Skip to content

v0.15.0

Choose a tag to compare

View all tags
@github-actions github-actions released this 05 Mar 08:46
· 127 commits to v0.x.x since this release
Immutable release. Only release title and notes can be modified.
v0.15.0
This tag was signed with the committer’s verified signature. The key has expired.
llucax Leandro Lucarella
GPG key ID: F75C5E5CA8EB7FE7
Expired
Verified
Learn about vigilant mode.
13ff74d
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Frequenz Repository Configuration Release Notes

Summary

This release reduces CI cost by moving lightweight GitHub Actions jobs to the new ubuntu-slim runner, fixes Dependabot auto-merge/merge-queue issues by switching to a GitHub App installation token, and introduces an automated repo-config migration workflow (including updating existing repos' version-branch protection defaults).

Upgrading

Cookiecutter template

All upgrading should be done via the migration script or regenerating the templates.

curl -sSL https://raw.githubusercontent.com/frequenz-floss/frequenz-repo-config-python/v0.15.0/cookiecutter/migrate.py | python3

But you might still need to adapt your code:

New Features

Cookiecutter template

  • Migrated lightweight workflow jobs to use the new ubuntu-slim runner for cost savings.
    The following jobs now use ubuntu-slim:

    • ci.yaml: protolint, nox-all, test-installation-all, create-github-release, publish-to-pypi
    • ci-pr.yaml: protolint
    • auto-dependabot.yaml: auto-merge
    • release-notes-check.yml: check-release-notes
    • dco-merge-queue.yml: DCO
    • labeler.yml: Label

  • Added the flake8-datetimez plugin to the flake8 session. This plugin prevents accidental use of naive datetime objects by flagging calls that create or return datetimes without timezone information.

  • The CI workflow now uses a simpler matrix.

  • Added repo-config-migration.yaml workflow that automatically runs the migration script, commits changes, posts results, and auto-approves/merges only when no migration commit is created.

    The workflow handles multi-version jumps by running each intermediate migration in sequence. The migration script output is posted as a PR comment and in the job summary. PRs with migration commits stay open for manual approval and merge. PRs that need manual intervention fail the job until a human completes the steps and signals resolution by removing the tool:repo-config:migration:intervention-pending label or adding the tool:repo-config:migration:intervention-done label.

  • The auto-dependabot.yaml workflow now skips repo-config group PRs, which are handled by the new migration workflow instead.

  • Updated the default "Protect version branches" ruleset to require the new Migrate Repo Config status check, which is added by the migration workflow to PRs that need manual intervention. This prevents merging PRs that require manual migration steps until those steps are completed and the check passes. Also removed the required code-owner approval and automatic Copilot review request.

Bug Fixes

Cookiecutter template

  • Switched project.license to SPDX expressions and added project.license-files. This removes deprecated setuptools license metadata and avoids build warnings.

  • Fixed auto-dependabot workflow failing to trigger merge queue CI or complete auto-merge. The workflow now uses a GitHub App installation token (via actions/create-github-app-token) instead of GITHUB_TOKEN, which was suppressing subsequent workflow runs by design. Workflow permissions have been reduced to the minimum needed for the workflow (contents: read and pull-requests: write).

  • Fix dependabot group patterns for repo-config and mkdocstrings.

What's Changed

  • CONTRIBUTING.md: Document cookiecutter workflow by @llucax in #493
  • Clear release notes by @llucax in #491
  • Add AGENTS.md by @llucax in #494
  • Use ubuntu-slim for lightweight jobs by @llucax in #496
  • Bump actions/download-artifact from 6 to 7 by @dependabot[bot] in #498
  • Replace deprecated setuptools options by @llucax in #503
  • Bump setuptools from 80.9.0 to 80.10.2 in the minor group by @dependabot[bot] in #500
  • Improve migration script results reporting by @llucax in #507
  • template: Add flake8-datetimez by @llucax in #506
  • Use GitHub app credentials for auto-dependabot by @llucax in #508
  • Fix dependabot-auto-approve version by @llucax in #510
  • Bump actions/upload-artifact from 5 to 6 by @dependabot[bot] in #497
  • Bump the patch group across 1 directory with 4 updates by @dependabot[bot] in #509
  • Fix dependabot repo-config and mkdocstrings groups by @llucax in #512
  • Bump frequenz-floss/gh-action-setup-python-with-deps from 1.0.1 to 1.0.2 in the compatible group by @dependabot[bot] in #513
  • Bump mkdocs-material from 9.7.1 to 9.7.2 in the patch group by @dependabot[bot] in #514
  • Bump nox from 2025.11.12 to 2026.2.9 by @dependabot[bot] in #515
  • Update types-setuptools requirement from <81,>=67.6.0 to >=67.6.0,<83 by @dependabot[bot] in #516
  • Bump black from 25.12.0 to 26.1.0 by @dependabot[bot] in #501
  • Simplify CI job matrix by @llucax in #511
  • Bump setuptools from 80.10.2 to 82.0.0 by @dependabot[bot] in #517
  • Fix tests by adding dependency constraint by @llucax in #528
  • Bump actions/download-artifact from 7 to 8 by @dependabot[bot] in #522
  • Only apply ubuntu-slim to publish-to-pypy for public repos by @llucax in #525
  • Bump actions/upload-artifact from 6 to 7 by @dependabot[bot] in #521
  • Bump the patch group with 3 updates by @dependabot[bot] in #523
  • Bump frequenz-floss/dependabot-auto-approve from 1.4.0 to 1.5.0 in the compatible group by @dependabot[bot] in #520
  • Bump isort from 7.0.0 to 8.0.1 by @dependabot[bot] in #524
  • Add repo-config auto-migration workflow by @llucax in #519
  • Improve "Protect version branches" ruleset by @llucax in #529
  • Prepare for the v0.15.0 release by @llucax in #530

Full Changelog: v0.14.0...v0.15.0

Contributors

llucax and dependabot
Assets 5
Loading