[BUG] GH Release changelog is creating broken diff links #1035
Description
Describe the bug
The release process for this action is generating broken changelogs
To Reproduce
Steps to reproduce the behavior:
- Visit https://github.com/actions/dependency-review-action/releases
- Scroll to any release that has "full changelog" link
- See the "from" portion of the diff link is
v4tag.
Expected behavior
The "Full Changelog" link should be generating a link from the prior version. So release https://github.com/actions/dependency-review-action/releases/tag/v4.8.1 should have a link of v4.8.0 to v4.8.1: v4.8.0...v4.8.1
Screenshots
Action version
na
Note: if you're not running the latest release please try that first!
Examples
na
Additional context
The problem here is because you're using a v4 tag to indicate the "latest release of v4 line". This violates git expectations for one, because it means the v4 tag is not immutable, but is instead being force-pushed every time there is a new release. Which breaks GitHub Releases, because the GH Release Notes assume that the full changelog should be from the "last/previous" tag, to the one being released. This is normally a safe assumption when following git guidelines. But the use of a continually-force-pushed vMAJOR tag violates those assumptions and breaks GH Releases.
The fix is simple: use a v4 branch instead of a tag. This way, whenever a release is cut, GH Releases is able to derive the "previous" tag correctly, and generate the release notes properly. Bonus points: you won't have to keep force-pushing a tag, and you align with git recommendations. (Branches are for continually-updated ref heads, not tags.)