setup-msys2 VS roadmap

Other pages provide complementary information on that same topic.

Another thing I appreciated was the explanation of MSYS2's environments:

https://www.msys2.org/docs/environments/

Being able to painlessly switch away from MSVCRT to UCRT was helpful in solving some UTF-8 difficulties I was experiencing at the time.

Package management with pacman is rather pleasant, and the setup-msys2 GitHub Action makes it simple to provide your GHA workflow with the tools and libs you want:

https://www.msys2.org/docs/package-management/

https://packages.msys2.org/queue

https://github.com/msys2/setup-msys2

> Actions reduce workflow steps by providing reusabe[sic] “code” for common tasks. To run an action, you include the uses keyword pointing to a GitHub repo with the pattern {owner}/{repo}@{ref} or {owner}/{repo}/{path}@{ref} if it’s in a subdirectory. A ref can be a branch, tag, or SHA.

Aside from the typo, I wonder how many packages could be backdoored at once, if an action maintainer went rogue, seeing as there's no pinning for actions by default, and (according to https://github.com/msys2/setup-msys2/blob/main/HACKING.md) moving a tag is the default way to push updates to an action. (Interestingly get-cmake/run-cmake/run-vcpkg are all operated by the same person.)

Same message as for PyPI compatible package registry: https://github.com/github/roadmap/issues/94

Yeah I had to look around a bit but yep… https://github.com/github/roadmap/issues/94

It looks like a lot of things have been killed… which with my cynical hat on I think might have something to do with overlapping capabilities with Azure services.

Others have mentioned tmate to SSH into a running GitHub Actions workflow; there is a roadmap issue making that functionality built-in to Actions, planned for 2023/Q4.

Immutable actions are on GitHub's roadmap.

I think not yet, but seems to be in the roadmap