Switch back to type-safe action bindings

[Vampire]

Summary by CodeRabbit

• Chores
  • Updated GitHub Actions workflows to use properly typed versions of Codecov and CodeQL actions, enhancing CI/CD pipeline reliability and consistency.

[Vampire]

• Switch back to type-safe action bindings #2318 👈 (View in Graphite)
• master

This stack of pull requests is managed by Graphite. Learn more about stacking.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: c2408606-a9a1-4ad0-943b-97238970c988

📥 Commits

Reviewing files that changed from the base of the PR and between 9c6342c and 034a49d.

📒 Files selected for processing (3)

• .github/workflows/branches-and-prs.main.kts
• .github/workflows/codeql-analysis.main.kts
• .github/workflows/release.main.kts

---

📝 Walkthrough

Walkthrough

The PR upgrades three GitHub workflow files to use type-safe action classes instead of untyped variants, updating imports, constructor parameters, and dependency version specifications accordingly.

Changes

Cohort / File(s)	Summary
Codecov Action Migration .github/workflows/branches-and-prs.main.kts, .github/workflows/release.main.kts	Replaced CodecovAction_Untyped with CodecovAction and changed failCiIfError_Untyped parameter from string to boolean type in both files.
CodeQL Action Migration .github/workflows/codeql-analysis.main.kts	Replaced CodeqlActionInit_Untyped with CodeqlActionInit and CodeqlActionAnalyze_Untyped with CodeqlActionAnalyze; updated imports and bumped dependency version ranges from specific versions to generic major versions (e.g., [v4.32.4,v5-alpha) → [v4,v5-alpha)).

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Possibly related PRs

• #2291: Modifies the same CodeQL workflow file with CodeQL action upgrades and dependency version updates.
• #2299: Contains similar type-safe action migration changes across Codecov and CodeQL workflows.

Poem

🐰 From untyped strings to booleans true,
The workflows now speak a language more true!
CodeQL and Codecov, now typed with care,
Less ambiguity floating in the air. ✨

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'Switch back to type-safe action bindings' accurately summarizes the main changes across all modified workflow files, which consistently replace untyped action classes with their type-safe counterparts.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

• 📝 Generate docstrings (stacked PR)
• 📝 Generate docstrings (commit on current branch)

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch vampire/back-to-typesafe

📝 Coding Plan

• Generate coding plan for human review comments

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[greptile-apps]

Greptile Summary

This PR reverts the _Untyped binding workaround introduced in #2299 (commit 2db4303) — where CodecovAction_Untyped and CodeqlAction*_Untyped were used due to a github-workflows-kt API breaking change — and restores the original type-safe action bindings now that the library issue has been resolved.

Key changes:

• branches-and-prs.main.kts & release.main.kts: Replace CodecovAction_Untyped(failCiIfError_Untyped = "true") with the properly-typed CodecovAction(failCiIfError = true) — a Boolean instead of a String.
• codeql-analysis.main.kts: Replace CodeqlActionInit_Untyped and CodeqlActionAnalyze_Untyped with their typed counterparts, and relax the binding version range from [v4.32.4,v5-alpha) back to [v4,v5-alpha) to reflect that typed bindings are now available for the full v4 release line.
• The generated .yaml files are unchanged — both typed and untyped bindings for these actions produce identical YAML output, which is also confirmed by the existing check_yaml_consistency CI job that would catch any divergence.

Confidence Score: 5/5

• This PR is safe to merge — it is a pure API-surface refactoring with no functional or generated-output changes.
• All three changes are mechanical substitutions of _Untyped binding classes with their typed equivalents. The generated YAML files are unaffected (confirmed by the empty diff against the .yaml files), and the existing check_yaml_consistency CI job would catch any divergence. The version-range widening in codeql-analysis.main.kts is intentional and expected — typed bindings are now available for the full v4 range, not just v4.32.4+.
• No files require special attention.

Important Files Changed

Filename	Overview
.github/workflows/branches-and-prs.main.kts	Replaces CodecovAction_Untyped(failCiIfError_Untyped = "true") with the type-safe CodecovAction(failCiIfError = true); no logic or generated YAML changes.
.github/workflows/codeql-analysis.main.kts	Replaces CodeqlActionInit_Untyped / CodeqlActionAnalyze_Untyped with typed counterparts and widens the binding version range from [v4.32.4,v5-alpha) to [v4,v5-alpha), matching the now-available typed bindings for all v4 releases.
.github/workflows/release.main.kts	Same Codecov untyped → typed migration as branches-and-prs.main.kts; no logic or generated YAML changes.

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A[Push / PR / MergeGroup] --> B{Workflow Trigger}

    B --> W1[branches-and-prs.yaml]
    B --> W2[codeql-analysis.yaml]
    B --> W3[release.yaml]

    W1 --> C1[check_yaml_consistency]
    C1 --> C2[check_all_workflow_yaml_consistency]
    C2 --> C3[build-and-verify matrix]
    C3 --> C4["CodecovAction\nfailCiIfError = true"]

    W2 --> D1[check_yaml_consistency]
    D1 --> D2[codeql-build matrix]
    D2 --> D3["CodeqlActionInit\n(typed)"]
    D3 --> D4[Build Spock Classes]
    D4 --> D5["CodeqlActionAnalyze\n(typed)"]

    W3 --> E1[check_yaml_consistency]
    E1 --> E2[build-and-verify matrix]
    E2 --> E3["CodecovAction\nfailCiIfError = true"]
    E3 --> E4[release-spock]
    E4 --> E5[publish-release-docs]

    style C4 fill:#90EE90
    style D3 fill:#90EE90
    style D5 fill:#90EE90
    style E3 fill:#90EE90

Loading

_{Last reviewed commit: 034a49d}

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 82.16%. Comparing base (9c6342c) to head (034a49d).

Additional details and impacted files

@@             Coverage Diff              @@
##             master    #2318      +/-   ##
============================================
- Coverage     82.16%   82.16%   -0.01%     
+ Complexity     4822     4821       -1     
============================================
  Files           472      472              
  Lines         15036    15036              
  Branches       1905     1905              
============================================
- Hits          12355    12354       -1     
  Misses         1989     1989              
- Partials        692      693       +1     

see 1 file with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.