Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update GitHub workflow actions #94

Merged
merged 3 commits into from
Aug 3, 2024
Merged

Update GitHub workflow actions #94

merged 3 commits into from
Aug 3, 2024

Conversation

Marcono1234
Copy link
Contributor

checkout@v3 is outdated and currently shows the following warning for your workflow runs:

The following actions uses Node.js version which is deprecated and will be forced to run on node20: actions/checkout@v3. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/

There is also a new version for cargo-deny-action: v2.0.0
Should I update that as well? And update deny.toml to match the current template?

As side note: You can configure Dependabot to automatically create PRs for updating the used actions.

@hiltontj
Copy link
Owner

hiltontj commented Aug 3, 2024

@Marcono1234 - thanks for the PR!

There is also a new version for cargo-deny-action: v2.0.0
Should I update that as well? And update deny.toml to match the current template?

Certainly, feel free to do it on this PR or a follow-on, up to you 🙂

As side note: You can configure Dependabot to automatically create PRs for updating the used actions.

Thank you for mentioning that. Would you be willing to open a PR to add the dependabot.yml file? If not I will try to find some time in the coming weeks.

Marcono1234
Marcono1234 commented Aug 3, 2024
View reviewed changes
deny.toml
@@ -94,8 +88,6 @@ ignore = [
# More documentation for the licenses section can be found here:
# https://embarkstudios.github.io/cargo-deny/checks/licenses/cfg.html
[licenses]
# The lint level for crates which do not have a detectable license
unlicensed = "deny"
# List of explicitly allowed licenses
# See https://spdx.org/licenses/ for list of possible licenses
# [possible values: any SPDX 3.11 short identifier (+ optional exception)].
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If I see it correctly, the licenses.allow here was the only thing you manually changed from https://github.com/EmbarkStudios/cargo-deny/blob/0.14.4/deny.template.toml#L102-L106 (?). So I kept those manual changes.

Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, that's correct. I wanted to keep the allow list explicit so it can be expanded as needed.

Marcono1234
Marcono1234 commented Aug 3, 2024
View reviewed changes
deny.toml
Comment on lines -266 to +239
github = [""]
github = []
# 1 or more gitlab.com organizations to allow git sources for
gitlab = [""]
gitlab = []
# 1 or more bitbucket.org organizations to allow git sources for
bitbucket = [""]
bitbucket = []
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

See EmbarkStudios/cargo-deny#688

Marcono1234
Marcono1234 commented Aug 3, 2024
View reviewed changes
deny.toml
Comment on lines +1 to +2
# Based on https://github.com/EmbarkStudios/cargo-deny/blob/0.16.0/deny.template.toml
# (diff with that version to see what has been manually changed here)
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I took everything from that template, except for the manual changes mentioned by my other GitHub comments.

@Marcono1234 Marcono1234 mentioned this pull request Aug 3, 2024
Merged
hiltontj
hiltontj approved these changes Aug 3, 2024
View reviewed changes
Copy link
Owner

@hiltontj hiltontj left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks good - thanks @Marcono1234 🚀

deny.toml
@@ -94,8 +88,6 @@ ignore = [
# More documentation for the licenses section can be found here:
# https://embarkstudios.github.io/cargo-deny/checks/licenses/cfg.html
[licenses]
# The lint level for crates which do not have a detectable license
unlicensed = "deny"
# List of explicitly allowed licenses
# See https://spdx.org/licenses/ for list of possible licenses
# [possible values: any SPDX 3.11 short identifier (+ optional exception)].
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, that's correct. I wanted to keep the allow list explicit so it can be expanded as needed.

@hiltontj hiltontj merged commit 49e1c4b into hiltontj:main Aug 3, 2024
5 checks passed
@Marcono1234 Marcono1234 deleted the workflow-actions-update branch August 4, 2024 16:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@hiltontj hiltontj hiltontj approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Marcono1234 @hiltontj