Skip to content

chore: Cherry-picked changes from upstream #123

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
github-actions wants to merge 11 commits into
base: main
Choose a base branch
from
Open

chore: Cherry-picked changes from upstream #123

github-actions wants to merge 11 commits into from

Conversation

@github-actions
Copy link
Contributor

@github-actions github-actions bot commented Jan 21, 2026

Cherry-picked changes from upstream.

@github-actions
npm: remove direct dependency on unused package
33e88eb 
Our direct dependency on `@actions/exec` was removed in 274ad334e,
though we still depend on it indirectly.
@github-actions
minisign: replace libsodium dependency with node:crypto
c76be3b 
We have this dependency anyway (since we're running on Node). This drops
the problematic libsodium dependency so that the Action works on targets
which libsodium doesn't support.

Resolves: #56
@github-actions
use hardcoded community mirror list when ziglang.org is inaccessible
3644d2b
@github-actions
Use cur_dev and min_dev in comparison versionLessThan
93eca80 
The constant variables `cur_dev` and `min_dev` were added but never used in the comparison. This change is assuming this was by mistake. Otherwise `cur_dev` and `min_dev` are unused and should be removed.
@github-actions
Use named capture groups for version string matching
913643e 
Previously it was referencing the wrong group index (off by one), which is easy to do when relying on indices. Using capture groups here should make it less error prone (and also fixes this initial problem).

Long term a small unit test should avoid this happening / regressing.
@github-actions
fix: apply code build script
9b1381c
@github-actions
fix: apply code build script
5c6435d
@github-actions
fix: apply code build script
9cfcfd9
@github-actions
fix: apply code build script
c5454da
@github-actions
Copy link
Contributor Author

github-actions bot commented Jan 21, 2026

🚀 PR Updated!

The PR has been updated with the latest cherry-picked commits.

@step-security/maintained-actions-dev Please review and approve the changes.

📦 Target Release Version: v2.2.0
📋 Previous Release Version: v2.1.0

⚠️ Completely Skipped Commits Due to only modifying files in: package.json, package-lock.json, yarn.lock, node_modules/, dist/, or .gitignore

  • 7296b2befa5301372c098a5e62c74443e7e041ef

❗ Missing Files:

  • .forgejo/workflows/test.yml

❌ Conflicting Files:

  • minisign.js from commit 1796bca8848b891c399b7afc5099c1cef80e5dfb

@github-actions
Copy link
Contributor Author

github-actions bot commented Jan 21, 2026

🔍 Cherry-Pick Verification Report

📦 Upstream Changes: v2.1.0...v2.2.0

📋 File-by-File Analysis:

.forgejo/workflows/test.yml

  • Upstream has changes: ✅ Yes
  • File exists in PR: ❌ No
  • Status: 🔴 Missing - File missing in PR (upstream has 0 additions, 1 deletions)

common.js

  • Upstream has changes: ✅ Yes
  • File exists in PR: ✅ Yes
  • Changes match: ✅ Yes
  • Status: 🟢 Perfect - ✅ All changes applied correctly (+6 -7)

main.js

  • Upstream has changes: ✅ Yes
  • File exists in PR: ✅ Yes
  • Changes match: ✅ Yes
  • Status: 🟢 Perfect - ✅ All changes applied correctly (+23 -6)

minisign.js

  • Upstream has changes: ✅ Yes
  • File exists in PR: ❌ No
  • Status: 🔴 Missing - ❌ No PR patch available (+17 -13)

📊 Summary:

  • Total files changed upstream: 4
  • Files present in PR: 2/4
  • Files with matching changes: 2/4

Overall Status: 🔴 INCOMPLETE - Missing files or changes

@github-actions
Copy link
Contributor Author

github-actions bot commented Jan 21, 2026

🔍 Cherry-Pick Verification Report

📦 Upstream Changes: v2.1.0...v2.2.0

📋 File-by-File Analysis:

.forgejo/workflows/test.yml

  • Upstream has changes: ✅ Yes
  • File exists in PR: ❌ No
  • Status: 🔴 Missing - File missing in PR (upstream has 0 additions, 1 deletions)

common.js

  • Upstream has changes: ✅ Yes
  • File exists in PR: ✅ Yes
  • Changes match: ✅ Yes
  • Status: 🟢 Perfect - ✅ All changes applied correctly (+6 -7)

main.js

  • Upstream has changes: ✅ Yes
  • File exists in PR: ✅ Yes
  • Changes match: ✅ Yes
  • Status: 🟢 Perfect - ✅ All changes applied correctly (+23 -6)

minisign.js

  • Upstream has changes: ✅ Yes
  • File exists in PR: ✅ Yes
  • Changes match: ❌ No
  • Status: 🟡 Partial - ❌ Cherry-pick incomplete (+17 -13) | Missing 1 additions | Missing 1 deletions

📊 Summary:

  • Total files changed upstream: 4
  • Files present in PR: 3/4
  • Files with matching changes: 2/4

Overall Status: 🔴 INCOMPLETE - Missing files or changes

@github-actions
Copy link
Contributor Author

github-actions bot commented Jan 23, 2026

🔍 Cherry-Pick Verification Report

📦 Upstream Changes: v2.1.0...v2.2.0

📋 File-by-File Analysis:

.forgejo/workflows/test.yml

  • Upstream has changes: ✅ Yes
  • File exists in PR: ❌ No
  • Status: 🔴 Missing - File missing in PR (upstream has 0 additions, 1 deletions)

common.js

  • Upstream has changes: ✅ Yes
  • File exists in PR: ✅ Yes
  • Changes match: ✅ Yes
  • Status: 🟢 Perfect - ✅ All changes applied correctly (+6 -7)

main.js

  • Upstream has changes: ✅ Yes
  • File exists in PR: ✅ Yes
  • Changes match: ✅ Yes
  • Status: 🟢 Perfect - ✅ All changes applied correctly (+23 -6)

minisign.js

  • Upstream has changes: ✅ Yes
  • File exists in PR: ✅ Yes
  • Changes match: ❌ No
  • Status: 🟡 Partial - ❌ Cherry-pick incomplete (+17 -13) | Missing 1 deletions

📊 Summary:

  • Total files changed upstream: 4
  • Files present in PR: 3/4
  • Files with matching changes: 2/4

Overall Status: 🔴 INCOMPLETE - Missing files or changes

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@amanstep amanstep amanstep approved these changes

Assignees

No one assigned

Labels

review-required

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@amanstep @Raj-StepSecurity