Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update JamesIves/github-sponsors-readme-action action to v1.5.4 #10

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Update JamesIves/github-sponsors-readme-action action to v1.5.4 #10

wants to merge 1 commit into from

Conversation

renovate-bot
Copy link

@renovate-bot renovate-bot commented Jun 6, 2024
edited
Loading

This PR contains the following updates:

Package Type Update Change
JamesIves/github-sponsors-readme-action action minor 1.0.5 -> v1.5.4

Release Notes

JamesIves/github-sponsors-readme-action (JamesIves/github-sponsors-readme-action)

v1.5.4

Compare Source

What's Changed

Dependencies 🤖

Full Changelog: JamesIves/github-sponsors-readme-action@v1...v1.5.4

v1.5.3

Compare Source

What's Changed

Bug Fixes 🐝
  • fix: resolved a number of small typos in the action debug statements

v1.5.2

Compare Source

What's Changed

New Features 🎉
  • feat: ✨ Added a log line that shows how many sponsors the action was able to retrieve.

v1.5.1

Compare Source

What's Changed

Bug Fixes 🐝
  • fix: resolved an issue where the default config was not being applied to the non-action version of the project.

Full Changelog: JamesIves/github-sponsors-readme-action@v1...v1.5.1

v1.5.0

Compare Source

What's Changed

New Features 🎉

  • feat: ✨ Adds ability to display anonymized private sponsors. Private sponsors will be displayed in the list, however any identifying information will be redacted. This can be useful if you want to display all sponsors, regardless of their privacy settings. To enable this feature, you can set include-private to true in your workflow.

  • feat: ✨ Adds the ability to use avatarUrl in a sponsorship template. This is an exposed field from the GitHub API and typically matches https://github.com/{username}.png (unless include-private is set to true that is)

      - name: Generate Sponsors 💖
        uses: JamesIves/github-sponsors-readme-action@v1
        with:
          token: ${{ secrets.PAT }}
          file: 'README.md'
          minimum: 2500
          template: '<a href="https://redirect.github.com/{{{ login }}}"><img src="{{{ avatarUrl }}}" width="80px" alt="{{{ login }}}" /></a>&nbsp;&nbsp;'
          marker: 'real-premium'
          active-only: false
          include-private: true

All of the above features have been documented in the README 📖

Full Changelog: JamesIves/github-sponsors-readme-action@v1...v1.5.0

v1.4.5

Compare Source

What's Changed

Bug Fixes 🐝
  • fix: mark includePrivate as false in the GraphQL query to ensure that user privacy is always respected regardless of what privacyLevel returns with due to potential difference in API versions.
Dependencies 🤖

Full Changelog: JamesIves/github-sponsors-readme-action@v1...v1.4.5

v1.4.4

Compare Source

What's Changed

Bug Fixes 🐝

Full Changelog: JamesIves/github-sponsors-readme-action@v1...v1.4.4

v1.4.3

Compare Source

What's Changed

Bug Fixes 🐝

Full Changelog: JamesIves/github-sponsors-readme-action@v1...v1.4.3

v1.4.2

Compare Source

What's Changed

Security 🔒
  • fix: 🔒 Resolves a markdown injection vulnerability. Special thanks to @​Nicocha30 for spotting this. ❤️

Full Changelog: JamesIves/github-sponsors-readme-action@v1...v1.4.2

v1.4.1

Compare Source

What's Changed

Dependencies 🤖

Full Changelog: JamesIves/github-sponsors-readme-action@v1...v1.4.1

v1.4.0

Compare Source

What's Changed

  • feat: ✨ support active-only input by @​JamesIves in https://github.com/JamesIves/github-sponsors-readme-action/pull/737 - This feature allows you to show sponsors regardless of their sponsorship status. This is useful in scenarios where you want to show all sponsors who have previously donated, and not just those who hold an active subscription. To use this, you can set active-only: false within the with parameters of the action. It will default to true, which is the current behavior of the action.
Dependabot 🤖

Full Changelog: JamesIves/github-sponsors-readme-action@v1.3.1...v1.4.0

v1.3.1

Compare Source

What's Changed

  • Made a change that assumes tier is optional to prevent a NPE for some users.

Full Changelog: JamesIves/github-sponsors-readme-action@v1.3.0...v1.3.1

v1.3.0

Compare Source

What's Changed

  • The action is now developed against Node 20.
  • The sponsorship-status output has been renamed to sponsorshipStatus to comply with best practices. This has the potential to break some workflows, but it is unlikely as the way this variable was named previously makes it difficult to interface with. As such as this has not been marked as a breaking change, I apologize if this theory ends up being inaccurate.
  • Fixes an issue where if for some reason monthlyPriceInCents is undefined, we set the value to 0.
  • Add note for organisation usage by @​0xTim in https://github.com/JamesIves/github-sponsors-readme-action/pull/538
Dependencies 🤖

New Contributors

Full Changelog: JamesIves/github-sponsors-readme-action@v1.2.2...v1.3.0

v1.2.2

Compare Source

What's Changed

Changelog

Full Changelog: JamesIves/github-sponsors-readme-action@v1...v1.2.2

v1.2.1

Compare Source

What's Changed

New Contributors

Sponsors ❤️

Full Changelog: JamesIves/github-sponsors-readme-action@v1...v1.2.1

v1.2.0

Compare Source

What's Changed

New Contributors

Sponsors ❤️

Full Changelog: JamesIves/github-sponsors-readme-action@v1...v1.2.0

v1.1.0

Compare Source

Minor Changes

  • Fixes an issue where organizational data was not correctly being displayed alongside user data if organization was set to true.
  • Linting scripts have been updated to ensure that everything across the repo gets picked up.
  • Numerous dependency updates.

New Contributors

Sponsors ❤️

github  

Full Changelog: JamesIves/github-sponsors-readme-action@v1...v1.1.0

v1.0.8

Compare Source

Minor Changes

  • Introduces major version tags. You can now point your workflow to JamesIves/github-sponsors-readme-action@v1 if you'd like to always have the most cutting edge changes outside of using the release branch directly.

v1.0.7

Compare Source

Minor Changes

  • Dependency upgrades.

v1.0.6

Compare Source

Minor Changes

  • Dependency bumps across the board.

Commit Log

New Contributors

Full Changelog: https://github.com/JamesIves/github-sponsors-readme-action/commits/1.0.6

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@coderabbitai coderabbitai
Copy link

coderabbitai bot commented Jun 6, 2024
edited
Loading

Walkthrough

The update modifies the insert-contributors.yml GitHub workflow by upgrading the github-sponsors-readme-action from version 1.0.5 to v1.5.4. This change specifically impacts the "Updates readme with sponsors" step within the insert-sponsors job, while the overall structure of the workflow remains unchanged.

Changes

File Change Summary
.github/workflows/insert-contributors.yml Updated github-sponsors-readme-action from 1.0.5 to v1.5.4.

Poem

In the garden of code, where bunnies delight,
An action was upgraded, oh what a sight!
From humble beginnings, it’s grown so bright,
With each little change, our readme takes flight.
So hop with joy, dear friends, it’s true,
Together we flourish, thanks to all of you!
🌼🐇✨

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Reviewing files that changed from the base of the PR and between 7b0b8b0 and e0a22a6.

📒 Files selected for processing (1)
  • .github/workflows/insert-contributors.yml (1 hunks)
🚧 Files skipped from review as they are similar to previous changes (1)
  • .github/workflows/insert-contributors.yml

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share
🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>, please review it.
    • Generate unit testing code for this file.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
    • @coderabbitai generate unit testing code for this file.
    • @coderabbitai modularize this function.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
    • @coderabbitai read src/utils.ts and generate unit testing code.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
    • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

  • @coderabbitai pause to pause the reviews on a PR.
  • @coderabbitai resume to resume the paused reviews.
  • @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
  • @coderabbitai full review to do a full review from scratch and review all the files again.
  • @coderabbitai summary to regenerate the summary of the PR.
  • @coderabbitai resolve resolve all the CodeRabbit review comments.
  • @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
  • @coderabbitai help to get help.

Other keywords and placeholders

  • Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
  • Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
  • Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

  • You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
  • Please see the configuration documentation for more information.
  • If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

coderabbitai[bot]
coderabbitai bot reviewed Jun 6, 2024
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 0

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 1ddb53c and 93de7bf.

Files selected for processing (1)
  • .github/workflows/insert-contributors.yml (1 hunks)
Files skipped from review due to trivial changes (1)
  • .github/workflows/insert-contributors.yml

@renovate-bot renovate-bot force-pushed the renovate/jamesives-github-sponsors-readme-action-1.x branch from 93de7bf to d5e3718 Compare July 5, 2024 17:09
@renovate-bot renovate-bot changed the title Update JamesIves/github-sponsors-readme-action action to v1.4.0 Update JamesIves/github-sponsors-readme-action action to v1.4.1 Jul 5, 2024
coderabbitai[bot]
coderabbitai bot reviewed Jul 5, 2024
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 0

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 93de7bf and d5e3718.

Files selected for processing (1)
  • .github/workflows/insert-contributors.yml (1 hunks)
Files skipped from review due to trivial changes (1)
  • .github/workflows/insert-contributors.yml

@renovate-bot renovate-bot changed the title Update JamesIves/github-sponsors-readme-action action to v1.4.1 Update JamesIves/github-sponsors-readme-action action to v1.4.2 Aug 1, 2024
@renovate-bot renovate-bot force-pushed the renovate/jamesives-github-sponsors-readme-action-1.x branch from d5e3718 to 6a51edb Compare August 1, 2024 13:34
coderabbitai[bot]
coderabbitai bot reviewed Aug 1, 2024
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 0

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between d5e3718 and 6a51edb.

Files selected for processing (1)
  • .github/workflows/insert-contributors.yml (1 hunks)
Additional comments not posted (1)
.github/workflows/insert-contributors.yml (1)

17-17: LGTM! Verify the workflow functionality.

The action version has been updated from 1.0.5 to v1.4.2, addressing a security vulnerability and including several updates. Ensure that the workflow continues to function as expected with the new version.

Verification successful

Update verified successfully!

The workflow using the updated JamesIves/github-sponsors-readme-action@v1.4.2 completed successfully in the last scheduled run. The HTTP 403 error encountered when attempting to manually dispatch the workflow is related to permissions and does not affect the functionality of the workflow.

Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify the functionality of the updated GitHub action version in the workflow.

# Test: Manually dispatch the workflow and check for successful completion.
gh workflow run insert-contributors.yml
gh run list --workflow=insert-contributors.yml --limit=1

Length of output: 420

@renovate-bot renovate-bot changed the title Update JamesIves/github-sponsors-readme-action action to v1.4.2 Update JamesIves/github-sponsors-readme-action action to v1.4.3 Aug 2, 2024
@renovate-bot renovate-bot force-pushed the renovate/jamesives-github-sponsors-readme-action-1.x branch from 6a51edb to 003db36 Compare August 2, 2024 23:03
coderabbitai[bot]
coderabbitai bot reviewed Aug 2, 2024
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 0

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 6a51edb and 003db36.

Files selected for processing (1)
  • .github/workflows/insert-contributors.yml (1 hunks)
Files skipped from review as they are similar to previous changes (1)
  • .github/workflows/insert-contributors.yml

@renovate-bot renovate-bot force-pushed the renovate/jamesives-github-sponsors-readme-action-1.x branch from 003db36 to 3a0a274 Compare September 1, 2024 14:07
@renovate-bot renovate-bot changed the title Update JamesIves/github-sponsors-readme-action action to v1.4.3 Update JamesIves/github-sponsors-readme-action action to v1.5.0 Sep 1, 2024
coderabbitai[bot]
coderabbitai bot reviewed Sep 1, 2024
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 0

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 003db36 and 3a0a274.

Files selected for processing (1)
  • .github/workflows/insert-contributors.yml (1 hunks)
Additional comments not posted (1)
.github/workflows/insert-contributors.yml (1)

17-17: LGTM! The update to the newer version of the action is a good change.

The key benefits of updating to v1.5.0 are:

  • It includes a critical security fix for a markdown injection vulnerability that was addressed in the v1.4.2 release.
  • It introduces a new feature in the v1.4.0 release to display all sponsors, regardless of their active status, by setting the active-only input to false. This feature is not being used in the current workflow, but it's good to have the option available for future use.
  • It includes various dependency updates and minor changes from earlier versions, which are generally good to have.

Please verify that the workflow runs successfully after the update by manually triggering it or waiting for the scheduled run on Sunday at 01:30. If there are any issues, please revert the change and investigate further.

@renovate-bot renovate-bot force-pushed the renovate/jamesives-github-sponsors-readme-action-1.x branch from 3a0a274 to 3aa4720 Compare September 2, 2024 16:58
@renovate-bot renovate-bot changed the title Update JamesIves/github-sponsors-readme-action action to v1.5.0 Update JamesIves/github-sponsors-readme-action action to v1.5.1 Sep 2, 2024
coderabbitai[bot]
coderabbitai bot reviewed Sep 2, 2024
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 0

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 3a0a274 and 3aa4720.

Files selected for processing (1)
  • .github/workflows/insert-contributors.yml (1 hunks)
Files skipped from review as they are similar to previous changes (1)
  • .github/workflows/insert-contributors.yml

@renovate-bot renovate-bot force-pushed the renovate/jamesives-github-sponsors-readme-action-1.x branch from 3aa4720 to 7b0b8b0 Compare October 26, 2024 16:54
@renovate-bot renovate-bot changed the title Update JamesIves/github-sponsors-readme-action action to v1.5.1 Update JamesIves/github-sponsors-readme-action action to v1.5.3 Oct 26, 2024
coderabbitai[bot]
coderabbitai bot reviewed Oct 26, 2024
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Files that changed from the base of the PR and between 3aa4720 and 7b0b8b0.

📒 Files selected for processing (1)
  • .github/workflows/insert-contributors.yml (1 hunks)
🔇 Additional comments (2)
.github/workflows/insert-contributors.yml (2)

17-17: LGTM! Version update looks good.

The upgrade from 1.0.5 to v1.5.3 includes important bug fixes and new features.

19-19: Verify token permissions for sponsor access.

The action requires appropriate token permissions to access sponsor information. Ensure the provided token (BOT_TOKEN or GITHUB_TOKEN) has the necessary scopes to read sponsor data.

.github/workflows/insert-contributors.yml Outdated
Comment on lines 17 to 20
uses: JamesIves/github-sponsors-readme-action@v1.5.3
with:
token: ${{ secrets.BOT_TOKEN || secrets.GITHUB_TOKEN }}
file: 'README.md'
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Consider utilizing new features available in v1.5.3.

The new version introduces several useful features that could enhance your sponsors section:

  1. Display anonymized private sponsors with include-private: true
  2. Show all sponsors regardless of status with active-only: false
  3. Use avatarUrl in sponsorship templates

Consider adding these configurations if they align with your needs:

 uses: JamesIves/github-sponsors-readme-action@v1.5.3
 with:
   token: ${{ secrets.BOT_TOKEN || secrets.GITHUB_TOKEN }}
   file: 'README.md'
+  include-private: true  # Shows anonymized private sponsors
+  active-only: false    # Shows all sponsors regardless of status

Committable suggestion was skipped due to low confidence.

@renovate-bot renovate-bot force-pushed the renovate/jamesives-github-sponsors-readme-action-1.x branch from 7b0b8b0 to e0a22a6 Compare November 9, 2024 19:46
@renovate-bot renovate-bot changed the title Update JamesIves/github-sponsors-readme-action action to v1.5.3 Update JamesIves/github-sponsors-readme-action action to v1.5.4 Nov 9, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@renovate-bot