-
Notifications
You must be signed in to change notification settings - Fork 69
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
GHA Deprecation: "add-path" and "set-env" #84
Comments
Great! Sorry, I only searched open PRs before submitting this. |
No worries. We're working on a CHANGELOG (#85) as part of the next release, so it should be clearer in the future! |
Checking in. Do you have an ETA for the new release? |
@bollwyvl sorry this has been a busy/weird month. Just to catch up. We just need to merge the changelog PR work to cut a new release? Let me know, so we can get this out soon! Cheers |
think so! If you can review the changelog so we can steal some of that sweet, sweet tribal knowledge from your brain... i'll rekick it anyway, just to see how we're doing... |
Don't forget this! ;) (Google has released the details of the exploit, so it's pretty high priority for GH to shut it down, I believe) |
So can we close this now @bollwyvl 🙃 ? |
I had been testing with 16930e6 with no warnings, so i'd say we're good! |
Ouch, the version bumped to 2, so (Not a complaint, just a question :) Thanks for the release!) |
Also wondering whether this could be backported to v1 (or just tagged with v1 since its back compat). We use this action in Manubot, where a large number of users have cloned our CI script, and don't update that frequently. See manubot/rootstock#388. v2 was just released, so there is going to be a one week time from when conda-incubator/setup-miniconda@v1 was the latest version till when it stops working:
In Manubot's case, users also have to upgrade due to an unrelated issue, so it's not essential for us. But might be for others? |
@bollwyvl thoughts? |
GitHub Actions is deprecating
set-env
andadd-path
due to a security risk: https://github.blog/changelog/2020-10-01-github-actions-deprecating-set-env-and-add-path-commands/Currently, the `setup-miniconda' action has these lines:
Which cause this warning when using it in a GHA workflow:
The text was updated successfully, but these errors were encountered: