Skip to content

ci: Update merge conflict labeler#28023

Merged
dstansby merged 1 commit intomatplotlib:mainfrom
QuLogic:update-conflict-check
Apr 7, 2024
Merged

ci: Update merge conflict labeler#28023
dstansby merged 1 commit intomatplotlib:mainfrom
QuLogic:update-conflict-check

Conversation

@QuLogic
Copy link
Copy Markdown
Member

@QuLogic QuLogic commented Apr 4, 2024
edited
Loading

PR summary

This should fix the warning about deprecated nodejs.

Also, changing from the branch name to a tagged commit should be more stable, and I think will fix dependabot to start auto-updating this one.

PR checklist

@QuLogic
ci: Update merge conflict labeler
685f057 
This should fix the warning about deprecated nodejs.
@QuLogic
Copy link
Copy Markdown
Member Author

QuLogic commented Apr 4, 2024

Note also that this won't have any effect here because it runs on the pull_request_target trigger, and that doesn't use the PR contents for security reasons. But you can see this action running on my fork at https://github.com/QuLogic/matplotlib/actions/runs/8560979186

tacaswell
tacaswell reviewed Apr 4, 2024
View reviewed changes
.github/workflows/conflictcheck.yml
steps:
- name: Check if PRs have merge conflicts
uses: eps1lon/actions-label-merge-conflict@releases/2.x
uses: eps1lon/actions-label-merge-conflict@e62d7a53ff8be8b97684bffb6cfbbf3fc1115e2e # v3.0.0
Copy link
Copy Markdown
Member

@tacaswell tacaswell Apr 4, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I assume using the hash for paranoia reasons?

Copy link
Copy Markdown
Member Author

@QuLogic QuLogic Apr 4, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, @matthewfeickert did this elsewhere for us in #26025.

Copy link
Copy Markdown
Contributor

@matthewfeickert matthewfeickert Apr 5, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There's no real downside to using the hash, but for the record I generally only care about using it when it comes to supply chain security. I'll defer to you all on if https://github.com/eps1lon/actions-label-merge-conflict is critical enough to your infrastructure that it needs hashes or not (they will get autoupdated by Dependabot either way).

Copy link
Copy Markdown
Member Author

@QuLogic QuLogic Apr 5, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's not super privileged, but it does have PR write permissions.

@dstansby dstansby added this to the v3.9.0 milestone Apr 7, 2024
@dstansby dstansby merged commit f799b00 into matplotlib:main Apr 7, 2024
meeseeksmachine pushed a commit to meeseeksmachine/matplotlib that referenced this pull request Apr 7, 2024
@dstansby @meeseeksmachine
Backport PR matplotlib#28023: ci: Update merge conflict labeler
a9e5ee3
@meeseeksmachine meeseeksmachine mentioned this pull request Apr 7, 2024
Merged
rcomer added a commit that referenced this pull request Apr 7, 2024
@rcomer
Merge pull request #28038 from meeseeksmachine/auto-backport-of-pr-28…
03c94a2 
…023-on-v3.9.x

Backport PR #28023 on branch v3.9.x (ci: Update merge conflict labeler)
@QuLogic QuLogic deleted the update-conflict-check branch April 7, 2024 23:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tacaswell tacaswell tacaswell approved these changes

@dstansby dstansby dstansby approved these changes

+1 more reviewer

@matthewfeickert matthewfeickert matthewfeickert left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

Maintenance

Projects

None yet

Milestone

v3.9.0

Development

Successfully merging this pull request may close these issues.

4 participants

@QuLogic @tacaswell @matthewfeickert @dstansby