Bump Ubuntu action runner to 24.04 (#805)

* Bump Ubuntu action runner to 24.04

* Remove actionlint from toolset

.github/workflows/GH-771-targets.yml

@@ -17,7 +17,7 @@ permissions: {}
 
 jobs:
   echo:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     if: ${{ github.actor != 'dependabot[bot]' && github.actor != 'renovate[bot]' }}
     timeout-minutes: 5
     steps:

.github/workflows/GH-771-wait.yml

@@ -17,7 +17,7 @@ permissions: {}
 
 jobs:
   wait:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     if: ${{ github.actor != 'dependabot[bot]' && github.actor != 'renovate[bot]' }}
     timeout-minutes: 5
     steps:

.github/workflows/ci-nix.yml

@@ -22,7 +22,7 @@ on:
 
 jobs:
   tasks:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     timeout-minutes: 30
     steps:
       - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2

.github/workflows/ci.yml

@@ -3,7 +3,7 @@ on:
   push:
     branches: [main]
     paths-ignore:
-      - '.github/dependabot.yml'
+      - '.github/workflows/ci-nix.yml'
       - 'LICENSE'
       - '.editorconfig'
       - 'README.md'
@@ -18,7 +18,7 @@ on:
 jobs:
   build:
     timeout-minutes: 15
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     steps:
       - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
       - uses: pnpm/action-setup@fe02b34f77f8bc703788d5817da081398fad5dd2 # v4.0.0
@@ -33,7 +33,7 @@ jobs:
 
   test:
     timeout-minutes: 15
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     steps:
       - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
       - uses: pnpm/action-setup@fe02b34f77f8bc703788d5817da081398fad5dd2 # v4.0.0
@@ -46,7 +46,7 @@ jobs:
 
   typecheck:
     timeout-minutes: 15
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     steps:
       - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
       - uses: pnpm/action-setup@fe02b34f77f8bc703788d5817da081398fad5dd2 # v4.0.0

.github/workflows/dependency-review.yml

@@ -12,7 +12,7 @@ permissions:
 jobs:
   dependency-review:
     timeout-minutes: 15
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     steps:
       - name: 'Checkout Repository'
         uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2

.github/workflows/gitleaks.yml

@@ -5,7 +5,7 @@ jobs:
   gitleaks:
     timeout-minutes: 15
     name: gitleaks
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     steps:
       - uses: actions/checkout@v4
         with:

.github/workflows/itself.yml

@@ -27,15 +27,15 @@ permissions: {}
 
 jobs:
   default_logic:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     if: ${{ github.actor != 'dependabot[bot]' && github.actor != 'renovate[bot]' }}
     timeout-minutes: 10
     steps:
       - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
       # Do NOT specify any options here to make sure zero config may work
       - uses: ./
   validation_example_basic_errors_allow_failure:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     if: ${{ github.actor != 'dependabot[bot]' && github.actor != 'renovate[bot]' }}
     timeout-minutes: 5
     steps:
@@ -50,7 +50,7 @@ jobs:
           min-interval-seconds: '-1'
           attempt-limits: '0'
   validation_example_combination_errors_allow_failure:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     if: ${{ github.actor != 'dependabot[bot]' && github.actor != 'renovate[bot]' }}
     timeout-minutes: 5
     steps:
@@ -74,7 +74,7 @@ jobs:
               }
             ]
   exponential_backoff_allow_failure:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     if: ${{ github.actor != 'dependabot[bot]' && github.actor != 'renovate[bot]' }}
     timeout-minutes: 5
     steps:
@@ -92,7 +92,7 @@ jobs:
           attempt-limits: 2
           skip-same-workflow: 'true'
   equal_intervals:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     if: ${{ github.actor != 'dependabot[bot]' && github.actor != 'renovate[bot]' }}
     timeout-minutes: 10
     steps:
@@ -106,7 +106,7 @@ jobs:
           attempt-limits: 60
           skip-same-workflow: 'true'
   wait-list:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     if: ${{ github.actor != 'dependabot[bot]' && github.actor != 'renovate[bot]' }}
     timeout-minutes: 5
     steps:
@@ -132,7 +132,7 @@ jobs:
               }
             ]
   skip-list:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     if: ${{ github.actor != 'dependabot[bot]' && github.actor != 'renovate[bot]' }}
     timeout-minutes: 5
     steps:

.github/workflows/lint.yml

@@ -14,7 +14,7 @@ on:
 jobs:
   deno_lint:
     timeout-minutes: 15
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     steps:
       - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
       - uses: denoland/setup-deno@041b854f97b325bd60e53e9dc2de9cb9f9ac0cba # v1.1.4
@@ -24,7 +24,7 @@ jobs:
 
   dprint:
     timeout-minutes: 15
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     steps:
       - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
       - uses: dprint/check@2f1cf31537886c3bfb05591c031f7744e48ba8a1 # v2.2
@@ -33,7 +33,7 @@ jobs:
 
   typos:
     timeout-minutes: 15
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     steps:
       - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
       # Intentionally point to the latest version, not the version bound by nix.
@@ -44,15 +44,3 @@ jobs:
             .
             .github
             .vscode
-
-  actionlint:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
-      - name: Download actionlint
-        id: get_actionlint
-        run: bash <(curl https://raw.githubusercontent.com/rhysd/actionlint/main/scripts/download-actionlint.bash)
-        shell: bash
-      - name: Check workflow files
-        run: ${{ steps.get_actionlint.outputs.executable }} -color
-        shell: bash

.github/workflows/merge-bot-pr.yml

@@ -10,7 +10,7 @@ permissions:
 jobs:
   judge-dependabot:
     timeout-minutes: 5
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     outputs:
       merge: ${{ steps.conclusion.outputs.merge }}
     if: ${{ github.actor == 'dependabot[bot]' }}
@@ -28,7 +28,7 @@ jobs:
     needs: [judge-dependabot]
     if: ${{ needs.judge-dependabot.outputs.merge == 'true' }}
     timeout-minutes: 30
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     steps:
       # Required for checkout before referring to your own action as `uses: ./`.
       - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
@@ -52,7 +52,7 @@ jobs:
   #   Changing in all personal repository is annoy task for me. Even if using terrafform, getting mandatory CI names in each repo is too annoy!
   renovate:
     timeout-minutes: 30
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     if: ${{ github.actor == 'renovate[bot]' }}
     steps:
       # Required for checkout before referring to your own action as `uses: ./`.
@@ -73,7 +73,7 @@ jobs:
   # https://github.com/kachick/anylang-template/issues/51
   selfup-runner:
     timeout-minutes: 30
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     if: ${{ github.actor == 'selfup-runner[bot]' }}
     steps:
       # Required for checkout before referring to your own action as `uses: ./`.

Makefile.toml

@@ -24,7 +24,6 @@ script = [
   "dprint check",
   "deno lint",
   "typos . .github .vscode",
-  "actionlint",
   "gitleaks detect",
   "git ls-files '*.nix' | xargs nixfmt --check",
 ]
@@ -73,7 +72,6 @@ script = [
   "makers --version",
   "dprint --version",
   "nixfmt --version",
-  "actionlint --version",
   "typos --version",
   "gh --version",
   "jq --version",

README.md

@@ -18,7 +18,7 @@ jobs:
     #   contents: read
     #   checks: read
     #   actions: read
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     steps:
       - uses: kachick/wait-other-jobs@v3.2.0
         timeout-minutes: 15 # Recommended to be enabled with your appropriate value for fail-safe use
@@ -102,7 +102,7 @@ See the [docs](docs/examples.md) for further detail.
   jobs:
     your_job: # This will be used default job name if you not specify below "name" field
       name: "Changed at here"
-      runs-on: ubuntu-latest
+      runs-on: ubuntu-24.04
       steps:
         - uses: kachick/wait-other-jobs@v3
           with:

docs/examples.md

@@ -24,7 +24,7 @@ permissions:
 
 jobs:
   dependabot:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     if: ${{ github.actor == 'dependabot[bot]' }}
     steps:
       - name: Dependabot metadata
@@ -44,7 +44,7 @@ jobs:
           GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
 
   renovate:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     if: ${{ github.actor == 'renovate[bot]' }}
     steps:
       - name: Wait other jobs

flake.nix

@@ -45,7 +45,11 @@
               edge-pkgs.typos
 
               # Helper for writing and linting actions
-              edge-pkgs.actionlint
+              #
+              # NOTE: Do NOT add actionlint as a dependency
+              # - It does not target actions; it lints the user's side.
+              # - It assumes major actions in a stable state, often causing problems between versions.
+              # - Use https://github.com/github/vscode-github-actions for a better solution to get hints.
               edge-pkgs.pinact
 
               # For fighting the GitHub API