Skip to content

Releases: hrvey/combine-prs-workflow

1.3.1 - Tweak run UI options and explanations

15 Mar 10:29
@martingjaldbaek martingjaldbaek
1.3.1
0db0c4b
Compare
Choose a tag to compare
1.3.1 - Tweak run UI options and explanations Latest
Latest
  • Turn "mustBeGreen" into a boolean, so we get a nice checkbox instead of a text field.
  • Add better explanation to set mustBeGreen to false if repo does not run checks.
Assets 2

1.3.0 - Better merge-conflict handling and new PR status API.

20 Sep 08:57
@martingjaldbaek martingjaldbaek
1.3.0
f0870b5
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
1.3.0 - Better merge-conflict handling and new PR status API.
  • Better merge conflict handling: Instead of failing when there's merge conflicts, the workflow now recovers gracefully and just merges as many PRs as it can, and lists which PRs were not included due to merge conflicts.
    • This should make the workflow much more "hands off" to use, since you don't need to manually exclude problematic branches with the exclude label.
    • In my own testing, with ~20 PRs, just running the workflow twice was enough to get everything merged.
    • Note that the workflow no longer does "octopus" merges (merging many branches with a single merge commit) in order to be able to recover if any individual merge fails.
  • Switched to using the StatusRollUp field in the GitHub GraphQL API to check the state of the branch (it doesn't look like this is part of the GitHub REST API).
    • This combines statuses from both GitHub Actions CI and external CI, so the workflow now supports both out of the box.
    • This was one of the most requested features, so should make a lot of people happy.
Assets 2

1.2.0 - Security Fix: Safer branch name handling

29 Jul 15:43
@martingjaldbaek martingjaldbaek
1.2.0
e7bf745
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
1.2.0 - Security Fix: Safer branch name handling

Security Fix: Since branch names can contain shell escape characters, it was previously possible for a PR with a maliciously crafted branch name to be used to inject shell commands, which could for example be used to leak the Token (with write permissions to the repo) used by the Github Action. Note that this attack vector was only possible if the attacker could open PRs in the repository (i.e. in public/open source repos).

Props to RyotaK for reporting the vulnerability, and supplying a fix.

Assets 2

1.1.0 - Exclude label

16 Mar 15:25
@martingjaldbaek martingjaldbaek
1.1.0
eaf5b29
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
1.1.0 - Exclude label

Added the option to exclude PRs with a specific label (by default this is 'nocombine'). Handy for example if you get merge conflicts with a single PR out of several, so you can still combine all the others after excluding the culprit.

Assets 2

v1.0.0

09 Oct 11:58
@martingjaldbaek martingjaldbaek
v1.0.0
b5c34c6
Compare
Choose a tag to compare
v1.0.0 
Add images to readme
Assets 2