Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Dependency update automation improvements #973

Closed
7 of 9 tasks
marco-ippolito opened this issue May 2, 2023 · 4 comments
Closed
7 of 9 tasks

Dependency update automation improvements #973

marco-ippolito opened this issue May 2, 2023 · 4 comments
Labels
good first issue help wanted

Comments

@marco-ippolito
Copy link
Member

marco-ippolito commented May 2, 2023
edited
Loading

Here a list of improvements to the dependency update workflow
@marco-ippolito marco-ippolito mentioned this issue May 15, 2023
Merged
fasenderos added a commit to fasenderos/node that referenced this issue May 17, 2023
@fasenderos
tools: zlib update by checking latest commit
cf83e03 
Refs: nodejs/security-wg#973
@fasenderos fasenderos mentioned this issue May 18, 2023
Merged
@marco-ippolito marco-ippolito mentioned this issue May 19, 2023
Merged
This was referenced May 19, 2023
Merged
Merged
fasenderos added a commit to fasenderos/node that referenced this issue May 22, 2023
@fasenderos
tools: zlib update by checking latest commit
141d4ca 
Refs: nodejs/security-wg#973
fasenderos added a commit to fasenderos/node that referenced this issue May 22, 2023
@fasenderos
tools: zlib update by checking latest commit
60cc7a3 
Refs: nodejs/security-wg#973
fasenderos added a commit to fasenderos/node that referenced this issue May 22, 2023
@fasenderos
tools: zlib update by checking latest commit
380b1e4 
Refs: nodejs/security-wg#973
aduh95 pushed a commit to fasenderos/node that referenced this issue May 24, 2023
@fasenderos @aduh95
tools: use latest upstream commit for zlib updates
860d7e3 
Zlib rarely gets new tags or releases, so now we use the latest commit
on the upstream default branch to check if an update is available.

Refs: nodejs/security-wg#973
PR-URL: nodejs#48054
Reviewed-By: Marco Ippolito <[email protected]>
Reviewed-By: Luigi Pinca <[email protected]>
Reviewed-By: Antoine du Hamel <[email protected]>
nodejs-github-bot pushed a commit to nodejs/node that referenced this issue May 25, 2023
@marco-ippolito
tools: open issue when update workflow fails
c488558 
PR-URL: #48018
Refs: nodejs/security-wg#973
Reviewed-By: Richard Lau <[email protected]>
fasenderos added a commit to fasenderos/node that referenced this issue May 25, 2023
@fasenderos
tools: add version update to external dependencies
5a9b20d 
Refs: nodejs/security-wg#973
Most of the duplicated code in all the dependencies updaters has been moved in the `utils.sh` file
fasenderos added a commit to fasenderos/node that referenced this issue May 25, 2023
@fasenderos
tools: add version update to external dependencies
1596c43 
Refs: nodejs/security-wg#973
Most of the duplicated code in all the dependencies updaters
has been moved in the `utils.sh` file
nodejs-github-bot pushed a commit to nodejs/node that referenced this issue May 25, 2023
@fasenderos
tools: log and verify sha256sum
847b9e0 
PR-URL: #48088
Refs: nodejs/security-wg#973
Reviewed-By: Rafael Gonzaga <[email protected]>
Reviewed-By: Marco Ippolito <[email protected]>
lutaok added a commit to lutaok/node that referenced this issue May 26, 2023
@lutaok
tools: order dependency jobs alphabetically
c90e7ac 
Refs: nodejs/security-wg#973
lutaok added a commit to lutaok/node that referenced this issue May 26, 2023
@lutaok
tools: add missing dependencies options
4f40ee5 
Refs: nodejs/security-wg#973
@lutaok lutaok mentioned this issue May 26, 2023
Merged
marco-ippolito pushed a commit to marco-ippolito/node that referenced this issue May 26, 2023
@fasenderos @marco-ippolito
tools: log and verify sha256sum
163922e 
PR-URL: nodejs#48088
Refs: nodejs/security-wg#973
Reviewed-By: Rafael Gonzaga <[email protected]>
Reviewed-By: Marco Ippolito <[email protected]>
fasenderos added a commit to fasenderos/node that referenced this issue May 26, 2023
@fasenderos
tools: add version update to external dependencies
7f19d30 
Refs: nodejs/security-wg#973
Most of the duplicated code in all the dependencies updaters
has been moved in the `utils.sh` file
lutaok added a commit to lutaok/node that referenced this issue May 26, 2023
@lutaok
tools: Revert spacing before comments
3be7024 
PR-URL: nodejs#48184
Refs: nodejs/security-wg#973
@fasenderos fasenderos mentioned this issue May 27, 2023
Merged
@fasenderos
Copy link

  1. add version - PR in tools: add version to maintaining-dependencies.md dependencies list and automate the update node#48081
  2. log shashum - landed in nodejs/node@847b9e0
  3. rate limit - PR in tools: authenticate github api request to avoid rate limit node#48200

nodejs-github-bot pushed a commit to nodejs/node that referenced this issue May 29, 2023
@lutaok
tools: order dependency jobs alphabetically
607c8f4 
Refs: nodejs/security-wg#973
PR-URL: #48184
Reviewed-By: Marco Ippolito <[email protected]>
Reviewed-By: Mestery <[email protected]>
Reviewed-By: Luigi Pinca <[email protected]>
Reviewed-By: Debadree Chatterjee <[email protected]>
nodejs-github-bot pushed a commit to nodejs/node that referenced this issue May 29, 2023
@fasenderos
tools: deps update authenticate github api request
40b89c5 
PR-URL: #48200
Fixes: #48119
Refs: nodejs/security-wg#973
Reviewed-By: Luigi Pinca <[email protected]>
Reviewed-By: Marco Ippolito <[email protected]>
Reviewed-By: Moshe Atlow <[email protected]>
Reviewed-By: Mestery <[email protected]>
targos pushed a commit to nodejs/node that referenced this issue May 30, 2023
@fasenderos @targos
tools: use latest upstream commit for zlib updates
4cf5a9e 
Zlib rarely gets new tags or releases, so now we use the latest commit
on the upstream default branch to check if an update is available.

Refs: nodejs/security-wg#973
PR-URL: #48054
Reviewed-By: Marco Ippolito <[email protected]>
Reviewed-By: Luigi Pinca <[email protected]>
Reviewed-By: Antoine du Hamel <[email protected]>
targos pushed a commit to nodejs/node that referenced this issue May 30, 2023
@marco-ippolito @targos
tools: open issue when update workflow fails
db62325 
PR-URL: #48018
Refs: nodejs/security-wg#973
Reviewed-By: Richard Lau <[email protected]>
targos pushed a commit to nodejs/node that referenced this issue May 30, 2023
@fasenderos @targos
tools: log and verify sha256sum
801573b 
PR-URL: #48088
Refs: nodejs/security-wg#973
Reviewed-By: Rafael Gonzaga <[email protected]>
Reviewed-By: Marco Ippolito <[email protected]>
targos pushed a commit to nodejs/node that referenced this issue May 30, 2023
@lutaok @targos
tools: order dependency jobs alphabetically
7478ed0 
Refs: nodejs/security-wg#973
PR-URL: #48184
Reviewed-By: Marco Ippolito <[email protected]>
Reviewed-By: Mestery <[email protected]>
Reviewed-By: Luigi Pinca <[email protected]>
Reviewed-By: Debadree Chatterjee <[email protected]>
targos pushed a commit to nodejs/node that referenced this issue May 30, 2023
@fasenderos @targos
tools: deps update authenticate github api request
a60bc41 
PR-URL: #48200
Fixes: #48119
Refs: nodejs/security-wg#973
Reviewed-By: Luigi Pinca <[email protected]>
Reviewed-By: Marco Ippolito <[email protected]>
Reviewed-By: Moshe Atlow <[email protected]>
Reviewed-By: Mestery <[email protected]>
fasenderos added a commit to fasenderos/node that referenced this issue May 30, 2023
@fasenderos
tools: add version update to external dependencies
d5bb5c7 
Refs: nodejs/security-wg#973
Most of the duplicated code in all the dependencies updaters
has been moved in the `utils.sh` file
nodejs-github-bot pushed a commit to nodejs/node that referenced this issue Jun 6, 2023
@fasenderos
tools: add version update to external dependencies
c541153 
Refs: nodejs/security-wg#973
Most of the duplicated code in all the dependencies updaters
has been moved in the `utils.sh` file

PR-URL: #48081
Refs: nodejs/security-wg#973
Reviewed-By: Marco Ippolito <[email protected]>
RafaelGSS pushed a commit to nodejs/node that referenced this issue Jul 3, 2023
@fasenderos @RafaelGSS
tools: add version update to external dependencies
10385c8 
Refs: nodejs/security-wg#973
Most of the duplicated code in all the dependencies updaters
has been moved in the `utils.sh` file

PR-URL: #48081
Refs: nodejs/security-wg#973
Reviewed-By: Marco Ippolito <[email protected]>
danielleadams pushed a commit to nodejs/node that referenced this issue Jul 6, 2023
@fasenderos @danielleadams
tools: use latest upstream commit for zlib updates
3fd4d35 
Zlib rarely gets new tags or releases, so now we use the latest commit
on the upstream default branch to check if an update is available.

Refs: nodejs/security-wg#973
PR-URL: #48054
Reviewed-By: Marco Ippolito <[email protected]>
Reviewed-By: Luigi Pinca <[email protected]>
Reviewed-By: Antoine du Hamel <[email protected]>
danielleadams pushed a commit to nodejs/node that referenced this issue Jul 6, 2023
@marco-ippolito @danielleadams
tools: open issue when update workflow fails
340073d 
PR-URL: #48018
Refs: nodejs/security-wg#973
Reviewed-By: Richard Lau <[email protected]>
danielleadams pushed a commit to nodejs/node that referenced this issue Jul 6, 2023
@fasenderos @danielleadams
tools: log and verify sha256sum
5767844 
PR-URL: #48088
Refs: nodejs/security-wg#973
Reviewed-By: Rafael Gonzaga <[email protected]>
Reviewed-By: Marco Ippolito <[email protected]>
MoLow pushed a commit to MoLow/node that referenced this issue Jul 6, 2023
@fasenderos @MoLow
tools: use latest upstream commit for zlib updates
9b849a7 
Zlib rarely gets new tags or releases, so now we use the latest commit
on the upstream default branch to check if an update is available.

Refs: nodejs/security-wg#973
PR-URL: nodejs#48054
Reviewed-By: Marco Ippolito <[email protected]>
Reviewed-By: Luigi Pinca <[email protected]>
Reviewed-By: Antoine du Hamel <[email protected]>
MoLow pushed a commit to MoLow/node that referenced this issue Jul 6, 2023
@marco-ippolito @MoLow
tools: open issue when update workflow fails
9aed868 
PR-URL: nodejs#48018
Refs: nodejs/security-wg#973
Reviewed-By: Richard Lau <[email protected]>
MoLow pushed a commit to MoLow/node that referenced this issue Jul 6, 2023
@fasenderos @MoLow
tools: log and verify sha256sum
24abe07 
PR-URL: nodejs#48088
Refs: nodejs/security-wg#973
Reviewed-By: Rafael Gonzaga <[email protected]>
Reviewed-By: Marco Ippolito <[email protected]>
Ceres6 pushed a commit to Ceres6/node that referenced this issue Aug 14, 2023
@fasenderos @Ceres6
tools: use latest upstream commit for zlib updates
d4ea79f 
Zlib rarely gets new tags or releases, so now we use the latest commit
on the upstream default branch to check if an update is available.

Refs: nodejs/security-wg#973
PR-URL: nodejs#48054
Reviewed-By: Marco Ippolito <[email protected]>
Reviewed-By: Luigi Pinca <[email protected]>
Reviewed-By: Antoine du Hamel <[email protected]>
Ceres6 pushed a commit to Ceres6/node that referenced this issue Aug 14, 2023
@marco-ippolito @Ceres6
tools: open issue when update workflow fails
4e085e1 
PR-URL: nodejs#48018
Refs: nodejs/security-wg#973
Reviewed-By: Richard Lau <[email protected]>
Ceres6 pushed a commit to Ceres6/node that referenced this issue Aug 14, 2023
@fasenderos @Ceres6
tools: log and verify sha256sum
600a0c0 
PR-URL: nodejs#48088
Refs: nodejs/security-wg#973
Reviewed-By: Rafael Gonzaga <[email protected]>
Reviewed-By: Marco Ippolito <[email protected]>
Ceres6 pushed a commit to Ceres6/node that referenced this issue Aug 14, 2023
@lutaok @Ceres6
tools: order dependency jobs alphabetically
9a08661 
Refs: nodejs/security-wg#973
PR-URL: nodejs#48184
Reviewed-By: Marco Ippolito <[email protected]>
Reviewed-By: Mestery <[email protected]>
Reviewed-By: Luigi Pinca <[email protected]>
Reviewed-By: Debadree Chatterjee <[email protected]>
Ceres6 pushed a commit to Ceres6/node that referenced this issue Aug 14, 2023
@fasenderos @Ceres6
tools: deps update authenticate github api request
6e77e60 
PR-URL: nodejs#48200
Fixes: nodejs#48119
Refs: nodejs/security-wg#973
Reviewed-By: Luigi Pinca <[email protected]>
Reviewed-By: Marco Ippolito <[email protected]>
Reviewed-By: Moshe Atlow <[email protected]>
Reviewed-By: Mestery <[email protected]>
Ceres6 pushed a commit to Ceres6/node that referenced this issue Aug 14, 2023
@fasenderos @Ceres6
tools: add version update to external dependencies
18cae43 
Refs: nodejs/security-wg#973
Most of the duplicated code in all the dependencies updaters
has been moved in the `utils.sh` file

PR-URL: nodejs#48081
Refs: nodejs/security-wg#973
Reviewed-By: Marco Ippolito <[email protected]>
Ceres6 pushed a commit to Ceres6/node that referenced this issue Aug 14, 2023
@fasenderos @Ceres6
tools: use latest upstream commit for zlib updates
19d2231 
Zlib rarely gets new tags or releases, so now we use the latest commit
on the upstream default branch to check if an update is available.

Refs: nodejs/security-wg#973
PR-URL: nodejs#48054
Reviewed-By: Marco Ippolito <[email protected]>
Reviewed-By: Luigi Pinca <[email protected]>
Reviewed-By: Antoine du Hamel <[email protected]>
Ceres6 pushed a commit to Ceres6/node that referenced this issue Aug 14, 2023
@marco-ippolito @Ceres6
tools: open issue when update workflow fails
14920d0 
PR-URL: nodejs#48018
Refs: nodejs/security-wg#973
Reviewed-By: Richard Lau <[email protected]>
Ceres6 pushed a commit to Ceres6/node that referenced this issue Aug 14, 2023
@fasenderos @Ceres6
tools: log and verify sha256sum
baa9eb6 
PR-URL: nodejs#48088
Refs: nodejs/security-wg#973
Reviewed-By: Rafael Gonzaga <[email protected]>
Reviewed-By: Marco Ippolito <[email protected]>
Ceres6 pushed a commit to Ceres6/node that referenced this issue Aug 14, 2023
@lutaok @Ceres6
tools: order dependency jobs alphabetically
1444273 
Refs: nodejs/security-wg#973
PR-URL: nodejs#48184
Reviewed-By: Marco Ippolito <[email protected]>
Reviewed-By: Mestery <[email protected]>
Reviewed-By: Luigi Pinca <[email protected]>
Reviewed-By: Debadree Chatterjee <[email protected]>
Ceres6 pushed a commit to Ceres6/node that referenced this issue Aug 14, 2023
@fasenderos @Ceres6
tools: deps update authenticate github api request
028be86 
PR-URL: nodejs#48200
Fixes: nodejs#48119
Refs: nodejs/security-wg#973
Reviewed-By: Luigi Pinca <[email protected]>
Reviewed-By: Marco Ippolito <[email protected]>
Reviewed-By: Moshe Atlow <[email protected]>
Reviewed-By: Mestery <[email protected]>
Ceres6 pushed a commit to Ceres6/node that referenced this issue Aug 14, 2023
@fasenderos @Ceres6
tools: add version update to external dependencies
dc55b7a 
Refs: nodejs/security-wg#973
Most of the duplicated code in all the dependencies updaters
has been moved in the `utils.sh` file

PR-URL: nodejs#48081
Refs: nodejs/security-wg#973
Reviewed-By: Marco Ippolito <[email protected]>
@github-actions
Copy link
Contributor

github-actions bot commented Sep 5, 2023

This issue is stale because it has been open many days with no activity. It will be closed soon unless the stale label is removed or a comment is made.

@github-actions github-actions bot added the stale label Sep 5, 2023
@RafaelGSS
Copy link
Member

@marco-ippolito should we create another issue just for v8 update and close this one as completed?

@marco-ippolito
Copy link
Member Author

yes v8 requires a different type of effort

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
good first issue help wanted
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@fasenderos @RafaelGSS @marco-ippolito