Commit graph

65 commits

Author SHA1 Message Date
dependabot[bot]
7c90f9e18d github: bump github/codeql-action from 2.1.17 to 2.1.18
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.17 to 2.1.18.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](0c670bbf04...2ca79b6fa8)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-08-05 18:43:38 +02:00
dependabot[bot]
514fd83663 github: bump github/codeql-action from 2.1.16 to 2.1.17
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.16 to 2.1.17.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](3e7e3b32d0...0c670bbf04)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-07-29 21:10:07 +02:00
dependabot[bot]
5b31e019cf github: bump github/codeql-action from 2.1.15 to 2.1.16
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.15 to 2.1.16.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](3f62b754e2...3e7e3b32d0)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-07-13 08:54:19 -07:00
dependabot[bot]
40293b5f9a github: bump github/codeql-action from 2.1.14 to 2.1.15
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.14 to 2.1.15.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](41a4ada31b...3f62b754e2)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-06-30 12:53:45 +08:00
dependabot[bot]
54de880845 github: bump ossf/scorecard-action from 1.1.1 to 1.1.2
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 1.1.1 to 1.1.2.
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](3e15ea8318...ce330fde6b)

---
updated-dependencies:
- dependency-name: ossf/scorecard-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-06-29 06:28:31 +08:00
dependabot[bot]
784692007f github: bump github/codeql-action from 2.1.13 to 2.1.14
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.13 to 2.1.14.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](d00e8c09a3...41a4ada31b)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-06-27 06:25:48 +08:00
dependabot[bot]
42f24521ad github: bump github/codeql-action from 2.1.12 to 2.1.13
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.12 to 2.1.13.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](27ea8f8fe5...d00e8c09a3)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-06-22 04:11:32 +07:00
Martin von Zweigbergk
39fc56dafb github: include reminder about docs in PR template 2022-06-09 22:43:53 -07:00
dependabot[bot]
92b1ae8006 github: bump github/codeql-action from 2.1.11 to 2.1.12
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.11 to 2.1.12.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](a3a6c128d7...27ea8f8fe5)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-06-02 08:59:28 -07:00
dependabot[bot]
2905eb390b github: bump ossf/scorecard-action from 1.1.0 to 1.1.1
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 1.1.0 to 1.1.1.
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](5c8bc69dc8...3e15ea8318)

---
updated-dependencies:
- dependency-name: ossf/scorecard-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-06-01 09:07:00 -07:00
dependabot[bot]
9a2502f6b0 github: bump ossf/scorecard-action from 1.0.4 to 1.1.0
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 1.0.4 to 1.1.0.
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](c1aec4ac82...5c8bc69dc8)

---
updated-dependencies:
- dependency-name: ossf/scorecard-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-05-26 08:36:59 -07:00
Martin von Zweigbergk
ac82ad892e github: fail CI on clippy warnings 2022-05-25 11:44:22 -07:00
dependabot[bot]
5d8f7dd0ce github: bump actions/upload-artifact from 3.0.0 to 3.1.0
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3.0.0 to 3.1.0.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](6673cd052c...3cea537223)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-05-20 09:08:59 -07:00
dependabot[bot]
cbe370fdd9 github: bump github/codeql-action from 2.1.10 to 2.1.11
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.10 to 2.1.11.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](2f58583a1b...a3a6c128d7)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-05-17 09:07:56 -07:00
dependabot[bot]
1e55b790eb github: bump github/codeql-action from 2.1.9 to 2.1.10
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.9 to 2.1.10.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](7502d6e991...2f58583a1b)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-05-13 08:41:27 -07:00
Martin von Zweigbergk
31041ef46c github: trigger all builds on main branch, and PR for any branch
The conditions for triggering Nix builds and other builds were
slightly different.

Nix builds triggered by PRs happened on PRs for any branch, not just
the `main` branch. That makes very little difference in practice
because PRs for other branches are very rare. Still, let's be
consistent. I decided to trigger the builds on PRs for any branch.

More importantly, Nix builds triggered by push were only done for
pushes to `master`, which is not what our main branch is called, so
those never happened.
2022-05-06 11:56:50 -07:00
Martin von Zweigbergk
36ae9421ad github: don't override nixpkgs version (use the lock file's version)
I don't know what it was overridden here, but it meant that CI didn't
notice that the package was broken (#299).
2022-05-05 11:14:08 -07:00
Martin von Zweigbergk
ffc57310f6 cargo: upgrade protobuf crates to 3.0.1
The biggest difference in the API is that fields are now public. The
exception from that is `oneof` fields, which still require setters and
getters.

I couldn't measure any difference in performance. I didn't expect any
difference either, but it's good that it didn't seem to regress. I
timed `jj debug operation <some hash prefix>`, which will read the
whole operation log (to check that the prefix is unambiguous).
2022-05-04 17:02:11 -07:00
Martin von Zweigbergk
efa77fd024 github: run clippy on all targets (including tests and benches) 2022-05-03 15:41:03 -07:00
Martin von Zweigbergk
cce2ca06e2 github: stop running nightly clippy
It seems fine to wait for the clippy lints to graduate before we run
them if we can save a bit of GitHub resources.
2022-05-03 15:41:03 -07:00
dependabot[bot]
aff2293e1d github: bump github/codeql-action from 2.1.8 to 2.1.9
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.8 to 2.1.9.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](1ed1437484...7502d6e991)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-04-28 08:49:42 -07:00
dependabot[bot]
6076c01d20 github: bump actions/checkout from 3.0.1 to 3.0.2
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.0.1 to 3.0.2.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](dcd71f6466...2541b1294d)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-04-21 09:10:26 -07:00
Martin von Zweigbergk
5e729eced7 github: also run tests on our MSRV (1.58)
This patch sets up an additional CI strategy running tests on 1.58, to
make sure we don't accidentally use newer features. I've only made it
run on one platform (Linux) to avoid wasting resources. There's of
course a small risk that we start depending on platform-specific APIs
from newer versions.
2022-04-19 16:47:42 -07:00
dependabot[bot]
32a39c52e1 github: bump actions/checkout from 3.0.0 to 3.0.1
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.0.0 to 3.0.1.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](a12a3943b4...dcd71f6466)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-04-15 08:53:12 -07:00
dependabot[bot]
d9c8f49d91 github: bump github/codeql-action from 2.1.7 to 2.1.8
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.7 to 2.1.8.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](0182a2c78c...1ed1437484)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-04-08 08:46:41 -07:00
Waleed Khan
672f9e85cb github: remove complete directory for releases
This directory doesn't seem to do anything.
2022-04-08 06:08:32 -07:00
dependabot[bot]
f0538a1d06 github: bump cachix/install-nix-action from 16 to 17
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 16 to 17.
- [Release notes](https://github.com/cachix/install-nix-action/releases)
- [Commits](d56f3ce9be...d64e055310)

---
updated-dependencies:
- dependency-name: cachix/install-nix-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-04-07 09:26:26 -07:00
dependabot[bot]
243836ebf3 github: bump github/codeql-action from 2.1.6 to 2.1.7
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.6 to 2.1.7.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](28eead2408...0182a2c78c)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-04-06 09:46:28 -07:00
dependabot[bot]
e34dfe00df github: bump github/codeql-action from 1.1.5 to 2.1.6
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 1.1.5 to 2.1.6.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](8834766498...28eead2408)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-30 09:32:32 -07:00
Martin von Zweigbergk
eff615998f github: add reminder in PR template about updating the changelog 2022-03-23 09:57:42 -07:00
Martin von Zweigbergk
b4e6fab1af github: restrict Clippy's access again
It seems "checks" is the permissions it needs to be able to comment on
pull-requests.
2022-03-18 22:51:25 -07:00
dependabot[bot]
36a575ccbf github: bump actions-rs/cargo from 1.0.1 to 1.0.3
Bumps [actions-rs/cargo](https://github.com/actions-rs/cargo) from 1.0.1 to 1.0.3.
- [Release notes](https://github.com/actions-rs/cargo/releases)
- [Changelog](https://github.com/actions-rs/cargo/blob/master/CHANGELOG.md)
- [Commits](ae10961054...844f36862e)

---
updated-dependencies:
- dependency-name: actions-rs/cargo
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-18 08:53:12 -07:00
dependabot[bot]
bde79f7a60 github: bump actions-rs/toolchain from 1.0.6 to 1.0.7
Bumps [actions-rs/toolchain](https://github.com/actions-rs/toolchain) from 1.0.6 to 1.0.7.
- [Release notes](https://github.com/actions-rs/toolchain/releases)
- [Changelog](https://github.com/actions-rs/toolchain/blob/master/CHANGELOG.md)
- [Commits](b2417cde72...16499b5e05)

---
updated-dependencies:
- dependency-name: actions-rs/toolchain
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-18 08:45:06 -07:00
Martin von Zweigbergk
53721f7d25 github: pin cachix/install-nix-action version by hash 2022-03-17 09:19:12 -07:00
Martin von Zweigbergk
23c92ccf45 github: pin actions-rs/clippy-check version by hash 2022-03-17 09:19:12 -07:00
Martin von Zweigbergk
de56053531 github: pin actions-rs/toolchain version by hash 2022-03-17 09:19:12 -07:00
Martin von Zweigbergk
d6967fd690 github: pin actions/upload-release-asset version by hash 2022-03-17 09:19:12 -07:00
Martin von Zweigbergk
13f7354cfe github: pin actions-rs/cargo version by hash 2022-03-17 09:19:12 -07:00
Martin von Zweigbergk
b36e50c09d github: pin actions/checkout version by hash 2022-03-17 09:19:12 -07:00
dependabot[bot]
4fab28ffc6 github: bump actions/checkout from 2 to 3
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-16 22:57:55 -07:00
dependabot[bot]
5f3877fc6b github: bump actions/upload-release-asset from 1.0.1 to 1.0.2
Bumps [actions/upload-release-asset](https://github.com/actions/upload-release-asset) from 1.0.1 to 1.0.2.
- [Release notes](https://github.com/actions/upload-release-asset/releases)
- [Commits](https://github.com/actions/upload-release-asset/compare/v1.0.1...v1.0.2)

---
updated-dependencies:
- dependency-name: actions/upload-release-asset
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-16 21:56:45 -07:00
dependabot[bot]
3f7daa6b04 github: bump actions/upload-artifact from 2.3.1 to 3
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 2.3.1 to 3.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](82c141cc51...6673cd052c)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-16 21:55:06 -07:00
dependabot[bot]
51b12ff4b4 github: bump github/codeql-action from 1.0.26 to 1.1.5
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 1.0.26 to 1.1.5.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](5f53256358...8834766498)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-16 21:42:18 -07:00
dependabot[bot]
d90e7b93e8 github: bump cachix/install-nix-action from 14.1 to 16
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 14.1 to 16.
- [Release notes](https://github.com/cachix/install-nix-action/releases)
- [Commits](https://github.com/cachix/install-nix-action/compare/v14.1...v16)

---
updated-dependencies:
- dependency-name: cachix/install-nix-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-16 21:41:20 -07:00
Martin von Zweigbergk
8b6932f837 github: add a dependabot config
This was another security recommendation for projects by Google
employees.
2022-03-16 21:09:01 -07:00
Martin von Zweigbergk
b5659ec680 github: give Clippy action full permissions
I've found it hard to figure out which actions need which
permissions. GitHub doesn't seem to even document what the permissions
mean. So let's just give Clippy full access.
2022-03-16 20:28:54 -07:00
Martin von Zweigbergk
af76631021 github: set top-level permissions to readonly for all workflows
The new code scanner is complaining that actions have permissions to
do too much. It wasn't obvious to me what permissions the jobs need,
but let's see how this works.
2022-03-16 19:59:08 -07:00
Martin von Zweigbergk
73a0f72ffa github: new attempt at setting up automated release builds (#73)
My attempt at using rust-build/rust-build.action for release builds
(from bf21e65c5d) initially seemed promising. However, the produced
musl binary build segfaulted on my Debian machine. I don't know about
the Mac and Windows binaries. I then tried switching to building with
a vendored OpenSSL (cac93e2793), but then the build started failing
(https://github.com/martinvonz/jj/actions/runs/1978730621). I couldn't
figure out why it failed, so I decided to do the build in a more
manual way (without rust-build/rust-build.action), based on
https://github.com/gitext-rs/git-stack/blob/main/.github/workflows/post-release.yml
(thanks to @epage for the example and to @arxanas for the link). I
could simplify it a bit because I'm currently doing the releases via
the GitHub UI (epage's original triggers the release when a tag has
been pushed, IIUC). Let's hope that it works this time.
2022-03-16 11:25:59 -07:00
Martin von Zweigbergk
a8f334dc35 github: add OSSF Scorecards security scanner
This is a new recommendation for GitHub projects by Google employees.
2022-03-15 09:47:11 -07:00
Martin von Zweigbergk
43e1f42c63 github: include version number in issue template again
Now that we have a changelog and I plan to do releases once in a
while, it makes sense again to have the version number in the issue
template.
2022-03-12 23:34:37 -08:00