Skip to content

chore(release): merge develop into main v1.18.1#161

Merged
bedatty merged 3 commits intomainfrom
develop
Mar 20, 2026
Merged

chore(release): merge develop into main v1.18.1#161
bedatty merged 3 commits intomainfrom
develop

Conversation

@bedatty
Copy link
Contributor

@bedatty bedatty commented Mar 20, 2026
edited by coderabbitai bot
Loading

Lerian

GitHub Actions Shared Workflows

Description

Type of Change

  • feat: New workflow or new input/output/step in an existing workflow
  • fix: Bug fix in a workflow (incorrect behavior, broken step, wrong condition)
  • perf: Performance improvement (e.g. caching, parallelism, reduced steps)
  • refactor: Internal restructuring with no behavior change
  • docs: Documentation only (README, docs/, inline comments)
  • ci: Changes to self-CI (workflows under .github/workflows/ that run on this repo)
  • chore: Dependency bumps, config updates, maintenance
  • test: Adding or updating tests
  • BREAKING CHANGE: Callers must update their configuration after this PR

Breaking Changes

None.

Testing

  • YAML syntax validated locally
  • Triggered a real workflow run on a caller repository using @develop or the beta tag
  • Verified all existing inputs still work with default values
  • Confirmed no secrets or tokens are printed in logs
  • Checked that unrelated workflows are not affected

Caller repo / workflow run:

Related Issues

Closes #

Summary by CodeRabbit

  • Chores
    • Stabilized automated workflow processes by pinning infrastructure dependencies to specific versions instead of development snapshots
    • Updated AWS authentication module for improved security and compatibility
    • Refreshed documentation examples to align with current version standards

dependabot bot and others added 3 commits March 20, 2026 17:59
@dependabot
chore(deps): bump aws-actions/configure-aws-credentials in the aws group
bdbbce9 
Bumps the aws group with 1 update: [aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials).


Updates `aws-actions/configure-aws-credentials` from 4 to 6
- [Release notes](https://github.com/aws-actions/configure-aws-credentials/releases)
- [Changelog](https://github.com/aws-actions/configure-aws-credentials/blob/main/CHANGELOG.md)
- [Commits](aws-actions/configure-aws-credentials@v4...v6)

---
updated-dependencies:
- dependency-name: aws-actions/configure-aws-credentials
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: aws
...

Signed-off-by: dependabot[bot] <support@github.com>
@bedatty
Merge pull request #159 from LerianStudio/dependabot/github_actions/d…
de3055c 
…evelop/aws-e11c4ba6fd

chore(deps): bump aws-actions/configure-aws-credentials from 4 to 6 in the aws group
@bedatty
chore(refs): pin all @develop refs to v1.18.0 in workflows and v1.x.x…
557bc9a 
… in READMEs (#160)

* chore(refs): pin all @develop refs to v1.18.0 in workflows and v1.x.x in README examples

* fix(lint): quote GITHUB_OUTPUT in release-notification SC2086
@bedatty bedatty self-assigned this Mar 20, 2026
@bedatty bedatty requested a review from a team as a code owner March 20, 2026 18:34
@coderabbitai
Copy link

coderabbitai bot commented Mar 20, 2026
edited
Loading

Walkthrough

Pins multiple GitHub Actions workflow reusable action dependencies from the develop branch to fixed version tags (v1.18.0 for workflow files, v1.x.x for documentation examples). Additionally updates AWS credentials action from v4 to v6 and corrects output variable quoting in release-notification workflow.

Changes

Cohort / File(s) Summary
Workflow Actions Pinned to v1.18.0
.github/workflows/branch-cleanup.yml, .github/workflows/build.yml, .github/workflows/gptchangelog.yml, .github/workflows/labels-sync.yml, .github/workflows/release.yml, .github/workflows/typescript-build.yml, .github/workflows/typescript-release.yml		 Pins LerianStudio/github-actions-shared-workflows reusable actions from @develop to @v1.18.0 in changed-paths, branch-cleanup, labels-sync, and docker-build-ts steps.
PR Security Scan Workflow
.github/workflows/pr-security-scan.yml		 Pins six reusable actions (changed-paths, trivy-fs-scan, trivy-image-scan, dockerfile-checks, pr-security-reporter, slack-notify) to @v1.18.0 instead of @develop.
Release Notification Workflow
.github/workflows/release-notification.yml		 Pins Discord and Slack notification actions to @v1.18.0; adds quotes around $GITHUB_OUTPUT variable reference in shell output step.
AWS Credentials Update
.github/workflows/s3-upload.yml		 Updates AWS credentials action from @v4 to @v6.
README Documentation Examples
src/lint/composite-schema/README.md, src/lint/readme-check/README.md, src/lint/shellcheck/README.md, src/notify/discord-release/README.md, src/notify/pr-lint-reporter/README.md, src/notify/slack-notify/README.md, src/notify/slack-release/README.md, src/security/dockerfile-checks/README.md, src/security/pr-security-reporter/README.md, src/security/trivy-image-scan/README.md		 Updates workflow usage examples from @develop to @v1.x.x version pattern.
Trivy FS Scan README
src/security/trivy-fs-scan/README.md		 Updates two example references from @develop to @v1.x.x.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

Possibly related PRs

Suggested labels

workflow, size/S

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name Status Explanation Resolution
Description check ⚠️ Warning PR description lacks substantive detail about the changes; the Description section is empty and no workflow impacts are documented despite 27 file modifications across workflows and documentation. Add a summary of what this PR accomplishes—pinning shared workflow versions from develop to v1.18.0, updating AWS credentials action to v6, and updating README examples—along with rationale and any impacts to callers.
✅ Passed checks (2 passed)
Check name Status Explanation
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Title check ✅ Passed The title accurately describes the main change: pinning shared workflow action references to v1.18.0 and updating the AWS credentials action to v6, plus a minor GITHUB_OUTPUT quoting fix. The release version reference (v1.18.1) matches the changeset scope.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch develop

Comment @coderabbitai help to get the list of available commands and usage tips.

@lerian-studio lerian-studio added the size/S PR changes 50–199 lines label Mar 20, 2026
@github-actions github-actions bot added workflow Changes to one or more reusable workflow files typescript Changes to TypeScript or Frontend workflows security Changes to security workflows or vulnerability reporting policy labels Mar 20, 2026
@lerian-studio
Copy link

lerian-studio commented Mar 20, 2026

🔍 Lint Analysis

Check Files Scanned Status
YAML Lint 10 file(s) ✅ success
Action Lint 10 file(s) ✅ success
Pinned Actions 10 file(s) ✅ success
Markdown Link Check 11 file(s) ✅ success
Spelling Check 21 file(s) ✅ success
Shell Check 10 file(s) ✅ success
README Check 10 file(s) ✅ success
Composite Schema no changes ⏭️ skipped

🔍 View full scan logs

@bedatty bedatty changed the title Develop chore(release): merge develop into main v1.18.1 Mar 20, 2026
@bedatty bedatty merged commit 09f3e9a into main Mar 20, 2026
24 of 25 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] approved these changes

Assignees

@bedatty bedatty

Labels

security Changes to security workflows or vulnerability reporting policy size/S PR changes 50–199 lines typescript Changes to TypeScript or Frontend workflows workflow Changes to one or more reusable workflow files

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@bedatty @lerian-studio