v1.2.3

Pull Requests | Issues | v1.2.2...v1.2.3

🐛 Bug Fixes

#738 #739 Fix a bug that Unix style file paths in configuration files don't work on Windows

v1.2.3-0

v1.2.2...v1.2.3-0

v1.2.2

Pull Requests | Issues | v1.2.1...v1.2.2

v1.2.1

Pull Requests | Issues | v1.2.0...v1.2.1

This release is to pin JSON Schema version. #680

szksh-lab/.github#67 (comment)

v1.2.0

Pull Requests | Issues | v1.1.0...v1.2.0

Features

#667 Add a policy checkout_persist_credentials_should_be_false

https://github.com/suzuki-shunsuke/ghalint/blob/main/docs/policies/013.md

Tip

Adding persist-credentials: false by hand is bothersome.
You can do this automatically using suzuki-shunsuke/disable-checkout-persist-credentials.
https://github.com/suzuki-shunsuke/disable-checkout-persist-credentials

v1.1.0

Pull Requests | Issues | v1.0.0...v1.1.0

Features

#650 Support a glob pattern in action_name

https://github.com/suzuki-shunsuke/ghalint/blob/main/docs/policies/008.md

About the pattern syntax, please see https://pkg.go.dev/path#Match .

e.g.

excludes:
  - policy_name: action_ref_should_be_full_length_commit_sha
    action_name: suzuki-shunsuke/tfaction/* # glob pattern
``

v1.1.0-0

v1.0.0...v1.1.0-0

v1.0.0

Pull Requests | Issues | v0.2.12...v1.0.0

🎉 v1 is out

This is a major update, but there is no significant change.

Others

⚠️ #566 Change the asset format for Windows to zip
Update Go to 1.23.2
#556 Create GitHub Artifact Attestations

https://github.com/suzuki-shunsuke/ghalint/attestations

You can verify downloaded assets from GitHub Releases using GitHub CLI.

gh release download -R suzuki-shunsuke/ghalint v1.0.0 -p ghalint_1.0.0_darwin_arm64.tar.gz
gh attestation verify ghalint_1.0.0_darwin_arm64.tar.gz \
  -R suzuki-shunsuke/ghalint \
  --signer-workflow suzuki-shunsuke/go-release-workflow/.github/workflows/release.yaml

v1.0.0-1

v0.2.12...v1.0.0-1

v0.2.12

Pull Requests | Issues | v0.2.11...v0.2.12

Features

#488 Add a policy job_timeout_minutes_is_required

https://github.com/suzuki-shunsuke/ghalint/blob/main/docs/policies/012.md

All jobs should set timeout-minutes.

Examples

❌

jobs:
  foo: # The job doesn't have `timeout-minutes`
    runs-on: ubuntu-latest
    steps:
      - run: echo hello

⭕

jobs:
  foo:
    runs-on: ubuntu-latest
    timeout-minutes: 30
    steps:
      - run: echo hello

Why?

https://exercism.org/docs/building/github/gha-best-practices#h-set-timeouts-for-workflows

By default, GitHub Actions kills workflows after 6 hours if they have not finished by then. Many workflows don't need nearly as much time to finish, but sometimes unexpected errors occur or a job hangs until the workflow run is killed 6 hours after starting it. Therefore it's recommended to specify a shorter timeout.

The ideal timeout depends on the individual workflow but 30 minutes is typically more than enough for the workflows used in Exercism repos.

This has the following advantages:

PRs won't be pending CI for half the day, issues can be caught early or workflow runs can be restarted.
The number of overall parallel builds is limited, hanging jobs will not cause issues for other PRs if they are cancelled early.

Exceptions

1. All steps set timeout-minutes

jobs:
  foo: # The job is missing `timeout-minutes`, but it's okay because all steps set timeout-minutes
    runs-on: ubuntu-latest
    steps:
      - run: echo hello
        timeout-minutes: 5
      - run: echo bar
        timeout-minutes: 5

2. A job uses a reusable workflow

When a reusable workflow is called with uses, timeout-minutes is not available.

jobs:
  foo:
    uses: suzuki-shunsuke/renovate-config-validator-workflow/.github/workflows/[email protected]