chore(deps): bump golangci/golangci-lint-action from 6.5.2 to 7.0.0 #1587
Conversation
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=60&v=4){kind=small}
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) from 6.5.2 to 7.0.0. - [Release notes](https://github.com/golangci/golangci-lint-action/releases) - [Commits](golangci/golangci-lint-action@55c2c14...1481404) --- updated-dependencies: - dependency-name: golangci/golangci-lint-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
To allow the upgrade of golangci/golangci-lint-action to 7.0.0 Signed-off-by: Kobi Samoray <[email protected]>
There was a problem hiding this comment.
@annakhm @salv-orlando @ksamoray - I recommend having dependabot skip this major version, using the Dependabot command, until the configuration portion is updated to support GoReleaser v2, which v7 of the action requires.
@tenthirtyam makes sense. Just noticed though that linter version in |
tenthirtyam
changed the title
Indeed - these should be the same version. I have a refactoring suggestion to make things a bit easier using a reusable workflow. For example: Update the
name: golangci-lint
on:
workflow_call:
inputs:
go-version-file:
required: true
type: string
cache:
required: false
type: boolean
default: false
pull_request:
paths-ignore:
- 'README.md'
push:
paths-ignore:
- 'README.md'
permissions:
contents: read
jobs:
build:
name: Build
runs-on: ubuntu-latest
timeout-minutes: 5
steps:
- name: Checkout
uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
- name: Setup Go
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version-file: 'go.mod'
cache: false
- run: go mod download
- run: go build -v .
- name: Run Linters
uses: golangci/golangci-lint-action@55c2c1448f86e01eaae002a5a3a9624417608d84 # v6.5.2
with:
version: v1.64.8
args: --issues-exit-code=1 --timeout 10m
only-new-issues: trueThen update the release workflow
name: Release
on:
push:
tags:
- 'v*'
permissions:
contents: write
jobs:
goreleaser:
runs-on: ubuntu-latest
steps:
- name: Checkout and Run Linters
uses: ./.github/workflows/golangci-lint.yml
with:
go-version-file: 'go.mod'
cache: false
- name: Import GPG Key
id: import_gpg
uses: crazy-max/ghaction-import-gpg@cb9bde2e2525e640591a934b1fd28eef1dcaf5e5 # v6.2.0
with:
gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
passphrase: ${{ secrets.GPG_PASSPHRASE }}
- name: Run GoReleaser
uses: goreleaser/goreleaser-action@9ed2f89a662bf1735a48bc8557fd212fa902bebf # v6.1.0
with:
version: latest
args: release --clean --timeout 60m --release-header-tmpl .goreleaser.tmpl
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }}Let me know what you think. cc @annakhm and @salv-orlando for consideration, too. |
|
Addressed in #1605 |
|
OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting If you change your mind, just re-open this PR and I'll resolve any conflicts on it. |
dependabot
bot
deleted the
dependabot/github_actions/golangci/golangci-lint-action-7.0.0
branch
Bumps golangci/golangci-lint-action from 6.5.2 to 7.0.0.
Release notes
Sourced from golangci/golangci-lint-action's releases.
Commits
14814047.0.0dec74fafeat: golangci-lint v2 support (#1198)1f07148build(deps-dev): bump the dev-dependencies group with 3 updates (#1207)9938e10docs: fix checks permissions for annotations (#1204)b91d580docs: update annotation permissions (#1203)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)