chore: Add semver workflow#48
Conversation
Not-Nik
requested review from
beurdouche,
jschanck,
larseggert and
martinthomson
as code owners
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #48 +/- ##
=======================================
Coverage ? 68.89%
=======================================
Files ? 26
Lines ? 3244
Branches ? 3244
=======================================
Hits ? 2235
Misses ? 806
Partials ? 203
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
There was a problem hiding this comment.
Clean, minimal addition — reuses the pinned mozilla/actions reusable workflow at the same SHA as the rest of the CI, and follows the existing concurrency/permissions conventions. Only one issue: the missing merge_group trigger (see inline comment).
|
The workflow in mozilla/actions doesn't install NSS which prevents nss-rs from building. Either we keep a completely separate workflow here, or we move semver from a workflow to an action, so we can install NSS here before calling it. cc @larseggert |
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
Not-Nik
force-pushed
the
semver
branch
4 times, most recently
from
798c83a to
e970ff6
Compare
Avoid a full clone in the calling workflow: only check out min_version.txt (needed by the nss action) and fetch tag refs to resolve the latest tag. The semver action does its own full checkout afterwards. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
There was a problem hiding this comment.
Clean addition — follows the repo's established CI conventions (concurrency, permissions, pinned actions, merge_group trigger). The sparse-checkout + fetch-tags optimization is a nice touch over a full clone.
The previous review feedback (missing merge_group, trigger ordering, zizmor version-comment finding) has all been addressed.
One inline comment on the tag resolution strategy — see thread on line 34.
There was a problem hiding this comment.
Clean, well-structured addition. The workflow follows all existing CI conventions (triggers, concurrency, permissions, pinned action hashes with version comments). The sparse-checkout + fetch-tags optimization keeps the checkout minimal while still resolving the semver baseline. Previous review feedback (merge_group trigger, --sort=-version:refname, empty-tag guard, zizmor version comment) has all been addressed.
Two minor observations on the PR as a whole:
- Version bump scope: The
0.8.0→0.9.0bump is included without explanation in the (empty) PR body. Worth a short note on whether this accounts for API changes since the0.8.0tag or is purely to bootstrap the semver workflow. CLAUDE.md: Tangential to the semver workflow. Content is accurate (verified edition, MSRV, and min NSS version againstCargo.toml/min_version.txt), but could live in its own commit or PR for cleaner history.
There was a problem hiding this comment.
Clean, well-structured workflow. Follows the repo's established conventions (triggers, concurrency, permissions, pinned actions with version comments, job-level defaults). All previous review feedback (merge_group trigger, --sort=-version:refname, empty-tag guard, zizmor version comment) has been addressed.
Two observations:
- Sparse checkout: See inline comment — verify that
mozilla/actions/semverdoesn't depend on the working tree having source files, since onlymin_version.txtis checked out. - Version bump bundling: The
0.8.0→0.9.0bump is unrelated to the semver workflow addition. Consider a brief note in the PR description explaining whether this accounts for API changes since the0.8.0tag, or splitting it into its own commit for cleaner history.
4 participants
No description provided.