dependabot[bot]
6e0291cdb9
chore(deps): bump the github-actions group with 5 updates ( #673 )
...
Bumps the github-actions group with 5 updates:
| Package | From | To |
| --- | --- | --- |
| [actions/checkout](https://github.com/actions/checkout ) | `6.0.0` |
`6.0.2` |
| [coder/coder](https://github.com/coder/coder ) | `2.29.1` | `2.29.2` |
| [crate-ci/typos](https://github.com/crate-ci/typos ) | `1.42.0` |
`1.42.1` |
| [actions/setup-go](https://github.com/actions/setup-go ) | `6.1.0` |
`6.2.0` |
|
[zizmorcore/zizmor-action](https://github.com/zizmorcore/zizmor-action )
| `0.3.0` | `0.4.1` |
Updates `actions/checkout` from 6.0.0 to 6.0.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/releases ">actions/checkout's
releases</a>.</em></p>
<blockquote>
<h2>v6.0.2</h2>
<h2>What's Changed</h2>
<ul>
<li>Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID
is set by <a
href="https://github.com/TingluoHuang "><code>@TingluoHuang</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/2355 ">actions/checkout#2355</a></li>
<li>Fix tag handling: preserve annotations and explicit fetch-tags by <a
href="https://github.com/ericsciple "><code>@ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2356 ">actions/checkout#2356</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v6.0.1...v6.0.2 ">https://github.com/actions/checkout/compare/v6.0.1...v6.0.2 </a></p>
<h2>v6.0.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Update all references from v5 and v4 to v6 by <a
href="https://github.com/ericsciple "><code>@ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2314 ">actions/checkout#2314</a></li>
<li>Add worktree support for persist-credentials includeIf by <a
href="https://github.com/ericsciple "><code>@ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2327 ">actions/checkout#2327</a></li>
<li>Clarify v6 README by <a
href="https://github.com/ericsciple "><code>@ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2328 ">actions/checkout#2328</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v6...v6.0.1 ">https://github.com/actions/checkout/compare/v6...v6.0.1 </a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/blob/main/CHANGELOG.md ">actions/checkout's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h2>v6.0.2</h2>
<ul>
<li>Fix tag handling: preserve annotations and explicit fetch-tags by <a
href="https://github.com/ericsciple "><code>@ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2356 ">actions/checkout#2356</a></li>
</ul>
<h2>v6.0.1</h2>
<ul>
<li>Add worktree support for persist-credentials includeIf by <a
href="https://github.com/ericsciple "><code>@ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2327 ">actions/checkout#2327</a></li>
</ul>
<h2>v6.0.0</h2>
<ul>
<li>Persist creds to a separate file by <a
href="https://github.com/ericsciple "><code>@ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2286 ">actions/checkout#2286</a></li>
<li>Update README to include Node.js 24 support details and requirements
by <a href="https://github.com/salmanmkc "><code>@salmanmkc</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/2248 ">actions/checkout#2248</a></li>
</ul>
<h2>v5.0.1</h2>
<ul>
<li>Port v6 cleanup to v5 by <a
href="https://github.com/ericsciple "><code>@ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2301 ">actions/checkout#2301</a></li>
</ul>
<h2>v5.0.0</h2>
<ul>
<li>Update actions checkout to use node 24 by <a
href="https://github.com/salmanmkc "><code>@salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2226 ">actions/checkout#2226</a></li>
</ul>
<h2>v4.3.1</h2>
<ul>
<li>Port v6 cleanup to v4 by <a
href="https://github.com/ericsciple "><code>@ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2305 ">actions/checkout#2305</a></li>
</ul>
<h2>v4.3.0</h2>
<ul>
<li>docs: update README.md by <a
href="https://github.com/motss "><code>@motss</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1971 ">actions/checkout#1971</a></li>
<li>Add internal repos for checking out multiple repositories by <a
href="https://github.com/mouismail "><code>@mouismail</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1977 ">actions/checkout#1977</a></li>
<li>Documentation update - add recommended permissions to Readme by <a
href="https://github.com/benwells "><code>@benwells</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2043 ">actions/checkout#2043</a></li>
<li>Adjust positioning of user email note and permissions heading by <a
href="https://github.com/joshmgross "><code>@joshmgross</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2044 ">actions/checkout#2044</a></li>
<li>Update README.md by <a
href="https://github.com/nebuk89 "><code>@nebuk89</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2194 ">actions/checkout#2194</a></li>
<li>Update CODEOWNERS for actions by <a
href="https://github.com/TingluoHuang "><code>@TingluoHuang</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/2224 ">actions/checkout#2224</a></li>
<li>Update package dependencies by <a
href="https://github.com/salmanmkc "><code>@salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2236 ">actions/checkout#2236</a></li>
</ul>
<h2>v4.2.2</h2>
<ul>
<li><code>url-helper.ts</code> now leverages well-known environment
variables by <a href="https://github.com/jww3 "><code>@jww3</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/1941 ">actions/checkout#1941</a></li>
<li>Expand unit test coverage for <code>isGhes</code> by <a
href="https://github.com/jww3 "><code>@jww3</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1946 ">actions/checkout#1946</a></li>
</ul>
<h2>v4.2.1</h2>
<ul>
<li>Check out other refs/* by commit if provided, fall back to ref by <a
href="https://github.com/orhantoy "><code>@orhantoy</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1924 ">actions/checkout#1924</a></li>
</ul>
<h2>v4.2.0</h2>
<ul>
<li>Add Ref and Commit outputs by <a
href="https://github.com/lucacome "><code>@lucacome</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1180 ">actions/checkout#1180</a></li>
<li>Dependency updates by <a
href="https://github.com/dependabot "><code>@dependabot</code></a>- <a
href="https://redirect.github.com/actions/checkout/pull/1777 ">actions/checkout#1777</a>,
<a
href="https://redirect.github.com/actions/checkout/pull/1872 ">actions/checkout#1872</a></li>
</ul>
<h2>v4.1.7</h2>
<ul>
<li>Bump the minor-npm-dependencies group across 1 directory with 4
updates by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1739 ">actions/checkout#1739</a></li>
<li>Bump actions/checkout from 3 to 4 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1697 ">actions/checkout#1697</a></li>
<li>Check out other refs/* by commit by <a
href="https://github.com/orhantoy "><code>@orhantoy</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1774 ">actions/checkout#1774</a></li>
<li>Pin actions/checkout's own workflows to a known, good, stable
version. by <a href="https://github.com/jww3 "><code>@jww3</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1776 ">actions/checkout#1776</a></li>
</ul>
<h2>v4.1.6</h2>
<ul>
<li>Check platform to set archive extension appropriately by <a
href="https://github.com/cory-miller "><code>@cory-miller</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1732 ">actions/checkout#1732</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="de0fac2e45https://redirect.github.com/actions/checkout/issues/2356 ">#2356</a>)</li>
<li><a
href="064fe7f3318e8c483db8https://redirect.github.com/actions/checkout/issues/2328 ">#2328</a>)</li>
<li><a
href="033fa0dc0bhttps://redirect.github.com/actions/checkout/issues/2327 ">#2327</a>)</li>
<li><a
href="c2d88d3ecchttps://redirect.github.com/actions/checkout/issues/2314 ">#2314</a>)</li>
<li>See full diff in <a
href="1af3b93b68...de0fac2e45https://github.com/coder/coder/releases ">coder/coder's
releases</a>.</em></p>
<blockquote>
<h2>v2.29.2</h2>
<h2>Changelog</h2>
<blockquote>
<p>[!NOTE]
This is a mainline Coder release. We advise enterprise customers without
a staging environment to install our <a
href="https://github.com/coder/coder/releases/latest ">latest stable
release</a> while we refine this version. Learn more about our <a
href="https://coder.com/docs/install/releases ">Release Schedule</a>.</p>
</blockquote>
<h3>Features</h3>
<ul>
<li>CLI: Backport <a
href="https://redirect.github.com/coder/coder/issues/21374 ">#21374</a>
to 2.29 (<a
href="https://redirect.github.com/coder/coder/issues/21561 ">#21561</a>,
2e2d0dde4)</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>Backport update boundary version to 2.29 (<a
href="https://redirect.github.com/coder/coder/issues/21290 ">#21290</a>)
(<a
href="https://redirect.github.com/coder/coder/issues/21575 ">#21575</a>,
2314e4a94)</li>
<li>Backport migration fixes (<a
href="https://redirect.github.com/coder/coder/issues/21611 ">#21611</a>,
b5360a918)</li>
</ul>
<h3>Chores</h3>
<ul>
<li>Add antigravity to allowed protocols list (<a
href="https://redirect.github.com/coder/coder/issues/20873 ">#20873</a>)
(<a
href="https://redirect.github.com/coder/coder/issues/21122 ">#21122</a>,
bd76c602e)</li>
</ul>
<p>Compare: <a
href="https://github.com/coder/coder/compare/v2.29.1...v2.29.2 "><code>v2.29.1...v2.29.2</code></a></p>
<h2>Container image</h2>
<ul>
<li><code>docker pull ghcr.io/coder/coder:v2.29.2</code></li>
</ul>
<h2>Install/upgrade</h2>
<p>Refer to our docs to <a
href="https://coder.com/docs/install ">install</a> or <a
href="https://coder.com/docs/install/upgrade ">upgrade</a> Coder, or use
a release asset below.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="b5360a9180https://redirect.github.com/coder/coder/issues/21611 ">#21611</a>)</li>
<li><a
href="2e2d0dde44https://redirect.github.com/coder/coder/issues/21374 ">#21374</a>
to 2.29 (<a
href="https://redirect.github.com/coder/coder/issues/21561 ">#21561</a>)</li>
<li><a
href="2314e4a94ehttps://redirect.github.com/coder/coder/issues/21290 ">#21290</a>)
(<a
href="https://redirect.github.com/coder/coder/issues/21575 ">#21575</a>)</li>
<li><a
href="bd76c602e4https://redirect.github.com/coder/coder/issues/20873 ">#20873</a>)
(<a
href="https://redirect.github.com/coder/coder/issues/21122 ">#21122</a>)</li>
<li>See full diff in <a
href="59cdd7e21f...b5360a9180https://github.com/crate-ci/typos/releases ">crate-ci/typos's
releases</a>.</em></p>
<blockquote>
<h2>v1.42.1</h2>
<h2>[1.42.1] - 2026-01-19</h2>
<h3>Fixes</h3>
<ul>
<li>Ignore hex literals with suffixes (e.g. <code>0xffffUL</code>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/crate-ci/typos/blob/master/CHANGELOG.md ">crate-ci/typos's
changelog</a>.</em></p>
<blockquote>
<h1>Change Log</h1>
<p>All notable changes to this project will be documented in this
file.</p>
<p>The format is based on <a href="https://keepachangelog.com/ ">Keep a
Changelog</a>
and this project adheres to <a href="https://semver.org/ ">Semantic
Versioning</a>.</p>
<!-- raw HTML omitted -->
<h2>[Unreleased] - ReleaseDate</h2>
<h2>[1.42.1] - 2026-01-19</h2>
<h3>Fixes</h3>
<ul>
<li>Ignore hex literals with suffixes (e.g. <code>0xffffUL</code>)</li>
</ul>
<h2>[1.42.0] - 2026-01-07</h2>
<h3>Features</h3>
<ul>
<li>Dictionary updates</li>
</ul>
<h2>[1.41.0] - 2025-12-31</h2>
<h3>Features</h3>
<ul>
<li>Updated the dictionary with the <a
href="https://redirect.github.com/crate-ci/typos/issues/1431 ">December
2025</a> changes</li>
</ul>
<h2>[1.40.1] - 2025-12-29</h2>
<h3>Fixes</h3>
<ul>
<li>Treat <code>incrementer</code> and <code>incrementor</code> the same
for now</li>
</ul>
<h3>Fixes</h3>
<ul>
<li>Don't correct ITerm2</li>
</ul>
<h2>[1.40.0] - 2025-11-26</h2>
<h3>Features</h3>
<ul>
<li>Updated the dictionary with the <a
href="https://redirect.github.com/crate-ci/typos/issues/1405 ">November
2025</a> changes</li>
</ul>
<h2>[1.39.2] - 2025-11-13</h2>
<h3>Fixes</h3>
<ul>
<li>Don't offer <code>entry</code> as a correction for
<code>entrys</code></li>
</ul>
<h2>[1.39.1] - 2025-11-12</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="65120634e72049566b9ccbc66c9a85https://redirect.github.com/crate-ci/typos/issues/1471 ">#1471</a>
from epage/hex</li>
<li><a
href="207157952c7300bb096401955c0f2a5d4cfab7393cee018e3fhttps://redirect.github.com/crate-ci/typos/issues/1468 ">#1468</a>
from Wilfred/patch-1</li>
<li><a
href="a96a636d4e837ad2701bhttps://redirect.github.com/crate-ci/typos/issues/1467 ">#1467</a>
from Wilfred/full_examples_in_reference</li>
<li>Additional commits viewable in <a
href="bb4666ad77...65120634e7https://github.com/actions/setup-go/releases ">actions/setup-go's
releases</a>.</em></p>
<blockquote>
<h2>v6.2.0</h2>
<h2>What's Changed</h2>
<h3>Enhancements</h3>
<ul>
<li>Example for restore-only cache in documentation by <a
href="https://github.com/aparnajyothi-y "><code>@aparnajyothi-y</code></a>
in <a
href="https://redirect.github.com/actions/setup-go/pull/696 ">actions/setup-go#696</a></li>
<li>Update Node.js version in action.yml by <a
href="https://github.com/ccoVeille "><code>@ccoVeille</code></a> in <a
href="https://redirect.github.com/actions/setup-go/pull/691 ">actions/setup-go#691</a></li>
<li>Documentation update of actions/checkout by <a
href="https://github.com/deining "><code>@deining</code></a> in <a
href="https://redirect.github.com/actions/setup-go/pull/683 ">actions/setup-go#683</a></li>
</ul>
<h3>Dependency updates</h3>
<ul>
<li>Upgrade js-yaml from 3.14.1 to 3.14.2 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-go/pull/682 ">actions/setup-go#682</a></li>
<li>Upgrade <code>@actions/cache</code> to v5 by <a
href="https://github.com/salmanmkc "><code>@salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/setup-go/pull/695 ">actions/setup-go#695</a></li>
<li>Upgrade actions/checkout from 5 to 6 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-go/pull/686 ">actions/setup-go#686</a></li>
<li>Upgrade qs from 6.14.0 to 6.14.1 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-go/pull/703 ">actions/setup-go#703</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/ccoVeille "><code>@ccoVeille</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/setup-go/pull/691 ">actions/setup-go#691</a></li>
<li><a href="https://github.com/deining "><code>@deining</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/setup-go/pull/683 ">actions/setup-go#683</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/setup-go/compare/v6...v6.2.0 ">https://github.com/actions/setup-go/compare/v6...v6.2.0 </a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="7a3fe6cf4chttps://redirect.github.com/actions/setup-go/issues/703 ">#703</a>)</li>
<li><a
href="b9adafd441https://redirect.github.com/actions/setup-go/issues/686 ">#686</a>)</li>
<li><a
href="d73f6bcfc2https://redirect.github.com/actions/setup-go/issues/683 ">#683</a>)</li>
<li><a
href="ae252ee6fbhttps://redirect.github.com/actions/setup-go/issues/695 ">#695</a>)</li>
<li><a
href="bf7446afafhttps://redirect.github.com/actions/setup-go/issues/682 ">#682</a>)</li>
<li><a
href="02aadfee7fhttps://redirect.github.com/actions/setup-go/issues/691 ">#691</a>)</li>
<li><a
href="4aaadf4266https://redirect.github.com/actions/setup-go/issues/696 ">#696</a>)</li>
<li>See full diff in <a
href="4dc6199c7b...7a3fe6cf4chttps://github.com/zizmorcore/zizmor-action/releases ">zizmorcore/zizmor-action's
releases</a>.</em></p>
<blockquote>
<h2>v0.4.1</h2>
<p>This version fixes an error in the 0.4.0 release that prevented
non-relative use
of the action.</p>
<h2>What's Changed</h2>
<ul>
<li>Fix version file path by <a
href="https://github.com/woodruffw "><code>@woodruffw</code></a> in <a
href="https://redirect.github.com/zizmorcore/zizmor-action/pull/83 ">zizmorcore/zizmor-action#83</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/zizmorcore/zizmor-action/compare/v0.4.0...v0.4.1 ">https://github.com/zizmorcore/zizmor-action/compare/v0.4.0...v0.4.1 </a></p>
<h2>v0.4.0</h2>
<p>This new version of <code>zizmor-action</code> brings two major
changes:</p>
<ul>
<li>
<p>The new <code>fail-on-no-inputs</code> option can be used to control
whether
<code>zizmor-action</code> fails if no inputs were collected by
<code>zizmor</code>. The default
remains <code>true</code>, reflecting the pre-existing behavior.</p>
</li>
<li>
<p>The action's use of the official <code>zizmor</code> Docker images is
now fully
hash-checked internally, preventing accidental or malicious modification
to the images. This also means that subsequent releases of
<code>zizmor</code>
will induce a release of this action, rather than the action always
picking
up the latest version by default.</p>
</li>
</ul>
<h2>What's Changed</h2>
<ul>
<li>docs: extended permissions required for internal repos by <a
href="https://github.com/AntoineSebert "><code>@AntoineSebert</code></a>
in <a
href="https://redirect.github.com/zizmorcore/zizmor-action/pull/61 ">zizmorcore/zizmor-action#61</a></li>
<li>docs: clarify description of "token" to indicate it is
only used for online audits by <a
href="https://github.com/rmuir "><code>@rmuir</code></a> in <a
href="https://redirect.github.com/zizmorcore/zizmor-action/pull/63 ">zizmorcore/zizmor-action#63</a></li>
<li>Hash-check zizmor Docker images by <a
href="https://github.com/woodruffw "><code>@woodruffw</code></a> in <a
href="https://redirect.github.com/zizmorcore/zizmor-action/pull/68 ">zizmorcore/zizmor-action#68</a></li>
<li>Add <code>fail-on-no-inputs</code> option by <a
href="https://github.com/woodruffw "><code>@woodruffw</code></a> in <a
href="https://redirect.github.com/zizmorcore/zizmor-action/pull/67 ">zizmorcore/zizmor-action#67</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/AntoineSebert "><code>@AntoineSebert</code></a>
made their first contribution in <a
href="https://redirect.github.com/zizmorcore/zizmor-action/pull/61 ">zizmorcore/zizmor-action#61</a></li>
<li><a href="https://github.com/rmuir "><code>@rmuir</code></a> made
their first contribution in <a
href="https://redirect.github.com/zizmorcore/zizmor-action/pull/63 ">zizmorcore/zizmor-action#63</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/zizmorcore/zizmor-action/compare/v0.3.0...v0.4.0 ">https://github.com/zizmorcore/zizmor-action/compare/v0.3.0...v0.4.0 </a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="135698455dhttps://redirect.github.com/zizmorcore/zizmor-action/issues/83 ">#83</a>)</li>
<li><a
href="72469cf6cchttps://redirect.github.com/zizmorcore/zizmor-action/issues/80 ">#80</a>)</li>
<li><a
href="3aa7e2f1adhttps://redirect.github.com/zizmorcore/zizmor-action/issues/79 ">#79</a>)</li>
<li><a
href="92fc377b74https://redirect.github.com/zizmorcore/zizmor-action/issues/78 ">#78</a>)</li>
<li><a
href="5aff8efe9fhttps://redirect.github.com/zizmorcore/zizmor-action/issues/67 ">#67</a>)</li>
<li><a
href="4d497b9cc8https://redirect.github.com/zizmorcore/zizmor-action/issues/75 ">#75</a>)</li>
<li><a
href="5fa0711fa5https://redirect.github.com/zizmorcore/zizmor-action/issues/69 ">#69</a>)</li>
<li><a
href="c823f2c8e6https://redirect.github.com/zizmorcore/zizmor-action/issues/68 ">#68</a>)</li>
<li><a
href="706c51b5bchttps://redirect.github.com/zizmorcore/zizmor-action/issues/66 ">#66</a>)</li>
<li><a
href="cb3d8e846ehttps://redirect.github.com/zizmorcore/zizmor-action/issues/65 ">#65</a>)</li>
<li>Additional commits viewable in <a
href="e639db9933...135698455d
2026-01-28 22:16:41 +00:00
Michael Smith
376664ca04
chore: migrate all Coder modules to Registry repo ( #4 )
...
Addresses part of https://github.com/coder/internal/issues/532 (but doesn't fully close it out).
This is a huge PR, but chunking it up seemed pointless, since we're largely copying over existing files. I'm going to try commenting on the main areas I think are worth paying attention to
## Changes made
- Migrated over all Coder modules from coder/modules, and put them in their correct user namespaces.
- Added README.md files to all newly-created user namespaces
- Updated all image paths for every image used, to make sure they don't break (I switched the paths programmatically, and then manually verified every README to guarantee this).
- Added README.md files for each contributor who previously made a module
- Updated our `tsconfig.json` file to use modern libraries when run from the server, and made a custom `tsconfig.json` just for the `windows-rdp` module (which has more restrictive browser concerns)
- Added CI step to run all the module tests we currently have
## Notes
- There were a lot of Bash script files that weren't carried over in this PR, partly because I don't know Bash well enough to know (1) whether they're still needed, or (2) modify them to account for the new file structure. Those can be brought over later.
- We had a `lint.ts` file that provided some light validation of some of the modules. After going through it, there were so many bugs and issues with the code that I legitimately think that it barely provided a safety net at all. I got rid of it entirely, with the intention of adding the functionality that was originally intended to the current validation logic (to be handled in a separate PR).
- I changed how we set up the `.images` directory, because it felt like it would be chaos if a bunch of users try to throw all their images in one giant directory, with no guidelines on how to do it. I instead made it so that images should be scoped by namespace, which felt a lot more manageable. The `.icons` directory is still at the top level, because realistically, there are only going to be so many types of icons referenced, so it's fine for those to be shared.
- I don't think the `maintainer_github` and `contributor_github` fields make sense anymore, but those can be stripped out once we've updated the Registry site build step to use the new Registry repo
- My gut instinct is to use the user namespace to determine the main owner of the module, and then add a `contributors` string list to indicate which other users have contributed meaningfully to it. We can then add validation to make sure that every value in that list exists as another namespace in the repo
## What still needs to be migrated (in separate PRs)
These are the main files of interest that still probably need to be copied over from the `/modules` repo:
- `new.sh`
- `terraform_validate.sh`
- `update-version.sh`
They're probably going to require enough changes that it's worth handling them in a separate PR.
2025-04-17 09:49:54 -04:00
dependabot[bot]