fix(ci): replace softprops/action-gh-release with gh CLI#98
Merged
Conversation
Resolves zizmor superfluous-actions alert by replacing the third-party action with the built-in gh CLI. Also removes the unused upload_url output.
Merged
naa0yama
pushed a commit
that referenced
this pull request
Mar 16, 2026
<!-- Release notes generated using configuration in .github/release.yml at main --> ## What's Changed ### Documentation 🗒️ * refactor(skills): apply boilerplate-rust template to skills hierarchy by @naa0yama in #91 ### Dependency Updates 📦 * chore(deps): update taiki-e/install-action action to v2.68.1 by @renovate[bot] in #45 * chore(deps): update taiki-e/install-action action to v2.68.2 by @renovate[bot] in #47 * chore(deps): update dependency usage to v2.17.4 by @renovate[bot] in #48 * chore(deps): update taiki-e/install-action action to v2.68.3 by @renovate[bot] in #50 * chore(deps): update taiki-e/install-action action to v2.68.4 by @renovate[bot] in #51 * chore(deps): update github/codeql-action action to v4.32.4 by @renovate[bot] in #52 * chore(deps): update taiki-e/install-action action to v2.68.5 by @renovate[bot] in #53 * chore(deps): update taiki-e/install-action action to v2.68.6 by @renovate[bot] in #54 * chore(deps): update taiki-e/install-action action to v2.68.7 by @renovate[bot] in #55 * chore(deps): update actions/attest-build-provenance action to v3 by @renovate[bot] in #13 * chore(deps): update taiki-e/install-action action to v2.68.8 by @renovate[bot] in #58 * chore(deps): update jdx/mise-action digest to e79ddf6 by @renovate[bot] in #59 * chore(deps): update rust crate tempfile to v3.26.0 by @renovate[bot] in #61 * chore(deps): update taiki-e/install-action action to v2.68.9 by @renovate[bot] in #65 * chore(deps): update dependency usage to v2.18.1 by @renovate[bot] in #64 * chore(deps): update songmu/tagpr action to v1.17.1 by @renovate[bot] in #66 * chore(deps): update taiki-e/install-action action to v2.68.10 by @renovate[bot] in #68 * chore(deps): update taiki-e/install-action action to v2.68.11 by @renovate[bot] in #69 * chore(deps): update taiki-e/install-action action to v2.68.12 by @renovate[bot] in #70 * chore(deps): update all action update by @renovate[bot] in #71 * chore(deps): update taiki-e/install-action action to v2.68.14 by @renovate[bot] in #72 * chore(deps): update taiki-e/install-action action to v2.68.15 by @renovate[bot] in #73 * chore(deps): update actions-rust-lang/setup-rust-toolchain action to v1.15.3 by @renovate[bot] in #74 * chore(deps): update dependency usage to v2.18.2 by @renovate[bot] in #75 * chore(deps): update taiki-e/install-action action to v2.68.16 by @renovate[bot] in #76 * chore(deps): update github/codeql-action action to v4.32.5 by @renovate[bot] in #78 * chore(deps): update taiki-e/install-action action to v2.68.17 by @renovate[bot] in #79 * chore(deps): update dependency github:rust-secure-code/cargo-auditable to v0.7.3 by @renovate[bot] in #80 * chore(deps): update taiki-e/install-action action to v2.68.18 by @renovate[bot] in #81 * chore(deps): update rust docker tag to v1.93.1 by @renovate[bot] in #82 * chore(deps): update taiki-e/install-action action to v2.68.19 by @renovate[bot] in #85 * chore(deps): update github/codeql-action action to v4.32.6 by @renovate[bot] in #86 * chore(deps): update taiki-e/install-action action to v2.68.20 by @renovate[bot] in #87 * chore(deps): update taiki-e/install-action action to v2.68.21 by @renovate[bot] in #88 * chore(deps): update taiki-e/install-action action to v2.68.22 by @renovate[bot] in #89 * chore(deps): update taiki-e/install-action action to v2.68.23 by @renovate[bot] in #90 * chore(deps): update dependency github:rust-secure-code/cargo-auditable to v0.7.4 by @renovate[bot] in #83 * chore(deps): update dependency aqua:ast-grep/ast-grep to v0.41.0 by @renovate[bot] in #57 * chore(deps): update dependency dprint to v0.52.0 by @renovate[bot] in #67 * chore(deps): update all action update (major) by @renovate[bot] in #60 * chore(deps): update all action update by @renovate[bot] in #94 * chore(deps): update taiki-e/install-action action to v2.68.25 by @renovate[bot] in #95 * chore(deps): update zizmorcore/zizmor-action action to v0.5.2 by @renovate[bot] in #96 ### Other Changes * chore: backport-2 by @naa0yama in #56 * feat(deps): cargo target cleanup by @naa0yama in #62 * chore: claude skills update by @naa0yama in #63 * Change command to postVersionCommand in .tagpr by @naa0yama in #77 * Update PATH export logic in Dockerfile by @naa0yama in #84 * Update postStartCommand.sh by @naa0yama in #92 * Update initializeCommand.sh by @naa0yama in #93 * fix(otel): harden tracing to prevent sensitive data leakage by @naa0yama in #97 * fix(ci): replace softprops/action-gh-release with gh CLI by @naa0yama in #98 * Update release.yml by @naa0yama in #99 **Full Changelog**: v0.3.0...tagpr-from-v0.3.0 --------- Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
naa0yama
pushed a commit
that referenced
this pull request
Mar 16, 2026
<!-- Release notes generated using configuration in .github/release.yml at main --> ## What's Changed ### Documentation 🗒️ * refactor(skills): apply boilerplate-rust template to skills hierarchy by @naa0yama in #91 ### Dependency Updates 📦 * chore(deps): update rust crate tempfile to v3.26.0 by @renovate[bot] in #61 ### Development Environment 🔧 * chore(deps): update taiki-e/install-action action to v2.68.1 by @renovate[bot] in #45 * chore(deps): update taiki-e/install-action action to v2.68.2 by @renovate[bot] in #47 * chore(deps): update dependency usage to v2.17.4 by @renovate[bot] in #48 * chore(deps): update taiki-e/install-action action to v2.68.3 by @renovate[bot] in #50 * chore(deps): update taiki-e/install-action action to v2.68.4 by @renovate[bot] in #51 * chore(deps): update github/codeql-action action to v4.32.4 by @renovate[bot] in #52 * chore(deps): update taiki-e/install-action action to v2.68.5 by @renovate[bot] in #53 * chore(deps): update taiki-e/install-action action to v2.68.6 by @renovate[bot] in #54 * chore(deps): update taiki-e/install-action action to v2.68.7 by @renovate[bot] in #55 * chore: backport-2 by @naa0yama in #56 * chore(deps): update actions/attest-build-provenance action to v3 by @renovate[bot] in #13 * chore(deps): update taiki-e/install-action action to v2.68.8 by @renovate[bot] in #58 * chore(deps): update jdx/mise-action digest to e79ddf6 by @renovate[bot] in #59 * feat(deps): cargo target cleanup by @naa0yama in #62 * chore(deps): update taiki-e/install-action action to v2.68.9 by @renovate[bot] in #65 * chore(deps): update dependency usage to v2.18.1 by @renovate[bot] in #64 * chore(deps): update songmu/tagpr action to v1.17.1 by @renovate[bot] in #66 * chore(deps): update taiki-e/install-action action to v2.68.10 by @renovate[bot] in #68 * chore(deps): update taiki-e/install-action action to v2.68.11 by @renovate[bot] in #69 * chore(deps): update taiki-e/install-action action to v2.68.12 by @renovate[bot] in #70 * chore(deps): update all action update by @renovate[bot] in #71 * chore(deps): update taiki-e/install-action action to v2.68.14 by @renovate[bot] in #72 * chore(deps): update taiki-e/install-action action to v2.68.15 by @renovate[bot] in #73 * chore(deps): update actions-rust-lang/setup-rust-toolchain action to v1.15.3 by @renovate[bot] in #74 * chore(deps): update dependency usage to v2.18.2 by @renovate[bot] in #75 * chore(deps): update taiki-e/install-action action to v2.68.16 by @renovate[bot] in #76 * chore(deps): update github/codeql-action action to v4.32.5 by @renovate[bot] in #78 * chore(deps): update taiki-e/install-action action to v2.68.17 by @renovate[bot] in #79 * chore(deps): update dependency github:rust-secure-code/cargo-auditable to v0.7.3 by @renovate[bot] in #80 * chore(deps): update taiki-e/install-action action to v2.68.18 by @renovate[bot] in #81 * chore(deps): update rust docker tag to v1.93.1 by @renovate[bot] in #82 * chore(deps): update taiki-e/install-action action to v2.68.19 by @renovate[bot] in #85 * Update PATH export logic in Dockerfile by @naa0yama in #84 * chore(deps): update github/codeql-action action to v4.32.6 by @renovate[bot] in #86 * chore(deps): update taiki-e/install-action action to v2.68.20 by @renovate[bot] in #87 * chore(deps): update taiki-e/install-action action to v2.68.21 by @renovate[bot] in #88 * chore(deps): update taiki-e/install-action action to v2.68.22 by @renovate[bot] in #89 * chore(deps): update taiki-e/install-action action to v2.68.23 by @renovate[bot] in #90 * chore(deps): update dependency github:rust-secure-code/cargo-auditable to v0.7.4 by @renovate[bot] in #83 * chore(deps): update dependency aqua:ast-grep/ast-grep to v0.41.0 by @renovate[bot] in #57 * chore(deps): update dependency dprint to v0.52.0 by @renovate[bot] in #67 * chore(deps): update all action update (major) by @renovate[bot] in #60 * chore(deps): update all action update by @renovate[bot] in #94 * chore(deps): update taiki-e/install-action action to v2.68.25 by @renovate[bot] in #95 * chore(deps): update zizmorcore/zizmor-action action to v0.5.2 by @renovate[bot] in #96 * fix(ci): fix release build and changelog label categorisation by @naa0yama in #100 * fix(ci): allow tagpr workflow to run on workflow_dispatch by @naa0yama in #102 * fix(ci): upload assets to tagpr-created release instead of creating a new one by @naa0yama in #104 ### Other Changes * chore: claude skills update by @naa0yama in #63 * Change command to postVersionCommand in .tagpr by @naa0yama in #77 * Update postStartCommand.sh by @naa0yama in #92 * Update initializeCommand.sh by @naa0yama in #93 * fix(otel): harden tracing to prevent sensitive data leakage by @naa0yama in #97 * fix(ci): replace softprops/action-gh-release with gh CLI by @naa0yama in #98 * Update release.yml by @naa0yama in #99 **Full Changelog**: v0.3.0...tagpr-from-v0.3.0 --------- Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
概要
softprops/action-gh-releaseをgh release createCLI に置換superfluous-actions) を解消upload_urloutput を削除--verify-tagでタグ存在の事前確認、shopt -s failglobでfail_on_unmatched_files相当の安全策を追加GH_TOKEN環境変数でghCLI に認証を渡す方式に変更テスト計画
workflow_dispatchでdraft: trueを指定してドラフトリリースを手動作成