Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

deps(deps): bump the github-actions group with 11 updates #33

Closed
wants to merge 1 commit into from
Closed

deps(deps): bump the github-actions group with 11 updates #33

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 21, 2024
edited
Loading

Bumps the github-actions group with 11 updates:

Package From To
actions/checkout 4.1.1 4.1.2
actions/setup-node 4.0.1 4.0.2
actions/cache 3.3.3 4.0.2
github/codeql-action 3.23.0 3.24.8
actions/dependency-review-action 3.1.5 4.2.3
dorny/paths-filter 2.11.1 3.0.2
sigstore/cosign-installer 3.3.0 3.4.0
docker/setup-buildx-action 3.0.0 3.2.0
docker/login-action 3.0.0 3.1.0
docker/metadata-action 5.5.0 5.5.1
docker/build-push-action 5.1.0 5.3.0

Updates actions/checkout from 4.1.1 to 4.1.2

Release notes

Sourced from actions/checkout's releases.

v4.1.2

We are investigating the following issue with this release and have rolled-back the v4 tag to point to v4.1.1

What's Changed

New Contributors

Full Changelog: actions/checkout@v4.1.1...v4.1.2

Changelog

Sourced from actions/checkout's changelog.

v4.1.2

Commits

Updates actions/setup-node from 4.0.1 to 4.0.2

Release notes

Sourced from actions/setup-node's releases.

v4.0.2

What's Changed

New Contributors

Full Changelog: actions/setup-node@v4.0.1...v4.0.2

Commits

Updates actions/cache from 3.3.3 to 4.0.2

Release notes

Sourced from actions/cache's releases.

v4.0.2

What's Changed

Full Changelog: actions/cache@v4.0.1...v4.0.2

v4.0.1

What's Changed

New Contributors

Full Changelog: actions/cache@v4...v4.0.1

v4.0.0

What's Changed

New Contributors

Full Changelog: actions/cache@v3...v4.0.0

Changelog

Sourced from actions/cache's changelog.

4.0.2

  • Fixed restore fail-on-cache-miss not working.

4.0.1

  • Updated isGhes check

4.0.0

  • Updated minimum runner version support from node 12 -> node 20
Commits

Updates github/codeql-action from 3.23.0 to 3.24.8

Changelog

Sourced from github/codeql-action's changelog.

3.24.8 - 18 Mar 2024

  • Improve the ease of debugging extraction issues by increasing the verbosity of the extractor logs when running in debug mode. #2195

3.24.7 - 12 Mar 2024

  • Update default CodeQL bundle version to 2.16.4. #2185

3.24.6 - 29 Feb 2024

No user facing changes.

3.24.5 - 23 Feb 2024

  • Update default CodeQL bundle version to 2.16.3. #2156

3.24.4 - 21 Feb 2024

  • Fix an issue where an existing, but empty, /sys/fs/cgroup/cpuset.cpus file always resulted in a single-threaded run. #2151

3.24.3 - 15 Feb 2024

  • Fix an issue where the CodeQL Action would fail to load a configuration specified by the config input to the init Action. #2147

3.24.2 - 15 Feb 2024

  • Enable improved multi-threaded performance on larger runners for GitHub Enterprise Server users. This feature is already available to GitHub.com users. #2141

3.24.1 - 13 Feb 2024

  • Update default CodeQL bundle version to 2.16.2. #2124
  • The CodeQL action no longer fails if it can't write to the telemetry api endpoint. #2121

3.24.0 - 02 Feb 2024

  • CodeQL Python analysis will no longer install dependencies on GitHub Enterprise Server, as is already the case for GitHub.com. See release notes for 3.23.0 for more details. #2106

3.23.2 - 26 Jan 2024

  • On Linux, the maximum possible value for the --threads option now respects the CPU count as specified in cgroup files to more accurately reflect the number of available cores when running in containers. #2083
  • Update default CodeQL bundle version to 2.16.1. #2096

3.23.1 - 17 Jan 2024

  • Update default CodeQL bundle version to 2.16.0. #2073
  • Change the retention period for uploaded debug artifacts to 7 days. Previously, this was whatever the repository default was. #2079
Commits
  • 05963f4 Merge pull request #2200 from github/update-v3.24.8-1ecc2779e
  • 2b9b521 Update changelog for v3.24.8
  • 1ecc277 Merge pull request #2198 from github/henrymercer/improve-tracking-autobuild-e...
  • e28ae3a Add config error for Swift build failures
  • bddfc7c Add config error for Gradle build failures
  • 3edd1bf Truncate autobuild errors to 10 lines
  • 88a0b7a Mark Maven build failures as configuration errors
  • 88b28eb Surface autobuild errors from stderr stream
  • f055b5e Merge pull request #2197 from github/henrymercer/log-job-status
  • 0d680ab Merge pull request #2196 from github/henrymercer/update-packs-input-description
  • Additional commits viewable in compare view

Updates actions/dependency-review-action from 3.1.5 to 4.2.3

Release notes

Sourced from actions/dependency-review-action's releases.

4.2.3

What's Changed

New Contributors

Full Changelog: actions/dependency-review-action@v4.1.3...v4.2.3

4.1.3

Fixes a bug in 4.1.2 that would introduce comments in every pull request, regardless of the user's configuration (see actions/dependency-review-action#697).

Full Changelog: actions/dependency-review-action@v4.1.2...v4.1.3

4.1.2

What's Changed

Full Changelog: actions/dependency-review-action@v4.1.1...v4.1.2

4.1.1

What's Changed

Full Changelog: actions/dependency-review-action@v4.1.0...v4.1.1

4.1.0

What's Changed

Added a new configuration option (warn-only, boolean) that makes the action always succeed while still displaying found vulnerabilities in the log.

New Contributors

Full Changelog: actions/dependency-review-action@v4...v4.1.0

v4.0.0

... (truncated)

Commits
  • 0fa40c3 bumping to 4.2.3.
  • 1f6240f Merge pull request #707 from laughedelic/feat/data-outputs
  • b751d41 Merge pull request #702 from actions/dependabot/npm_and_yarn/nodemon-3.1.0
  • 6183eb9 Merge pull request #703 from actions/dependabot/npm_and_yarn/eslint-plugin-je...
  • 6585cc5 fix run syntax
  • 218a76c add clarification about output usage hygiene
  • d78d095 revert changes in CI
  • 36297aa Merge pull request #716 from actions/dependabot/npm_and_yarn/types/node-20.11.28
  • 1e69a8c Bump @​types/node from 20.11.19 to 20.11.28
  • 2f10643 Merge pull request #715 from actions/jonjanego-patch-2
  • Additional commits viewable in compare view

Updates dorny/paths-filter from 2.11.1 to 3.0.2

Release notes

Sourced from dorny/paths-filter's releases.

v3.0.2

What's Changed

New Contributors

Full Changelog: dorny/paths-filter@v3...v3.0.2

v3.0.1

What's Changed

New Contributors

Full Changelog: dorny/paths-filter@v3...v3.0.1

v3.0.0

What's Changed

New Contributors

Full Changelog: dorny/paths-filter@v2.11.1...v3.0.0

Changelog

Sourced from dorny/paths-filter's changelog.

v3.0.2

v3.0.1

v3.0.0

Commits
  • de90cc6 Update dist and CHANGELOG for v3.0.2
  • cf89abd Merge pull request #224 from petermetz/feat-filter-predicate-quantifier
  • f90d526 feat: add config parameter for predicate quantifier
  • ebc4d7e Update CHANGELOG for v3.0.1
  • 45f16f1 Merge pull request #133 from frouioui/main
  • 5da0e4c Merge branch 'master'
  • 1441771 Update README.md
  • 0bc4621 Bump major version to v3
  • 7267a85 Update CHANGELOG for v2.12.0
  • e36f112 Merge pull request #215 from dorny/update-dependencies
  • Additional commits viewable in compare view

Updates sigstore/cosign-installer from 3.3.0 to 3.4.0

Release notes

Sourced from sigstore/cosign-installer's releases.

v3.4.0

What's Changed

New Contributors

Full Changelog: sigstore/cosign-installer@v3...v3.4.0

Commits

Updates docker/setup-buildx-action from 3.0.0 to 3.2.0

Release notes

Sourced from docker/setup-buildx-action's releases.

v3.2.0

[!NOTE] config and config-inline input names are deprecated and will be removed in next major release.

Full Changelog: docker/setup-buildx-action@v3.1.0...v3.2.0

v3.1.0

Full Changelog: docker/setup-buildx-action@v3.0.0...v3.1.0

Commits
  • 2b51285 Merge pull request #306 from docker/dependabot/npm_and_yarn/docker/actions-to...
  • 0f00370 chore: update generated content
  • 11c9683 build(deps): bump @​docker/actions-toolkit from 0.18.0 to 0.19.0
  • 56a16b8 Merge pull request #303 from crazy-max/fix-inputs
  • c23f46e chore: update generated content
  • f876da6 rename and align config inputs
  • b7cf918 Merge pull request #304 from crazy-max/rm-docs-dir
  • 0150f0e chore: remove docs dir
  • d89f1f9 Merge pull request #302 from docker/dependabot/npm_and_yarn/docker/actions-to...
  • 12d65f6 chore: update generated content
  • Additional commits viewable in compare view

Updates docker/login-action from 3.0.0 to 3.1.0

Release notes

Sourced from docker/login-action's releases.

v3.1.0

Full Changelog: docker/login-action@v3.0.0...v3.1.0

Commits
  • e92390c Merge pull request #685 from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...
  • 1e752e2 chore: update generated content
  • 51c6097 build(deps): bump the aws-sdk-dependencies group with 2 updates
  • 8f079fb Merge pull request #676 from docker/dependabot/npm_and_yarn/proxy-agent-depen...
  • 16fa768 chore: update generated content
  • 46d1619 build(deps): bump the proxy-agent-dependencies group with 2 updates
  • 8c291c5 Merge pull request #682 from docker/dependabot/npm_and_yarn/docker/actions-to...
  • ec726f4 build(deps): bump @​docker/actions-toolkit from 0.14.0 to 0.18.0
  • 5139682 Merge pull request #677 from docker/dependabot/npm_and_yarn/undici-5.28.3
  • 6d4e2ba chore: update generated content
  • Additional commits viewable in compare view

Updates docker/metadata-action from 5.5.0 to 5.5.1

Release notes

Sourced from docker/metadata-action's releases.

v5.5.1

Full Changelog: docker/metadata-action@v5.5.0...v5.5.1

Commits
  • 8e5442c Merge pull request #382 from crazy-max/dont-set-cwd-prefix
  • eda41b7 chore: update generated content
  • 388c08f don't set cwd:// prefix for local bake files
  • See full diff in compare view

Updates docker/build-push-action from 5.1.0 to 5.3.0

Release notes

Sourced from docker/build-push-action's releases.

v5.3.0

Full Changelog: docker/build-push-action@v5.2.0...v5.3.0

v5.2.0

Full Changelog: docker/build-push-action@v5.1.0...v5.2.0

Commits
  • 2cdde99 Merge pull request #1080 from docker/dependabot/npm_and_yarn/docker/actions-t...
  • 008747a chore: update generated content
  • 1580753 chore(deps): Bump @​docker/actions-toolkit from 0.18.0 to 0.19.0
  • 2a7db1d Merge pull request #1075 from crazy-max/ci-multi-output
  • 35e7dd5 ci: test multi output
  • af5a7ed Merge pull request #1074 from crazy-max/build-cmd-debug
  • 2a85189 chore: update generated content
  • 6c20794 disable quotes detection for "outputs" input
  • afdf0c0 chore: debug build cmd and args
  • 00ae31a Merge pull request #1070 from docker/dependabot/npm_and_yarn/docker/actions-t...
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
deps(deps): bump the github-actions group with 11 updates
3439ce0 
Bumps the github-actions group with 11 updates:

| Package | From | To |
| --- | --- | --- |
| [actions/checkout](https://github.com/actions/checkout) | `4.1.1` | `4.1.2` |
| [actions/setup-node](https://github.com/actions/setup-node) | `4.0.1` | `4.0.2` |
| [actions/cache](https://github.com/actions/cache) | `3.3.3` | `4.0.2` |
| [github/codeql-action](https://github.com/github/codeql-action) | `3.23.0` | `3.24.8` |
| [actions/dependency-review-action](https://github.com/actions/dependency-review-action) | `3.1.5` | `4.2.3` |
| [dorny/paths-filter](https://github.com/dorny/paths-filter) | `2.11.1` | `3.0.2` |
| [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) | `3.3.0` | `3.4.0` |
| [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `3.0.0` | `3.2.0` |
| [docker/login-action](https://github.com/docker/login-action) | `3.0.0` | `3.1.0` |
| [docker/metadata-action](https://github.com/docker/metadata-action) | `5.5.0` | `5.5.1` |
| [docker/build-push-action](https://github.com/docker/build-push-action) | `5.1.0` | `5.3.0` |


Updates `actions/checkout` from 4.1.1 to 4.1.2
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v4.1.1...v4.1.2)

Updates `actions/setup-node` from 4.0.1 to 4.0.2
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](actions/setup-node@v4.0.1...v4.0.2)

Updates `actions/cache` from 3.3.3 to 4.0.2
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](actions/cache@v3.3.3...v4.0.2)

Updates `github/codeql-action` from 3.23.0 to 3.24.8
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@v3.23.0...v3.24.8)

Updates `actions/dependency-review-action` from 3.1.5 to 4.2.3
- [Release notes](https://github.com/actions/dependency-review-action/releases)
- [Commits](actions/dependency-review-action@v3.1.5...v4.2.3)

Updates `dorny/paths-filter` from 2.11.1 to 3.0.2
- [Release notes](https://github.com/dorny/paths-filter/releases)
- [Changelog](https://github.com/dorny/paths-filter/blob/master/CHANGELOG.md)
- [Commits](dorny/paths-filter@v2.11.1...v3.0.2)

Updates `sigstore/cosign-installer` from 3.3.0 to 3.4.0
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](sigstore/cosign-installer@v3.3.0...v3.4.0)

Updates `docker/setup-buildx-action` from 3.0.0 to 3.2.0
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](docker/setup-buildx-action@v3.0.0...v3.2.0)

Updates `docker/login-action` from 3.0.0 to 3.1.0
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](docker/login-action@v3.0.0...v3.1.0)

Updates `docker/metadata-action` from 5.5.0 to 5.5.1
- [Release notes](https://github.com/docker/metadata-action/releases)
- [Commits](docker/metadata-action@v5.5.0...v5.5.1)

Updates `docker/build-push-action` from 5.1.0 to 5.3.0
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](docker/build-push-action@v5.1.0...v5.3.0)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
- dependency-name: actions/setup-node
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: actions/dependency-review-action
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: dorny/paths-filter
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: sigstore/cosign-installer
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: docker/metadata-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot requested a review from alimd as a code owner March 21, 2024 11:00
@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Mar 21, 2024

The following labels could not be found: ci, priority-low, maintenance.

@dependabot dependabot bot mentioned this pull request Mar 21, 2024
Closed
@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Mar 28, 2024

Superseded by #37.

@dependabot dependabot bot closed this Mar 28, 2024
@dependabot dependabot bot deleted the dependabot/github_actions/github-actions-8815ee16d1 branch March 28, 2024 10:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@alimd alimd Awaiting requested review from alimd alimd is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants