Merged
Conversation
- Linux jobs now use the namespace-profile-endev custom runner profile - macOS jobs use nscloud-macos-sequoia-arm64-6x14 - Windows jobs use nscloud-windows-2022-amd64-8x16 - Replace Swatinem/rust-cache with namespacelabs/nscloud-cache-action (cache: rust) - Matrix jobs gain a separate runner field so existing matrix.os conditionals and artifact names continue to work unchanged Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Contributor
|
Note Gemini is unable to generate a review for this pull request due to the file types involved not being currently supported. |
Greptile SummaryThis PR migrates all GitHub Actions workflows from GitHub-hosted runners ( Confidence Score: 5/5Safe to merge — pure CI infrastructure change with no production code modified and no correctness issues found. No P0 or P1 findings. The migration is careful: actions are SHA-pinned, Windows gracefully falls back to GitHub-hosted runners, and the one known incompatibility (ci-nogit) is explicitly documented and excluded from Namespace runners. No files require special attention. Important Files Changed
Flowchart%%{init: {'theme': 'neutral'}}%%
flowchart TD
A[GitHub Actions Trigger] --> B{Runner Selection}
B -->|Linux and macOS jobs| C[namespace-profile-endev-*]
B -->|Windows jobs| D[windows-latest GitHub-hosted]
B -->|ci-nogit job| E[ubuntu-latest or macos-latest\nGitHub-hosted workaround]
C --> F[nscloud-cache-action\ncache: rust]
D --> G[Swatinem rust-cache\nper-target key]
E --> H[No Rust cache step]
F --> I[Build / Test / Lint / Deploy]
G --> I
H --> I
I --> J{Workflow outcome}
J -->|release| K[Upload binary artifacts\nnamed hk-matrix.os]
J -->|ci| L[Run test suites]
J -->|docs| M[Deploy GitHub Pages]
Reviews (10): Last reviewed commit: "ci: drop fork PR fallback, use namespace..." | Re-trigger Greptile |
Match the rest of the repo's practice of pinning third-party actions to immutable commit SHAs rather than mutable version tags. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2c519c3 to
5ba1373
Compare
The bare nscloud labels don't include a cache volume, so the nscloud-cache-action step failed with "requires a cache volume to be configured". The Linux jobs run on namespace-profile-endev which has cache attached at the profile level; macOS and Windows need the -with-cache suffix on the label itself. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Use the per-OS namespace profiles configured in the dashboard: - namespace-profile-endev-linux-amd64 - namespace-profile-endev-macos-arm64 Each profile has its cache volume attached, so the bare nscloud labels (which lacked cache) are no longer needed. Drop -with-cache suffix variants, which didn't actually attach cache on macOS. Windows reverts to windows-latest (no namespace profile exists) and uses Swatinem/rust-cache. Same for windows targets in the release matrix. Add a fork-PR fallback to ci.yml and autofix.yml: PRs from forks run on github-hosted runners with Swatinem/rust-cache instead of namespace profiles. This avoids needing to authorize forks on the namespace org and prevents cost burn from spam PRs. Add .github/actionlint.yaml whitelisting the new profile labels so 'mise run lint' and the autofix workflow stop flagging them as unknown self-hosted runner labels. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
5f8c54e to
75c1351
Compare
mise's ubi backend is deprecated and on the namespace runner image fails to locate the shellcheck executable inside the downloaded package. Use the bare 'shellcheck' tool name so mise resolves it through its default registry (aqua), matching how other stubs in this directory are wired. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Merged
4 tasks
Workaround for jdx/mise-action#456: the action's default cache key was os+arch only, so github-hosted and namespace caches collide and restoring one onto the other corrupts tool installs (e.g. swiftlint SIGILL on Linux, "no executable named X" across backends on macOS). Set cache_key_prefix to include runner.environment ("github-hosted" or "self-hosted") so fork-PR (github-hosted) and main/non-fork (namespace) runs use separate cache pools. Drop once mise-action#456 lands and we re-pin to the new version. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
jdx
added a commit
to jdx/mise-action
that referenced
this pull request
Apr 30, 2026
…isions (#456) ## Problem The default cache key was `mise-v1-{os}-{arch}-{file_hash}` — no runner-image discriminator. Any repo whose CI runs on multiple runner providers with the same os/arch shares one cache slot: - github-hosted `macos-latest` - namespace.so `nscloud-macos-sequoia-arm64-*` / `namespace-profile-*-macos-arm64` - self-hosted M-series macs - BuildJet, blacksmith, etc. When a repo migrates from one provider to another, the new run restores the previous provider's tool installs (~200 MB of `~/.local/share/mise/installs/*`), and tools that loaded fine in the original image break in the new one. ### Concrete failures observed Discovered while migrating [jdx/hk](jdx/hk#891) from github-hosted to namespace.so. Same `mise-v1-macos-arm64-<hash>` cache hit on namespace; tool resolution fails everywhere: ``` mise ERROR Tool 'ubi:koalaman/shellcheck' does not have an executable named 'shellcheck' mise ERROR Tool 'gem:asciidoctor' does not have an executable named 'asciidoctor' mise ERROR Tool 'aqua:betterleaks/betterleaks' does not have an executable named 'betterleaks' mise ERROR Tool 'biome' does not have an executable named 'biome' mise ERROR Tool 'buf' does not have an executable named 'buf' mise ERROR Tool 'github:google/google-java-format' does not have an executable named 'google-java-format' ``` — installs are present (cache restored 185 MB) but the executable layout from the github-hosted macOS-15 image doesn't match what mise expects on namespace's macOS arm64 image. On Linux, cached binaries built against the github-hosted ubuntu glibc/CPU featureset SIGILL on namespace's image (e.g. `swiftlint` exit code 132). ## Fix Append the GitHub Actions hosted-runner `ImageOS` env var (e.g. `macos15`, `ubuntu24`) to the platform segment of the default cache key. Other runners pool under `self-hosted`. ```ts const imageOS = process.env.ImageOS || 'self-hosted' return `${base}-${imageOS}` ``` After this change: - `mise-v1-macos-arm64-macos15-<hash>` (github-hosted) - `mise-v1-macos-arm64-self-hosted-<hash>` (namespace, self-hosted, etc.) Users with multiple self-hosted profiles that need finer scoping can set `cache_key_prefix` per workflow. The README's docs for `{{platform}}` are updated to reflect the new format. ## Trade-offs - One-time cache miss for everyone on the next run after upgrade. Cache rebuilds and stays scoped per-image after that. - Hosted-runner image rolls (e.g. `macos15` → `macos16`) will invalidate cache, which is desirable — that's exactly when stale binaries cause problems. - Self-hosted users with mixed runner pools all share one `self-hosted` slot. They'd need `cache_key_prefix` per pool, same as before. This PR doesn't make that worse. ## Test plan - [ ] Verify `dist/index.js` rebuilt cleanly (yes, `npm run package` succeeded with the change visible at `getTarget()` callsite). - [ ] Run on a github-hosted runner — confirm `ImageOS` is read from env (e.g. `macos15`) and shows up in the `mise cache restored from key:` log line. - [ ] Run on a non-hosted runner — confirm fallback to `-self-hosted`. - [ ] Verify a workflow that switched providers no longer pulls a poisoned cache. <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Medium Risk** > Changes cache-key generation and will cause a one-time cache miss plus different cache partitioning, which can affect build times and cache reuse across runners. > > **Overview** > Updates the default cache-key `{{platform}}` value to append a runner image discriminator (`process.env.ImageOS` on GitHub-hosted runners, otherwise `self-hosted`), reducing cross-provider/image cache collisions that can restore incompatible tool installs. > > Implements this via a new `getRunnerImageId()` helper used during cache-key template processing, and documents the new `{{platform}}` format in the README; `dist/index.js` is rebuilt accordingly. > > <sup>Reviewed by [Cursor Bugbot](https://cursor.com/bugbot) for commit ef1bd0e. Bugbot is set up for automated code reviews on this repo. Configure [here](https://www.cursor.com/dashboard/bugbot).</sup> <!-- /CURSOR_SUMMARY -->
Re-pin jdx/mise-action to b287efd (post jdx/mise-action#456 merge), which builds runner.environment-style discrimination into the cache key automatically. Drop the cache_key_prefix workaround everywhere except release-plz.yml, where the with: block keeps experimental: true. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
builtins_tests.bats installs ~50 tools via mise under 16-way bats parallelism. On namespace runners this surfaces several mise issues: many backends report "does not have an executable named X" on fresh installs (aqua, github, npm, pipx, gem all affected), and asdf:swiftlint binaries SIGILL on namespace's linux image. The same test passes consistently on github-hosted runners. Run this single job on github-hosted runners until the mise + namespace incompatibility is investigated. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Forks running on the upstream repo's workflow can rewrite the runs-on labels anyway (pull_request events use the fork's HEAD workflow file), so the conditional fallback to github-hosted on fork PRs didn't actually constrain what an attacker could do — just complicated the YAML. Drop the conditional and use namespace profiles uniformly. Token semantics are unchanged: fork PRs still get a read-only GITHUB_TOKEN with no secrets regardless of runner provider, since GitHub Actions controls token issuance, not the runner. ci-nogit stays pinned to github-hosted for an unrelated reason (mise + namespace tool-install incompatibility under high parallelism in builtins_tests.bats). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Merged
jdx
added a commit
that referenced
this pull request
Apr 30, 2026
### 🐛 Bug Fixes - **(hook)** do not stage fixes when fail_on_fix=true by [@jdx](https://github.com/jdx) in [#892](#892) - use site domain for plausible data-domain by [@jdx](https://github.com/jdx) in [#886](#886) - make text-mode progress output usable in CI by [@jdx](https://github.com/jdx) in [#890](#890) ### 📚 Documentation - prefix GitHub star count with ★ glyph by [@jdx](https://github.com/jdx) in [#883](#883) ### 🔍 Other Changes - **(release)** dedupe sponsor section in release notes by [@jdx](https://github.com/jdx) in [#881](#881) - switch analytics from gtm/goatcounter to plausible by [@jdx](https://github.com/jdx) in [#885](#885) - migrate to namespace.so runners by [@jdx](https://github.com/jdx) in [#891](#891) <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Low Risk** > Low risk release bookkeeping: version bumps, regenerated docs, and lockfile dependency updates with no functional code changes in this PR. > > **Overview** > Bumps `hk` to **v1.44.3** and adds the corresponding `CHANGELOG.md` release entry. > > Regenerates versioned docs/CLI artifacts to reference `1.44.3` (package URLs and generated `commands.json`/`index.md`) and updates `Cargo.lock` with dependency resolution changes (notably `jni`, `rustls*`, `reqwest`, `wasm-bindgen`, and `thiserror` unification). > > <sup>Reviewed by [Cursor Bugbot](https://cursor.com/bugbot) for commit ab7b72e. Bugbot is set up for automated code reviews on this repo. Configure [here](https://www.cursor.com/dashboard/bugbot).</sup> <!-- /CURSOR_SUMMARY --> Co-authored-by: mise-en-dev <123107610+mise-en-dev@users.noreply.github.com>
jdx
added a commit
to endevco/aube
that referenced
this pull request
Apr 30, 2026
## Summary - move Linux and macOS CI, docs, release automation, benchmark refresh, packaging, and publish jobs to Namespace runner profiles - keep Windows jobs on GitHub-hosted runners where no Namespace Windows profile is configured - replace Rust cache usage on Namespace jobs with `namespacelabs/nscloud-cache-action` and add actionlint runner-label config - preserve existing `matrix.os` values while adding `matrix.runner` so artifact names and OS conditionals keep working ## Notes - mirrors the runner split used in jdx/hk#891: `namespace-profile-endev-linux-amd64`, `namespace-profile-endev-macos-arm64`, and GitHub-hosted Windows - drops the GitHub Actions cache restore from `bench-refresh`; the Namespace runner profile provides the cache volume ## Validation - `MISE_LOCKED=1 mise x actionlint@latest -- actionlint` - `git diff --check` *This PR was generated by Codex.* <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Medium Risk** > Touches many release/CI workflows and runner environments, so misconfigured runners/caching could break builds, releases, or publish automation despite minimal application-code impact. > > **Overview** > Migrates CI, release automation, docs, benchmarking, and publish workflows from `ubuntu-latest`/`macos-latest` GitHub-hosted runners to Namespace runner profiles (e.g. `namespace-profile-endev-linux-amd64`, `namespace-profile-endev-macos-arm64`), while *explicitly keeping* Windows jobs and BATS/jail-sensitive test jobs on GitHub-hosted runners. > > Replaces `Swatinem/rust-cache` usage on the migrated jobs with `namespacelabs/nscloud-cache-action` (Rust cache) and updates matrices to add a separate `matrix.runner` so existing `matrix.os`-based artifact naming/conditionals continue to work. Adds `.github/actionlint.yaml` runner-label configuration so `actionlint` recognizes the new self-hosted labels. > > <sup>Reviewed by [Cursor Bugbot](https://cursor.com/bugbot) for commit 6646c8c. Bugbot is set up for automated code reviews on this repo. Configure [here](https://www.cursor.com/dashboard/bugbot).</sup> <!-- /CURSOR_SUMMARY -->
1 task
jdx
added a commit
that referenced
this pull request
Apr 30, 2026
## Summary - Add a CI section to the README thanking [Namespace](https://namespace.so) for providing GitHub Actions runners and caching, following the migration in #891. ## Test plan - [ ] README renders correctly on GitHub 🤖 Generated with [Claude Code](https://claude.com/claude-code) <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Low Risk** > Documentation-only change adding attribution and an embedded logo; no runtime or behavior impact. > > **Overview** > Adds a new **CI** section to `README.md` crediting [Namespace](https://namespace.so) for providing CI, including a small linked logo image. > > Adds the `docs/public/namespace-logo.svg` asset referenced by the README. > > <sup>Reviewed by [Cursor Bugbot](https://cursor.com/bugbot) for commit 887e12a. Bugbot is set up for automated code reviews on this repo. Configure [here](https://www.cursor.com/dashboard/bugbot).</sup> <!-- /CURSOR_SUMMARY --> --------- Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
tmeijn
pushed a commit
to tmeijn/dotfiles
that referenced
this pull request
May 8, 2026
This MR contains the following updates: | Package | Update | Change | |---|---|---| | [hk](https://github.com/jdx/hk) | minor | `1.43.0` → `1.45.0` | MR created with the help of [el-capitano/tools/renovate-bot](https://gitlab.com/el-capitano/tools/renovate-bot). **Proposed changes to behavior should be submitted there as MRs.** --- ### Release Notes <details> <summary>jdx/hk (hk)</summary> ### [`v1.45.0`](https://github.com/jdx/hk/blob/HEAD/CHANGELOG.md#1450---2026-05-04) [Compare Source](jdx/hk@v1.44.3...v1.45.0) ##### 🚀 Features - **(builtins)** add `buildifier` format and lint built-ins by [@​plx](https://github.com/plx) in [#​896](jdx/hk#896) ##### 🐛 Bug Fixes - **(step)** only auto-batch when rendered command exceeds ARG\_MAX by [@​jdx](https://github.com/jdx) in [#​901](jdx/hk#901) ##### 📚 Documentation - thank Namespace for GitHub Actions runner support by [@​jdx](https://github.com/jdx) in [#​895](jdx/hk#895) ##### 🔍 Other Changes - **(ci)** use !cancelled() instead of always() for final job by [@​jdx](https://github.com/jdx) in [#​906](jdx/hk#906) - **(docs)** remove shrill.en.dev analytics script by [@​jdx](https://github.com/jdx) in [#​903](jdx/hk#903) - remove rust-cache from release jobs by [@​jdx](https://github.com/jdx) in [#​893](jdx/hk#893) - invert CLAUDE.md/AGENTS.md so AGENTS.md is canonical by [@​jdx](https://github.com/jdx) in [#​905](jdx/hk#905) - set dev profile debug to 1 by [@​jdx](https://github.com/jdx) in [#​907](jdx/hk#907) ##### 📦️ Dependency Updates - update anthropics/claude-code-action digest to [`fefa07e`](jdx/hk@fefa07e) by [@​renovate\[bot\]](https://github.com/renovate\[bot]) in [#​897](jdx/hk#897) - update jdx/mise-action digest to [`1648a78`](jdx/hk@1648a78) by [@​renovate\[bot\]](https://github.com/renovate\[bot]) in [#​898](jdx/hk#898) - update apple-actions/import-codesign-certs action to v7 by [@​renovate\[bot\]](https://github.com/renovate\[bot]) in [#​900](jdx/hk#900) - update autofix-ci/action action to v1.3.4 by [@​renovate\[bot\]](https://github.com/renovate\[bot]) in [#​899](jdx/hk#899) - lock file maintenance by [@​renovate\[bot\]](https://github.com/renovate\[bot]) in [#​908](jdx/hk#908) ##### New Contributors - [@​plx](https://github.com/plx) made their first contribution in [#​896](jdx/hk#896) ### [`v1.44.3`](https://github.com/jdx/hk/blob/HEAD/CHANGELOG.md#1443---2026-04-30) [Compare Source](jdx/hk@v1.44.2...v1.44.3) ##### 🐛 Bug Fixes - **(hook)** do not stage fixes when fail\_on\_fix=true by [@​jdx](https://github.com/jdx) in [#​892](jdx/hk#892) - use site domain for plausible data-domain by [@​jdx](https://github.com/jdx) in [#​886](jdx/hk#886) - make text-mode progress output usable in CI by [@​jdx](https://github.com/jdx) in [#​890](jdx/hk#890) ##### 📚 Documentation - prefix GitHub star count with ★ glyph by [@​jdx](https://github.com/jdx) in [#​883](jdx/hk#883) ##### 🔍 Other Changes - **(release)** dedupe sponsor section in release notes by [@​jdx](https://github.com/jdx) in [#​881](jdx/hk#881) - switch analytics from gtm/goatcounter to plausible by [@​jdx](https://github.com/jdx) in [#​885](jdx/hk#885) - migrate to namespace.so runners by [@​jdx](https://github.com/jdx) in [#​891](jdx/hk#891) ### [`v1.44.2`](https://github.com/jdx/hk/blob/HEAD/CHANGELOG.md#1442---2026-04-26) [Compare Source](jdx/hk@v1.44.1...v1.44.2) ##### 🐛 Bug Fixes - **(builtins)** silence pklr deprecation warnings on Builtins.pkl load by [@​jdx](https://github.com/jdx) in [#​880](jdx/hk#880) - **(ci)** serialize docs lint step by [@​jdx](https://github.com/jdx) in [#​874](jdx/hk#874) - **(config)** include main pkl path in cache fresh files by [@​jdx](https://github.com/jdx) in [#​879](jdx/hk#879) - **(docs)** stack banner message and link on mobile by [@​jdx](https://github.com/jdx) in [#​865](jdx/hk#865) - **(docs)** pin banner close button to top-right corner on mobile by [@​jdx](https://github.com/jdx) in [#​867](jdx/hk#867) ##### 📚 Documentation - **(site)** show release version and github stars by [@​jdx](https://github.com/jdx) in [#​872](jdx/hk#872) ##### 🔍 Other Changes - add pr-closer workflow by [@​jdx](https://github.com/jdx) in [#​876](jdx/hk#876) ##### 📦️ Dependency Updates - bump communique 1.0.3 → 1.0.4 by [@​jdx](https://github.com/jdx) in [#​868](jdx/hk#868) - update anthropics/claude-code-action digest to [`2da6cfa`](jdx/hk@2da6cfa) by [@​renovate\[bot\]](https://github.com/renovate\[bot]) in [#​869](jdx/hk#869) - update anthropics/claude-code-action digest to [`567fe95`](jdx/hk@567fe95) by [@​renovate\[bot\]](https://github.com/renovate\[bot]) in [#​870](jdx/hk#870) - bump communique to 1.1.2 by [@​jdx](https://github.com/jdx) in [#​875](jdx/hk#875) ### [`v1.44.1`](https://github.com/jdx/hk/blob/HEAD/CHANGELOG.md#1441---2026-04-24) [Compare Source](jdx/hk@v1.44.0...v1.44.1) ##### 🐛 Bug Fixes - **(git)** skip untracked scan when HK\_STASH\_UNTRACKED=false by [@​jdx](https://github.com/jdx) in [#​861](jdx/hk#861) - **(run)** add post-commit and pre-rebase subcommands by [@​jdx](https://github.com/jdx) in [#​858](jdx/hk#858) ##### 📚 Documentation - **(install)** recommend global hooks as primary setup path by [@​jdx](https://github.com/jdx) in [#​855](jdx/hk#855) - add cross-site announcement banner by [@​jdx](https://github.com/jdx) in [#​857](jdx/hk#857) - respect banner expires field by [@​jdx](https://github.com/jdx) in [#​862](jdx/hk#862) ##### 🔍 Other Changes - vendor bats test helpers instead of git submodules by [@​jdx](https://github.com/jdx) in [#​859](jdx/hk#859) ##### 📦️ Dependency Updates - bump communique to 1.0.3 by [@​jdx](https://github.com/jdx) in [#​863](jdx/hk#863) - update anthropics/claude-code-action digest to [`e58dfa5`](jdx/hk@e58dfa5) by [@​renovate\[bot\]](https://github.com/renovate\[bot]) in [#​864](jdx/hk#864) ### [`v1.44.0`](https://github.com/jdx/hk/blob/HEAD/CHANGELOG.md#1440---2026-04-23) [Compare Source](jdx/hk@v1.43.0...v1.44.0) ##### 🚀 Features - **(check)** implement --plan, --why, and --json by [@​jdx](https://github.com/jdx) in [#​848](jdx/hk#848) - **(cocogitto)** add cocogitto conventional commits config to hk builtin config by [@​hituzi-no-sippo](https://github.com/hituzi-no-sippo) in [#​838](jdx/hk#838) - **(git)** support GIT\_DIR/GIT\_WORK\_TREE for bare-repo dotfile managers by [@​jdx](https://github.com/jdx) in [#​847](jdx/hk#847) - **(install)** use Git 2.54 config-based hooks with --global support by [@​jdx](https://github.com/jdx) in [#​853](jdx/hk#853) ##### 🐛 Bug Fixes - use text progress in CI by [@​jdx](https://github.com/jdx) in [#​845](jdx/hk#845) ##### 📚 Documentation - generalize agent guidelines by [@​jdx](https://github.com/jdx) in [#​846](jdx/hk#846) - add releases nav and aube lock by [@​jdx](https://github.com/jdx) in [#​849](jdx/hk#849) ##### 🔍 Other Changes - **(release)** append en.dev sponsor blurb to release notes by [@​jdx](https://github.com/jdx) in [#​854](jdx/hk#854) - bump communique to 1.0.1 by [@​jdx](https://github.com/jdx) in [#​850](jdx/hk#850) ##### 📦️ Dependency Updates - update actions-rust-lang/setup-rust-toolchain digest to [`2b1f5e9`](jdx/hk@2b1f5e9) by [@​renovate\[bot\]](https://github.com/renovate\[bot]) in [#​832](jdx/hk#832) - update anthropics/claude-code-action digest to [`c3d45e8`](jdx/hk@c3d45e8) by [@​renovate\[bot\]](https://github.com/renovate\[bot]) in [#​833](jdx/hk#833) - update rust crate tokio to v1.52.1 by [@​renovate\[bot\]](https://github.com/renovate\[bot]) in [#​834](jdx/hk#834) - update actions/upload-pages-artifact action to v5 by [@​renovate\[bot\]](https://github.com/renovate\[bot]) in [#​835](jdx/hk#835) - update taiki-e/upload-rust-binary-action digest to [`f0d45ae`](jdx/hk@f0d45ae) by [@​renovate\[bot\]](https://github.com/renovate\[bot]) in [#​839](jdx/hk#839) - update rust crate clx to v2 by [@​renovate\[bot\]](https://github.com/renovate\[bot]) in [#​836](jdx/hk#836) - update anthropics/claude-code-action digest to [`0d2971c`](jdx/hk@0d2971c) by [@​renovate\[bot\]](https://github.com/renovate\[bot]) in [#​841](jdx/hk#841) - update anthropics/claude-code-action digest to [`38ec876`](jdx/hk@38ec876) by [@​renovate\[bot\]](https://github.com/renovate\[bot]) in [#​842](jdx/hk#842) - lock file maintenance by [@​renovate\[bot\]](https://github.com/renovate\[bot]) in [#​851](jdx/hk#851) </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this MR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this MR, check this box --- This MR has been generated by [Mend Renovate](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xNjguNSIsInVwZGF0ZWRJblZlciI6IjQzLjE2OC41IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJSZW5vdmF0ZSBCb3QiLCJhdXRvbWF0aW9uOmJvdC1hdXRob3JlZCIsImRlcGVuZGVuY3ktdHlwZTo6bWlub3IiXX0=-->
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Migrate all GitHub Actions workflows from GitHub-hosted runners to Namespace.
namespace-profile-endev(custom Namespace runner profile)nscloud-macos-sequoia-arm64-6x14nscloud-windows-2022-amd64-8x16Swatinem/rust-cache→namespacelabs/nscloud-cache-action@v1withcache: rust. Theshared-keyparameter is dropped because Namespace cache volumes scope per profile/job, not per shared key.runnerfield soruns-on: ${{ matrix.runner }}resolves to the correct nscloud label, whilematrix.oskeeps its oldubuntu-latest/macos-latest/windows-latestvalues. This preserves allif: matrix.os == ...conditionals andhk-${{ matrix.os }}artifact names — producer and consumer jobs stay aligned.Reviewer notes
The
namespace-profile-endevprofile must exist in the Namespace dashboard with a cache volume (≥20 GB) attached for thenscloud-cache-actionstep to do anything useful. That dashboard config can't be expressed in workflow YAML.Test plan
namespace-profile-endevexists in the Namespace dashboard with a cache volume attached🤖 Generated with Claude Code
Note
Medium Risk
CI/release infrastructure changes can break builds if runner labels, images, or Namespace cache volumes aren’t configured as expected. No product/runtime code changes, but failures would block CI and releases.
Overview
Migrates GitHub Actions execution to Namespace runners. Most workflows (
ci,release,docs,release-plz,autofix,claude,semantic-pr-lint,pr-closer) now usenamespace-profile-endev-*runner labels, with matrix jobs updated to carry a separaterunnerfield while keepingmatrix.osfor conditionals and artifact naming.Replaces Rust caching on non-Windows jobs. Swaps
Swatinem/rust-cachefornamespacelabs/nscloud-cache-action(cache: rust) across workflows, while keeping the previous cache approach for Windows release builds; also bumpsjdx/mise-actionto a newer pinned commit and adds.github/actionlint.yamlrunner-label config. A small test stub update switches theshellcheckbuiltin tool stub fromubi:koalaman/shellchecktoshellcheck.Reviewed by Cursor Bugbot for commit 346150a. Bugbot is set up for automated code reviews on this repo. Configure here.