build-push-action icon indicating copy to clipboard operation
build-push-action copied to clipboard
verified publisher icon docker

chore(deps): Bump @docker/actions-toolkit from 0.62.1 to 0.67.0

Open dependabot[bot] opened this issue 1 month ago • 0 comments

Bumps @docker/actions-toolkit from 0.62.1 to 0.67.0.

Release notes

Sourced from @​docker/actions-toolkit's releases.

v0.67.0

Full Changelog: https://github.com/docker/actions-toolkit/compare/v0.66.0...v0.67.0

v0.66.0

Full Changelog: https://github.com/docker/actions-toolkit/compare/v0.65.0...v0.66.0

v0.65.0

Full Changelog: https://github.com/docker/actions-toolkit/compare/v0.64.0...v0.65.0

v0.64.0

Full Changelog: https://github.com/docker/actions-toolkit/compare/v0.63.0...v0.64.0

v0.63.0

Full Changelog: https://github.com/docker/actions-toolkit/compare/v0.62.1...v0.63.0

Commits
  • 7ee6338 Merge pull request #844 from docker/dependabot/npm_and_yarn/sigstore/sign-4.0.1
  • 9c71407 build(deps): bump @​sigstore/sign from 3.1.0 to 4.0.1
  • 7cb0fac Merge pull request #840 from docker/dependabot/npm_and_yarn/sigstore/bundle-4...
  • 9b9d27d build(deps): bump @​sigstore/bundle from 3.1.0 to 4.0.0
  • a84516d Merge pull request #843 from crazy-max/rm-actions-attest
  • 85dfc7a sigstore: remove @​actions/attest dependency
  • 5c04d39 Merge pull request #842 from crazy-max/cache-failsafe
  • d8def31 cache: gracefully handle cache restore failures with warning
  • 7ab28f9 Merge pull request #841 from crazy-max/sigstore-multi-images
  • 6bd8db3 sigstore: multi image names support for signing
  • Additional commits viewable in compare view

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

dependabot[bot] avatar Nov 06 '25 11:11 dependabot[bot]

Thanks for making a pull request to jupyterlab! To try out this branch on binder, follow this link: Binder

jupyterlab-probot[bot] avatar Nov 20 '25 10:11 jupyterlab-probot[bot]

Nice, thanks!

Since it's a pretty big change (300+ changed files), maybe we should target 4.6.0 just to be sure?

Unless folks are confident this could be part of 4.5.x. If it's part of 4.6.0, hopefully backporting other PRs to 4.5.x will not be too painful, since this mostly affects imports at the top of files.

jtpio avatar Nov 26 '25 17:11 jtpio

@martinRenou there are a couple of conflicts to fix after the merge of https://github.com/jupyterlab/jupyterlab/pull/18073.

Then, we should probably get this merged into main right after.

jtpio avatar Dec 02 '25 09:12 jtpio

Just curious, will eslint automatically fix this issue now with the pre-commit hooks?

jasongrout avatar Dec 05 '25 10:12 jasongrout

To regenerate this PR, or I think to update any other PR to not conflict with this, apply this patch:

diff --git a/.eslintrc.js b/.eslintrc.js
index ef3ed4b4ed..730f38dd30 100644
--- a/.eslintrc.js
+++ b/.eslintrc.js
@@ -86,6 +86,13 @@ module.exports = {
     '@typescript-eslint/triple-slash-reference': 'warn',
     '@typescript-eslint/no-inferrable-types': 'off',
     '@typescript-eslint/switch-exhaustiveness-check': 'error',
+    '@typescript-eslint/consistent-type-imports': [
+      'error',
+      {
+        prefer: 'type-imports',
+        fixStyle: 'separate-type-imports'
+      }
+    ],
     camelcase: [
       'error',
       {
diff --git a/packages/codemirror/src/language.ts b/packages/codemirror/src/language.ts
index b5ac741707..1da94b9ba8 100644
--- a/packages/codemirror/src/language.ts
+++ b/packages/codemirror/src/language.ts
@@ -1,6 +1,7 @@
 // Copyright (c) Jupyter Development Team.
 // Distributed under the terms of the Modified BSD License.
 
+import type * as SQLModule from '@codemirror/lang-sql';
 import {
   LanguageDescription,
   LanguageSupport,
@@ -286,7 +287,7 @@ export namespace EditorLanguageRegistry {
    * @returns Language object
    */
   async function sql(
-    dialectName: keyof typeof import('@codemirror/lang-sql')
+    dialectName: keyof typeof SQLModule
   ): Promise<LanguageSupport> {
     const m = await import('@codemirror/lang-sql');
     return m.sql({ dialect: (m as any)[dialectName] });

You can apply the patch by copying it to your clipboard, then doing

cat | git apply

then pasting the contents of the clipboard. If you are on a mac, you should instead be able to do pbpaste | git apply, or a similar command on linux like wl-paste | git apply.

Then run jlpm run eslint, then commit three times. In the first commit attempt, the precommit hook will fix all of the type imports, which prevents the commit from happening, then the second time prettier fixes up some files, which again prevents the commit from happening, and then the third time the commit actually happens.

jlpm run eslint
git commit -am "Update eslint config to enforce type imports"
git commit -am "Update eslint config to enforce type imports"
git commit -am "Update eslint config to enforce type imports"

jasongrout avatar Dec 13 '25 13:12 jasongrout

According to jlpm run build:prod:minimize:doctor, the bundle size does not change before/after this patch:

image

jasongrout avatar Dec 13 '25 13:12 jasongrout

I force-pushed an update where I reset to origin/main, then followed my instructions above. @martinRenou - I set the coauthor to you to preserve credit. I think this pulls in all of your changes, and it tests the instructions above.

For the record, Martin's last commit was 1a9c08ef9c18112dd8866a11687fa3db01dfd6d8. I made a coauthored commit by doing:

git commit -am "Update eslint config to enforce type imports" -m "" -m "Co-authored-by: martinRenou <[email protected]>"

jasongrout avatar Dec 13 '25 13:12 jasongrout

Playing with this a bit, I think I wouldn't be opposed to backporting this (or making the same change) to 4.5. It looks like the changes are almost all automated fixes, and it probably would make backporting easier. I'd suggest waiting until there are evident backporting pains before doing so, though.

jasongrout avatar Dec 13 '25 13:12 jasongrout

I pasted my update instructions in the original description to make it easier to find, especially since github is now hiding the relevant comment.

jasongrout avatar Dec 13 '25 13:12 jasongrout

My thought on merging this: let's see what we can do to get the merge queue down in the next week or so by merging PRs, then merge this. That cuts down on the number of PRs we'd need to update and makes it easier to backport any PRs to 4.5, then we can easily update this PR and merge.

jasongrout avatar Dec 13 '25 14:12 jasongrout