# Objective
Fixes#1529
Run bevy_ecs in miri
## Solution
- Don't set thread names when running in miri rust-lang/miri/issues/1717
- Update `event-listener` to `2.5.2` as previous versions have UB that is detected by miri: [event-listener commit](1fa31c553e)
- Ignore memory leaks when running in miri as they are impossible to track down rust-lang/miri/issues/1481
- Make `table_add_remove_many` test less "many" because miri is really quite slow :)
- Make CI run `RUSTFLAGS="-Zrandomize-layout" MIRIFLAGS="-Zmiri-ignore-leaks -Zmiri-tag-raw-pointers -Zmiri-disable-isolation" cargo +nightly miri test -p bevy_ecs`
# Objective
Context: [Discord Discussion](https://discord.com/channels/691052431525675048/745355529777315850/950532143325519902)
Improve the PR template by adding "Changelog" and "Migration Guide" sections. These sections should hopefully help speed up the review/merge process, as well as help make release notes and migration guides.
## Solution
Added the "Changelog" section template which suggests listing out the changes of the PR. This also acts as a sort of tl;dr for reviewers (especially for larger PRs).
Added the "Migration Guide" section template which suggests describing how a user might need to migrate their codebase to account for the changes by the PR. This also helps authors/contributors keep the end-user in mind when adding or changing the API.
Both sections are optional— an author does not _need_ to fill these out. Hopefully they will, though, as it provides a handful of really great benefits.
Co-authored-by: MrGVSV <49806985+MrGVSV@users.noreply.github.com>
# Objective
Partially address #407 by setting up automated deployments of `bevy`'s API reference to GitHub Pages.
## Solution
Set up a GitHub Actions workflow that builds the docs on every push to `main` and pushes a new commit to a `gh-pages` (or `docs` branch).
A few smaller additions to better address #407:
- A top level redirect was added to take "docs.bevyengine.org" directly to the `bevy` crate docs.
- A GitHub Pages CNAME file for supporting a publicly viewable domain instead of `github.io`
- A robots.txt file is added to disable all search engine crawlers that respect it from crawling it (avoid having conflicting Google search results)
- A .nojekyl file to speed up deployments since there is no Jekyll templating in the output.
This may require configuration of the `GITHUB_TOKEN` of the CI to successfully run this.
## Followup
For this to completely resolve#407, a subdomain of https://bevyengine.org/ needs to be set up to point to the CNAME location. This is initially set to "dev-docs.bevyengine.org".
Co-authored-by: Carter Anderson <mcanders1@gmail.com>
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 1 to 3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's releases</a>.</em></p>
<blockquote>
<h2>v3.0.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Update default runtime to node16 (<a href="https://github-redirect.dependabot.com/actions/upload-artifact/issues/293">#293</a>)</li>
<li>Update package-lock.json file version to 2 (<a href="https://github-redirect.dependabot.com/actions/upload-artifact/issues/302">#302</a>)</li>
</ul>
<h3>Breaking Changes</h3>
<p>With the update to Node 16, all scripts will now be run with Node 16 rather than Node 12.</p>
<h2>v2.3.1</h2>
<p>Fix for empty fails on Windows failing on upload <a href="https://github-redirect.dependabot.com/actions/upload-artifact/issues/281">#281</a></p>
<h2>v2.3.0 Upload Artifact</h2>
<ul>
<li>Optimizations for faster uploads of larger files that are already compressed</li>
<li>Significantly improved logging when there are chunked uploads</li>
<li>Clarifications in logs around the upload size and prohibited characters that aren't allowed in the artifact name or any uploaded files</li>
<li>Various other small bugfixes & optimizations</li>
</ul>
<h2>v2.2.4</h2>
<ul>
<li>Retry on HTTP 500 responses from the service</li>
</ul>
<h2>v2.2.3</h2>
<ul>
<li>Fixes for proxy related issues</li>
</ul>
<h2>v2.2.2</h2>
<ul>
<li>Improved retryability and error handling</li>
</ul>
<h2>v2.2.1</h2>
<ul>
<li>Update used actions/core package to the latest version</li>
</ul>
<h2>v2.2.0</h2>
<ul>
<li>Support for artifact retention</li>
</ul>
<h2>v2.1.4</h2>
<ul>
<li>Add Third Party License Information</li>
</ul>
<h2>v2.1.3</h2>
<ul>
<li>Use updated version of the <code>@action/artifact</code> NPM package</li>
</ul>
<h2>v2.1.2</h2>
<ul>
<li>Increase upload chunk size from 4MB to 8MB</li>
<li>Detect case insensitive file uploads</li>
</ul>
<h2>v2.1.1</h2>
<ul>
<li>Fix for certain symlinks not correctly being identified as directories before starting uploads</li>
</ul>
<h2>v2.1.0</h2>
<ul>
<li>Support for uploading artifacts with multiple paths</li>
<li>Support for using exclude paths</li>
<li>Updates to dependencies</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="6673cd052c"><code>6673cd0</code></a> Update <code>lockfileVersion</code> in <code>package-lock.json</code> (<a href="https://github-redirect.dependabot.com/actions/upload-artifact/issues/302">#302</a>)</li>
<li><a href="2244c82003"><code>2244c82</code></a> Update to node16 (<a href="https://github-redirect.dependabot.com/actions/upload-artifact/issues/293">#293</a>)</li>
<li><a href="87348cee5f"><code>87348ce</code></a> Add 503 warning when uploading to the same artifact</li>
<li><a href="82c141cc51"><code>82c141c</code></a> Bump <code>@actions/artifact</code> to version 0.6.1 (<a href="https://github-redirect.dependabot.com/actions/upload-artifact/issues/286">#286</a>)</li>
<li><a href="da838ae959"><code>da838ae</code></a> Bump <code>@actions/artifact</code> to version 0.6.0 (<a href="https://github-redirect.dependabot.com/actions/upload-artifact/issues/280">#280</a>)</li>
<li><a href="f4ac36d205"><code>f4ac36d</code></a> Improve readme (<a href="https://github-redirect.dependabot.com/actions/upload-artifact/issues/278">#278</a>)</li>
<li><a href="5f375cca4b"><code>5f375cc</code></a> Document how to correctly use environment variables for path input (<a href="https://github-redirect.dependabot.com/actions/upload-artifact/issues/274">#274</a>)</li>
<li><a href="a009a66585"><code>a009a66</code></a> Create release-new-action-version.yml (<a href="https://github-redirect.dependabot.com/actions/upload-artifact/issues/277">#277</a>)</li>
<li><a href="b9bb65708e"><code>b9bb657</code></a> Bump tmpl from 1.0.4 to 1.0.5 (<a href="https://github-redirect.dependabot.com/actions/upload-artifact/issues/250">#250</a>)</li>
<li><a href="0b3de3e43b"><code>0b3de3e</code></a> Fix <code>README.md</code> links and some formatting updates (<a href="https://github-redirect.dependabot.com/actions/upload-artifact/issues/273">#273</a>)</li>
<li>Additional commits viewable in <a href="https://github.com/actions/upload-artifact/compare/v1...v3">compare view</a></li>
</ul>
</details>
<br />
[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/upload-artifact&package-manager=github_actions&previous-version=1&new-version=3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Bumps [actions/labeler](https://github.com/actions/labeler) from 3 to 4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/actions/labeler/releases">actions/labeler's releases</a>.</em></p>
<blockquote>
<h2>v4.0.0</h2>
<ul>
<li><a href="https://github-redirect.dependabot.com/actions/labeler/pull/319"> Update to node 16 runtime</a></li>
</ul>
<h2>v3.1.0</h2>
<p>Dependency upgrades, docs updates, and behind-the-scenes maintenance.</p>
<p>See the full list of changes since 3.0.2 here: <a href="https://github.com/actions/labeler/compare/v3.0.2...v3.1.0">https://github.com/actions/labeler/compare/v3.0.2...v3.1.0</a></p>
<p>Thanks to <a href="https://github.com/GisoBartels"><code>@GisoBartels</code></a> and <a href="https://github.com/Muhammed-Rahif"><code>@Muhammed-Rahif</code></a> for their contributions!</p>
<h2>v3.0.2</h2>
<p>No API changes, but lots of behind-the-scenes upgrades, mostly to internal dependencies, tooling, and surrounding infrastructure.</p>
<h2>v3.0.1</h2>
<p>No user-facing changes.</p>
<p>That said, there were more than enough behind-the-scenes changes to warrant a new release: <a href="https://github.com/actions/labeler/compare/v3.0.0...v3.0.1">https://github.com/actions/labeler/compare/v3.0.0...v3.0.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="9fd24f1f9d"><code>9fd24f1</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/actions/labeler/issues/334">#334</a> from actions/thboop/updatetov4</li>
<li><a href="abae52fa24"><code>abae52f</code></a> Update to new v4 release</li>
<li><a href="e1132f5ed5"><code>e1132f5</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/actions/labeler/issues/319">#319</a> from actions/thboop/node16update</li>
<li><a href="b0cc574b25"><code>b0cc574</code></a> Update build_test.yml</li>
<li><a href="c48e531900"><code>c48e531</code></a> Update default runtime to node16</li>
<li>See full diff in <a href="https://github.com/actions/labeler/compare/v3...v4">compare view</a></li>
</ul>
</details>
<br />
[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/labeler&package-manager=github_actions&previous-version=3&new-version=4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
# Objective
- Using the `cargo run -p ci` command locally is unreliable, as it does not run tests.
- This is particularly unreliable for doc tests, as they are not run as part of `cargo test`.
## Solution
- add more steps to the appropriate Rust file.
## Known Problems
This duplicates work done to run tests when run on Github. @mockersf, suggestions on if we care / how we can mitigate it?
# Objective
Fixes#3566
## Solution
- [x] Fix broken links in private docs.
- [x] Add the `--document-private-items` flag to the CI.
## Note
The following was said by @killercup in #3566:
> I don't have time to confirm this but I assume that linking to private items throws an error/warning when just running cargo doc, and --document-private-item might actually hide that warning. So to test this, you'd have to run it twice.
I tested this and this is thankfully not the case. If you are linking to a private item you will get a warning no matter if you run `cargo doc` or `cargo doc --document-private-items`.
### Example
I added `struct Test;` to `bevy_core/src/name.rs` and linked to it inside of a doc comment using ``[`Test`]``. After that I ran `cargo doc -p bevy_core --document-private-items` using `RUSTDOCFLAGS="-D warnings"` and got the following output (note the last sentence):
```rust
error: public documentation for `Name` links to private item `Test`
--> crates/bevy_core/src/name.rs:11:82
|
11 | /// Component used to identify an entity. Stores a hash for faster comparisons [`Test`]
| ^^^^ this item is private
|
= note: `-D rustdoc::private-intra-doc-links` implied by `-D warnings`
= note: this link resolves only because you passed `--document-private-items`, but will break without
```
Closes#3497.
I added the rust API guidelines (https://rust-lang.github.io/api-guidelines/about.html) to the `CONTRIBUTING.md` file.
## Note
As noted in #3497 we should note any areas where we deliberately disagree as they arise. If we start adding these areas it might be a good idea to remove the mention of the `API guidelines` in the `CONTRIBUTING.md` file and move it to the `engine_style_guide.md`. That way we still have the connection between the `CONTRIBUTING.md` and the `API guidelines`, but we have more "space" to work with and can go into more detail about what we agree and disagree on.
For now I would leave it this way, because it's one less click to get to the guidelines.
Co-authored-by: KDecay <KDecayMusic@protonmail.com>
# Objective
- Nightly checks where disabled because of a bug in Rust
- Dependency checks are failing because of a new duplicate
## Solution
- Now that https://github.com/rust-lang/rust/pull/92175 has been merged, re-enable nightly checks
- Add the new duplicate dependency to the known list
- Removed `Inflector` dependency as it's not used anymore
Co-authored-by: François <8672791+mockersf@users.noreply.github.com>
# Objective
- There are a few warnings when building Bevy docs for dead links
- CI seems to not catch those warnings when it should
## Solution
- Enable doc CI on all Bevy workspace
- Fix warnings
- Also noticed plugin GilrsPlugin was not added anymore when feature was enabled
First commit to check that CI would actually fail with it: https://github.com/bevyengine/bevy/runs/4532652688?check_suite_focus=true
Co-authored-by: François <8672791+mockersf@users.noreply.github.com>
# Objective
- fixes#3344
- have example run faster
## Solution
- thanks to the nice folks at wgpu, I was able to switch from swift shader to lavapipe which is faster
- I also reduced the runtime for some of the examples
- I enabled the trace_chrome feature on the examples, and stored the results as an artefact. it can be useful to debug
- runtime is back to around 10 minutes
Co-authored-by: François <8672791+mockersf@users.noreply.github.com>
This makes the [New Bevy Renderer](#2535) the default (and only) renderer. The new renderer isn't _quite_ ready for the final release yet, but I want as many people as possible to start testing it so we can identify bugs and address feedback prior to release.
The examples are all ported over and operational with a few exceptions:
* I removed a good portion of the examples in the `shader` folder. We still have some work to do in order to make these examples possible / ergonomic / worthwhile: #3120 and "high level shader material plugins" are the big ones. This is a temporary measure.
* Temporarily removed the multiple_windows example: doing this properly in the new renderer will require the upcoming "render targets" changes. Same goes for the render_to_texture example.
* Removed z_sort_debug: entity visibility sort info is no longer available in app logic. we could do this on the "render app" side, but i dont consider it a priority.
# Objective
- there are a few new versions for `ron`, `winit`, `ndk`, `raw-window-handle`
- `cargo-deny` is failing due to new security issues / duplicated dependencies
## Solution
- Update our dependencies
- Note all new security issues, with which of Bevy direct dependency it comes from
- Update duplicate crate list, with which of Bevy direct dependency it comes from
`notify` is not updated here as it's in #2993
Objective
During work on #3009 I've found that not all jobs use actions-rs, and therefore, an previous version of Rust is used for them. So while compilation and other stuff can pass, checking markup and Android build may fail with compilation errors.
Solution
This PR adds `action-rs` for any job running cargo, and updates the edition to 2021.
# Objective
- All new PRs should get the "S-Needs-Triage" label. But at the moment we for example are getting quite a few PRs to the new renderer branch that do not get the label.
## Solution
- Remove the required target "main" from the workflow
- Also removed configuration for not needed functionality of the labeler action (see [docs](https://github.com/actions/labeler#inputs))
# Objective
- Fixes#2674
- Check that benches build
## Solution
- Adds a job that runs `cargo check --benches`
Co-authored-by: Carter Anderson <mcanders1@gmail.com>
[**RENDERED**](https://github.com/alice-i-cecile/bevy/blob/better-contributing/CONTRIBUTING.md)
Improves #910. As discussed in #1309, we'll need to synchronize content between this and the Bevy website in some way (and clean up the .github file perhaps?).
I think doing it as a root-directory file is nicer for discovery, but that's a conversation I'm interested in having.
This document is intended to be helpful to beginners to open source and Bevy, and captures what I've learned about our informal practices and values.
Reviewers: I'm particularly interested in:
- opinions on the items **What we're trying to build**, where I discuss some of the project's high-level values and goals
- more relevant details on the `bevy` subcrates for **Getting oriented**
- useful tricks and best practices that I missed
- better guidance on how to contribute to the Bevy book from @cart <3
# Objective
- #2551 revamped our CI setup which included running clippy and rustfmt in another Job.
- This new Job wasn't added to the bors.toml, which means that PRs would be accepted that didn't run them.
## Solution
- Add the "ci" job to the bors.toml
# Objective
- There are a few random failures in CI, mostly due to contacting crates.io or checking for deadlinks
- CI can take some time, more than 20 minutes for a full status
- A clippy/format issue stops running tests on other platforms
## Solution
- Use GitHub cache for cargo artefacts
- This speeds up builds and reduce dependencies on outside world
- Reorder and add dependencies between short jobs. They are still setup to run even if one of the dependency failed
- This reduce the number of parallel jobs that are running for one PR. On GitHub free tier, we're limited to 20.
- Split CI checks (format & clippy) in its own job
- This speeds up test jobs, and allow us to not kill all platform tests for a format issue
- Retry in case of dead links check failure
- Internet is just that kind of place where things may seem dead at some point but back alive 5 seconds later
## Before
<img width="1062" alt="Screenshot 2021-07-27 at 01 18 52" src="https://user-images.githubusercontent.com/8672791/127071973-9a2c5ce8-c871-4f8d-9b17-08871824b6c4.png">
## After (with all cache live)
<img width="1063" alt="Screenshot 2021-07-27 at 01 18 28" src="https://user-images.githubusercontent.com/8672791/127071986-767a7e65-53ed-45fd-8d75-51a571f0b851.png">
# Objective
- Related to #2514 - not sure if it's a proper fix long term
- CI was complaining Error: Path `"/usr/local/lib/android/sdk/ndk-bundle/toolchains/llvm/prebuilt/linux-x86_64/bin/aarch64-linux-android31-clang"` was not found
- A lot of questions started popping up 10 days ago about ["android build tools 31 corrupted"](https://www.google.com/search?q=android+build+tools+31+corrupted)
- https://stackoverflow.com/questions/68387270/android-studio-error-installed-build-tools-revision-31-0-0-is-corrupted
- Uninstalling `"build-tools;31.0.0"` doesn't seem to work, as it removes other components even though `"build-tools;30.0.3"` are available
## Solution
- Uninstalling `"platforms;android-31"` seems to do the trick and `cargo-apk` stops trying to target `...31`
Android is not my thing, this solution was found with a lot of trials and errors. I am not sure how long term it is, I don't know the release schedule of android build tools, or if we need to target this 31 thing. I just wanted to stop all those failed ci everywhere...
This relicenses Bevy under the dual MIT or Apache-2.0 license. For rationale, see #2373.
* Changes the LICENSE file to describe the dual license. Moved the MIT license to docs/LICENSE-MIT. Added the Apache-2.0 license to docs/LICENSE-APACHE. I opted for this approach over dumping both license files at the root (the more common approach) for a number of reasons:
* Github links to the "first" license file (LICENSE-APACHE) in its license links (you can see this in the wgpu and rust-analyzer repos). People clicking these links might erroneously think that the apache license is the only option. Rust and Amethyst both use COPYRIGHT or COPYING files to solve this problem, but this creates more file noise (if you do everything at the root) and the naming feels way less intuitive.
* People have a reflex to look for a LICENSE file. By providing a single license file at the root, we make it easy for them to understand our licensing approach.
* I like keeping the root clean and noise free
* There is precedent for putting the apache and mit license text in sub folders (amethyst)
* Removed the `Copyright (c) 2020 Carter Anderson` copyright notice from the MIT license. I don't care about this attribution, it might make license compliance more difficult in some cases, and it didn't properly attribute other contributors. We shoudn't replace it with something like "Copyright (c) 2021 Bevy Contributors" because "Bevy Contributors" is not a legal entity. Instead, we just won't include the copyright line (which has precedent ... Rust also uses this approach).
* Updates crates to use the new "MIT OR Apache-2.0" license value
* Removes the old legion-transform license file from bevy_transform. bevy_transform has been its own, fully custom implementation for a long time and that license no longer applies.
* Added a License section to the main readme
* Updated our Bevy Plugin licensing guidelines.
As a follow-up we should update the website to properly describe the new license.
Closes#2373
# Objective
- CI is failing because of an android issue
- This is blocking bors
## Solution
- Bors can ignore android failures
- Keep android job in CI to check its status
I'm not android enough to debug this one, this is a temp fix until someone knows how to fix it or it get fixed by itself with updates?
# Objective
Currently we can sometimes allow PRs by people who haven't agreed to the relicense to get merged into main.
E.g. https://github.com/bevyengine/bevy/pull/2445
## Solution
This adds a check to ensure that this doesn't happen, by ensuring that bors doesn't relicense said PRs.
As a bonus, it also adds config to automatically label new PRs as needing checking, to ensure that we do the verification until we merge the new license.
Bumps [gaurav-nelson/github-action-markdown-link-check](https://github.com/gaurav-nelson/github-action-markdown-link-check) from 1.0.12 to 1.0.13.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/gaurav-nelson/github-action-markdown-link-check/releases">gaurav-nelson/github-action-markdown-link-check's releases</a>.</em></p>
<blockquote>
<h2>1.0.13</h2>
<p>Main changes:</p>
<ul>
<li>Merge pull request <a href="https://github-redirect.dependabot.com/gaurav-nelson/github-action-markdown-link-check/issues/111">#111</a> from gaurav-nelson/mlc@3.8.7 (9710f0f)</li>
<li>Update to markdown-link-check version 3.8.7 (7a77bd1)</li>
</ul>
<p>Other minor updates:</p>
<ul>
<li>Merge pull request <a href="https://github-redirect.dependabot.com/gaurav-nelson/github-action-markdown-link-check/issues/107">#107</a> from petethepig/patch-1 (95ffb9c)</li>
<li>Adds pyroscope to the list of happy users (2df45f2)</li>
<li>Fixed usage examples (cc3343e)</li>
<li>Buy me a coffee (24cd99c)</li>
<li>Remove treeware badge (f0656de)</li>
<li>Add netdata sample (2579500)</li>
<li>Update README, fixed LICENSE (4d5a901)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="9710f0fec8"><code>9710f0f</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/gaurav-nelson/github-action-markdown-link-check/issues/111">#111</a> from gaurav-nelson/mlc@3.8.7</li>
<li><a href="7a77bd14cc"><code>7a77bd1</code></a> Update to markdown-link-check version 3.8.7</li>
<li><a href="95ffb9cc0e"><code>95ffb9c</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/gaurav-nelson/github-action-markdown-link-check/issues/107">#107</a> from petethepig/patch-1</li>
<li><a href="2df45f2890"><code>2df45f2</code></a> Adds pyroscope to the list of happy users</li>
<li><a href="cc3343e7a6"><code>cc3343e</code></a> Fixed usage examples</li>
<li><a href="24cd99c2f8"><code>24cd99c</code></a> Buy me a coffee</li>
<li><a href="f0656de48f"><code>f0656de</code></a> Remove treeware badge</li>
<li><a href="2579500287"><code>2579500</code></a> Add netdata sample</li>
<li><a href="4d5a901466"><code>4d5a901</code></a> Update README, fixed LICENSE</li>
<li>See full diff in <a href="0fe4911067...9710f0fec8">compare view</a></li>
</ul>
</details>
<br />
[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=gaurav-nelson/github-action-markdown-link-check&package-manager=github_actions&previous-version=1.0.12&new-version=1.0.13)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
# Objective
- the PR labeler workflow will always add the `needs-traige` label to every pull request event
## Solution
- Limit this workflow to only be on the `opened` event
# Objective
- Currently only issues automatically have labels assigned to them on creation.
- The enables pull requests to have the same functionality and currently only adds the `needs-triage` label to all PRs.
## Solution
- Integrate `actions/labeler@v2` into the github workflows to automatically tag PRs.
- Add a `label-config.yml` file that specifies how PRs should be labeled.
Remove branch constraints from CI
This will let CI run on:
- fork branches before a PR is opened
- this repo branches if we start using them (😉 relations 😉 )
https://github.com/EmbarkStudios/cargo-deny
cargo-deny is a tool that can issue errors for dependency issues, among other:
* security issues in a crate
* duplicated dependencies with different versions
* unauthorised license
Added cargo-deny with an opinionated configuration:
* No middle ground with warnings, either allow or deny
* Not added to Bors, we probably don't want to block a PR on something that may happen from outside
* Different github workflow than CI to run only when Cargo.toml files are changed, or on a schedule
* Each check in its own job to help readability
* Initial config makes Bevy pass all check
Pushing a first commit with commented config to show errors
Bumps [github/super-linter](https://github.com/github/super-linter) from v3.16.2 to v3.17.0.
<details>
<summary>Commits</summary>
<ul>
<li><a href="28cfebb84f"><code>28cfebb</code></a> Updating action.yml with new release version</li>
<li><a href="5d2ea81f00"><code>5d2ea81</code></a> Cpp (<a href="https://github-redirect.dependabot.com/github/super-linter/issues/1492">#1492</a>)</li>
<li><a href="1a00fc3790"><code>1a00fc3</code></a> adding fixes (<a href="https://github-redirect.dependabot.com/github/super-linter/issues/1516">#1516</a>)</li>
<li><a href="d7894a51ec"><code>d7894a5</code></a> Bump <code>@coffeelint/cli</code> from 4.1.4 to 4.1.5 in /dependencies (<a href="https://github-redirect.dependabot.com/github/super-linter/issues/1514">#1514</a>)</li>
<li><a href="e0b8b12556"><code>e0b8b12</code></a> Bump ansible-lint from 5.0.7 to 5.0.8 in /dependencies (<a href="https://github-redirect.dependabot.com/github/super-linter/issues/1515">#1515</a>)</li>
<li><a href="ddd818393f"><code>ddd8183</code></a> Updating action.yml with new release version (<a href="https://github-redirect.dependabot.com/github/super-linter/issues/1512">#1512</a>)</li>
<li><a href="72cbbfc4e5"><code>72cbbfc</code></a> Inspec additional Tests (<a href="https://github-redirect.dependabot.com/github/super-linter/issues/1497">#1497</a>)</li>
<li><a href="1482ca9ffc"><code>1482ca9</code></a> Bump stylelint from 13.13.0 to 13.13.1 in /dependencies (<a href="https://github-redirect.dependabot.com/github/super-linter/issues/1506">#1506</a>)</li>
<li><a href="d838a98736"><code>d838a98</code></a> Bump accurics/terrascan from 1.4.0 to 1.5.1 (<a href="https://github-redirect.dependabot.com/github/super-linter/issues/1505">#1505</a>)</li>
<li><a href="2607e40749"><code>2607e40</code></a> Bump typing-extensions from 3.7.4.3 to 3.10.0.0 in /dependencies (<a href="https://github-redirect.dependabot.com/github/super-linter/issues/1507">#1507</a>)</li>
<li>Additional commits viewable in <a href="https://github.com/github/super-linter/compare/v3.16.2...28cfebb84fd6dd9e8773b5efe5ac0f8f3714f228">compare view</a></li>
</ul>
</details>
<br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Bumps [github/super-linter](https://github.com/github/super-linter) from v3.15.5 to v3.16.2.
<details>
<summary>Commits</summary>
<ul>
<li><a href="9af8775d57"><code>9af8775</code></a> Updating action.yml with new release version</li>
<li><a href="903d730a21"><code>903d730</code></a> Bump Actions-R-Us/actions-tagger from v2.0.1 to v2.0.2 (<a href="https://github-redirect.dependabot.com/github/super-linter/issues/1419">#1419</a>)</li>
<li><a href="58bdaecbcc"><code>58bdaec</code></a> update Terrascan to version 1.4.0 (<a href="https://github-redirect.dependabot.com/github/super-linter/issues/1422">#1422</a>)</li>
<li><a href="e63d4fddae"><code>e63d4fd</code></a> Bump typescript from 4.2.3 to 4.2.4 in /dependencies (<a href="https://github-redirect.dependabot.com/github/super-linter/issues/1435">#1435</a>)</li>
<li><a href="cb5739adde"><code>cb5739a</code></a> Bump <code>@typescript-eslint/eslint-plugin</code> in /dependencies (<a href="https://github-redirect.dependabot.com/github/super-linter/issues/1449">#1449</a>)</li>
<li><a href="d1e7a0c06b"><code>d1e7a0c</code></a> Bump koalaman/shellcheck from v0.7.1 to v0.7.2 (<a href="https://github-redirect.dependabot.com/github/super-linter/issues/1462">#1462</a>)</li>
<li><a href="6470e178cd"><code>6470e17</code></a> Bump alpine/terragrunt from 0.14.7 to 0.15.0 (<a href="https://github-redirect.dependabot.com/github/super-linter/issues/1501">#1501</a>)</li>
<li><a href="acc6e9a583"><code>acc6e9a</code></a> Bump <code>@typescript-eslint/parser</code> from 4.19.0 to 4.22.0 in /dependencies (<a href="https://github-redirect.dependabot.com/github/super-linter/issues/1450">#1450</a>)</li>
<li><a href="09c5be9abe"><code>09c5be9</code></a> Bump cljkondo/clj-kondo from 2021.03.22-alpine to 2021.04.23-alpine (<a href="https://github-redirect.dependabot.com/github/super-linter/issues/1474">#1474</a>)</li>
<li><a href="8e6a4e4a59"><code>8e6a4e4</code></a> Bump immer from 9.0.1 to 9.0.2 in /dependencies (<a href="https://github-redirect.dependabot.com/github/super-linter/issues/1498">#1498</a>)</li>
<li>Additional commits viewable in <a href="https://github.com/github/super-linter/compare/v3.15.5...9af8775d57172a12690483045b6b261d3520b7f1">compare view</a></li>
</ul>
</details>
<br />
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>