Release Candidate for 2.1.2: Update CI/CD actions and improve recv module documentation for next stable#551
Open
reactive-firewall wants to merge 50 commits into
Open
Release Candidate for 2.1.2: Update CI/CD actions and improve recv module documentation for next stable#551reactive-firewall wants to merge 50 commits into
reactive-firewall wants to merge 50 commits into
Conversation
This work resolves GHI #375 Changes in file multicast/recv.py: * Documented private variables with _w_ prefix in the recv module docstrings.
* these changes are part of the review of PR #529 Changes in file multicast/recv.py: * minore rewording for technical accuracy.
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 6.2.0 to 6.3.0. - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](actions/setup-go@7a3fe6c...4b73464) --- updated-dependencies: - dependency-name: actions/setup-go dependency-version: 6.3.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [reactive-firewall/shellcheck-scan](https://github.com/reactive-firewall/shellcheck-scan) from 1.2 to 2.2. - [Release notes](https://github.com/reactive-firewall/shellcheck-scan/releases) - [Commits](reactive-firewall/shellcheck-scan@ececa89...50ac9fb) --- updated-dependencies: - dependency-name: reactive-firewall/shellcheck-scan dependency-version: '2.2' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.32.3 to 4.32.5. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@9e907b5...c793b71) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.32.5 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
[STYLE] Also update shellcheck-scan version comment (-WIP PR #535 -) Signed-off-by: Mr. Walls <reactive-firewall@users.noreply.github.com>
* This change is related to GHI #375
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 6.0.0 to 7.0.0. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@b7c566a...bbbca2d) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 7.0.0 to 8.0.0. - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](actions/download-artifact@37930b1...70fc10c) --- updated-dependencies: - dependency-name: actions/download-artifact dependency-version: 8.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
… PR #536 -) Changes in file .github/actions/run-minimal-acceptance-tests/action.yml: * bump actions/upload-artifact to v7.0.0 Changes in file .github/actions/setup-py-reqs/action.yml: * bump actions/upload-artifact to v7.0.0 Changes in file .github/actions/test-reporter-upload/action.yml: * bump actions/upload-artifact to v7.0.0 Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <support@github.com>
Changes in file .github/actions/checkout-and-rebuild/action.yml: * version bump actions/download-artifact to v8.0.0 Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <support@github.com>
…igest mismatch (- WIP PR #537 -) Changes in file .github/actions/checkout-and-rebuild/action.yml: * configure to error on digest mismatch Changes in file .github/workflows/CI-CHGLOG.yml: * configure to error on digest mismatch Changes in file .github/workflows/CI-DOCS.yml: * configure to error on digest mismatch Changes in file .github/workflows/CI-MATs.yml: * configure to error on digest mismatch Changes in file .github/workflows/Tests.yml: * configure to error on digest mismatch
Changes in file .github/actions/checkout-and-rebuild/action.yml: * Version Bumps Changes in file .github/actions/run-minimal-acceptance-tests/action.yml: * Version Bumps Changes in file .github/actions/setup-py-reqs/action.yml: * Version Bumps Changes in file .github/actions/test-reporter-upload/action.yml: * Version Bumps Changes in file .github/workflows/CI-BUILD.yml: * Version Bumps Changes in file .github/workflows/CI-CHGLOG.yml: * Version Bumps Changes in file .github/workflows/CI-DOCS.yml: * Version Bumps Changes in file .github/workflows/CI-MATs.yml: * Version Bumps Changes in file .github/workflows/Tests.yml: * Version Bumps Changes in file .github/workflows/codeql-analysis.yml: * Version Bumps Changes in file .github/workflows/scorecard.yml: * Version Bumps Changes in file .github/workflows/shellcheck.yml: * Version Bumps Changes in file multicast/recv.py: * Improved documentation slightly
…#534 -) Changes in file .github/workflows/makefile-lint.yml: * Version bump setup-go to v6.3.0
Bumps [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance) from 3.2.0 to 4.1.0. - [Release notes](https://github.com/actions/attest-build-provenance/releases) - [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md) - [Commits](actions/attest-build-provenance@96278af...a2bbfa2) --- updated-dependencies: - dependency-name: actions/attest-build-provenance dependency-version: 4.1.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [reactive-firewall/shellcheck-scan](https://github.com/reactive-firewall/shellcheck-scan) from 2.2 to 2.3. - [Release notes](https://github.com/reactive-firewall/shellcheck-scan/releases) - [Commits](reactive-firewall/shellcheck-scan@50ac9fb...9e32395) --- updated-dependencies: - dependency-name: reactive-firewall/shellcheck-scan dependency-version: '2.3' dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.32.5 to 4.32.6. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@c793b71...0d579ff) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.32.6 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Changes in file .github/workflows/CI-BUILD.yml: * use actions/attest@59d8942 - 4.1.0 instead of wrapper
* These changes close PR #540 * These changes also close PR #541 * These changes also close PR #542 Changes in file .github/workflows/CI-BUILD.yml: * Migrated to just actions/attest v4.1.0 from attest-providence-build Changes in file .github/workflows/codeql-analysis.yml: * version bump code-ql to version 4.32.6 Changes in file .github/workflows/scorecard.yml: * version bump code-ql to version 4.32.6 Changes in file .github/workflows/shellcheck.yml: * version bump shellcheck-scan to version 2.3
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 8.0.0 to 8.0.1. - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](actions/download-artifact@70fc10c...3e5f45b) --- updated-dependencies: - dependency-name: actions/download-artifact dependency-version: 8.0.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [actions/cache](https://github.com/actions/cache) from 5.0.3 to 5.0.4. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](actions/cache@cdf6c1f...6682284) --- updated-dependencies: - dependency-name: actions/cache dependency-version: 5.0.4 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.32.6 to 4.35.1. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@0d579ff...c10b806) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.35.1 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 5.5.2 to 6.0.0. - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](codecov/codecov-action@671740a...57e3a13) --- updated-dependencies: - dependency-name: codecov/codecov-action dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 6.3.0 to 6.4.0. - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](actions/setup-go@4b73464...4a36011) --- updated-dependencies: - dependency-name: actions/setup-go dependency-version: 6.4.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
… PR #543 -) Changes in file .github/actions/checkout-and-rebuild/action.yml: * bump download-artifact to v8.0.1
…rtifact to v7.0.1 (- WIP PR #552 -) * This resolves the review of PR #552 Changes in file .github/actions/run-minimal-acceptance-tests/action.yml: * also update actions/upload-artifact to v7.0.1 Changes in file .github/actions/setup-py-reqs/action.yml: * also update actions/upload-artifact to v7.0.1 Changes in file .github/actions/test-reporter-upload/action.yml: * also update actions/upload-artifact to v7.0.1 Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <support@github.com>
|
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
Actionable comments posted: 1
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In @.github/workflows/CI-BUILD.yml:
- Line 249: The workflow grants the broad "artifact-metadata: write" permission
which is only required when actions/attest@v4.1.0 is invoked with optional
features like push-to-registry or create-storage-record; remove the
"artifact-metadata: write" entry (the permission key "artifact-metadata") from
the permissions block in CI-BUILD.yml unless you actually enable those options
for actions/attest@v4.1.0, or, if needed, scope it conditionally to only the job
that runs actions/attest and ensure the attest step configuration includes
push-to-registry/create-storage-record when the permission is kept.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Repository YAML (base), Repository UI (inherited)
Review profile: ASSERTIVE
Plan: Pro
Run ID: 601ecfc1-4d31-495e-987d-efb85a58d493
📒 Files selected for processing (9)
.github/actions/run-minimal-acceptance-tests/action.yml.github/actions/setup-py-reqs/action.yml.github/actions/test-reporter-upload/action.yml.github/workflows/CI-BUILD.yml.github/workflows/CI-CHGLOG.yml.github/workflows/CI-DOCS.yml.github/workflows/CI-MATs.yml.github/workflows/Tests.yml.github/workflows/scorecard.yml
Codecov Report✅ All modified and coverable lines are covered by tests. 📢 Thoughts on this report? Let us know! |
Bumps [actions/labeler](https://github.com/actions/labeler) from 6.0.1 to 6.1.0. - [Release notes](https://github.com/actions/labeler/releases) - [Commits](actions/labeler@634933e...f27b608) --- updated-dependencies: - dependency-name: actions/labeler dependency-version: 6.1.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.35.1 to 4.35.4. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@c10b806...68bde55) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.35.4 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Changes in file .github/workflows/Labeler.yml: * version bump GHA labler to v6.1 Changes in file .github/workflows/codeql-analysis.yml: * version bump GHA code-ql to 4.35.4 Changes in file .github/workflows/scorecard.yml: * version bump GHA code-ql to 4.35.4
|
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 6.0.0 to 7.0.0. - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](codecov/codecov-action@57e3a13...fb8b358) --- updated-dependencies: - dependency-name: codecov/codecov-action dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.35.4 to 4.36.2. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@68bde55...8aad20d) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.36.2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [actions/checkout](https://github.com/actions/checkout) from 6.0.2 to 7.0.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@de0fac2...9c091bb) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Four GitHub Actions workflow dependencies have been updated to their latest versions, addressing performance improvements, security patches, and compatibility enhancements. --- **[#554] pypa/gh-action-pypi-publish: 1.13.0 -> 1.14.0** - `verbose` and `print-hash` inputs now enabled by default for better visibility - Documentation updates clarifying PEP 740 stability - Internal dependency bumps (sigstore, pypi-attestations) - Type annotation infrastructure improvements **[#564] codecov/codecov-action: 6.0.0 -> 7.0.0** - Security note: GPG key migration (keybase to codesec ops) - Removed Enforce License Compliance workflow - Template injection vulnerability fix (VULN-1652) - Improved OIDC support for private registries - Python analysis on GHES optimized with standard library models **[#565] github/codeql-action: 4.35.4 -> 4.36.2** - CLI version caching across Actions steps for performance - Exponential backoff implementation for SARIF processing polling - CodeQL bundle updated to v2.25.6 - SHA-256 Git object ID support - Improved incremental analysis integration **[#566] actions/checkout: 6.0.2 -> 7.0.0** - Breaking change: Blocks fork PR checkout for `pull_request_target` and `workflow_run` events - Module upgraded to ESM with modernized dependencies - Enhanced Node.js compatibility (v24 support) - Improved SHA-256 repository support --- - **actions/checkout v7.0.0** introduces security enforcement for fork PR handling - **codecov/codecov-action v7.0.0** GPG key transition (no functional impact) - **github/codeql-action v4.36.0** requires CodeQL bundle 2.19.4 All PRs are open and ready for merge. Compatibility scores are acceptable across all updates.
Signed-off-by: Mr. Walls <reactive-firewall@users.noreply.github.com>
Changes in file .github/tools/fetch-test-reporter: * fix regression for CI/CD with newer homebrew
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Patch Notes
Impacted GHI
Included and Superseded PR/MRs