Replaces every floating tag in our workflow and composite action files
with an immutable 40-character commit SHA, keeping the original `# vX`
comment so Dependabot can still propose version bumps. 186 occurrences
across 25 workflows and 2 composite actions.
Also widens the github-actions Dependabot entry to use the plural
`directories` key with `/.github/actions/*` so composite actions under
`.github/actions/<name>/action.yml` are kept up to date. Previously
Dependabot only scanned `.github/workflows` and the repo-root
`action.yml`, leaving our `python-setup` and `sample-validation-setup`
composite actions unmaintained.
* move all tests under tests and initial work on int tests
* added updated tests setup and merge tests
* without failing step
* fixed upload
* updated file names for coverage
* reenable surface tests
* removed package matrix
* simplified variables
* correct path
* removed mistake
* fix mistake in path
* fix path
* windows specific env set
* updated merge tests
* slight update in marker
* added run integration tests settings
* updated setup, moved foundry int tests and updated merge test
Eduard van Valkenburg
·
2025-07-22 15:26:00 +00:00