Releases: lfreleng-actions/dependamerge
Releases · lfreleng-actions/dependamerge
Release list
v0.7.1
Immutable
release. Only release title and notes can be modified.
🐛 Bug Fixes 🐛
- Fix: support user accounts in owner-wide commands @ModeSevenIndustrialSolutions (#345)
🔧 Maintenance 🔧
- Chore: Bump lfit/releng-reusable-workflows/.github/workflows/reuse-openssf-scorecard.yaml from 0.6.0 to 0.6.1 @dependabot[bot] (#349)
- Chore: Bump lfit/releng-reusable-workflows/.github/workflows/reuse-python-codeql.yaml from 0.6.0 to 0.6.1 @dependabot[bot] (#346)
- Chore: Bump lfreleng-actions/pypi-publish-action from 0.1.6 to 0.1.9 @dependabot[bot] (#347)
- Chore: Bump release-drafter/release-drafter from 7.3.1 to 7.4.0 @dependabot[bot] (#348)
- Chore: Bump pytest from 9.1.0 to 9.1.1 @dependabot[bot] (#350)
Links
v0.7.0
Immutable
release. Only release title and notes can be modified.
✨ New Features ✨
- Feat: Add org/owner-wide bulk merge support @ModeSevenIndustrialSolutions (#344)
🔧 Maintenance 🔧
- Chore: Bump lfit/releng-reusable-workflows/.github/workflows/reuse-openssf-scorecard.yaml from 0.5.0 to 0.6.0 @dependabot[bot] (#335)
Links
v0.6.0
Immutable
release. Only release title and notes can be modified.
✨ New Features ✨
- Feat: Adopt reusable python-workflows pipelines @ModeSevenIndustrialSolutions (#323)
🐛 Bug Fixes 🐛
- Fix: Resolve actual default branch in block diagnosis @ModeSevenIndustrialSolutions (#340)
- Fix: Retry merge on base-branch-modified race @ModeSevenIndustrialSolutions (#341)
🔧 Maintenance 🔧
- Chore: Clear CodeQL code quality findings @ModeSevenIndustrialSolutions (#331)
- Refactor: Make _maybe_await returns explicit @ModeSevenIndustrialSolutions (#332)
- Refactor: Address AI code-quality findings @ModeSevenIndustrialSolutions (#333)
- Chore: Bump lfit/releng-reusable-workflows/.github/workflows/reuse-python-codeql.yaml from 0.5.0 to 0.6.0 @dependabot[bot] (#334)
- Chore: Bump pytest from 9.0.3 to 9.1.0 @dependabot[bot] (#336)
- Chore: pre-commit autoupdate @pre-commit-ci[bot] (#337)
- Refactor: Attempt-first merges with required-review detection @ModeSevenIndustrialSolutions (#338)
- Fix: Resolve actual default branch in block diagnosis @ModeSevenIndustrialSolutions (#340)
- Chore: Bump lfit/releng-reusable-workflows/.github/workflows/reuse-openssf-scorecard.yaml from 0.5.0 to 0.6.0 @dependabot[bot] (#335)
🎓 Code Quality 🎓
- CI(release): Publish to PyPI from the caller @ModeSevenIndustrialSolutions (#339)
Links
v0.5.1
Immutable
release. Only release title and notes can be modified.
🐛 Bug Fixes 🐛
- Fix: Resolve CodeQL code quality findings @ModeSevenIndustrialSolutions (#329)
🔧 Maintenance 🔧
- Build(deps): Add uv exclude-newer cooldown @ModeSevenIndustrialSolutions (#322)
- Chore: Bump actions/checkout from 6.0.2 to 6.0.3 @dependabot[bot] (#325)
- Chore: Bump lfit/releng-reusable-workflows/.github/workflows/reuse-openssf-scorecard.yaml from 0.3.4 to 0.5.0 @dependabot[bot] (#324)
- Chore: Bump lfit/releng-reusable-workflows/.github/workflows/reuse-python-codeql.yaml from 0.3.4 to 0.5.0 @dependabot[bot] (#326)
- Chore: Bump typer from 0.26.4 to 0.26.7 @dependabot[bot] (#327)
- Chore: pre-commit autoupdate @pre-commit-ci[bot] (#328)
🎓 Code Quality 🎓
- Test: Fix codespell spelling in test name @ModeSevenIndustrialSolutions (#330)
Links
v0.5.0
Immutable
release. Only release title and notes can be modified.
✨ New Features ✨
- Feat(merge): Signed rebase, stuck DCO recovery, dispatch lock, and repo-scoped output fixes @ModeSevenIndustrialSolutions (#277)
🐛 Bug Fixes 🐛
- Fix(coverage): Use package name in coverage source list @ModeSevenIndustrialSolutions (#285)
- Fix(merge): Recover from conflicts and unblock stuck merges @ModeSevenIndustrialSolutions (#318)
🔧 Maintenance 🔧
- Chore: Bump responses from 0.26.0 to 0.26.1 @dependabot[bot] (#306)
- Chore: Bump types-requests from 2.33.0.20260513 to 2.33.0.20260518 @dependabot[bot] (#307)
- Chore: Bump black from 26.5.0 to 26.5.1 @dependabot[bot] (#308)
- Chore: pre-commit autoupdate @pre-commit-ci[bot] (#309)
- Chore: Bump pytest-asyncio from 1.3.0 to 1.4.0 @dependabot[bot] (#311)
- Chore: Bump typer from 0.25.1 to 0.26.2 @dependabot[bot] (#312)
- Docs: Update repository URLs for org migration @ModeSevenIndustrialSolutions (#313)
- Chore(deps): Remove leftover zizmor infrastructure @ModeSevenIndustrialSolutions (#314)
- Chore: remove redundant workflow copies @ModeSevenIndustrialSolutions (#315)
- Chore: Bump typer from 0.26.2 to 0.26.4 @dependabot[bot] (#317)
- Chore: Bump lfreleng-actions/python-audit-action from 0.2.8 to 0.3.0 @dependabot[bot] (#316)
- Chore: pre-commit autoupdate @pre-commit-ci[bot] (#319)
- Docs: Add security policy document @ModeSevenIndustrialSolutions (#321)
🎓 Code Quality 🎓
- CI: Replace legacy harden-runner pair with allow-list loader @ModeSevenIndustrialSolutions (#304)
- CI: Pin harden-runner allow-list to .github v0.1.1 @ModeSevenIndustrialSolutions (#310)
- CI: Remove cache-clearing job from build-test @ModeSevenIndustrialSolutions (#320)
Links
v0.4.1
Immutable
release. Only release title and notes can be modified.
🔧 Maintenance 🔧
- Chore: pre-commit autoupdate @pre-commit-ci[bot] (#309)
- Chore: Bump pytest-asyncio from 1.3.0 to 1.4.0 @dependabot[bot] (#311)
- Chore: Bump typer from 0.25.1 to 0.26.2 @dependabot[bot] (#312)
- Docs: Update repository URLs for org migration @ModeSevenIndustrialSolutions (#313)
🎓 Code Quality 🎓
- CI: Pin harden-runner allow-list to .github v0.1.1 @ModeSevenIndustrialSolutions (#310)
Links
v0.4.0
✨ New Features ✨
- Feat(merge): Signed rebase, stuck DCO recovery, dispatch lock, and repo-scoped output fixes @ModeSevenIndustrialSolutions (#277)
🐛 Bug Fixes 🐛
- Fix(ci): Surface Grype findings on audit failure @ModeSevenIndustrialSolutions (#259)
- Fix(merge): Enable auto-merge for blocked PRs @ModeSevenIndustrialSolutions (#270)
- Fix(coverage): Use package name in coverage source list @ModeSevenIndustrialSolutions (#285)
🔧 Maintenance 🔧
- Chore: Bump mypy from 1.20.1 to 1.20.2 @dependabot[bot] (#266)
- Chore: Bump typer from 0.24.1 to 0.25.0 @dependabot[bot] (#265)
- Chore: Bump lfreleng-actions/tag-validate-action from 1.0.1 to 1.0.2 @dependabot[bot] (#262)
- Chore: Bump lfit/releng-reusable-workflows/.github/workflows/reuse-python-codeql.yaml from 0.3.1 to 0.3.3 @dependabot[bot] (#263)
- Chore: Bump lfit/releng-reusable-workflows/.github/workflows/reuse-openssf-scorecard.yaml from 0.3.1 to 0.3.3 @dependabot[bot] (#264)
- Chore: pre-commit autoupdate @pre-commit-ci[bot] (#267)
- Chore: Bump release-drafter/release-drafter from 7.2.0 to 7.2.1 @dependabot[bot] (#269)
- Chore: Bump lfreleng-actions/python-test-action from 1.0.2 to 1.1.1 @dependabot[bot] (#272)
- Chore: pre-commit autoupdate @pre-commit-ci[bot] (#276)
- Chore: Bump step-security/harden-runner from 2.19.0 to 2.19.1 @dependabot[bot] (#274)
- Chore: Bump typer from 0.25.0 to 0.25.1 @dependabot[bot] (#273)
- Chore: Bump types-requests from 2.33.0.20260408 to 2.33.0.20260503 @dependabot[bot] (#275)
- Chore: Bump lfreleng-actions/python-audit-action from 0.2.6 to 0.2.7 @dependabot[bot] (#279)
- Chore: Bump lfreleng-actions/python-test-action from 1.1.1 to 1.1.2 @dependabot[bot] (#280)
- Chore: Bump release-drafter/release-drafter from 7.2.1 to 7.3.0 @dependabot[bot] (#281)
- Chore: Bump types-requests from 2.33.0.20260503 to 2.33.0.20260508 @dependabot[bot] (#283)
- Chore: Bump pydantic from 2.13.3 to 2.13.4 @dependabot[bot] (#284)
- Chore: Bump mypy from 1.20.2 to 2.0.0 @dependabot[bot] (#282)
- Chore: Bump urllib3 from 2.6.3 to 2.7.0 in the uv group across 1 directory @dependabot[bot] (#286)
- Chore: pre-commit autoupdate @pre-commit-ci[bot] (#287)
- Chore: Bump lfit/releng-reusable-workflows/.github/workflows/reuse-python-codeql.yaml from 0.3.3 to 0.3.4 @dependabot[bot] (#292)
- Chore: Bump types-requests from 2.33.0.20260508 to 2.33.0.20260513 @dependabot[bot] (#295)
- Chore: Bump mypy from 2.0.0 to 2.1.0 @dependabot[bot] (#293)
- Chore: Bump lfit/releng-reusable-workflows/.github/workflows/reuse-openssf-scorecard.yaml from 0.3.3 to 0.3.4 @dependabot[bot] (#291)
- Chore: Bump black from 26.3.1 to 26.5.0 @dependabot[bot] (#294)
- Chore: Bump step-security/harden-runner from 2.19.1 to 2.19.3 @dependabot[bot] (#290)
- Chore: pre-commit autoupdate @pre-commit-ci[bot] (#296)
- Chore: Bump github/codeql-action from 4.35.3 to 4.35.4 @dependabot[bot] (#297)
- Chore: Bump idna from 3.11 to 3.15 in the uv group across 1 directory @dependabot[bot] (#298)
- Chore: Bump step-security/harden-runner from 2.19.1 to 2.19.2 @dependabot[bot] (#299)
- Chore: pre-commit autoupdate @pre-commit-ci[bot] (#303)
- Chore: Bump github/codeql-action from 4.35.4 to 4.35.5 @dependabot[bot] (#302)
- Chore: Bump step-security/harden-runner from 2.19.2 to 2.19.3 @dependabot[bot] (#301)
- Chore: Bump responses from 0.26.0 to 0.26.1 @dependabot[bot] (#306)
- Chore: Bump types-requests from 2.33.0.20260513 to 2.33.0.20260518 @dependabot[bot] (#307)
- Chore: Bump black from 26.5.0 to 26.5.1 @dependabot[bot] (#308)
🎓 Code Quality 🎓
- CI: Queue concurrent release runs instead of cancelling @ModeSevenIndustrialSolutions (#271)
- CI(harden-runner): Switch egress policy to block mode @ModeSevenIndustrialSolutions (#278)
- CI(harden-runner): Add audit fallback for fork PR runs @ModeSevenIndustrialSolutions (#288)
- CI(zizmor): Add per-repo zizmor security audit workflow @ModeSevenIndustrialSolutions (#289)
- CI: Replace legacy harden-runner pair with allow-list loader @ModeSevenIndustrialSolutions (#304)
Links
v0.3.1
🐛 Bug Fixes 🐛
- Fix(ci): Surface Grype findings on audit failure @ModeSevenIndustrialSolutions (#259)
🔧 Maintenance 🔧
- Chore: pre-commit autoupdate @pre-commit-ci[bot] (#258)
- Chore: Bump step-security/harden-runner from 2.18.0 to 2.19.0 @dependabot[bot] (#260)
- Chore: Bump pydantic from 2.13.2 to 2.13.3 @dependabot[bot] (#261)
Links
v0.3.0
✨ New Features ✨
- Feat(merge): centralise merge timing and add auto-merge @ModeSevenIndustrialSolutions (#255)
🔧 Maintenance 🔧
- Chore: Bump step-security/harden-runner from 2.17.0 to 2.18.0 @dependabot[bot] (#256)
- Chore: Bump pydantic from 2.13.0 to 2.13.2 @dependabot[bot] (#257)
Links
v0.2.0
✨ New Features ✨
- Feat: Repository-scoped bulk merge, permission checks, and reliability fixes @ModeSevenIndustrialSolutions (#242)
🔧 Maintenance 🔧
- Chore: Bump lfreleng-actions/pypi-publish-action from 0.1.5 to 0.1.6 @dependabot[bot] (#232)
- Chore: Bump lfreleng-actions/python-build-action from 1.0.4 to 1.0.5 @dependabot[bot] (#233)
- Chore: Bump lfit/releng-reusable-workflows/.github/workflows/reuse-openssf-scorecard.yaml from 0.3.0 to 0.3.1 @dependabot[bot] (#234)
- Chore: Bump step-security/harden-runner from 2.16.0 to 2.16.1 @dependabot[bot] (#235)
- Chore: Bump lfit/releng-reusable-workflows/.github/workflows/reuse-python-codeql.yaml from 0.3.0 to 0.3.1 @dependabot[bot] (#236)
- Chore: Bump mypy from 1.19.1 to 1.20.0 @dependabot[bot] (#237)
- Chore: Bump types-requests from 2.33.0.20260327 to 2.33.0.20260402 @dependabot[bot] (#238)
- Chore: pre-commit autoupdate @pre-commit-ci[bot] (#239)
- Chore: Bump pytest from 9.0.2 to 9.0.3 @dependabot[bot] (#251)
- Chore: Bump types-requests from 2.33.0.20260402 to 2.33.0.20260408 @dependabot[bot] (#250)
- Chore: Bump rich from 14.3.3 to 15.0.0 @dependabot[bot] (#249)
- Chore: Bump mypy from 1.20.0 to 1.20.1 @dependabot[bot] (#248)
- Chore: Bump actions/upload-artifact from 7.0.0 to 7.0.1 @dependabot[bot] (#247)
- Chore: Bump lfreleng-actions/python-build-action from 1.0.5 to 1.0.6 @dependabot[bot] (#246)
- Chore: Bump step-security/harden-runner from 2.16.1 to 2.17.0 @dependabot[bot] (#245)
- Chore: Bump release-drafter/release-drafter from 7.1.1 to 7.2.0 @dependabot[bot] (#244)
- Chore: pre-commit autoupdate @pre-commit-ci[bot] (#252)
- Chore: Bump lfreleng-actions/python-test-action from 1.0.1 to 1.0.2 @dependabot[bot] (#253)
- Chore: Bump pydantic from 2.12.5 to 2.13.0 @dependabot[bot] (#254)
🎓 Code Quality 🎓
- CI: Update Python workflows @ModeSevenIndustrialSolutions (#241)
- CI: Add concurrency group to release workflow @ModeSevenIndustrialSolutions (#243)