chore(deps): bump codex-/return-dispatch from 1 to 2 #354
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=60&v=4){kind=small}
The tests are now running against the PR code and not main branch. Co-authored-by: Alejandro Alvarez <[email protected]>
#219) * 🔧 (.github/workflows/ephemeral-cloud-infra.yml): pass github run id as a variable to terraform apply command * 🔧 (ephemeral-cloud-infra.yml): pass github repository name as a variable to terraform apply command
* 🔧 (.github/workflows/ephemeral-cloud-infra.yml): add support for deploying or destroying the aws test harness infrastructure by introducing a new input variable and setting the corresponding environment variable for Terraform deployment. * 🔧 (ephemeral-cloud-infra.yml): Add support for deploying or destroying various AWS infrastructure resources such as aws_postgresql, aws_oracle, aws_mariadb, aws_aurora_mysql, aws_mssql, and aws_aurora_postgres. Update environment variable names and corresponding inputs to reflect the changes. * 📝 (.github/workflows/ephemeral-cloud-infra.yml): update liquibase-infrastructure repository reference to DAT-17834 branch instead of master for better tracking and version control. * 🔧 (.github/workflows/ephemeral-cloud-infra.yml): pass run_id and run_repo variables to terraform destroy command for better tracking and debugging purposes * 🔧 (ephemeral-cloud-infra.yml): add support for deploying or destroying the aws_mysql infrastructure by setting TF_VAR_create_aws_mysql based on the inputs provided * 🔧 (ephemeral-cloud-infra.yml): remove unnecessary enable and disable commands to streamline workflow execution and avoid potential conflicts * 📝 (.github/workflows/ephemeral-cloud-infra.yml): update checkout ref to 'master' branch for liquibase-infrastructure repository to fix workflow issue * 🔧 (ephemeral-cloud-infra.yml): Update workflow conditions to always run artifact upload and download steps when deploying or destroying ephemeral stack
* 🔧 (.github/workflows/ephemeral-cloud-infra.yml): Add support for deploying or destroying snowflake OSS and PRO infrastructures. * 🔧 (.github/workflows/ephemeral-cloud-infra.yml): add '|| true' to spacectl command to prevent workflow failure if stack is already enabled * 🔧 (.github/workflows/ephemeral-cloud-infra.yml): pass run_id and run_repo variables to terraform destroy command for better tracking and debugging purposes * 🔧 (ephemeral-cloud-infra.yml): remove unnecessary enable and disable commands for stack in workflow jobs to streamline infrastructure deployment and destruction process * 📝 (.github/workflows/ephemeral-cloud-infra.yml): add 'snowflake_pro' boolean input with default value false to deploy or destroy snowflake PRO infrastructure
…g the snowflake Test Harness infrastructure by introducing a new input variable and setting the corresponding environment variable.
… up ephemeral infrastructure after deployment
…e terraform taint --all for better resource management
… to taint specific resources if snowflake_th input is true
…mands and condition for snowflake resources
…to scan dependencies for security vulnerabilities and upload results as artifacts (#224)
…223) * 🔧 (extension-attach-artifact-release.yml): Add step to get artifact ID and set it as an environment variable 🔧 (extension-attach-artifact-release.yml): Modify script to check and download artifacts based on package version 🔧 (extension-attach-artifact-release.yml): Conditionally sign files for draft release only if artifact is not found * 🔧 (extension-attach-artifact-release.yml): update PACKAGE_NAME variable to use github.repo instead of github.repository for consistency and clarity * 📝 (extension-attach-artifact-release.yml): update PACKAGE_NAME to use the repository name from the event payload for consistency * 📝 (extension-attach-artifact-release.yml): add debug logs to display artifact checking and response for better troubleshooting * 🐛 (extension-attach-artifact-release.yml): fix the URL construction to correctly reference the artifact variable instead of a fixed version ID * 🔧 (extension-attach-artifact-release.yml): refactor artifact download process to use 'mvn dependency:get' command for improved efficiency and reliability * 🔧 (extension-attach-artifact-release.yml): Comment out unused workflow steps to improve readability and reduce clutter. * 🐛 (extension-attach-artifact-release.yml): fix a typo in the directory path causing a build failure * 🔧 (extension-attach-artifact-release.yml): refactor artifact download process to check for existence before proceeding with further actions * 🔧 (extension-attach-artifact-release.yml): add support for downloading artifact sources, javadoc, and pom files along with the main jar file * 🔧 (extension-attach-artifact-release.yml): Refactor artifact download and copying process to handle failures more gracefully 🔧 (extension-attach-artifact-release.yml): Update artifact signing process to only sign new artifacts, not existing ones 🔧 (server.ts): update ASSET_DIR configuration to point to ./target directory * 🔧 (extension-attach-artifact-release.yml): Use environment variable ARTIFACT_NAME to store the repository name for better readability and consistency in artifact handling. * 🔧 (extension-attach-artifact-release.yml): remove unnecessary conditional check for signing files as existing GPM artifacts are already signed. * 🔧 (extension-attach-artifact-release.yml): remove unnecessary logging of ARTIFACT_FOUND variable to improve workflow readability * 📝 (extension-attach-artifact-release.yml): comment out GPG key import and file signing steps for draft release to prevent unnecessary execution and speed up the workflow. * 📝 (extension-attach-artifact-release.yml): Uncomment GPG key import and file signing steps for draft release preparation. * 🔧 (extension-attach-artifact-release.yml): simplify artifact copying process by directly moving files from local Maven repository to target directory * 🔧 (extension-attach-artifact-release.yml): refactor build-release-artifacts step to only run if ARTIFACT_FOUND is '0' to avoid unnecessary artifact building when artifact is already available in the repository * 🔧 (extension-attach-artifact-release.yml): update script to extract release version from pom.xml file for artifact deployment process * 🔧 (extension-attach-artifact-release.yml): update RELEASE_VERSION extraction logic to handle multiple occurrences of <version> tag in pom.xml file * 🔧 (extension-attach-artifact-release.yml): use variable RELEASE_VERSION consistently instead of env.RELEASE_VERSION for better readability and maintainability * ♻️ (extension-attach-artifact-release.yml): remove '-SNAPSHOT' suffix from the version in pom.xml to prepare for release * 🔧 (extension-attach-artifact-release.yml): remove '-SNAPSHOT' suffix from version in pom.xml to prepare for release. * 📝 (extension-attach-artifact-release.yml): add commands to list files before and after moving artifacts for debugging purposes * 🔧 (extension-attach-artifact-release.yml): add support to download additional artifact files (pom, sources, javadoc) for the extension during the release process * 🔧 (extension-attach-artifact-release.yml): remove unnecessary ls commands and clean up artifact handling process * 🔧 (extension-attach-artifact-release.yml): Remove unnecessary steps to retrieve project version and set it as an environment variable * 🔧 (extension-attach-artifact-release.yml): improve error messages for artifact download failures and update artifact type descriptions for better clarity * 🐛 (extension-attach-artifact-release.yml): fix incorrect conditional check for artifact existence to properly handle the case when no artifacts are found * 🐛 (extension-attach-artifact-release.yml): fix conditional check for ARTIFACT_FOUND to properly handle boolean values instead of string comparison * ✨ (extension-attach-artifact-release.yml): add flag ARTIFACT_FOUND to GitHub environment to track artifact availability during workflow execution * 🔧 (extension-attach-artifact-release.yml): update if condition syntax to use double square brackets for improved compatibility and readability * 🔧 (extension-attach-artifact-release.yml): improve artifact check logic and add debug output for better troubleshooting * 🔧 (extension-attach-artifact-release.yml): Improve artifact download process and handling of missing artifacts. Remove unnecessary checks and simplify artifact download logic. * 🔧 (extension-attach-artifact-release.yml): remove unnecessary ls command to clean up workflow and improve readability
* slack notification with workflow_file_name * workflow_name --------- Co-authored-by: Sayali M <sayali@Sayalis-MacBook-Pro>
…w to build and publish Liquibase scripting artifacts 🔧 (build-publish-liquibase-scripting.yml): Configure GitHub Actions workflow to build Liquibase scripting artifacts using JDK 17 and Maven, and publish to GitHub Package Registry.
…change version only in the 'scripting' directory to avoid affecting other modules
…ing directory to ensure the Maven commands are executed in the correct location
… to use inputs.version for better readability and consistency
…s/checkout' step to optimize the workflow and improve build time
…ibase-scripting repository when workflow is called from liquibase/liquibase to ensure correct version is built
… version in Maven command to ensure correct version is used for the build process
…ibase-scripting repository when workflow is called from liquibase/liquibase to ensure correct repository is used
… Maven command to update the project version before publishing to GPM
…ase-scripting package to allow publishing releases
…a separate directory for each version of liquibase-scripting jar file 🔧 (build-publish-liquibase-scripting.yml): update script to publish a specific version of liquibase-scripting jar file to GPM using Maven deploy command
…version correctly and deploy the correct artifacts to the GitHub Package Registry
…paths to correctly reference files in /tmp directory
…to match the input version for consistency and accuracy in the deployment process
… quote in the mvn versions:set command to prevent syntax error 🔧 (build-publish-liquibase-scripting.yml): Fix missing single quotes around inputs.version in the mvn versions:set command to ensure correct substitution of the version value
….xml file for the Maven publish step to point to the correct location in the scripting directory
…orm artifact is created (#344) * ✨ (workflows): add cleanup-individual-artifacts workflow to manage artifact cleanup ♻️ (workflows): integrate cleanup-individual-artifacts into existing workflows for better resource management * ♻️ (workflows): refactor cleanup-individual-artifacts workflow to use a matrix strategy for artifact deletion across multiple OS environments * 🔧 (workflows): update cleanup-individual-artifacts workflow reference to use the main branch
) * feat: add configurable Java build version to os-extension-test.yml * feat: add skipSonar input to os-extension-test.yml for optional SonarQube analysis * feat: add skipSonar input to os-extension-test.yml for optional SonarQube analysis * feat: add configurable Java build version to extension-attach-artifact-release.yml --------- Co-authored-by: filipe <[email protected]>
* feat: add workflows for FOSSA report generation and upload - Updated fossa_ai.yml to scan for AI generated code. - Created generate-upload-enterprise-3p-fossa-report.yml for generating and uploading 3rd-party license reports to S3. - Added generate-upload-oss-pro-sbom-reports.yml for generating and uploading OSS and PRO SBOM reports. - Introduced trigger-enterprise-fossa-third-party-license-report.yml to trigger FOSSA report generation across multiple repositories. - Updated README.md to include new workflows and removed outdated images. * docs: update FOSSA report generation workflow documentation and improve clarity * refactor: update workflow names for clarity and consistency; add detailed documentation for FOSSA report generation * docs: add dependabot-automerge workflow to README for automatic PR merging * chore: remove obsolete workflow for generating and uploading OSS and PRO SBOM reports
…et-linking IO-3180 Add Jira ticket linker for pull requests
Replace overly permissive 'write-all' with specific minimal permissions: - contents: read (for code checkout) - pull-requests: write (for adding/removing PR labels) - actions: write (for uploading artifacts) This follows the principle of least privilege and reduces security risk.
…ne 30th, 2025 (#346) * fix: update Maven Central publishing process in extension-release-published.yml * Removed deprecated Sonatype Nexus staging configuration. * Updated to use central-publishing-maven-plugin for direct publishing to Maven Central. * Updated release-downloader action version from v1.9 to v1.12 for artifact downloads. * Fixed filename parameter casing in download steps. * fix: enhance Maven Central publishing process in extension-release-published.yml * Updated the publishing step to create a proper Maven repository layout. * Added logic to copy artifacts and their signatures to the new structure. * Implemented a curl command to upload the bundle to the Central Portal with Bearer authentication. * Improved error handling for upload failures and added success messages. * fix: streamline artifact copying in extension-release-published.yml * Simplified the artifact copying process by consolidating multiple cp commands into a single command for all artifacts and their signatures. * Improved clarity in the comments regarding the Maven repository layout. * fix: update artifact copying logic in extension-release-published.yml * Changed the artifact copying command to use a wildcard for better matching of versioned files. * Ensured all relevant artifacts are copied to the correct Maven repository layout. * fix: remove deprecated Sonatype Nexus configuration from extension-release-published.yml * Deleted the Sonatype Nexus staging configuration as it is no longer needed. * Cleaned up the credentials section for better clarity and maintenance. * fix: update Central Portal publishing process in os-extension-automated-release.yml * Renamed job to 'publish-to-central-portal' and updated its logic to use the new Central Portal API for automatic publishing of extension artifacts. * Added steps to retrieve GitHub App token and check for published releases before downloading artifacts. * Implemented logic to create a Maven bundle and upload it to Central Portal with proper error handling and success messages. * Archived published extensions in a new format for better tracking. * fix: update description for os-extension-automated-release.yml in README.md * Enhanced the description of the `os-extension-automated-release.yml` workflow to clarify that it now automatically publishes extensions to Maven Central via the Sonatype Central Portal API. * Maintained the link to the detailed documentation for further reference. * fix: enhance cleanup-individual-artifacts workflow for repository dispatch * Added support for `repository_dispatch` event to trigger cleanup of individual artifacts. * Updated artifact deletion logic to conditionally use inputs or payload data based on the event type. * Refactored the pro-extension-test workflow to trigger the cleanup workflow with appropriate payload. * fix: update workflow reference in publish-for-liquibase.yml * Changed the workflow reference for the build job from the main branch to the DAT-20044 branch for better version control. * Ensured the build process aligns with the latest changes in the pro-extension-build workflow. * fix: update cleanup-individual-artifacts workflow to use repository dispatch * Replaced the previous workflow reference with a direct trigger for cleanup using `repository_dispatch`. * Added steps to send the artifact ID and version as a client payload for better control over the cleanup process. * Ensured the workflow runs on `ubuntu-latest` for consistency. * fix: update cleanup workflow to use GitHub App token * Added steps to retrieve a GitHub App token for triggering the cleanup workflow. * Replaced the use of the default GITHUB_TOKEN with the newly generated token for better permissions management. * Ensured the workflow continues to run on `ubuntu-latest` for consistency. * fix: update workflow reference in publish-for-liquibase.yml to main branch * Changed the workflow reference for the build job from the DAT-20044 branch to the main branch for alignment with the latest updates. * Ensured the build process utilizes the most current version of the pro-extension-build workflow.
Bumps [robinraju/release-downloader](https://github.com/robinraju/release-downloader) from 1.9 to 1.12. - [Release notes](https://github.com/robinraju/release-downloader/releases) - [Commits](robinraju/release-downloader@v1.9...v1.12) --- updated-dependencies: - dependency-name: robinraju/release-downloader dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alejandro Alvarez <[email protected]>
Bumps [actions/github-script](https://github.com/actions/github-script) from 6 to 7. - [Release notes](https://github.com/actions/github-script/releases) - [Commits](actions/github-script@v6...v7) --- updated-dependencies: - dependency-name: actions/github-script dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alejandro Alvarez <[email protected]>
Bumps [actions/setup-node](https://github.com/actions/setup-node) from 3 to 4. - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](actions/setup-node@v3...v4) --- updated-dependencies: - dependency-name: actions/setup-node dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alejandro Alvarez <[email protected]>
Bumps [stCarolas/setup-maven](https://github.com/stcarolas/setup-maven) from 4.5 to 5. - [Release notes](https://github.com/stcarolas/setup-maven/releases) - [Commits](stCarolas/setup-maven@v4.5...v5) --- updated-dependencies: - dependency-name: stCarolas/setup-maven dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alejandro Alvarez <[email protected]>
Bumps [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata) from 1.6.0 to 2.3.0. - [Release notes](https://github.com/dependabot/fetch-metadata/releases) - [Commits](dependabot/fetch-metadata@v1.6.0...v2.3.0) --- updated-dependencies: - dependency-name: dependabot/fetch-metadata dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alejandro Alvarez <[email protected]>
* ArtifactPath should not be used by Sonar * Update create-release.yml
* Fix usage of artifact path * Update extension-attach-artifact-release.yml remove from another location
* Update ENTERPRISE_README.md * add-trigger-job-image
Bumps [codex-/return-dispatch](https://github.com/codex-/return-dispatch) from 1 to 2. - [Release notes](https://github.com/codex-/return-dispatch/releases) - [Changelog](https://github.com/Codex-/return-dispatch/blob/main/.release-it.json) - [Commits](Codex-/return-dispatch@v1...v2) --- updated-dependencies: - dependency-name: codex-/return-dispatch dependency-version: '2' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
jandroav
force-pushed
the
dependabot/github_actions/codex-/return-dispatch-2
branch
from
7ed47bd to
1321674
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps codex-/return-dispatch from 1 to 2.
Release notes
Sourced from codex-/return-dispatch's releases.
... (truncated)
Commits
5f52045release: 2.0.53d49398security: resolve brace-expansion security advisoryae9fddaMerge pull request #293 from Codex-/renovate/all-minor-patch8714660chore: improve test setupf4a8997chore: revert vitest versionabec97achore: refresh vitest locke0fc31btest: fix incorrect mocke9aeb40chore(deps): update all non-major dependencies0307fdafix(deps): update all non-major dependencies (#291)31ff447chore(deps): update dependency eslint-import-resolver-typescript to v4 (#289)You can trigger a rebase of this PR by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)