Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update staticcheck x GitHub action guide #1487

Open
wants to merge 5 commits into
base: master
Choose a base branch
from
Open

Update staticcheck x GitHub action guide #1487

wants to merge 5 commits into from

Conversation

novalagung
Copy link

@novalagung novalagung commented Dec 27, 2023
edited
Loading

Changelogs:

  • Use the GitHub actions/checkout@v4 instead of the old one. also, remove the fetch-depth property as the default is already set to 1.
  • Fix the go versions in the example. the go v1.16.x is not supported by staticcheck v2022.1.1
  • adjust space/indentation

@novalagung
Copy link
Author

friendly ping for @dominikh, kindly review this PR, thanks!

@novalagung novalagung requested a review from methane June 20, 2024 12:29
@novalagung novalagung requested a review from ccoVeille June 24, 2024 06:35
ccoVeille
ccoVeille approved these changes Jun 24, 2024
View reviewed changes
Copy link

@ccoVeille ccoVeille left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 👍

One remark anyway. Maybe I missed it, but I think this page should mention it's important to set up and use dependabot/renovate/whatever to keep this action update.

First. It would be better, and safer for everyone.

Then even if documentation is obsolete (because newer version of actions are available) and copy pasted, it will be fixed automatically.

@dominikh
Copy link
Owner

but I think this page should mention it's important to set up and use dependabot/renovate/whatever to keep this action update.

I do not advocate the use of Dependabot or similarly noisy tools that desire to update dependencies for the sake of updating them.

@ccoVeille
Copy link

but I think this page should mention it's important to set up and use dependabot/renovate/whatever to keep this action update.

I do not advocate the use of Dependabot or similarly noisy tools that desire to update dependencies for the sake of updating them.

That's right. It's definitely noisy. But somehow useful, otherwise it won't be everywhere. But that's a another topic 😅

Stepping out about the need to use such a not, my remark stays. The documentation could mention the example provided in the markdown should mention it may be out of date, and people should adapt to use latest version.

@dominikh
Copy link
Owner

I will probably switch to using latest, stable etc in the examples, and document that preferably people pin to specific versions instead. I'd much rather people ignore the advice to pin and run newer versions when they don't intend to than that people ignore the advice to update regularly and run older versions.

Plus I'm getting tired of having to update examples.

@ccoVeille
Copy link

That's a good approach.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ccoVeille ccoVeille ccoVeille approved these changes

@methane methane Awaiting requested review from methane

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@novalagung @dominikh @ccoVeille @methane