Skip to content
This repository was archived by the owner on Feb 25, 2025. It is now read-only.

Add dependabot github-actions group #56468

Merged
merged 1 commit into from
Nov 11, 2024
Merged

Add dependabot github-actions group #56468

merged 1 commit into from
Nov 11, 2024

Conversation

jmagman
Copy link
Member

@jmagman jmagman commented Nov 9, 2024
edited
Loading

.github/dependabot.yml configures dependabot to update the uses dependencies needed to run github actions.

For example, dependabot opened #56191 and updated all the .github/workflows/ yaml files to point to the latest version of actions/checkout

Add a dependabot group so all github action dependencies are updated in the same PR, instead of one-per-dependency. For example, if there were an update for actions/checkout and actions/setup-python, dependabot will send out one PR updating both instead of one PR per dependency.

engine/.github/workflows/third_party_scan.yml

Lines 23 to 28 in 35041f1

- name: "Checkout code"
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
with:
persist-credentials: false
- name: "setup python"
uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b

New PRs from dependenabot will look like:

Screenshot 2024-11-08 at 11 08 52 AM

See also flutter/packages#8044 and flutter/flutter#158408

Pre-launch Checklist

  • I read the Contributor Guide and followed the process outlined there for submitting PRs.
  • I read the Tree Hygiene wiki page, which explains my responsibilities.
  • I read and followed the Flutter Style Guide and the C++, Objective-C, Java style guides.
  • I listed at least one issue that this PR fixes in the description above.
  • I added new tests to check the change I am making or feature I am adding, or the PR is test-exempt. See testing the engine for instructions on writing and running engine tests.
  • I updated/added relevant documentation (doc comments with ///).
  • I signed the CLA.
  • All existing and new tests are passing.

If you need help, consider asking for advice on the #hackers-new channel on Discord.

@jmagman jmagman self-assigned this Nov 11, 2024
@jmagman jmagman marked this pull request as ready for review November 11, 2024 23:01
@jmagman jmagman requested review from jtmcdole and zanderso November 11, 2024 23:05
zanderso
zanderso approved these changes Nov 11, 2024
View reviewed changes
Copy link
Member

@zanderso zanderso left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice.

@jmagman jmagman added the autosubmit Merge PR when tree becomes green via auto submit App label Nov 11, 2024
@auto-submit auto-submit bot merged commit a672f97 into flutter:main Nov 11, 2024
28 checks passed
@auto-submit auto-submit bot removed the autosubmit Merge PR when tree becomes green via auto submit App label Nov 11, 2024
@jmagman jmagman deleted the dependabot branch November 12, 2024 00:26
@engine-flutter-autoroll engine-flutter-autoroll mentioned this pull request Nov 12, 2024
Merged
engine-flutter-autoroll added a commit to engine-flutter-autoroll/flutter that referenced this pull request Nov 12, 2024
@engine-flutter-autoroll
a672f971c Add dependabot github-actions group (flutter/engine#56468)
1fc3382
auto-submit bot pushed a commit to flutter/flutter that referenced this pull request Nov 12, 2024
@engine-flutter-autoroll
Roll Flutter Engine from 35041f118744 to a672f971c659 (1 revision) (#…
9ba6e94 
…158487)

flutter/engine@35041f1...a672f97

2024-11-11 [email protected] Add dependabot github-actions group (flutter/engine#56468)

If this roll has caused a breakage, revert this CL and stop the roller
using the controls here:
https://autoroll.skia.org/r/flutter-engine-flutter-autoroll
Please CC [email protected],[email protected] on the revert to ensure that a human
is aware of the problem.

To file a bug in Flutter: https://github.com/flutter/flutter/issues/new/choose

To report a problem with the AutoRoller itself, please file a bug:
https://issues.skia.org/issues/new?component=1389291&template=1850622

Documentation for the AutoRoller is here:
https://skia.googlesource.com/buildbot/+doc/main/autoroll/README.md
nick9822 pushed a commit to nick9822/flutter that referenced this pull request Dec 18, 2024
@jmagman
Add dependabot github-actions group (flutter/engine#56468)
67eb4ae 
`.github/dependabot.yml` configures dependabot to update the `uses` dependencies needed to run github actions.  

For example, dependabot opened flutter/engine#56191 and updated all the `.github/workflows/` yaml files to point to the latest version of `actions/checkout`

Add a dependabot `group` so all github action dependencies are updated in the same PR, instead of one-per-dependency.  For example, if there were an update for `actions/checkout` and `actions/setup-python`, dependabot will send out one PR updating both instead of one PR per dependency.
https://github.com/flutter/engine/blob/0d965cb949f105aafc3d3ba20f71e38e170355d0/.github/workflows/third_party_scan.yml#L23-L28

New PRs from dependenabot will look like:
__________

<img width="400" alt="Screenshot 2024-11-08 at 11 08 52�AM" src="https://github.com/user-attachments/assets/eebedf69-3fae-409b-9c88-c3afc8036c52">

__________

See also flutter/packages#8044 and flutter#158408

[C++, Objective-C, Java style guides]: https://github.com/flutter/engine/blob/main/CONTRIBUTING.md#style
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@jtmcdole jtmcdole jtmcdole approved these changes

@zanderso zanderso zanderso approved these changes

Assignees

@jmagman jmagman

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@jmagman @jtmcdole @zanderso