Update build conventions to v0.10.0

[aleksandar-apostolov]

Goal

Update stream-build-conventions-android workflow references to the latest version (v0.10.0).

Implementation

Bumped the @v0.9.0 tag to @v0.10.0 in all four CI workflow files:

• android.yml — android-ci
• pr-quality.yml — PR checklist
• pr-clean-stale.yaml — stale PR cleanup
• publish-new-version.yml — release publishing

Testing

CI workflows will validate themselves — this PR's checks run on the updated conventions.

[github-actions]

PR checklist ✅

All required conditions are satisfied:

• Title length is OK (or ignored by label).
• At least one pr: label exists.
• Sections ### Goal, ### Implementation, and ### Testing are filled.

🎉 Great job! This PR is ready for review.

[coderabbitai]

Walkthrough

Updated four GitHub Actions workflow files to reference version v0.10.0 of shared reusable workflows from the GetStream/stream-build-conventions-android repository, replacing the previous v0.9.0 references. All workflow inputs, secrets, and job configurations remain unchanged.

Changes

Cohort / File(s)	Summary
Workflow Version Updates .github/workflows/android.yml, .github/workflows/pr-clean-stale.yaml, .github/workflows/pr-quality.yml, .github/workflows/publish-new-version.yml	Updated reusable workflow references from @v0.9.0 to @v0.10.0 in GetStream/stream-build-conventions-android repository. Job interfaces, secrets inheritance, and all other configurations remain unchanged.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Poem

🐰 Bumping versions, oh what glee,
v0.10.0 for you and me,
Four workflows dance in harmony,
Dependencies fresh as can be! 🚀

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly and concisely summarizes the main change: updating build conventions to v0.10.0 across CI workflows.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Description check	✅ Passed	The pull request description follows the required template structure with clear Goal, Implementation, and Testing sections that adequately explain the changes.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch chore/update-conventions-0.10.0

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

🧹 Nitpick comments (1)

.github/workflows/pr-quality.yml (1)

18-18: Pin reusable workflow to commit SHA instead of mutable tag.

@v0.10.0 is a tag that can be retargeted. GitHub's security guidance recommends pinning to the full commit SHA to improve CI supply-chain safety and ensure immutable, traceable deployments.

Suggested hardening change

-    uses: GetStream/stream-build-conventions-android/.github/workflows/pr-quality.yml@v0.10.0
+    uses: GetStream/stream-build-conventions-android/.github/workflows/pr-quality.yml@<commit-sha-for-v0.10.0> # v0.10.0

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/pr-quality.yml at line 18, The reusable workflow reference
uses a mutable tag in the uses field ("uses:
GetStream/stream-build-conventions-android/.github/workflows/pr-quality.yml@v0.10.0");
replace that tag with the full commit SHA of the exact upstream commit you want
to pin (e.g., change the suffix after '@' to the commit SHA) so the workflow is
immutable and traceable, ensuring the uses line points to a specific commit
rather than a mutable tag.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In @.github/workflows/pr-quality.yml:
- Line 18: The reusable workflow reference uses a mutable tag in the uses field
("uses:
GetStream/stream-build-conventions-android/.github/workflows/pr-quality.yml@v0.10.0");
replace that tag with the full commit SHA of the exact upstream commit you want
to pin (e.g., change the suffix after '@' to the commit SHA) so the workflow is
immutable and traceable, ensuring the uses line points to a specific commit
rather than a mutable tag.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: 53558f03-0bb8-4097-b317-fa3e9db78390

📥 Commits

Reviewing files that changed from the base of the PR and between 80e529f and 5265cb9.

📒 Files selected for processing (4)

• .github/workflows/android.yml
• .github/workflows/pr-clean-stale.yaml
• .github/workflows/pr-quality.yml
• .github/workflows/publish-new-version.yml

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[stream-public-bot]

🚀 Available in v3.0.1