Dependabot devcontainer#27
Merged
Merged
Conversation
- Switch from universal image to smaller ubuntu-24.04 base with explicit Java 21 - Add Docker layer caching to reuse build artifacts between runs - Improve triggers to include .bazelversion and MODULE.bazel changes - Add concurrency control to cancel redundant builds - Add timeout and focused testing (tools verification only) - Reduce build time by avoiding duplicate bazel testing covered by main CI 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
- Add devcontainers package-ecosystem to dependabot.yml - Configure weekly updates on Tuesday - Include same reviewer and labeling as GitHub Actions 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
- Pin all devcontainer features to specific versions for reproducibility - Change dependabot schedule from weekly to monthly for devcontainers - Locked versions: java:1.4.0, bazel:1.1.1, neovim:1.0.6, curl:1.0.3, zsh-plugins:0.6.0, claude-code:1.2.3 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
- bazel: 1.2.2 (latest release from Aug 27, 2025) - claude-code: 1.0.5 (confirmed latest version) - java: 1 (use major version for latest) - zsh-plugins: 1 (use major version for latest) - neovim-apt-get, curl-apt-get: 1 (use major version) 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
- Enable experimental lockfile support in VS Code settings - Create devcontainer-lock.json template with current features - Add CI workflow to validate lockfile consistency - Document lockfile workflow in CLAUDE.md Benefits: - Reproducible builds with pinned feature versions - Supply chain security via checksum verification - Automated validation in CI/CD pipeline - Future-proof for when lockfiles become GA 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
- Use sentence case for workflow names - Remove master branch reference (only using main) - Consistent devcontainer naming (not DevContainer) 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
- Remove cacheFrom parameter that was trying to push to ghcr.io - Workflow was failing with "push failed with 1" error - Keep container testing focused on build verification only 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
- Remove push-to-main trigger - only test on PRs - Remove Docker Buildx setup (not needed for simple testing) - Add essential tools verification (bazel, java, nvim) - Use sentence case naming - Focus on "does it build and work" rather than complex caching 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
- Add devcontainer support to dependabot.yml (monthly updates) - Pin feature versions: bazel:1.2.2, claude-code:1.0.5, others :1 - Enable experimental lockfile support in VS Code settings - Add devcontainer-lock.json template with TBD checksums - Add CI workflow for lockfile validation - Simplify devcontainer testing to PR-only builds - Remove complex lockfile generation scripts Features work without explicit checksums. VS Code will auto-generate real checksums when container rebuilds with experimental setting. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
Conflicts resolved: - devcontainer.json: Keep pinned bazel version (1.2.2) and new features - test-dev-container.yml: Keep simplified PR-only testing approach - Remove Docker Buildx and cacheFrom that was causing build failures - Maintain sentence case naming and essential tools verification 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
…ouping - Group all tmux variants under @tmux repository for cleaner organization - Prefer system-installed tmux (@tmux//:local) with fallback to static binaries - Add downloaded static tmux binaries for Linux amd64/arm64 as fallbacks - Simplify toolchain registration with intuitive naming scheme - Remove duplicate toolchain definitions from BUILD.bazel 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
- Switch base image to Java 21 for better Bazel support - Clean up feature configuration with proper versioning - Enable automatic lockfile generation with real SHA256 hashes - Add essential development extensions (Bazel, JSON, YAML, TypeScript, Python) - Streamline package dependencies 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
- Consolidate two separate devcontainer workflows into single streamlined workflow - Remove redundant lockfile validation checks (devcontainer build handles this) - Remove over-engineered JSON parsing and feature validation - Keep only essential devcontainer build and smoke test - Reduce workflow complexity while maintaining functionality 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.