From bbbddda12ba5ef253c38285fd4e369c072025ac1 Mon Sep 17 00:00:00 2001 From: rory Date: Mon, 30 Mar 2026 12:45:51 -0700 Subject: [PATCH 1/3] Migrate off actions-ecosystem PR helpers; bump actions/checkout to v6 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Replace actions-ecosystem/action-get-merged-pull-request with a composite action (.github/actions/composite/getMergedPullRequest) that calls `gh api /repos/{owner}/{repo}/commits/{sha}/pulls` — the same REST endpoint already used in testBuildOnPush.yml. This avoids the 100-PR window limitation of the old action and removes the Node 20 deprecation warning it triggers. Replace actions-ecosystem/action-create-comment in preDeploy.yml's skipDeploy job with a `gh pr comment` run step using the same OS_BOTIFY_TOKEN pattern. Bump every remaining actions/checkout pin from v4 (8ade135) to v6 (de0fac2) across all workflows so the Node 20 deprecation warning is cleared repo-wide. Made-with: Cursor --- .../composite/getMergedPullRequest/action.yml | 65 +++++++++++++++++++ .github/workflows/androidBump.yml | 2 +- .github/workflows/authorChecklist.yml | 4 +- .github/workflows/checkSVGCompression.yml | 4 +- .github/workflows/cherryPick.yml | 3 +- .github/workflows/claude-review.yml | 2 +- .github/workflows/createDeployChecklist.yml | 4 +- .github/workflows/createNewVersion.yml | 4 +- .github/workflows/deploy.yml | 8 +-- .github/workflows/deployBlocker.yml | 4 +- .../workflows/deployBlockerInvestigation.yml | 2 +- .github/workflows/deployExpensifyHelp.yml | 4 +- .github/workflows/deployNewHelp.yml | 6 +- .github/workflows/failureNotifier.yml | 4 +- .github/workflows/finishReleaseCycle.yml | 4 +- .github/workflows/formatCodeCovComment.yml | 4 +- .github/workflows/generateTranslations.yml | 4 +- .github/workflows/lint-changed.yml | 4 +- .github/workflows/lint.yml | 4 +- .github/workflows/lockDeploys.yml | 4 +- .github/workflows/postDeployComments.yml | 4 +- .github/workflows/preDeploy.yml | 19 +++--- .github/workflows/prettier.yml | 4 +- .github/workflows/proposalPolice.yml | 2 +- .../publishReactNativeAndroidArtifacts.yml | 6 +- .../workflows/react-compiler-compliance.yml | 4 +- .../workflows/reassurePerformanceTests.yml | 4 +- .github/workflows/remote-build-android.yml | 4 +- .github/workflows/remote-build-ios.yml | 4 +- .github/workflows/reviewerChecklist.yml | 2 +- .github/workflows/sendReassurePerfData.yml | 6 +- .github/workflows/shellCheck.yml | 4 +- .github/workflows/syncVersions.yml | 4 +- .github/workflows/test.yml | 6 +- .github/workflows/translationDryRun.yml | 4 +- .github/workflows/typecheck.yml | 2 +- .github/workflows/unused-styles.yml | 4 +- .github/workflows/updateHelpDotRedirects.yml | 4 +- .github/workflows/updateProtectedBranch.yml | 4 +- .github/workflows/validateDocsRoutes.yml | 2 +- .github/workflows/validateGithubActions.yml | 4 +- .github/workflows/validatePatches.yml | 2 +- .github/workflows/verifyParserFiles.yml | 4 +- .github/workflows/verifyPodfile.yml | 4 +- .github/workflows/verifySignedCommits.yml | 2 +- .github/workflows/welcome.yml | 4 +- 46 files changed, 161 insertions(+), 92 deletions(-) create mode 100644 .github/actions/composite/getMergedPullRequest/action.yml diff --git a/.github/actions/composite/getMergedPullRequest/action.yml b/.github/actions/composite/getMergedPullRequest/action.yml new file mode 100644 index 000000000000..d4d5663eed85 --- /dev/null +++ b/.github/actions/composite/getMergedPullRequest/action.yml @@ -0,0 +1,65 @@ +name: Get merged pull request +description: > + Given the current push event's commit SHA, finds the pull request that was merged to produce it. + Uses the GitHub "list pull requests associated with a commit" API, which is more reliable than + scanning the most-recent closed PRs list. + +inputs: + github_token: + description: GitHub token used to call the API + required: true + +outputs: + number: + description: The PR number + value: ${{ steps.getMergedPR.outputs.number }} + title: + description: The PR title + value: ${{ steps.getMergedPR.outputs.title }} + body: + description: The PR body + value: ${{ steps.getMergedPR.outputs.body }} + labels: + description: Newline-separated label names + value: ${{ steps.getMergedPR.outputs.labels }} + assignees: + description: Newline-separated assignee logins + value: ${{ steps.getMergedPR.outputs.assignees }} + +runs: + using: composite + steps: + - name: Find merged pull request for this commit + id: getMergedPR + shell: bash + run: | + RESP=$(gh api -H "Accept: application/vnd.github+json" "/repos/${GITHUB_REPOSITORY}/commits/${GITHUB_SHA}/pulls") + + # Prefer the PR whose merge_commit_sha matches exactly (parity with the old action) + PR=$(echo "$RESP" | jq -c "first(.[] | select(.merge_commit_sha == \"${GITHUB_SHA}\"))" 2>/dev/null) + + # Fall back to the first merged PR associated with this commit + if [[ -z "$PR" || "$PR" == "null" ]]; then + PR=$(echo "$RESP" | jq -c 'first(.[] | select(.merged_at != null))' 2>/dev/null) + fi + + if [[ -z "$PR" || "$PR" == "null" ]]; then + echo "::warning::No merged pull request found for commit ${GITHUB_SHA}" + exit 0 + fi + + { + echo "number=$(echo "$PR" | jq -r '.number')" + echo "title=$(echo "$PR" | jq -r '.title')" + echo "body<> "$GITHUB_OUTPUT" + env: + GITHUB_TOKEN: ${{ inputs.github_token }} diff --git a/.github/workflows/androidBump.yml b/.github/workflows/androidBump.yml index a13d42aac0a4..250141a88836 100644 --- a/.github/workflows/androidBump.yml +++ b/.github/workflows/androidBump.yml @@ -10,7 +10,7 @@ jobs: android_bump: runs-on: blacksmith-2vcpu-ubuntu-2404 steps: - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Setup Node uses: ./.github/actions/composite/setupNode diff --git a/.github/workflows/authorChecklist.yml b/.github/workflows/authorChecklist.yml index 7c350c4db8e9..daa44cf625c7 100644 --- a/.github/workflows/authorChecklist.yml +++ b/.github/workflows/authorChecklist.yml @@ -27,8 +27,8 @@ jobs: && github.actor != 'imgbot[bot]' steps: - name: Checkout - # v4 - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + # v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd - name: authorChecklist.ts uses: ./.github/actions/javascript/authorChecklist diff --git a/.github/workflows/checkSVGCompression.yml b/.github/workflows/checkSVGCompression.yml index dfdf438544d9..d6396577428f 100644 --- a/.github/workflows/checkSVGCompression.yml +++ b/.github/workflows/checkSVGCompression.yml @@ -21,8 +21,8 @@ jobs: runs-on: blacksmith-2vcpu-ubuntu-2404 steps: - name: Checkout - # v4 - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + # v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd - name: Setup Node uses: ./.github/actions/composite/setupNode diff --git a/.github/workflows/cherryPick.yml b/.github/workflows/cherryPick.yml index ed5756f5d8cc..ab42c398621e 100644 --- a/.github/workflows/cherryPick.yml +++ b/.github/workflows/cherryPick.yml @@ -74,7 +74,8 @@ jobs: # v4 - name: Checkout target branch - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + # v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd with: ref: ${{ inputs.TARGET }} token: ${{ secrets.OS_BOTIFY_TOKEN }} diff --git a/.github/workflows/claude-review.yml b/.github/workflows/claude-review.yml index 89d2256ec0a6..8ea15f40beb3 100644 --- a/.github/workflows/claude-review.yml +++ b/.github/workflows/claude-review.yml @@ -31,7 +31,7 @@ jobs: PR_NUMBER: ${{ github.event.pull_request.number }} steps: - name: Checkout repository - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 with: fetch-depth: 1 diff --git a/.github/workflows/createDeployChecklist.yml b/.github/workflows/createDeployChecklist.yml index 5999f0f1aeb4..6e36527f9bb7 100644 --- a/.github/workflows/createDeployChecklist.yml +++ b/.github/workflows/createDeployChecklist.yml @@ -9,8 +9,8 @@ jobs: runs-on: blacksmith-2vcpu-ubuntu-2404 steps: - name: Checkout - # v4 - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + # v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd - name: Setup Node uses: ./.github/actions/composite/setupNode diff --git a/.github/workflows/createNewVersion.yml b/.github/workflows/createNewVersion.yml index 7e60d2ff586d..401a26be9883 100644 --- a/.github/workflows/createNewVersion.yml +++ b/.github/workflows/createNewVersion.yml @@ -53,8 +53,8 @@ jobs: GITHUB_TOKEN: ${{ github.token }} - name: Check out - # v4 - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + # v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd with: ref: main submodules: true diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 18354556e4e6..53865bd1af76 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -25,8 +25,8 @@ jobs: IOS_VERSION: ${{ steps.getIOSVersion.outputs.IOS_VERSION }} steps: - name: Checkout - # v4 - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + # v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd with: token: ${{ secrets.OS_BOTIFY_TOKEN }} submodules: true @@ -641,8 +641,8 @@ jobs: needs: [androidBuild, androidUploadGooglePlay, androidUploadBrowserStack, androidUploadApplause, androidSubmit, iosBuild, iosUploadTestflight, iosUploadBrowserStack, iosUploadApplause, iosSubmit, webBuild, webDeploy] steps: - name: Checkout - # v4 - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + # v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd - name: Post Slack message on failure uses: ./.github/actions/composite/announceFailedWorkflowInSlack diff --git a/.github/workflows/deployBlocker.yml b/.github/workflows/deployBlocker.yml index 38942f128c92..941b68ce92f4 100644 --- a/.github/workflows/deployBlocker.yml +++ b/.github/workflows/deployBlocker.yml @@ -16,8 +16,8 @@ jobs: runs-on: blacksmith-2vcpu-ubuntu-2404 steps: - name: Checkout - # v4 - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + # v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd - name: Give the issue/PR the Hourly, Engineering labels run: gh issue edit ${{ github.event.issue.number }} --add-label 'Engineering,Hourly' --remove-label 'Daily,Weekly,Monthly' diff --git a/.github/workflows/deployBlockerInvestigation.yml b/.github/workflows/deployBlockerInvestigation.yml index a6186228db10..7c4f0ce8a2ad 100644 --- a/.github/workflows/deployBlockerInvestigation.yml +++ b/.github/workflows/deployBlockerInvestigation.yml @@ -28,7 +28,7 @@ jobs: ISSUE_URL: ${{ github.event.issue.html_url || inputs.ISSUE_URL }} steps: - name: Checkout App repository - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 with: fetch-depth: 1 diff --git a/.github/workflows/deployExpensifyHelp.yml b/.github/workflows/deployExpensifyHelp.yml index f2b7b0975aeb..00288813427e 100644 --- a/.github/workflows/deployExpensifyHelp.yml +++ b/.github/workflows/deployExpensifyHelp.yml @@ -32,8 +32,8 @@ jobs: continue-on-error: true steps: - name: Checkout - # v4 - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + # v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd with: fetch-depth: 0 diff --git a/.github/workflows/deployNewHelp.yml b/.github/workflows/deployNewHelp.yml index 7fa07d801980..f49a8c3be46f 100644 --- a/.github/workflows/deployNewHelp.yml +++ b/.github/workflows/deployNewHelp.yml @@ -42,8 +42,8 @@ jobs: # We start by checking out the entire repo into a clean build environment within # the Github Action - name: Checkout code - # v4 - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + # v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # Set up Ruby and run bundle install inside the /help directory - name: Set up Ruby @@ -97,7 +97,7 @@ jobs: - name: Get merged pull request if: ${{ github.event_name == 'push' }} id: getMergedPullRequest - uses: actions-ecosystem/action-get-merged-pull-request@59afe90821bb0b555082ce8ff1e36b03f91553d9 + uses: ./.github/actions/composite/getMergedPullRequest with: github_token: ${{ github.token }} diff --git a/.github/workflows/failureNotifier.yml b/.github/workflows/failureNotifier.yml index a9dafe86873a..03d33e27d8f6 100644 --- a/.github/workflows/failureNotifier.yml +++ b/.github/workflows/failureNotifier.yml @@ -16,8 +16,8 @@ jobs: if: ${{ github.event.workflow_run.conclusion == 'failure' }} steps: - name: Checkout - # v4 - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + # v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd - name: Process Failed Jobs uses: ./.github/actions/javascript/failureNotifier diff --git a/.github/workflows/finishReleaseCycle.yml b/.github/workflows/finishReleaseCycle.yml index 8a0e646d07d0..7b938c0304be 100644 --- a/.github/workflows/finishReleaseCycle.yml +++ b/.github/workflows/finishReleaseCycle.yml @@ -13,8 +13,8 @@ jobs: isValid: ${{ fromJSON(steps.isDeployer.outputs.IS_DEPLOYER) && !fromJSON(steps.checkDeployBlockers.outputs.HAS_DEPLOY_BLOCKERS) }} steps: - name: Checkout - # v4 - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + # v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd with: ref: main token: ${{ secrets.OS_BOTIFY_TOKEN }} diff --git a/.github/workflows/formatCodeCovComment.yml b/.github/workflows/formatCodeCovComment.yml index 66ddfca2d9d0..1c007fa1155d 100644 --- a/.github/workflows/formatCodeCovComment.yml +++ b/.github/workflows/formatCodeCovComment.yml @@ -13,8 +13,8 @@ jobs: if: github.event.issue.pull_request && github.event.comment.user.login == 'codecov[bot]' steps: - name: Checkout - # v4 - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + # v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd - name: Format CodeCov Comment uses: ./.github/actions/javascript/formatCodeCovComment with: diff --git a/.github/workflows/generateTranslations.yml b/.github/workflows/generateTranslations.yml index b699d374a674..5a2bd55d58c2 100644 --- a/.github/workflows/generateTranslations.yml +++ b/.github/workflows/generateTranslations.yml @@ -41,9 +41,9 @@ jobs: env: GITHUB_TOKEN: ${{ github.token }} - # v4 + # v6 - name: Checkout - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd with: ref: ${{ steps.pr-data.outputs.HEAD_SHA }} diff --git a/.github/workflows/lint-changed.yml b/.github/workflows/lint-changed.yml index 905e0d14aca6..edbb44e02828 100644 --- a/.github/workflows/lint-changed.yml +++ b/.github/workflows/lint-changed.yml @@ -47,8 +47,8 @@ jobs: REPO: ${{ github.repository }} - name: Checkout - # v4 - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + # v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd with: fetch-depth: ${{ fromJSON(steps.count.outputs.count) }} diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 51a8122d8a25..0616588c67f7 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -18,8 +18,8 @@ jobs: runs-on: blacksmith-4vcpu-ubuntu-2404 steps: - name: Checkout - # v4 - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + # v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd - name: Setup Node uses: ./.github/actions/composite/setupNode diff --git a/.github/workflows/lockDeploys.yml b/.github/workflows/lockDeploys.yml index 377a0c461aa5..ce51ac440876 100644 --- a/.github/workflows/lockDeploys.yml +++ b/.github/workflows/lockDeploys.yml @@ -10,8 +10,8 @@ jobs: runs-on: blacksmith-4vcpu-ubuntu-2404 steps: - name: Checkout - # v4 - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + # v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd - name: Wait for staging deploys to finish uses: ./.github/actions/javascript/awaitStagingDeploys diff --git a/.github/workflows/postDeployComments.yml b/.github/workflows/postDeployComments.yml index 80a741a570a2..ed43031347bb 100644 --- a/.github/workflows/postDeployComments.yml +++ b/.github/workflows/postDeployComments.yml @@ -89,8 +89,8 @@ jobs: runs-on: blacksmith-2vcpu-ubuntu-2404 steps: - name: Checkout - # v4 - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + # v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd - name: Setup Node uses: ./.github/actions/composite/setupNode diff --git a/.github/workflows/preDeploy.yml b/.github/workflows/preDeploy.yml index 4dda19f7d870..0cff914a044f 100644 --- a/.github/workflows/preDeploy.yml +++ b/.github/workflows/preDeploy.yml @@ -26,7 +26,7 @@ jobs: if: ${{ always() }} steps: - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Exit failed workflow if: ${{ needs.typecheck.result == 'failure' || needs.lint.result == 'failure' || needs.test.result == 'failure' }} @@ -42,11 +42,11 @@ jobs: SHOULD_DEPLOY: ${{ fromJSON(steps.shouldDeploy.outputs.SHOULD_DEPLOY) }} steps: - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Get merged pull request id: getMergedPullRequest - uses: actions-ecosystem/action-get-merged-pull-request@59afe90821bb0b555082ce8ff1e36b03f91553d9 + uses: ./.github/actions/composite/getMergedPullRequest with: github_token: ${{ github.token }} @@ -73,12 +73,13 @@ jobs: if: ${{ !fromJSON(needs.chooseDeployActions.outputs.SHOULD_DEPLOY) && github.actor != 'OSBotify' }} steps: - name: Comment on deferred PR - uses: actions-ecosystem/action-create-comment@cd098164398331c50e7dfdd0dfa1b564a1873fac - with: - github_token: ${{ secrets.OS_BOTIFY_TOKEN }} - number: ${{ needs.chooseDeployActions.outputs.MERGED_PR }} - body: | - :hand: This PR was not deployed to staging yet because QA is ongoing. It will be automatically deployed to staging after the next production release. + run: | + gh pr comment ${{ needs.chooseDeployActions.outputs.MERGED_PR }} --body "$(cat <<'EOF' + :hand: This PR was not deployed to staging yet because QA is ongoing. It will be automatically deployed to staging after the next production release. + EOF + )" + env: + GITHUB_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }} createNewVersion: needs: chooseDeployActions diff --git a/.github/workflows/prettier.yml b/.github/workflows/prettier.yml index 0b73612c468f..d1721d294cb4 100644 --- a/.github/workflows/prettier.yml +++ b/.github/workflows/prettier.yml @@ -18,8 +18,8 @@ jobs: runs-on: blacksmith-4vcpu-ubuntu-2404 steps: - name: Checkout - # v4 - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + # v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd - name: Setup Node uses: ./.github/actions/composite/setupNode diff --git a/.github/workflows/proposalPolice.yml b/.github/workflows/proposalPolice.yml index bd6c6e8b37ae..532c22fde149 100644 --- a/.github/workflows/proposalPolice.yml +++ b/.github/workflows/proposalPolice.yml @@ -8,7 +8,7 @@ jobs: runs-on: blacksmith-4vcpu-ubuntu-2404 if: "!contains(fromJSON('[\"OSBotify\", \"imgbot[bot]\", \"melvin-bot[bot]\", \"codecov[bot]\"]'), github.actor)" steps: - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 # Checks if the comment is created and follows the template OR # if the comment is edited and if proposal template is followed. diff --git a/.github/workflows/publishReactNativeAndroidArtifacts.yml b/.github/workflows/publishReactNativeAndroidArtifacts.yml index a8cbd904946c..bf8fec797008 100644 --- a/.github/workflows/publishReactNativeAndroidArtifacts.yml +++ b/.github/workflows/publishReactNativeAndroidArtifacts.yml @@ -32,7 +32,8 @@ jobs: standalone_patches_hash: ${{ steps.getNewPatchesHash.outputs.STANDALONE_APP_HASH }} steps: - name: Checkout - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + # v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd with: submodules: true ref: ${{ github.event.before || 'main' }} @@ -138,7 +139,8 @@ jobs: cancel-in-progress: true steps: - name: Checkout Code - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + # v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd with: submodules: ${{ matrix.is_hybrid }} token: ${{ secrets.OS_BOTIFY_TOKEN }} diff --git a/.github/workflows/react-compiler-compliance.yml b/.github/workflows/react-compiler-compliance.yml index 6e33b400c647..06cbf075e871 100644 --- a/.github/workflows/react-compiler-compliance.yml +++ b/.github/workflows/react-compiler-compliance.yml @@ -17,9 +17,9 @@ jobs: runs-on: blacksmith-4vcpu-ubuntu-2404 steps: - # v4 + # v6 - name: Checkout - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd - name: Setup Node uses: ./.github/actions/composite/setupNode diff --git a/.github/workflows/reassurePerformanceTests.yml b/.github/workflows/reassurePerformanceTests.yml index c8cf0dc16ef0..c3e68b8da619 100644 --- a/.github/workflows/reassurePerformanceTests.yml +++ b/.github/workflows/reassurePerformanceTests.yml @@ -12,8 +12,8 @@ jobs: runs-on: blacksmith-4vcpu-ubuntu-2404 steps: - name: Checkout - # v4 - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + # v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd with: fetch-depth: 0 diff --git a/.github/workflows/remote-build-android.yml b/.github/workflows/remote-build-android.yml index 5afd8521b813..61bf742e3313 100644 --- a/.github/workflows/remote-build-android.yml +++ b/.github/workflows/remote-build-android.yml @@ -30,8 +30,8 @@ jobs: is_hybrid_build: true steps: - name: Checkout - # v4 - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + # v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd with: submodules: ${{ matrix.is_hybrid_build || false }} token: ${{ secrets.OS_BOTIFY_TOKEN }} diff --git a/.github/workflows/remote-build-ios.yml b/.github/workflows/remote-build-ios.yml index 1e93555479e3..22726e6976ad 100644 --- a/.github/workflows/remote-build-ios.yml +++ b/.github/workflows/remote-build-ios.yml @@ -34,8 +34,8 @@ jobs: is_hybrid_build: true steps: - name: Checkout - # v4 - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + # v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd with: submodules: ${{ matrix.is_hybrid_build || false }} token: ${{ secrets.OS_BOTIFY_TOKEN }} diff --git a/.github/workflows/reviewerChecklist.yml b/.github/workflows/reviewerChecklist.yml index ddc8b0400443..2d9a26091054 100644 --- a/.github/workflows/reviewerChecklist.yml +++ b/.github/workflows/reviewerChecklist.yml @@ -9,7 +9,7 @@ jobs: runs-on: blacksmith-4vcpu-ubuntu-2404 if: github.actor != 'OSBotify' && github.actor != 'imgbot[bot]' steps: - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Filter paths uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2 diff --git a/.github/workflows/sendReassurePerfData.yml b/.github/workflows/sendReassurePerfData.yml index 68fbfee7f0bf..a8c043ea9648 100644 --- a/.github/workflows/sendReassurePerfData.yml +++ b/.github/workflows/sendReassurePerfData.yml @@ -11,8 +11,8 @@ jobs: runs-on: blacksmith-4vcpu-ubuntu-2404 steps: - name: Checkout - # v4 - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + # v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd with: fetch-depth: 0 @@ -30,7 +30,7 @@ jobs: - name: Get merged pull request id: getMergedPullRequest - uses: actions-ecosystem/action-get-merged-pull-request@59afe90821bb0b555082ce8ff1e36b03f91553d9 + uses: ./.github/actions/composite/getMergedPullRequest with: github_token: ${{ github.token }} diff --git a/.github/workflows/shellCheck.yml b/.github/workflows/shellCheck.yml index 0b1b4ec68f5a..368ec97bcfaf 100644 --- a/.github/workflows/shellCheck.yml +++ b/.github/workflows/shellCheck.yml @@ -13,8 +13,8 @@ jobs: runs-on: blacksmith-2vcpu-ubuntu-2404 steps: - name: Checkout - # v4 - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + # v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd - name: Lint shell scripts with ShellCheck run: npm run shellcheck diff --git a/.github/workflows/syncVersions.yml b/.github/workflows/syncVersions.yml index 392edf9c5bf7..92e5f893f274 100644 --- a/.github/workflows/syncVersions.yml +++ b/.github/workflows/syncVersions.yml @@ -13,8 +13,8 @@ jobs: runs-on: macos-latest steps: - name: Check out - # v4 - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + # v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd with: ref: main submodules: true diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 3ee9aec5811e..04ae8701a626 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -25,8 +25,8 @@ jobs: name: test (job ${{ fromJSON(matrix.chunk) }}) steps: - name: Checkout - # v4 - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + # v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd - name: Setup Node uses: ./.github/actions/composite/setupNode @@ -88,7 +88,7 @@ jobs: runs-on: blacksmith-4vcpu-ubuntu-2404 name: Storybook tests steps: - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - uses: ./.github/actions/composite/setupNode diff --git a/.github/workflows/translationDryRun.yml b/.github/workflows/translationDryRun.yml index 370a43ed075a..f7f969e64594 100644 --- a/.github/workflows/translationDryRun.yml +++ b/.github/workflows/translationDryRun.yml @@ -13,9 +13,9 @@ jobs: dryRun: runs-on: blacksmith-4vcpu-ubuntu-2404 steps: - # v4 + # v6 - name: Checkout - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd - name: Setup Node uses: ./.github/actions/composite/setupNode diff --git a/.github/workflows/typecheck.yml b/.github/workflows/typecheck.yml index fda119054b98..9a079da783db 100644 --- a/.github/workflows/typecheck.yml +++ b/.github/workflows/typecheck.yml @@ -16,7 +16,7 @@ jobs: if: ${{ github.actor != 'OSBotify' || github.event_name == 'workflow_call' }} runs-on: blacksmith-4vcpu-ubuntu-2404 steps: - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - uses: ./.github/actions/composite/setupNode diff --git a/.github/workflows/unused-styles.yml b/.github/workflows/unused-styles.yml index fdcc34276e81..8e40cd2966ee 100644 --- a/.github/workflows/unused-styles.yml +++ b/.github/workflows/unused-styles.yml @@ -18,8 +18,8 @@ jobs: runs-on: blacksmith-4vcpu-ubuntu-2404 steps: - name: Checkout - # v4 - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + # v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd - name: Setup Node uses: ./.github/actions/composite/setupNode diff --git a/.github/workflows/updateHelpDotRedirects.yml b/.github/workflows/updateHelpDotRedirects.yml index 2f1a9fd55be8..bac6f174b471 100644 --- a/.github/workflows/updateHelpDotRedirects.yml +++ b/.github/workflows/updateHelpDotRedirects.yml @@ -22,8 +22,8 @@ jobs: runs-on: blacksmith-4vcpu-ubuntu-2404 steps: - name: Checkout - # v4 - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + # v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd - name: Create help dot redirect env: diff --git a/.github/workflows/updateProtectedBranch.yml b/.github/workflows/updateProtectedBranch.yml index 6a42724ff53e..54b5860d797f 100644 --- a/.github/workflows/updateProtectedBranch.yml +++ b/.github/workflows/updateProtectedBranch.yml @@ -28,8 +28,8 @@ jobs: fi - name: Checkout source branch - # v4 - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + # v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd with: ref: ${{ steps.getSourceBranch.outputs.SOURCE_BRANCH }} token: ${{ secrets.OS_BOTIFY_TOKEN }} diff --git a/.github/workflows/validateDocsRoutes.yml b/.github/workflows/validateDocsRoutes.yml index 6e66d3c21e75..023045b0ea97 100644 --- a/.github/workflows/validateDocsRoutes.yml +++ b/.github/workflows/validateDocsRoutes.yml @@ -11,7 +11,7 @@ jobs: if: github.actor != 'OSBotify' && github.actor != 'imgbot[bot]' runs-on: blacksmith-4vcpu-ubuntu-2404 steps: - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - uses: ./.github/actions/composite/setupNode diff --git a/.github/workflows/validateGithubActions.yml b/.github/workflows/validateGithubActions.yml index 7ce6062c9743..84dad5e3b91e 100644 --- a/.github/workflows/validateGithubActions.yml +++ b/.github/workflows/validateGithubActions.yml @@ -12,8 +12,8 @@ jobs: runs-on: blacksmith-4vcpu-ubuntu-2404 steps: - name: Checkout - # v4 - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + # v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd - name: Setup Node uses: ./.github/actions/composite/setupNode diff --git a/.github/workflows/validatePatches.yml b/.github/workflows/validatePatches.yml index 7ea4d65e4823..2e8585a28163 100644 --- a/.github/workflows/validatePatches.yml +++ b/.github/workflows/validatePatches.yml @@ -11,7 +11,7 @@ jobs: runs-on: blacksmith-4vcpu-ubuntu-2404 steps: - name: Checkout - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd - name: Fetch main branch run: git fetch origin --depth=1 main diff --git a/.github/workflows/verifyParserFiles.yml b/.github/workflows/verifyParserFiles.yml index fc41ba8c5a37..91fc8c5952bd 100644 --- a/.github/workflows/verifyParserFiles.yml +++ b/.github/workflows/verifyParserFiles.yml @@ -13,8 +13,8 @@ jobs: runs-on: macos-latest steps: - name: Checkout - # v4 - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + # v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd - name: Setup Node uses: ./.github/actions/composite/setupNode diff --git a/.github/workflows/verifyPodfile.yml b/.github/workflows/verifyPodfile.yml index 56b605454379..2ff18af1caa6 100644 --- a/.github/workflows/verifyPodfile.yml +++ b/.github/workflows/verifyPodfile.yml @@ -15,8 +15,8 @@ jobs: runs-on: macos-latest steps: - name: Checkout - # v4 - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + # v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd - name: Setup Node uses: ./.github/actions/composite/setupNode diff --git a/.github/workflows/verifySignedCommits.yml b/.github/workflows/verifySignedCommits.yml index ab77756158e9..cf7057218c4b 100644 --- a/.github/workflows/verifySignedCommits.yml +++ b/.github/workflows/verifySignedCommits.yml @@ -9,7 +9,7 @@ jobs: verifySignedCommits: runs-on: blacksmith-2vcpu-ubuntu-2404 steps: - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Verify signed commits uses: ./.github/actions/javascript/verifySignedCommits diff --git a/.github/workflows/welcome.yml b/.github/workflows/welcome.yml index 5d3db3f19724..a5d885b5d762 100644 --- a/.github/workflows/welcome.yml +++ b/.github/workflows/welcome.yml @@ -10,8 +10,8 @@ jobs: if: ${{ github.actor != 'OSBotify' && github.actor != 'imgbot[bot]' }} steps: - name: Checkout - # v4 - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + # v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd - name: Get merged pull request id: getMergedPullRequest From 6e485e655ee7b963c884a934bcb455adbf45512e Mon Sep 17 00:00:00 2001 From: rory Date: Mon, 30 Mar 2026 12:57:51 -0700 Subject: [PATCH 2/3] Improve formatting --- .../actions/composite/getMergedPullRequest/action.yml | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/.github/actions/composite/getMergedPullRequest/action.yml b/.github/actions/composite/getMergedPullRequest/action.yml index d4d5663eed85..7a14cb416e71 100644 --- a/.github/actions/composite/getMergedPullRequest/action.yml +++ b/.github/actions/composite/getMergedPullRequest/action.yml @@ -1,8 +1,5 @@ name: Get merged pull request -description: > - Given the current push event's commit SHA, finds the pull request that was merged to produce it. - Uses the GitHub "list pull requests associated with a commit" API, which is more reliable than - scanning the most-recent closed PRs list. +description: Given the current push event's commit SHA, finds the pull request that was merged to produce it. inputs: github_token: @@ -51,15 +48,19 @@ runs: { echo "number=$(echo "$PR" | jq -r '.number')" echo "title=$(echo "$PR" | jq -r '.title')" + echo "body<> "$GITHUB_OUTPUT" env: GITHUB_TOKEN: ${{ inputs.github_token }} From 472a916f34404228c4650a8179e6b8d0a0e45869 Mon Sep 17 00:00:00 2001 From: rory Date: Tue, 31 Mar 2026 10:08:10 -0700 Subject: [PATCH 3/3] Pass --repo flag to gh pr comment in skipDeploy The skipDeploy job has no checkout step, so gh cli lacks local repo context to resolve the target repository. Explicitly pass --repo to ensure the comment is posted reliably. Made-with: Cursor --- .github/workflows/preDeploy.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/preDeploy.yml b/.github/workflows/preDeploy.yml index 0cff914a044f..c53824e00859 100644 --- a/.github/workflows/preDeploy.yml +++ b/.github/workflows/preDeploy.yml @@ -74,7 +74,7 @@ jobs: steps: - name: Comment on deferred PR run: | - gh pr comment ${{ needs.chooseDeployActions.outputs.MERGED_PR }} --body "$(cat <<'EOF' + gh pr comment ${{ needs.chooseDeployActions.outputs.MERGED_PR }} --repo ${{ github.repository }} --body "$(cat <<'EOF' :hand: This PR was not deployed to staging yet because QA is ongoing. It will be automatically deployed to staging after the next production release. EOF )"