From 8392c77dbc3df5aa179e9b132b03ebf52f77f120 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 7 Nov 2025 11:08:27 +0000 Subject: [PATCH 1/2] chore(deps): update dargmuesli/github-actions action to v3 --- .github/workflows/ci.yml | 4 ++-- .github/workflows/release-schedule.yml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 4d9bbf04..3335ab63 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -28,14 +28,14 @@ jobs: build: needs: prepare_jobs name: dargstack rgen - uses: dargmuesli/github-actions/.github/workflows/dargstack-rgen.yml@2b47b35b82df04152c34ae042bd011dd83f28ffd # 2.8.0 + uses: dargmuesli/github-actions/.github/workflows/dargstack-rgen.yml@714a68188444d710ffa3e9f35a05f6a9d420931d # 3.2.0 if: needs.prepare_jobs.outputs.pr_found == 'false' || github.event_name == 'pull_request' with: APT_PACKAGES: mkcert release-semantic: needs: build name: Semantic Release - uses: dargmuesli/github-actions/.github/workflows/release-semantic.yml@2b47b35b82df04152c34ae042bd011dd83f28ffd # 2.8.0 + uses: dargmuesli/github-actions/.github/workflows/release-semantic.yml@714a68188444d710ffa3e9f35a05f6a9d420931d # 3.2.0 permissions: contents: write secrets: diff --git a/.github/workflows/release-schedule.yml b/.github/workflows/release-schedule.yml index 86e4cc37..251df17a 100644 --- a/.github/workflows/release-schedule.yml +++ b/.github/workflows/release-schedule.yml @@ -11,7 +11,7 @@ on: jobs: release-schedule: name: "Release: Scheduled" - uses: dargmuesli/github-actions/.github/workflows/release-schedule.yml@2b47b35b82df04152c34ae042bd011dd83f28ffd # 2.8.0 + uses: dargmuesli/github-actions/.github/workflows/release-schedule.yml@714a68188444d710ffa3e9f35a05f6a9d420931d # 3.2.0 secrets: PERSONAL_ACCESS_TOKEN: ${{ secrets.PERSONAL_ACCESS_TOKEN }} with: From 295ce974c364db9e6e7cb4a6a3aebc900f4a68e2 Mon Sep 17 00:00:00 2001 From: Jonas Thelemann Date: Fri, 7 Nov 2025 15:46:29 +0100 Subject: [PATCH 2/2] ci: upgrade to dargmuesli/github-actions action to v3 --- .github/workflows/ci.yml | 29 ++++++++++---------------- .github/workflows/release-schedule.yml | 3 +-- 2 files changed, 12 insertions(+), 20 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 3335ab63..4facfb41 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -1,7 +1,6 @@ name: CI -permissions: - contents: read +permissions: {} on: pull_request: @@ -13,30 +12,24 @@ on: - renovate/** jobs: - prepare_jobs: - name: "Prepare: job optimization" - runs-on: ubuntu-latest - outputs: - pr_found: ${{ steps.pr.outputs.pr_found }} - steps: - - name: Get current PR - id: pr - uses: 8BitJonny/gh-get-current-pr@4056877062a1f3b624d5d4c2bedefa9cf51435c9 # 4.0.0 - with: - filterOutClosed: true - filterOutDraft: true + ci-optimization: + name: CI optimization + uses: dargmuesli/github-actions/.github/workflows/ci-optimization.yml@a8900fcf9e9d1e7f4c1138484cb7bf8d7bd3f3cb # 3.0.0 + permissions: + pull-requests: read build: - needs: prepare_jobs + needs: ci-optimization + if: needs.ci-optimization.outputs.continue == 'true' name: dargstack rgen - uses: dargmuesli/github-actions/.github/workflows/dargstack-rgen.yml@714a68188444d710ffa3e9f35a05f6a9d420931d # 3.2.0 - if: needs.prepare_jobs.outputs.pr_found == 'false' || github.event_name == 'pull_request' + uses: dargmuesli/github-actions/.github/workflows/dargstack-rgen.yml@a8900fcf9e9d1e7f4c1138484cb7bf8d7bd3f3cb # 3.0.0 with: APT_PACKAGES: mkcert release-semantic: needs: build name: Semantic Release - uses: dargmuesli/github-actions/.github/workflows/release-semantic.yml@714a68188444d710ffa3e9f35a05f6a9d420931d # 3.2.0 + uses: dargmuesli/github-actions/.github/workflows/release-semantic.yml@a8900fcf9e9d1e7f4c1138484cb7bf8d7bd3f3cb # 3.0.0 permissions: contents: write + id-token: write secrets: PERSONAL_ACCESS_TOKEN: ${{ secrets.PERSONAL_ACCESS_TOKEN }} diff --git a/.github/workflows/release-schedule.yml b/.github/workflows/release-schedule.yml index 251df17a..41ed3643 100644 --- a/.github/workflows/release-schedule.yml +++ b/.github/workflows/release-schedule.yml @@ -1,7 +1,6 @@ name: "Release: Scheduled" -permissions: - contents: read +permissions: {} on: schedule: