Open
Conversation
Bumps [@devcontainers/cli](https://github.com/devcontainers/cli) from 0.81.1 to 0.84.0. - [Changelog](https://github.com/devcontainers/cli/blob/main/CHANGELOG.md) - [Commits](devcontainers/cli@v0.81.1...v0.84.0) --- updated-dependencies: - dependency-name: "@devcontainers/cli" dependency-version: 0.84.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [bats-assert](https://github.com/bats-core/bats-assert) from v2.2.0 to v2.2.4. - [Release notes](https://github.com/bats-core/bats-assert/releases) - [Commits](bats-core/bats-assert@d396ee3...f1e9280) --- updated-dependencies: - dependency-name: bats-assert dependency-version: f1e9280eaae8f86cbe278a687e6ba755bc802c1a dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [actions/github-script](https://github.com/actions/github-script) from 7.1.0 to 8.0.0. - [Release notes](https://github.com/actions/github-script/releases) - [Commits](actions/github-script@f28e40c...ed59741) --- updated-dependencies: - dependency-name: actions/github-script dependency-version: 8.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance) from 3.0.0 to 4.1.0. - [Release notes](https://github.com/actions/attest-build-provenance/releases) - [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md) - [Commits](actions/attest-build-provenance@977bb37...a2bbfa2) --- updated-dependencies: - dependency-name: actions/attest-build-provenance dependency-version: 4.1.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Automated sync of `main` to `dev` found **merge conflicts** that require manual resolution.
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 4.3.0 to 8.0.1. - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](actions/download-artifact@d3f86a1...3e5f45b) --- updated-dependencies: - dependency-name: actions/download-artifact dependency-version: 8.0.1 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.3.1 to 6.0.2. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v4.3.1...de0fac2) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 6.0.2 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
…2 updates Bumps the actions-minor-patch group with 2 updates in the / directory: [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) and [anchore/sbom-action](https://github.com/anchore/sbom-action). Updates `sigstore/cosign-installer` from 4.0.0 to 4.1.0 - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](sigstore/cosign-installer@faadad0...ba7bc0a) Updates `anchore/sbom-action` from 0.22.2 to 0.23.1 - [Release notes](https://github.com/anchore/sbom-action/releases) - [Changelog](https://github.com/anchore/sbom-action/blob/main/RELEASE.md) - [Commits](anchore/sbom-action@28d7154...57aae52) --- updated-dependencies: - dependency-name: sigstore/cosign-installer dependency-version: 4.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions-minor-patch - dependency-name: anchore/sbom-action dependency-version: 0.23.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions-minor-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Merging from `main` removed the `## Unreleased` section.
## Summary - Consolidate Dependabot dependency updates from open PRs #302, #303, #305, #306, #307, #308, and #309 into a single branch based on `dev` - Update `CHANGELOG.md` (`## Unreleased` -> `### Changed`) with one grouped entry referencing all merged Dependabot PRs - Keep closed PR #304 out of scope because its actionable updates are already covered by #309/current `dev` state ## Validation - Ran `just build no_cache && just test` - Result: success (command exited 0) ## Includes - #302 #302 - #303 #303 - #305 #305 - #306 #306 - #307 #307 - #308 #308 - #309 #309
Bumps [actions/attest-sbom](https://github.com/actions/attest-sbom) from 3.0.0 to 4.0.0. - [Release notes](https://github.com/actions/attest-sbom/releases) - [Changelog](https://github.com/actions/attest-sbom/blob/main/RELEASE.md) - [Commits](actions/attest-sbom@4651f80...07e74fc) --- updated-dependencies: - dependency-name: actions/attest-sbom dependency-version: 4.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.6.2 to 7.0.0. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@ea165f8...bbbca2d) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [actions/create-github-app-token](https://github.com/actions/create-github-app-token) from 2.2.1 to 3.0.0. - [Release notes](https://github.com/actions/create-github-app-token/releases) - [Commits](actions/create-github-app-token@29824e6...f8d387b) --- updated-dependencies: - dependency-name: actions/create-github-app-token dependency-version: 3.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [docker/login-action](https://github.com/docker/login-action) from 3.7.0 to 4.0.0. - [Release notes](https://github.com/docker/login-action/releases) - [Commits](docker/login-action@c94ce9f...b45d80f) --- updated-dependencies: - dependency-name: docker/login-action dependency-version: 4.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Extend NEEDS_CHOWN when root CHANGELOG.md exists but is unreadable. Inject deploy line only after the first ### Changed via GNU sed range. Update BATS regression for workspace changelog scaffold. Refs: #403
Smoke-test deploy keeps the workspace scaffold only; remap top version header when needed for prepare-release. Sync changelog copy and BATS. Refs: #403
## Description
Smoke-test `repository-dispatch` deploy job no longer replaces root
`CHANGELOG.md` with a minimal stub. It keeps the scaffold produced by
`init-workspace`, injects the deploy bullet under the first `###
Changed`, and remaps a leading `## [X.Y.Z] - …` (TBD or release date) to
`## Unreleased` when needed so downstream `prepare-release` validation
succeeds across RC and final cycles.
## Type of Change
- [ ] `feat` -- New feature
- [x] `fix` -- Bug fix
- [ ] `docs` -- Documentation only
- [ ] `chore` -- Maintenance task (deps, config, etc.)
- [ ] `refactor` -- Code restructuring (no behavior change)
- [ ] `test` -- Adding or updating tests
- [ ] `ci` -- CI/CD pipeline changes
- [ ] `build` -- Build system or dependency changes
- [ ] `revert` -- Reverts a previous commit
- [ ] `style` -- Code style (formatting, whitespace)
### Modifiers
- [ ] Breaking change (`!`) -- This change breaks backward compatibility
## Changes Made
- **`assets/smoke-test/.github/workflows/repository-dispatch.yml`**
- Require existing readable `CHANGELOG.md` after install (workspace
scaffold).
- Detect first `##` section: if `## Unreleased`, leave as-is; if `##
[version] - …`, rewrite first such line to `## Unreleased` via GNU
`sed`.
- Append `- Deploy devcontainer ${TAG}` after the first `### Changed`
line.
- **`CHANGELOG.md`** and
**`assets/workspace/.devcontainer/CHANGELOG.md`**
- Document fix under `## [0.3.1] - TBD` → **Fixed** (issue #403).
## Changelog Entry
This branch uses the active release section `## [0.3.1] - TBD` (not `##
Unreleased`). Entry added under **Fixed**:
### Fixed
- **Smoke-test deploy keeps workspace scaffold as root CHANGELOG**
([#403](#403))
- Stop overwriting `CHANGELOG.md` with a minimal stub in
`assets/smoke-test/.github/workflows/repository-dispatch.yml`
- Inject the deploy line into the `## Unreleased` scaffold from
`init-workspace` so downstream `prepare-release` validation matches
shipped workspace layout
- When the first changelog section is `## [X.Y.Z] - …` (TBD or a release
date), remap that top version header to `## Unreleased` before injecting
the deploy entry so downstream `prepare-release` can run
## Testing
- [ ] Tests pass locally (`just test`)
- [ ] Manual testing performed (describe below)
### Manual Testing Details
N/A — workflow shell logic only; validated `sed` remap behavior locally
for dated and TBD headers.
## Checklist
- [x] My code follows the project's style guidelines
- [x] I have performed a self-review of my code
- [ ] I have commented my code, particularly in hard-to-understand areas
- [ ] I have updated the documentation accordingly (edit
`docs/templates/`, then run `just docs`)
- [ ] I have updated `CHANGELOG.md` in the `[Unreleased]` section (and
pasted the entry above)
- [ ] My changes generate no new warnings or errors
- [ ] I have added tests that prove my fix is effective or that my
feature works
- [ ] New and existing unit tests pass locally with my changes
- [ ] Any dependent changes have been merged and published
## Additional Notes
- Downstream `prepare-release` expects `## Unreleased` with at least one
`-` entry; remapping supports post-release `CHANGELOG` layouts where the
top section is still a version header.
- **Base `release/0.3.1`:** Changelog entry is under `## [0.3.1] - TBD`
→ **Fixed**, matching the release branch.
Refs: #403
Bumps [@devcontainers/cli](https://github.com/devcontainers/cli) from 0.84.0 to 0.84.1. - [Changelog](https://github.com/devcontainers/cli/blob/main/CHANGELOG.md) - [Commits](devcontainers/cli@v0.84.0...v0.84.1) --- updated-dependencies: - dependency-name: "@devcontainers/cli" dependency-version: 0.84.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
) ## Summary Cherry-picks onto `release/0.3.1` (via `chore/dependabot-updates`): - **#414** — GitHub Actions minor/patch group (codeql-action, anchore/sbom-action, actions/cache in sync-issues); `release.yml` keeps SBOM retry steps and `actions/attest` for SBOM attestation. - **#413** — `@devcontainers/cli` `0.84.0` → `0.84.1` (`package.json` / `package-lock.json`). ## Changelog - `CHANGELOG.md` + synced `assets/workspace/.devcontainer/CHANGELOG.md` ## After merge Close superseded dependabot PRs **#413** and **#414** (delete branches). `dev` will catch up via `sync-main-to-dev.yml` when this release reaches `main`. Refs: #413, #414
Wire CLI subcommand and stub implementation; tests fail until unprepare is implemented. Refs: #417
Rename first ## [semver] - … heading to ## Unreleased for smoke-test sync. Refs: #417
…prepare Smoke-test install copies .devcontainer/CHANGELOG.md to workspace root and runs unprepare so prepare-release validation sees Unreleased entries. Refs: #417
Remap is handled in init-workspace.sh during smoke-test install. Refs: #417
## Description Smoke-test RC deploy left workspace `CHANGELOG.md` as the empty scaffold after `init-workspace.sh --smoke-test`, so downstream `prepare-release.yml` failed validation (`Unreleased section has no entries`). This change copies `.devcontainer/CHANGELOG.md` to the workspace root during smoke-test install, runs new `prepare-changelog unprepare` to rename the top `## [semver] - …` heading to `## Unreleased`, and drops the redundant remap block from the smoke-test dispatch workflow. ## Type of Change - [ ] `feat` -- New feature - [x] `fix` -- Bug fix - [x] `docs` -- Documentation only - [ ] `chore` -- Maintenance task (deps, config, etc.) - [ ] `refactor` -- Code restructuring (no behavior change) - [x] `test` -- Adding or updating tests - [x] `ci` -- CI/CD pipeline changes - [ ] `build` -- Build system or dependency changes - [ ] `revert` -- Reverts a previous commit - [ ] `style` -- Code style (formatting, whitespace) ### Modifiers - [ ] Breaking change (`!`) -- This change breaks backward compatibility ## Changes Made - **`packages/vig-utils/src/vig_utils/prepare_changelog.py`** — Add `unprepare_changelog()` and `prepare-changelog unprepare` CLI subcommand (rename first top-level `## [semver] - …` to `## Unreleased`). - **`packages/vig-utils/tests/test_prepare_changelog.py`** — Unit tests, command-handler tests, `main()` and subprocess coverage for `unprepare`. - **`assets/init-workspace.sh`** — After smoke-test rsyncs, copy `.devcontainer/CHANGELOG.md` → `CHANGELOG.md` and run `prepare-changelog unprepare` (requires `prepare-changelog` on PATH in the install image). - **`assets/smoke-test/.github/workflows/repository-dispatch.yml`** — Remove inline `awk`/`sed` remap; keep existence/readability checks for changelogs. - **`CHANGELOG.md`** / **`assets/workspace/.devcontainer/CHANGELOG.md`** — Document the fix under the active release section. - **`packages/vig-utils/README.md`** — Document `unprepare` in the CLI list and examples. **Diff vs `release/0.3.1`:** 7 files, +234 / −11 lines. ## Changelog Entry Paste from `## [0.3.1] - TBD` → `### Fixed`: ### Fixed - **Smoke-test deploy restores workspace CHANGELOG for prepare-release** ([#417](#417)) - Add `prepare-changelog unprepare` to rename the top `## [semver] - …` heading to `## Unreleased` - `init-workspace.sh --smoke-test` copies `.devcontainer/CHANGELOG.md` into workspace `CHANGELOG.md` and runs unprepare; remove duplicate remap from smoke-test dispatch workflow ## Testing - [x] Tests pass locally (`just test`) - [ ] Manual testing performed (describe below) ### Manual Testing Details N/A (not run in a full smoke-test dispatch; verify with next RC after promoting templates). ## Checklist - [x] My code follows the project's style guidelines - [x] I have performed a self-review of my code - [ ] I have commented my code, particularly in hard-to-understand areas - [x] I have updated the documentation accordingly (edit `docs/templates/`, then run `just docs`) - [x] I have updated `CHANGELOG.md` under the active `## [0.3.1] - TBD` section (and pasted the entry above) - [x] My changes generate no new warnings or errors - [x] I have added tests that prove my fix is effective or that my feature works - [x] New and existing unit tests pass locally with my changes - [ ] Any dependent changes have been merged and published ## Additional Notes Target base branch: **`release/0.3.1`**. After merge, promote updated smoke-test templates / tag an RC so `vig-os/devcontainer-smoke-test` picks up the fix. Refs: #417
Run release.yml while release/<version> still exists, then enable auto-merge and poll for merge. Remove on-release-pr-merge.yml. Refs: #419
) ## Description Merges smoke-test release phase 2 back into `repository-dispatch.yml` so downstream `release.yml` runs while `release/<version>` still exists (fixing the branch-not-found failure). Removes the separate `on-release-pr-merge.yml` workflow. Updates Bats coverage for the smoke-test template layout. ## Type of Change - [ ] `feat` -- New feature - [x] `fix` -- Bug fix - [ ] `docs` -- Documentation only - [ ] `chore` -- Maintenance task (deps, config, etc.) - [ ] `refactor` -- Code restructuring (no behavior change) - [ ] `test` -- Adding or updating tests - [x] `ci` -- CI/CD pipeline changes - [ ] `build` -- Build system or dependency changes - [ ] `revert` -- Reverts a previous commit - [ ] `style` -- Code style (formatting, whitespace) ### Modifiers - [ ] Breaking change (`!`) -- This change breaks backward compatibility ## Changes Made - `assets/smoke-test/.github/workflows/repository-dispatch.yml` — absorb phase 2: run `release.yml` while release branch exists, then enable auto-merge and poll for merge completion - `assets/smoke-test/.github/workflows/on-release-pr-merge.yml` — removed (logic merged into dispatch workflow) - `CHANGELOG.md` and `assets/workspace/.devcontainer/CHANGELOG.md` — document fix under 0.3.1 Fixed - `tests/bats/just.bats` — align expectations with updated smoke-test workflow files ## Changelog Entry This branch targets `release/0.3.1` (no `## Unreleased` section). Added under `## [0.3.1] - TBD` → ### Fixed: - **Smoke-test release phase 2 branch-not-found failure** ([#419](#419)) - Merge phase 2 (`on-release-pr-merge.yml`) back into `repository-dispatch.yml` so the release runs while `release/<version>` still exists, matching the normal release flow - Remove `on-release-pr-merge.yml` from the smoke-test template ## Testing - [ ] Tests pass locally (`just test`) - [x] Manual testing performed (describe below) ### Manual Testing Details `just test-bats` completed successfully (smoke-test / install-related Bats suites). ## Checklist - [x] My code follows the project's style guidelines - [x] I have performed a self-review of my code - [ ] I have commented my code, particularly in hard-to-understand areas - [ ] I have updated the documentation accordingly (edit `docs/templates/`, then run `just docs`) - [ ] I have updated `CHANGELOG.md` in the `[Unreleased]` section (and pasted the entry above) - [x] My changes generate no new warnings or errors - [x] I have added tests that prove my fix is effective or that my feature works - [ ] New and existing unit tests pass locally with my changes - [ ] Any dependent changes have been merged and published ## Additional Notes Changelog entry was added under `## [0.3.1] - TBD` (release branch convention; no `## Unreleased` on this target). Refs: #419
## Description Addresses smoke-test dispatch failure in downstream release orchestration ([#421](#421)): `trigger-release` failed while validating the image from inside the devcontainer job. The validate job no longer runs `docker manifest inspect` in the container (redundant with runner-side `resolve-image` and the running image). Rollback `gh issue create` now receives `GH_REPO` when the job skips checkout so `gh` has an explicit repository context. ## Type of Change - [ ] `feat` -- New feature - [x] `fix` -- Bug fix - [ ] `docs` -- Documentation only - [ ] `chore` -- Maintenance task (deps, config, etc.) - [ ] `refactor` -- Code restructuring (no behavior change) - [ ] `test` -- Adding or updating tests - [ ] `ci` -- CI/CD pipeline changes - [ ] `build` -- Build system or dependency changes - [ ] `revert` -- Reverts a previous commit - [ ] `style` -- Code style (formatting, whitespace) ### Modifiers - [ ] Breaking change (`!`) -- This change breaks backward compatibility ## Changes Made - `CHANGELOG.md` — document fix under `## [0.3.1] - TBD` / `### Fixed` - `assets/workspace/.devcontainer/CHANGELOG.md` — mirror changelog entry - `assets/workspace/.github/workflows/release-core.yml` — remove container `docker manifest inspect` step from validate job - `assets/workspace/.github/workflows/release.yml` — set `GH_REPO: ${{ github.repository }}` for rollback `gh issue create` env ## Changelog Entry Target branch is `release/0.3.1`; there is no `## Unreleased` section. Entry was added under **`## [0.3.1] - TBD` → `### Fixed`**: ```markdown - **Smoke-test dispatch release validate no longer runs docker inside devcontainer** ([#421](#421)) - Remove redundant `docker manifest inspect` step from `release-core.yml` validate job (container image is already proof of accessibility; `resolve-image` validates on the runner) - Set `GH_REPO` for rollback `gh issue create` in workspace `release.yml` when git checkout is skipped ``` ## Testing - [ ] Tests pass locally (`just test`) - [x] Manual testing performed (describe below) ### Manual Testing Details `uv run pre-commit run --all-files` passed on the branch before commit. ## Checklist - [x] My code follows the project's style guidelines - [x] I have performed a self-review of my code - [ ] I have commented my code, particularly in hard-to-understand areas - [ ] I have updated the documentation accordingly (edit `docs/templates/`, then run `just docs`) - [ ] I have updated `CHANGELOG.md` in the `[Unreleased]` section (and pasted the entry above) - [x] My changes generate no new warnings or errors - [ ] I have added tests that prove my fix is effective or that my feature works - [ ] New and existing unit tests pass locally with my changes - [ ] Any dependent changes have been merged and published ## Additional Notes N/A Refs: #421
## Description Aligns container image integration tests with the toolchain versions the Dockerfile installs from latest releases. Release CI ([#423](#423)) failed because `tests/test_image.py` still expected older uv and just minor lines while the image build pulls current releases. This change updates `EXPECTED_VERSIONS` for both tools and documents it under `## [0.3.1] - TBD` in the root and workspace-template changelogs. ## Type of Change - [ ] `feat` -- New feature - [ ] `fix` -- Bug fix - [ ] `docs` -- Documentation only - [ ] `chore` -- Maintenance task (deps, config, etc.) - [ ] `refactor` -- Code restructuring (no behavior change) - [x] `test` -- Adding or updating tests - [ ] `ci` -- CI/CD pipeline changes - [ ] `build` -- Build system or dependency changes - [ ] `revert` -- Reverts a previous commit - [ ] `style` -- Code style (formatting, whitespace) ### Modifiers - [ ] Breaking change (`!`) -- This change breaks backward compatibility ## Changes Made - `tests/test_image.py` — bump `EXPECTED_VERSIONS["uv"]` to the `0.11.` prefix and `EXPECTED_VERSIONS["just"]` to the `1.48.` prefix so assertions match the image install path. - `CHANGELOG.md` — under `## [0.3.1] - TBD` / `### Fixed`, add the two [#423](#423) bullets for uv and just. - `assets/workspace/.devcontainer/CHANGELOG.md` — same `### Fixed` entries (synced template copy). ## Changelog Entry ### Fixed - **Container image tests expect current uv minor line** ([#423](#423)) - Update `tests/test_image.py` `EXPECTED_VERSIONS["uv"]` to match uv 0.11.x from the latest release install path in the image build - **Container image tests expect current just minor line** ([#423](#423)) - Update `tests/test_image.py` `EXPECTED_VERSIONS["just"]` to match just 1.48.x from the latest release install path in the image build ## Testing - [ ] Tests pass locally (`just test`) - [ ] Manual testing performed (describe below) ### Manual Testing Details N/A. CI `build-and-test` builds a fresh image and runs the image test suite; that path validates the updated expectations. Local runs against a stale `TEST_CONTAINER_TAG=dev` image may fail until the image is rebuilt with the new toolchain versions. ## Checklist - [x] My code follows the project's style guidelines - [x] I have performed a self-review of my code - [ ] I have commented my code, particularly in hard-to-understand areas - [ ] I have updated the documentation accordingly (edit `docs/templates/`, then run `just docs`) - [ ] I have updated `CHANGELOG.md` in the `[Unreleased]` section (and pasted the entry above) - [x] My changes generate no new warnings or errors - [x] I have added tests that prove my fix is effective or that my feature works - [ ] New and existing unit tests pass locally with my changes - [ ] Any dependent changes have been merged and published ## Additional Notes Target branch is `release/0.3.1`; changelog edits belong under `## [0.3.1] - TBD`, not `## Unreleased`, so the checklist item about `[Unreleased]` does not apply. Refs: #423
Enables release-core validate and downstream Release Core jobs that pipe gh JSON through jq. Refs: #425
## Description Install the Debian `jq` package in the vig-os devcontainer image so jobs that run inside `ghcr.io/vig-os/devcontainer:<tag>` can execute shell pipelines that pipe JSON through `jq`. This fixes downstream **Release Core / Validate Release Core** failures (exit 127 on **Find and verify PR**) when smoke-test (or any workspace) runs `release-core.yml` in-container; `gh … --jq` was never the problem—standalone `jq` was missing from the image. ## Type of Change - [ ] `feat` -- New feature - [x] `fix` -- Bug fix - [ ] `docs` -- Documentation only - [ ] `chore` -- Maintenance task (deps, config, etc.) - [ ] `refactor` -- Code restructuring (no behavior change) - [ ] `test` -- Adding or updating tests - [ ] `ci` -- CI/CD pipeline changes - [ ] `build` -- Build system or dependency changes - [ ] `revert` -- Reverts a previous commit - [ ] `style` -- Code style (formatting, whitespace) ### Modifiers - [ ] Breaking change (`!`) -- This change breaks backward compatibility ## Changes Made - **`Containerfile`**: add `jq` to the minimal `apt-get install` list (alphabetical with other packages). - **`CHANGELOG.md`**: document under `## [0.3.1] - TBD` → `### Added` (sync-manifest also updates `assets/workspace/.devcontainer/CHANGELOG.md`). ## Changelog Entry This PR targets `release/0.3.1`; the entry lives under the active **`## [0.3.1] - TBD`** section (not `## Unreleased`). ```markdown - **`jq` in devcontainer image** ([#425](#425)) - Install the `jq` CLI in the GHCR image so containerized workflows (e.g. `release-core` validate / downstream Release Core) can pipe JSON through `jq` ``` ## Testing - [ ] Tests pass locally (`just test`) - [ ] Manual testing performed (describe below) ### Manual Testing Details N/A — image change only; optional verification: `docker build -f Containerfile .` then `docker run --rm <image> jq --version`. ## Checklist - [x] My code follows the project's style guidelines - [x] I have performed a self-review of my code - [ ] I have commented my code, particularly in hard-to-understand areas - [ ] I have updated the documentation accordingly (edit `docs/templates/`, then run `just docs`) - [ ] I have updated `CHANGELOG.md` in the `[Unreleased]` section (and pasted the entry above) - [x] My changes generate no new warnings or errors - [ ] I have added tests that prove my fix is effective or that my feature works - [ ] New and existing unit tests pass locally with my changes - [ ] Any dependent changes have been merged and published Note: Changelog entry is under **`## [0.3.1] - TBD` → `### Added`** (release branch), not `## Unreleased`, so the checklist item above is intentionally unchecked. No new tests for an OS package in the OCI image. ## Additional Notes - Failing job context: [Release Core / Validate Release Core](https://github.com/vig-os/devcontainer-smoke-test/actions/runs/23478133458/job/68315258492) (exit 127 on **Find and verify PR**). - After merge, a published image tag that includes this commit is required for downstream repos to pick up `jq` via `.vig-os` / `DEVCONTAINER_VERSION`. Refs: #425
Upstream v0.2.0: - Bounded retry with exponential backoff for transient GitHub API failures (configurable MAX_ATTEMPTS and delay bounds). - Multi-file commits via createTree inline content for text; binary blobs when needed; chunked trees for large change sets. - Library exports: isBinaryFile, getFileMode, TREE_ENTRY_CHUNK_SIZE; sequential binary blobs to reduce rate-limit bursts. Refs: #354
## Description Bump `vig-os/commit-action` from v0.1.5 to v0.2.0 across upstream workflows, workspace templates, and smoke-test dispatch. Document upstream v0.2.0 behavior (retry, createTree efficiency, exports) in the 0.3.1 changelog section. ## Type of Change - [ ] `feat` -- New feature - [ ] `fix` -- Bug fix - [ ] `docs` -- Documentation only - [x] `chore` -- Maintenance task (deps, config, etc.) - [ ] `refactor` -- Code restructuring (no behavior change) - [ ] `test` -- Adding or updating tests - [ ] `ci` -- CI/CD pipeline changes - [ ] `build` -- Build system or dependency changes - [ ] `revert` -- Reverts a previous commit - [ ] `style` -- Code style (formatting, whitespace) ### Modifiers - [ ] Breaking change (`!`) -- This change breaks backward compatibility ## Changes Made - `.github/workflows/prepare-release.yml` — three `commit-action` steps pinned to `1bc0043…` (v0.2.0) - `.github/workflows/release.yml` — finalization commit step - `.github/workflows/sync-issues.yml` — sync commit step - `assets/smoke-test/.github/workflows/repository-dispatch.yml` — deploy commit step - `assets/workspace/.github/workflows/prepare-release.yml` — three steps (template) - `assets/workspace/.github/workflows/release-core.yml` — finalization commit step - `assets/workspace/.github/workflows/sync-issues.yml` — sync commit step - `CHANGELOG.md` — 0.3.1 entry for commit-action bump + upstream summary - `assets/workspace/.devcontainer/CHANGELOG.md` — synced from root via manifest ## Changelog Entry This PR targets `release/0.3.1`; the entry is under `## [0.3.1] - TBD` (not `## Unreleased`): ```markdown - **Pinned commit-action to v0.2.0** ([#354](#354)) - Updated workflow pins from `vig-os/commit-action@c0024cb` (v0.1.5) to `1bc004353d08d9332a0cb54920b148256220c8e0` (v0.2.0) in release, sync-issues, prepare-release, and smoke-test workflows - Upstream v0.2.0 adds bounded retry with exponential backoff for transient GitHub API failures (configurable `MAX_ATTEMPTS` and delay bounds) - Efficient multi-file commits via `createTree` inline content for text files, binary blobs only when needed, and chunked tree creation for large change sets - Exports `isBinaryFile`, `getFileMode`, and `TREE_ENTRY_CHUNK_SIZE` for library use; sequential binary blob creation to reduce secondary rate-limit bursts ``` ## Testing - [ ] Tests pass locally (`just test`) - [ ] Manual testing performed (describe below) ### Manual Testing Details N/A — dependency pin and changelog only; CI will exercise workflows. ## Checklist - [x] My code follows the project's style guidelines - [x] I have performed a self-review of my code - [ ] I have commented my code, particularly in hard-to-understand areas - [ ] I have updated the documentation accordingly (edit `docs/templates/`, then run `just docs`) - [ ] I have updated `CHANGELOG.md` in the `[Unreleased]` section (and pasted the entry above) - [x] My changes generate no new warnings or errors - [ ] I have added tests that prove my fix is effective or that my feature works - [ ] New and existing unit tests pass locally with my changes - [x] Any dependent changes have been merged and published ## Additional Notes Changelog for this release line is under `## [0.3.1] - TBD`, not `## Unreleased` (release-branch convention). Refs: #354
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Release 0.3.1
This PR prepares release 0.3.1 for merge to main.
Release Content
[0.3.1] - TBD
Added
workflow_callrelease phases (release-core.yml,release-publish.yml) and a lightweightrelease.ymlorchestrator inassets/workspace/.github/workflows/release_kindsupport with candidate mode (X.Y.Z-rcN) and final mode (X.Y.Z) in downstream release workflowsrelease-extension.ymlstub and preserve it duringinit-workspace.sh --forceupgradesvalidate-contractcomposite action for single-source contract version validationdocs/DOWNSTREAM_RELEASE.mdChanged
@devcontainers/clifrom0.81.1to0.84.0andbats-assertfromv2.2.0tov2.2.4actions/download-artifact(4.3.0->8.0.1),actions/github-script(7.1.0->8.0.0),actions/attest-build-provenance(3.0.0->4.1.0),actions/checkout(4.3.1->6.0.2)sigstore/cosign-installer(4.0.0->4.1.0) andanchore/sbom-action(0.22.2->0.23.1)actions/attest-sbom(3.0.0->4.0.0),actions/upload-artifact(4.6.2->7.0.0),actions/create-github-app-token(2.2.1->3.0.0)docker/login-actionfrom3.7.0to4.0.0justminor version from1.46to1.47build-image(docker/setup-buildx-action,docker/metadata-action,docker/build-push-action) to Node24-compatible releasessetup-envdefault Node runtime to24and upgradeactions/setup-nodeactions/checkout,actions/cache,actions/upload-artifact)correlation_idpublish-candidaterelease.ymlnow triggers the existing smoke-test dispatch contract for bothcandidateandfinalrelease kindsassets/workspace/.github/workflows/ci.ymlas the canonical CI workflow and remove the obsoleteci-container.ymltemplateassets/workspace/.github/actions/resolve-imageand run workspace release tests in the same containerized workflow modelrelease_kindin the dispatch payloadrepository-dispatch.ymltemplate that runs smoke tests and creates pre-release/final release artifactsCHANGELOG.mdinto both workspace root and.devcontainer/template paths.devcontainer/CHANGELOG.mdto repository root so deploy output keeps a root changelog.github/workflows/release.ymlthat creates a GitHub Release forX.Y.ZCHANGELOG.mdsection and fail the run if notes extraction or release publishing fails.github/workflows/release.ymland decouple rollback from downstream completion timingassets/smoke-test/.github/workflows/repository-dispatch.ymlto prevent overlapping dispatch racesFixed
generate-docsdoes not fail CI with tracked file diffsCHANGELOG.mdSecurity
assets/smoke-test/.github/workflows/repository-dispatch.ymlworkflow token permissions from write to read by defaultcontents: writeonly topublish-release, the single job that creates or edits GitHub Releases