dependabot[bot]
031c3fe34f
chore(deps): bump actions/checkout from 6.0.0 to 6.0.1
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 6.0.0 to 6.0.1.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](1af3b93b68...8e8c483db8support@github.com >
2025-12-18 11:05:47 +01:00
dependabot[bot]
52a22ea82a
chore(deps): bump actions/checkout from 5.0.0 to 6.0.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 5.0.0 to 6.0.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](08c6903cd8...1af3b93b68support@github.com >
2025-12-04 09:42:59 +01:00
David Testé
197443a1c0
chore(ci): update slab-github-runner action to v1.4.2
2025-11-28 16:50:40 +01:00
David Testé
25a8bbfd89
chore(ci): make slack notify fail in case of error on teardown
...
On instance teardown we want to be informed of any failure to
avoid having zombies running due to Slack notify action error
being silenced.
2025-11-21 17:15:58 +01:00
David Testé
a33c12d5a9
chore(ci): fix zizmor findings in workflows
2025-11-14 15:24:10 +01:00
dependabot[bot]
3d345a648b
chore(deps): bump actions/cache from 4.2.4 to 4.3.0
...
Bumps [actions/cache](https://github.com/actions/cache ) from 4.2.4 to 4.3.0.
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](0400d5f644...0057852bfasupport@github.com >
2025-09-29 14:21:17 +02:00
David Testé
9918dacd6a
chore(ci): change workflow jobs naming convention
...
The term "bpr" means Branch Protection Rule. It helps one to
identify any job that must pass before being able to merge to the
base branch.
2025-09-10 15:36:45 +02:00
dependabot[bot]
167e96a30c
chore(deps): update dtolnay/rust-toolchain requirement to e97e2d8cc328f1b50210efc529dca0028893a2d9
...
Updates the requirements on [dtolnay/rust-toolchain](https://github.com/dtolnay/rust-toolchain ) to permit the latest version.
- [Release notes](https://github.com/dtolnay/rust-toolchain/releases )
- [Commits](e97e2d8cc3support@github.com >
2025-08-26 16:05:48 +02:00
dependabot[bot]
ce9647d3a9
chore(deps): bump actions/checkout from 4.2.2 to 5.0.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.2.2 to 5.0.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](11bd71901b...08c6903cd8support@github.com >
2025-08-18 14:11:55 +02:00
dependabot[bot]
8ff73f7d73
chore(deps): bump actions/cache from 4.2.3 to 4.2.4
...
Bumps [actions/cache](https://github.com/actions/cache ) from 4.2.3 to 4.2.4.
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](5a3ec84eff...0400d5f644support@github.com >
2025-08-12 15:44:29 +02:00
dependabot[bot]
167329c52a
chore(deps): bump dtolnay/rust-toolchain
...
Bumps [dtolnay/rust-toolchain](https://github.com/dtolnay/rust-toolchain ) from 888c2e1ea69ab0d4330cbf0af1ecc7b68f368cc1 to b3b07ba8b418998c39fb20f53e8b695cdcc8de1b.
- [Release notes](https://github.com/dtolnay/rust-toolchain/releases )
- [Commits](888c2e1ea6...b3b07ba8b4support@github.com >
2025-06-10 17:04:02 +02:00
David Testé
856fc1a709
chore(ci): ignore stale action refs on rust-toolchain action
...
This action doesn't create releases so the action refs doesn't point to a known tag.
If this zizmor findings is not ignored, then continuous integration pipeline is broken.
2025-06-04 11:48:01 +02:00
David Testé
11df6c69ee
chore(ci): fix workflow security warnings
...
Since Zizmor v1.9.0, new pedantic warnings are detected especially
regarding template-injection patterns.
2025-06-02 14:46:14 +02:00
David Testé
aa6dadfe69
chore(ci): ensure minimal permission for github default token
...
With recent enforcing of the least permissions for GITHUB_TOKEN, pull-request from external contributors would trigger systematic error (i.e. on repository checkout) in the continuous integration pipeline.
Allowing contents:read fixes this behavior.
2025-05-12 18:07:02 +02:00
David Testé
3f3b4aef41
chore(ci): fix template-injection and token permissions issues
...
This is part of security issues remediation campaign after having
analyzed workflow using zizmor cargo tool.
2025-05-06 14:06:17 +02:00
David Testé
5b57470652
chore(ci): fix slack notify in case of cancelled step
...
If a step is cancelled, it is not considered as failure by GitHub. So if a user cancelled a task or if a job timed out, then no Slack notification was sent and devs weren't able to track down these events.
2025-04-23 15:13:37 +02:00
dependabot[bot]
7410274126
chore(deps): bump rtCamp/action-slack-notify from 2.3.2 to 2.3.3
...
Bumps [rtCamp/action-slack-notify](https://github.com/rtcamp/action-slack-notify ) from 2.3.2 to 2.3.3.
- [Release notes](https://github.com/rtcamp/action-slack-notify/releases )
- [Commits](c33737706d...e31e87e03dsupport@github.com >
2025-04-15 13:33:54 +02:00
dependabot[bot]
f7210c80a9
chore(deps): bump actions/cache from 4.2.2 to 4.2.3
...
Bumps [actions/cache](https://github.com/actions/cache ) from 4.2.2 to 4.2.3.
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](d4323d4df1...5a3ec84effsupport@github.com >
2025-03-24 17:50:01 +01:00
dependabot[bot]
f3e14dc311
chore(deps): bump dtolnay/rust-toolchain
...
Bumps [dtolnay/rust-toolchain](https://github.com/dtolnay/rust-toolchain ) from a54c7afa936fefeb4456b2dd8068152669aa8203 to 888c2e1ea69ab0d4330cbf0af1ecc7b68f368cc1.
- [Release notes](https://github.com/dtolnay/rust-toolchain/releases )
- [Commits](a54c7afa93...888c2e1ea6support@github.com >
2025-03-17 17:55:09 +01:00
David Testé
8dadb626f2
chore(ci): add pull-request url to slack notification message
...
This adds context to Zama developers on slack to quickly go to pull-request if the run emitted from one.
2025-03-12 17:00:30 +01:00
David Testé
f8e56c104e
chore(ci): fix slack notification message
...
There was a leftover from first iteration of external contribution management.
2025-03-11 14:20:26 +01:00
dependabot[bot]
fa41fb3ad4
chore(deps): bump actions/cache from 4.2.1 to 4.2.2
...
Bumps [actions/cache](https://github.com/actions/cache ) from 4.2.1 to 4.2.2.
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](0c907a75c2...d4323d4df1support@github.com >
2025-03-03 11:52:45 +01:00
David Testé
9f48db2a90
chore(ci): fix workflow concurrency condition
...
Referencing current branch using github.head_ref is a leftover
from handling pull_request_target event. This event being removed,
there is no need to be specific and we can instead use
'github.workflow_ref' which is more robust.
2025-02-26 14:11:42 +01:00
dependabot[bot]
bd06971680
chore(deps): bump actions/cache from 4.2.0 to 4.2.1
...
Bumps [actions/cache](https://github.com/actions/cache ) from 4.2.0 to 4.2.1.
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](1bd1e32a3b...0c907a75c2support@github.com >
2025-02-24 11:46:53 +01:00
David Testé
eeb6c8a71f
chore(ci): remove pull_request_target for external contributions
...
We use large GitHub hosted runners to run CI pipeline for external
contributions. This avoids possible secret exposition due to usage
of pull_request_target event. It also removes a layer a complexity
to ensure such secrets are not exposed.
The flow would be improved since tfhe-rs maintainers won't have to
relaunch failed jobs individually, thanks to the "approve and run"
button in GitHub user interface.
2025-02-13 08:45:02 +01:00
David Testé
1a3b2d71f5
chore(ci): extend external contribution to all pr workflows
...
User permission checking is done after the should-run, when there
is such step, rather than before it. This way, only workflows that
should run would fail id triggering actor is not allowed to launch
it. Thus a repository maintainer would have to re-run only a
handful of jobs that would effectively run afterward
(i.e relevant code has changed and setup-instance would be called).
2025-01-23 14:32:09 +01:00
David Testé
dbde7ada2d
chore(ci): use limited access token to checkout repositories
...
This approach allows checkout public and private repository, like
Slab, without to worry too much about secret leakage under certain
circumstances (e.g. under pull request from forks).
The token has just read access on selected repositories.
2025-01-23 14:32:09 +01:00
David Testé
0952dfa1ad
chore(ci): run teardown job only if setup is a success
2025-01-13 12:19:39 +01:00
David Testé
33d5091025
chore(deps): bump zama-ai/slab-github-runner
2024-12-20 10:56:22 +01:00
dependabot[bot]
950cece2a9
chore(deps): bump dtolnay/rust-toolchain
...
Bumps [dtolnay/rust-toolchain](https://github.com/dtolnay/rust-toolchain ) from 315e265cd78dad1e1dcf3a5074f6d6c47029d5aa to a54c7afa936fefeb4456b2dd8068152669aa8203.
- [Release notes](https://github.com/dtolnay/rust-toolchain/releases )
- [Commits](315e265cd7...a54c7afa93support@github.com >
2024-12-18 11:39:47 +01:00
dependabot[bot]
7c2bcaee15
chore(deps): bump actions/cache from 4.1.2 to 4.2.0
...
Bumps [actions/cache](https://github.com/actions/cache ) from 4.1.2 to 4.2.0.
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](6849a64899...1bd1e32a3bsupport@github.com >
2024-12-09 11:01:18 +01:00
dependabot[bot]
3ccfb9616a
chore(deps): bump zama-ai/slab-github-runner from 1.2.0 to 1.3.0
...
Bumps [zama-ai/slab-github-runner](https://github.com/zama-ai/slab-github-runner ) from 1.2.0 to 1.3.0.
- [Release notes](https://github.com/zama-ai/slab-github-runner/releases )
- [Commits](https://github.com/zama-ai/slab-github-runner/compare/v1.2.0...98f0788261a7323d5d695a883e20df36591a92b7 )
---
updated-dependencies:
- dependency-name: zama-ai/slab-github-runner
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2024-11-25 11:06:12 +01:00
dependabot[bot]
83dc9b9453
chore(deps): bump dtolnay/rust-toolchain
...
Bumps [dtolnay/rust-toolchain](https://github.com/dtolnay/rust-toolchain ) from 7b1c307e0dcbda6122208f10795a713336a9b35a to 315e265cd78dad1e1dcf3a5074f6d6c47029d5aa.
- [Release notes](https://github.com/dtolnay/rust-toolchain/releases )
- [Commits](7b1c307e0d...315e265cd7support@github.com >
2024-11-25 11:06:04 +01:00
Nicolas Sarlin
6ee3eb17b9
chore(zk): add a proof compat test between x86_64 and wasm
2024-11-05 17:07:04 +01:00
David Testé
8d53fa124d
chore(ci): cache node build in workflows
...
Building Node is failing often due to network error.
Caching a successful build will allow more reliable workflows.
2024-11-04 09:19:46 +01:00
dependabot[bot]
69482dec9b
chore(deps): bump actions/checkout from 4.2.1 to 4.2.2
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.2.1 to 4.2.2.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](eef61447b9...11bd71901bsupport@github.com >
2024-10-28 15:01:14 +01:00
dependabot[bot]
2d341f8506
chore(deps): bump rtCamp/action-slack-notify from 2.3.1 to 2.3.2
...
Bumps [rtCamp/action-slack-notify](https://github.com/rtcamp/action-slack-notify ) from 2.3.1 to 2.3.2.
- [Release notes](https://github.com/rtcamp/action-slack-notify/releases )
- [Commits](65e6fc1ce6...c33737706dsupport@github.com >
2024-10-28 15:01:05 +01:00
dependabot[bot]
6628717077
chore(deps): update zama-ai/slab-github-runner requirement to 801df0b8db5ea2b06128b7476c652f5ed5f193a8
...
Updates the requirements on [zama-ai/slab-github-runner](https://github.com/zama-ai/slab-github-runner ) to permit the latest version.
- [Release notes](https://github.com/zama-ai/slab-github-runner/releases )
- [Commits](801df0b8dbsupport@github.com >
2024-10-25 16:31:23 +02:00
dependabot[bot]
9393e59e05
chore(deps): bump rtCamp/action-slack-notify from 2.3.0 to 2.3.1
...
Bumps [rtCamp/action-slack-notify](https://github.com/rtcamp/action-slack-notify ) from 2.3.0 to 2.3.1.
- [Release notes](https://github.com/rtcamp/action-slack-notify/releases )
- [Commits](4e5fb42d24...65e6fc1ce6support@github.com >
2024-10-21 15:40:32 +02:00
David Testé
483a4fecf1
chore(ci): fix firefox wasm benchmarks with new aws ami
...
Some libs were missing to be able to run Firefox out of the box.
Besides, action runner is now installed as ubuntu user since
Firefox is not able to run as root.
2024-10-16 10:50:27 +02:00
dependabot[bot]
d8ac12daa9
chore(deps): bump actions/checkout from 4.2.0 to 4.2.1
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.2.0 to 4.2.1.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](d632683dd7...eef61447b9support@github.com >
2024-10-14 13:33:28 +02:00
dependabot[bot]
75d2457a6f
chore(deps): bump actions/checkout from 4.1.7 to 4.2.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.7 to 4.2.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](692973e3d9...d632683dd7support@github.com >
2024-10-01 11:48:35 +02:00
Arthur Meyre
43d91f512f
chore(ci): use python as webdriver for wasm test and benchmarks
...
Swtich from Jest and Puppeteer to Python with Selenium. It relies
on browser and webdriver binaries from browser fabricators.
For now the Python script only supports Chrome browser.
2024-09-25 09:11:13 +02:00
David Testé
47ea8bf45c
chore(deps): update slab-github-runner requirement to last version
2024-09-23 09:46:52 +02:00
David Testé
ca7b29163e
chore(ci): add token to checkout private repo tfhe-rs-internal
2024-09-19 14:00:34 +02:00
Arthur Meyre
97d7ed9ec2
chore(ci): only notify for most things on failure
2024-09-18 17:41:24 +02:00
Arthur Meyre
26b666955a
chore(ci): timeout wasm bench and test at the GitHub runner level
...
- avoids a stuck runner for 6 hours
- actions timeouts are slightly larger than the test runner timeout to
have a chance to get a log out
2024-09-06 17:41:22 +02:00
Arthur Meyre
32b45ac4bc
chore(js): increase timeout for ZK test as it can be surpassed
...
- this seemed to cause the test runner to hang forever
- also add a timeout in the GitHub workflow, to avoid having the test
runner wait forever (or in this case 6 hours because of default timeout)
2024-09-06 14:19:07 +02:00
dependabot[bot]
eaa1d07f90
chore(deps): bump dtolnay/rust-toolchain
...
Bumps [dtolnay/rust-toolchain](https://github.com/dtolnay/rust-toolchain ) from 21dc36fb71dd22e3317045c0c31a3f4249868b17 to 7b1c307e0dcbda6122208f10795a713336a9b35a.
- [Release notes](https://github.com/dtolnay/rust-toolchain/releases )
- [Commits](21dc36fb71...7b1c307e0dsupport@github.com >
2024-08-12 15:06:32 +02:00
David Testé
d58a1b68cb
chore(ci): update slab-github-runner action
2024-07-17 16:16:52 +02:00
