Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 5 additions & 5 deletions .github/actions/setup-docker/action.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -28,34 +28,34 @@ runs:
using: "composite"
steps:
- name: "Restore docker caches"
uses: "actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae" # v5.0.5
uses: "actions/cache@caa296126883cff596d87d8935842f9db880ef25" # v5.1.0
with:
path: ".cache/docker"
key: "${{ inputs.cache-key }}-docker-${{ runner.os }}-${{ runner.arch }}-${{ hashFiles('mise.lock', 'Cargo.lock', 'pyproject.toml', 'pnpm-lock.yaml', 'uv.lock') }}"
restore-keys: |
${{ inputs.cache-key }}-docker-${{ runner.os }}-${{ runner.arch }}-
- name: "Login to GitHub Container Registry"
uses: "docker/login-action@650006c6eb7dba73a995cc03b0b2d7f5ca915bee" # v4.2.0
uses: "docker/login-action@af1e73f918a031802d376d3c8bbc3fe56130a9b0" # v4.4.0
with:
registry: "ghcr.io"
username: "${{ github.actor }}"
password: "${{ inputs.github-token }}"
- name: "Login to Docker Hub"
if: "${{ inputs.dockerhub-username != '' && inputs.dockerhub-token != '' }}"
uses: "docker/login-action@650006c6eb7dba73a995cc03b0b2d7f5ca915bee" # v4.2.0
uses: "docker/login-action@af1e73f918a031802d376d3c8bbc3fe56130a9b0" # v4.4.0
with:
username: "${{ inputs.dockerhub-username }}"
password: "${{ inputs.dockerhub-token }}"
- name: "Setup Buildx"
uses: "docker/setup-buildx-action@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5" # v4.1.0
uses: "docker/setup-buildx-action@bb05f3f5519dd87d3ba754cc423b652a5edd6d2c" # v4.2.0
- name: "Get current UID/GID"
id: "ids"
shell: "bash"
run: |
echo "uid=$(id -u)" >> "$GITHUB_OUTPUT"
echo "gid=$(id -g)" >> "$GITHUB_OUTPUT"
- name: "Build Docker image"
uses: "docker/build-push-action@f9f3042f7e2789586610d6e8b85c8f03e5195baf" # v7.2.0
uses: "docker/build-push-action@53b7df96c91f9c12dcc8a07bcb9ccacbed38856a" # v7.3.0
with:
context: "."
file: "Dockerfile"
Expand Down
4 changes: 2 additions & 2 deletions .github/actions/setup-native/action.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ runs:
using: "composite"
steps:
- name: "Restore native caches"
uses: "actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae" # v5.0.5
uses: "actions/cache@caa296126883cff596d87d8935842f9db880ef25" # v5.1.0
with:
path: ".cache/native"
key: "${{ inputs.cache-key }}-native-${{ runner.os }}-${{ runner.arch }}-${{ hashFiles('Cargo.lock', 'pyproject.toml', 'pnpm-lock.yaml', 'uv.lock') }}"
Expand All @@ -28,7 +28,7 @@ runs:
if: "runner.os == 'Windows'"
uses: "ilammy/msvc-dev-cmd@0b201ec74fa43914dc39ae48a89fd1d8cb592756" # v1.13.0
- name: "Run mise install"
uses: "jdx/mise-action@1648a7812b9aeae629881980618f079932869151" # v4.0.1
uses: "jdx/mise-action@e6a8b3978addb5a52f2b4cd9d91eafa7f0ab959d" # v4.2.0
with:
version: "${{ inputs.mise-version }}"
cache_key_prefix: "${{ inputs.cache-key }}-mise"
Expand Down
2 changes: 1 addition & 1 deletion .github/actions/setup/action.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ runs:
using: "composite"
steps:
- name: "Restore shared caches"
uses: "actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae" # v5.0.5
uses: "actions/cache@caa296126883cff596d87d8935842f9db880ef25" # v5.1.0
with:
path: ".cache/shared"
key: "${{ inputs.cache-key }}-shared-${{ runner.os }}-${{ runner.arch }}"
Expand Down
4 changes: 2 additions & 2 deletions .github/actions/upload-reports/action.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -40,14 +40,14 @@ runs:
EOF
- name: "Upload coverage reports to Codecov"
if: "steps.expand.outputs.coverage != ''"
uses: "codecov/codecov-action@e79a6962e0d4c0c17b229090214935d2e33f8354" # v6.0.1
uses: "codecov/codecov-action@fb8b3582c8e4def4969c97caa2f19720cb33a72f" # v6.0.2
with:
use_oidc: true
report_type: "coverage"
files: "${{ steps.expand.outputs.coverage }}"
- name: "Upload test results to Codecov"
if: "steps.expand.outputs.reports != ''"
uses: "codecov/codecov-action@e79a6962e0d4c0c17b229090214935d2e33f8354" # v6.0.1
uses: "codecov/codecov-action@fb8b3582c8e4def4969c97caa2f19720cb33a72f" # v6.0.2
with:
use_oidc: true
report_type: "test_results"
Expand Down
16 changes: 8 additions & 8 deletions .github/workflows/regular.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ jobs:
mise-version: "${{ steps.init-workflow.outputs.mise-version }}"
steps:
- name: "Checkout"
uses: "actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd" # v6.0.2
uses: "actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10" # v6.0.3
with:
ref: "${{ github.ref }}"
fetch-depth: 1
Expand All @@ -55,7 +55,7 @@ jobs:
runs-on: "${{ matrix.os }}"
steps:
- name: "Checkout"
uses: "actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd" # v6.0.2
uses: "actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10" # v6.0.3
with:
ref: "${{ github.ref }}"
fetch-depth: 1
Expand Down Expand Up @@ -97,7 +97,7 @@ jobs:
runs-on: "ubuntu-latest"
steps:
- name: "Checkout"
uses: "actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd" # v6.0.2
uses: "actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10" # v6.0.3
with:
ref: "${{ github.ref }}"
fetch-depth: 1
Expand All @@ -120,7 +120,7 @@ jobs:
with:
run: "mise run --force ci-build"
- name: "Run benchmarks"
uses: "CodSpeedHQ/action@3194d9a39c4d46684cb44bf7207fc56626aad8fd" # v4.15.1
uses: "CodSpeedHQ/action@a4a36bb07c0638b0b4ca52bf1f3dad1b4289e52f" # v4.18.1
with:
mode: "simulation"
run: "pnpm -C packages/node exec vitest bench --run"
Expand All @@ -133,13 +133,13 @@ jobs:
runs-on: "ubuntu-latest"
steps:
- name: "Checkout repository"
uses: "actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd" # v6.0.2
uses: "actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10" # v6.0.3
with:
ref: "${{ github.ref }}"
fetch-depth: 1
persist-credentials: false
- name: "Run zizmor"
uses: "zizmorcore/zizmor-action@5f14fd08f7cf1cb1609c1e344975f152c7ee938d" # v0.5.6
uses: "zizmorcore/zizmor-action@192e21d79ab29983730a13d1382995c2307fbcaa" # v0.5.7
with:
persona: "auditor"
env:
Expand All @@ -153,7 +153,7 @@ jobs:
runs-on: "ubuntu-latest"
steps:
- name: "Checkout repository"
uses: "actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd" # v6.0.2
uses: "actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10" # v6.0.3
with:
ref: "${{ github.ref }}"
fetch-depth: 1
Expand All @@ -168,6 +168,6 @@ jobs:
output: "trivy-results.sarif"
ignore-unfixed: true
- name: "Upload Trivy scan results to GitHub Security tab"
uses: "github/codeql-action/upload-sarif@7211b7c8077ea37d8641b6271f6a365a22a5fbfa" # v4.36.0
uses: "github/codeql-action/upload-sarif@54f647b7e1bb85c95cddabcd46b0c578ec92bc1a" # v4.36.3
with:
sarif_file: "trivy-results.sarif"
14 changes: 7 additions & 7 deletions .github/workflows/release.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ jobs:
mise-version: "${{ steps.init-workflow.outputs.mise-version }}"
steps:
- name: "Checkout"
uses: "actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd" # v6.0.2
uses: "actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10" # v6.0.3
with:
ref: "${{ github.ref }}"
fetch-depth: 1
Expand Down Expand Up @@ -63,7 +63,7 @@ jobs:
runs-on: "${{ matrix.os }}"
steps:
- name: "Checkout"
uses: "actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd" # v6.0.2
uses: "actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10" # v6.0.3
with:
ref: "${{ github.ref }}"
fetch-depth: 1
Expand Down Expand Up @@ -111,11 +111,11 @@ jobs:
gh-token: "${{ secrets.GITHUB_TOKEN }}"
run: "mise run sbom:rust"
- name: "Attest build provenance"
uses: "actions/attest-build-provenance@a2bbfa25375fe432b6a289bc6b6cd05ecd0c4c32" # v4.1.0
uses: "actions/attest-build-provenance@0f67c3f4856b2e3261c31976d6725780e5e4c373" # v4.1.1
with:
subject-path: "packages/node/dist/*.gz"
- name: "Attest Rust SBOM"
uses: "actions/attest@59d89421af93a897026c735860bf21b6eb4f7b26" # v4.1.0
uses: "actions/attest@a1948c3f048ba23858d222213b7c278aabede763" # v4.1.1
with:
subject-path: "packages/node/dist/*.node.gz"
sbom-path: "packages/node/dist/node_reqwest.cdx.json"
Expand All @@ -140,7 +140,7 @@ jobs:
runs-on: "ubuntu-latest"
steps:
- name: "Checkout"
uses: "actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd" # v6.0.2
uses: "actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10" # v6.0.3
with:
ref: "${{ github.ref }}"
fetch-depth: 1
Expand Down Expand Up @@ -172,11 +172,11 @@ jobs:
gh-token: "${{ secrets.GITHUB_TOKEN }}"
run: "mise run sbom:js"
- name: "Attest node build provenance"
uses: "actions/attest-build-provenance@a2bbfa25375fe432b6a289bc6b6cd05ecd0c4c32" # v4.1.0
uses: "actions/attest-build-provenance@0f67c3f4856b2e3261c31976d6725780e5e4c373" # v4.1.1
with:
subject-path: "packages/node/package.tar.gz"
- name: "Attest JS SBOM"
uses: "actions/attest@59d89421af93a897026c735860bf21b6eb4f7b26" # v4.1.0
uses: "actions/attest@a1948c3f048ba23858d222213b7c278aabede763" # v4.1.1
with:
subject-path: "packages/node/package.tar.gz"
sbom-path: "packages/node/package.cdx.json"
Expand Down
2 changes: 1 addition & 1 deletion .gitmodules
Original file line number Diff line number Diff line change
Expand Up @@ -3,4 +3,4 @@
url = https://github.com/nodejs/undici.git
# Pinned to undici v8.3.0; bump in lockstep with the version in
# pnpm-workspace.yaml `catalog:`.
branch = v8.3.0
branch = v8.7.0
2 changes: 1 addition & 1 deletion .mise-version
Original file line number Diff line number Diff line change
@@ -1 +1 @@
v2026.5.15
v2026.7.0
2 changes: 1 addition & 1 deletion .python-version
Original file line number Diff line number Diff line change
@@ -1 +1 @@
3.14.5
3.14.6
16 changes: 8 additions & 8 deletions Cargo.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 2 additions & 2 deletions Dockerfile
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# syntax=docker/dockerfile:1.24@sha256:87999aa3d42bdc6bea60565083ee17e86d1f3339802f543c0d03998580f9cb89
# syntax=docker/dockerfile:1.25@sha256:0adf442eae370b6087e08edc7c50b552d80ddf261576f4ebd6421006b2461f12
# <https://quay.io/repository/pypa/manylinux_2_28?tab=tags>
FROM quay.io/pypa/manylinux_2_28@sha256:65f13b3b5473749287dad47a1b8ca4ebc6abbc892956acd26a81cdc1d5b50928
FROM quay.io/pypa/manylinux_2_28@sha256:d9c308edd403858fd23022ef1d529d2d7fea85f5a681031ae9abc9796efc3894

ARG TARGETARCH
ARG USERNAME=runner
Expand Down
Loading
Loading