Skip to content

build(deps): bump getsentry/github-workflows/.github/workflows/updater.yml from 2 to 3 #358

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
dependabot wants to merge 4 commits into from
Closed

build(deps): bump getsentry/github-workflows/.github/workflows/updater.yml from 2 to 3 #358

Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
bec747d
build(deps): bump getsentry/github-workflows/.github/workflows/update…
dependabot[bot] Nov 10, 2025
ab60e9b
Update .github/workflows/update-deps.yml
philprime Nov 24, 2025
7f9fd13
Update .github/workflows/update-deps.yml
philprime Nov 24, 2025
a8db636
migrate to v3
philprime Nov 24, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
23 changes: 15 additions & 8 deletions .github/workflows/update-deps.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,21 +3,28 @@ name: Update Dependencies
on:
# Run every day.
schedule:
- cron: '0 3 * * *'
# And on on every PR merge so we get the updated dependencies ASAP, and to make sure the changelog doesn't conflict.
- cron: "0 3 * * *"
# And on every PR merge so we get the updated dependencies ASAP, and to make sure the changelog doesn't conflict.
push:
branches:
- master
workflow_dispatch:

permissions:
contents: write # To modify files and create commits
pull-requests: write # To create and update pull requests
actions: write # To cancel previous workflow runs

jobs:
update-cli:
uses: getsentry/github-workflows/.github/workflows/updater.yml@v2
with:
path: script/sentry-cli.properties
name: CLI
secrets:
api-token: ${{ secrets.CI_DEPLOY_KEY }}
runs-on: ubuntu-latest
steps:
- uses: getsentry/github-workflows/updater@v3
Comment on lines +20 to +22
Copy link

@sentry sentry bot Nov 24, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Bug: The update-cli job lacks job-level output mappings for its composite action, causing downstream jobs to fail when accessing needs.update-cli.outputs.
Severity: CRITICAL | Confidence: High

🔍 Detailed Analysis

The update-cli job, which utilizes a composite action, is missing required job-level output declarations. The composite action step lacks an id attribute, and the job itself does not define an outputs section to map the step's outputs. As a result, the downstream update-binaries job attempts to access needs.update-cli.outputs.originalTag and needs.update-cli.outputs.latestTag, but needs.update-cli.outputs is empty. This causes the if condition in update-binaries to fail, leading to an unexpected workflow failure and preventing the proper execution of the dependency chain.

💡 Suggested Fix

Add an id to the composite action step within the update-cli job. Then, define an outputs section in the update-cli job, mapping the step's outputs, for example: outputs: { originalTag: ${{ steps.<step-id>.outputs.originalTag }} }.

🤖 Prompt for AI Agent 
Review the code at the location below. A potential bug has been identified by an AI
agent.
Verify if this is a real issue. If it is, propose a fix; if not, explain why it's not
valid.

Location: .github/workflows/update-deps.yml#L20-L22

Potential issue: The `update-cli` job, which utilizes a composite action, is missing
required job-level output declarations. The composite action step lacks an `id`
attribute, and the job itself does not define an `outputs` section to map the step's
outputs. As a result, the downstream `update-binaries` job attempts to access
`needs.update-cli.outputs.originalTag` and `needs.update-cli.outputs.latestTag`, but
`needs.update-cli.outputs` is empty. This causes the `if` condition in `update-binaries`
to fail, leading to an unexpected workflow failure and preventing the proper execution
of the dependency chain.

Did we get this right? 👍 / 👎 to inform future reviews.
Reference ID: 3156568

with:
path: script/sentry-cli.properties
name: CLI
api-token: ${{ secrets.CI_DEPLOY_KEY }}

update-binaries:
runs-on: ubuntu-latest
needs: update-cli
Expand Down
Loading