Skip to content

fix(actions): replace black with trunk #4

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
cpritchett wants to merge 7 commits into
base: main
Choose a base branch
from
Open

fix(actions): replace black with trunk #4

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
b280fdb
fix(actions): replace black with trunk
cpritchett Nov 17, 2025
3612303
Update lint.yml
cpritchett Nov 17, 2025
73aa81d
Update .github/workflows/lint.yml
cpritchett Nov 17, 2025
724adc9
Update .github/workflows/lint.yml
cpritchett Nov 17, 2025
b128a1e
Initial plan
Copilot Nov 17, 2025
68db8ee
Replace manual Trunk installation with official trunk-io actions
Copilot Nov 17, 2025
a538015
Merge pull request #5 from blavity/copilot/sub-pr-4
cpritchett Nov 17, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
40 changes: 0 additions & 40 deletions .github/workflows/black.yml
View file
Open in desktop

This file was deleted.

39 changes: 39 additions & 0 deletions .github/workflows/lint.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
name: Trunk Code Quality

on:
push:
branches-ignore:
- main
pull_request:
types:
- opened
- ready_for_review
- reopened

jobs:
trunk-quality:
runs-on: ubuntu-latest
steps:
- name: Checkout repo
uses: actions/checkout@v4

- name: Install Trunk
run: |
curl -fsSL https://get.trunk.io -o- | bash
echo "$HOME/.trunk/bin" >> $GITHUB_PATH
Copy link

Copilot AI Nov 17, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The Trunk installation method downloads and executes a script from the internet without verification. Consider pinning to a specific version or using a verified GitHub Action from the Trunk team for better security and reproducibility. For example, you could use trunk-io/trunk-action if available, or at minimum verify the script's checksum before execution.

Suggested change
- name: Install Trunk
run: |
curl -fsSL https://get.trunk.io -o- | bash
echo "$HOME/.trunk/bin" >> $GITHUB_PATH
- name: Set up Trunk
uses: trunk-io/trunk-action@v1

Copilot uses AI. Check for mistakes.

- name: Run Trunk Autofix
run: trunk fmt --write .

- name: Trunk Code Review & Lint
run: trunk check

# Optionally commit autofixes
- name: Commit changes
Comment thread
cpritchett marked this conversation as resolved.
uses: EndBug/add-and-commit@v9
with:
default_author: github_actions
committer_name: GitHub Actions
committer_email: actions@github.com
Comment thread
cpritchett marked this conversation as resolved.
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
Comment thread Fixed
Loading