diff --git a/.github/codeql/codeql-config.yml b/.github/codeql/codeql-config.yml deleted file mode 100644 index 2b54f81..0000000 --- a/.github/codeql/codeql-config.yml +++ /dev/null @@ -1,7 +0,0 @@ -name: "CodeQL config" -queries: - - uses: security-and-quality - -query-filters: - - exclude: - id: actions/unpinned-tag \ No newline at end of file diff --git a/.github/workflows/CreateRelease.yml b/.github/workflows/CreateRelease.yml index 37be2c1..aa472d1 100644 --- a/.github/workflows/CreateRelease.yml +++ b/.github/workflows/CreateRelease.yml @@ -5,7 +5,7 @@ name: Create a Release on: workflow_dispatch: push: - branches: [dev] + branches: [main] permissions: id-token: write diff --git a/.github/workflows/PRLabelChecker.yml b/.github/workflows/PRLabelChecker.yml index 42992b2..36b0977 100644 --- a/.github/workflows/PRLabelChecker.yml +++ b/.github/workflows/PRLabelChecker.yml @@ -1,7 +1,7 @@ name: Label Checker on: pull_request: - branches: dev + branches: main types: [opened, labeled, unlabeled, synchronize, reopened] permissions: pull-requests: read diff --git a/.github/workflows/ValidatePullRequests.yml b/.github/workflows/ValidatePullRequests.yml index 239fa87..b0b1c80 100644 --- a/.github/workflows/ValidatePullRequests.yml +++ b/.github/workflows/ValidatePullRequests.yml @@ -4,7 +4,7 @@ name: Validate Pull Request on: pull_request: - branches: [ dev, 'release/**' ] + branches: [ main, 'release/**' ] permissions: id-token: write diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml deleted file mode 100644 index 442ecbf..0000000 --- a/.github/workflows/codeql.yml +++ /dev/null @@ -1,102 +0,0 @@ -name: "CodeQL Advanced" - -on: - push: - branches: [ "dev", "release/*" ] - pull_request: - branches: [ "dev", "release/*" ] - schedule: - - cron: '00 12 * * 0' - -jobs: - changes: - name: Detect changed files - runs-on: ubuntu-latest - permissions: - contents: read - pull-requests: read - outputs: - matrix: ${{ steps.build-matrix.outputs.matrix }} - has-changes: ${{ steps.build-matrix.outputs.has-changes }} - steps: - - uses: actions/checkout@v6 - - uses: dorny/paths-filter@v3 - id: filter - with: - filters: | - actions: - - '.github/**/*.yml' - - '.github/**/*.yaml' - javascript: - - '**/*.js' - - '**/*.ts' - - '**/*.mjs' - - '**/*.cjs' - - '**/package.json' - - '**/package-lock.json' - rust: - - '**/*.rs' - - '**/Cargo.toml' - - '**/Cargo.lock' - - name: Build matrix - id: build-matrix - run: | - # On schedule or push, analyze all languages - if [[ "${{ github.event_name }}" == "schedule" || "${{ github.event_name }}" == "push" ]]; then - echo 'matrix={"include":[{"language":"actions","build-mode":"none"},{"language":"javascript-typescript","build-mode":"none"},{"language":"rust","build-mode":"none"}]}' >> $GITHUB_OUTPUT - echo "has-changes=true" >> $GITHUB_OUTPUT - exit 0 - fi - - # On PR, only analyze languages with changes - languages=() - - [[ "${{ steps.filter.outputs.actions }}" == "true" ]] && languages+=('{"language":"actions","build-mode":"none"}') - [[ "${{ steps.filter.outputs.javascript }}" == "true" ]] && languages+=('{"language":"javascript-typescript","build-mode":"none"}') - [[ "${{ steps.filter.outputs.rust }}" == "true" ]] && languages+=('{"language":"rust","build-mode":"none"}') - - if [[ ${#languages[@]} -eq 0 ]]; then - echo 'matrix={"include":[]}' >> $GITHUB_OUTPUT - echo "has-changes=false" >> $GITHUB_OUTPUT - else - # Join array with commas - IFS=','; echo "matrix={\"include\":[${languages[*]}]}" >> $GITHUB_OUTPUT - echo "has-changes=true" >> $GITHUB_OUTPUT - fi - - analyze: - name: Analyze (${{ matrix.language }}) - needs: changes - if: needs.changes.outputs.has-changes == 'true' - runs-on: 'ubuntu-latest' - permissions: - # required for all workflows - security-events: write - - # required to fetch internal or private CodeQL packs - packages: read - - # only required for workflows in private repositories - actions: read - contents: read - - strategy: - fail-fast: false - matrix: ${{ fromJson(needs.changes.outputs.matrix) }} - - steps: - - name: Checkout repository - uses: actions/checkout@v6 - - # Initializes the CodeQL tools for scanning. - - name: Initialize CodeQL - uses: github/codeql-action/init@v4 - with: - languages: ${{ matrix.language }} - build-mode: ${{ matrix.build-mode }} - config-file: ./.github/codeql/codeql-config.yml - - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v4 - with: - category: "/language:${{matrix.language}}" diff --git a/docs/release.md b/docs/release.md index 3d7383f..bd2b575 100644 --- a/docs/release.md +++ b/docs/release.md @@ -22,23 +22,23 @@ cargo set-version 0.18.0 For simplicity, we keep the version number consistent across all crates in the repository. -Create a PR with these changes and merge it into the `dev` branch. +Create a PR with these changes and merge it into the `main` branch. ## Create a tag -When the `dev` branch has reached a state in which you want to release a new Cargo version, you should create a tag. Although you can do this from the GitHub releases page, we currently recommend doing the tag from the command line. Do so with the following commands: +When the `main` branch has reached a state in which you want to release a new Cargo version, you should create a tag. Although you can do this from the GitHub releases page, we currently recommend doing the tag from the command line. Do so with the following commands: ```bash git tag -a v0.18.0 -m "A brief description of the release" git push origin v0.18.0 # if you've named your git remote for the hyperlight-dev/hyperlight-js repo differently, change 'origin' to your remote name ``` ->Note: we'll use `v0.18.0` as the version for the above and all subsequent instructions. You should replace this with the version you're releasing. Make sure your version follows [SemVer](https://semver.org) conventions as closely as possible, and is prefixed with a `v` character. *In particular do not use a patch version unless you are patching an issue in a release branch, releases from dev should always be minor or major versions*. +>Note: we'll use `v0.18.0` as the version for the above and all subsequent instructions. You should replace this with the version you're releasing. Make sure your version follows [SemVer](https://semver.org) conventions as closely as possible, and is prefixed with a `v` character. *In particular do not use a patch version unless you are patching an issue in a release branch, releases from main should always be minor or major versions*. If you are creating a patch release see the instructions [here](#patching-a-release). ## Create a release branch (no manual steps) -After you push your new tag in the previous section, the ["Create a Release Branch"](https://github.com/hyperlight-dev/hyperlight-js/blob/dev/.github/workflows/CreateReleaseBranch.yml) CI job will automatically run. When this job completes, a new `release/v0.18.0` branch will be automatically created for you. +After you push your new tag in the previous section, the ["Create a Release Branch"](https://github.com/hyperlight-dev/hyperlight-js/blob/main/.github/workflows/CreateReleaseBranch.yml) CI job will automatically run. When this job completes, a new `release/v0.18.0` branch will be automatically created for you. ## Create a new GitHub release and publish the crates