Skip to content

Bump github/codeql-action from 3 to 4 #50

Bump github/codeql-action from 3 to 4

Bump github/codeql-action from 3 to 4 #50

Workflow file for this run

---
# Lock/Unlock Deps Pattern
#
# Two often conflicting goals resolved!
#
# - unlocked_deps.yml
# - All runtime & dev dependencies, but does not have a `gemfiles/*.gemfile.lock` committed
# - Uses an Appraisal2 "unlocked_deps" gemfile, and the current MRI Ruby release
# - Know when new dependency releases will break local dev with unlocked dependencies
# - Broken workflow indicates that new releases of dependencies may not work
#
# - locked_deps.yml
# - All runtime & dev dependencies, and has a `Gemfile.lock` committed
# - Uses the project's main Gemfile, and the current MRI Ruby release
# - Matches what contributors and maintainers use locally for development
# - Broken workflow indicates that a new contributor will have a bad time
#
name: Deps Unlocked
permissions:
contents: read
env:
K_SOUP_COV_DO: false
on:
push:
branches:
- 'main'
- '*-stable'
tags:
- '!*' # Do not execute on tags
pull_request:
branches:
- '*'
# Allow manually triggering the workflow.
workflow_dispatch:
# Cancels all previous workflow runs for the same branch that have not yet completed.
concurrency:
# The concurrency group contains the workflow name and the branch name.
group: "${{ github.workflow }}-${{ github.ref }}"
cancel-in-progress: true
jobs:
test:
if: "!contains(github.event.commits[0].message, '[ci skip]') && !contains(github.event.commits[0].message, '[skip ci]')"
name: Default rake task w/ unlocked deps ${{ matrix.name_extra || '' }}
runs-on: ubuntu-latest
continue-on-error: ${{ matrix.experimental || endsWith(matrix.ruby, 'head') }}
env: # $BUNDLE_GEMFILE must be set at job level, so it is set for all steps
BUNDLE_GEMFILE: ${{ github.workspace }}/${{ matrix.gemfile }}.gemfile
strategy:
matrix:
include:
# Ruby <whichever version is current, e.g., 3.4 as of 2025-07-12>
- ruby: "ruby"
appraisal_name: "unlocked_deps"
exec_cmd: "rake"
gemfile: "Appraisal.root"
rubygems: latest
bundler: latest
steps:
- name: Checkout
uses: actions/checkout@v5
- name: Setup Ruby & RubyGems
uses: ruby/setup-ruby@v1
with:
ruby-version: ${{ matrix.ruby }}
rubygems: ${{ matrix.rubygems }}
bundler: ${{ matrix.bundler }}
bundler-cache: false
# Raw `bundle` will use the BUNDLE_GEMFILE set to matrix.gemfile (i.e. Appraisal.root)
# We need to do this first to get appraisal installed.
# NOTE: This does not use the primary Gemfile at all.
- name: Install Root Appraisal
run: bundle
- name: Appraisal for ${{ matrix.ruby }}@${{ matrix.appraisal_name }}
run: bundle exec appraisal ${{ matrix.appraisal_name }} bundle
- name: Run ${{ matrix.exec_cmd }} on ${{ matrix.ruby }}@${{ matrix.appraisal_name }}
run: bundle exec appraisal ${{ matrix.appraisal_name }} bundle exec ${{ matrix.exec_cmd }}