You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
If the bot opens a PR that e.g. bumps some action's version from v3 to v4, it will happen only in the YAML, not in the Kotlin script that is actually the source of truth for the workflows.
To adjust the version in the Kotlin script as well, several things have to happen:
github-workflows-kt has to support the new version. It now lags up to 2 weeks after a new major version is released.
there has to be a mechanism that understands Kotlin script and the library, and knows what to change to update the action
CI has to check consistency between the YAML and the Kotlin script
#941 will likely solve the first item. The CI check is also possible to add.
The text was updated successfully, but these errors were encountered:
I can imagine a GitHub action that one could configure to trigger for each Dependabot/Renovate PR. It would analyze the PR, check which actions are updated, and push another commit that makes the same updates in the Kotlin scripts.
If the bot opens a PR that e.g. bumps some action's version from v3 to v4, it will happen only in the YAML, not in the Kotlin script that is actually the source of truth for the workflows.
To adjust the version in the Kotlin script as well, several things have to happen:
#941 will likely solve the first item. The CI check is also possible to add.
The text was updated successfully, but these errors were encountered: