Elgato_dark/DataDesigner
1
0
Fork 0
mirror of https://github.com/NVIDIA-NeMo/DataDesigner synced 2026-05-24 09:48:29 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
426 commits 181 branches 62 tags 781 MiB
Commit graph

6 commits

Author SHA1 Message Date
Andre Manoel
addece9828
fix(ci): grant permissions to reusable workflow calls in build-docs and pack-tutorials (#561) 
The top-level `permissions: {}` added in #517 restricts all jobs to zero
permissions by default. The `build-notebooks` jobs that call the reusable
workflow did not override this, so GitHub Actions refused to start them
(startup_failure). Add the required `actions: read` and `contents: write`
permissions to both calling jobs.

Fixes the v0.5.7 release docs build failure.
 2026-04-21 12:48:29 -03:00
dependabot[bot]
abe5c2d177
ci: bump the all-actions group with 5 updates (#539) 
* ci: bump the all-actions group with 5 updates

Bumps the all-actions group with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [actions/checkout](https://github.com/actions/checkout) | `4.3.1` | `6.0.2` |
| [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv) | `7.6.0` | `8.0.0` |
| [actions/download-artifact](https://github.com/actions/download-artifact) | `7.0.0` | `8.0.1` |
| [actions/upload-artifact](https://github.com/actions/upload-artifact) | `6.0.0` | `7.0.1` |
| [NVIDIA-NeMo/FW-CI-templates/.github/workflows/_semantic_pull_request.yml](https://github.com/nvidia-nemo/fw-ci-templates) | `0.65.12` | `0.88.1` |


Updates `actions/checkout` from 4.3.1 to 6.0.2
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v4.3.1...de0fac2e4500dabe0009e67214ff5f5447ce83dd)

Updates `astral-sh/setup-uv` from 7.6.0 to 8.0.0
- [Release notes](https://github.com/astral-sh/setup-uv/releases)
- [Commits](37802adc94...cec208311d)

Updates `actions/download-artifact` from 7.0.0 to 8.0.1
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](37930b1c2a...3e5f45b2cf)

Updates `actions/upload-artifact` from 6.0.0 to 7.0.1
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](b7c566a772...043fb46d1a)

Updates `NVIDIA-NeMo/FW-CI-templates/.github/workflows/_semantic_pull_request.yml` from 0.65.12 to 0.88.1
- [Release notes](https://github.com/nvidia-nemo/fw-ci-templates/releases)
- [Changelog](https://github.com/NVIDIA-NeMo/FW-CI-templates/blob/main/CHANGELOG.md)
- [Commits](21f18ae8b6...2a49420d5a)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: 6.0.2
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: all-actions
- dependency-name: astral-sh/setup-uv
  dependency-version: 8.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: all-actions
- dependency-name: actions/download-artifact
  dependency-version: 8.0.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: all-actions
- dependency-name: actions/upload-artifact
  dependency-version: 7.0.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: all-actions
- dependency-name: NVIDIA-NeMo/FW-CI-templates/.github/workflows/_semantic_pull_request.yml
  dependency-version: 0.88.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-actions
...

Signed-off-by: dependabot[bot] <support@github.com>

* ci: skip docs preview deploy for Dependabot PRs

GitHub does not expose repository secrets to Dependabot PRs, so the
Cloudflare Pages deploy always fails with a missing API token. Skip the
entire job when the actor is dependabot[bot].

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Andre Manoel <amanoel@nvidia.com>
Co-authored-by: Andre Manoel <165937436+andreatgretel@users.noreply.github.com>
 2026-04-13 20:28:38 -03:00
Andre Manoel
54d51bdf89
chore: harden CI supply chain (#517) 
* ci: harden CI supply chain

Pin all GitHub Actions to commit SHAs to prevent tag-based supply chain
attacks (same class as CVE-2025-30066). Replace softprops/action-gh-release
(single-maintainer, no security policy) with gh CLI. Add top-level
permissions: {} to all workflows that lacked it, enforcing least-privilege
by default. Enable Dependabot for GitHub Actions and pip dependencies.

Closes #471

* fix: add dependabot pip entries for each sub-package

The root directory has no pyproject.toml; the actual packages live under
packages/data-designer-config, packages/data-designer-engine, and
packages/data-designer.
 2026-04-13 10:34:26 -03:00
oliver könig
8ca8e2447b
ci: upgrade GitHub Actions for Node.js 24 compatibility (#450) 
* ci: upgrade GitHub Actions for Node.js 24 compatibility

Upgrades actions to versions compatible with the Node.js 24 runtime:
- actions/checkout: → v6
- actions/upload-artifact: → v6
- actions/download-artifact: → v7
- actions/github-script: → v8
- actions/setup-python: → v6

Mirrors: 1d5e68b074
Signed-off-by: oliver könig <okoenig@nvidia.com>

* ci: also upgrade actions/cache and astral-sh/setup-uv to node24-compatible versions

- actions/cache: v4 → v5 in build-notebooks.yml
- astral-sh/setup-uv: v5/v6 → v7 in ci.yml, check-colab-notebooks.yml, health-checks.yml, build-docs.yml, build-notebooks.yml

Addresses: https://github.com/NVIDIA-NeMo/DataDesigner/pull/450#issuecomment-4154872141

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

---------

Signed-off-by: oliver könig <okoenig@nvidia.com>
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
Co-authored-by: Andre Manoel <165937436+andreatgretel@users.noreply.github.com>
 2026-03-30 17:39:05 -03:00
Andre Manoel
5d4ad10b11
chore: moving notebooks to jupytext and cleaning up workflows (#91) 
* adding basic jupytext structure

Co-authored-by: Johnny Greco <jogreco@nvidia.com>

* few fixes

* first test for ci

* adding error intentionally to check workflow behavior

* test calling from other workflows

* typo

* trying as job instead

* couple of fixes

* checking path

* trying to fix path

* wrapping up

---------

Co-authored-by: Johnny Greco <jogreco@nvidia.com>
 2025-12-03 17:29:07 -03:00
Andre Manoel
ce0fc0805a
docs: streamlining tutorials (#61) 
* first attempt

* typo

* it works! cleaning up

* adding trigger again just to run once

* cleanup

* typo
 2025-11-21 16:14:48 -03:00