Skip to content

chore(deps): pin dependencies #85

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Oct 20, 2025
Merged

chore(deps): pin dependencies #85

merged 1 commit into from
Oct 20, 2025

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Oct 18, 2025
edited by coderabbitai bot
Loading

This PR contains the following updates:

Package Type Update Change
actions/checkout action pinDigest -> 08c6903
actions/setup-node action pinDigest -> a0853c2
astral-sh/setup-uv action digest 3259c62 -> 2ddd2b9
qltysh/qlty-action action digest a192421 -> 6bbb1ad

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

Summary by CodeRabbit

  • Chores
    • Updated CI/CD workflow tooling to newer versions for improved compatibility and stability with the development environment.

@renovate renovate bot added the renovate label Oct 18, 2025
@coderabbitai
Copy link
Contributor

coderabbitai bot commented Oct 18, 2025
edited
Loading

📝 Walkthrough

Walkthrough

Updated GitHub Actions pins in workflow files: .github/workflows/ci.yml updates qltysh/qlty-action/install from commit a19242102d17e497f437d7466aa01b528537e899 to 6bbb1add7432c45a3fd35a824ea69dc5bef27967, and replaces actions/checkout@v5 and actions/setup-node@v5 with pinned SHAs (actions/checkout@08c6903 and actions/setup-node@a0853c2, retaining “# v5” comments). .github/workflows/copilot-setup-steps.yml updates astral-sh/setup-uv from 3259c6206f993105e3a61b142c2d97bf4b9ef83d to 2ddd2b9cb38ad8efd50337e8ab201519a34c9f24. No control-flow, step ordering, or error-handling changes.

Possibly related PRs

Suggested reviewers

  • Artmann
  • saltenasl
  • andyjakubowski
  • jamesbhobbs

Pre-merge checks

✅ Passed checks (3 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title Check ✅ Passed The title "chore(deps): pin dependencies" directly and accurately describes the PR's main objective. The changeset updates GitHub Actions workflow dependencies across two files (ci.yml and copilot-setup-steps.yml) by pinning action versions to specific commit hashes. The title is specific, concise, and follows conventional commit conventions, making it clear to reviewers that this is a maintenance task focused on dependency version pinning.
Docstring Coverage ✅ Passed No functions found in the changes. Docstring coverage check skipped.

Comment @coderabbitai help to get the list of available commands and usage tips.

@codecov
Copy link

codecov bot commented Oct 18, 2025
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 71%. Comparing base (cdae9f2) to head (5ae714f).
⚠️ Report is 1 commits behind head on main.
✅ All tests successful. No failed tests found.

Additional details and impacted files 
@@          Coverage Diff          @@
##            main     #85   +/-   ##
=====================================
  Coverage     71%     71%           
=====================================
  Files        523     523           
  Lines      39001   39001           
  Branches    4905    4905           
=====================================
  Hits       27834   27834           
  Misses      9542    9542           
  Partials    1625    1625
🚀 New features to boost your workflow:
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

coderabbitai[bot]
coderabbitai bot previously approved these changes Oct 18, 2025
View reviewed changes
@renovate renovate bot changed the title chore(deps): update qltysh/qlty-action digest to 6bfd581 chore(deps): update github actions Oct 19, 2025
@renovate renovate bot force-pushed the renovate/github-actions branch from 2342288 to c10bab6 Compare October 19, 2025 21:44
coderabbitai[bot]
coderabbitai bot previously approved these changes Oct 19, 2025
View reviewed changes
@renovate renovate bot changed the title chore(deps): update github actions chore(deps): pin dependencies Oct 20, 2025
@renovate renovate bot force-pushed the renovate/github-actions branch from c10bab6 to bb4a262 Compare October 20, 2025 16:13
coderabbitai[bot]
coderabbitai bot previously approved these changes Oct 20, 2025
View reviewed changes
@renovate renovate bot force-pushed the renovate/github-actions branch from bb4a262 to 21de39a Compare October 20, 2025 16:19
@renovate renovate bot force-pushed the renovate/github-actions branch from 21de39a to 5ae714f Compare October 20, 2025 17:05
coderabbitai[bot]
coderabbitai bot requested changes Oct 20, 2025
View reviewed changes
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 2

📜 Review details

Configuration used: CodeRabbit UI

Review profile: ASSERTIVE

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between bb4a262 and 5ae714f.

📒 Files selected for processing (2)
  • .github/workflows/ci.yml (2 hunks)
  • .github/workflows/copilot-setup-steps.yml (1 hunks)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)
  • GitHub Check: Build & Test
  • GitHub Check: copilot-setup-steps
  • GitHub Check: copilot-setup-steps
🔇 Additional comments (2)
.github/workflows/copilot-setup-steps.yml (1)

82-82: Digest pin looks good.

Version comment preserved and update follows the pinning pattern. No workflow logic changes.

.github/workflows/ci.yml (1)

29-29: Consistent digest pins across all jobs.

Actions are uniformly updated with version comments preserved (# v5). No workflow logic changes.

Also applies to: 32-32, 56-56, 59-59, 102-102, 105-105, 152-152, 155-155, 176-176, 179-179, 200-200, 203-203, 224-224, 227-227

@jamesbhobbs jamesbhobbs merged commit fdbecfe into main Oct 20, 2025
13 checks passed
@jamesbhobbs jamesbhobbs deleted the renovate/github-actions branch October 20, 2025 17:16
This was referenced Oct 20, 2025
Merged
Merged
Merged
Merged
@coderabbitai coderabbitai bot mentioned this pull request Oct 28, 2025
Merged
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jamesbhobbs jamesbhobbs jamesbhobbs approved these changes

@coderabbitai coderabbitai[bot] coderabbitai[bot] approved these changes

@saltenasl saltenasl Awaiting requested review from saltenasl

@Artmann Artmann Awaiting requested review from Artmann

@andyjakubowski andyjakubowski Awaiting requested review from andyjakubowski

Assignees

No one assigned

Labels

renovate

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@jamesbhobbs