Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump peter-evans/create-pull-request from 3.10.0 to 6.0.1 #1525

Closed
wants to merge 2 commits into from
Closed

Bump peter-evans/create-pull-request from 3.10.0 to 6.0.1 #1525

wants to merge 2 commits into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 4, 2024
edited
Loading

Changes

Bumps peter-evans/create-pull-request from 3.10.0 to 6.0.1.

Release notes

Sourced from peter-evans/create-pull-request's releases.

Create Pull Request v6.0.1

⚙️ Fixes an issue where updating a pull request leads to the error Cannot read properties of undefined (reading 'number'). This was likely caused by GitHub fixing a long standing bug with an API endpoint, resulting in a breaking change.

What's Changed

Full Changelog: peter-evans/create-pull-request@v6.0.0...v6.0.1

Create Pull Request v6.0.0

Behaviour changes

  • The default values for author and committer have changed. See "What's new" below for details. If you are overriding the default values you will not be affected by this change.
  • On completion, the action now removes the temporary git remote configuration it adds when using push-to-fork. This should not affect you unless you were using the temporary configuration for some other purpose after the action completes.

What's new

  • Updated runtime to Node.js 20
    • The action now requires a minimum version of v2.308.0 for the Actions runner. Update self-hosted runners to v2.308.0 or later to ensure compatibility.
  • The default value for author has been changed to ${{ github.actor }} <${{ github.actor_id }}+${{ github.actor }}@users.noreply.github.com>. The change adds the ${{ github.actor_id }}+ prefix to the email address to align with GitHub's standard format for the author email address.
  • The default value for committer has been changed to github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>. This is to align with the default GitHub Actions bot user account.
  • Adds input git-token, the Personal Access Token (PAT) that the action will use for git operations. This input defaults to the value of token. Use this input if you would like the action to use a different token for git operations than the one used for the GitHub API.
  • push-to-fork now supports pushing to sibling repositories in the same network.
  • Previously, when using push-to-fork, the action did not remove temporary git remote configuration it adds during execution. This has been fixed and the configuration is now removed when the action completes.
  • If the pull request body is truncated due to exceeding the maximum length, the action will now suffix the body with the message "...[Pull request body truncated]" to indicate that the body has been truncated.
  • The action now uses --unshallow only when necessary, rather than as a default argument of git fetch. This should improve performance, particularly for large git repositories with extensive commit history.
  • The action can now be executed on one GitHub server and create pull requests on a different GitHub server. Server products include GitHub hosted (github.com), GitHub Enterprise Server (GHES), and GitHub Enterprise Cloud (GHEC). For example, the action can be executed on GitHub hosted and create pull requests on a GHES or GHEC instance.

What's Changed

New Contributors

... (truncated)

Commits
  • a4f52f8 fix: list pulls using the correct head format (#2792)
  • 853c071 build(deps-dev): bump eslint from 8.56.0 to 8.57.0 (#2781)
  • d2c126e build(deps-dev): bump @​types/node from 18.19.17 to 18.19.18 (#2780)
  • 43d39c6 build(deps-dev): bump @​types/node from 18.19.15 to 18.19.17 (#2768)
  • 5a9d206 build(deps-dev): bump eslint-plugin-jest from 27.6.3 to 27.9.0 (#2769)
  • e0743ed build(deps-dev): bump @​types/node from 18.19.14 to 18.19.15 (#2759)
  • e1529cb build(deps): bump peter-evans/create-pull-request from 5 to 6 (#2747)
  • aad52e8 build(deps): bump peter-evans/slash-command-dispatch from 3 to 4 (#2748)
  • a64ebdd build(deps-dev): bump @​types/node from 18.19.10 to 18.19.14 (#2732)
  • 51b40af build(deps-dev): bump prettier from 3.2.4 to 3.2.5 (#2731)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Submitter Checklist

  • Includes tests if functionality changed/was added
  • Includes docs if changes are user-facing
  • Set a kind label on this PR
  • Release notes block has been filled in, or marked NONE

See the contributor guide
for details on coding conventions, github and prow interactions, and the code review process.

Release Notes

NONE

@dependabot dependabot bot added kind/dependency-change Categorizes issue or PR as related to changing dependencies release-note-none Label for when a PR does not need a release note labels Mar 4, 2024
@pull-request-size pull-request-size bot added the size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. label Mar 4, 2024
@HeavyWombat
Copy link
Contributor

@SaschaSchwarze0 @qu1queee Not sure about this one. I would actually say we should switch from the digest to a version number in the PR job to be consistent with other usage. Also, since it is bumping the major version, we need to check https://github.com/peter-evans/create-pull-request/releases first. Thoughts?

@SaschaSchwarze0
Copy link
Member

SaschaSchwarze0 commented Mar 5, 2024
edited
Loading

@SaschaSchwarze0 @qu1queee Not sure about this one. I would actually say we should switch from the digest to a version number in the PR job to be consistent with other usage. Also, since it is bumping the major version, we need to check https://github.com/peter-evans/create-pull-request/releases first. Thoughts?

Yeah, so, on this one I was not approving right away. Reason: all other actions (checkout, setup-go, setup-ko, etc) run as part of the PR actions. We therefore validated that they are still functional in the way we are using them with the new version. For this one, that is not the case. I assume it is used as part of the build strategy bump and/or the release logic where we PR an update to the readme to include the new tag. So yes, we need to be more careful in reading release notes.

@qu1queee
Copy link
Contributor

qu1queee commented Mar 7, 2024
edited
Loading

@HeavyWombat can you pls do the enhancement, from the digest to the version in .github/workflows/release.yaml ?

@HeavyWombat HeavyWombat requested review from SaschaSchwarze0 and removed request for HeavyWombat March 12, 2024 10:05
@HeavyWombat
Copy link
Contributor

@dependabot rebase

@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Mar 12, 2024

Looks like this PR has been edited by someone other than Dependabot. That means Dependabot can't rebase it - sorry!

If you're happy for Dependabot to recreate it from scratch, overwriting any edits, you can request @dependabot recreate.

dependabot bot and others added 2 commits March 12, 2024 11:06
@dependabot @HeavyWombat
Bump peter-evans/create-pull-request from 3.10.0 to 6.0.1
172b0df 
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 3.10.0 to 6.0.1.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](peter-evans/create-pull-request@v3.10.0...v6.0.1)

---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
@HeavyWombat
Use version tag instead of digest
8f5a858 
Use version tag `v6.0.1` instead of image has to be consistent with other use.

Signed-off-by: Matthias Diester <[email protected]>
@HeavyWombat HeavyWombat force-pushed the dependabot/github_actions/peter-evans/create-pull-request-6.0.1 branch from 7b042f9 to 8f5a858 Compare March 12, 2024 10:06
qu1queee
qu1queee approved these changes Mar 12, 2024
View reviewed changes
Copy link
Contributor

@qu1queee qu1queee left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm
/approve

@openshift-ci openshift-ci bot added the lgtm Indicates that a PR is ready to be merged. label Mar 12, 2024
@openshift-ci OpenShift CI
Copy link
Contributor

openshift-ci bot commented Mar 12, 2024

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: qu1queee

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci openshift-ci bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Mar 12, 2024
@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Mar 13, 2024

A newer version of peter-evans/create-pull-request exists, but since this PR has been edited by someone other than Dependabot I haven't updated it. You'll get a PR for the updated version as normal once this PR is merged.

@HeavyWombat
Copy link
Contributor

I needed to update the description for the release note linter to work, because it looks like the edit of the commits led to the author check in the Action to not register this as a Dependabot PR anymore.

@HeavyWombat HeavyWombat mentioned this pull request Mar 13, 2024
Merged
4 tasks
@HeavyWombat
Copy link
Contributor

@dependabot recreate

@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Mar 13, 2024

Looks like peter-evans/create-pull-request is up-to-date now, so this is no longer needed.

@dependabot dependabot bot closed this Mar 13, 2024
@dependabot dependabot bot deleted the dependabot/github_actions/peter-evans/create-pull-request-6.0.1 branch March 13, 2024 12:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@qu1queee qu1queee qu1queee approved these changes

@SaschaSchwarze0 SaschaSchwarze0 Awaiting requested review from SaschaSchwarze0

Assignees

@qu1queee qu1queee

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. kind/dependency-change Categorizes issue or PR as related to changing dependencies lgtm Indicates that a PR is ready to be merged. release-note-none Label for when a PR does not need a release note size/XS Denotes a PR that changes 0-9 lines, ignoring generated files.
Projects
Shipwright Overview
Status: Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@HeavyWombat @SaschaSchwarze0 @qu1queee