From 5cfa2718ffd6dbd5afb6692eb19833d0a17aa080 Mon Sep 17 00:00:00 2001 From: ITensorBot <278814285+ITensorBot@users.noreply.github.com> Date: Fri, 1 May 2026 13:08:00 -0400 Subject: [PATCH 1/9] [PATCH] Apply workflow_security_rollout patch --- .github/workflows/Documentation.yml | 2 +- .github/workflows/FormatCheck.yml | 8 ++---- .github/workflows/FormatCheckComment.yml | 16 ++++++++++++ .github/workflows/IntegrationTest.yml | 26 +++++-------------- .github/workflows/IntegrationTestRequest.yml | 6 +++-- .github/workflows/Tests.yml | 1 + src/ITensorPkgSkeleton.jl | 4 +-- .../workflows/Documentation.yml.template | 2 +- .../workflows/FormatCheck.yml.template | 8 ++---- .../workflows/FormatCheckComment.yml.template | 16 ++++++++++++ .../workflows/IntegrationTest.yml.template | 26 +++++-------------- .../IntegrationTestRequest.yml.template | 6 +++-- template/.github/workflows/Tests.yml.template | 1 + 13 files changed, 64 insertions(+), 58 deletions(-) create mode 100644 .github/workflows/FormatCheckComment.yml create mode 100644 template/.github/workflows/FormatCheckComment.yml.template diff --git a/.github/workflows/Documentation.yml b/.github/workflows/Documentation.yml index 6a41ccb..c3b11ec 100644 --- a/.github/workflows/Documentation.yml +++ b/.github/workflows/Documentation.yml @@ -3,7 +3,7 @@ on: push: branches: - "main" - tags: ["v*"] + tags: "*" pull_request: ~ schedule: - cron: "1 4 * * 4" diff --git a/.github/workflows/FormatCheck.yml b/.github/workflows/FormatCheck.yml index 3c290ea..7bbbfee 100644 --- a/.github/workflows/FormatCheck.yml +++ b/.github/workflows/FormatCheck.yml @@ -1,16 +1,12 @@ name: "Format Check" on: - pull_request_target: + pull_request: types: - "opened" - "synchronize" - "reopened" - "ready_for_review" -permissions: - contents: "read" - actions: "write" - pull-requests: "write" jobs: format-check: name: "Format Check" - uses: "ITensor/ITensorActions/.github/workflows/FormatCheck.yml@main" + uses: "ITensor/ITensorActions/.github/workflows/FormatCheck.yml@v1" diff --git a/.github/workflows/FormatCheckComment.yml b/.github/workflows/FormatCheckComment.yml new file mode 100644 index 0000000..b4b78b2 --- /dev/null +++ b/.github/workflows/FormatCheckComment.yml @@ -0,0 +1,16 @@ +name: "Format Check Comment" +on: + workflow_run: + workflows: + - "Format Check" + types: + - "completed" +jobs: + comment: + name: "Format Check Comment" + if: "github.event.workflow_run.event == 'pull_request'" + permissions: + pull-requests: "write" + actions: "read" + uses: "ITensor/ITensorActions/.github/workflows/FormatCheckComment.yml@v1" + secrets: "inherit" diff --git a/.github/workflows/IntegrationTest.yml b/.github/workflows/IntegrationTest.yml index b898315..f4b987e 100644 --- a/.github/workflows/IntegrationTest.yml +++ b/.github/workflows/IntegrationTest.yml @@ -3,7 +3,8 @@ on: push: branches: - "main" - pull_request_target: + tags: "*" + pull_request: types: - "opened" - "synchronize" @@ -13,24 +14,11 @@ on: jobs: integration-test: name: "IntegrationTest" - strategy: - fail-fast: false - matrix: - pkg: - - "__none__" - uses: "ITensor/ITensorActions/.github/workflows/IntegrationTest.yml@main" + uses: "ITensor/ITensorActions/.github/workflows/IntegrationTest.yml@v1" secrets: "inherit" with: localregistry: "https://github.com/ITensor/ITensorRegistry.git" - pkg: "${{ matrix.pkg }}" - integration-gate: - name: "IntegrationTest" - needs: "integration-test" - if: "${{ always() && needs.integration-test.result != 'skipped' }}" - runs-on: "ubuntu-latest" - steps: - - name: "Fail if any downstream integration test failed" - run: | - echo "integration-test.result = ${{ needs.integration-test.result }}" - test "${{ needs.integration-test.result }}" = "success" - + pkgs: |- + [ + "__none__" + ] diff --git a/.github/workflows/IntegrationTestRequest.yml b/.github/workflows/IntegrationTestRequest.yml index 6f58e45..3c12615 100644 --- a/.github/workflows/IntegrationTestRequest.yml +++ b/.github/workflows/IntegrationTestRequest.yml @@ -8,7 +8,9 @@ jobs: if: | github.event.issue.pull_request && contains(fromJSON('["OWNER", "COLLABORATOR", "MEMBER"]'), github.event.comment.author_association) - - uses: "ITensor/ITensorActions/.github/workflows/IntegrationTestRequest.yml@main" + permissions: + checks: "write" + pull-requests: "write" + uses: "ITensor/ITensorActions/.github/workflows/IntegrationTestRequest.yml@v1" with: localregistry: "https://github.com/ITensor/ITensorRegistry.git" diff --git a/.github/workflows/Tests.yml b/.github/workflows/Tests.yml index 5b47c10..70f6c8d 100644 --- a/.github/workflows/Tests.yml +++ b/.github/workflows/Tests.yml @@ -5,6 +5,7 @@ on: - "master" - "main" - "release-" + tags: "*" paths-ignore: - "docs/**" pull_request: diff --git a/src/ITensorPkgSkeleton.jl b/src/ITensorPkgSkeleton.jl index 2f2e43d..82e58be 100644 --- a/src/ITensorPkgSkeleton.jl +++ b/src/ITensorPkgSkeleton.jl @@ -99,9 +99,9 @@ function format_downstreampkgs(user_replacements) pkgs = haskey(user_replacements, :downstreampkgs) ? user_replacements.downstreampkgs : [] if isempty(pkgs) - downstreampkgs = " - \"__none__\"" + downstreampkgs = " \"__none__\"" else - downstreampkgs = join([" - \"$(pkg)\"" for pkg in pkgs], "\n") + downstreampkgs = join([" \"$(pkg)\"" for pkg in pkgs], ",\n") end return merge(user_replacements, (; downstreampkgs)) end diff --git a/template/.github/workflows/Documentation.yml.template b/template/.github/workflows/Documentation.yml.template index 6a41ccb..c3b11ec 100644 --- a/template/.github/workflows/Documentation.yml.template +++ b/template/.github/workflows/Documentation.yml.template @@ -3,7 +3,7 @@ on: push: branches: - "main" - tags: ["v*"] + tags: "*" pull_request: ~ schedule: - cron: "1 4 * * 4" diff --git a/template/.github/workflows/FormatCheck.yml.template b/template/.github/workflows/FormatCheck.yml.template index 3c290ea..7bbbfee 100644 --- a/template/.github/workflows/FormatCheck.yml.template +++ b/template/.github/workflows/FormatCheck.yml.template @@ -1,16 +1,12 @@ name: "Format Check" on: - pull_request_target: + pull_request: types: - "opened" - "synchronize" - "reopened" - "ready_for_review" -permissions: - contents: "read" - actions: "write" - pull-requests: "write" jobs: format-check: name: "Format Check" - uses: "ITensor/ITensorActions/.github/workflows/FormatCheck.yml@main" + uses: "ITensor/ITensorActions/.github/workflows/FormatCheck.yml@v1" diff --git a/template/.github/workflows/FormatCheckComment.yml.template b/template/.github/workflows/FormatCheckComment.yml.template new file mode 100644 index 0000000..b4b78b2 --- /dev/null +++ b/template/.github/workflows/FormatCheckComment.yml.template @@ -0,0 +1,16 @@ +name: "Format Check Comment" +on: + workflow_run: + workflows: + - "Format Check" + types: + - "completed" +jobs: + comment: + name: "Format Check Comment" + if: "github.event.workflow_run.event == 'pull_request'" + permissions: + pull-requests: "write" + actions: "read" + uses: "ITensor/ITensorActions/.github/workflows/FormatCheckComment.yml@v1" + secrets: "inherit" diff --git a/template/.github/workflows/IntegrationTest.yml.template b/template/.github/workflows/IntegrationTest.yml.template index 133b724..98a7f9d 100644 --- a/template/.github/workflows/IntegrationTest.yml.template +++ b/template/.github/workflows/IntegrationTest.yml.template @@ -3,7 +3,8 @@ on: push: branches: - "main" - pull_request_target: + tags: "*" + pull_request: types: - "opened" - "synchronize" @@ -13,24 +14,11 @@ on: jobs: integration-test: name: "IntegrationTest" - strategy: - fail-fast: false - matrix: - pkg: -{DOWNSTREAMPKGS} - uses: "ITensor/ITensorActions/.github/workflows/IntegrationTest.yml@main" + uses: "ITensor/ITensorActions/.github/workflows/IntegrationTest.yml@v1" secrets: "inherit" with: localregistry: "https://github.com/ITensor/ITensorRegistry.git" - pkg: "${{ matrix.pkg }}" - integration-gate: - name: "IntegrationTest" - needs: "integration-test" - if: "${{ always() && needs.integration-test.result != 'skipped' }}" - runs-on: "ubuntu-latest" - steps: - - name: "Fail if any downstream integration test failed" - run: | - echo "integration-test.result = ${{ needs.integration-test.result }}" - test "${{ needs.integration-test.result }}" = "success" - + pkgs: |- + [ + {DOWNSTREAMPKGS} + ] diff --git a/template/.github/workflows/IntegrationTestRequest.yml.template b/template/.github/workflows/IntegrationTestRequest.yml.template index 6f58e45..3c12615 100644 --- a/template/.github/workflows/IntegrationTestRequest.yml.template +++ b/template/.github/workflows/IntegrationTestRequest.yml.template @@ -8,7 +8,9 @@ jobs: if: | github.event.issue.pull_request && contains(fromJSON('["OWNER", "COLLABORATOR", "MEMBER"]'), github.event.comment.author_association) - - uses: "ITensor/ITensorActions/.github/workflows/IntegrationTestRequest.yml@main" + permissions: + checks: "write" + pull-requests: "write" + uses: "ITensor/ITensorActions/.github/workflows/IntegrationTestRequest.yml@v1" with: localregistry: "https://github.com/ITensor/ITensorRegistry.git" diff --git a/template/.github/workflows/Tests.yml.template b/template/.github/workflows/Tests.yml.template index 5b47c10..70f6c8d 100644 --- a/template/.github/workflows/Tests.yml.template +++ b/template/.github/workflows/Tests.yml.template @@ -5,6 +5,7 @@ on: - "master" - "main" - "release-" + tags: "*" paths-ignore: - "docs/**" pull_request: From 9dc1a7e6d1edaf2c86b213c712e4285f7325dba3 Mon Sep 17 00:00:00 2001 From: Matthew Fishman Date: Fri, 1 May 2026 13:22:20 -0400 Subject: [PATCH 2/9] normalize IntegrationTest pkgs block formatting --- .github/workflows/IntegrationTest.yml | 6 +++--- template/.github/workflows/IntegrationTest.yml.template | 4 ++-- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/IntegrationTest.yml b/.github/workflows/IntegrationTest.yml index f4b987e..e9e2b90 100644 --- a/.github/workflows/IntegrationTest.yml +++ b/.github/workflows/IntegrationTest.yml @@ -18,7 +18,7 @@ jobs: secrets: "inherit" with: localregistry: "https://github.com/ITensor/ITensorRegistry.git" - pkgs: |- + pkgs: | [ - "__none__" - ] + "__none__" + ] diff --git a/template/.github/workflows/IntegrationTest.yml.template b/template/.github/workflows/IntegrationTest.yml.template index 98a7f9d..bb960fc 100644 --- a/template/.github/workflows/IntegrationTest.yml.template +++ b/template/.github/workflows/IntegrationTest.yml.template @@ -18,7 +18,7 @@ jobs: secrets: "inherit" with: localregistry: "https://github.com/ITensor/ITensorRegistry.git" - pkgs: |- + pkgs: | [ {DOWNSTREAMPKGS} - ] + ] From 0456a4e6cff70d6896aff3e4bde91f15103576b0 Mon Sep 17 00:00:00 2001 From: Matthew Fishman Date: Fri, 1 May 2026 13:35:58 -0400 Subject: [PATCH 3/9] restore docs release tag trigger and bump version --- .github/workflows/Documentation.yml | 2 +- Project.toml | 2 +- template/.github/workflows/Documentation.yml.template | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/Documentation.yml b/.github/workflows/Documentation.yml index c3b11ec..6a41ccb 100644 --- a/.github/workflows/Documentation.yml +++ b/.github/workflows/Documentation.yml @@ -3,7 +3,7 @@ on: push: branches: - "main" - tags: "*" + tags: ["v*"] pull_request: ~ schedule: - cron: "1 4 * * 4" diff --git a/Project.toml b/Project.toml index dc25b5d..2758299 100644 --- a/Project.toml +++ b/Project.toml @@ -1,6 +1,6 @@ name = "ITensorPkgSkeleton" uuid = "3d388ab1-018a-49f4-ae50-18094d5f71ea" -version = "0.3.56" +version = "0.3.57" authors = ["ITensor developers and contributors"] [workspace] diff --git a/template/.github/workflows/Documentation.yml.template b/template/.github/workflows/Documentation.yml.template index c3b11ec..6a41ccb 100644 --- a/template/.github/workflows/Documentation.yml.template +++ b/template/.github/workflows/Documentation.yml.template @@ -3,7 +3,7 @@ on: push: branches: - "main" - tags: "*" + tags: ["v*"] pull_request: ~ schedule: - cron: "1 4 * * 4" From 7676d9f65273d514cdd0554d7392cb8a118e88c2 Mon Sep 17 00:00:00 2001 From: Matthew Fishman Date: Fri, 1 May 2026 13:47:54 -0400 Subject: [PATCH 4/9] align remaining workflow callers with SparseArraysBase --- .github/workflows/CheckCompatBounds.yml | 2 +- .github/workflows/CompatHelper.yml | 2 +- .github/workflows/Documentation.yml | 2 +- .github/workflows/FormatPullRequest.yml | 2 +- .github/workflows/Registrator.yml | 2 +- .github/workflows/TagBot.yml | 2 +- .github/workflows/Tests.yml | 2 +- .github/workflows/VersionCheck.yml | 2 +- template/.github/workflows/CheckCompatBounds.yml.template | 2 +- template/.github/workflows/CompatHelper.yml.template | 2 +- template/.github/workflows/Documentation.yml.template | 2 +- template/.github/workflows/FormatPullRequest.yml.template | 2 +- template/.github/workflows/Registrator.yml.template | 2 +- template/.github/workflows/TagBot.yml.template | 2 +- template/.github/workflows/Tests.yml.template | 2 +- template/.github/workflows/VersionCheck.yml.template | 2 +- 16 files changed, 16 insertions(+), 16 deletions(-) diff --git a/.github/workflows/CheckCompatBounds.yml b/.github/workflows/CheckCompatBounds.yml index 237d11a..87c7428 100644 --- a/.github/workflows/CheckCompatBounds.yml +++ b/.github/workflows/CheckCompatBounds.yml @@ -4,6 +4,6 @@ on: jobs: check-compat-bounds: name: "Check Compat Bounds" - uses: "ITensor/ITensorActions/.github/workflows/CheckCompatBounds.yml@main" + uses: "ITensor/ITensorActions/.github/workflows/CheckCompatBounds.yml@v1" with: localregistry: "https://github.com/ITensor/ITensorRegistry.git" diff --git a/.github/workflows/CompatHelper.yml b/.github/workflows/CompatHelper.yml index d7ced86..817a126 100644 --- a/.github/workflows/CompatHelper.yml +++ b/.github/workflows/CompatHelper.yml @@ -9,7 +9,7 @@ permissions: jobs: compat-helper: name: "CompatHelper" - uses: "ITensor/ITensorActions/.github/workflows/CompatHelper.yml@main" + uses: "ITensor/ITensorActions/.github/workflows/CompatHelper.yml@v1" with: localregistry: "https://github.com/ITensor/ITensorRegistry.git" secrets: "inherit" diff --git a/.github/workflows/Documentation.yml b/.github/workflows/Documentation.yml index 6a41ccb..7442953 100644 --- a/.github/workflows/Documentation.yml +++ b/.github/workflows/Documentation.yml @@ -13,7 +13,7 @@ concurrency: jobs: build-and-deploy-docs: name: "Documentation" - uses: "ITensor/ITensorActions/.github/workflows/Documentation.yml@main" + uses: "ITensor/ITensorActions/.github/workflows/Documentation.yml@v1" with: localregistry: "https://github.com/ITensor/ITensorRegistry.git" secrets: diff --git a/.github/workflows/FormatPullRequest.yml b/.github/workflows/FormatPullRequest.yml index 5a8b627..839f190 100644 --- a/.github/workflows/FormatPullRequest.yml +++ b/.github/workflows/FormatPullRequest.yml @@ -12,5 +12,5 @@ permissions: jobs: format-pull-request: name: "Format Pull Request" - uses: "ITensor/ITensorActions/.github/workflows/FormatPullRequest.yml@main" + uses: "ITensor/ITensorActions/.github/workflows/FormatPullRequest.yml@v1" secrets: "inherit" diff --git a/.github/workflows/Registrator.yml b/.github/workflows/Registrator.yml index 97dc033..a90c11a 100644 --- a/.github/workflows/Registrator.yml +++ b/.github/workflows/Registrator.yml @@ -16,7 +16,7 @@ permissions: issues: "write" jobs: Register: - uses: "ITensor/ITensorActions/.github/workflows/Registrator.yml@main" + uses: "ITensor/ITensorActions/.github/workflows/Registrator.yml@v1" with: localregistry: "ITensor/ITensorRegistry" secrets: "inherit" diff --git a/.github/workflows/TagBot.yml b/.github/workflows/TagBot.yml index 9801567..d4da40e 100644 --- a/.github/workflows/TagBot.yml +++ b/.github/workflows/TagBot.yml @@ -9,5 +9,5 @@ env: jobs: TagBot: if: "github.event_name == 'workflow_dispatch' || github.actor == 'JuliaTagBot'" - uses: "ITensor/ITensorActions/.github/workflows/TagBot.yml@main" + uses: "ITensor/ITensorActions/.github/workflows/TagBot.yml@v1" secrets: "inherit" diff --git a/.github/workflows/Tests.yml b/.github/workflows/Tests.yml index 70f6c8d..244ca0e 100644 --- a/.github/workflows/Tests.yml +++ b/.github/workflows/Tests.yml @@ -32,7 +32,7 @@ jobs: - "ubuntu-latest" - "macOS-latest" - "windows-latest" - uses: "ITensor/ITensorActions/.github/workflows/Tests.yml@main" + uses: "ITensor/ITensorActions/.github/workflows/Tests.yml@v1" with: group: "${{ matrix.group }}" julia-version: "${{ matrix.version }}" diff --git a/.github/workflows/VersionCheck.yml b/.github/workflows/VersionCheck.yml index bb0df88..102898e 100644 --- a/.github/workflows/VersionCheck.yml +++ b/.github/workflows/VersionCheck.yml @@ -4,6 +4,6 @@ on: jobs: version-check: name: "Version Check" - uses: "ITensor/ITensorActions/.github/workflows/VersionCheck.yml@main" + uses: "ITensor/ITensorActions/.github/workflows/VersionCheck.yml@v1" with: localregistry: "https://github.com/ITensor/ITensorRegistry.git" diff --git a/template/.github/workflows/CheckCompatBounds.yml.template b/template/.github/workflows/CheckCompatBounds.yml.template index 237d11a..87c7428 100644 --- a/template/.github/workflows/CheckCompatBounds.yml.template +++ b/template/.github/workflows/CheckCompatBounds.yml.template @@ -4,6 +4,6 @@ on: jobs: check-compat-bounds: name: "Check Compat Bounds" - uses: "ITensor/ITensorActions/.github/workflows/CheckCompatBounds.yml@main" + uses: "ITensor/ITensorActions/.github/workflows/CheckCompatBounds.yml@v1" with: localregistry: "https://github.com/ITensor/ITensorRegistry.git" diff --git a/template/.github/workflows/CompatHelper.yml.template b/template/.github/workflows/CompatHelper.yml.template index d7ced86..817a126 100644 --- a/template/.github/workflows/CompatHelper.yml.template +++ b/template/.github/workflows/CompatHelper.yml.template @@ -9,7 +9,7 @@ permissions: jobs: compat-helper: name: "CompatHelper" - uses: "ITensor/ITensorActions/.github/workflows/CompatHelper.yml@main" + uses: "ITensor/ITensorActions/.github/workflows/CompatHelper.yml@v1" with: localregistry: "https://github.com/ITensor/ITensorRegistry.git" secrets: "inherit" diff --git a/template/.github/workflows/Documentation.yml.template b/template/.github/workflows/Documentation.yml.template index 6a41ccb..7442953 100644 --- a/template/.github/workflows/Documentation.yml.template +++ b/template/.github/workflows/Documentation.yml.template @@ -13,7 +13,7 @@ concurrency: jobs: build-and-deploy-docs: name: "Documentation" - uses: "ITensor/ITensorActions/.github/workflows/Documentation.yml@main" + uses: "ITensor/ITensorActions/.github/workflows/Documentation.yml@v1" with: localregistry: "https://github.com/ITensor/ITensorRegistry.git" secrets: diff --git a/template/.github/workflows/FormatPullRequest.yml.template b/template/.github/workflows/FormatPullRequest.yml.template index 5a8b627..839f190 100644 --- a/template/.github/workflows/FormatPullRequest.yml.template +++ b/template/.github/workflows/FormatPullRequest.yml.template @@ -12,5 +12,5 @@ permissions: jobs: format-pull-request: name: "Format Pull Request" - uses: "ITensor/ITensorActions/.github/workflows/FormatPullRequest.yml@main" + uses: "ITensor/ITensorActions/.github/workflows/FormatPullRequest.yml@v1" secrets: "inherit" diff --git a/template/.github/workflows/Registrator.yml.template b/template/.github/workflows/Registrator.yml.template index 97dc033..a90c11a 100644 --- a/template/.github/workflows/Registrator.yml.template +++ b/template/.github/workflows/Registrator.yml.template @@ -16,7 +16,7 @@ permissions: issues: "write" jobs: Register: - uses: "ITensor/ITensorActions/.github/workflows/Registrator.yml@main" + uses: "ITensor/ITensorActions/.github/workflows/Registrator.yml@v1" with: localregistry: "ITensor/ITensorRegistry" secrets: "inherit" diff --git a/template/.github/workflows/TagBot.yml.template b/template/.github/workflows/TagBot.yml.template index 9801567..d4da40e 100644 --- a/template/.github/workflows/TagBot.yml.template +++ b/template/.github/workflows/TagBot.yml.template @@ -9,5 +9,5 @@ env: jobs: TagBot: if: "github.event_name == 'workflow_dispatch' || github.actor == 'JuliaTagBot'" - uses: "ITensor/ITensorActions/.github/workflows/TagBot.yml@main" + uses: "ITensor/ITensorActions/.github/workflows/TagBot.yml@v1" secrets: "inherit" diff --git a/template/.github/workflows/Tests.yml.template b/template/.github/workflows/Tests.yml.template index 70f6c8d..244ca0e 100644 --- a/template/.github/workflows/Tests.yml.template +++ b/template/.github/workflows/Tests.yml.template @@ -32,7 +32,7 @@ jobs: - "ubuntu-latest" - "macOS-latest" - "windows-latest" - uses: "ITensor/ITensorActions/.github/workflows/Tests.yml@main" + uses: "ITensor/ITensorActions/.github/workflows/Tests.yml@v1" with: group: "${{ matrix.group }}" julia-version: "${{ matrix.version }}" diff --git a/template/.github/workflows/VersionCheck.yml.template b/template/.github/workflows/VersionCheck.yml.template index bb0df88..102898e 100644 --- a/template/.github/workflows/VersionCheck.yml.template +++ b/template/.github/workflows/VersionCheck.yml.template @@ -4,6 +4,6 @@ on: jobs: version-check: name: "Version Check" - uses: "ITensor/ITensorActions/.github/workflows/VersionCheck.yml@main" + uses: "ITensor/ITensorActions/.github/workflows/VersionCheck.yml@v1" with: localregistry: "https://github.com/ITensor/ITensorRegistry.git" From 25e0da2598528c62fcba03fc5a8aba2055ffdc57 Mon Sep 17 00:00:00 2001 From: Matthew Fishman Date: Fri, 1 May 2026 13:59:29 -0400 Subject: [PATCH 5/9] update workflow generation tests for pkgs format --- test/test_basics.jl | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/test/test_basics.jl b/test/test_basics.jl index 05b7010..10c7b48 100644 --- a/test/test_basics.jl +++ b/test/test_basics.jl @@ -27,7 +27,9 @@ using Test: @test, @testset joinpath(path, "NewPkg", ".github", "workflows", "IntegrationTest.yml"), "r" ) do io - return contains(read(io, String), "- \"__none__\"") + content = read(io, String) + return contains(content, "pkgs: |") == + true && contains(content, "\"__none__\"") end end @testset "generate with downstream tests" begin @@ -53,7 +55,9 @@ using Test: @test, @testset ), "r" ) do io - return contains(read(io, String), "- \"DownstreamPkg\"") + content = read(io, String) + return contains(content, "pkgs: |") == + true && contains(content, "\"DownstreamPkg\"") end else @test !isdir(joinpath(path, "NewPkg", ".github")) From 07ef9e365d568a180471e325d85d30ff7ff36e20 Mon Sep 17 00:00:00 2001 From: Matthew Fishman Date: Fri, 1 May 2026 14:04:52 -0400 Subject: [PATCH 6/9] emit empty integration test package list by default --- src/ITensorPkgSkeleton.jl | 2 +- test/test_basics.jl | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/src/ITensorPkgSkeleton.jl b/src/ITensorPkgSkeleton.jl index 82e58be..23a0c21 100644 --- a/src/ITensorPkgSkeleton.jl +++ b/src/ITensorPkgSkeleton.jl @@ -99,7 +99,7 @@ function format_downstreampkgs(user_replacements) pkgs = haskey(user_replacements, :downstreampkgs) ? user_replacements.downstreampkgs : [] if isempty(pkgs) - downstreampkgs = " \"__none__\"" + downstreampkgs = "" else downstreampkgs = join([" \"$(pkg)\"" for pkg in pkgs], ",\n") end diff --git a/test/test_basics.jl b/test/test_basics.jl index 10c7b48..4e3c54e 100644 --- a/test/test_basics.jl +++ b/test/test_basics.jl @@ -28,8 +28,8 @@ using Test: @test, @testset "r" ) do io content = read(io, String) - return contains(content, "pkgs: |") == - true && contains(content, "\"__none__\"") + return contains(content, "pkgs: |") == true && + !contains(content, "\"__none__\"") end end @testset "generate with downstream tests" begin From 14acd1bffb461df983fd99a5e296331d5f47841a Mon Sep 17 00:00:00 2001 From: Matthew Fishman Date: Fri, 1 May 2026 14:35:59 -0400 Subject: [PATCH 7/9] add missing contents: read and secrets: inherit to IntegrationTestRequest caller --- .github/workflows/IntegrationTestRequest.yml | 2 ++ template/.github/workflows/IntegrationTestRequest.yml.template | 2 ++ 2 files changed, 4 insertions(+) diff --git a/.github/workflows/IntegrationTestRequest.yml b/.github/workflows/IntegrationTestRequest.yml index 3c12615..2fc7efb 100644 --- a/.github/workflows/IntegrationTestRequest.yml +++ b/.github/workflows/IntegrationTestRequest.yml @@ -9,8 +9,10 @@ jobs: github.event.issue.pull_request && contains(fromJSON('["OWNER", "COLLABORATOR", "MEMBER"]'), github.event.comment.author_association) permissions: + contents: "read" checks: "write" pull-requests: "write" uses: "ITensor/ITensorActions/.github/workflows/IntegrationTestRequest.yml@v1" + secrets: "inherit" with: localregistry: "https://github.com/ITensor/ITensorRegistry.git" diff --git a/template/.github/workflows/IntegrationTestRequest.yml.template b/template/.github/workflows/IntegrationTestRequest.yml.template index 3c12615..2fc7efb 100644 --- a/template/.github/workflows/IntegrationTestRequest.yml.template +++ b/template/.github/workflows/IntegrationTestRequest.yml.template @@ -9,8 +9,10 @@ jobs: github.event.issue.pull_request && contains(fromJSON('["OWNER", "COLLABORATOR", "MEMBER"]'), github.event.comment.author_association) permissions: + contents: "read" checks: "write" pull-requests: "write" uses: "ITensor/ITensorActions/.github/workflows/IntegrationTestRequest.yml@v1" + secrets: "inherit" with: localregistry: "https://github.com/ITensor/ITensorRegistry.git" From 59e0e80aca74bb29fa22b594aef1d0465219314d Mon Sep 17 00:00:00 2001 From: Matthew Fishman Date: Fri, 1 May 2026 15:30:17 -0400 Subject: [PATCH 8/9] Move IntegrationTestRequest permissions to workflow scope --- .github/workflows/IntegrationTestRequest.yml | 9 +++++---- .../workflows/IntegrationTestRequest.yml.template | 9 +++++---- 2 files changed, 10 insertions(+), 8 deletions(-) diff --git a/.github/workflows/IntegrationTestRequest.yml b/.github/workflows/IntegrationTestRequest.yml index 2fc7efb..318ecac 100644 --- a/.github/workflows/IntegrationTestRequest.yml +++ b/.github/workflows/IntegrationTestRequest.yml @@ -3,15 +3,16 @@ on: issue_comment: types: - "created" +permissions: + actions: "read" + contents: "read" + checks: "write" + pull-requests: "write" jobs: integrationrequest: if: | github.event.issue.pull_request && contains(fromJSON('["OWNER", "COLLABORATOR", "MEMBER"]'), github.event.comment.author_association) - permissions: - contents: "read" - checks: "write" - pull-requests: "write" uses: "ITensor/ITensorActions/.github/workflows/IntegrationTestRequest.yml@v1" secrets: "inherit" with: diff --git a/template/.github/workflows/IntegrationTestRequest.yml.template b/template/.github/workflows/IntegrationTestRequest.yml.template index 2fc7efb..318ecac 100644 --- a/template/.github/workflows/IntegrationTestRequest.yml.template +++ b/template/.github/workflows/IntegrationTestRequest.yml.template @@ -3,15 +3,16 @@ on: issue_comment: types: - "created" +permissions: + actions: "read" + contents: "read" + checks: "write" + pull-requests: "write" jobs: integrationrequest: if: | github.event.issue.pull_request && contains(fromJSON('["OWNER", "COLLABORATOR", "MEMBER"]'), github.event.comment.author_association) - permissions: - contents: "read" - checks: "write" - pull-requests: "write" uses: "ITensor/ITensorActions/.github/workflows/IntegrationTestRequest.yml@v1" secrets: "inherit" with: From 3125925471b9809937189fa67497eb8c7ba9d158 Mon Sep 17 00:00:00 2001 From: Matthew Fishman Date: Fri, 1 May 2026 15:59:59 -0400 Subject: [PATCH 9/9] Fix IntegrationTest workflow empty package list handling --- .github/workflows/IntegrationTest.yml | 4 +--- template/.github/workflows/IntegrationTest.yml.template | 5 +---- 2 files changed, 2 insertions(+), 7 deletions(-) diff --git a/.github/workflows/IntegrationTest.yml b/.github/workflows/IntegrationTest.yml index e9e2b90..3e6635e 100644 --- a/.github/workflows/IntegrationTest.yml +++ b/.github/workflows/IntegrationTest.yml @@ -19,6 +19,4 @@ jobs: with: localregistry: "https://github.com/ITensor/ITensorRegistry.git" pkgs: | - [ - "__none__" - ] + [] diff --git a/template/.github/workflows/IntegrationTest.yml.template b/template/.github/workflows/IntegrationTest.yml.template index bb960fc..6cd569e 100644 --- a/template/.github/workflows/IntegrationTest.yml.template +++ b/template/.github/workflows/IntegrationTest.yml.template @@ -18,7 +18,4 @@ jobs: secrets: "inherit" with: localregistry: "https://github.com/ITensor/ITensorRegistry.git" - pkgs: | - [ - {DOWNSTREAMPKGS} - ] + pkgs: |{DOWNSTREAMPKGS}