Bump actions/cache from 3 to 4 #13
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=80&v=4){kind=small}
:digraph_utils.topsort/1 can return a different (but also valid)
topological ordering
The test failure on Erlang/OTP 25.0-rc1 was:
1) test deps_paths (Mix.DepTest)
test/mix/dep_test.exs:491
Assertion with == failed
code: assert Enum.map(Mix.Dep.load_on_environment([]), & &1.app) == [:git_repo, :abc_repo, :deps_repo]
left: [:abc_repo, :git_repo, :deps_repo]
right: [:git_repo, :abc_repo, :deps_repo]
stacktrace:
test/mix/dep_test.exs:499: anonymous fn/0 in Mix.DepTest."test deps_paths"/1
(elixir 1.14.0-dev) lib/file.ex:1555: File.cd!/2
test/test_helper.exs:127: MixTest.Case.in_fixture/3
test/mix/dep_test.exs:31: Mix.DepTest.with_deps/2
test/mix/dep_test.exs:497: (test)
The order in which tests get executed can be different
depending on Erlang/OTP version
The test failure was:
1) test logs and errors umbrella with file path (Mix.Tasks.TestTest)
test/mix/tasks/test_test.exs:432
Assertion with =~ failed
code: assert mix(["test", "apps/unknown_app/test"]) =~
"==> bar\nPaths given to \"mix test\" did not match any directory/file: apps/unknown_app/test\n==> foo\nPaths given to \"mix test\" did not match any directory/file: apps/unknown_app/test\n"
left: "==> foo\nCompiling 1 file (.ex)\nGenerated foo app\n==> bar\nCompiling 1 file (.ex)\nGenerated bar app\n==> foo\nPaths given to \"mix test\" did not match any directory/file: apps/unknown_app/test\n==> bar\nPaths given to \"mix test\" did not match any directory/file: apps/unknown_app/test\n"
right: "==> bar\nPaths given to \"mix test\" did not match any directory/file: apps/unknown_app/test\n==> foo\nPaths given to \"mix test\" did not match any directory/file: apps/unknown_app/test\n"
stacktrace:
test/mix/tasks/test_test.exs:436: anonymous fn/0 in Mix.Tasks.TestTest."test logs and errors umbrella with file path"/1
(elixir 1.14.0-dev) lib/file.ex:1555: File.cd!/2
test/test_helper.exs:127: MixTest.Case.in_fixture/3
test/mix/tasks/test_test.exs:433: (test)
* Skip tests using Rebar2 on Erlang/OTP 25+ and clean up mix test_helper.exs exclude filters * Remove unnecessary printing from mix test_helper.exs exclude filters
* Remove mentions from documentation * Remove rebar from @scm_manager in Mix.Dep.Loader * Change manager: :rebar to manager: :rebar3 in test * Remove rebar_exclude test filter from mix test_helper.exs (there are no more Rebar 2 tests after they got removed in 5cca5e5 )
Before this patch we had this:
iex> :os.cmd('elixir --sname foo --rpc-eval bar')
''
iex> :os.cmd('elixir --sname foo --rpc-eval')
'No file named \n'
… the :id field (elixir-lang#11663) Co-authored-by: Travis Griggs <[email protected]>
This commit moves the line and column to the last argument to be handled
as a metadata as you can see in the example below:
```elixir
assert T.tokenize('foo', 1, 1, @opts) ==
{:ok, [{:text, 'foo', %{line: 1, column: 1}}, {:eof, %{line: 1, column: 4}}]}
```
* Inspect in the defstruct order * Mark optional fields that match the default value when deriving * Add __info__(:struct) with metadata
Two new lines are interpreted as a paragraph break.
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much. - Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs [Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/) Signed-off-by: naveen <[email protected]>
…1907) This should help with keeping the GitHub actions updated on new releases. This will also help with keeping it secure. Dependabot helps in keeping the supply chain secure https://docs.github.com/en/code-security/dependabot GitHub actions up to date https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot https://github.com/ossf/scorecard/blob/main/docs/checks.md#dependency-update-tool Signed-off-by: naveen <[email protected]>
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v2...v3) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [actions/cache](https://github.com/actions/cache) from 2 to 3. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](actions/cache@v2...v3) --- updated-dependencies: - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
The *nix equivalent shell script echoes the full erl.exe path and args to stdout when the environment variable ELIXIR_CLI_DRY_RUN is set instead of executing it. This patch adds this behaviour to the Windows bat file for consistency.
Bumps [actions/cache](https://github.com/actions/cache) from 3 to 4. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](actions/cache@v3...v4) --- updated-dependencies: - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
dependabot
bot
added
the
dependencies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
72 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps actions/cache from 3 to 4.
Release notes
Sourced from actions/cache's releases.
... (truncated)
Changelog
Sourced from actions/cache's changelog.
... (truncated)
Commits
13aacd8Merge pull request #1242 from to-s/main53b35c5Merge branch 'main' into main65b8989Merge pull request #1284 from takost/update-to-node-20d0be34dFix dist66cf064Merge branch 'main' into update-to-node-201326563Merge branch 'main' into maine718767Fix format0122982Apply workaround for earlyExit3185ecfUpdate "only-" actions to node2025618a0Bump versionYou can trigger a rebase of this PR by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)