Skip to content

Bump actions/checkout from 4 to 5 #11154

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
mergify merged 2 commits into from
Aug 15, 2025
Merged

Bump actions/checkout from 4 to 5 #11154

mergify merged 2 commits into from
Aug 15, 2025

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Aug 12, 2025

Bumps actions/checkout from 4 to 5.

Release notes

Sourced from actions/checkout's releases.

v5.0.0

What's Changed

⚠️ Minimum Compatible Runner Version

v2.327.1
Release Notes

Make sure your runner is updated to this version or newer to use this release.

Full Changelog: actions/checkout@v4...v5.0.0

v4.3.0

What's Changed

New Contributors

Full Changelog: actions/checkout@v4...v4.3.0

v4.2.2

What's Changed

Full Changelog: actions/checkout@v4.2.1...v4.2.2

v4.2.1

What's Changed

New Contributors

Full Changelog: actions/checkout@v4.2.0...v4.2.1

... (truncated)

Changelog

Sourced from actions/checkout's changelog.

Changelog

V5.0.0

V4.3.0

v4.2.2

v4.2.1

v4.2.0

v4.1.7

v4.1.6

v4.1.5

v4.1.4

v4.1.3

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump actions/checkout from 4 to 5
b4696fd 
Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 5.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v4...v5)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Aug 12, 2025
@geekosaur
Copy link
Collaborator

geekosaur commented Aug 12, 2025

#11151 although if this one passes CI by tomorrow morning I may defer to it; too late for me to debug what's up with the release workflow only on one arch.

@geekosaur geekosaur added merge me Tell Mergify Bot to merge and removed attention: needs-review labels Aug 12, 2025
@mergify mergify bot added the ready and waiting Mergify is waiting out the cooldown period label Aug 12, 2025
@geekosaur
Copy link
Collaborator

geekosaur commented Aug 12, 2025

wtf, github actions seems to be glitching a lot the past few days

@geekosaur
Copy link
Collaborator

geekosaur commented Aug 12, 2025

Just have to wait on this one, it's reproducible and has nothing whatsoever to do with our code, it's GHA's framework for running Node actions

@geekosaur geekosaur removed merge me Tell Mergify Bot to merge ready and waiting Mergify is waiting out the cooldown period labels Aug 12, 2025
@geekosaur
Copy link
Collaborator

geekosaur commented Aug 12, 2025

actions/checkout#2246
Dropping merge labels and moving to draft until this is resolved.

@geekosaur geekosaur force-pushed the dependabot/github_actions/actions/checkout-5 branch from eab37b3 to 4f37f33 Compare August 12, 2025 19:10
@geekosaur geekosaur added the merge me Tell Mergify Bot to merge label Aug 12, 2025
@mergify mergify bot added the ready and waiting Mergify is waiting out the cooldown period label Aug 12, 2025
@geekosaur
node.js is broken on Alpine 3.12
29241a2 
```
/usr/bin/docker exec  b6b00889ce59b62d3fdddcf068b7ca6cd09606da324e33b7e3754c74054cb218 sh -c "cat /etc/*release | grep ^ID"
Error relocating /__e/node24_alpine/bin/node: pthread_getname_np: symbol not found
```

Upgrading both validate (was 3.19) and release (3.12) to 3.20
instead. I hope the release one was just a missed upgrade.
@geekosaur geekosaur force-pushed the dependabot/github_actions/actions/checkout-5 branch from 4f37f33 to 29241a2 Compare August 13, 2025 16:14
@geekosaur geekosaur mentioned this pull request Aug 13, 2025
Closed
@geekosaur
Copy link
Collaborator

geekosaur commented Aug 13, 2025
edited
Loading

As per latest version of second commit, Alpine older than 3.20 has been dropped. (Validate was using 3.19, which is why it wasn't also hitting the symbol resolution bug.)

This also means the commit clock has restarted as of that push.

@mergify mergify bot added the merge delay passed Applied (usually by Mergify) when PR approved and received no updates for 2 days label Aug 15, 2025
mergify bot added a commit that referenced this pull request Aug 15, 2025
@mergify
Merge of #11154
58e5ea3
@mergify mergify bot mentioned this pull request Aug 15, 2025
Closed
86 tasks
@mergify mergify bot merged commit 6ba466c into master Aug 15, 2025
98 checks passed
@mergify mergify bot deleted the dependabot/github_actions/actions/checkout-5 branch August 15, 2025 17:53
hasufell
hasufell reviewed Aug 18, 2025
View reviewed changes
.github/workflows/reusable-release.yml
Comment on lines -143 to -149
{ image: "alpine:3.12"
, installCmd: "apk update && apk add"
, toolRequirements: "${{ needs.tool-output.outputs.apk_tools }}"
, DISTRO: "Unknown"
, ARTIFACT: "x86_64-linux-alpine312"
, ADD_CABAL_ARGS: "--enable-split-sections"
},
Copy link
Member

@hasufell hasufell Aug 18, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This broke the ghcup metadata script:

cabal/scripts/release/create-release-metadata-for-ghcup.sh

Lines 34 to 39 in 6ba466c

Linux_Alpine:
'( >= 3.12 && < 3.20)': &cabal-${YV}-alpine312-64
$(print_uri_hash "cabal-install-$VERSION-x86_64-linux-alpine312.tar.xz")
'>= 3.20':
$(print_uri_hash "cabal-install-$VERSION-x86_64-linux-alpine320.tar.xz")
unknown_versioning: *cabal-${YV}-alpine312-64

It's a good idea to CC code authors on PRs.

Copy link
Member

@hasufell hasufell Aug 18, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's a good idea to CC code authors on PRs.

Apologies. I see I'm in the reviewers list, but it went through my radar.

Copy link
Member

@hasufell hasufell Aug 18, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's a good idea to CC code authors on PRs.

Apologies. I see I'm in the reviewers list, but it went through my radar.

Or is that because I just commented here? shrug

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@hasufell hasufell hasufell left review comments

@Mikolaj Mikolaj Mikolaj approved these changes

@geekosaur geekosaur geekosaur approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code merge delay passed Applied (usually by Mergify) when PR approved and received no updates for 2 days merge me Tell Mergify Bot to merge ready and waiting Mergify is waiting out the cooldown period

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@geekosaur @Mikolaj @hasufell