This is an automated email from the ASF dual-hosted git repository.
winterhazel pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/cloudstack.git
The following commit(s) were added to refs/heads/main by this push:
new cbc1ae73880 Bump the github-actions-dependencies group across 1
directory with 9 updates (#13042)
cbc1ae73880 is described below
commit cbc1ae738803544ba52c7072f81d0dc3847786de
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
AuthorDate: Thu May 7 10:06:32 2026 -0300
Bump the github-actions-dependencies group across 1 directory with 9
updates (#13042)
Bumps the github-actions-dependencies group with 9 updates in the /
directory:
| Package | From | To |
| --- | --- | --- |
| [codecov/codecov-action](https://github.com/codecov/codecov-action) | `4`
| `6` |
| [github/codeql-action](https://github.com/github/codeql-action) | `3` |
`4` |
| [github/gh-aw](https://github.com/github/gh-aw) | `0.45.0` | `0.71.1` |
| [actions/github-script](https://github.com/actions/github-script) |
`8.0.0` | `9.0.0` |
| [actions/upload-artifact](https://github.com/actions/upload-artifact) |
`6.0.0` | `7.0.1` |
| [actions/download-artifact](https://github.com/actions/download-artifact)
| `6.0.0` | `8.0.1` |
| [docker/login-action](https://github.com/docker/login-action) | `2` | `4`
|
|
[eps1lon/actions-label-merge-conflict](https://github.com/eps1lon/actions-label-merge-conflict)
| `2.0.0` | `3.0.3` |
| [actions/setup-node](https://github.com/actions/setup-node) | `5` | `6` |
Updates `codecov/codecov-action` from 4 to 6
- [Release notes](https://github.com/codecov/codecov-action/releases)
-
[Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/codecov/codecov-action/compare/v4...v6)
Updates `github/codeql-action` from 3 to 4
- [Release notes](https://github.com/github/codeql-action/releases)
-
[Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v3...v4)
Updates `github/gh-aw` from 0.45.0 to 0.71.1
- [Release notes](https://github.com/github/gh-aw/releases)
- [Changelog](https://github.com/github/gh-aw/blob/main/CHANGELOG.md)
-
[Commits](https://github.com/github/gh-aw/compare/58d1d157fbac0f1204798500faefc4f7461ebe28...f01a9d118afa6e306f3645ca31e43f4ea8fb4d22)
Updates `actions/github-script` from 8.0.0 to 9.0.0
- [Release notes](https://github.com/actions/github-script/releases)
-
[Commits](https://github.com/actions/github-script/compare/ed597411d8f924073f98dfc5c65a23a2325f34cd...3a2844b7e9c422d3c10d287c895573f7108da1b3)
Updates `actions/upload-artifact` from 6.0.0 to 7.0.1
- [Release notes](https://github.com/actions/upload-artifact/releases)
-
[Commits](https://github.com/actions/upload-artifact/compare/b7c566a772e6b6bfb58ed0dc250532a479d7789f...043fb46d1a93c77aae656e7c1c64a875d1fc6a0a)
Updates `actions/download-artifact` from 6.0.0 to 8.0.1
- [Release notes](https://github.com/actions/download-artifact/releases)
-
[Commits](https://github.com/actions/download-artifact/compare/018cc2cf5baa6db3ef3c5f8a56943fffe632ef53...3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c)
Updates `docker/login-action` from 2 to 4
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/v2...v4)
Updates `eps1lon/actions-label-merge-conflict` from 2.0.0 to 3.0.3
- [Release
notes](https://github.com/eps1lon/actions-label-merge-conflict/releases)
-
[Changelog](https://github.com/eps1lon/actions-label-merge-conflict/blob/main/CHANGELOG.md)
-
[Commits](https://github.com/eps1lon/actions-label-merge-conflict/compare/v2.0.0...v3.0.3)
Updates `actions/setup-node` from 5 to 6
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/v5...v6)
---
updated-dependencies:
- dependency-name: actions/download-artifact
dependency-version: 8.0.1
dependency-type: direct:production
update-type: version-update:semver-major
dependency-group: github-actions-dependencies
- dependency-name: actions/github-script
dependency-version: 9.0.0
dependency-type: direct:production
update-type: version-update:semver-major
dependency-group: github-actions-dependencies
- dependency-name: actions/setup-node
dependency-version: '6'
dependency-type: direct:production
update-type: version-update:semver-major
dependency-group: github-actions-dependencies
- dependency-name: actions/upload-artifact
dependency-version: 7.0.1
dependency-type: direct:production
update-type: version-update:semver-major
dependency-group: github-actions-dependencies
- dependency-name: codecov/codecov-action
dependency-version: '6'
dependency-type: direct:production
update-type: version-update:semver-major
dependency-group: github-actions-dependencies
- dependency-name: docker/login-action
dependency-version: '4'
dependency-type: direct:production
update-type: version-update:semver-major
dependency-group: github-actions-dependencies
- dependency-name: eps1lon/actions-label-merge-conflict
dependency-version: 3.0.3
dependency-type: direct:production
update-type: version-update:semver-major
dependency-group: github-actions-dependencies
- dependency-name: github/codeql-action
dependency-version: 4.35.1
dependency-type: direct:production
update-type: version-update:semver-major
dependency-group: github-actions-dependencies
- dependency-name: github/gh-aw
dependency-version: 0.68.1
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: github-actions-dependencies
...
Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot]
<49699333+dependabot[bot]@users.noreply.github.com>
---
.github/workflows/ci.yml | 2 +-
.github/workflows/codecov.yml | 2 +-
.github/workflows/codeql-analysis.yml | 6 +--
.github/workflows/daily-repo-status.lock.yml | 62 +++++++++++------------
.github/workflows/docker-cloudstack-simulator.yml | 2 +-
.github/workflows/issue-triage-agent.lock.yml | 62 +++++++++++------------
.github/workflows/merge-conflict-checker.yml | 2 +-
.github/workflows/ui.yml | 4 +-
8 files changed, 71 insertions(+), 71 deletions(-)
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index df60179ceb5..48735341d6a 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -341,7 +341,7 @@ jobs:
echo -e "Simulator CI Test Results: (only failures listed)\n"
python3 ./tools/marvin/xunit-reader.py integration-test-results/
- - uses: codecov/codecov-action@v4
+ - uses: codecov/codecov-action@v6
with:
files: jacoco-coverage.xml
fail_ci_if_error: true
diff --git a/.github/workflows/codecov.yml b/.github/workflows/codecov.yml
index 88b10ac9178..0ee10baa385 100644
--- a/.github/workflows/codecov.yml
+++ b/.github/workflows/codecov.yml
@@ -49,7 +49,7 @@ jobs:
cd nonoss && bash -x install-non-oss.sh && cd ..
mvn -P quality -Dsimulator -Dnoredist clean install -T$(nproc)
- - uses: codecov/codecov-action@v4
+ - uses: codecov/codecov-action@v6
with:
files: ./client/target/site/jacoco-aggregate/jacoco.xml
fail_ci_if_error: true
diff --git a/.github/workflows/codeql-analysis.yml
b/.github/workflows/codeql-analysis.yml
index 31a8746b85a..cb1fa88a102 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -37,12 +37,12 @@ jobs:
- name: Checkout repository
uses: actions/checkout@v6
- name: Initialize CodeQL
- uses: github/codeql-action/init@v3
+ uses: github/codeql-action/init@v4
with:
languages: ${{ matrix.language }}
- name: Autobuild
- uses: github/codeql-action/autobuild@v3
+ uses: github/codeql-action/autobuild@v4
- name: Perform CodeQL Analysis
- uses: github/codeql-action/analyze@v3
+ uses: github/codeql-action/analyze@v4
with:
category: "Security"
diff --git a/.github/workflows/daily-repo-status.lock.yml
b/.github/workflows/daily-repo-status.lock.yml
index 1d7e7eecd14..35eb5d409a4 100644
--- a/.github/workflows/daily-repo-status.lock.yml
+++ b/.github/workflows/daily-repo-status.lock.yml
@@ -54,11 +54,11 @@ jobs:
comment_repo: ""
steps:
- name: Setup
- uses:
github/gh-aw/actions/setup@58d1d157fbac0f1204798500faefc4f7461ebe28 # v0.45.
+ uses:
github/gh-aw/actions/setup@f01a9d118afa6e306f3645ca31e43f4ea8fb4d22 # v0.45.
with:
destination: /opt/gh-aw/
- name: Check workflow file
- uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd #
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 #
env:
GH_AW_WORKFLOW_FILE: "daily-repo-status.lock.yml"
with:
@@ -96,7 +96,7 @@ jobs:
secret_verification_result: ${{
steps.validate-secret.outputs.verification_result }}
steps:
- name: Setup
- uses:
github/gh-aw/actions/setup@58d1d157fbac0f1204798500faefc4f7461ebe28 # v0.45.
+ uses:
github/gh-aw/actions/setup@f01a9d118afa6e306f3645ca31e43f4ea8fb4d22 # v0.45.
with:
destination: /opt/gh-aw/
- name: Checkout
@@ -120,7 +120,7 @@ jobs:
id: checkout-
if: |
github.event.
- uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd #
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 #
env:
GH_TOKEN: ${{ secrets.GH_AW_GITHUB_MCP_SERVER_TOKEN ||
secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
with:
@@ -132,7 +132,7 @@ jobs:
await main();
- name: Generate agentic run
id:
- uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd #
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 #
with:
script: |
const fs = require('fs');
@@ -469,7 +469,7 @@ jobs:
}
- name: Generate workflow
- uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd #
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 #
with:
script: |
const { generateWorkflowOverview } =
require('/opt/gh-aw/actions/generate_workflow_overview.cjs');
@@ -559,7 +559,7 @@ jobs:
{{#runtime-import .github/workflows/daily-repo-status.md}}
- name: Substitute
- uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd #
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 #
env:
GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.
GH_AW_GITHUB_ACTOR: ${{ github.actor }}
@@ -589,7 +589,7 @@ jobs:
}
});
- name: Interpolate variables and render
- uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd #
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 #
env:
GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.
with:
@@ -667,7 +667,7 @@ jobs:
bash /opt/gh-aw/actions/stop_mcp_gateway.sh "$GATEWAY_PID"
- name: Redact secrets in
if: always()
- uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd #
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 #
with:
script: |
const { setupGlobals } =
require('/opt/gh-aw/actions/setup_globals.cjs');
@@ -682,7 +682,7 @@ jobs:
SECRET_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Upload Safe
if: always()
- uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f
# v6.0.
+ uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a
# v6.0.
with:
name: safe-
path: ${{ env.GH_AW_SAFE_OUTPUTS }}
@@ -690,7 +690,7 @@ jobs:
- name: Ingest agent
id:
if: always()
- uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd #
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 #
env:
GH_AW_SAFE_OUTPUTS: ${{ env.GH_AW_SAFE_OUTPUTS }}
GH_AW_ALLOWED_DOMAINS:
"api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,github.com,host.docker.internal,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,ocsp
[...]
@@ -704,13 +704,13 @@ jobs:
await main();
- name: Upload sanitized agent
if: always() && env.
- uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f
# v6.0.
+ uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a
# v6.0.
with:
name: agent-
path: ${{ env.GH_AW_AGENT_OUTPUT }}
if-no-files-found:
- name: Upload engine output
- uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f
# v6.0.
+ uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a
# v6.0.
with:
name:
path: |
@@ -719,7 +719,7 @@ jobs:
if-no-files-found:
- name: Parse agent logs for step
if: always()
- uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd #
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 #
env:
GH_AW_AGENT_OUTPUT: /tmp/gh-aw/sandbox/agent/logs/
with:
@@ -730,7 +730,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step
if: always()
- uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd #
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 #
with:
script: |
const { setupGlobals } =
require('/opt/gh-aw/actions/setup_globals.cjs');
@@ -755,7 +755,7 @@ jobs:
- name: Upload agent
if: always()
continue-on-error:
- uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f
# v6.0.
+ uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a
# v6.0.
with:
name: agent-
path: |
@@ -784,12 +784,12 @@ jobs:
total_count: ${{ steps.missing_tool.outputs.total_count }}
steps:
- name: Setup
- uses:
github/gh-aw/actions/setup@58d1d157fbac0f1204798500faefc4f7461ebe28 # v0.45.
+ uses:
github/gh-aw/actions/setup@f01a9d118afa6e306f3645ca31e43f4ea8fb4d22 # v0.45.
with:
destination: /opt/gh-aw/
- name: Download agent output
continue-on-error:
- uses:
actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.
+ uses:
actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v6.0.
with:
name: agent-
path: /tmp/gh-aw/safeoutputs/
@@ -800,7 +800,7 @@ jobs:
echo "GH_AW_AGENT_OUTPUT=/tmp/gh-aw/safeoutputs/agent_output.json"
>> "$GITHUB_ENV"
- name: Process No-Op
id:
- uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd #
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 #
env:
GH_AW_AGENT_OUTPUT: ${{ env.GH_AW_AGENT_OUTPUT }}
GH_AW_NOOP_MAX:
@@ -816,7 +816,7 @@ jobs:
await main();
- name: Record Missing
id:
- uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd #
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 #
env:
GH_AW_AGENT_OUTPUT: ${{ env.GH_AW_AGENT_OUTPUT }}
GH_AW_WORKFLOW_NAME: "Daily Repo Status"
@@ -831,7 +831,7 @@ jobs:
await main();
- name: Handle Agent
id:
- uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd #
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 #
env:
GH_AW_AGENT_OUTPUT: ${{ env.GH_AW_AGENT_OUTPUT }}
GH_AW_WORKFLOW_NAME: "Daily Repo Status"
@@ -851,7 +851,7 @@ jobs:
await main();
- name: Handle No-Op
id:
- uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd #
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 #
env:
GH_AW_AGENT_OUTPUT: ${{ env.GH_AW_AGENT_OUTPUT }}
GH_AW_WORKFLOW_NAME: "Daily Repo Status"
@@ -881,18 +881,18 @@ jobs:
success: ${{ steps.parse_results.outputs.success }}
steps:
- name: Setup
- uses:
github/gh-aw/actions/setup@58d1d157fbac0f1204798500faefc4f7461ebe28 # v0.45.
+ uses:
github/gh-aw/actions/setup@f01a9d118afa6e306f3645ca31e43f4ea8fb4d22 # v0.45.
with:
destination: /opt/gh-aw/
- name: Download agent
continue-on-error:
- uses:
actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.
+ uses:
actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v6.0.
with:
name: agent-
path: /tmp/gh-aw/threat-detection/
- name: Download agent output
continue-on-error:
- uses:
actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.
+ uses:
actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v6.0.
with:
name: agent-
path: /tmp/gh-aw/threat-detection/
@@ -902,7 +902,7 @@ jobs:
run: |
echo "Agent output-types: $AGENT_OUTPUT_TYPES"
- name: Setup threat
- uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd #
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 #
env:
WORKFLOW_NAME: "Daily Repo Status"
WORKFLOW_DESCRIPTION: "This workflow creates daily repo status
reports. It gathers recent repository\nactivity (issues, PRs, discussions,
releases, code changes) and generates\nengaging GitHub issues with productivity
insights, community highlights,\nand project recommendations."
@@ -955,7 +955,7 @@ jobs:
XDG_CONFIG_HOME: /home/
- name: Parse threat detection
id:
- uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd #
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 #
with:
script: |
const { setupGlobals } =
require('/opt/gh-aw/actions/setup_globals.cjs');
@@ -964,7 +964,7 @@ jobs:
await main();
- name: Upload threat detection
if: always()
- uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f
# v6.0.
+ uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a
# v6.0.
with:
name: threat-detection.
path: /tmp/gh-aw/threat-detection/detection.
@@ -993,12 +993,12 @@ jobs:
process_safe_outputs_temporary_id_map: ${{
steps.process_safe_outputs.outputs.temporary_id_map }}
steps:
- name: Setup
- uses:
github/gh-aw/actions/setup@58d1d157fbac0f1204798500faefc4f7461ebe28 # v0.45.
+ uses:
github/gh-aw/actions/setup@f01a9d118afa6e306f3645ca31e43f4ea8fb4d22 # v0.45.
with:
destination: /opt/gh-aw/
- name: Download agent output
continue-on-error:
- uses:
actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.
+ uses:
actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v6.0.
with:
name: agent-
path: /tmp/gh-aw/safeoutputs/
@@ -1009,7 +1009,7 @@ jobs:
echo "GH_AW_AGENT_OUTPUT=/tmp/gh-aw/safeoutputs/agent_output.json"
>> "$GITHUB_ENV"
- name: Process Safe
id:
- uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd #
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 #
env:
GH_AW_AGENT_OUTPUT: ${{ env.GH_AW_AGENT_OUTPUT }}
GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG:
"{\"create_issue\":{\"labels\":[\"report\",\"daily-status\"],\"max\":1,\"title_prefix\":\"[repo-status]
\"},\"missing_data\":{},\"missing_tool\":{}}"
diff --git a/.github/workflows/docker-cloudstack-simulator.yml
b/.github/workflows/docker-cloudstack-simulator.yml
index 8d23ac449dd..96c9400935c 100644
--- a/.github/workflows/docker-cloudstack-simulator.yml
+++ b/.github/workflows/docker-cloudstack-simulator.yml
@@ -38,7 +38,7 @@ jobs:
runs-on: ubuntu-22.04
steps:
- name: Login to Docker Registry
- uses: docker/login-action@v2
+ uses: docker/login-action@v4
with:
registry: ${{ secrets.DOCKER_REGISTRY }}
username: ${{ secrets.DOCKERHUB_USER }}
diff --git a/.github/workflows/issue-triage-agent.lock.yml
b/.github/workflows/issue-triage-agent.lock.yml
index 2410f7b9e45..1c3d11a800e 100644
--- a/.github/workflows/issue-triage-agent.lock.yml
+++ b/.github/workflows/issue-triage-agent.lock.yml
@@ -53,11 +53,11 @@ jobs:
comment_repo: ""
steps:
- name: Setup Scripts
- uses:
github/gh-aw/actions/setup@58d1d157fbac0f1204798500faefc4f7461ebe28 # v0.45.0
+ uses:
github/gh-aw/actions/setup@f01a9d118afa6e306f3645ca31e43f4ea8fb4d22 # v0.71.1
with:
destination: /opt/gh-aw/actions
- name: Check workflow file timestamps
- uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd #
v8
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 #
v9.0.0
env:
GH_AW_WORKFLOW_FILE: "issue-triage-agent.lock.yml"
with:
@@ -91,7 +91,7 @@ jobs:
secret_verification_result: ${{
steps.validate-secret.outputs.verification_result }}
steps:
- name: Setup Scripts
- uses:
github/gh-aw/actions/setup@58d1d157fbac0f1204798500faefc4f7461ebe28 # v0.45.0
+ uses:
github/gh-aw/actions/setup@f01a9d118afa6e306f3645ca31e43f4ea8fb4d22 # v0.71.1
with:
destination: /opt/gh-aw/actions
- name: Checkout repository
@@ -113,7 +113,7 @@ jobs:
echo "Git configured with standard GitHub Actions identity"
- name: Generate agentic run info
id: generate_aw_info
- uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd #
v8
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 #
v9.0.0
with:
script: |
const fs = require('fs');
@@ -167,7 +167,7 @@ jobs:
run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.18.0
- name: Determine automatic lockdown mode for GitHub MCP Server
id: determine-automatic-lockdown
- uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd #
v8
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 #
v9.0.0
env:
GH_AW_GITHUB_TOKEN: ${{ secrets.GH_AW_GITHUB_TOKEN }}
GH_AW_GITHUB_MCP_SERVER_TOKEN: ${{
secrets.GH_AW_GITHUB_MCP_SERVER_TOKEN }}
@@ -459,7 +459,7 @@ jobs:
}
GH_AW_MCP_CONFIG_EOF
- name: Generate workflow overview
- uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd #
v8
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 #
v9.0.0
with:
script: |
const { generateWorkflowOverview } =
require('/opt/gh-aw/actions/generate_workflow_overview.cjs');
@@ -552,7 +552,7 @@ jobs:
{{#runtime-import .github/workflows/issue-triage-agent.md}}
GH_AW_PROMPT_EOF
- name: Substitute placeholders
- uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd #
v8
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 #
v9.0.0
env:
GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
GH_AW_GITHUB_ACTOR: ${{ github.actor }}
@@ -582,7 +582,7 @@ jobs:
}
});
- name: Interpolate variables and render templates
- uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd #
v8
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 #
v9.0.0
env:
GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
GH_AW_GITHUB_REPOSITORY: ${{ github.repository }}
@@ -661,7 +661,7 @@ jobs:
bash /opt/gh-aw/actions/stop_mcp_gateway.sh "$GATEWAY_PID"
- name: Redact secrets in logs
if: always()
- uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd #
v8
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 #
v9.0.0
with:
script: |
const { setupGlobals } =
require('/opt/gh-aw/actions/setup_globals.cjs');
@@ -676,7 +676,7 @@ jobs:
SECRET_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Upload Safe Outputs
if: always()
- uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f
# v6.0.0
+ uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a
# v7.0.1
with:
name: safe-output
path: ${{ env.GH_AW_SAFE_OUTPUTS }}
@@ -684,7 +684,7 @@ jobs:
- name: Ingest agent output
id: collect_output
if: always()
- uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd #
v8
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 #
v9.0.0
env:
GH_AW_SAFE_OUTPUTS: ${{ env.GH_AW_SAFE_OUTPUTS }}
GH_AW_ALLOWED_DOMAINS:
"api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,github.com,host.docker.internal,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,ocsp
[...]
@@ -698,13 +698,13 @@ jobs:
await main();
- name: Upload sanitized agent output
if: always() && env.GH_AW_AGENT_OUTPUT
- uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f
# v6.0.0
+ uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a
# v7.0.1
with:
name: agent-output
path: ${{ env.GH_AW_AGENT_OUTPUT }}
if-no-files-found: warn
- name: Upload engine output files
- uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f
# v6.0.0
+ uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a
# v7.0.1
with:
name: agent_outputs
path: |
@@ -713,7 +713,7 @@ jobs:
if-no-files-found: ignore
- name: Parse agent logs for step summary
if: always()
- uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd #
v8
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 #
v9.0.0
env:
GH_AW_AGENT_OUTPUT: /tmp/gh-aw/sandbox/agent/logs/
with:
@@ -724,7 +724,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
- uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd #
v8
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 #
v9.0.0
with:
script: |
const { setupGlobals } =
require('/opt/gh-aw/actions/setup_globals.cjs');
@@ -749,7 +749,7 @@ jobs:
- name: Upload agent artifacts
if: always()
continue-on-error: true
- uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f
# v6.0.0
+ uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a
# v7.0.1
with:
name: agent-artifacts
path: |
@@ -780,12 +780,12 @@ jobs:
total_count: ${{ steps.missing_tool.outputs.total_count }}
steps:
- name: Setup Scripts
- uses:
github/gh-aw/actions/setup@58d1d157fbac0f1204798500faefc4f7461ebe28 # v0.45.0
+ uses:
github/gh-aw/actions/setup@f01a9d118afa6e306f3645ca31e43f4ea8fb4d22 # v0.71.1
with:
destination: /opt/gh-aw/actions
- name: Download agent output artifact
continue-on-error: true
- uses:
actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
+ uses:
actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
name: agent-output
path: /tmp/gh-aw/safeoutputs/
@@ -796,7 +796,7 @@ jobs:
echo "GH_AW_AGENT_OUTPUT=/tmp/gh-aw/safeoutputs/agent_output.json"
>> "$GITHUB_ENV"
- name: Process No-Op Messages
id: noop
- uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd #
v8
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 #
v9.0.0
env:
GH_AW_AGENT_OUTPUT: ${{ env.GH_AW_AGENT_OUTPUT }}
GH_AW_NOOP_MAX: 1
@@ -812,7 +812,7 @@ jobs:
await main();
- name: Record Missing Tool
id: missing_tool
- uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd #
v8
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 #
v9.0.0
env:
GH_AW_AGENT_OUTPUT: ${{ env.GH_AW_AGENT_OUTPUT }}
GH_AW_WORKFLOW_NAME: "Issue Triage Agent"
@@ -827,7 +827,7 @@ jobs:
await main();
- name: Handle Agent Failure
id: handle_agent_failure
- uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd #
v8
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 #
v9.0.0
env:
GH_AW_AGENT_OUTPUT: ${{ env.GH_AW_AGENT_OUTPUT }}
GH_AW_WORKFLOW_NAME: "Issue Triage Agent"
@@ -846,7 +846,7 @@ jobs:
await main();
- name: Handle No-Op Message
id: handle_noop_message
- uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd #
v8
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 #
v9.0.0
env:
GH_AW_AGENT_OUTPUT: ${{ env.GH_AW_AGENT_OUTPUT }}
GH_AW_WORKFLOW_NAME: "Issue Triage Agent"
@@ -874,18 +874,18 @@ jobs:
success: ${{ steps.parse_results.outputs.success }}
steps:
- name: Setup Scripts
- uses:
github/gh-aw/actions/setup@58d1d157fbac0f1204798500faefc4f7461ebe28 # v0.45.0
+ uses:
github/gh-aw/actions/setup@f01a9d118afa6e306f3645ca31e43f4ea8fb4d22 # v0.71.1
with:
destination: /opt/gh-aw/actions
- name: Download agent artifacts
continue-on-error: true
- uses:
actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
+ uses:
actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
name: agent-artifacts
path: /tmp/gh-aw/threat-detection/
- name: Download agent output artifact
continue-on-error: true
- uses:
actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
+ uses:
actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
name: agent-output
path: /tmp/gh-aw/threat-detection/
@@ -895,7 +895,7 @@ jobs:
run: |
echo "Agent output-types: $AGENT_OUTPUT_TYPES"
- name: Setup threat detection
- uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd #
v8
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 #
v9.0.0
env:
WORKFLOW_NAME: "Issue Triage Agent"
WORKFLOW_DESCRIPTION: "No description provided"
@@ -948,7 +948,7 @@ jobs:
XDG_CONFIG_HOME: /home/runner
- name: Parse threat detection results
id: parse_results
- uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd #
v8
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 #
v9.0.0
with:
script: |
const { setupGlobals } =
require('/opt/gh-aw/actions/setup_globals.cjs');
@@ -957,7 +957,7 @@ jobs:
await main();
- name: Upload threat detection log
if: always()
- uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f
# v6.0.0
+ uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a
# v7.0.1
with:
name: threat-detection.log
path: /tmp/gh-aw/threat-detection/detection.log
@@ -987,12 +987,12 @@ jobs:
process_safe_outputs_temporary_id_map: ${{
steps.process_safe_outputs.outputs.temporary_id_map }}
steps:
- name: Setup Scripts
- uses:
github/gh-aw/actions/setup@58d1d157fbac0f1204798500faefc4f7461ebe28 # v0.45.0
+ uses:
github/gh-aw/actions/setup@f01a9d118afa6e306f3645ca31e43f4ea8fb4d22 # v0.71.1
with:
destination: /opt/gh-aw/actions
- name: Download agent output artifact
continue-on-error: true
- uses:
actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
+ uses:
actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
name: agent-output
path: /tmp/gh-aw/safeoutputs/
@@ -1003,7 +1003,7 @@ jobs:
echo "GH_AW_AGENT_OUTPUT=/tmp/gh-aw/safeoutputs/agent_output.json"
>> "$GITHUB_ENV"
- name: Process Safe Outputs
id: process_safe_outputs
- uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd #
v8
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 #
v9.0.0
env:
GH_AW_AGENT_OUTPUT: ${{ env.GH_AW_AGENT_OUTPUT }}
GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG:
"{\"add_comment\":{\"max\":1},\"add_labels\":{\"allowed\":[\"bug\",\"feature\",\"enhancement\",\"documentation\",\"question\",\"help-wanted\",\"good-first-issue\"]},\"missing_data\":{},\"missing_tool\":{}}"
diff --git a/.github/workflows/merge-conflict-checker.yml
b/.github/workflows/merge-conflict-checker.yml
index a997cb94ccc..748156a2d9c 100644
--- a/.github/workflows/merge-conflict-checker.yml
+++ b/.github/workflows/merge-conflict-checker.yml
@@ -35,7 +35,7 @@ jobs:
runs-on: ubuntu-22.04
steps:
- name: Conflict Check
- uses: eps1lon/[email protected]
+ uses: eps1lon/[email protected]
with:
repoToken: "${{ secrets.GITHUB_TOKEN }}"
dirtyLabel: "status:has-conflicts"
diff --git a/.github/workflows/ui.yml b/.github/workflows/ui.yml
index 4580b6bbd5d..2db8456fcba 100644
--- a/.github/workflows/ui.yml
+++ b/.github/workflows/ui.yml
@@ -34,7 +34,7 @@ jobs:
- uses: actions/checkout@v6
- name: Set up Node
- uses: actions/setup-node@v5
+ uses: actions/setup-node@v6
with:
node-version: 16
@@ -55,7 +55,7 @@ jobs:
npm run lint
npm run test:unit
- - uses: codecov/codecov-action@v4
+ - uses: codecov/codecov-action@v6
if: github.repository == 'apache/cloudstack'
with:
working-directory: ui
