rust/.github at 1da13489247ed5b0b6694b2aabb0184f16b50afd - rust

nordic-dev.net/rust

Fork 0

mirror of https://github.com/rust-lang/rust.git synced 2024-11-22 23:04:33 +00:00

History

Matthias Krüger be0f3bdc3e Rollup merge of #110805 - pitaj:master, r=Mark-Simulacrum Github action to periodically `cargo update` to keep dependencies current Opens a PR periodically with the results of `cargo update`. If an unmerged PR for the branch `cargo_update` already exists, it will edit then reopen it if necessary. ~~This also uses [`cargo-upgrades`](https://gitlab.com/kornelski/cargo-upgrades) to provide a list of available major upgrades in the PR body.~~ It includes the list of changes output by `cargo update` in the commit message and PR body. Note that this output is currently sub-optimal due to https://github.com/rust-lang/cargo/issues/9408, but if updates are made more regularly that is less likely to show up. Example PR: https://github.com/pitaj/rust/pull/2 Example action run: https://github.com/pitaj/rust/actions/runs/5035731903 Prior discussion: https://rust-lang.zulipchat.com/#narrow/stream/242791-t-infra/topic/dependabot.20updates.3F Up for discussion: - What period do we want? Currently weekly - What user should it use? Currently "Github Actions" - Do we need the extra security of provided by executing `cargo update` and `cargo-upgrades` in a separate job? If not I can simplify it to not need artifacts. - PR message wording - PR should probably always be `rollup=always`? - What branch should it use? - What should it do if no updates are available? Currently fails the job on empty commit - Should the yml file live in `src/ci` instead of directly under workflows? - ~~Is using the latest nightly toolchain enough to ensure compatibility with `Cargo.lock` and `Cargo.toml`s in master?~~ Now pulls the bootstrap version from stage0.json r? infra	2023-06-17 18:27:30 +02:00
..
ISSUE_TEMPLATE	Spelling misc	2023-04-17 02:55:27 -04:00
workflows	Rollup merge of #110805 - pitaj:master, r=Mark-Simulacrum	2023-06-17 18:27:30 +02:00

Matthias Krüger be0f3bdc3e

Rollup merge of #110805 - pitaj:master, r=Mark-Simulacrum

Github action to periodically `cargo update` to keep dependencies current

Opens a PR periodically with the results of `cargo update`. If an unmerged PR for the branch `cargo_update` already exists, it will edit then reopen it if necessary.

~~This also uses [`cargo-upgrades`](https://gitlab.com/kornelski/cargo-upgrades) to provide a list of available major upgrades in the PR body.~~

It includes the list of changes output by `cargo update` in the commit message and PR body. Note that this output is currently sub-optimal due to https://github.com/rust-lang/cargo/issues/9408, but if updates are made more regularly that is less likely to show up.

Example PR: https://github.com/pitaj/rust/pull/2
Example action run: https://github.com/pitaj/rust/actions/runs/5035731903
Prior discussion: https://rust-lang.zulipchat.com/#narrow/stream/242791-t-infra/topic/dependabot.20updates.3F

Up for discussion:
- What period do we want? Currently weekly
- What user should it use? Currently "Github Actions"
- Do we need the extra security of provided by executing `cargo update` and `cargo-upgrades` in a separate job?
If not I can simplify it to not need artifacts.
- PR message wording
- PR should probably always be `rollup=always`?
- What branch should it use?
- What should it do if no updates are available? Currently fails the job on empty commit
- Should the yml file live in `src/ci` instead of directly under workflows?
- ~~Is using the latest nightly toolchain enough to ensure compatibility with `Cargo.lock` and `Cargo.toml`s in master?~~
Now pulls the bootstrap version from stage0.json

r? infra

2023-06-17 18:27:30 +02:00

ISSUE_TEMPLATE

Spelling misc

2023-04-17 02:55:27 -04:00

workflows

Rollup merge of #110805 - pitaj:master, r=Mark-Simulacrum

2023-06-17 18:27:30 +02:00