From a283a66d194f2c98d21129b34159980ff764dcb9 Mon Sep 17 00:00:00 2001 From: Tyler Jang Date: Fri, 19 Apr 2024 11:43:03 -0700 Subject: [PATCH 1/5] Support React comments in JSX/TSX (#750) Makes [JSX](https://en.wikipedia.org/wiki/JSX_(JavaScript))/TSX their own file formats to correctly handle `trunk-ignores` like: ```typescript const x = (
{/* trunk-ignore(eslint/@typescript-eslint/no-explicit-any) */}
); ``` Notes: - We won't be able to correctly autogen comment formats in all cases since we don't detect if we're in an XML block or not. But we will parse them correctly - We don't support `{ /* */ }` (i.e. additional or mismatched whitespace), but I think this is fine for now. I did include a singular space since it is [somewhat common](https://github.com/search?type=code&q=%22%7B+%2F*%22+path%3A*.tsx) (even though prettier handles this) - This wasn't working originally since we expect previous line comments to be preceded by only whitespace --- linters/plugin.yaml | 30 +++++++++++++++++++++++++++++- 1 file changed, 29 insertions(+), 1 deletion(-) diff --git a/linters/plugin.yaml b/linters/plugin.yaml index e2c6862bf..f5249f4a8 100644 --- a/linters/plugin.yaml +++ b/linters/plugin.yaml @@ -5,6 +5,14 @@ lint: leading_delimiter: "{-" trailing_delimiter: "-}" + - name: brace-slashes-block + leading_delimiter: "{/*" + trailing_delimiter: "*/}" + + - name: brace-slashes-block-spaced + leading_delimiter: "{ /*" + trailing_delimiter: "*/ }" + - name: dashes-block leading_delimiter: --[[ trailing_delimiter: --]] @@ -282,11 +290,21 @@ lint: extensions: - cjs - js - - jsx - mjs + inherit: + - javascript-xml + comments: + - slashes-block + - slashes-inline + + - name: javascript-xml + extensions: + - jsx comments: - slashes-block - slashes-inline + - brace-slashes-block + - brace-slashes-block-spaced - name: json extensions: @@ -572,10 +590,20 @@ lint: extensions: - mts - ts + inherit: + - typescript-xml + comments: + - slashes-block + - slashes-inline + + - name: typescript-xml + extensions: - tsx comments: - slashes-block - slashes-inline + - brace-slashes-block + - brace-slashes-block-spaced - name: xib extensions: From 0cd81d3b528c5124b4bffa4858950c90c09fa3dc Mon Sep 17 00:00:00 2001 From: Tyler Jang Date: Mon, 22 Apr 2024 18:32:38 -0700 Subject: [PATCH 2/5] Handle eslint pre-9.0.0 (#752) Offers some temporary fixes to make `main` green and provide a migration guide until we have a long-term story for #735. Also includes a node fix with [executing `.bat` files](https://github.com/trunk-io/plugins/actions/runs/8702103641/job/23865448625) related to https://github.com/prebuild/prebuildify/issues/83 --- linters/eslint/README.md | 22 ++++++++++++++++++++++ linters/eslint/eslint.test.ts | 13 +++++++++++++ 2 files changed, 35 insertions(+) create mode 100644 linters/eslint/README.md diff --git a/linters/eslint/README.md b/linters/eslint/README.md new file mode 100644 index 000000000..721c74fc0 --- /dev/null +++ b/linters/eslint/README.md @@ -0,0 +1,22 @@ +# eslint + +## Migration Guide + +Trunk does not yet support `eslint@9.x`, which includes substantial config format changes (see their +[migration guide](https://eslint.org/docs/latest/use/migrate-to-9.0.0#flat-config)). If you'd like +to opt-in to `eslint@9.x` with Trunk before we release official support, you can add the following +override to your `.trunk/trunk.yaml`: + +```yaml +version: 0.1 +--- +lint: + enabled: + - eslint@9.0.0 + definitions: + - name: eslint + direct_configs: + - eslint.config.js + - eslint.config.mjs + - eslint.config.cjs +``` diff --git a/linters/eslint/eslint.test.ts b/linters/eslint/eslint.test.ts index afd88f330..694f2ad4c 100644 --- a/linters/eslint/eslint.test.ts +++ b/linters/eslint/eslint.test.ts @@ -1,6 +1,7 @@ import { spawnSync } from "child_process"; import fs from "fs"; import path from "path"; +import semver from "semver"; import { customLinterCheckTest } from "tests"; import { TrunkLintDriver } from "tests/driver"; import { osTimeoutMultiplier, TEST_DATA } from "tests/utils"; @@ -54,6 +55,7 @@ const preCheck = (driver: TrunkLintDriver) => { cwd: driver.getSandbox(), timeout: INSTALL_TIMEOUT, windowsHide: true, + shell: true, }, ); driver.debug(install); @@ -68,12 +70,22 @@ const preCheck = (driver: TrunkLintDriver) => { } }; +const manualVersionReplacer = (version: string) => { + // NOTE(Tyler): Continue to test eslint pre-9.0.0 and gate until we have a long-term fix. + const parsedVersion = semver.parse(version); + if (parsedVersion && parsedVersion.major >= 9) { + return "8.57.0"; + } + return version; +}; + // This set of testing is incomplete with regard to failure modes and unicode autofixes with eslint, but it serves as a sampling // Use upstream=false in order to supply autofixes for committed files. customLinterCheckTest({ linterName: "eslint", args: `${TEST_DATA} -y --upstream=false`, preCheck, + manualVersionReplacer, pathsToSnapshot: [ path.join(TEST_DATA, "non_ascii.ts"), path.join(TEST_DATA, "eof_autofix.ts"), @@ -86,4 +98,5 @@ customLinterCheckTest({ testName: "bad_install", args: `${TEST_DATA} -y`, preCheck: moveConfig, + manualVersionReplacer, }); From 355be99e025eca965bc286781ce58a859e637a4f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 22 Apr 2024 18:34:19 -0700 Subject: [PATCH 3/5] Bump the dependencies group with 5 updates (#753) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps the dependencies group with 5 updates: | Package | From | To | | --- | --- | --- | | [trunk-io/trunk-action](https://github.com/trunk-io/trunk-action) | `1.1.12` | `1.1.13` | | [github/codeql-action](https://github.com/github/codeql-action) | `3.25.0` | `3.25.1` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.3.1` | `4.3.2` | | [actions/download-artifact](https://github.com/actions/download-artifact) | `4.1.4` | `4.1.5` | | [slackapi/slack-github-action](https://github.com/slackapi/slack-github-action) | `1.25.0` | `1.26.0` | Updates `trunk-io/trunk-action` from 1.1.12 to 1.1.13
Release notes

Sourced from trunk-io/trunk-action's releases.

v1.1.13

What's Changed

  • Continues on failure to install node packages, if user doesn't have a trunk.yaml (#236)

Full Changelog: https://github.com/trunk-io/trunk-action/compare/v1.1.12...v1.1.13

Commits

Updates `github/codeql-action` from 3.25.0 to 3.25.1
Changelog

Sourced from github/codeql-action's changelog.

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

[UNRELEASED]

No user facing changes.

3.25.1 - 17 Apr 2024

  • We are rolling out a feature in April/May 2024 that improves the reliability and performance of analyzing code when analyzing a compiled language with the autobuild build mode. #2235
  • Fix a bug where the init Action would fail if --overwrite was specified in CODEQL_ACTION_EXTRA_OPTIONS. #2245

3.25.0 - 15 Apr 2024

  • The deprecated feature for extracting dependencies for a Python analysis has been removed. #2224

    As a result, the following inputs and environment variables are now ignored:

    • The setup-python-dependencies input to the init Action
    • The CODEQL_ACTION_DISABLE_PYTHON_DEPENDENCY_INSTALLATION environment variable

    We recommend removing any references to these from your workflows. For more information, see the release notes for CodeQL Action v3.23.0 and v2.23.0.

  • Automatically overwrite an existing database if found on the filesystem. #2229

  • Bump the minimum CodeQL bundle version to 2.12.6. #2232

  • A more relevant log message and a diagnostic are now emitted when the file program is not installed on a Linux runner, but is required for Go tracing to succeed. #2234

3.24.10 - 05 Apr 2024

  • Update default CodeQL bundle version to 2.17.0. #2219
  • Add a deprecation warning for customers using CodeQL version 2.12.5 and earlier. These versions of CodeQL were discontinued on 26 March 2024 alongside GitHub Enterprise Server 3.8, and will be unsupported by CodeQL Action versions 3.25.0 and later and versions 2.25.0 and later. #2220
    • If you are using one of these versions, please update to CodeQL CLI version 2.12.6 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version.
    • Alternatively, if you want to continue using a version of the CodeQL CLI between 2.11.6 and 2.12.5, you can replace github/codeql-action/*@v3 by github/codeql-action/*@v3.24.10 and github/codeql-action/*@v2 by github/codeql-action/*@v2.24.10 in your code scanning workflow to ensure you continue using this version of the CodeQL Action.

3.24.9 - 22 Mar 2024

  • Update default CodeQL bundle version to 2.16.5. #2203

3.24.8 - 18 Mar 2024

  • Improve the ease of debugging extraction issues by increasing the verbosity of the extractor logs when running in debug mode. #2195

3.24.7 - 12 Mar 2024

  • Update default CodeQL bundle version to 2.16.4. #2185

3.24.6 - 29 Feb 2024

... (truncated)

Commits
  • c7f9125 Merge pull request #2248 from github/update-v3.25.1-c4fb45143
  • 1c7e8b2 Update changelog for v3.25.1
  • c4fb451 Merge pull request #2245 from github/henrymercer/ignore-already-specified-flags
  • 556b3bc Add changelog note
  • ef66aea Merge branch 'main' into henrymercer/ignore-already-specified-flags
  • 9b87e0a Merge pull request #2241 from github/nickfyson/speculative-script-fix
  • 18111b6 Merge pull request #2235 from github/henrymercer/autobuild-with-direct-tracing
  • ade98b9 Ensure --overwrite flag is only passed once
  • 8566d50 Add regression test for double --overwrite
  • 453a956 Merge pull request #2243 from github/dependabot/npm_and_yarn/npm-9b31496ffc
  • Additional commits viewable in compare view

Updates `actions/upload-artifact` from 4.3.1 to 4.3.2
Release notes

Sourced from actions/upload-artifact's releases.

v4.3.2

What's Changed

New Contributors

Full Changelog: https://github.com/actions/upload-artifact/compare/v4.3.1...v4.3.2

Commits
  • 1746f4a Revert "updating to release 4.3.2"
  • 31685d0 updating to release 4.3.2
  • 18bf333 Merge pull request #562 from actions/eggyhead/update-artifact-v215
  • dac413b update package lock version
  • bb3b4a3 updating package version
  • 3e3da83 updating artifact and core dependencies
  • e35774f Merge pull request #561 from actions/robherley/deprecation-notice
  • e63ea67 Update readme with v3/v2/v1 deprecation notice
  • ef09cda Merge pull request #523 from andrewakim/andrewakim/migration-readme-fix
  • 00e36f9 Minor fix to the migration readme
  • Additional commits viewable in compare view

Updates `actions/download-artifact` from 4.1.4 to 4.1.5
Release notes

Sourced from actions/download-artifact's releases.

v4.1.5

What's Changed

Full Changelog: https://github.com/actions/download-artifact/compare/v4.1.4...v4.1.5

Commits
  • 8caf195 package lock update
  • d7a2ec4 updating package version
  • e56a1d4 updating core dependency
  • 1fcda58 updating core license
  • 325a10d updating actions dependency to v2.1.5
  • f8aaee4 Merge pull request #322 from actions/robherley/deprecation-notice
  • d98334b Update readme with v3/v2/v1 deprecation notice
  • See full diff in compare view

Updates `slackapi/slack-github-action` from 1.25.0 to 1.26.0
Release notes

Sourced from slackapi/slack-github-action's releases.

Slack Send V1.26.0

What's Changed

This release provides an escape hatch for sending the JSON content of a payload file exactly as is, without replacing any templated variables!

Previously a payload file was parsed and templated variables were replaced with values from github.context and github.env. Any undefined variables were replaced with ??? in this process, which might have caused questions.

That remains the default behavior, but now the JSON contents of a payload file can be sent exactly as written by setting the payload-file-path-parsed input to false:

- name: Send custom JSON data to Slack workflow
  id: slack
  uses: slackapi/slack-github-action@v1.26.0
  with:
    payload-file-path: "./payload-slack-content.json"
    payload-file-path-parsed: false
  env:
    SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}

With this change, the contents of the example payload-slack-content.json will be sent to a webhook URL exactly as is!

Recent commits

Enhancements

Documentation

Maintenance

Dependencies

New Contributors

... (truncated)

Commits
  • 70cd7be Automatic compilation
  • 53b162f chore(release): tag release v1.26.0
  • 47d8e42 feat: introduce an option to send payload file json without replacing variabl...
  • d447374 Bump eslint-plugin-jsdoc from 48.2.1 to 48.2.2 (#302)
  • b638b31 Bump axios from 1.6.7 to 1.6.8 (#301)
  • c76311a Bump mocha from 10.3.0 to 10.4.0 (#300)
  • d4358d2 docs(readme): adjust whitespace in env assignment (#296)
  • cb3763e ci(test): share environment secrets with pull requests from forked prs (#297)
  • 86bebf8 Bump @​slack/web-api from 6.12.0 to 7.0.2 (#287)
  • efa31bf Bump https-proxy-agent from 7.0.2 to 7.0.4 (#290)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/annotate_pr.yaml | 2 +- .github/workflows/codeql.yml | 6 +++--- .github/workflows/nightly.yaml | 4 ++-- .github/workflows/pr.yaml | 2 +- .github/workflows/scorecard.yml | 4 ++-- .github/workflows/upgrade_trunk.yaml | 2 +- .github/workflows/upload_results.reusable.yaml | 14 +++++++------- 7 files changed, 17 insertions(+), 17 deletions(-) diff --git a/.github/workflows/annotate_pr.yaml b/.github/workflows/annotate_pr.yaml index 2a3c1ccb3..ccd507cf4 100644 --- a/.github/workflows/annotate_pr.yaml +++ b/.github/workflows/annotate_pr.yaml @@ -18,7 +18,7 @@ jobs: uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Trunk Check - uses: trunk-io/trunk-action@540e7fe497a45ae76370d26d95cc249059c4ac3a # v1.1.12 + uses: trunk-io/trunk-action@da67635060feab46c164bc130690e61864a5d13b # v1.1.13 with: post-annotations: true # This job may fail when the PR was not run on a fork, and that's okay diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index af3b11dcf..ed448edfb 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -34,7 +34,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@df5a14dc28094dc936e103b37d749c6628682b60 # v3.25.0 + uses: github/codeql-action/init@c7f9125735019aa87cfc361530512d50ea439c71 # v3.25.1 # Override language selection by uncommenting this and choosing your languages with: languages: javascript @@ -42,7 +42,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java). # If this step fails, then you should remove it and run the build manually (see below). - name: Autobuild - uses: github/codeql-action/autobuild@df5a14dc28094dc936e103b37d749c6628682b60 # v3.25.0 + uses: github/codeql-action/autobuild@c7f9125735019aa87cfc361530512d50ea439c71 # v3.25.1 # ℹ️ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -56,4 +56,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@df5a14dc28094dc936e103b37d749c6628682b60 # v3.25.0 + uses: github/codeql-action/analyze@c7f9125735019aa87cfc361530512d50ea439c71 # v3.25.1 diff --git a/.github/workflows/nightly.yaml b/.github/workflows/nightly.yaml index ba6cc893f..f41a3dc78 100644 --- a/.github/workflows/nightly.yaml +++ b/.github/workflows/nightly.yaml @@ -179,7 +179,7 @@ jobs: - name: Upload Test Outputs for Upload Job # Only upload results from latest. Always run, except when cancelled. if: (failure() || success()) && matrix.linter-version == 'Latest' - uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 + uses: actions/upload-artifact@1746f4ab65b179e0ea60a494b83293b640dd5bba # v4.3.2 with: name: ${{ matrix.results-file }}-test-results path: ${{ matrix.results-file }}-res.json @@ -238,7 +238,7 @@ jobs: - name: Upload Test Outputs for Notification Job # Always run, except when cancelled. if: (failure() || success()) - uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 + uses: actions/upload-artifact@1746f4ab65b179e0ea60a494b83293b640dd5bba # v4.3.2 with: name: tools-${{ matrix.results-file }}-test-results path: ${{ matrix.results-file }}-res.json diff --git a/.github/workflows/pr.yaml b/.github/workflows/pr.yaml index 539771169..d1a661a45 100644 --- a/.github/workflows/pr.yaml +++ b/.github/workflows/pr.yaml @@ -228,7 +228,7 @@ jobs: lfs: true - name: Trunk Check - uses: trunk-io/trunk-action@540e7fe497a45ae76370d26d95cc249059c4ac3a + uses: trunk-io/trunk-action@da67635060feab46c164bc130690e61864a5d13b env: TRUNK_GITHUB_CHECK_RUN_TITLE: Trunk Check diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 1ca8497b8..9000fe624 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -57,7 +57,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: Upload artifact - uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 + uses: actions/upload-artifact@1746f4ab65b179e0ea60a494b83293b640dd5bba # v4.3.2 with: name: SARIF file path: results.sarif @@ -65,6 +65,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: Upload to code-scanning - uses: github/codeql-action/upload-sarif@df5a14dc28094dc936e103b37d749c6628682b60 # v3.25.0 + uses: github/codeql-action/upload-sarif@c7f9125735019aa87cfc361530512d50ea439c71 # v3.25.1 with: sarif_file: results.sarif diff --git a/.github/workflows/upgrade_trunk.yaml b/.github/workflows/upgrade_trunk.yaml index c5d1bdebc..07cb87ff4 100644 --- a/.github/workflows/upgrade_trunk.yaml +++ b/.github/workflows/upgrade_trunk.yaml @@ -26,7 +26,7 @@ jobs: private_key: ${{ secrets.TRUNK_OPEN_PR_APP_PRIVATE_KEY }} - name: Trunk Upgrade - uses: trunk-io/trunk-action/upgrade@540e7fe497a45ae76370d26d95cc249059c4ac3a + uses: trunk-io/trunk-action/upgrade@da67635060feab46c164bc130690e61864a5d13b with: arguments: -n --bleeding-edge github-token: ${{ steps.generate-token.outputs.token }} diff --git a/.github/workflows/upload_results.reusable.yaml b/.github/workflows/upload_results.reusable.yaml index 40c99007e..bd50432f3 100644 --- a/.github/workflows/upload_results.reusable.yaml +++ b/.github/workflows/upload_results.reusable.yaml @@ -60,21 +60,21 @@ jobs: - name: Retrieve Test Outputs ubuntu id: download-ubuntu - uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 # v4.1.4 + uses: actions/download-artifact@8caf195ad4b1dee92908e23f56eeb0696f1dd42d # v4.1.5 continue-on-error: true with: name: ${{ inputs.results-prefix }}ubuntu-latest-test-results - name: Retrieve Test Outputs macOS id: download-macos - uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 # v4.1.4 + uses: actions/download-artifact@8caf195ad4b1dee92908e23f56eeb0696f1dd42d # v4.1.5 continue-on-error: true with: name: ${{ inputs.results-prefix }}macos-latest-test-results - name: Retrieve Test Outputs Windows id: download-windows - uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 # v4.1.4 + uses: actions/download-artifact@8caf195ad4b1dee92908e23f56eeb0696f1dd42d # v4.1.5 continue-on-error: true with: name: ${{ inputs.results-prefix }}windows-latest-test-results @@ -96,7 +96,7 @@ jobs: echo "::endgroup::" - name: Slack Notification For Missing Artifacts - uses: slackapi/slack-github-action@6c661ce58804a1a20f6dc5fbee7f0381b469e001 # v1.25.0 + uses: slackapi/slack-github-action@70cd7be8e40a46e8b0eced40b0de447bdb42f68e # v1.26.0 if: steps.download-ubuntu.outcome == 'failure' || steps.download-macos.outcome == 'failure' || steps.download-windows.outcome == 'failure' @@ -179,7 +179,7 @@ jobs: # Slack notifications - name: Slack Notification For Failures - uses: slackapi/slack-github-action@6c661ce58804a1a20f6dc5fbee7f0381b469e001 # v1.25.0 + uses: slackapi/slack-github-action@70cd7be8e40a46e8b0eced40b0de447bdb42f68e # v1.26.0 if: always() && steps.parse.outputs.failures == 'true' with: channel-id: ${{ env.SLACK_CHANNEL_ID }} @@ -188,7 +188,7 @@ jobs: SLACK_BOT_TOKEN: ${{ secrets.TRUNKBOT_SLACK_BOT_TOKEN }} - name: Slack Notification For Staging Upload Failure - uses: slackapi/slack-github-action@6c661ce58804a1a20f6dc5fbee7f0381b469e001 # v1.25.0 + uses: slackapi/slack-github-action@70cd7be8e40a46e8b0eced40b0de447bdb42f68e # v1.26.0 if: inputs.upload-validated-versions == true && steps.upload-staging.outcome == 'failure' with: channel-id: ${{ env.SLACK_CHANNEL_ID }} @@ -209,7 +209,7 @@ jobs: SLACK_BOT_TOKEN: ${{ secrets.TRUNKBOT_SLACK_BOT_TOKEN }} - name: Slack Notification For Prod Upload Failure - uses: slackapi/slack-github-action@6c661ce58804a1a20f6dc5fbee7f0381b469e001 # v1.25.0 + uses: slackapi/slack-github-action@70cd7be8e40a46e8b0eced40b0de447bdb42f68e # v1.26.0 if: inputs.upload-validated-versions == true && steps.upload-prod.outcome == 'failure' with: channel-id: ${{ env.SLACK_CHANNEL_ID }} From 6dc58bc66df7c060b04a88c9b0ac150cbbf84401 Mon Sep 17 00:00:00 2001 From: "trunk-open-pr-bot[bot]" <131314627+trunk-open-pr-bot[bot]@users.noreply.github.com> Date: Mon, 22 Apr 2024 19:14:44 -0700 Subject: [PATCH 4/5] Upgrade trunk to 1.21.1-beta.43 (#748) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![Trunk](https://static.trunk.io/assets/trunk_action_upgrade_banner.png)](https://trunk.io) cli upgraded: 1.21.1-beta.20 → 1.21.1-beta.43 2 tools were upgraded: - clangd 17.0.3 → 18.1.3 - clangd-indexing-tools 17.0.3 → 18.1.3 This PR was generated by the [Trunk Action]. For more info, see our [docs] or reach out on [Slack]. [Trunk Action]: https://github.com/trunk-io/trunk-action [docs]: https://docs.trunk.io [Slack]: https://slack.trunk.io/ Co-authored-by: TylerJang27 <42743566+TylerJang27@users.noreply.github.com> --- .trunk/trunk.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.trunk/trunk.yaml b/.trunk/trunk.yaml index 4638cf0ef..2560edf1d 100644 --- a/.trunk/trunk.yaml +++ b/.trunk/trunk.yaml @@ -2,7 +2,7 @@ version: 0.1 # version used for local trunk runs and testing cli: - version: 1.21.1-beta.20 + version: 1.21.1-beta.43 shell_hooks: enforce: true @@ -79,8 +79,8 @@ actions: - tool-test-helper tools: enabled: - - clangd-indexing-tools@17.0.3 - - clangd@17.0.3 + - clangd-indexing-tools@18.1.3 + - clangd@18.1.3 runtimes: # expose shims in .trunk/tools - node From 3fe6dc6d24532d8935fed3a8c7d3aad3eddfd6b7 Mon Sep 17 00:00:00 2001 From: Yu Ishikawa Date: Wed, 24 Apr 2024 06:23:02 +0900 Subject: [PATCH 5/5] Not suggest terrascan (#744) terrascan is no longer actively maintained. So, it would be good not to suggest even if related files exist. --------- Co-authored-by: Tyler Jang --- linters/terrascan/plugin.yaml | 3 ++- tests/repo_tests/config_check.test.ts | 1 - 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/linters/terrascan/plugin.yaml b/linters/terrascan/plugin.yaml index b11b9db38..e166ee074 100644 --- a/linters/terrascan/plugin.yaml +++ b/linters/terrascan/plugin.yaml @@ -22,7 +22,8 @@ lint: - name: terrascan tools: [terrascan] known_good_version: 1.18.1 - suggest_if: files_present + # terrascan does not support some modern terraform syntax. Don't auto-recommend. + suggest_if: never commands: - name: lint output: sarif diff --git a/tests/repo_tests/config_check.test.ts b/tests/repo_tests/config_check.test.ts index 725f97f95..d2b964c96 100644 --- a/tests/repo_tests/config_check.test.ts +++ b/tests/repo_tests/config_check.test.ts @@ -165,7 +165,6 @@ describe("Global config health check", () => { "shfmt", "svgo", "taplo", - "terrascan", "tflint", "trivy", "trufflehog",