Skip to content

Fix release note extraction from Git tag annotation #1120

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
May 14, 2025
Merged

Fix release note extraction from Git tag annotation #1120

merged 1 commit into from
May 14, 2025

Conversation

seifertm
Copy link
Contributor

Closes #1113

@seifertm seifertm added this to the v1.0 milestone May 14, 2025
@seifertm seifertm requested review from asvetlov and Tinche as code owners May 14, 2025 04:37
@seifertm seifertm changed the title Fixed release note extraction from Git tag annotation Fix release note extraction from Git tag annotation May 14, 2025
@seifertm seifertm added this pull request to the merge queue May 14, 2025
Merged via the queue into pytest-dev:main with commit dd0fac9 May 14, 2025
18 of 19 checks passed
@seifertm seifertm deleted the fix-release-note-extraction-from-git-tag branch May 14, 2025 04:59
@codecov-commenter
Copy link

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 89.93%. Comparing base (0de9ba0) to head (3731094).
Report is 7 commits behind head on main.

Additional details and impacted files 
@@           Coverage Diff           @@
##             main    #1120   +/-   ##
=======================================
  Coverage   89.93%   89.93%           
=======================================
  Files           2        2           
  Lines         447      447           
  Branches       53       53           
=======================================
  Hits          402      402           
  Misses         30       30           
  Partials       15       15

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@webknjaz
Copy link
Member

It'd be good to integrate zizmor...

@seifertm
Copy link
Contributor Author

@webknjaz Agreed!

I followed up with 2adcf52.

@webknjaz
Copy link
Member

@seifertm that still allows command injection just the same. The solution is to replace GH-level templating w/ Bash interpolation.

@webknjaz
Copy link
Member

I made a zizmor workflow recently. Here's how to integrate it: https://github.com/aio-libs/aiobotocore/pull/1355/files#diff-662dff05c7dfe6681c1007ae601e8573d413a03f9f9d53d951c2cb99caba4fd4R72

@seifertm
Copy link
Contributor Author

@seifertm that still allows command injection just the same. The solution is to replace GH-level templating w/ Bash interpolation.

Right… Due to the Github template interpolation, you could insert " and escape the quoting. Thanks for pointing that out @webknjaz !

According to the docs on default environment variables, we can simply use the GITHUB_REF env variable. This eliminates the Github template expression entirely: 0688d17

@webknjaz
Copy link
Member

Yep, for many simple things there's built-in env vars. For some, you might need to compute and put those into env vars. Note that in some contexts (like nested composite actions), some of the env vars may be borked, though.

@seifertm seifertm restored the fix-release-note-extraction-from-git-tag branch May 15, 2025 05:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@asvetlov asvetlov Awaiting requested review from asvetlov asvetlov is a code owner

@Tinche Tinche Awaiting requested review from Tinche Tinche is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
v1.0
Development

Successfully merging this pull request may close these issues.

Empty release notes when extracting from Git tag
3 participants
@seifertm @codecov-commenter @webknjaz