From b7e66be21f2b464e60d4d4ea10929abbfeaf8e26 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 10 Apr 2026 11:23:10 +0000 Subject: [PATCH] .github: Bump actions/github-script from 8.0.0 to 9.0.0 Bumps [actions/github-script](https://github.com/actions/github-script) from 8.0.0 to 9.0.0. - [Release notes](https://github.com/actions/github-script/releases) - [Commits](https://github.com/actions/github-script/compare/ed597411d8f924073f98dfc5c65a23a2325f34cd...3a2844b7e9c422d3c10d287c895573f7108da1b3) --- updated-dependencies: - dependency-name: actions/github-script dependency-version: 9.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/backport.yml | 2 +- .github/workflows/bot.yml | 2 +- .github/workflows/check.yml | 2 +- .github/workflows/comment.yml | 2 +- .github/workflows/edited.yml | 2 +- .github/workflows/eval.yml | 8 ++++---- .github/workflows/lint.yml | 2 +- .github/workflows/merge-group.yml | 4 ++-- .github/workflows/pull-request-target.yml | 4 ++-- .github/workflows/review.yml | 2 +- .github/workflows/teams.yml | 2 +- .github/workflows/test.yml | 4 ++-- 12 files changed, 18 insertions(+), 18 deletions(-) diff --git a/.github/workflows/backport.yml b/.github/workflows/backport.yml index 48504d817b6d..6504fa8c4763 100644 --- a/.github/workflows/backport.yml +++ b/.github/workflows/backport.yml @@ -72,7 +72,7 @@ jobs: - name: "Add 'has: port to stable' label" if: steps.backport.outputs.created_pull_numbers != '' - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 + uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 with: # Not using the app on purpose to avoid triggering another workflow run after adding this label. script: | diff --git a/.github/workflows/bot.yml b/.github/workflows/bot.yml index 1d8d349ead30..d8a4d215c1c7 100644 --- a/.github/workflows/bot.yml +++ b/.github/workflows/bot.yml @@ -74,7 +74,7 @@ jobs: run: gh api /rate_limit | jq - name: Run bot - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 + uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 with: github-token: ${{ steps.app-token.outputs.token || github.token }} retries: 3 diff --git a/.github/workflows/check.yml b/.github/workflows/check.yml index 768937e70521..8a55d030d8c3 100644 --- a/.github/workflows/check.yml +++ b/.github/workflows/check.yml @@ -52,7 +52,7 @@ jobs: - name: Check commits id: check - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 + uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: TARGETS_STABLE: ${{ fromJSON(inputs.baseBranch).stable && !contains(fromJSON(inputs.headBranch).type, 'development') }} with: diff --git a/.github/workflows/comment.yml b/.github/workflows/comment.yml index 7894d704723b..dcbbc755eb8e 100644 --- a/.github/workflows/comment.yml +++ b/.github/workflows/comment.yml @@ -38,7 +38,7 @@ jobs: private-key: ${{ secrets.NIXPKGS_CI_APP_PRIVATE_KEY }} permission-pull-requests: write - - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 + - uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 with: github-token: ${{ steps.app-token.outputs.token || github.token }} retries: 3 diff --git a/.github/workflows/edited.yml b/.github/workflows/edited.yml index a60cede7b26d..165cad607d97 100644 --- a/.github/workflows/edited.yml +++ b/.github/workflows/edited.yml @@ -43,7 +43,7 @@ jobs: private-key: ${{ secrets.NIXPKGS_CI_APP_PRIVATE_KEY }} permission-pull-requests: write - - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 + - uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 with: github-token: ${{ steps.app-token.outputs.token }} script: | diff --git a/.github/workflows/eval.yml b/.github/workflows/eval.yml index 5fcdc81d273a..f8f18b7adc9a 100644 --- a/.github/workflows/eval.yml +++ b/.github/workflows/eval.yml @@ -61,7 +61,7 @@ jobs: - name: Find commit that touched ci/pinned.json id: find-pinned-commit - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 + uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: TARGET_SHA: ${{ inputs.targetSha }} HEAD_SHA: ${{ inputs.headSha }} @@ -307,7 +307,7 @@ jobs: - name: Add eval summary to commit statuses if: ${{ github.event_name == 'pull_request_target' }} - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 + uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 with: script: | const { readFile } = require('node:fs/promises') @@ -337,7 +337,7 @@ jobs: }) - name: Request changes if PR is against an inappropriate branch if: ${{ github.event_name == 'pull_request_target' }} - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 + uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 with: script: | require('./nixpkgs/trusted/ci/github-script/check-target-branch.js')({ @@ -359,7 +359,7 @@ jobs: path: versions - name: Add version comparison table to job summary - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 + uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: ARTIFACT_PREFIX: ${{ inputs.artifact-prefix }} SYSTEMS: ${{ inputs.systems }} diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 867c5c7737a8..b87e3c72050b 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -139,7 +139,7 @@ jobs: persist-credentials: true # Needed to run git fetch for large PRs. path: trusted - name: Check commit messages - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 + uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 with: script: | const checkCommitMessages = require('./trusted/ci/github-script/lint-commits.js') diff --git a/.github/workflows/merge-group.yml b/.github/workflows/merge-group.yml index 895bd2aafa5d..6fcbbe4def72 100644 --- a/.github/workflows/merge-group.yml +++ b/.github/workflows/merge-group.yml @@ -32,7 +32,7 @@ jobs: ci/github-script/supportedSystems.js - id: prepare - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 + uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: MERGED_SHA: ${{ inputs.mergedSha }} TARGET_SHA: ${{ inputs.targetSha }} @@ -125,7 +125,7 @@ jobs: permissions: statuses: write # creating 'no PR failures' commit status steps: - - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 + - uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: RESULTS: ${{ toJSON(needs.*.result) }} with: diff --git a/.github/workflows/pull-request-target.yml b/.github/workflows/pull-request-target.yml index d62972e10e88..190ce2510a3e 100644 --- a/.github/workflows/pull-request-target.yml +++ b/.github/workflows/pull-request-target.yml @@ -37,7 +37,7 @@ jobs: sparse-checkout: | ci/github-script - id: prepare - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 + uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 with: retries: 10 # The default for this includes code 422, which happens regularly for us when comparing commits: @@ -126,7 +126,7 @@ jobs: permissions: statuses: write steps: - - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 + - uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: RESULTS: ${{ toJSON(needs.*.result) }} with: diff --git a/.github/workflows/review.yml b/.github/workflows/review.yml index db3b1d464b46..edf4f39b4bf6 100644 --- a/.github/workflows/review.yml +++ b/.github/workflows/review.yml @@ -35,7 +35,7 @@ jobs: private-key: ${{ secrets.NIXPKGS_CI_APP_PRIVATE_KEY }} permission-pull-requests: write - - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 + - uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 with: github-token: ${{ steps.app-token.outputs.token || github.token }} retries: 3 diff --git a/.github/workflows/teams.yml b/.github/workflows/teams.yml index a924a1291212..bef56a83bc1c 100644 --- a/.github/workflows/teams.yml +++ b/.github/workflows/teams.yml @@ -41,7 +41,7 @@ jobs: run: npm install bottleneck@2.19.5 - name: Synchronise teams - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 + uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 with: github-token: ${{ steps.app-token.outputs.token }} script: | diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index bf40e819491d..64b7dbd85dd8 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -26,7 +26,7 @@ jobs: sparse-checkout: | ci/github-script - id: prepare - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 + uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 with: retries: 10 # The default for this includes code 422, which happens regularly for us when comparing commits: @@ -45,7 +45,7 @@ jobs: - name: Determine changed files id: files - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 + uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 with: script: | const files = (await github.paginate(github.rest.pulls.listFiles, {