Conversation
- Replace invalid --github --no-api flags with proper GitHub Action - Add lint/format checking before releases - Add dependency review for security scanning - Add manual workflow trigger with workflow_dispatch - Remove failing test job (no tests exist) - Add concurrency controls and optimized caching
- Fix UV install commands: change to uv pip install --group dev - Add dependency-review conditional for PR-only execution - Fix unsafe head_commit conditional with null check - Improve cache reliability with pyproject.toml + uv.lock keys Fixes failing CI jobs and prevents potential runtime errors. Workflow now handles missing files and contexts gracefully.
- Add pull_request trigger to enable dependency-review job - Dependency review now runs on PR creation/updates for security checks Fixes dependency review action which requires base/head refs only available in PR context.
The dependency-review action requires base_ref and head_ref which are only available during pull request events. This change prevents the workflow from failing on push/release/manual triggers.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fixes the invalid uv install command by changing it to uv pip install