softwaremill
diff --git a/‎.github/labeler.yml‎
Lines changed: 2 additions & 2 deletions b/‎.github/labeler.yml‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎.github/release-drafter.yml‎
Lines changed: 1 addition & 1 deletion b/‎.github/release-drafter.yml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/ci.yml‎
Lines changed: 30 additions & 52 deletions b/‎.github/workflows/ci.yml‎
Lines changed: 30 additions & 52 deletions
diff --git a/‎.github/workflows/scala-steward.yml‎
Lines changed: 9 additions & 18 deletions b/‎.github/workflows/scala-steward.yml‎
Lines changed: 9 additions & 18 deletions
diff --git a/‎.gitignore‎
Lines changed: 3 additions & 1 deletion b/‎.gitignore‎
Lines changed: 3 additions & 1 deletion
@@ -1,14 +1,14 @@
 version: 1
 labels:
  - label: "automerge"
- authors: ["softwaremill-ci"]
+ authors: ["github-actions[bot]"]
  files:
  - ".scalafmt.conf"
  - "build.sbt"
  - "project/build.properties"
  - "project/plugins.sbt"
  - label: "dependency"
- authors: ["softwaremill-ci"]
+ authors: ["github-actions[bot]"]
  files:
  - ".scalafmt.conf"
  - "build.sbt"
 
@@ -1,4 +1,4 @@
 template: |
- ## What’s Changed
+ ## What's Changed
 
  $CHANGES
@@ -4,14 +4,17 @@ on:
  push:
  branches: ['**']
  tags: [v*]
+permissions:
+ contents: write # release-drafter, auto-merge requirement
+ pull-requests: write # labeler, auto-merge requirement
 jobs:
  ci-2-12:
- # run on 1) push, 2) external PRs, 3) softwaremill-ci PRs
+ # run on 1) push, 2) external PRs, 3) github-actions[bot] PRs
  # do not run on internal, non-steward PRs since those will be run by push to branch
  if: |
  github.event_name == 'push' ||
  github.event.pull_request.head.repo.full_name != github.repository ||
- github.event.pull_request.user.login == 'softwaremill-ci'
+ github.event.pull_request.user.login == 'github-actions[bot]'
  runs-on: ubuntu-24.04
  env:
  scala: 2.12
@@ -21,7 +24,7 @@ jobs:
  uses: actions/checkout@v2
 
  - name: Set up SBT
- uses: sbt/setup-sbt@v1
+ uses: sbt/setup-sbt@3e125ece5c3e5248e18da9ed8d2cce3d335ec8dd # v1, specifically v1.1.14
 
  - name: Set up JDK
  uses: actions/setup-java@v4
@@ -48,12 +51,12 @@ jobs:
  run: SCALA_MAJOR_VERSION=${{ env.scala }} sbt "root/testOnly * -- -l org.elasticmq.rest.sqs.Only213"
 
  ci-2-13:
- # run on 1) push, 2) external PRs, 3) softwaremill-ci PRs
+ # run on 1) push, 2) external PRs, 3) github-actions[bot] PRs
  # do not run on internal, non-steward PRs since those will be run by push to branch
  if: |
  github.event_name == 'push' ||
  github.event.pull_request.head.repo.full_name != github.repository ||
- github.event.pull_request.user.login == 'softwaremill-ci'
+ github.event.pull_request.user.login == 'github-actions[bot]'
  runs-on: ubuntu-24.04
  env:
  scala: 2.13
@@ -63,7 +66,7 @@ jobs:
  uses: actions/checkout@v2
 
  - name: Set up SBT
- uses: sbt/setup-sbt@v1
+ uses: sbt/setup-sbt@3e125ece5c3e5248e18da9ed8d2cce3d335ec8dd # v1, specifically v1.1.14
 
  - name: Set up JDK
  uses: actions/setup-java@v4
@@ -90,12 +93,12 @@ jobs:
  run: SCALA_MAJOR_VERSION=${{ env.scala }} sbt root/test
 
  ci-3:
- # run on 1) push, 2) external PRs, 3) softwaremill-ci PRs
+ # run on 1) push, 2) external PRs, 3) github-actions[bot] PRs
  # do not run on internal, non-steward PRs since those will be run by push to branch
  if: |
  github.event_name == 'push' ||
  github.event.pull_request.head.repo.full_name != github.repository ||
- github.event.pull_request.user.login == 'softwaremill-ci'
+ github.event.pull_request.user.login == 'github-actions[bot]'
  runs-on: ubuntu-24.04
  env:
  scala: 3
@@ -105,7 +108,7 @@ jobs:
  uses: actions/checkout@v2
 
  - name: Set up SBT
- uses: sbt/setup-sbt@v1
+ uses: sbt/setup-sbt@3e125ece5c3e5248e18da9ed8d2cce3d335ec8dd # v1, specifically v1.1.14
 
  - name: Set up JDK
  uses: actions/setup-java@v4
@@ -132,12 +135,12 @@ jobs:
  run: SCALA_MAJOR_VERSION=${{ env.scala }} sbt root/test
 
  ci-native-image-agent-config-verification:
- # run on 1) push, 2) external PRs, 3) softwaremill-ci PRs
+ # run on 1) push, 2) external PRs, 3) github-actions[bot] PRs
  # do not run on internal, non-steward PRs since those will be run by push to branch
  if: |
  github.event_name == 'push' ||
  github.event.pull_request.head.repo.full_name != github.repository ||
- github.event.pull_request.user.login == 'softwaremill-ci'
+ github.event.pull_request.user.login == 'github-actions[bot]'
  runs-on: ubuntu-24.04
  env:
  scala: 2.13
@@ -147,7 +150,7 @@ jobs:
  uses: actions/checkout@v2
 
  - name: Set up SBT
- uses: sbt/setup-sbt@v1
+ uses: sbt/setup-sbt@3e125ece5c3e5248e18da9ed8d2cce3d335ec8dd # v1, specifically v1.1.14
 
  - name: Set up JDK
  uses: actions/setup-java@v4
@@ -201,12 +204,12 @@ jobs:
  fi
 
  ci-docker:
- # run on 1) push, 2) external PRs, 3) softwaremill-ci PRs
+ # run on 1) push, 2) external PRs, 3) github-actions[bot] PRs
  # do not run on internal, non-steward PRs since those will be run by push to branch
  if: |
  github.event_name == 'push' ||
  github.event.pull_request.head.repo.full_name != github.repository ||
- github.event.pull_request.user.login == 'softwaremill-ci'
+ github.event.pull_request.user.login == 'github-actions[bot]'
  runs-on: ubuntu-24.04
  env:
  scala: 2.13
@@ -216,7 +219,7 @@ jobs:
  uses: actions/checkout@v2
 
  - name: Set up SBT
- uses: sbt/setup-sbt@v1
+ uses: sbt/setup-sbt@3e125ece5c3e5248e18da9ed8d2cce3d335ec8dd # v1, specifically v1.1.14
 
  - name: Set up JDK
  uses: actions/setup-java@v4
@@ -256,7 +259,7 @@ jobs:
  uses: actions/checkout@v2
 
  - name: Set up SBT
- uses: sbt/setup-sbt@v1
+ uses: sbt/setup-sbt@3e125ece5c3e5248e18da9ed8d2cce3d335ec8dd # v1, specifically v1.1.14
 
  - name: Set up JDK
  uses: actions/setup-java@v4
@@ -300,7 +303,7 @@ jobs:
 
  - name: Publish release notes
  id: create_release
- uses: release-drafter/release-drafter@v5
+ uses: release-drafter/release-drafter@b1476f6e6eb133afa41ed8589daba6dc69b4d3f5 # v6, specifically v6.1.0
  with:
  config-name: release-drafter.yml
  publish: true
@@ -329,7 +332,7 @@ jobs:
  uses: actions/checkout@v2
 
  - name: Set up SBT
- uses: sbt/setup-sbt@v1
+ uses: sbt/setup-sbt@3e125ece5c3e5248e18da9ed8d2cce3d335ec8dd # v1, specifically v1.1.14
 
  - name: Set up JDK
  uses: actions/setup-java@v4
@@ -351,7 +354,7 @@ jobs:
  key: ${{ runner.os }}-sbt-release-${{ hashFiles('**/build.sbt') }}
 
  - name: Login to DockerHub
- uses: docker/login-action@v1
+ uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3, specifically v3.6.0
  with:
  username: ${{ secrets.DOCKERHUB_USERNAME }}
  password: ${{ secrets.DOCKERHUB_TOKEN }}
@@ -362,40 +365,15 @@ jobs:
  - name: Publish JVM native docker image
  run: sbt "project nativeServer; assembly; Docker / publish"
 
- # `automerge` label is attached iff there is exactly one file changed by steward and this file belongs to a
- # whitelist specified by `labeler.yml`
  label:
- name: Attach automerge label
- # only for PRs by softwaremill-ci
- if: github.event.pull_request.user.login == 'softwaremill-ci'
- runs-on: ubuntu-24.04
- steps:
- - uses: actions/checkout@v3
- with:
- fetch-depth: 2
- # count number of files changed
- - name: Count number of files changed
- id: count-changed-files
- run: |
- N=$(git diff --name-only -r HEAD^1 HEAD | wc -w)
- echo "changed_files_num=$N" >> $GITHUB_OUTPUT
- - name: Launch labeler
- # skip if more than one file changed
- if: steps.count-changed-files.outputs.changed_files_num == 1
- uses: srvaroa/labeler@master
- env:
- GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
+ # only for PRs by github-actions[bot]
+ if: github.event.pull_request.user.login == 'github-actions[bot]'
+ uses: softwaremill/github-actions-workflows/.github/workflows/label.yml@main
+ secrets: inherit
 
  auto-merge:
- name: Auto merge
- # only for PRs by softwaremill-ci
- if: github.event.pull_request.user.login == 'softwaremill-ci'
+ # only for PRs by github-actions[bot]
+ if: github.event.pull_request.user.login == 'github-actions[bot]'
  needs: [ci-2-12, ci-2-13, ci-3, ci-docker, ci-native-image-agent-config-verification, label]
- runs-on: ubuntu-24.04
- steps:
- - id: automerge
- name: automerge
- uses: "pascalgn/automerge-action@v0.15.6"
- env:
- GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
- MERGE_METHOD: "squash"
+ uses: softwaremill/github-actions-workflows/.github/workflows/auto-merge.yml@main
+ secrets: inherit 
@@ -6,23 +6,14 @@ on:
  - cron: '0 0 * * *'
  workflow_dispatch:
 
+permissions:
+ contents: write # Required to checkout and push changes
+ pull-requests: write # Required to create PRs for dependency updates
+
 jobs:
  scala-steward:
- runs-on: ubuntu-24.04
- steps:
- - name: Checkout
- uses: actions/checkout@v3
- - name: Set up JDK 11
- uses: actions/setup-java@v4
- with:
- distribution: 'temurin'
- java-version: '11'
- cache: 'sbt'
- - name: Launch Scala Steward
- uses: scala-steward-org/scala-steward-action@v2
- with:
- author-name: scala-steward
- author-email: scala-steward
- github-token: ${{ secrets.REPO_GITHUB_TOKEN }}
- repo-config: .scala-steward.conf
- ignore-opts-files: false
+ uses: softwaremill/github-actions-workflows/.github/workflows/scala-steward.yml@main
+ secrets:
+ github-token: ${{ secrets.GITHUB_TOKEN }}
+ with:
+ java-version: '21'
@@ -14,4 +14,6 @@ project/boot
 .env
 
 .metals
-.bloop
+.bloop
+.vscode
+.cursor
-Original file line number
+Diff line change
 .env
 .metals
 -.bloop
 +.bloop
 +.vscode
 +.cursor