15113b4bbb
5 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
dependabot[bot]
|
0da21be439
|
chore: bump tj-actions/changed-files from 41 to 46 in /.github/workflows (#39761)
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files) from 41 to 46. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tj-actions/changed-files/releases">tj-actions/changed-files's releases</a>.</em></p> <blockquote> <h2>v46</h2> <blockquote> <p>[!WARNING]<br /> <strong>Security Alert:</strong> A critical security issue was identified in this action due to a compromised commit.</p> <p>This commit has been <strong>removed</strong> from all tags and branches, and necessary measures have been implemented to prevent similar issues in the future.</p> <h4><strong>Action Required:</strong></h4> <ul> <li><strong>Review your workflows executed between March 14 and March 15.</strong> If you notice unexpected output under the <code>changed-files</code> section, decode it using the following command: <code>echo 'xxx' | base64 -d | base64 -d</code><br /> If the output contains sensitive information (e.g., tokens or secrets), <strong>revoke and rotate those secrets immediately</strong>.</li> <li><strong>If your workflows reference this commit directly by its SHA</strong>, you must update them immediately to avoid using the compromised version.</li> <li><strong>If you are using tagged versions</strong> (e.g., <code>v35</code>, <code>v44.5.1</code>), no action is required as these tags have been updated and are now safe to use.</li> </ul> <p>Additionally, as a precaution, we recommend rotating any secrets that may have been exposed during this timeframe to ensure the continued security of your workflows.</p> </blockquote> <h1>Changes in v46.0.1</h1> <h2>What's Changed</h2> <ul> <li>update: sync-release-version.yml to use signed commits by <a href="https://github.com/jackton1"><code>@jackton1</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2472">tj-actions/changed-files#2472</a></li> <li>Updated README.md by <a href="https://github.com/github-actions"><code>@github-actions</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2473">tj-actions/changed-files#2473</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/tj-actions/changed-files/compare/v46...v46.0.1">https://github.com/tj-actions/changed-files/compare/v46...v46.0.1</a></p> <hr /> <h1>Changes in v46.0.0</h1> <h2>What's Changed</h2> <ul> <li>docs: update docs to highlight security issues by <a href="https://github.com/jackton1"><code>@jackton1</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2465">tj-actions/changed-files#2465</a></li> <li>fix: update github workflow update-readme.yml by <a href="https://github.com/jackton1"><code>@jackton1</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2466">tj-actions/changed-files#2466</a></li> <li>fix: update permission in update-readme.yml workflow by <a href="https://github.com/jackton1"><code>@jackton1</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2467">tj-actions/changed-files#2467</a></li> <li>fix: update update-readme.yml to sign-commits by <a href="https://github.com/jackton1"><code>@jackton1</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2468">tj-actions/changed-files#2468</a></li> <li>Updated README.md by <a href="https://github.com/github-actions"><code>@github-actions</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2469">tj-actions/changed-files#2469</a></li> <li>update: sync-release-version.yml by <a href="https://github.com/jackton1"><code>@jackton1</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2471">tj-actions/changed-files#2471</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/github-actions"><code>@github-actions</code></a> made their first contribution in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2469">tj-actions/changed-files#2469</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/tj-actions/changed-files/compare/v45.0.5...v46.0.0">https://github.com/tj-actions/changed-files/compare/v45.0.5...v46.0.0</a></p> <h2>What's Changed</h2> <ul> <li>docs: update docs to highlight security issues by <a href="https://github.com/jackton1"><code>@jackton1</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2465">tj-actions/changed-files#2465</a></li> <li>fix: update github workflow update-readme.yml by <a href="https://github.com/jackton1"><code>@jackton1</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2466">tj-actions/changed-files#2466</a></li> <li>fix: update permission in update-readme.yml workflow by <a href="https://github.com/jackton1"><code>@jackton1</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2467">tj-actions/changed-files#2467</a></li> <li>fix: update update-readme.yml to sign-commits by <a href="https://github.com/jackton1"><code>@jackton1</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2468">tj-actions/changed-files#2468</a></li> <li>Updated README.md by <a href="https://github.com/github-actions"><code>@github-actions</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2469">tj-actions/changed-files#2469</a></li> <li>update: sync-release-version.yml by <a href="https://github.com/jackton1"><code>@jackton1</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2471">tj-actions/changed-files#2471</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/tj-actions/changed-files/compare/v45.0.5...v46.0.0">https://github.com/tj-actions/changed-files/compare/v45.0.5...v46.0.0</a></p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.0...v46.0.1">46.0.1</a> - (2025-03-16)</h1> <h2><!-- raw HTML omitted -->🔄 Update</h2> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2473">#2473</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a href=" |
||
|
Diljit
|
3cdb4a335c
|
chore: checkout the base branch instead of release in cyclic deps check (#39057)
## Description
The CI workflow for cyclic dependency checks has been modified to
reference the base branch instead of the release branch.
Fixes #`Issue Number`
_or_
Fixes `Issue URL`
> [!WARNING]
> _If no issue exists, please create an issue first, and check with the
maintainers if the issue is valid._
## Automation
/ok-to-test tags="@tag.Sanity"
### 🔍 Cypress test results
<!-- This is an auto-generated comment: Cypress test results -->
> [!WARNING]
> Tests have not run on the HEAD
b77d4bd8b0971cb36cd3c391ac40fa911f75950d yet
> <hr>Thu, 06 Feb 2025 07:18:10 UTC
<!-- end of auto-generated comment: Cypress test results -->
## Communication
Should the DevRel and Marketing teams inform users about this change?
- [ ] Yes
- [ ] No
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **Chores**
- Enhanced the automated cyclic dependency check to now use the pull
request’s target branch for comparisons.
- Updated naming and output labels in the workflow to provide clearer,
more accurate results.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
|
||
|
Diljit
|
46623172c4
|
chore: make cyclic deps check an error (#38543) | ||
|
Diljit
|
f19530d1a9
|
chore: Check for cyclic dependencies only for client file changes in a PR (#34154)
## Description The cyclic deps check workflow was running on all PRs. This PR skips the workflow when the client files are unchanged. Also log the cyclic deps in the workflow run to improve debugging experience. Fixes #`Issue Number` _or_ Fixes `Issue URL` > [!WARNING] > _If no issue exists, please create an issue first, and check with the maintainers if the issue is valid._ ## Automation /ok-to-test tags="@tag.Sanity" ### 🔍 Cypress test results <!-- This is an auto-generated comment: Cypress test results --> > [!TIP] > 🟢 🟢 🟢 All cypress tests have passed! 🎉 🎉 🎉 > Workflow run: <https://github.com/appsmithorg/appsmith/actions/runs/9468903312> > Commit: 83d6a9c8c40e5a5bb874ba82738fab7715cd5b7d > Cypress dashboard url: <a href="https://internal.appsmith.com/app/cypress-dashboard/rundetails-65890b3c81d7400d08fa9ee5?branch=master&workflowId=9468903312&attempt=1" target="_blank">Click here!</a> <!-- end of auto-generated comment: Cypress test results --> ## Communication Should the DevRel and Marketing teams inform users about this change? - [ ] Yes - [x] No <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit - **Chores** - Introduced conditional checks in CI workflow to optimize the execution of circular dependency checks based on changes in specific files. <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|
Diljit
|
1ceee16a75
|
chore: Add worklow to check cyclic deps in a PR (#33197)
## Description Add a GitHub workflow to compare the number of cyclic dependencies in a PR to the number in the release branch. If the PR introduces new cyclic dependencies, a comment should be posted in the conversation to alert the developer. Fixes #`Issue Number` _or_ Fixes `Issue URL` > [!WARNING] > _If no issue exists, please create an issue first, and check with the maintainers if the issue is valid._ ## Automation /ok-to-test tags="@tag.Sanity" ### 🔍 Cypress test results <!-- This is an auto-generated comment: Cypress test results --> > [!TIP] > 🟢 🟢 🟢 All cypress tests have passed! 🎉 🎉 🎉 > Workflow run: <https://github.com/appsmithorg/appsmith/actions/runs/9228474130> > Commit: c93f3e5df863ab7e2e287bf093a14a3f5f43e8e8 > Cypress dashboard url: <a href="https://internal.appsmith.com/app/cypress-dashboard/rundetails-65890b3c81d7400d08fa9ee5?branch=master&workflowId=9228474130&attempt=1" target="_blank">Click here!</a> <!-- end of auto-generated comment: Cypress test results --> ## Communication Should the DevRel and Marketing teams inform users about this change? - [ ] Yes - [ ] No |