Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: constk/harness-python-react
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: main
Choose a base ref
...
head repository: constk/harness-python-react
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: develop
Choose a head ref
Checking mergeability… Don’t worry, you can still create the pull request.
  • 2 commits
  • 12 files changed
  • 1 contributor

Commits on May 27, 2026

  1. chore: bump Node-20 actions to Node-24 compatible SHAs (#110)

    * chore: bump Node-20 actions to Node-24 compatible SHAs (#109)
    
    GitHub-Actions runners force Node-24 on 2026-06-02 (≈one week from
    this commit) and remove Node-20 entirely on 2026-09-16. The
    release.yml run for v0.2.17 emitted Node-20 deprecation annotations
    on three actions; bumping them to current major-version SHAs makes
    the warnings go away and unblocks the forced-migration date.
    
    Bumps (SHA + documented tag both updated):
    
      actions/checkout       34e1148... # v4 -> 93cb6ef... # v5
      actions/setup-python   a26af69... # v5 -> a309ff8... # v6
      docker/login-action    c94ce9f... # v3 -> 650006c... # v4
    
    49 lines changed across 10 workflow files:
    
      .github/workflows/artifact-cleanup.yml      1 line
      .github/workflows/branch-protection.yml     1 line
      .github/workflows/changelog-prestage.yml    2 lines
      .github/workflows/changelog-rollup.yml      2 lines
      .github/workflows/ci.yml                    30 lines
      .github/workflows/codeql.yml                1 line
      .github/workflows/eval-nightly.yml          2 lines
      .github/workflows/pin-freshness-audit.yml   2 lines
      .github/workflows/release.yml               3 lines
      .github/workflows/security.yml              5 lines
    
    No behaviour change beyond the underlying Node runtime. The actions
    themselves keep the same input/output contract across these majors
    (per upstream release notes).
    
    Local verification:
      pin-freshness audit: 68 pins checked, 0 findings
      pytest tests/: 215 passed
      mypy --strict, ruff, ci-script compile gate, branch-protection
        contexts sync: all clean
    
    Self-version bump 0.2.17 -> 0.2.18 (chore = PATCH).
    
    Closes #109
    
    * chore: trigger CI re-evaluation
    
    * chore: retrigger CI after Actions outage
    
    * chore: retrigger CI after Actions outage
    constk authored May 27, 2026
    Configuration menu
    Copy the full SHA
    8faa8db View commit details
    Browse the repository at this point in the history

Commits on May 30, 2026

  1. chore: swap pyproject author email to GitHub noreply, 0.2.19 (#111)

    Pre-publish hygiene per #98: pyproject.toml carried the maintainer's
    personal Gmail in the [authors] block, which becomes world-readable
    the moment the repo is flipped public (and gets scraped by PyPI-style
    metadata indexers regardless).
    
    Swaps to the GitHub privacy-protected noreply alias
    (41453723+constk@users.noreply.github.com) that already serves as
    the git-author identity across develop/main history. Same contact
    identity, less personal-data leak.
    
    Closes #98. Also closes #97 — the artifact-tracking audit ran clean
    on the current checkout (no .coverage, .venv, __pycache__, .pyc, or
    node_modules tracked).
    
    Self-version bump 0.2.18 -> 0.2.19 (chore = PATCH).
    constk authored May 30, 2026
    Configuration menu
    Copy the full SHA
    79f368a View commit details
    Browse the repository at this point in the history
Loading