Carlos Alexandro Becker
5cc7ebb73d
ci: update actions
...
Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
2026-05-02 13:23:47 -03:00
dependabot[bot]
702f5f91c9
ci(deps): bump the actions group with 3 updates ( #560 )
...
Bumps the actions group with 3 updates: [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ), [actions/upload-artifact](https://github.com/actions/upload-artifact ) and [actions/setup-node](https://github.com/actions/setup-node ).
Updates `sigstore/cosign-installer` from 3.9.2 to 4.1.1
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](d58896d6a1...cad07c2e89https://github.com/actions/upload-artifact/releases )
- [Commits](bbbca2ddaa...043fb46d1ahttps://github.com/actions/setup-node/releases )
- [Commits](a0853c2454...48b55a011b
2026-05-02 12:25:51 -03:00
Carlos Alexandro Becker
4068afa2f0
build: drop docker-bake in favor of plain npm ( #551 )
...
* build: drop docker-bake in favor of plain npm
Every TypeScript action maintained by actions/* (checkout, setup-node,
setup-go, cache, upload-artifact) uses plain npm scripts. The bake
setup is a docker/* org convention and adds friction for TS work:
contributors need Docker, the dev loop is ~10x slower than npm, and
Alpine-vs-host byte drift in dist/index.js makes PRs bounce.
Replace with the standard pattern:
- .node-version pins Node 24 so contributors and CI agree
- npm scripts (build, lint, format, test, pre-checkin) replace bake
targets one-for-one
- validate.yml runs lint + a check-dist diff (mirrors actions/setup-node)
and a vendor check that npm install --package-lock-only is a no-op
- test.yml uses setup-node + sigstore/cosign-installer, drops bake-action
- dependabot-build.yml regenerates dist via npm instead of bake
CONTRIBUTING.md and README development section updated to match.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* build: align scripts and workflows with actions/* convention
Match the standard layout used by actions/checkout, actions/setup-node,
etc.:
- package.json scripts: split format/format-check (Prettier) from
lint/lint:fix (ESLint), and have pre-checkin run all four (format,
lint:fix, build, test) in that order.
- validate.yml lint job runs format-check + lint as separate steps.
- test.yml drops the redundant --coverage flag (now in the test script).
- Drop dependabot-build.yml: actions/* don't auto-rebuild dist on
dependabot PRs; the check-dist style validate / build job catches
drift and a maintainer rebuilds locally if needed.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
---------
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-04-18 15:22:23 -03:00
dependabot[bot]
2a473d70e3
ci(deps): bump the actions group with 5 updates ( #546 )
...
* ci(deps): bump the actions group with 5 updates
Bumps the actions group with 5 updates:
| Package | From | To |
| --- | --- | --- |
| [actions/setup-go](https://github.com/actions/setup-go ) | `6.3.0` | `6.4.0` |
| [crazy-max/ghaction-import-gpg](https://github.com/crazy-max/ghaction-import-gpg ) | `6.3.0` | `7.0.0` |
| [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) | `3.12.0` | `4.0.0` |
| [docker/bake-action](https://github.com/docker/bake-action ) | `6.10.0` | `7.0.0` |
| [codecov/codecov-action](https://github.com/codecov/codecov-action ) | `5.5.2` | `6.0.0` |
Updates `actions/setup-go` from 6.3.0 to 6.4.0
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](4b73464bb3...4a3601121dhttps://github.com/crazy-max/ghaction-import-gpg/releases )
- [Commits](e89d40939c...2dc316deeehttps://github.com/docker/setup-buildx-action/releases )
- [Commits](8d2750c68a...4d04d5d948https://github.com/docker/bake-action/releases )
- [Commits](5be5f02ff8...82490499d2https://github.com/codecov/codecov-action/releases )
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md )
- [Commits](671740ac38...57e3a136b7
2026-04-03 10:21:16 -03:00
dependabot[bot]
4c34bd9582
ci(deps): bump actions/checkout from 6.0.1 to 6.0.2 in the actions group ( #534 )
...
Bumps the actions group with 1 update: [actions/checkout](https://github.com/actions/checkout ).
Updates `actions/checkout` from 6.0.1 to 6.0.2
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](8e8c483db8...de0fac2e45
2026-01-26 08:38:43 -03:00
dependabot[bot]
aacbb7ffbc
ci(deps): bump the actions group across 1 directory with 4 updates ( #532 )
...
Bumps the actions group with 4 updates in the / directory: [actions/checkout](https://github.com/actions/checkout ), [actions/setup-go](https://github.com/actions/setup-go ), [actions/upload-artifact](https://github.com/actions/upload-artifact ) and [codecov/codecov-action](https://github.com/codecov/codecov-action ).
Updates `actions/checkout` from 6.0.0 to 6.0.1
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](1af3b93b68...8e8c483db8https://github.com/actions/setup-go/releases )
- [Commits](4dc6199c7b...7a3fe6cf4chttps://github.com/actions/upload-artifact/releases )
- [Commits](330a01c490...b7c566a772https://github.com/codecov/codecov-action/releases )
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md )
- [Commits](5a1091511a...671740ac38
2026-01-19 14:51:40 -03:00
dependabot[bot]
d31d51ab55
ci(deps): bump docker/bake-action in the actions group ( #526 )
...
Bumps the actions group with 1 update: [docker/bake-action](https://github.com/docker/bake-action ).
Updates `docker/bake-action` from 6.9.0 to 6.10.0
- [Release notes](https://github.com/docker/bake-action/releases )
- [Commits](3acf805d94...5be5f02ff8
2025-12-01 14:36:18 -03:00
dependabot[bot]
f3511a2bf5
ci(deps): bump the actions group with 2 updates ( #523 )
...
Bumps the actions group with 2 updates: [actions/checkout](https://github.com/actions/checkout ) and [actions/setup-go](https://github.com/actions/setup-go ).
Updates `actions/checkout` from 5.0.0 to 6.0.0
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](08c6903cd8...1af3b93b68https://github.com/actions/setup-go/releases )
- [Commits](4469467582...4dc6199c7b
2025-11-27 08:47:44 -03:00
Carlos Alexandro Becker
aab47043d0
sec: pin github action versions ( #514 )
...
using caarlos0/pinata
Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
2025-11-05 14:27:48 +01:00
dependabot[bot]
35b9a27f96
chore(deps): bump actions/checkout from 4 to 5 ( #504 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4 to 5.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v4...v5 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-version: '5'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-08-14 10:17:53 -03:00
CrazyMax
90c43f2c19
ci: set contents read as default workflow permissions ( #494 )
2025-03-30 23:00:02 +02:00
CrazyMax
9c156ee8a1
ci: update bake-action to v6 ( #493 )
2025-03-30 13:08:41 +02:00
dependabot[bot]
d33b6f6aea
chore(deps): bump docker/bake-action from 4 to 5 ( #468 )
...
Bumps [docker/bake-action](https://github.com/docker/bake-action ) from 4 to 5.
- [Release notes](https://github.com/docker/bake-action/releases )
- [Commits](https://github.com/docker/bake-action/compare/v4...v5 )
---
updated-dependencies:
- dependency-name: docker/bake-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-18 09:43:31 -03:00
dependabot[bot]
9d3b418705
chore(deps): bump docker/bake-action from 3 to 4 ( #436 )
...
Bumps [docker/bake-action](https://github.com/docker/bake-action ) from 3 to 4.
- [Release notes](https://github.com/docker/bake-action/releases )
- [Commits](https://github.com/docker/bake-action/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: docker/bake-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-13 14:20:40 -03:00
K.B.Dharun Krishna
81d9ad7185
feat: bump to use node20 runtime, actions/checkout to v4 ( #430 )
2023-09-05 09:10:35 -03:00
CrazyMax
7e0ddfe79f
ci: split test and validate workflow ( #413 )
...
* ci: split test and validate workflow
* ci: concurrency check
---------
Co-authored-by: CrazyMax <crazy-max@users.noreply.github.com>
2023-05-07 13:32:12 +02:00
