-
Notifications
You must be signed in to change notification settings - Fork 20
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Github action broken with 4.0.1 #65
Comments
Same, we upgraded our workflows to use 'v4' yesterday (when v4.0.0 was still the latest), tested, and everything was working, then this morning we got reports of workflows failing with the message above. |
Another example at: https://github.com/assertj/assertj/actions/runs/7927779861/job/21644776887 |
pinning it to 4.0.0 seems to work: But hopefully it is fixed soon instead of going over all pipelines and setting it to 4.0.0 |
Same here. Using it on many workflows Tag v4.0.0 is working : Tag v4 is broken : Any plan of quick fix? Thanks in advance. |
Upgraded build_maven_package workflow to version 1.0.1 As a fix to : advanced-security/maven-dependency-submission-action#65 As 'advanced-security/maven-dependency-submission-action' is an optional step, now it is possible to skip it with a variable (I set it on account level, so all my workflows are affected)
While waiting for a fix, I'm adding this condition on my workflows : https://github.com/fugerit-org/query-export-tool/blob/main/.github/workflows/build_maven_package.yml
Setting github variable |
See advanced-security/maven-dependency-submission-action#65 Signed-off-by: Ashley <73482956+ascopes@users.noreply.github.com>
Experiencing the same errors on multiple repositories now, which are blocking the PR merges right now. Will probably disable it for now. |
@peter-murray any feedback? Seems like this PR broke things for everyone #62 |
Dependabot will upgrade to the 4.0.1 hash and in the process breaking builds - what's worse most config does not submit and therefore detect the problem in the PR builds. |
I'm having this issue in my private and public repos. Also in all of my organization's repos. For now I've just pinned to version v4.0.0 and told Dependabot to ignore this minor version. Any idea what the fix is? I thought it could be due to permissions but adding contents write hasn't helped. |
Due to advanced-security/maven-dependency-submission-action#65. Signed-off-by: Matthias Rampke <matthias@prometheus.io>
While we wait for a fix - the See #70 |
The release 4.0.1 rise this error in github action:
My project pipeline is available here :
https://github.com/ThalesGroup/xsmp-modeler-core/actions/runs/7920338388/job/21629031180
The text was updated successfully, but these errors were encountered: