Commit graph

39 commits

Author SHA1 Message Date
dependabot[bot]
f0538a1d06 github: bump cachix/install-nix-action from 16 to 17
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 16 to 17.
- [Release notes](https://github.com/cachix/install-nix-action/releases)
- [Commits](d56f3ce9be...d64e055310)

---
updated-dependencies:
- dependency-name: cachix/install-nix-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-04-07 09:26:26 -07:00
dependabot[bot]
243836ebf3 github: bump github/codeql-action from 2.1.6 to 2.1.7
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.6 to 2.1.7.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](28eead2408...0182a2c78c)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-04-06 09:46:28 -07:00
dependabot[bot]
e34dfe00df github: bump github/codeql-action from 1.1.5 to 2.1.6
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 1.1.5 to 2.1.6.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](8834766498...28eead2408)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-30 09:32:32 -07:00
Martin von Zweigbergk
eff615998f github: add reminder in PR template about updating the changelog 2022-03-23 09:57:42 -07:00
Martin von Zweigbergk
b4e6fab1af github: restrict Clippy's access again
It seems "checks" is the permissions it needs to be able to comment on
pull-requests.
2022-03-18 22:51:25 -07:00
dependabot[bot]
36a575ccbf github: bump actions-rs/cargo from 1.0.1 to 1.0.3
Bumps [actions-rs/cargo](https://github.com/actions-rs/cargo) from 1.0.1 to 1.0.3.
- [Release notes](https://github.com/actions-rs/cargo/releases)
- [Changelog](https://github.com/actions-rs/cargo/blob/master/CHANGELOG.md)
- [Commits](ae10961054...844f36862e)

---
updated-dependencies:
- dependency-name: actions-rs/cargo
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-18 08:53:12 -07:00
dependabot[bot]
bde79f7a60 github: bump actions-rs/toolchain from 1.0.6 to 1.0.7
Bumps [actions-rs/toolchain](https://github.com/actions-rs/toolchain) from 1.0.6 to 1.0.7.
- [Release notes](https://github.com/actions-rs/toolchain/releases)
- [Changelog](https://github.com/actions-rs/toolchain/blob/master/CHANGELOG.md)
- [Commits](b2417cde72...16499b5e05)

---
updated-dependencies:
- dependency-name: actions-rs/toolchain
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-18 08:45:06 -07:00
Martin von Zweigbergk
53721f7d25 github: pin cachix/install-nix-action version by hash 2022-03-17 09:19:12 -07:00
Martin von Zweigbergk
23c92ccf45 github: pin actions-rs/clippy-check version by hash 2022-03-17 09:19:12 -07:00
Martin von Zweigbergk
de56053531 github: pin actions-rs/toolchain version by hash 2022-03-17 09:19:12 -07:00
Martin von Zweigbergk
d6967fd690 github: pin actions/upload-release-asset version by hash 2022-03-17 09:19:12 -07:00
Martin von Zweigbergk
13f7354cfe github: pin actions-rs/cargo version by hash 2022-03-17 09:19:12 -07:00
Martin von Zweigbergk
b36e50c09d github: pin actions/checkout version by hash 2022-03-17 09:19:12 -07:00
dependabot[bot]
4fab28ffc6 github: bump actions/checkout from 2 to 3
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-16 22:57:55 -07:00
dependabot[bot]
5f3877fc6b github: bump actions/upload-release-asset from 1.0.1 to 1.0.2
Bumps [actions/upload-release-asset](https://github.com/actions/upload-release-asset) from 1.0.1 to 1.0.2.
- [Release notes](https://github.com/actions/upload-release-asset/releases)
- [Commits](https://github.com/actions/upload-release-asset/compare/v1.0.1...v1.0.2)

---
updated-dependencies:
- dependency-name: actions/upload-release-asset
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-16 21:56:45 -07:00
dependabot[bot]
3f7daa6b04 github: bump actions/upload-artifact from 2.3.1 to 3
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 2.3.1 to 3.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](82c141cc51...6673cd052c)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-16 21:55:06 -07:00
dependabot[bot]
51b12ff4b4 github: bump github/codeql-action from 1.0.26 to 1.1.5
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 1.0.26 to 1.1.5.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](5f53256358...8834766498)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-16 21:42:18 -07:00
dependabot[bot]
d90e7b93e8 github: bump cachix/install-nix-action from 14.1 to 16
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 14.1 to 16.
- [Release notes](https://github.com/cachix/install-nix-action/releases)
- [Commits](https://github.com/cachix/install-nix-action/compare/v14.1...v16)

---
updated-dependencies:
- dependency-name: cachix/install-nix-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-16 21:41:20 -07:00
Martin von Zweigbergk
8b6932f837 github: add a dependabot config
This was another security recommendation for projects by Google
employees.
2022-03-16 21:09:01 -07:00
Martin von Zweigbergk
b5659ec680 github: give Clippy action full permissions
I've found it hard to figure out which actions need which
permissions. GitHub doesn't seem to even document what the permissions
mean. So let's just give Clippy full access.
2022-03-16 20:28:54 -07:00
Martin von Zweigbergk
af76631021 github: set top-level permissions to readonly for all workflows
The new code scanner is complaining that actions have permissions to
do too much. It wasn't obvious to me what permissions the jobs need,
but let's see how this works.
2022-03-16 19:59:08 -07:00
Martin von Zweigbergk
73a0f72ffa github: new attempt at setting up automated release builds (#73)
My attempt at using rust-build/rust-build.action for release builds
(from bf21e65c5d) initially seemed promising. However, the produced
musl binary build segfaulted on my Debian machine. I don't know about
the Mac and Windows binaries. I then tried switching to building with
a vendored OpenSSL (cac93e2793), but then the build started failing
(https://github.com/martinvonz/jj/actions/runs/1978730621). I couldn't
figure out why it failed, so I decided to do the build in a more
manual way (without rust-build/rust-build.action), based on
https://github.com/gitext-rs/git-stack/blob/main/.github/workflows/post-release.yml
(thanks to @epage for the example and to @arxanas for the link). I
could simplify it a bit because I'm currently doing the releases via
the GitHub UI (epage's original triggers the release when a tag has
been pushed, IIUC). Let's hope that it works this time.
2022-03-16 11:25:59 -07:00
Martin von Zweigbergk
a8f334dc35 github: add OSSF Scorecards security scanner
This is a new recommendation for GitHub projects by Google employees.
2022-03-15 09:47:11 -07:00
Martin von Zweigbergk
43e1f42c63 github: include version number in issue template again
Now that we have a changelog and I plan to do releases once in a
while, it makes sense again to have the version number in the issue
template.
2022-03-12 23:34:37 -08:00
Martin von Zweigbergk
de5d0d44a7 github: clarify a few things in the issue template 2022-03-12 22:10:18 -08:00
Martin von Zweigbergk
bf21e65c5d github: attempt to build release using rust-build/rust-build.action (#73)
I just copied from the examples on
https://github.com/rust-build/rust-build.action. Let's see if it
works.
2022-03-12 22:10:18 -08:00
Martin von Zweigbergk
32e22831fc github: make CI check formatting
I've forgotten to run `rustfmt` many times (most recently in
5721436558), so let's have CI check for it.
2022-03-07 22:16:57 -08:00
Martin von Zweigbergk
e0cd81cab4 github: use actions-rs/cargo instead of run
From https://github.com/actions-rs/cargo#use-cases, it sounds like
errors may be presented in a nicer way if we use `actions-rs/cargo`
instead of a simple `run`, so let's try it.
2022-03-07 22:16:57 -08:00
Martin von Zweigbergk
f112b5225c github: use minimal profile for clippy actions
We should only need the `minimal` profile. Also, we already have
configured the action to use the `clippy` component, so I don't think
we need to explicitly add it with a separate `run` action.
2022-03-07 22:16:57 -08:00
Martin von Zweigbergk
384aa95901 github: update PR template to explain expectations
I think I got the current template from Google's open-sourcing
process, but I don't care about most of it (GitHub actions already
check that tests pass, for example). Let's instead tell contributors
that they don't need to write anything at all there and that they
should describe the changes in the commit message(s) instead.
2022-03-02 08:11:31 -08:00
Martin von Zweigbergk
0f245437a8 github: put repro steps first in issue template
I agree with @unrelentingtech's comment in #54 that the steps to
reproduce should come before the expected and actual behavior. I don't
know where I got the current template from. I think it was from
Google's process for open-sourcing the project.

I also removed the version field from the template for now since I
haven't started updating it regularly yet. I should start doing that.
2022-03-01 23:25:41 -08:00
Waleed Khan
38aee9f749 ci: add Clippy stable check
Currently, `main` has Clippy lint warnings on stable, but not on nightly.
2022-02-23 23:41:55 -08:00
Waleed Khan
b011805fc7 ci: use stable Rust for builds
We still use nightly Clippy to ensure that 1) it builds under nightly and 2) that we pick up any new lints.
2022-02-20 22:21:14 -08:00
Jelle Besseling
327ea5390d
Add nix check workflow 2022-02-20 21:48:51 +01:00
Martin von Zweigbergk
079b3543b5 github: set RUST_BACKTRACE when running tests 2021-06-13 22:20:09 -07:00
Martin von Zweigbergk
1941801055 github: add Clippy check to CI 2021-03-23 10:46:10 -07:00
Jun Wu
0fb59a5155 github: setup CI
Run tests on major platforms using GitHub actions.
2021-03-14 15:57:54 -07:00
Martin von Zweigbergk
1fa53a13b0 releasing: add missing trailing newlines to .github/ files 2020-12-11 23:44:55 -08:00
Martin von Zweigbergk
25caaa0081 Boilerplate for new Google open source project 2020-12-11 23:37:59 -08:00