Skip to content

Chore updates #66

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
philpennock merged 2 commits into from
Jan 28, 2026
Merged

Chore updates #66

philpennock merged 2 commits into from
Jan 28, 2026

Conversation

@philpennock
Copy link
Contributor

@philpennock philpennock commented Jan 28, 2026

  • Bump GitHub Actions versions
  • zizmor cleanups for newer zizmor

@philpennock
chore: GitHub Actions version updates
25f9db7 
Ran: pinact run -u
@philpennock
chore: zizmor cleanups
7f5653a 
Set `concurrency` controls appropriately.

Line-item explanations for permissions in version-update.yaml.

For zizmor v1.22.0 this leaves us clean under the pedantic persona; the auditor
persona notes that the checkout enables credential persistence, but that's
required for this workflow.
@philpennock philpennock requested review from a team and Copilot January 28, 2026 16:09
@philpennock philpennock enabled auto-merge January 28, 2026 16:09
Copilot AI reviewed Jan 28, 2026
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR performs routine maintenance updates to GitHub Actions workflows, including version bumps for multiple actions and the addition of concurrency controls recommended by zizmor (a GitHub Actions security auditing tool).

Changes:

  • Added concurrency blocks to all three workflow files to prevent concurrent runs from interfering with each other
  • Updated GitHub Actions to newer versions (actions/checkout v4→v6, actions/setup-go v5→v6, peter-evans/create-pull-request v7→v8, github/codeql-action v3→v4, goreleaser/goreleaser-action v6.3→v6.4, sigstore/cosign-installer v3→v4)
  • Added inline comments explaining permission requirements in version-update.yaml

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated no comments.

File Description
.github/workflows/version-update.yaml Added concurrency control and updated actions/checkout to v6.0.2 and peter-evans/create-pull-request to v8.1.0, with clarifying comments on permissions
.github/workflows/powershell.yml Added concurrency control and updated actions/checkout to v6.0.2 and github/codeql-action to v4.32.0
.github/workflows/nightly.yaml Added concurrency control and updated four actions: actions/checkout to v6.0.2, actions/setup-go to v6.2.0, goreleaser/goreleaser-action to v6.4.0, and sigstore/cosign-installer to v4.0.0

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

samuelattwood
samuelattwood approved these changes Jan 28, 2026
View reviewed changes
Copy link

@samuelattwood samuelattwood left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@philpennock philpennock merged commit fb2acac into main Jan 28, 2026
9 checks passed
@philpennock philpennock deleted the pdp/chore-updates branch January 28, 2026 17:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@samuelattwood samuelattwood samuelattwood approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@philpennock @samuelattwood