From fa65eeeaa05ac3b50509a5dd93d9988db414163e Mon Sep 17 00:00:00 2001 From: Hadley Wickham Date: Thu, 12 Feb 2026 07:52:47 -0600 Subject: [PATCH 1/2] `use_tidy_github_actions()` --- .github/workflows/R-CMD-check.yaml | 28 ++++++++-------- .github/workflows/format-suggest.yaml | 46 +++++++++++++++++++++++++++ .github/workflows/pkgdown.yaml | 9 +++--- .github/workflows/test-coverage.yaml | 26 +++++++++++---- README.md | 2 +- 5 files changed, 85 insertions(+), 26 deletions(-) create mode 100644 .github/workflows/format-suggest.yaml diff --git a/.github/workflows/R-CMD-check.yaml b/.github/workflows/R-CMD-check.yaml index ee65ccb5..69cfc6ad 100644 --- a/.github/workflows/R-CMD-check.yaml +++ b/.github/workflows/R-CMD-check.yaml @@ -8,9 +8,10 @@ on: push: branches: [main, master] pull_request: - branches: [main, master] -name: R-CMD-check +name: R-CMD-check.yaml + +permissions: read-all jobs: R-CMD-check: @@ -25,24 +26,22 @@ jobs: - {os: macos-latest, r: 'release'} - {os: windows-latest, r: 'release'} - # Use 3.6 to trigger usage of RTools35 - - {os: windows-latest, r: '3.6'} - # use 4.1 to check with rtools40's older compiler - - {os: windows-latest, r: '4.1'} - - - {os: ubuntu-latest, r: 'devel', http-user-agent: 'release'} - - {os: ubuntu-latest, r: 'release'} - - {os: ubuntu-latest, r: 'oldrel-1'} - - {os: ubuntu-latest, r: 'oldrel-2'} - - {os: ubuntu-latest, r: 'oldrel-3'} - - {os: ubuntu-latest, r: 'oldrel-4'} + # use 4.0 or 4.1 to check with rtools40's older compiler + - {os: windows-latest, r: 'oldrel-4'} + + - {os: ubuntu-latest, r: 'devel', http-user-agent: 'release'} + - {os: ubuntu-latest, r: 'release'} + - {os: ubuntu-latest, r: 'oldrel-1'} + - {os: ubuntu-latest, r: 'oldrel-2'} + - {os: ubuntu-latest, r: 'oldrel-3'} + - {os: ubuntu-latest, r: 'oldrel-4'} env: GITHUB_PAT: ${{ secrets.GITHUB_TOKEN }} R_KEEP_PKG_SOURCE: yes steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - uses: r-lib/actions/setup-pandoc@v2 @@ -60,3 +59,4 @@ jobs: - uses: r-lib/actions/check-r-package@v2 with: upload-snapshots: true + build_args: 'c("--no-manual","--compact-vignettes=gs+qpdf")' diff --git a/.github/workflows/format-suggest.yaml b/.github/workflows/format-suggest.yaml new file mode 100644 index 00000000..8c4f117d --- /dev/null +++ b/.github/workflows/format-suggest.yaml @@ -0,0 +1,46 @@ +# Workflow derived from https://github.com/posit-dev/setup-air/tree/main/examples + +on: + # Using `pull_request_target` over `pull_request` for elevated `GITHUB_TOKEN` + # privileges, otherwise we can't set `pull-requests: write` when the pull + # request comes from a fork, which is our main use case (external contributors). + # + # `pull_request_target` runs in the context of the target branch (`main`, usually), + # rather than in the context of the pull request like `pull_request` does. Due + # to this, we must explicitly checkout `ref: ${{ github.event.pull_request.head.sha }}`. + # This is typically frowned upon by GitHub, as it exposes you to potentially running + # untrusted code in a context where you have elevated privileges, but they explicitly + # call out the use case of reformatting and committing back / commenting on the PR + # as a situation that should be safe (because we aren't actually running the untrusted + # code, we are just treating it as passive data). + # https://securitylab.github.com/resources/github-actions-preventing-pwn-requests/ + pull_request_target: + +name: format-suggest.yaml + +jobs: + format-suggest: + name: format-suggest + runs-on: ubuntu-latest + + permissions: + # Required to push suggestion comments to the PR + pull-requests: write + + steps: + - uses: actions/checkout@v4 + with: + ref: ${{ github.event.pull_request.head.sha }} + + - name: Install + uses: posit-dev/setup-air@v1 + + - name: Format + run: air format . + + - name: Suggest + uses: reviewdog/action-suggester@v1 + with: + level: error + fail_level: error + tool_name: air diff --git a/.github/workflows/pkgdown.yaml b/.github/workflows/pkgdown.yaml index ed7650c7..bfc9f4db 100644 --- a/.github/workflows/pkgdown.yaml +++ b/.github/workflows/pkgdown.yaml @@ -4,12 +4,13 @@ on: push: branches: [main, master] pull_request: - branches: [main, master] release: types: [published] workflow_dispatch: -name: pkgdown +name: pkgdown.yaml + +permissions: read-all jobs: pkgdown: @@ -22,7 +23,7 @@ jobs: permissions: contents: write steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - uses: r-lib/actions/setup-pandoc@v2 @@ -41,7 +42,7 @@ jobs: - name: Deploy to GitHub pages 🚀 if: github.event_name != 'pull_request' - uses: JamesIves/github-pages-deploy-action@v4.4.1 + uses: JamesIves/github-pages-deploy-action@v4.5.0 with: clean: false branch: gh-pages diff --git a/.github/workflows/test-coverage.yaml b/.github/workflows/test-coverage.yaml index 27d45283..0ab748d6 100644 --- a/.github/workflows/test-coverage.yaml +++ b/.github/workflows/test-coverage.yaml @@ -4,9 +4,10 @@ on: push: branches: [main, master] pull_request: - branches: [main, master] -name: test-coverage +name: test-coverage.yaml + +permissions: read-all jobs: test-coverage: @@ -15,7 +16,7 @@ jobs: GITHUB_PAT: ${{ secrets.GITHUB_TOKEN }} steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - uses: r-lib/actions/setup-r@v2 with: @@ -23,28 +24,39 @@ jobs: - uses: r-lib/actions/setup-r-dependencies@v2 with: - extra-packages: any::covr + extra-packages: any::covr, any::xml2 needs: coverage - name: Test coverage run: | - covr::codecov( + cov <- covr::package_coverage( quiet = FALSE, clean = FALSE, install_path = file.path(normalizePath(Sys.getenv("RUNNER_TEMP"), winslash = "/"), "package") ) + print(cov) + covr::to_cobertura(cov) shell: Rscript {0} + - uses: codecov/codecov-action@v5 + with: + # Fail if error if not on PR, or if on PR and token is given + fail_ci_if_error: ${{ github.event_name != 'pull_request' || secrets.CODECOV_TOKEN }} + files: ./cobertura.xml + plugins: noop + disable_search: true + token: ${{ secrets.CODECOV_TOKEN }} + - name: Show testthat output if: always() run: | ## -------------------------------------------------------------------- - find ${{ runner.temp }}/package -name 'testthat.Rout*' -exec cat '{}' \; || true + find '${{ runner.temp }}/package' -name 'testthat.Rout*' -exec cat '{}' \; || true shell: bash - name: Upload test results if: failure() - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: coverage-test-failures path: ${{ runner.temp }}/package diff --git a/README.md b/README.md index 3427f2a4..9d0b73a7 100644 --- a/README.md +++ b/README.md @@ -11,7 +11,7 @@ httr is superseded: only changes necessary to keep it on CRAN will be made. We r [![CRAN status](https://www.r-pkg.org/badges/version/httr)](https://cran.r-project.org/package=httr) [![R-CMD-check](https://github.com/r-lib/httr/actions/workflows/R-CMD-check.yaml/badge.svg)](https://github.com/r-lib/httr/actions/workflows/R-CMD-check.yaml) -[![Codecov test coverage](https://codecov.io/gh/r-lib/httr/branch/main/graph/badge.svg)](https://app.codecov.io/gh/r-lib/httr?branch=main) +[![Codecov test coverage](https://codecov.io/gh/r-lib/httr/graph/badge.svg)](https://app.codecov.io/gh/r-lib/httr) The aim of httr is to provide a wrapper for the [curl](https://cran.r-project.org/package=curl) package, customised to the demands of modern web APIs. From 118ea78f74ef77dc9344d12aa05d3a1714f290d4 Mon Sep 17 00:00:00 2001 From: Hadley Wickham Date: Thu, 12 Feb 2026 07:53:49 -0600 Subject: [PATCH 2/2] Don't want to use air here --- .github/workflows/format-suggest.yaml | 46 --------------------------- 1 file changed, 46 deletions(-) delete mode 100644 .github/workflows/format-suggest.yaml diff --git a/.github/workflows/format-suggest.yaml b/.github/workflows/format-suggest.yaml deleted file mode 100644 index 8c4f117d..00000000 --- a/.github/workflows/format-suggest.yaml +++ /dev/null @@ -1,46 +0,0 @@ -# Workflow derived from https://github.com/posit-dev/setup-air/tree/main/examples - -on: - # Using `pull_request_target` over `pull_request` for elevated `GITHUB_TOKEN` - # privileges, otherwise we can't set `pull-requests: write` when the pull - # request comes from a fork, which is our main use case (external contributors). - # - # `pull_request_target` runs in the context of the target branch (`main`, usually), - # rather than in the context of the pull request like `pull_request` does. Due - # to this, we must explicitly checkout `ref: ${{ github.event.pull_request.head.sha }}`. - # This is typically frowned upon by GitHub, as it exposes you to potentially running - # untrusted code in a context where you have elevated privileges, but they explicitly - # call out the use case of reformatting and committing back / commenting on the PR - # as a situation that should be safe (because we aren't actually running the untrusted - # code, we are just treating it as passive data). - # https://securitylab.github.com/resources/github-actions-preventing-pwn-requests/ - pull_request_target: - -name: format-suggest.yaml - -jobs: - format-suggest: - name: format-suggest - runs-on: ubuntu-latest - - permissions: - # Required to push suggestion comments to the PR - pull-requests: write - - steps: - - uses: actions/checkout@v4 - with: - ref: ${{ github.event.pull_request.head.sha }} - - - name: Install - uses: posit-dev/setup-air@v1 - - - name: Format - run: air format . - - - name: Suggest - uses: reviewdog/action-suggester@v1 - with: - level: error - fail_level: error - tool_name: air