Skip to content

fix: update Alpine package handling to allow optional version pinning#216

Merged
ChristophShyper merged 1 commit into
masterfrom
feat/alpine-packages
May 20, 2026
Merged

fix: update Alpine package handling to allow optional version pinning#216
ChristophShyper merged 1 commit into
masterfrom
feat/alpine-packages

Conversation

@github-actions
Copy link
Copy Markdown
Contributor

@github-actions github-actions Bot commented May 20, 2026

📝 Brief description

fix: update Alpine package handling to allow optional version pinning

💻 Commits

  • 33d1543 - ChristophShyper - 2026-05-20 21:30:03
    fix: update Alpine package handling to allow optional version pinning

📁 Modified files

Taskfile.scripts.yml | 29 +++++++++++++++++++++--------
1 file changed, 21 insertions(+), 8 deletions(-)

⚠️ Additional information

  • Pushed to a branch with a proper name and provided proper commit message.
  • Provided a clear and concise description of what the issue is.

Check CONTRIBUTING.md and CODE_OF_CONDUCT.md for more information

@github-actions github-actions Bot requested review from a team and ChristophShyper as code owners May 20, 2026 19:31
@ChristophShyper ChristophShyper merged commit 5b6f69b into master May 20, 2026
3 checks passed
@ChristophShyper ChristophShyper deleted the feat/alpine-packages branch May 20, 2026 20:33
cherny-sh added a commit to ignitetech-group/action-pull-request that referenced this pull request May 26, 2026
@cherny-sh
chore: mark upstream devops-infra/action-pull-request v1.2.1 as merged
a055ab3 
This is a `-s ours` (strategy-ours) merge. It records `upstream/master`
at SHA c5a99ac as a second parent of our HEAD without changing a single
byte of our tree — the entire point is to update git's commit-reachability
graph so that GitHub's "X commits ahead / Y commits behind" comparison
between this fork and devops-infra/action-pull-request stops counting
those 13 upstream commits as "behind".

The actual content reconciliation already happened in PR #2 (commits
0b5126e + 832dfcc), where I selectively ported upstream's security and
feature improvements onto our gh-CLI-based fork after a security review:

  - repository / repository_path inputs (multi-repo support)
  - max_body_bytes / max_diff_lines (large-diff overflow handling)
  - GIT_CONFIG_GLOBAL isolation
  - repository regex + path-traversal validation
  - perl-based template substitution via scripts/replace-template-diff.sh
  - body-overflow split into managed PR comments
  - 7 new unit tests under tests/unit/

NOT merged from upstream (deliberately, per fork policy "no new third
parties"):

  - new .github/workflows/* that call devops-infra/.github reusable
    workflows or devops-infra/triglav with `secrets: inherit`
  - action.yml `image: docker://devopsinfra/...` (we keep `image:
    Dockerfile` so consumers build from our source)
  - Taskfile.scripts.yml dev-time refactor

The 13 upstream commits being recorded as ancestors:

  c5a99ac chore(release): prepare v1.2.1 (devops-infra#227)
  6aa878a feat: add Triglav as end-to-end test orchestrator (devops-infra#222)
  562d37b chore(release): prepare v1.2.0 (devops-infra#221)
  766f664 feat: add repository and repository_path inputs (devops-infra#220)
  86d8692 chore(release): prepare v1.1.3 (devops-infra#219)
  0ca8a22 fix: update README for clarity and versioning (devops-infra#218)
  eb4c48b chore(release): prepare v1.1.2 (devops-infra#217)
  5b6f69b fix: update Alpine package handling (devops-infra#216)
  ea294d9 feat: improve workflow linting (devops-infra#215)
  378b46d chore: update action-pull-request to v1.1.1 (devops-infra#212)
  a8b34a6 chore: update action-pull-request to v1.1.0 (devops-infra#211)
  0916b92 feat: harden action for handling large diffs (devops-infra#210)
  889cc9b feat: group GitHub Actions and Docker (devops-infra#209)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ChristophShyper ChristophShyper ChristophShyper approved these changes

Assignees

@ChristophShyper ChristophShyper

Labels

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@ChristophShyper