Skip to content

ci(release): Switch from action-prepare-release to Craft #5290

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
BYK wants to merge 6 commits into
base: master
Choose a base branch
from
Open

ci(release): Switch from action-prepare-release to Craft #5290

BYK wants to merge 6 commits into from
+68 −44

Conversation

@BYK
Copy link
Member

@BYK BYK commented Jan 9, 2026

Summary

This PR migrates from the deprecated action-prepare-release to the new Craft GitHub Actions.

Changes

  • Migrated .github/workflows/release.yml to Craft reusable workflow

Documentation

See https://getsentry.github.io/craft/github-actions/ for more information.

@BYK
ci(release): Switch from action-prepare-release to Craft
aa0a976 
This PR migrates from the deprecated action-prepare-release to the new
Craft GitHub Actions (reusable workflow or composite action).

Changes:
- Migrate .github/workflows/release.yml to Craft reusable workflow
@BYK BYK requested a review from a team as a code owner January 9, 2026 18:03
@github-actions
Copy link
Contributor

github-actions bot commented Jan 9, 2026
edited
Loading

Semver Impact of This PR

🟢 Patch (bug fixes)

📋 Changelog Preview

This is how your changes will appear in the changelog.
Entries from this PR are highlighted with a left border (blockquote style).

Bug Fixes 🐛

  • fix(clickhouse): Guard against module shadowing by alexander-alderman-webb in #5250
  • fix(litellm): Guard against module shadowing by alexander-alderman-webb in #5249
  • fix(pure-eval): Guard against module shadowing by alexander-alderman-webb in #5252
  • fix(ray): Guard against module shadowing by alexander-alderman-webb in #5254
  • fix(typer): Guard against module shadowing by alexander-alderman-webb in #5253

Documentation 📚

  • docs: Update Python versions banner in README by sentrivana in #5287

Internal Changes 🔧

  • ci(release): Switch from action-prepare-release to Craft by BYK in #5290

🤖 This preview updates automatically when you update the PR.

@BYK
ci(release): Restore GitHub App token authentication
e0230e8 
The previous migration incorrectly removed the GitHub App token
authentication step. This commit restores it by switching to the
composite action pattern which preserves the auth flow.
sentry[bot]
sentry bot reviewed Jan 9, 2026
View reviewed changes
.github/workflows/release.yml Outdated
merge_target: ${{ github.event.inputs.merge_target }}
- name: Get auth token
id: token
uses: actions/create-github-app-token@v1

This comment was marked as outdated.

Sign in to view

cursor[bot]
cursor bot reviewed Jan 10, 2026
View reviewed changes
.github/workflows/ci.yml Outdated

steps:
- uses: actions/checkout@v6.0.1
- uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v2.0.1
Copy link

@cursor cursor bot Jan 10, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Downgrade of actions/checkout from v6 to v2

High Severity

The actions/checkout action is being changed from v6.0.1 to a SHA commented as v2.0.1 or v2 across all workflow files. This is a major version downgrade from 2025 to 2020 that loses four major versions of improvements, security fixes, and features. The v2 version runs on deprecated Node.js and lacks features like sparse-checkout that may be relied upon. This appears unintentional since other actions like actions/setup-python@v6 and actions/upload-artifact@v6 remain at modern versions.

Additional Locations (2)

Fix in Cursor Fix in Web

sentry[bot]
sentry bot reviewed Jan 10, 2026
View reviewed changes
.github/workflows/release.yml
Comment on lines +6 to 8
description: Version to release (or "auto")
required: false
force:

This comment was marked as outdated.

Sign in to view

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cursor cursor[bot] cursor[bot] left review comments

+1 more reviewer

@sentry sentry[bot] sentry[bot] left review comments

Reviewers whose approvals may not affect merge requirements

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@BYK