| Age | Commit message (Collapse) | Author | Files | Lines | |
|---|---|---|---|---|---|
| 2026-04-29 | hotfix: pin pypa/gh-action-pypi-publish to commit SHA not tag-object SHA | natsuoto | 1 | -1/+2 | |
| #35 pinned `pypa/gh-action-pypi-publish` to `6733eb7d741f0b11ec6a39b58540dab7590f9b7d`, which is the **tag object** SHA for v1.14.0, not the commit it points to. The publish action's Docker image is built per commit SHA, so pulling `ghcr.io/pypa/gh-action-pypi-publish:6733eb7d...` failed with "manifest unknown" and the v0.3.0 PyPI upload never happened. The actual v1.14.0 commit SHA is `cef221092ed1bacb1cc03d23a2d87d1d172e277b` (the tag object dereferences to it, and `refs/heads/release/v1` agrees). Also adding `workflow_dispatch:` trigger so we can re-run publish without deleting/recreating the GitHub release. The release-only trigger left us with no path to retry after the failure. Closes #52 | |||||
| 2026-04-28 | chore: bump GitHub Actions to current major versions | natsuoto | 1 | -3/+3 | |
| Pure version bumps; workflow behavior is unchanged. - actions/checkout v3 -> v5 - actions/setup-python v3 -> v5 - github/codeql-action/{init,autobuild,analyze} v2 -> v3 - pypa/gh-action-pypi-publish SHA-pinned -> v1.14.0 SHA, with trailing version comment for human readability The @v3 actions ran on the deprecated Node 16 runtime; @v5 (and codeql-action @v3) all use Node 20, the current GitHub-supported runtime. Third-party pypa publish action stays SHA-pinned for supply-chain safety. Closes #34 | |||||
| 2022-09-10 | Added Workflow for publishing to PyPI on release | Bobby | 1 | -0/+39 | |
 |
index : edify | |
| Regular Expressions Made Simple. |
| aboutsummaryrefslogtreecommitdiff |