Prepare release for v1.2.0.

This will also update HLint to v3.8.
haskell-actions · Oct 31, 2024 · 3e2feb2 · 3e2feb2
1 parent 9507475
commit 3e2feb2
Show file tree

Hide file tree

Showing 11 changed files with 22 additions and 18 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -1,6 +1,6 @@
 # syntax=docker/dockerfile:1
 
-FROM haskell:9.6.3-buster AS build
+FROM haskell:9.8.2-buster AS build
 RUN git clone https://github.com/haskell-actions/hlint-scan.git /src/hlint-scan
 WORKDIR /src/hlint-scan
 RUN stack install hlint hlint-scan:exe:hlint-scan && \

diff --git a/README.md b/README.md
@@ -31,7 +31,7 @@ for which code scanning will trigger a failed check.
 
 [status check]: https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/collaborating-on-repositories-with-code-quality-features/about-status-checks
 
-[adjust the alert severity]: https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning#defining-the-alert-severities-that-give-a-check-failure-for-a-pull-request
+[adjust the alert severity]: https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning#defining-the-alert-severities-that-cause-a-check-failure-for-a-pull-request
 
 ### Inputs
 
@@ -105,16 +105,12 @@ and Google specifically disclaims all warranties as to its quality,
 merchantability, or fitness for a particular purpose.
 
 
-[Category]: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/customizing-code-scanning#configuring-a-category-for-the-analysis
+[Category]: https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning#configuring-a-category-for-the-analysis
 
-[GitHub code scanning]: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning
+[GitHub code scanning]: https://docs.github.com/en/code-security/code-scanning/introduction-to-code-scanning/about-code-scanning
 
 [HLint]: https://github.com/ndmitchell/hlint
 
 [HLint configuration file]: https://github.com/ndmitchell/hlint#customizing-the-hints
 
-[haskell/actions/hlint-setup]: https://github.com/haskell/actions/tree/main/hlint-setup
-
-[haskell/actions/hlint-run]: https://github.com/haskell/actions/tree/main/hlint-run
-
-[write permission for `security-events`]: https://docs.github.com/en/rest/code-scanning#upload-an-analysis-as-sarif-data
+[write permission for `security-events`]: https://docs.github.com/en/rest/code-scanning/code-scanning?apiVersion=2022-11-28#upload-an-analysis-as-sarif-data
diff --git a/action.yaml b/action.yaml
@@ -41,7 +41,7 @@ outputs:
 
 runs:
   using: docker
-  image: docker://ghcr.io/haskell-actions/hlint-scan:v1.1.0
+  image: docker://ghcr.io/haskell-actions/hlint-scan:v1.2.0
   args:
     - binary=${{ inputs.binary }}
     - path=${{ inputs.path }}

diff --git a/docs/CHANGELOG.md b/docs/CHANGELOG.md
@@ -10,6 +10,11 @@ the [Haskell Package Versioning Policy].
 
 ## Unreleased
 
+## 1.2.0 - 2024-10-31
+
+*   Update to HLint v3.8.
+*   Update to LTS Haskell Stack `nightly-2024-10-21`.
+
 ## 1.1.0 - 2023-12-08
 
 *   Update to LTS Haskell Stack and released version of HLint.

diff --git a/docs/CONTRIBUTING.md b/docs/CONTRIBUTING.md
@@ -33,7 +33,7 @@ for this purpose.
 
 ### Coding standards
 
-[Hlint](https://github.com/ndmitchell/hlint) should report no issues,
+[HLint](https://github.com/ndmitchell/hlint) should report no issues,
 and formatting should be according to [Ormolu](https://github.com/tweag/ormolu).
 
 Changes to code should include corresponding tests, which should ideally be property-based.

diff --git a/docs/SECURITY.md b/docs/SECURITY.md
@@ -4,9 +4,9 @@
 
 | Version | Supported          |
 | ------- | ------------------ |
+| 1.2.0   | :white_check_mark: |
 | 1.1.0   | :white_check_mark: |
-| 1.0.0   | :white_check_mark: |
-| < 1.0   | :x:                |
+| < 1.1.0 | :x:                |
 
 ## Reporting a Vulnerability
 

diff --git a/package.yaml b/package.yaml
@@ -13,7 +13,7 @@
 # limitations under the License.
 
 name:                hlint-scan
-version:             1.1.0
+version:             1.2.0
 github:              "haskell-actions/hlint-scan"
 license:             Apache-2.0
 author:              "Yoo Chung"

diff --git a/src/Fingerprint.hs b/src/Fingerprint.hs
@@ -28,6 +28,7 @@ module Fingerprint (fill) where
 
 import Data.Aeson
 import Data.Aeson.KeyMap hiding (map)
+import Data.Base64.Types (extractBase64)
 import Data.List (sort)
 import Data.Text (Text)
 import Data.Text qualified as Text
@@ -125,7 +126,7 @@ toPartialFingerprint v =
 
 -- | Encode a list of optional text strings with Base64.
 encodeTextList :: [Maybe Text] -> Text
-encodeTextList = encodeBase64 . Text.concat . map encodeItem
+encodeTextList = extractBase64 . encodeBase64 . Text.concat . map encodeItem
   where
     encodeItem Nothing = ":"
     encodeItem (Just s) = s <> ":"
diff --git a/src/Upload.hs b/src/Upload.hs
@@ -31,6 +31,7 @@ module Upload (toCall, toSettings, toOutputs) where
 import Codec.Compression.GZip
 import Data.Aeson
 import Data.Aeson.KeyMap qualified as KeyMap
+import Data.Base64.Types (extractBase64)
 import Data.ByteString.Lazy (ByteString)
 import Data.ByteString.Lazy.Base64
 import Data.String (fromString)
@@ -75,7 +76,7 @@ toCall env sarifLog
     commitSha' = lookup "GITHUB_SHA" env
     ref' = lookup "GITHUB_REF" env
     workspace' = lookup "GITHUB_WORKSPACE" env
-    encodedSarif = encodeBase64 $ compress sarifLog
+    encodedSarif = extractBase64 . encodeBase64 $ compress sarifLog
 
 -- | Settings for calling the GitHub REST API.
 toSettings :: Maybe String -> GitHubSettings

diff --git a/stack.yaml b/stack.yaml
@@ -17,7 +17,7 @@
 # https://docs.haskellstack.org/en/stable/yaml_configuration/
 
 # Resolver to choose a 'specific' stackage snapshot or a compiler version.
-resolver: lts-22.5
+resolver: nightly-2024-10-21
 
 # User packages to be built.
 packages:

diff --git a/test/UploadSpec.hs b/test/UploadSpec.hs
@@ -24,6 +24,7 @@ module UploadSpec (spec) where
 import Codec.Compression.GZip (compress)
 import Data.Aeson hiding ((.:))
 import Data.Aeson.KeyMap
+import Data.Base64.Types (extractBase64)
 import Data.ByteString.Lazy.Base64 (encodeBase64)
 import Data.String (fromString)
 import Data.Text (Text)
@@ -53,7 +54,7 @@ spec = do
               -- KeyValue is not instance of Eq
               show . endpointVals <$> call `shouldBe` Just (show ["repo" := repo]),
               extractSARIF . ghData <$> call
-                `shouldBe` Just (toStrict $ encodeBase64 $ compress output)
+                `shouldBe` Just (toStrict . extractBase64 . encodeBase64 . compress $ output)
             ]
 
   describe "toSettings" $ do