andrei/starship
1
0
Fork 0
mirror of https://github.com/starship/starship.git synced 2026-06-24 02:01:36 +07:00
Code Issues Packages Projects Releases 10 Wiki Activity

ci: Pin actions digests, remove unnecessary actions and add minimumReleaseAge (#7390)

Browse Source 
ci: Pin actions digests and add minimumReleaseAge
This commit is contained in:
David Knaack
2026-04-30 20:39:15 +02:00
committed by GitHub
parent aac03c7e3e
commit c22100a678
9 changed files with 99 additions and 93 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.github/renovate.json5
+18 -7
View File
@@ -1,18 +1,18 @@
{ {
"$schema": "https://docs.renovatebot.com/renovate-schema.json", "$schema": "https://docs.renovatebot.com/renovate-schema.json",
"extends": [ "extends": [
// stripped-down config:base "config:best-practices",
":prHourlyLimit2", "security:openssf-scorecard",
":prConcurrentLimit10",
"group:monorepos",
"group:recommended",
"workarounds:all",
"replacements:all",
// automerge minor updates // automerge minor updates
":automergeMinor", ":automergeMinor",
":automergeBranch" ":automergeBranch"
], ],
"ignorePresets": [
":dependencyDashboard",
":semanticPrefixFixDepsChoreOthers"
],
"labels": ["📦 dependencies"], "labels": ["📦 dependencies"],
"minimumReleaseAge": "4 days",
"semanticCommits": "enabled", "semanticCommits": "enabled",
"semanticCommitType": "build", "semanticCommitType": "build",
"rangeStrategy": "bump", "rangeStrategy": "bump",
@@ -50,6 +50,7 @@
"matchDatasources": ["crate"], "matchDatasources": ["crate"],
"matchPackagePrefixes": ["unicode"] "matchPackagePrefixes": ["unicode"]
}, },
// Prevent too many PRs by grouping certain updates together and only updating them weekly
{ {
"groupName": "dprint plugins", "groupName": "dprint plugins",
"matchPackagePrefixes": ["dprint"], "matchPackagePrefixes": ["dprint"],
@@ -59,6 +60,11 @@
"groupName": "npm", "groupName": "npm",
"matchDatasources": ["npm"], "matchDatasources": ["npm"],
"extends": ["schedule:weekly"] "extends": ["schedule:weekly"]
},
// Avoid frequent updates due to pinned digest values in GitHub Actions
{
"matchDepTypes": ["action"],
"extends": ["schedule:weekly"]
} }
], ],
// custom regex update managers // custom regex update managers
@@ -72,6 +78,11 @@
"fileMatch": ["^(workflow-templates|\\.github\\/workflows)\\/[^/]+\\.ya?ml$"], "fileMatch": ["^(workflow-templates|\\.github\\/workflows)\\/[^/]+\\.ya?ml$"],
"matchStrings": ["cargo install.*--version (?<currentValue>\\S+).*\\s(?<depName>\\S+)"], "matchStrings": ["cargo install.*--version (?<currentValue>\\S+).*\\s(?<depName>\\S+)"],
"datasourceTemplate": "crate" "datasourceTemplate": "crate"
},
{
"fileMatch": ["^(workflow-templates|\\.github\\/workflows)\\/[^/]+\\.ya?ml$"],
"matchStrings": ["^\\s+tool: (?<depName>[\\w-]+)@(?<currentValue>[^\\s]+)"],
"datasourceTemplate": "crate"
} }
] ]
} }
.github/workflows/crowdin-pretranslate.yml
+1 -1
View File
@@ -11,7 +11,7 @@ jobs:
# Prevent this workflow from running (and failing) on forks # Prevent this workflow from running (and failing) on forks
if: github.repository == 'starship/starship' if: github.repository == 'starship/starship'
steps: steps:
- uses: starship/crowdin-pretranslate-action@v0.1.1 - uses: starship/crowdin-pretranslate-action@05f21625b1486f1b77d53002fed82c4609247712 # v0.1.1
with: with:
project_id: 372655 project_id: 372655
api_key: ${{ secrets.CROWDIN_API_TOKEN }} api_key: ${{ secrets.CROWDIN_API_TOKEN }}
.github/workflows/format-workflow.yml
+10 -8
View File
@@ -12,9 +12,9 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: Setup | Checkout - name: Setup | Checkout
uses: actions/checkout@v6 uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Docs | Format - name: Docs | Format
uses: dprint/check@v2.3 uses: dprint/check@9cb3a2b17a8e606d37aae341e49df3654933fc23 # v2.3
# Validate preset files # Validate preset files
taplo: taplo:
@@ -22,9 +22,11 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: Setup | Checkout - name: Setup | Checkout
uses: actions/checkout@v6 uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Install | Taplo - name: Install | Taplo
run: cargo install --debug --locked --version 0.10.0 taplo-cli uses: taiki-e/install-action@7a4939c09608b2a1986b484eca1d16fd0db8ebef # v2.75.5
with:
tool: taplo-cli@0.10.0
- name: Presets | Validate with schema - name: Presets | Validate with schema
run: taplo lint --schema "file://${GITHUB_WORKSPACE}/.github/config-schema.json" docs/public/presets/toml/*.toml run: taplo lint --schema "file://${GITHUB_WORKSPACE}/.github/config-schema.json" docs/public/presets/toml/*.toml
@@ -35,11 +37,11 @@ jobs:
if: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.ref != 'i18n_master' }} if: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.ref != 'i18n_master' }}
steps: steps:
- name: Setup | Checkout - name: Setup | Checkout
uses: actions/checkout@v6 uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with: with:
fetch-depth: 0 fetch-depth: 0
- name: Prevent File Change - name: Prevent File Change
uses: actions/github-script@v9 uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
with: with:
script: | script: |
const { execSync } = require('child_process'); const { execSync } = require('child_process');
@@ -62,10 +64,10 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: Setup | Checkout - name: Setup | Checkout
uses: actions/checkout@v6 uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Setup | Node - name: Setup | Node
uses: actions/setup-node@v6 uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
with: with:
node-version: 24.15.0 node-version: 24.15.0
cache: 'npm' cache: 'npm'
.github/workflows/install-script.yml
+3 -3
View File
@@ -13,7 +13,7 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: Setup | Checkout - name: Setup | Checkout
uses: actions/checkout@v6 uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Lint | Run shellcheck - name: Lint | Run shellcheck
run: shellcheck --severity=warning install/**/*.sh run: shellcheck --severity=warning install/**/*.sh
@@ -23,7 +23,7 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: Setup | Checkout - name: Setup | Checkout
uses: actions/checkout@v6 uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Setup | Install shfmt - name: Setup | Install shfmt
run: | run: |
@@ -42,7 +42,7 @@ jobs:
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
steps: steps:
- name: Setup | Checkout - name: Setup | Checkout
uses: actions/checkout@v6 uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Test | Piped execution with curl - name: Test | Piped execution with curl
run: | run: |
.github/workflows/publish-docs.yml
+2 -2
View File
@@ -7,10 +7,10 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: Setup | Checkout - name: Setup | Checkout
uses: actions/checkout@v6 uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Setup | Node - name: Setup | Node
uses: actions/setup-node@v6 uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
with: with:
node-version: 24.15.0 node-version: 24.15.0
cache: 'npm' cache: 'npm'
.github/workflows/release.yml
+27 -29
View File
@@ -20,7 +20,7 @@ jobs:
release_created: ${{ steps.release.outputs.release_created }} release_created: ${{ steps.release.outputs.release_created }}
tag_name: ${{ steps.release.outputs.tag_name }} tag_name: ${{ steps.release.outputs.tag_name }}
steps: steps:
- uses: googleapis/release-please-action@v5 - uses: googleapis/release-please-action@45996ed1f6d02564a971a2fa1b5860e934307cf7 # v5.0.0
id: release id: release
with: with:
token: ${{ secrets.GITHUB_TOKEN }} token: ${{ secrets.GITHUB_TOKEN }}
@@ -92,13 +92,10 @@ jobs:
RUSTFLAGS: ${{ matrix.rustflags || '' }} RUSTFLAGS: ${{ matrix.rustflags || '' }}
steps: steps:
- name: Setup | Checkout - name: Setup | Checkout
uses: actions/checkout@v6 uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Setup | Rust - name: Setup | Rust
uses: dtolnay/rust-toolchain@master run: rustup toolchain install stable --profile minimal --target ${{ matrix.target }} --no-self-update
with:
toolchain: stable
target: ${{ matrix.target }}
- name: Setup | Install cargo-wix [Windows] - name: Setup | Install cargo-wix [Windows]
continue-on-error: true continue-on-error: true
@@ -110,7 +107,9 @@ jobs:
- name: Setup | Install cross [Linux] - name: Setup | Install cross [Linux]
if: matrix.os == 'ubuntu-latest' if: matrix.os == 'ubuntu-latest'
uses: taiki-e/install-action@cross uses: taiki-e/install-action@7a4939c09608b2a1986b484eca1d16fd0db8ebef # v2.75.5
with:
tool: cross@0.2.5
- name: Build | Build [Cargo] - name: Build | Build [Cargo]
if: matrix.os != 'ubuntu-latest' if: matrix.os != 'ubuntu-latest'
@@ -132,7 +131,7 @@ jobs:
continue-on-error: true continue-on-error: true
if: matrix.os == 'windows-latest' if: matrix.os == 'windows-latest'
id: unsigned-artifacts id: unsigned-artifacts
uses: actions/upload-artifact@v7 uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
with: with:
name: unsigned-${{ matrix.name }} name: unsigned-${{ matrix.name }}
path: | path: |
@@ -142,7 +141,7 @@ jobs:
- name: Sign | Sign [Windows] - name: Sign | Sign [Windows]
continue-on-error: true continue-on-error: true
if: matrix.os == 'windows-latest' if: matrix.os == 'windows-latest'
uses: signpath/github-action-submit-signing-request@v2 uses: signpath/github-action-submit-signing-request@bc66d86b015a46e9c6d9700de73143a82f9570ff # v2.1
with: with:
api-token: '${{ secrets.SIGNPATH_API_TOKEN }}' api-token: '${{ secrets.SIGNPATH_API_TOKEN }}'
organization-id: '${{ vars.SIGNPATH_ORGANIZATION_ID }}' organization-id: '${{ vars.SIGNPATH_ORGANIZATION_ID }}'
@@ -167,7 +166,7 @@ jobs:
cd - cd -
- name: Release | Upload artifacts - name: Release | Upload artifacts
uses: actions/upload-artifact@v7 uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
with: with:
name: ${{ matrix.name }} name: ${{ matrix.name }}
path: ${{ matrix.name }} path: ${{ matrix.name }}
@@ -175,7 +174,7 @@ jobs:
- name: Release | Upload installer artifacts [Windows] - name: Release | Upload installer artifacts [Windows]
continue-on-error: true continue-on-error: true
if: matrix.os == 'windows-latest' if: matrix.os == 'windows-latest'
uses: actions/upload-artifact@v7 uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
with: with:
name: starship-${{ matrix.target }}.msi name: starship-${{ matrix.target }}.msi
path: target/${{ matrix.target }}/release/starship-${{ matrix.target }}.msi path: target/${{ matrix.target }}/release/starship-${{ matrix.target }}.msi
@@ -205,7 +204,7 @@ jobs:
STARSHIP_VERSION: ${{ needs.release_please.outputs.tag_name }} STARSHIP_VERSION: ${{ needs.release_please.outputs.tag_name }}
steps: steps:
- name: Checkout repository - name: Checkout repository
uses: actions/checkout@v6 uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with: with:
# Required to include the recently merged Crowdin PR # Required to include the recently merged Crowdin PR
ref: master ref: master
@@ -242,7 +241,7 @@ jobs:
xcrun notarytool store-credentials "$KEYCHAIN_ENTRY" --team-id "$APPLEID_TEAMID" --apple-id "$APPLEID_USERNAME" --password "$APPLEID_PASSWORD" --keychain "$KEYCHAIN_PATH" xcrun notarytool store-credentials "$KEYCHAIN_ENTRY" --team-id "$APPLEID_TEAMID" --apple-id "$APPLEID_USERNAME" --password "$APPLEID_PASSWORD" --keychain "$KEYCHAIN_PATH"
- name: Setup | Node - name: Setup | Node
uses: actions/setup-node@v6 uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
with: with:
node-version: 24.15.0 node-version: 24.15.0
@@ -253,7 +252,7 @@ jobs:
npm run build npm run build
- name: Notarize | Download artifacts - name: Notarize | Download artifacts
uses: actions/download-artifact@v8 uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with: with:
name: ${{ matrix.name }} name: ${{ matrix.name }}
path: artifacts path: artifacts
@@ -265,7 +264,7 @@ jobs:
run: bash install/macos_packages/build_and_notarize.sh starship docs ${{ matrix.arch }} ${{ matrix.pkgname }} run: bash install/macos_packages/build_and_notarize.sh starship docs ${{ matrix.arch }} ${{ matrix.pkgname }}
- name: Notarize | Upload Notarized Flat Installer - name: Notarize | Upload Notarized Flat Installer
uses: actions/upload-artifact@v7 uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
with: with:
name: ${{ matrix.pkgname }} name: ${{ matrix.pkgname }}
path: ${{ matrix.pkgname }} path: ${{ matrix.pkgname }}
@@ -274,7 +273,7 @@ jobs:
run: tar czvf ${{ matrix.name }} starship run: tar czvf ${{ matrix.name }} starship
- name: Notarize | Upload Notarized Binary - name: Notarize | Upload Notarized Binary
uses: actions/upload-artifact@v7 uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
with: with:
name: ${{ matrix.name }} name: ${{ matrix.name }}
path: ${{ matrix.name }} path: ${{ matrix.name }}
@@ -293,7 +292,7 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: Setup | Artifacts - name: Setup | Artifacts
uses: actions/download-artifact@v8 uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
- name: Setup | Checksums - name: Setup | Checksums
run: for file in starship-*/starship-*; do openssl dgst -sha256 -r "$file" | awk '{print $1}' > "${file}.sha256"; done run: for file in starship-*/starship-*; do openssl dgst -sha256 -r "$file" | awk '{print $1}' > "${file}.sha256"; done
@@ -304,10 +303,9 @@ jobs:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Build | Add Artifacts to Release - name: Build | Add Artifacts to Release
uses: softprops/action-gh-release@v3 run: gh release upload ${{ needs.release_please.outputs.tag_name }} starship-*/starship-* --repo starship/starship
with: env:
files: starship-*/starship-* GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
tag_name: ${{ needs.release_please.outputs.tag_name }}
# Publish starship to Crates.io # Publish starship to Crates.io
cargo_publish: cargo_publish:
@@ -319,13 +317,13 @@ jobs:
id-token: write id-token: write
steps: steps:
- name: Setup | Checkout - name: Setup | Checkout
uses: actions/checkout@v6 uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Setup | Rust - name: Setup | Rust
uses: dtolnay/rust-toolchain@stable run: rustup toolchain install stable --profile minimal --no-self-update
- name: Build | Authenticate - name: Build | Authenticate
uses: rust-lang/crates-io-auth-action@v1 uses: rust-lang/crates-io-auth-action@b7e9a28eded4986ec6b1fa40eeee8f8f165559ec # v1.0.3
id: auth id: auth
- name: Build | Publish - name: Build | Publish
@@ -337,7 +335,7 @@ jobs:
needs: [release_please, upload_artifacts] needs: [release_please, upload_artifacts]
if: ${{ needs.release_please.outputs.release_created == 'true' }} if: ${{ needs.release_please.outputs.release_created == 'true' }}
steps: steps:
- uses: mislav/bump-homebrew-formula-action@v4.1 - uses: mislav/bump-homebrew-formula-action@ccf2332299a883f6af50a1d2d41e5df7904dd769 # v4.1
with: with:
formula-name: starship formula-name: starship
tag-name: ${{ needs.release_please.outputs.tag_name }} tag-name: ${{ needs.release_please.outputs.tag_name }}
@@ -377,9 +375,9 @@ jobs:
if: ${{ needs.release_please.outputs.release_created == 'true' }} if: ${{ needs.release_please.outputs.release_created == 'true' }}
steps: steps:
- name: Setup | Checkout - name: Setup | Checkout
uses: actions/checkout@v6 uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Setup | Artifacts - name: Setup | Artifacts
uses: actions/download-artifact@v8 uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
- run: pwsh ./install/windows/choco/update.ps1 - run: pwsh ./install/windows/choco/update.ps1
env: env:
STARSHIP_VERSION: ${{ needs.release_please.outputs.tag_name }} STARSHIP_VERSION: ${{ needs.release_please.outputs.tag_name }}
@@ -393,7 +391,7 @@ jobs:
continue-on-error: true continue-on-error: true
steps: steps:
- name: Setup | Checkout - name: Setup | Checkout
uses: actions/checkout@v6 uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Merge | Merge Crowdin PR - name: Merge | Merge Crowdin PR
run: gh pr merge i18n_master --squash --repo=starship/starship run: gh pr merge i18n_master --squash --repo=starship/starship
env: env:
@@ -405,7 +403,7 @@ jobs:
needs: merge_crowdin_pr needs: merge_crowdin_pr
steps: steps:
- name: Setup | Checkout - name: Setup | Checkout
uses: actions/checkout@v6 uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Trigger workflow dispatch - name: Trigger workflow dispatch
run: gh workflow run publish-docs.yml run: gh workflow run publish-docs.yml
env: env:
.github/workflows/security-audit.yml
+2 -2
View File
@@ -22,8 +22,8 @@ jobs:
steps: steps:
- name: Setup | Checkout - name: Setup | Checkout
uses: actions/checkout@v6 uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Test | Security Audit - name: Test | Security Audit
uses: EmbarkStudios/cargo-deny-action@v2.0.17 uses: EmbarkStudios/cargo-deny-action@91bf2b620e09e18d6eb78b92e7861937469acedb # v2.0.17
with: with:
command: check ${{ matrix.checks }} command: check ${{ matrix.checks }}
.github/workflows/spell-check.yml
+2 -2
View File
@@ -6,5 +6,5 @@ jobs:
name: Spell Check with Typos name: Spell Check with Typos
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@v6 - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- uses: crate-ci/typos@v1.45.2 - uses: crate-ci/typos@7c572958218557a3272c2d6719629443b5cc26fd # v1.45.2
.github/workflows/workflow.yml
+34 -39
View File
@@ -24,12 +24,10 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: Setup | Checkout - name: Setup | Checkout
uses: actions/checkout@v6 uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Setup | Rust - name: Setup | Rust
uses: dtolnay/rust-toolchain@stable run: rustup toolchain install stable --profile minimal --component rustfmt --no-self-update
with:
components: rustfmt
- name: Build | Format - name: Build | Format
run: cargo fmt --all -- --check run: cargo fmt --all -- --check
@@ -43,18 +41,16 @@ jobs:
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
steps: steps:
- name: Setup | Checkout - name: Setup | Checkout
uses: actions/checkout@v6 uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Setup | Rust - name: Setup | Rust
uses: dtolnay/rust-toolchain@stable run: rustup toolchain install stable --profile minimal --component clippy --no-self-update
with:
components: clippy
- name: Setup | Cache - name: Setup | Cache
uses: Swatinem/rust-cache@v2 uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 # v2
- name: Build | Lint - name: Build | Lint
uses: giraffate/clippy-action@94e9bd8deab2618756ec5380f12eb35bcb0a88ca run: cargo clippy --workspace --locked -- -D warnings
# Ensure that the project could be successfully compiled # Ensure that the project could be successfully compiled
cargo_check: cargo_check:
@@ -62,13 +58,13 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: Setup | Checkout - name: Setup | Checkout
uses: actions/checkout@v6 uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Setup | Rust - name: Setup | Rust
uses: dtolnay/rust-toolchain@stable run: rustup toolchain install stable --profile minimal --no-self-update
- name: Setup | Cache - name: Setup | Cache
uses: Swatinem/rust-cache@v2 uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 # v2
- name: Build | Check - name: Build | Check
run: cargo check --workspace --locked run: cargo check --workspace --locked
@@ -80,13 +76,13 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: Setup | Checkout - name: Setup | Checkout
uses: actions/checkout@v6 uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Setup | Rust - name: Setup | Rust
uses: dtolnay/rust-toolchain@stable run: rustup toolchain install stable --profile minimal --no-self-update
- name: Setup | Cache - name: Setup | Cache
uses: Swatinem/rust-cache@v2 uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 # v2
- name: Build | Check - name: Build | Check
run: cargo check --workspace --locked --no-default-features run: cargo check --workspace --locked --no-default-features
@@ -98,13 +94,13 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: Setup | Checkout - name: Setup | Checkout
uses: actions/checkout@v6 uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Setup | Rust - name: Setup | Rust
uses: dtolnay/rust-toolchain@stable run: rustup toolchain install stable --profile minimal --no-self-update
- name: Setup | Cache - name: Setup | Cache
uses: Swatinem/rust-cache@v2 uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 # v2
- name: Build | Check - name: Build | Check
run: cargo check --workspace --locked --all-features run: cargo check --workspace --locked --all-features
@@ -115,28 +111,26 @@ jobs:
needs: cargo_check needs: cargo_check
runs-on: ubuntu-latest runs-on: ubuntu-latest
permissions: permissions:
checks: write
contents: read contents: read
pull-requests: write
steps: steps:
- name: Setup | Checkout - name: Setup | Checkout
uses: actions/checkout@v6 uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Setup | Rust - name: Setup | Rust
uses: dtolnay/rust-toolchain@stable run: rustup toolchain install stable --profile minimal --no-self-update
- name: Setup | Cache - name: Setup | Cache
uses: Swatinem/rust-cache@v2 uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 # v2
- name: Run | Generate Schema - name: Run | Generate Schema
run: cargo run --locked --features config-schema -- config-schema > .github/config-schema.json run: cargo run --locked --features config-schema -- config-schema > .github/config-schema.json
- name: Check | Detect Changes - name: Check | Detect Changes
uses: reviewdog/action-suggester@v1.24.0 run: |
with: if ! git diff --exit-code .github/config-schema.json; then
tool_name: starship config-schema echo "::error file=.github/config-schema.json::config-schema.json is out of date. Run 'cargo run --features config-schema -- config-schema > .github/config-schema.json' and commit the result."
filter_mode: nofilter exit 1
fail_on_error: 'true' fi
# Run tests on Linux, macOS, and Windows # Run tests on Linux, macOS, and Windows
# On both Rust stable and Rust nightly # On both Rust stable and Rust nightly
@@ -156,20 +150,21 @@ jobs:
RUSTFLAGS: ${{ matrix.rustflags || '' }} RUSTFLAGS: ${{ matrix.rustflags || '' }}
steps: steps:
- name: Setup | Checkout - name: Setup | Checkout
uses: actions/checkout@v6 uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
# Install all the required dependencies for testing # Install all the required dependencies for testing
- name: Setup | Rust - name: Setup | Rust
uses: dtolnay/rust-toolchain@master run: |
with: rustup toolchain install ${{ matrix.rust }} --profile minimal --component llvm-tools-preview --no-self-update
toolchain: ${{ matrix.rust }} rustup default ${{ matrix.rust }}
components: llvm-tools-preview
- name: Setup | Cache - name: Setup | Cache
uses: Swatinem/rust-cache@v2 uses: Swatinem/rust-cache@e18b497796c12c097a38f9edb9d0641fb99eee32 # v2
- name: Install cargo-llvm-cov - name: Install cargo-llvm-cov
uses: taiki-e/install-action@cargo-llvm-cov uses: taiki-e/install-action@7a4939c09608b2a1986b484eca1d16fd0db8ebef # v2.75.5
with:
tool: cargo-llvm-cov@0.8.5
# For windows installer test # For windows installer test
# On stable rust & main repo pushes only # On stable rust & main repo pushes only
@@ -228,7 +223,7 @@ jobs:
STARSHIP_VERSION: v1.2.3 STARSHIP_VERSION: v1.2.3
- name: Sign | Upload Executable [Windows] - name: Sign | Upload Executable [Windows]
uses: actions/upload-artifact@v7 uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
continue-on-error: true continue-on-error: true
id: unsigned-artifacts id: unsigned-artifacts
if: matrix.os == 'windows-latest' && matrix.rust == 'stable' && github.event_name == 'push' && github.repository == 'starship/starship' if: matrix.os == 'windows-latest' && matrix.rust == 'stable' && github.event_name == 'push' && github.repository == 'starship/starship'
@@ -239,7 +234,7 @@ jobs:
target/debug/starship-x86_64-pc-windows-msvc.msi target/debug/starship-x86_64-pc-windows-msvc.msi
- name: Sign | Sign [Windows] - name: Sign | Sign [Windows]
uses: signpath/github-action-submit-signing-request@v2 uses: signpath/github-action-submit-signing-request@bc66d86b015a46e9c6d9700de73143a82f9570ff # v2.1
continue-on-error: true continue-on-error: true
if: matrix.os == 'windows-latest' && matrix.rust == 'stable' && github.event_name == 'push' && github.repository == 'starship/starship' if: matrix.os == 'windows-latest' && matrix.rust == 'stable' && github.event_name == 'push' && github.repository == 'starship/starship'
with: with:
@@ -252,7 +247,7 @@ jobs:
output-artifact-directory: target/debug output-artifact-directory: target/debug
- name: Upload coverage to Codecov - name: Upload coverage to Codecov
uses: codecov/codecov-action@v6 uses: codecov/codecov-action@57e3a136b779b570ffcdbf80b3bdc90e7fab3de2 # v6.0.0
if: github.repository == 'starship/starship' if: github.repository == 'starship/starship'
with: with:
token: ${{ secrets.CODECOV_TOKEN }} token: ${{ secrets.CODECOV_TOKEN }}