Julien Goux
f55616e35e
fix: cache licensed action ( #422 )
...
## Summary
Automate license cache refreshes during the Licensed CI check.
## Details
The Licensed workflow previously ran `licensed status` directly against
the committed `.licenses` cache. Dependabot dependency bumps could fail
when the cache was stale or missing records, even when the new
dependency licenses were allowed.
This updates the check job to run `licensed cache` before `licensed
status`, so CI refreshes dependency records in the ephemeral checkout
before enforcing the license policy.
## Expected behavior
The Licensed workflow should now only fail when Licensed detects an
invalid, missing, or disallowed license, not merely because committed
cache records are stale.
2026-05-06 16:52:27 +00:00
dependabot[bot]
2df3f5f50e
chore(deps): bump the actions-minor-patch group across 1 directory with 3 updates ( #418 )
...
Bumps the actions-minor-patch group with 3 updates in the / directory:
[dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata ),
[actions/create-github-app-token](https://github.com/actions/create-github-app-token )
and [ruby/setup-ruby](https://github.com/ruby/setup-ruby ).
Updates `dependabot/fetch-metadata` from 3.0.0 to 3.1.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/dependabot/fetch-metadata/releases ">dependabot/fetch-metadata's
releases</a>.</em></p>
<blockquote>
<h2>v3.1.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Add permissions to all workflows by <a
href="https://github.com/truggeri "><code>@truggeri</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/687 ">dependabot/fetch-metadata#687</a></li>
<li>build(deps-dev): bump globals from 16.0.0 to 17.4.0 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/690 ">dependabot/fetch-metadata#690</a></li>
<li>build(deps-dev): bump esbuild from 0.27.4 to 0.28.0 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/693 ">dependabot/fetch-metadata#693</a></li>
<li>build(deps-dev): bump <code>@hono/node-server</code> from 1.19.10
to 1.19.13 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/694 ">dependabot/fetch-metadata#694</a></li>
<li>build(deps-dev): bump hono from 4.12.7 to 4.12.12 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/695 ">dependabot/fetch-metadata#695</a></li>
<li>Dynamically update the tracking tag in action by <a
href="https://github.com/truggeri "><code>@truggeri</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/696 ">dependabot/fetch-metadata#696</a></li>
<li>fix: handle duplicate dependency names in parseMetadataLinks by <a
href="https://github.com/devantler "><code>@devantler</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/700 ">dependabot/fetch-metadata#700</a></li>
<li>fix: remove $ anchor from updateFragment regex to handle pip
directory suffixes by <a
href="https://github.com/devantler "><code>@devantler</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/698 ">dependabot/fetch-metadata#698</a></li>
<li>Updates to README for permissions clarification by <a
href="https://github.com/truggeri "><code>@truggeri</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/697 ">dependabot/fetch-metadata#697</a></li>
<li>fix: resolve update-type null for Python, Composer, and Terraform
PRs by <a
href="https://github.com/vitorsdcs "><code>@vitorsdcs</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/704 ">dependabot/fetch-metadata#704</a></li>
<li>build(deps-dev): bump globals from 17.4.0 to 17.5.0 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/703 ">dependabot/fetch-metadata#703</a></li>
<li>build(deps): bump actions/create-github-app-token from 3.0.0 to
3.1.1 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/701 ">dependabot/fetch-metadata#701</a></li>
<li>build(deps): bump <code>@actions/github</code> from 9.0.0 to 9.1.0
in the dependencies group across 1 directory by <a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/702 ">dependabot/fetch-metadata#702</a></li>
<li>build(deps-dev): bump hono from 4.12.12 to 4.12.14 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/705 ">dependabot/fetch-metadata#705</a></li>
<li>v3.1.0 by <a
href="https://github.com/fetch-metadata-action-automation "><code>@fetch-metadata-action-automation</code></a>[bot]
in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/692 ">dependabot/fetch-metadata#692</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/devantler "><code>@devantler</code></a>
made their first contribution in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/700 ">dependabot/fetch-metadata#700</a></li>
<li><a href="https://github.com/vitorsdcs "><code>@vitorsdcs</code></a>
made their first contribution in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/704 ">dependabot/fetch-metadata#704</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/dependabot/fetch-metadata/compare/v3...v3.1.0 ">https://github.com/dependabot/fetch-metadata/compare/v3...v3.1.0 </a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="25dd0e34f4https://redirect.github.com/dependabot/fetch-metadata/issues/692 ">#692</a>)</li>
<li><a
href="e073f50d73https://redirect.github.com/dependabot/fetch-metadata/issues/705 ">#705</a>
from dependabot/dependabot/npm_and_yarn/hono-4.12.14</li>
<li><a
href="0670e167df7a7fe10a42https://redirect.github.com/dependabot/fetch-metadata/issues/702 ">#702</a>
from dependabot/dependabot/npm_and_yarn/dependencies-...</li>
<li><a
href="5168191cea23882e175b1072469591https://redirect.github.com/dependabot/fetch-metadata/issues/701 ">#701</a>
from dependabot/dependabot/github_actions/actions/cre...</li>
<li><a
href="43f8a0055cb4d904a509https://redirect.github.com/dependabot/fetch-metadata/issues/703 ">#703</a>
from dependabot/dependabot/npm_and_yarn/globals-17.5.0</li>
<li><a
href="c8046bb877ffa630c65f...25dd0e34f4https://github.com/actions/create-github-app-token/releases ">actions/create-github-app-token's
releases</a>.</em></p>
<blockquote>
<h2>v3.1.1</h2>
<h2><a
href="https://github.com/actions/create-github-app-token/compare/v3.1.0...v3.1.1 ">3.1.1</a>
(2026-04-11)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>improve error message when app identifier is empty (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/362 ">#362</a>)
(<a
href="07e2b76066https://redirect.github.com/actions/create-github-app-token/issues/249 ">#249</a></li>
</ul>
<h2>v3.1.0</h2>
<h1><a
href="https://github.com/actions/create-github-app-token/compare/v3.0.0...v3.1.0 ">3.1.0</a>
(2026-04-11)</h1>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> bump p-retry from 7.1.1 to 8.0.0 (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/357 ">#357</a>)
(<a
href="3bbe07d928https://redirect.github.com/actions/create-github-app-token/issues/353 ">#353</a>)
(<a
href="e6bd4e6970https://redirect.github.com/actions/create-github-app-token/issues/358 ">#358</a>)
(<a
href="076e9480ca1b10c78c7807e2b76066https://redirect.github.com/actions/create-github-app-token/issues/362 ">#362</a>)</li>
<li><a
href="ea0121618bhttps://redirect.github.com/actions/create-github-app-token/issues/361 ">#361</a>)</li>
<li><a
href="7bd0371149e6bd4e6970https://redirect.github.com/actions/create-github-app-token/issues/353 ">#353</a>)</li>
<li><a
href="076e9480cahttps://redirect.github.com/actions/create-github-app-token/issues/358 ">#358</a>)</li>
<li><a
href="3bbe07d928https://redirect.github.com/actions/create-github-app-token/issues/357 ">#357</a>)</li>
<li><a
href="28a99e369c4df50600ef4843c538d9f8d387b68d...1b10c78c78https://github.com/ruby/setup-ruby/releases ">ruby/setup-ruby's
releases</a>.</em></p>
<blockquote>
<h2>v1.302.0</h2>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/ruby/setup-ruby/compare/v1.301.0...v1.302.0 ">https://github.com/ruby/setup-ruby/compare/v1.301.0...v1.302.0 </a></p>
<h2>v1.301.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Add truffleruby-34.0.0,truffleruby+graalvm-34.0.0 by <a
href="https://github.com/ruby-builder-bot "><code>@ruby-builder-bot</code></a>
in <a
href="https://redirect.github.com/ruby/setup-ruby/pull/901 ">ruby/setup-ruby#901</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/ruby/setup-ruby/compare/v1.300.0...v1.301.0 ">https://github.com/ruby/setup-ruby/compare/v1.300.0...v1.301.0 </a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="7372622e624c56a212805d9c71d71be65c17d16e...7372622e62support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Julien Goux <hi@jgoux.dev >
2026-04-21 13:36:29 +00:00
Julien Goux
c099ad8c4a
fix: auto-approval and refine dependabot policy ( #412 )
...
## What changed
This updates our Dependabot policy to reduce routine dependency-update
noise while keeping minor and patch updates moving automatically.
- Configure Dependabot to run weekly on Tuesday at 09:00 Europe/Paris
for both `github-actions` and `bun`
- Group all minor and patch updates per ecosystem:
- one GitHub Actions update PR
- one Bun dependency update PR
- Keep major updates ungrouped so Dependabot opens individual PRs for
manual review
- Reduce routine open Dependabot PRs to one per ecosystem
- Add cooldown windows so Dependabot avoids immediately chasing fresh
releases:
- 7 days for minor updates
- 2 days for patch updates
- Update the Dependabot automerge workflow to generate a GitHub App
token before approving PRs
- Auto-approve and enable automerge only for patch and minor updates,
including `0.x` minors
- Leave major update PRs for human review and merge
## Why
Dependabot was not able to approve/automerge PRs using the default
token. This follows the GitHub App token pattern recommended by
security, while also tuning Dependabot for a better signal-to-noise
ratio.
The resulting behavior is:
- minor/patch updates are batched weekly and can merge after CI passes
- major updates still appear, but individually and without automerge
- security updates remain handled by Dependabot/GitHub outside the
routine grouping policy
2026-04-10 08:25:40 +00:00
Julien Goux
7fef86c665
fix: licensed workflow trigger ( #413 )
...
As a required action, the Licensed workflow wasn't always firing which
blocks PR from being merged.
2026-04-10 10:08:57 +02:00
dependabot[bot]
24d47d8ec3
chore(deps): bump ruby/setup-ruby from 1.299.0 to 1.300.0 in the actions-minor group ( #407 )
...
Bumps the actions-minor group with 1 update:
[ruby/setup-ruby](https://github.com/ruby/setup-ruby ).
Updates `ruby/setup-ruby` from 1.299.0 to 1.300.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/ruby/setup-ruby/releases ">ruby/setup-ruby's
releases</a>.</em></p>
<blockquote>
<h2>v1.300.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Refactor matrix script by <a
href="https://github.com/ntkme "><code>@ntkme</code></a> in <a
href="https://redirect.github.com/ruby/setup-ruby/pull/897 ">ruby/setup-ruby#897</a></li>
<li>Add jruby-10.0.5.0 by <a
href="https://github.com/ruby-builder-bot "><code>@ruby-builder-bot</code></a>
in <a
href="https://redirect.github.com/ruby/setup-ruby/pull/900 ">ruby/setup-ruby#900</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/ruby/setup-ruby/compare/v1.299.0...v1.300.0 ">https://github.com/ruby/setup-ruby/compare/v1.299.0...v1.300.0 </a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="e65c17d16eba696adf552327de0bdc3ff19f5e2b...e65c17d16ehttps://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ruby/setup-ruby&package-manager=github_actions&previous-version=1.299.0&new-version=1.300.0 )](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
</details>
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-04-10 08:55:18 +02:00
Julien Goux
2eca1b4d35
chore: prepare for v2.0.0 ( #405 )
...
## Summary
This PR prepares `supabase/setup-cli` for `v2.0.0`.
The main goal of this release is to simplify the action and modernize
the repo/tooling around a Bun-based implementation, while tightening
workflows, tests, and documentation.
## What Changed
### Action runtime
- switched the action from a Node/compiled `dist` runtime to a Bun-based
composite action
- removed the checked-in `dist/` output entirely
- simplified the action source down to a single runtime file in
`src/main.ts`
- kept the public action interface the same:
- `with.version`
- `outputs.version`
### Tooling
- switched package management and local tooling from npm to Bun
- removed Rollup and the build step
- replaced Jest with Bun’s native test runner
- replaced Prettier with `oxfmt`
- replaced ESLint with `oxlint`
- enabled type-aware/type-check linting with `oxlint-tsgolint`
- simplified TypeScript config to a single `tsconfig.json` extending
`@tsconfig/bun`
### Tests
- moved tests next to the runtime source
- rewrote tests to focus on meaningful user-facing action behavior
- added coverage for:
- default entrypoint execution
- latest version installs
- legacy version installs
- modern pinned version installs
- failure when the installed CLI cannot report a version
- action code coverage is now `100%`
### Workflows
- renamed workflow files for clarity:
- `test.yml` -> `ci.yml`
- `start.yml` -> `e2e.yml`
- updated workflow/job naming so required checks are clean and stable:
- `CI`
- `E2E`
- `CodeQL`
- `Licensed`
- added aggregate PR-facing checks so branch protection does not need
matrix legs
- made CI and E2E skip heavy jobs on draft PRs
- made E2E run automatically on ready PRs and new commits
- simplified CodeQL config by removing the separate config file
- updated action pins to current releases using commit SHAs
- refined Dependabot for Bun-era updates and non-major auto-merge
### Docs
- refreshed `README.md` and `docs/index.md` for the new v2 behavior
- updated examples to use `@v2`
- added a practical example for exporting local Supabase env vars after
`supabase start`
- removed stale references to old local/dev flows
## Breaking / Notable Changes
- the action now runs as a Bun-based composite action instead of a
prebuilt JavaScript action
- no checked-in `dist/` artifacts anymore
- self-hosted runners now need the prerequisites expected by the
composite action path:
- `bash`
- network access to install Bun/dependencies and download the Supabase
CLI
## Validation
Verified locally with:
- `bun run format:check`
- `bun run lint`
- `bun test`
- `bun run ci`
Also updated workflows and branch-protection-friendly check names so PR
validation is cleaner going forward.
## Follow-up
After merge, branch protection should require only:
- `CI`
- `E2E`
- `CodeQL`
- `Licensed`
---------
Co-authored-by: licensed-ci <licensed-ci@users.noreply.github.com >
2026-04-03 17:51:37 +02:00
Etienne Stalmans
60645042c4
chore: pin actions to sha ( #402 )
2026-04-03 08:10:59 +02:00
dependabot[bot]
378c226754
chore(deps): bump actions/checkout from 4 to 5 ( #342 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4 to 5.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v4...v5 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-version: '5'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-08-12 05:59:58 +00:00
Han Qiao
b60b5899c7
chore: migrate to esm ( #334 )
...
* chore: update unit tests
* fix: follow latest action template
* chore: add licenses and workflows
* chore: remove bloat
* chore: fix linter
2025-07-23 15:04:43 +08:00
Qiao Han
6c3c96bfbe
chore: exclude pg17 from v1 test matrix
2025-07-23 00:37:03 +08:00
dependabot[bot]
821f876aaa
chore(deps-dev): bump prettier from 2.8.8 to 3.6.2 ( #331 )
...
* chore(deps-dev): bump prettier from 2.8.8 to 3.6.2
Bumps [prettier](https://github.com/prettier/prettier ) from 2.8.8 to 3.6.2.
- [Release notes](https://github.com/prettier/prettier/releases )
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md )
- [Commits](https://github.com/prettier/prettier/compare/2.8.8...3.6.2 )
---
updated-dependencies:
- dependency-name: prettier
dependency-version: 3.6.2
dependency-type: direct:development
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
* chore: update all dependencies
* chore: bump action versions
* chore: update eslint config
---------
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Qiao Han <qiao@supabase.io >
2025-07-22 23:59:11 +08:00
Stephen Morgan
502f641bbb
ci: explicit permissions on actions ( #326 )
2025-07-22 21:45:38 +08:00
Han Qiao
d347ba47d3
feat: bump default cli version to v2 ( #324 )
...
fix: bump default cli version to v2
2025-03-21 06:07:54 +08:00
dependabot[bot]
27c884de7e
chore(deps): bump actions/setup-node from 4.0.3 to 4.0.4 ( #302 )
...
Bumps [actions/setup-node](https://github.com/actions/setup-node ) from 4.0.3 to 4.0.4.
- [Release notes](https://github.com/actions/setup-node/releases )
- [Commits](https://github.com/actions/setup-node/compare/v4.0.3...v4.0.4 )
---
updated-dependencies:
- dependency-name: actions/setup-node
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-09-19 20:39:06 +00:00
dependabot[bot]
c58fc565b2
chore(deps): bump actions/setup-node from 4.0.2 to 4.0.3 ( #291 )
...
Bumps [actions/setup-node](https://github.com/actions/setup-node ) from 4.0.2 to 4.0.3.
- [Release notes](https://github.com/actions/setup-node/releases )
- [Commits](https://github.com/actions/setup-node/compare/v4.0.2...v4.0.3 )
---
updated-dependencies:
- dependency-name: actions/setup-node
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-07-09 20:23:38 +00:00
dependabot[bot]
33abed8329
chore(deps): bump dependabot/fetch-metadata from 2.1.0 to 2.2.0 ( #290 )
...
Bumps [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata ) from 2.1.0 to 2.2.0.
- [Release notes](https://github.com/dependabot/fetch-metadata/releases )
- [Commits](https://github.com/dependabot/fetch-metadata/compare/v2.1.0...v2.2.0 )
---
updated-dependencies:
- dependency-name: dependabot/fetch-metadata
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-07-05 20:28:16 +00:00
Abizer Lokhandwala
fe52e8551e
feat: bump default cli version to 1.178.2 ( #287 )
...
* feat: bump default cli version to 1.176.10
* Update action.yml
* Update README.md
* Update README.md
* Update start.yml
---------
Co-authored-by: Han Qiao <sweatybridge@gmail.com >
Co-authored-by: Han Qiao <qiao@supabase.io >
2024-07-03 11:43:50 +08:00
dependabot[bot]
6de0b54d06
chore(deps): bump dependabot/fetch-metadata from 2.0.0 to 2.1.0 ( #276 )
...
Bumps [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata ) from 2.0.0 to 2.1.0.
- [Release notes](https://github.com/dependabot/fetch-metadata/releases )
- [Commits](https://github.com/dependabot/fetch-metadata/compare/v2.0.0...v2.1.0 )
---
updated-dependencies:
- dependency-name: dependabot/fetch-metadata
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-24 20:07:50 +00:00
dependabot[bot]
e997d91b44
chore(deps): bump dependabot/fetch-metadata from 1.7.0 to 2.0.0 ( #273 )
...
Bumps [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata ) from 1.7.0 to 2.0.0.
- [Release notes](https://github.com/dependabot/fetch-metadata/releases )
- [Commits](https://github.com/dependabot/fetch-metadata/compare/v1.7.0...v2.0.0 )
---
updated-dependencies:
- dependency-name: dependabot/fetch-metadata
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-10 11:18:18 +08:00
dependabot[bot]
b2b9846ea7
chore(deps): bump dependabot/fetch-metadata from 1.6.0 to 1.7.0 ( #272 )
...
Bumps [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata ) from 1.6.0 to 1.7.0.
- [Release notes](https://github.com/dependabot/fetch-metadata/releases )
- [Commits](https://github.com/dependabot/fetch-metadata/compare/v1.6.0...v1.7.0 )
---
updated-dependencies:
- dependency-name: dependabot/fetch-metadata
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-21 20:57:33 +00:00
dependabot[bot]
b3404fb29d
chore(deps): bump actions/setup-node from 4.0.1 to 4.0.2 ( #261 )
...
Bumps [actions/setup-node](https://github.com/actions/setup-node ) from 4.0.1 to 4.0.2.
- [Release notes](https://github.com/actions/setup-node/releases )
- [Commits](https://github.com/actions/setup-node/compare/v4.0.1...v4.0.2 )
---
updated-dependencies:
- dependency-name: actions/setup-node
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-07 20:24:36 +00:00
Qiao Han
87162dc7e9
feat: bump default cli version to 1.136.3
2024-01-31 12:44:59 +08:00
Han Qiao
f528525aab
chore: update check-dist.yml for node20 ( #257 )
2024-01-29 00:20:23 +08:00
dependabot[bot]
b838c0954e
chore(deps): bump actions/upload-artifact from 3 to 4 ( #245 )
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 3 to 4.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](https://github.com/actions/upload-artifact/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-19 08:30:10 +00:00
dependabot[bot]
f799022cb1
chore(deps): bump github/codeql-action from 2 to 3 ( #244 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2 to 3.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-19 16:27:34 +08:00
dependabot[bot]
75d7a6c6ec
chore(deps): bump actions/setup-node from 4.0.0 to 4.0.1 ( #246 )
...
Bumps [actions/setup-node](https://github.com/actions/setup-node ) from 4.0.0 to 4.0.1.
- [Release notes](https://github.com/actions/setup-node/releases )
- [Commits](https://github.com/actions/setup-node/compare/v4.0.0...v4.0.1 )
---
updated-dependencies:
- dependency-name: actions/setup-node
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-18 20:21:13 +00:00
Han Qiao
1ed0490d86
chore: update trigger condition for dependabot auto merge
2023-12-18 19:45:37 +08:00
Han Qiao
36b8fc21e1
chore: add pg major version to test matrix ( #243 )
...
* chore: add pg major version to test matrix
* chore: update min version to for pg15 compatibility
2023-12-12 22:49:34 +08:00
Han Qiao
3945a35008
chore: allow manual run of cli start workflow
2023-12-12 22:33:05 +08:00
dependabot[bot]
6f978e9896
chore(deps): bump actions/setup-node from 3.8.1 to 4.0.0 ( #231 )
...
Bumps [actions/setup-node](https://github.com/actions/setup-node ) from 3.8.1 to 4.0.0.
- [Release notes](https://github.com/actions/setup-node/releases )
- [Commits](https://github.com/actions/setup-node/compare/v3.8.1...v4.0.0 )
---
updated-dependencies:
- dependency-name: actions/setup-node
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Han Qiao <qiao@supabase.io >
2023-10-30 04:55:46 +00:00
dependabot[bot]
89203a9ecb
chore(deps): bump actions/checkout from 3 to 4 ( #212 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-11 10:54:29 +08:00
dependabot[bot]
306bbe05ed
chore(deps): bump actions/setup-node from 3.8.0 to 3.8.1 ( #206 )
...
Bumps [actions/setup-node](https://github.com/actions/setup-node ) from 3.8.0 to 3.8.1.
- [Release notes](https://github.com/actions/setup-node/releases )
- [Commits](https://github.com/actions/setup-node/compare/v3.8.0...v3.8.1 )
---
updated-dependencies:
- dependency-name: actions/setup-node
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-08-17 20:53:36 +00:00
dependabot[bot]
62dfc63732
chore(deps): bump actions/setup-node from 3.7.0 to 3.8.0 ( #204 )
...
Bumps [actions/setup-node](https://github.com/actions/setup-node ) from 3.7.0 to 3.8.0.
- [Release notes](https://github.com/actions/setup-node/releases )
- [Commits](https://github.com/actions/setup-node/compare/v3.7.0...v3.8.0 )
---
updated-dependencies:
- dependency-name: actions/setup-node
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-08-14 20:30:15 +00:00
dependabot[bot]
f4e7a0a9c1
chore(deps): bump actions/setup-node from 3.6.0 to 3.7.0 ( #191 )
...
Bumps [actions/setup-node](https://github.com/actions/setup-node ) from 3.6.0 to 3.7.0.
- [Release notes](https://github.com/actions/setup-node/releases )
- [Commits](https://github.com/actions/setup-node/compare/v3.6.0...v3.7.0 )
---
updated-dependencies:
- dependency-name: actions/setup-node
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-05 20:55:37 +00:00
dependabot[bot]
316f9d360a
chore(deps): bump dependabot/fetch-metadata from 1.5.1 to 1.6.0 ( #187 )
...
Bumps [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata ) from 1.5.1 to 1.6.0.
- [Release notes](https://github.com/dependabot/fetch-metadata/releases )
- [Commits](https://github.com/dependabot/fetch-metadata/compare/v1.5.1...v1.6.0 )
---
updated-dependencies:
- dependency-name: dependabot/fetch-metadata
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-27 21:03:14 +00:00
dependabot[bot]
800591067e
chore(deps): bump dependabot/fetch-metadata from 1.5.0 to 1.5.1 ( #174 )
...
Bumps [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata ) from 1.5.0 to 1.5.1.
- [Release notes](https://github.com/dependabot/fetch-metadata/releases )
- [Commits](https://github.com/dependabot/fetch-metadata/compare/v1.5.0...v1.5.1 )
---
updated-dependencies:
- dependency-name: dependabot/fetch-metadata
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-24 21:02:03 +00:00
dependabot[bot]
d5b89739ea
chore(deps): bump dependabot/fetch-metadata from 1.4.0 to 1.5.0 ( #172 )
...
Bumps [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata ) from 1.4.0 to 1.5.0.
- [Release notes](https://github.com/dependabot/fetch-metadata/releases )
- [Commits](https://github.com/dependabot/fetch-metadata/compare/v1.4.0...v1.5.0 )
---
updated-dependencies:
- dependency-name: dependabot/fetch-metadata
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-22 21:05:42 +00:00
dependabot[bot]
3da7e3232b
chore(deps): bump dependabot/fetch-metadata from 1.3.6 to 1.4.0 ( #160 )
...
Bumps [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata ) from 1.3.6 to 1.4.0.
- [Release notes](https://github.com/dependabot/fetch-metadata/releases )
- [Commits](https://github.com/dependabot/fetch-metadata/compare/v1.3.6...v1.4.0 )
---
updated-dependencies:
- dependency-name: dependabot/fetch-metadata
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-18 20:19:55 +00:00
Jongwoo Han
d7405cc5a0
chore: use npm cache in check-dist.yml ( #124 )
...
chore: Use cache in check-dist.yml
Signed-off-by: jongwooo <jongwooo.han@gmail.com >
Co-authored-by: Han Qiao <qiao@supabase.io >
2023-01-30 03:25:46 +00:00
dependabot[bot]
3c43bae0cc
chore(deps): bump dependabot/fetch-metadata from 1.3.5 to 1.3.6 ( #126 )
...
Bumps [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata ) from 1.3.5 to 1.3.6.
- [Release notes](https://github.com/dependabot/fetch-metadata/releases )
- [Commits](https://github.com/dependabot/fetch-metadata/compare/v1.3.5...v1.3.6 )
---
updated-dependencies:
- dependency-name: dependabot/fetch-metadata
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-24 20:12:53 +00:00
dependabot[bot]
7b865bc28c
chore(deps): bump actions/setup-node from 3.5.1 to 3.6.0 ( #117 )
...
Bumps [actions/setup-node](https://github.com/actions/setup-node ) from 3.5.1 to 3.6.0.
- [Release notes](https://github.com/actions/setup-node/releases )
- [Commits](https://github.com/actions/setup-node/compare/v3.5.1...v3.6.0 )
---
updated-dependencies:
- dependency-name: actions/setup-node
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-05 20:12:35 +00:00
Qiao Han
63ceca492b
chore: remove GH_TOKEN from ci
2023-01-04 12:17:50 +08:00
dependabot[bot]
47988e7665
chore(deps): bump dependabot/fetch-metadata from 1.3.4 to 1.3.5 ( #82 )
...
Bumps [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata ) from 1.3.4 to 1.3.5.
- [Release notes](https://github.com/dependabot/fetch-metadata/releases )
- [Commits](https://github.com/dependabot/fetch-metadata/compare/v1.3.4...v1.3.5 )
---
updated-dependencies:
- dependency-name: dependabot/fetch-metadata
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-07 21:03:13 +00:00
Bobbie Soedirgo
b5dccf414b
fix: authenticate action requests to github api ( #78 )
...
* fix: only test on latest
Should help with GitHub API rate limiting
* Update .github/workflows/test.yml
* fix: add github token to workflow
* fix: authenticate with github api
* chore: remove token env
* chore: update dist files
* Revert "chore: remove token env"
This reverts commit 913c7a8e6fqiao@supabase.io >
2022-10-19 16:36:59 +08:00
dependabot[bot]
babc75a12d
chore(deps): bump actions/setup-node from 3.5.0 to 3.5.1 ( #75 )
...
Bumps [actions/setup-node](https://github.com/actions/setup-node ) from 3.5.0 to 3.5.1.
- [Release notes](https://github.com/actions/setup-node/releases )
- [Commits](https://github.com/actions/setup-node/compare/v3.5.0...v3.5.1 )
---
updated-dependencies:
- dependency-name: actions/setup-node
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-10-13 20:38:00 +00:00
Qiao Han
1df8bb6745
chore: add latest version to test matrix
2022-10-12 00:44:04 +08:00
y-yagi
913e9e7c0a
chore: simplify an example of diff checking ( #69 )
...
The original sample hides the result of `git diff`. So if `git diff` returns an
error(e.g. invalid file name specified), the result will be success.
We can use `--exit-code ` option if we only want to know whether differences
exist without depending on other commands.
Ref: https://git-scm.com/docs/git-diff#Documentation/git-diff.txt---exit-code
2022-10-07 10:45:15 +08:00
Qiao Han
3809f2025b
Revert "chore: run e2e more frequently to check reliability"
...
This reverts commit e6bf91f97e
2022-10-03 10:56:28 +08:00
Qiao Han
c7d47c276a
chore: update default cli to 1.5.4
2022-10-02 10:25:08 +08:00
dependabot[bot]
d76b131352
Bump dependabot/fetch-metadata from 1.3.3 to 1.3.4 ( #62 )
...
Bumps [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata ) from 1.3.3 to 1.3.4.
- [Release notes](https://github.com/dependabot/fetch-metadata/releases )
- [Commits](https://github.com/dependabot/fetch-metadata/compare/v1.3.3...v1.3.4 )
---
updated-dependencies:
- dependency-name: dependabot/fetch-metadata
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-09-30 21:50:05 +00:00
