Skip to content

chore: update actions/cached-node-modules GitHub Action #3549

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Feb 3, 2025
Merged

chore: update actions/cached-node-modules GitHub Action #3549

merged 2 commits into from
Feb 3, 2025

Conversation

dreamorosi
Copy link
Contributor

Summary

Changes

Please provide a summary of what's being changed

This PR updates the hash for the actions/cached-node-modules GitHub Actions to use the latest version. This will allow us to continue using the composite action, which now uses a more recent version of actions/cached.

Please add the issue number below, if no issue is present the PR might get blocked and not be reviewed

Issue number: closes #3548

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

Disclaimer: We value your time and bandwidth. As such, any pull requests created on non-triaged issues might not be successful.

@dreamorosi dreamorosi self-assigned this Feb 3, 2025
@dreamorosi dreamorosi requested a review from a team February 3, 2025 08:59
@dreamorosi dreamorosi requested a review from a team as a code owner February 3, 2025 08:59
@boring-cyborg boring-cyborg bot added the automation This item relates to automation label Feb 3, 2025
@pull-request-size pull-request-size bot added the size/M PR between 30-99 LOC label Feb 3, 2025
@dreamorosi dreamorosi requested a review from am29d February 3, 2025 09:00
@sonarqubecloud SonarQubeCloud
Copy link

sonarqubecloud bot commented Feb 3, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@leandrodamascena leandrodamascena added the do-not-merge This item should not be merged label Feb 3, 2025
@dreamorosi
Copy link
Contributor Author

@leandrodamascena - why the do-not-merge label?

@leandrodamascena
Copy link
Contributor

Before merging, I have a question that I don't know the answer to and I probably need to adopt this in Python as well.

I see that you are adding an action from aws-powertools/actions with sha hash, so does this mean that if you update this action in the source repository, dependabot will be able to bump this version here OR this sha if it is from the main branch?

@leandrodamascena leandrodamascena removed the do-not-merge This item should not be merged label Feb 3, 2025
@dreamorosi
Copy link
Contributor Author

Before merging, I have a question that I don't know the answer to and I probably need to adopt this in Python as well.

I see that you are adding an action from aws-powertools/actions with sha hash, so does this mean that if you update this action in the source repository, dependabot will be able to bump this version here OR this sha if it is from the main branch?

It's a hash from the main branch, making changes to the repo does not change the source of this action, Dependabot won't pick it up even if we make changes because it requires a release hash, which we don't do.

I've changed this action 6mo ago the last time, and I don't expect to change it for a long time.

@dreamorosi dreamorosi merged commit 11909ae into main Feb 3, 2025
77 of 78 checks passed
@dreamorosi dreamorosi deleted the chore/update_cached-node-moduels branch February 3, 2025 09:12
@dreamorosi
Copy link
Contributor Author

Integration tests on this branch were passing.

@leandrodamascena
Copy link
Contributor

Before merging, I have a question that I don't know the answer to and I probably need to adopt this in Python as well.

I see that you are adding an action from aws-powertools/actions with sha hash, so does this mean that if you update this action in the source repository, dependabot will be able to bump this version here OR this sha if it is from the main branch?

It's a hash from the main branch, making changes to the repo does not change the source of this action, Dependabot won't pick it up even if we make changes because it requires a release hash, which we don't do.

Thanks for the explanation.

@dreamorosi
Copy link
Contributor Author

If we add more actions to that repo, which was the point of having it in the first place, we should probably set up actual releases and leverage Dependabot.

The thing I'm unsure about is how to release multiple packages from the same repo, but we can look into it if needed.

@leandrodamascena
Copy link
Contributor

The thing I'm unsure about is how to release multiple packages from the same repo, but we can look into it if needed.

I'm not sure I understand the question. But if you're talking about releasing multiple actions, I think if we just create a tag and GH release it, dependabot will work.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@am29d am29d am29d approved these changes

Assignees

@dreamorosi dreamorosi

Labels
automation This item relates to automation size/M PR between 30-99 LOC
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Maintenance: update actions/cached-node-modules GitHub Action
3 participants
@dreamorosi @leandrodamascena @am29d