Skip to content

chore: overhaul releasing workflow, supported frameworks#79

Merged
Justintime50 merged 8 commits intomasterfrom
new_releasing
Dec 5, 2025
Merged

chore: overhaul releasing workflow, supported frameworks#79
Justintime50 merged 8 commits intomasterfrom
new_releasing

Conversation

@Justintime50
Copy link
Copy Markdown
Member

@Justintime50 Justintime50 commented Dec 4, 2025
edited
Loading

Description

  • Copies the recent releasing workflow changes from the C# lib to this package verbatim (only changing EasyPost to EasyVCR).
  • Updates the supported C# frameworks to match the C# lib for easier maintenance (the other frameworks dropped are also very deprecated
  • Like the C# lib, switches actually testing this package on .NET Standard (not possible on Applie Silicon) to doing a compile test only on CI. Gets us the ultimate same results while unlocking the ability to test this package on Apple Silicon during local dev.

Testing

All CI tests pass.

Pull Request Type

Please select the option(s) that are relevant to this PR.

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • Improvement (fixing a typo, updating readme, renaming a variable name, etc)

github-advanced-security[bot]
github-advanced-security AI found potential problems Dec 4, 2025
View reviewed changes
Comment thread .github/workflows/ci.yml
Comment on lines +178 to +214
runs-on: windows-2022
steps:
- uses: actions/checkout@v5
with:
submodules: true

- name: Install .NET SDK
uses: actions/setup-dotnet@v5
id: setupid
with:
dotnet-version: 10.x.x

- name: Specify .NET SDK version to use since GitHub runners have multiple installed
run: |
echo '{"sdk":{"version": "${{ steps.setupid.outputs.dotnet-version }}"}}' > ./global.json

- name: Setup MSBuild
uses: microsoft/setup-msbuild@v2

- name: Setup Nuget
uses: NuGet/setup-nuget@v2

- name: Setup VSTest
uses: darenm/Setup-VSTest@v1.3

# Pull in fixtures submodule
- name: Set up dotnet tools and dependencies
run: make install

- name: Restore NuGet Packages
run: make restore build

# Run the compatibility tests
- name: Run Tests
run: make netstandard-compat-test FW=net472

FSharp_Compatibility:
FSharp_Compatibility_Tests:

Check warning

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {contents: read}

Copilot Autofix

AI 4 months ago

To fix this issue, we should add a permissions block specifying the minimal required permissions for all jobs. The CodeQL suggestion for a minimal starting point is contents: read. The best way to implement this is to add a permissions: section at the root level of the workflow, before the jobs: block. This will ensure all jobs inherit these limited permissions unless overridden at the job level. No other workflow functionality will be affected by limiting permissions to read-only, so this change is safe and applies across all jobs as a best practice.

Changes needed:

  • Edit .github/workflows/ci.yml.
  • Insert the following block after the workflow name (line 2 or 3), before the on: block: 
    permissions:
  contents: read
  • No additional imports, methods, or definitions are required; this is a declarative change in a YAML file.
Suggested changeset 1
.github/workflows/ci.yml

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -1,5 +1,7 @@
 name: CI
 
+permissions:
+  contents: read
 on:
   push:
     branches: [master]
EOF
@@ -1,5 +1,7 @@
name: CI

permissions:
contents: read
on:
push:
branches: [master]
Copilot is powered by AI and may make mistakes. Always verify output.
@Justintime50 Justintime50 marked this pull request as ready for review December 4, 2025 19:30
@Justintime50 Justintime50 requested review from a team as code owners December 4, 2025 19:30
@Justintime50 Justintime50 merged commit 94d3507 into master Dec 5, 2025
15 checks passed
@Justintime50 Justintime50 deleted the new_releasing branch December 5, 2025 17:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ranebo ranebo ranebo approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@Justintime50 @ranebo @github-advanced-security