From fc00290dd748be9efe07e84491efb3cb727dce08 Mon Sep 17 00:00:00 2001 From: Glen Date: Mon, 8 Dec 2025 17:09:20 +0200 Subject: [PATCH 1/3] Updated CI actions and packages --- .github/workflows/benchmarks.yml | 8 +++--- .github/workflows/ci-cleanup.yml | 2 +- .github/workflows/ci.yml | 40 +++++++++++++-------------- .github/workflows/coverage.yml | 16 +++++------ .github/workflows/pr-labeler.yml | 2 +- .github/workflows/publish-website.yml | 6 ++-- .github/workflows/release.yml | 28 +++++++++---------- dictionary.txt | 11 ++++++++ 8 files changed, 62 insertions(+), 51 deletions(-) diff --git a/.github/workflows/benchmarks.yml b/.github/workflows/benchmarks.yml index 3a0af8fa66c..b3553f259cc 100644 --- a/.github/workflows/benchmarks.yml +++ b/.github/workflows/benchmarks.yml @@ -25,13 +25,13 @@ jobs: steps: - name: Checkout current repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: fetch-depth: 0 show-progress: false - name: Checkout performance data repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: repository: ChilliCream/graphql-platform-performance-data token: ${{ secrets.PERFORMANCE_DATA_TOKEN }} @@ -86,7 +86,7 @@ jobs: - name: Comment PR with performance report if: github.event_name == 'pull_request' - uses: actions/github-script@v7 + uses: actions/github-script@v8 with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | @@ -115,7 +115,7 @@ jobs: }); - name: Upload performance data as artifact - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v5 if: always() with: name: fusion-gateway-performance-data diff --git a/.github/workflows/ci-cleanup.yml b/.github/workflows/ci-cleanup.yml index 86ff81da617..4c67abc47d5 100644 --- a/.github/workflows/ci-cleanup.yml +++ b/.github/workflows/ci-cleanup.yml @@ -10,7 +10,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Check out code - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: show-progress: false diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index ed8dd27fdde..eec6537c5ee 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -20,7 +20,7 @@ jobs: src_changes: ${{ steps.check-src.outputs.src_changes }} steps: - name: Checkout Repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: fetch-depth: 2 show-progress: false @@ -63,18 +63,18 @@ jobs: needs: check-changes if: needs.check-changes.outputs.website_changes == 'true' steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 name: Check out the code with: show-progress: false - name: Install Node.js - uses: actions/setup-node@v4 + uses: actions/setup-node@v6 with: - node-version: 22 + node-version: 24 - name: Install cspell - run: npm install -g cspell + run: npm install -g cspell@9.4.0 - name: run cspell run: cspell --config ./cspell.json "website/src/**/*.md" --no-progress --no-cache @@ -83,15 +83,15 @@ jobs: name: "Markdown linting" runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 name: Check out the code with: show-progress: false - - uses: actions/setup-node@v4 + - uses: actions/setup-node@v6 name: Setup node with: - node-version: 22 - - run: npm install -g markdownlint-cli2@0.19.0 + node-version: 24 + - run: npm install -g markdownlint-cli2@0.20.0 name: Install markdownlint-cli2 - run: markdownlint-cli2 "*.md" "website/src/**/*.md" name: run Markdownlint @@ -103,14 +103,14 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout Repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: show-progress: false - name: Install Node.js - uses: actions/setup-node@v4 + uses: actions/setup-node@v6 with: - node-version: 22 + node-version: 24 cache: "yarn" cache-dependency-path: "website/yarn.lock" @@ -143,12 +143,12 @@ jobs: steps: - name: Checkout to repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: show-progress: false - name: Install .NET - uses: actions/setup-dotnet@v4 + uses: actions/setup-dotnet@v5 with: dotnet-version: 10.x @@ -173,12 +173,12 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: show-progress: false - name: Install .NET - uses: actions/setup-dotnet@v4 + uses: actions/setup-dotnet@v5 with: dotnet-version: | 8.x @@ -217,13 +217,13 @@ jobs: CI_BUILD: true - name: Upload Test Results as Artifact - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v5 with: name: test-results-${{ matrix.name }} path: ${{ matrix.directoryPath }}/TestResults/*.trx - name: Upload Coverage File as Artifact - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v5 with: name: coverage-${{ matrix.name }} # The * matches a single directory that is named with a GUID. @@ -232,7 +232,7 @@ jobs: - name: Upload mismatch files as Artifact if: steps.run-tests.outcome == 'failure' - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v5 with: name: mismatch-files-${{ matrix.name }} path: ${{ matrix.directoryPath }}/**/__mismatch__/* @@ -243,7 +243,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Download all coverage artifacts - uses: actions/download-artifact@v4 + uses: actions/download-artifact@v6 with: path: ./output/download pattern: coverage-* diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml index 9ccd6b1aa3a..3eacfc5568b 100644 --- a/.github/workflows/coverage.yml +++ b/.github/workflows/coverage.yml @@ -22,12 +22,12 @@ jobs: steps: - name: Checkout to repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: show-progress: false - name: Install .NET - uses: actions/setup-dotnet@v4 + uses: actions/setup-dotnet@v5 with: dotnet-version: | 8.x @@ -54,12 +54,12 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: show-progress: false - name: Install .NET - uses: actions/setup-dotnet@v4 + uses: actions/setup-dotnet@v5 with: dotnet-version: | 8.x @@ -94,13 +94,13 @@ jobs: CI_BUILD: true - name: Upload Test Results as Artifact - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v5 with: name: test-results-${{ matrix.name }} path: ${{ matrix.directoryPath }}/TestResults/*.trx - name: Upload Coverage File as Artifact - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v5 with: name: coverage-${{ matrix.name }} # The * matches a single directory that is named with a GUID. @@ -109,7 +109,7 @@ jobs: - name: Upload mismatch files as Artifact if: failure() - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v5 with: name: mismatch-files-${{ matrix.name }} path: ${{ matrix.directoryPath }}/**/__mismatch__/* @@ -126,7 +126,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Download all coverage artifacts - uses: actions/download-artifact@v4 + uses: actions/download-artifact@v6 with: path: ./output/download pattern: coverage-* diff --git a/.github/workflows/pr-labeler.yml b/.github/workflows/pr-labeler.yml index db241609750..2a1809c27d1 100644 --- a/.github/workflows/pr-labeler.yml +++ b/.github/workflows/pr-labeler.yml @@ -12,4 +12,4 @@ jobs: name: Apply Labels runs-on: ubuntu-latest steps: - - uses: actions/labeler@v5 + - uses: actions/labeler@v6 diff --git a/.github/workflows/publish-website.yml b/.github/workflows/publish-website.yml index cd34daf0c73..646a5df2557 100644 --- a/.github/workflows/publish-website.yml +++ b/.github/workflows/publish-website.yml @@ -16,7 +16,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: show-progress: false @@ -30,9 +30,9 @@ jobs: - run: echo ${{ secrets.CONTAINER_REG_URL }} - name: Install Node.js - uses: actions/setup-node@v4 + uses: actions/setup-node@v6 with: - node-version: 22 + node-version: 24 cache: "yarn" cache-dependency-path: "website/yarn.lock" diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 11f9ba543ee..20dc8e3271a 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -18,12 +18,12 @@ jobs: steps: - name: 📦 Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: show-progress: false - name: 🛠 Install .NET - uses: actions/setup-dotnet@v4 + uses: actions/setup-dotnet@v5 with: dotnet-version: | 8.x @@ -99,10 +99,10 @@ jobs: steps: - name: 📦 Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: 🛠 Install .NET - uses: actions/setup-dotnet@v4 + uses: actions/setup-dotnet@v5 with: dotnet-version: 10.x @@ -168,8 +168,8 @@ jobs: - name: 🖋️ Setup signing resources (macOS) if: runner.os == 'macOS' env: - BUILD_CERTIFICATE_BASE64: ${{ secrets.APPLE_DEVELOPER_CERTFICATE_BASE64 }} - P12_PASSWORD: ${{ secrets.APPLE_DEVELOPER_CERTFICATE_PASSWORD }} + BUILD_CERTIFICATE_BASE64: ${{ secrets.APPLE_DEVELOPER_CERTIFICATE_BASE64 }} + P12_PASSWORD: ${{ secrets.APPLE_DEVELOPER_CERTIFICATE_PASSWORD }} KEYCHAIN_PASSWORD: ${{ secrets.TEMPORARY_KEYCHAIN_PASSWORD }} run: | # create variables @@ -254,7 +254,7 @@ jobs: security delete-keychain $RUNNER_TEMP/app-signing.keychain-db - name: 📤 Upload zipped binary as artifact - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v5 with: name: nitro-${{ matrix.rid }} path: nitro-${{ matrix.rid }}.zip @@ -276,12 +276,12 @@ jobs: steps: - name: 📦 Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: 🧰 Setup Node - uses: actions/setup-node@v4 + uses: actions/setup-node@v6 with: - node-version: "22.x" + node-version: 24 registry-url: ${{ vars.NPM_REGISTRY_URL }} scope: "@chillicream" @@ -289,7 +289,7 @@ jobs: run: corepack enable - name: 📥 Download all zipped nitro binaries - uses: actions/download-artifact@v4 + uses: actions/download-artifact@v6 with: pattern: nitro-* merge-multiple: true @@ -350,7 +350,7 @@ jobs: shell: bash - name: 📤 Upload tarball as artifact - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v5 with: name: chillicream-nitro-${{ env.GIT_TAG }}.tgz path: src/Nitro/CommandLine/src/chillicream-nitro/chillicream-nitro-${{ env.GIT_TAG }}.tgz @@ -370,7 +370,7 @@ jobs: steps: - name: 📥 Checkout main repo - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: fetch-depth: 0 @@ -428,7 +428,7 @@ jobs: EOF - name: 📥 Checkout homebrew repo - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: repository: ChilliCream/homebrew-tools token: ${{ secrets.HOMEBREW_TAP_TOKEN }} diff --git a/dictionary.txt b/dictionary.txt index 79d42707fdf..39194152583 100644 --- a/dictionary.txt +++ b/dictionary.txt @@ -31,12 +31,14 @@ cadastre callsite CCPA chillicream +CODESIGN Codespaces colocated combinators contentfiles Contoso CQRS +creds dataloaders debuggable decompile @@ -77,6 +79,8 @@ inheritdocs initializable inspectable Kellner +keyrings +keyserver Kydne LASTEXITCODE Leia @@ -108,11 +112,13 @@ nlte Noda nologo Normen +notarytool noverlaps Npgsql nstartsWith NSwag ntouches +NUGETAPIKEY nwithin oncall opencover @@ -133,6 +139,7 @@ preparables PRIMEM PROJCS protobuf +publishaot queryables quox quux @@ -160,6 +167,7 @@ Skywalker snapshooter snupkg sortings +spctl Specwise sqft srid @@ -184,15 +192,18 @@ Toub TOWGS Trimmable Tzdb +unittests unlisten unpublish Unsubscriber Upsert upvote URQL +vnext vsix VXNlcjox websockets Wilhuff Wunder +xcrun xunit From 96fd76dae201cc6b91a0adce667bfe5a3ac58b56 Mon Sep 17 00:00:00 2001 From: Glen Date: Fri, 10 Apr 2026 11:09:30 +0200 Subject: [PATCH 2/3] Revert typo fix for now --- .github/workflows/release.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 7b9cb6e91d2..da3a55cc672 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -192,8 +192,8 @@ jobs: - name: 🖋️ Setup signing resources (macOS) if: runner.os == 'macOS' env: - BUILD_CERTIFICATE_BASE64: ${{ secrets.APPLE_DEVELOPER_CERTIFICATE_BASE64 }} - P12_PASSWORD: ${{ secrets.APPLE_DEVELOPER_CERTIFICATE_PASSWORD }} + BUILD_CERTIFICATE_BASE64: ${{ secrets.APPLE_DEVELOPER_CERTFICATE_BASE64 }} + P12_PASSWORD: ${{ secrets.APPLE_DEVELOPER_CERTFICATE_PASSWORD }} KEYCHAIN_PASSWORD: ${{ secrets.TEMPORARY_KEYCHAIN_PASSWORD }} run: | # create variables From e3d4b6b69ea1df30a00c76cba7544c33dd5bcd64 Mon Sep 17 00:00:00 2001 From: Glen Date: Fri, 10 Apr 2026 12:01:10 +0200 Subject: [PATCH 3/3] Update action versions --- .github/workflows/benchmarks.yml | 12 ++++++------ .github/workflows/ci.yml | 14 +++++++------- .github/workflows/coverage.yml | 10 +++++----- .github/workflows/publish-website.yml | 4 ++-- .github/workflows/release.yml | 14 +++++++------- 5 files changed, 27 insertions(+), 27 deletions(-) diff --git a/.github/workflows/benchmarks.yml b/.github/workflows/benchmarks.yml index cd9a0d3fed1..70b06ea520f 100644 --- a/.github/workflows/benchmarks.yml +++ b/.github/workflows/benchmarks.yml @@ -16,7 +16,7 @@ jobs: pull-requests: write steps: - name: Post initial pending comment - uses: actions/github-script@v7 + uses: actions/github-script@v9 with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | @@ -182,7 +182,7 @@ jobs: "${{ matrix.runner-label }}" - name: Upload benchmark result - uses: actions/upload-artifact@v6 + uses: actions/upload-artifact@v7 if: always() with: name: benchmark-${{ matrix.test }}-${{ matrix.mode }}-${{ matrix.runner-group }} @@ -194,7 +194,7 @@ jobs: # No artifact downloads, no external scripts — just a few API calls. - name: Update PR comment (progressive) if: github.event_name == 'pull_request' - uses: actions/github-script@v8 + uses: actions/github-script@v9 with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | @@ -331,7 +331,7 @@ jobs: steps: - name: Download all benchmark results - uses: actions/download-artifact@v4 + uses: actions/download-artifact@v8 continue-on-error: true with: pattern: benchmark-* @@ -341,7 +341,7 @@ jobs: # overwrite progressive results with a less complete artifact set # (e.g., when cancel-in-progress killed some jobs mid-run). - name: Update PR comment with final report - uses: actions/github-script@v7 + uses: actions/github-script@v9 with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | @@ -511,7 +511,7 @@ jobs: steps: - name: Download all benchmark results - uses: actions/download-artifact@v4 + uses: actions/download-artifact@v8 with: pattern: benchmark-* path: benchmark-results diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 8ad71f47aef..1589fcf4523 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -74,7 +74,7 @@ jobs: node-version: 24 - name: Install cspell - run: npm install -g cspell@9.4.0 + run: npm install -g cspell@10.0.0 - name: run cspell run: cspell --config ./cspell.json "website/src/**/*.md" --no-progress --no-cache @@ -91,7 +91,7 @@ jobs: name: Setup node with: node-version: 24 - - run: npm install -g markdownlint-cli2@0.20.0 + - run: npm install -g markdownlint-cli2@0.22.0 name: Install markdownlint-cli2 - run: markdownlint-cli2 "*.md" "website/src/**/*.md" name: run Markdownlint @@ -208,7 +208,7 @@ jobs: github.event_name != 'pull_request' || (github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name == github.repository) - uses: docker/login-action@v3 + uses: docker/login-action@v4 with: username: ${{ vars.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} @@ -229,13 +229,13 @@ jobs: CI_BUILD: true - name: Upload Test Results as Artifact - uses: actions/upload-artifact@v6 + uses: actions/upload-artifact@v7 with: name: test-results-${{ matrix.name }} path: ${{ matrix.directoryPath }}/TestResults/*.trx - name: Upload Coverage File as Artifact - uses: actions/upload-artifact@v6 + uses: actions/upload-artifact@v7 with: name: coverage-${{ matrix.name }} # The * matches a single directory that is named with a GUID. @@ -244,7 +244,7 @@ jobs: - name: Upload mismatch files as Artifact if: steps.run-tests.outcome == 'failure' - uses: actions/upload-artifact@v6 + uses: actions/upload-artifact@v7 with: name: mismatch-files-${{ matrix.name }} path: ${{ matrix.directoryPath }}/**/__mismatch__/* @@ -255,7 +255,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Download all coverage artifacts - uses: actions/download-artifact@v7 + uses: actions/download-artifact@v8 with: path: ./output/download pattern: coverage-* diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml index 07deb153a48..967465861d8 100644 --- a/.github/workflows/coverage.yml +++ b/.github/workflows/coverage.yml @@ -72,7 +72,7 @@ jobs: timeout-minutes: 5 - name: Log in to Docker Hub - uses: docker/login-action@v3 + uses: docker/login-action@v4 with: username: ${{ vars.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} @@ -94,13 +94,13 @@ jobs: CI_BUILD: true - name: Upload Test Results as Artifact - uses: actions/upload-artifact@v6 + uses: actions/upload-artifact@v7 with: name: test-results-${{ matrix.name }} path: ${{ matrix.directoryPath }}/TestResults/*.trx - name: Upload Coverage File as Artifact - uses: actions/upload-artifact@v6 + uses: actions/upload-artifact@v7 with: name: coverage-${{ matrix.name }} # The * matches a single directory that is named with a GUID. @@ -109,7 +109,7 @@ jobs: - name: Upload mismatch files as Artifact if: failure() - uses: actions/upload-artifact@v6 + uses: actions/upload-artifact@v7 with: name: mismatch-files-${{ matrix.name }} path: ${{ matrix.directoryPath }}/**/__mismatch__/* @@ -126,7 +126,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Download all coverage artifacts - uses: actions/download-artifact@v7 + uses: actions/download-artifact@v8 with: path: ./output/download pattern: coverage-* diff --git a/.github/workflows/publish-website.yml b/.github/workflows/publish-website.yml index 323e550ae4e..b1b651b401b 100644 --- a/.github/workflows/publish-website.yml +++ b/.github/workflows/publish-website.yml @@ -21,7 +21,7 @@ jobs: show-progress: false - name: Docker Login - uses: docker/login-action@v3 + uses: docker/login-action@v4 with: registry: ${{ secrets.CONTAINER_REG_URL }} username: ${{ secrets.CONTAINER_REG_USERNAME }} @@ -66,7 +66,7 @@ jobs: working-directory: website - name: Build WebSite Container - uses: docker/build-push-action@v5 + uses: docker/build-push-action@v7 with: context: ./website file: .docker/website/dockerfile diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index da3a55cc672..3c0758bb888 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -161,17 +161,17 @@ jobs: NitroIdentityScopes: ${{ secrets.NITRO_IDENTITY_SCOPES }} - name: 🖋️ Azure login (Windows) - uses: azure/login@v1 + uses: azure/login@v3 if: runner.os == 'Windows' with: creds: ${{ secrets.SIGNING_CREDENTIALS }} - name: 🖋️ Sign binary (Windows) - uses: azure/trusted-signing-action@v0 + uses: azure/artifact-signing-action@v1 if: runner.os == 'Windows' with: endpoint: ${{ vars.AZURE_TRUSTED_SIGNING_ACCOUNT_ENDPOINT }} - trusted-signing-account-name: ${{ secrets.AZURE_CODE_SIGNING_NAME }} + signing-account-name: ${{ secrets.AZURE_CODE_SIGNING_NAME }} certificate-profile-name: ${{ secrets.WINDOWS_APP_CERT_PROFILE_NAME }} files: ${{ github.workspace }}\publish\nitro.exe file-digest: SHA256 @@ -278,7 +278,7 @@ jobs: security delete-keychain $RUNNER_TEMP/app-signing.keychain-db - name: 📤 Upload zipped binary as artifact - uses: actions/upload-artifact@v6 + uses: actions/upload-artifact@v7 with: name: nitro-${{ matrix.rid }} path: nitro-${{ matrix.rid }}.zip @@ -314,7 +314,7 @@ jobs: run: corepack enable - name: 📥 Download all zipped nitro binaries - uses: actions/download-artifact@v7 + uses: actions/download-artifact@v8 with: pattern: nitro-* merge-multiple: true @@ -376,7 +376,7 @@ jobs: shell: bash - name: 📤 Upload tarball as artifact - uses: actions/upload-artifact@v6 + uses: actions/upload-artifact@v7 with: name: chillicream-nitro-${{ env.GIT_TAG }}.tgz path: src/Nitro/CommandLine/src/chillicream-nitro/chillicream-nitro-${{ env.GIT_TAG }}.tgz @@ -500,7 +500,7 @@ jobs: - name: 🔐 Create GitHub App token id: app-token - uses: actions/create-github-app-token@v2 + uses: actions/create-github-app-token@v3 with: app-id: ${{ secrets.ACTIONS_APP_ID }} private-key: ${{ secrets.ACTIONS_APP_PRIVATE_KEY }}