Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merge main into releases/v3 #2490

Merged
merged 37 commits into from
Sep 19, 2024
Merged

Merge main into releases/v3 #2490

merged 37 commits into from
Sep 19, 2024

Conversation

github-actions[bot]
Copy link
Contributor

Merging 64431c6 into releases/v3.

Conductor for this PR is @smowton.

Contains the following pull requests:

Please do the following:

  • Ensure the CHANGELOG displays the correct version and date.
  • Ensure the CHANGELOG includes all relevant, user-facing changes since the last release.
  • Check that there are not any unexpected commits being merged into the releases/v3 branch.
  • Ensure the docs team is aware of any documentation changes that need to be released.
  • Mark the PR as ready for review to trigger the full set of PR checks.
  • Approve and merge this PR. Make sure Create a merge commit is selected rather than Squash and merge or Rebase and merge.
  • Merge the mergeback PR that will automatically be created once this PR is merged.
  • Merge all backport PRs to older release branches, that will automatically be created once this PR is merged.

angelapwen and others added 30 commits September 11, 2024 15:09
Previously, we uploaded SARIF artifacts in the `analyze-post` step and database and log artifacts in the `init-post` step. As we migrate to the updated `artifact` dependencies, we want to switch to uploading all artifacts in one step.

In order to upload all artifacts in one go and maintain the artifacts at the root of the debug directory, we first move SARIF artifacts to the database directory. This should not affect any other consumers of the SARIF file as this occurs in the `init-post` step.
Previously, we uploaded combined SARIF artifacts in both the `analyze-post` and `upload-sarif-post` steps. This change ensures that these artifacts are uploaded at most once — in `analyze-post` if it is a first-party run and `upload-sarif-post` if it is a third-party run.

This is a defensive check because as we upgrade to the new `artifact` dependencies we will not be able to upload artifacts to the same artifact directory.
More accurately describes what these artifacts are, rather than the step they're uploaded in.
Mergeback v3.26.7 refs/heads/releases/v3 into main
Co-authored-by: Andrew Eisenberg <aeisenberg@github.com>
Fix incorrect documentation about the `token` input to the Actions.
The script `.github/update-release-branch.py` uses the `git` command
to push changes. Therefore we need to ensure that `git` authenticates
with a token that has the `workflows` write permision.

This change restore the GitHub token used by the script to access the
API and applies the `workflows` write permission to the token used by `git`.
…cts-upload

Refactor: prepare debug artifacts for `artifact` upgrades
…-for-auth

Use generated token on checkout
…ct-robustness

Improve the robustness of creating and uploading debug artifacts
@smowton smowton marked this pull request as ready for review September 19, 2024 09:16
@smowton smowton requested a review from a team as a code owner September 19, 2024 09:16
@smowton smowton merged commit 294a9d9 into releases/v3 Sep 19, 2024
307 checks passed
@smowton smowton deleted the update-v3.26.8-64431c66d branch September 19, 2024 09:40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

6 participants