From a28c71aa252ae5857671f890cd008432fbc97cf5 Mon Sep 17 00:00:00 2001 From: Nano Taboada <87288+nanotaboada@users.noreply.github.com> Date: Wed, 21 May 2025 00:10:44 -0300 Subject: [PATCH 1/2] chore(deps): configure Dependabot to use conventional commits --- .github/dependabot.yml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index c470083..6c3c92a 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -6,6 +6,9 @@ updates: directory: "/src/Dotnet.Samples.AspNetCore.WebApi" schedule: interval: "daily" + commit-message: + include: scope + prefix: "chore(deps): bump " groups: efcore: patterns: @@ -18,8 +21,14 @@ updates: directory: "/test/Dotnet.Samples.AspNetCore.WebApi.Tests" schedule: interval: "daily" + commit-message: + include: scope + prefix: "chore(deps): bump " - package-ecosystem: "github-actions" directory: "/" schedule: interval: "daily" + commit-message: + include: scope + prefix: "chore(deps): bump " From fcfa5d1a372d1a479e4fd4f8d24cfd6c76e82a6f Mon Sep 17 00:00:00 2001 From: Nano Taboada <87288+nanotaboada@users.noreply.github.com> Date: Wed, 21 May 2025 00:14:55 -0300 Subject: [PATCH 2/2] chore(ci): pin GitHub Actions to specific versions --- .github/workflows/dotnet.yml | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/.github/workflows/dotnet.yml b/.github/workflows/dotnet.yml index bad1440..dcfd87a 100644 --- a/.github/workflows/dotnet.yml +++ b/.github/workflows/dotnet.yml @@ -21,10 +21,10 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v4.2.2 - name: Set up .NET ${{ env.DOTNET_VERSION }} - uses: actions/setup-dotnet@v4 + uses: actions/setup-dotnet@v4.3.1 with: dotnet-version: ${{ env.DOTNET_VERSION }} # The action searches for packages.lock.json in the repository root, @@ -47,10 +47,10 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v4.2.2 - name: Lint commit messages - uses: wagoid/commitlint-github-action@v6 + uses: wagoid/commitlint-github-action@v6.2.1 - name: Run tests and generate Cobertura coverage reports run: dotnet test --results-directory "coverage" --collect:"XPlat Code Coverage" --settings .runsettings @@ -71,7 +71,7 @@ jobs: run: cat coverage/SummaryGithub.md >> $GITHUB_STEP_SUMMARY - name: Upload Cobertura coverage report artifact - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v4.6.2 with: name: cobertura.xml path: coverage/cobertura.xml @@ -84,10 +84,10 @@ jobs: service: [codecov, codacy] steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v4.2.2 - name: Download Cobertura coverage report artifact - uses: actions/download-artifact@v4 + uses: actions/download-artifact@v4.3.0 with: name: cobertura.xml @@ -117,20 +117,20 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v4.2.2 - name: Log in to GitHub Container Registry - uses: docker/login-action@v3 + uses: docker/login-action@v3.4.0 with: registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@v3.10.0 - name: Build and push Docker image to GitHub Container Registry - uses: docker/build-push-action@v6 + uses: docker/build-push-action@v6.17.0 with: context: . push: true