4.6.0'

implementation 'com.expofp:crowdconnected:4.4.3'
implementation 'com.expofp:crowdconnected:4.6.0'
implementation 'net.crowdconnected.android.core:android-core:1.5.1'
implementation 'net.crowdconnected.android.ips:android-ips:1.5.1'
implementation 'net.crowdconnected.android.geo:android-geo:1.5.1'
Expand Down