You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Upgrades all four uses: actions/github-script@v8 steps to @v9. The v9 release adds a getOctokit factory function and upgrades @actions/github to v9 (ESM-only).
Breaking change handled:require('@actions/github') no longer works in v9. The scripts in this workflow don't use that pattern β they only use the injected github context object.
API style update: Also migrates from the deprecated flat API (github.issues.createComment, github.pulls.get) to the namespaced REST API (github.rest.issues.createComment, github.rest.pulls.get). Both work in v9, but the github.rest.* style is idiomatic for the v9 client.
Upgrades uses: actions/cache@v4 to @v5. v5 runs on the Node.js 24 runtime and requires Actions Runner β₯ 2.327.1. GitHub-hosted runners (ubuntu-latest) meet this requirement.
These are CI configuration changes only β no Python code was modified. The workflow logic is unchanged; only action versions and Octokit API call style are updated. The repository tests (poe test) pass unchanged.
Warning
Protected Files β Push Permission Denied
This was originally intended as a pull request, but the patch modifies protected files. A human must create the pull request manually.
The push was rejected because GitHub Actions does not have workflows permission to push these changes, and is never allowed to make such changes, or other authorization being used does not have this permission.
Create the pull request manually
# Download the patch from the workflow run
gh run download 24486623340 -n agent -D /tmp/agent-24486623340
# Create a new branch
git checkout -b repo-assist/eng-bundle-actions-updates-20260416-80ddc1126ee4f057 main
# Apply the patch (--3way handles cross-repo patches)
git am --3way /tmp/agent-24486623340/aw-repo-assist-eng-bundle-actions-updates-20260416.patch
# Push the branch and create the pull request
git push origin repo-assist/eng-bundle-actions-updates-20260416-80ddc1126ee4f057
gh pr create --title '[Repo Assist] ci: bundle GitHub Actions updates (github-script v9, cache v5)' --base main --head repo-assist/eng-bundle-actions-updates-20260416-80ddc1126ee4f057 --repo py-why/dowhy
π€ This is an automated PR from Repo Assist.
This bundles two pending Dependabot PRs into a single change to reduce review noise. Maintainers can close #1450 and #1451 after merging this PR.
Changes
1.
actions/github-scriptv8 β v9 (refs Dependabot PR #1450)File:
.github/workflows/advanced-on-demand.ymlUpgrades all four
uses: actions/github-script@v8steps to@v9. The v9 release adds agetOctokitfactory function and upgrades@actions/githubto v9 (ESM-only).Breaking change handled:
require('@actions/github')no longer works in v9. The scripts in this workflow don't use that pattern β they only use the injectedgithubcontext object.API style update: Also migrates from the deprecated flat API (
github.issues.createComment,github.pulls.get) to the namespaced REST API (github.rest.issues.createComment,github.rest.pulls.get). Both work in v9, but thegithub.rest.*style is idiomatic for the v9 client.2.
actions/cachev4 β v5 (refs Dependabot PR #1451)File:
.github/workflows/ci.ymlUpgrades
uses: actions/cache@v4to@v5. v5 runs on the Node.js 24 runtime and requires Actions Runner β₯ 2.327.1. GitHub-hosted runners (ubuntu-latest) meet this requirement.Not included
actions/upload-artifact7.0.0 β 7.0.1) targets onlyrepo-assist.lock.yml, which is a managed lock file β updating it here is out of scope.Test Status
These are CI configuration changes only β no Python code was modified. The workflow logic is unchanged; only action versions and Octokit API call style are updated. The repository tests (
poe test) pass unchanged.Warning
Protected Files β Push Permission Denied
This was originally intended as a pull request, but the patch modifies protected files. A human must create the pull request manually.
Protected files
Create the pull request manually