Skip to content

Commit

Permalink
Bump the github-actions-minor-or-patch group with 4 updates (#150)
Browse files Browse the repository at this point in the history 
Bumps the github-actions-minor-or-patch group with 4 updates:
[actions/checkout](https://github.com/actions/checkout),
[taiki-e/install-action](https://github.com/taiki-e/install-action),
[ossf/scorecard-action](https://github.com/ossf/scorecard-action) and
[crate-ci/typos](https://github.com/crate-ci/typos).

Updates `actions/checkout` from 4.1.1 to 4.2.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/releases">actions/checkout's
releases</a>.</em></p>
<blockquote>
<h2>v4.2.2</h2>
<h2>What's Changed</h2>
<ul>
<li><code>url-helper.ts</code> now leverages well-known environment
variables by <a href="https://github.com/jww3"><code>@​jww3</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/1941">actions/checkout#1941</a></li>
<li>Expand unit test coverage for <code>isGhes</code> by <a
href="https://github.com/jww3"><code>@​jww3</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1946">actions/checkout#1946</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v4.2.1...v4.2.2">https://github.com/actions/checkout/compare/v4.2.1...v4.2.2</a></p>
<h2>v4.2.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Check out other refs/* by commit if provided, fall back to ref by <a
href="https://github.com/orhantoy"><code>@​orhantoy</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1924">actions/checkout#1924</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/Jcambass"><code>@​Jcambass</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/checkout/pull/1919">actions/checkout#1919</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v4.2.0...v4.2.1">https://github.com/actions/checkout/compare/v4.2.0...v4.2.1</a></p>
<h2>v4.2.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Add Ref and Commit outputs by <a
href="https://github.com/lucacome"><code>@​lucacome</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1180">actions/checkout#1180</a></li>
<li>Dependabot updates in <a
href="https://redirect.github.com/actions/checkout/pull/1777">actions/checkout#1777</a>
&amp; <a
href="https://redirect.github.com/actions/checkout/pull/1872">actions/checkout#1872</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/yasonk"><code>@​yasonk</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/checkout/pull/1869">actions/checkout#1869</a></li>
<li><a href="https://github.com/lucacome"><code>@​lucacome</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/checkout/pull/1180">actions/checkout#1180</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v4.1.7...v4.2.0">https://github.com/actions/checkout/compare/v4.1.7...v4.2.0</a></p>
<h2>v4.1.7</h2>
<h2>What's Changed</h2>
<ul>
<li>Bump the minor-npm-dependencies group across 1 directory with 4
updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1739">actions/checkout#1739</a></li>
<li>Bump actions/checkout from 3 to 4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1697">actions/checkout#1697</a></li>
<li>Check out other refs/* by commit by <a
href="https://github.com/orhantoy"><code>@​orhantoy</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1774">actions/checkout#1774</a></li>
<li>Pin actions/checkout's own workflows to a known, good, stable
version. by <a href="https://github.com/jww3"><code>@​jww3</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1776">actions/checkout#1776</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/orhantoy"><code>@​orhantoy</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/checkout/pull/1774">actions/checkout#1774</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v4.1.6...v4.1.7">https://github.com/actions/checkout/compare/v4.1.6...v4.1.7</a></p>
<h2>v4.1.6</h2>
<h2>What's Changed</h2>
<ul>
<li>Check platform to set archive extension appropriately by <a
href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1732">actions/checkout#1732</a></li>
<li>Update for 4.1.6 release by <a
href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1733">actions/checkout#1733</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v4.1.5...v4.1.6">https://github.com/actions/checkout/compare/v4.1.5...v4.1.6</a></p>
<h2>v4.1.5</h2>
<h2>What's Changed</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h2>v4.2.2</h2>
<ul>
<li><code>url-helper.ts</code> now leverages well-known environment
variables by <a href="https://github.com/jww3"><code>@​jww3</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/1941">actions/checkout#1941</a></li>
<li>Expand unit test coverage for <code>isGhes</code> by <a
href="https://github.com/jww3"><code>@​jww3</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1946">actions/checkout#1946</a></li>
</ul>
<h2>v4.2.1</h2>
<ul>
<li>Check out other refs/* by commit if provided, fall back to ref by <a
href="https://github.com/orhantoy"><code>@​orhantoy</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1924">actions/checkout#1924</a></li>
</ul>
<h2>v4.2.0</h2>
<ul>
<li>Add Ref and Commit outputs by <a
href="https://github.com/lucacome"><code>@​lucacome</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1180">actions/checkout#1180</a></li>
<li>Dependency updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>- <a
href="https://redirect.github.com/actions/checkout/pull/1777">actions/checkout#1777</a>,
<a
href="https://redirect.github.com/actions/checkout/pull/1872">actions/checkout#1872</a></li>
</ul>
<h2>v4.1.7</h2>
<ul>
<li>Bump the minor-npm-dependencies group across 1 directory with 4
updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1739">actions/checkout#1739</a></li>
<li>Bump actions/checkout from 3 to 4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1697">actions/checkout#1697</a></li>
<li>Check out other refs/* by commit by <a
href="https://github.com/orhantoy"><code>@​orhantoy</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1774">actions/checkout#1774</a></li>
<li>Pin actions/checkout's own workflows to a known, good, stable
version. by <a href="https://github.com/jww3"><code>@​jww3</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1776">actions/checkout#1776</a></li>
</ul>
<h2>v4.1.6</h2>
<ul>
<li>Check platform to set archive extension appropriately by <a
href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1732">actions/checkout#1732</a></li>
</ul>
<h2>v4.1.5</h2>
<ul>
<li>Update NPM dependencies by <a
href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1703">actions/checkout#1703</a></li>
<li>Bump github/codeql-action from 2 to 3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1694">actions/checkout#1694</a></li>
<li>Bump actions/setup-node from 1 to 4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1696">actions/checkout#1696</a></li>
<li>Bump actions/upload-artifact from 2 to 4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1695">actions/checkout#1695</a></li>
<li>README: Suggest <code>user.email</code> to be
<code>41898282+github-actions[bot]@users.noreply.github.com</code> by <a
href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1707">actions/checkout#1707</a></li>
</ul>
<h2>v4.1.4</h2>
<ul>
<li>Disable <code>extensions.worktreeConfig</code> when disabling
<code>sparse-checkout</code> by <a
href="https://github.com/jww3"><code>@​jww3</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1692">actions/checkout#1692</a></li>
<li>Add dependabot config by <a
href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1688">actions/checkout#1688</a></li>
<li>Bump the minor-actions-dependencies group with 2 updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1693">actions/checkout#1693</a></li>
<li>Bump word-wrap from 1.2.3 to 1.2.5 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1643">actions/checkout#1643</a></li>
</ul>
<h2>v4.1.3</h2>
<ul>
<li>Check git version before attempting to disable
<code>sparse-checkout</code> by <a
href="https://github.com/jww3"><code>@​jww3</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1656">actions/checkout#1656</a></li>
<li>Add SSH user parameter by <a
href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1685">actions/checkout#1685</a></li>
<li>Update <code>actions/checkout</code> version in
<code>update-main-version.yml</code> by <a
href="https://github.com/jww3"><code>@​jww3</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1650">actions/checkout#1650</a></li>
</ul>
<h2>v4.1.2</h2>
<ul>
<li>Fix: Disable sparse checkout whenever <code>sparse-checkout</code>
option is not present <a
href="https://github.com/dscho"><code>@​dscho</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1598">actions/checkout#1598</a></li>
</ul>
<h2>v4.1.1</h2>
<ul>
<li>Correct link to GitHub Docs by <a
href="https://github.com/peterbe"><code>@​peterbe</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1511">actions/checkout#1511</a></li>
<li>Link to release page from what's new section by <a
href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1514">actions/checkout#1514</a></li>
</ul>
<h2>v4.1.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1396">Add
support for partial checkout filters</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/checkout/commit/11bd71901bbe5b1630ceea73d27597364c9af683"><code>11bd719</code></a>
Prepare 4.2.2 Release (<a
href="https://redirect.github.com/actions/checkout/issues/1953">#1953</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/e3d2460bbb42d7710191569f88069044cfb9d8cf"><code>e3d2460</code></a>
Expand unit test coverage (<a
href="https://redirect.github.com/actions/checkout/issues/1946">#1946</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/163217dfcd28294438ea1c1c149cfaf66eec283e"><code>163217d</code></a>
<code>url-helper.ts</code> now leverages well-known environment
variables. (<a
href="https://redirect.github.com/actions/checkout/issues/1941">#1941</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871"><code>eef6144</code></a>
Prepare 4.2.1 release (<a
href="https://redirect.github.com/actions/checkout/issues/1925">#1925</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/6b42224f41ee5dfe5395e27c8b2746f1f9955030"><code>6b42224</code></a>
Add workflow file for publishing releases to immutable action package
(<a
href="https://redirect.github.com/actions/checkout/issues/1919">#1919</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/de5a000abf73b6f4965bd1bcdf8f8d94a56ea815"><code>de5a000</code></a>
Check out other refs/* by commit if provided, fall back to ref (<a
href="https://redirect.github.com/actions/checkout/issues/1924">#1924</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/d632683dd7b4114ad314bca15554477dd762a938"><code>d632683</code></a>
Prepare 4.2.0 release (<a
href="https://redirect.github.com/actions/checkout/issues/1878">#1878</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/6d193bf28034eafb982f37bd894289fe649468fc"><code>6d193bf</code></a>
Bump braces from 3.0.2 to 3.0.3 (<a
href="https://redirect.github.com/actions/checkout/issues/1777">#1777</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/db0cee9a514becbbd4a101a5fbbbf47865ee316c"><code>db0cee9</code></a>
Bump the minor-npm-dependencies group across 1 directory with 4 updates
(<a
href="https://redirect.github.com/actions/checkout/issues/1872">#1872</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/b6849436894e144dbce29d7d7fda2ae3bf9d8365"><code>b684943</code></a>
Add Ref and Commit outputs (<a
href="https://redirect.github.com/actions/checkout/issues/1180">#1180</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/checkout/compare/v4.1.1...11bd71901bbe5b1630ceea73d27597364c9af683">compare
view</a></li>
</ul>
</details>
<br />

Updates `taiki-e/install-action` from 2.44.24 to 2.44.58
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/taiki-e/install-action/releases">taiki-e/install-action's
releases</a>.</em></p>
<blockquote>
<h2>2.44.58</h2>
<ul>
<li>Update <code>osv-scanner@latest</code> to 1.9.1.</li>
</ul>
<h2>2.44.57</h2>
<ul>
<li>
<p>Update <code>release-plz@latest</code> to 0.3.106.</p>
</li>
<li>
<p>Update <code>espup@latest</code> to 0.13.0.</p>
</li>
<li>
<p>Update <code>wasm-pack@latest</code> to 0.13.1.</p>
</li>
<li>
<p>Update <code>cargo-audit@latest</code> to 0.21.0.</p>
</li>
</ul>
<h2>2.44.56</h2>
<ul>
<li>Update <code>cargo-nextest@latest</code> to 0.9.82.</li>
</ul>
<h2>2.44.55</h2>
<ul>
<li>Update <code>syft@latest</code> to 1.15.0.</li>
</ul>
<h2>2.44.54</h2>
<ul>
<li>Update <code>cargo-zigbuild@latest</code> to 0.19.4.</li>
</ul>
<h2>2.44.53</h2>
<ul>
<li>Update <code>release-plz@latest</code> to 0.3.105.</li>
</ul>
<h2>2.44.52</h2>
<ul>
<li>
<p>Update <code>dprint@latest</code> to 0.47.5.</p>
</li>
<li>
<p>Update <code>cargo-udeps@latest</code> to 0.1.52.</p>
</li>
<li>
<p>Update <code>parse-changelog@latest</code> to 0.6.10.</p>
</li>
<li>
<p>Update <code>cargo-no-dev-deps@latest</code> to 0.2.14.</p>
</li>
<li>
<p>Update <code>cargo-hack@latest</code> to 0.6.32.</p>
</li>
</ul>
<h2>2.44.51</h2>
<ul>
<li>
<p>Update <code>cargo-binstall@latest</code> to 1.10.9.</p>
</li>
<li>
<p>Update <code>release-plz@latest</code> to 0.3.104.</p>
</li>
<li>
<p>Update <code>typos@latest</code> to 1.26.8.</p>
</li>
</ul>
<h2>2.44.50</h2>
<ul>
<li>Update <code>typos@latest</code> to 1.26.3.</li>
</ul>
<h2>2.44.49</h2>
<ul>
<li>Update <code>typos@latest</code> to 1.26.2.</li>
</ul>
<h2>2.44.48</h2>
<ul>
<li>Update <code>typos@latest</code> to 1.26.1.</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/taiki-e/install-action/blob/main/CHANGELOG.md">taiki-e/install-action's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<p>All notable changes to this project will be documented in this
file.</p>
<p>This project adheres to <a href="https://semver.org">Semantic
Versioning</a>.</p>
<!-- raw HTML omitted -->
<h2>[Unreleased]</h2>
<ul>
<li>Update <code>typos@latest</code> to 1.27.0.</li>
</ul>
<h2>[2.44.58] - 2024-10-31</h2>
<ul>
<li>Update <code>osv-scanner@latest</code> to 1.9.1.</li>
</ul>
<h2>[2.44.57] - 2024-10-30</h2>
<ul>
<li>
<p>Update <code>release-plz@latest</code> to 0.3.106.</p>
</li>
<li>
<p>Update <code>espup@latest</code> to 0.13.0.</p>
</li>
<li>
<p>Update <code>wasm-pack@latest</code> to 0.13.1.</p>
</li>
<li>
<p>Update <code>cargo-audit@latest</code> to 0.21.0.</p>
</li>
</ul>
<h2>[2.44.56] - 2024-10-29</h2>
<ul>
<li>Update <code>cargo-nextest@latest</code> to 0.9.82.</li>
</ul>
<h2>[2.44.55] - 2024-10-29</h2>
<ul>
<li>Update <code>syft@latest</code> to 1.15.0.</li>
</ul>
<h2>[2.44.54] - 2024-10-28</h2>
<ul>
<li>Update <code>cargo-zigbuild@latest</code> to 0.19.4.</li>
</ul>
<h2>[2.44.53] - 2024-10-27</h2>
<ul>
<li>Update <code>release-plz@latest</code> to 0.3.105.</li>
</ul>
<h2>[2.44.52] - 2024-10-27</h2>
<ul>
<li>
<p>Update <code>dprint@latest</code> to 0.47.5.</p>
</li>
<li>
<p>Update <code>cargo-udeps@latest</code> to 0.1.52.</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/taiki-e/install-action/commit/684122deb17127bf60d1d99224e12e8fc0012210"><code>684122d</code></a>
Release 2.44.58</li>
<li><a
href="https://github.com/taiki-e/install-action/commit/14e9fc3d162a75feaa75ae6bf2245dee04c09cba"><code>14e9fc3</code></a>
Update <code>osv-scanner@latest</code> to 1.9.1</li>
<li><a
href="https://github.com/taiki-e/install-action/commit/5d69aad4283e70e1c447823dfb60bf611091877c"><code>5d69aad</code></a>
Release 2.44.57</li>
<li><a
href="https://github.com/taiki-e/install-action/commit/2397c6bfa84f5a06fd04a016d5828b62d0ec4f7f"><code>2397c6b</code></a>
Update <code>release-plz@latest</code> to 0.3.106</li>
<li><a
href="https://github.com/taiki-e/install-action/commit/e082d6f2e4dae59b54df2dad83cdd528e49f2f06"><code>e082d6f</code></a>
Update <code>espup@latest</code> to 0.13.0</li>
<li><a
href="https://github.com/taiki-e/install-action/commit/6891c2e1465a2d024dd58a19bc0abc61563b9d0c"><code>6891c2e</code></a>
Update <code>wasm-pack@latest</code> to 0.13.1</li>
<li><a
href="https://github.com/taiki-e/install-action/commit/e60643d6ff5a7031c16aeeb783486834e2c865e6"><code>e60643d</code></a>
Update <code>cargo-audit@latest</code> to 0.21.0</li>
<li><a
href="https://github.com/taiki-e/install-action/commit/e35e2e777dde071a96489a02ac3f7d214dde10f1"><code>e35e2e7</code></a>
Release 2.44.56</li>
<li><a
href="https://github.com/taiki-e/install-action/commit/159ee466fecc39cd95b475093c4349de43c4310f"><code>159ee46</code></a>
Update <code>cargo-nextest@latest</code> to 0.9.82</li>
<li><a
href="https://github.com/taiki-e/install-action/commit/c203664563782b20c54c2222225272b077f53fc2"><code>c203664</code></a>
Release 2.44.55</li>
<li>Additional commits viewable in <a
href="https://github.com/taiki-e/install-action/compare/6d49eff78fe8ad9f571fb25522747f2d9e84be6b...684122deb17127bf60d1d99224e12e8fc0012210">compare
view</a></li>
</ul>
</details>
<br />

Updates `ossf/scorecard-action` from 2.3.1 to 2.4.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/ossf/scorecard-action/releases">ossf/scorecard-action's
releases</a>.</em></p>
<blockquote>
<h2>v2.4.0</h2>
<h2>What's Changed</h2>
<p>This update bumps the Scorecard version to the v5 release. For a
complete list of changes, please refer to the <a
href="https://github.com/ossf/scorecard/releases/tag/v5.0.0">v5.0.0
release notes</a>. Of special note to Scorecard Action is the Maintainer
Annotation feature, which can be used to suppress some Code Scanning
false positives. Alerts will not be generated for any Scorecard Check
with an annotation.</p>
<ul>
<li>:seedling: Bump github.com/ossf/scorecard/v5 from v5.0.0-rc2 to
v5.0.0 by <a
href="https://github.com/spencerschrock"><code>@​spencerschrock</code></a>
in <a
href="https://redirect.github.com/ossf/scorecard-action/pull/1410">ossf/scorecard-action#1410</a></li>
<li>:bug: lower license sarif alert threshold to 9 by <a
href="https://github.com/spencerschrock"><code>@​spencerschrock</code></a>
in <a
href="https://redirect.github.com/ossf/scorecard-action/pull/1411">ossf/scorecard-action#1411</a></li>
</ul>
<h3>Documentation</h3>
<ul>
<li>docs: dogfooding badge by <a
href="https://github.com/jkowalleck"><code>@​jkowalleck</code></a> in <a
href="https://redirect.github.com/ossf/scorecard-action/pull/1399">ossf/scorecard-action#1399</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/jkowalleck"><code>@​jkowalleck</code></a> made
their first contribution in <a
href="https://redirect.github.com/ossf/scorecard-action/pull/1399">ossf/scorecard-action#1399</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/ossf/scorecard-action/compare/v2.3.3...v2.4.0">https://github.com/ossf/scorecard-action/compare/v2.3.3...v2.4.0</a></p>
<h2>v2.3.3</h2>
<blockquote>
<p>[!NOTE]<br />
There is no v2.3.2 release as a step was skipped in the release process.
This was fixed and re-released under the v2.3.3 tag</p>
</blockquote>
<h2>What's Changed</h2>
<ul>
<li>:seedling: Bump github.com/ossf/scorecard/v4 (v4.13.1) to
github.com/ossf/scorecard/v5 (v5.0.0-rc1) by <a
href="https://github.com/spencerschrock"><code>@​spencerschrock</code></a>
in <a
href="https://redirect.github.com/ossf/scorecard-action/pull/1366">ossf/scorecard-action#1366</a></li>
<li>:seedling: Bump github.com/ossf/scorecard/v5 from v5.0.0-rc1 to
v5.0.0-rc2 by <a
href="https://github.com/spencerschrock"><code>@​spencerschrock</code></a>
in <a
href="https://redirect.github.com/ossf/scorecard-action/pull/1374">ossf/scorecard-action#1374</a></li>
<li>:seedling: Bump github.com/ossf/scorecard/v5 from v5.0.0-rc2 to
v5.0.0-rc2.0.20240509182734-7ce860946928 by <a
href="https://github.com/spencerschrock"><code>@​spencerschrock</code></a>
in <a
href="https://redirect.github.com/ossf/scorecard-action/pull/1377">ossf/scorecard-action#1377</a></li>
</ul>
<p>For a full changelist of what these include, see the <a
href="https://github.com/ossf/scorecard/releases/tag/v5.0.0-rc1">v5.0.0-rc1</a>
and <a
href="https://github.com/ossf/scorecard/releases/tag/v5.0.0-rc2">v5.0.0-rc2</a>
release notes.</p>
<h3>Documentation</h3>
<ul>
<li>:book: Move token discussion out of main README. by <a
href="https://github.com/spencerschrock"><code>@​spencerschrock</code></a>
in <a
href="https://redirect.github.com/ossf/scorecard-action/pull/1279">ossf/scorecard-action#1279</a></li>
<li>:book: link to <code>ossf/scorecard</code> workflow instead of
maintaining an example by <a
href="https://github.com/spencerschrock"><code>@​spencerschrock</code></a>
in <a
href="https://redirect.github.com/ossf/scorecard-action/pull/1352">ossf/scorecard-action#1352</a></li>
<li>:book: update api links to new scorecard.dev site by <a
href="https://github.com/spencerschrock"><code>@​spencerschrock</code></a>
in <a
href="https://redirect.github.com/ossf/scorecard-action/pull/1376">ossf/scorecard-action#1376</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/ossf/scorecard-action/compare/v2.3.1...v2.3.3">https://github.com/ossf/scorecard-action/compare/v2.3.1...v2.3.3</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/ossf/scorecard-action/commit/62b2cac7ed8198b15735ed49ab1e5cf35480ba46"><code>62b2cac</code></a>
bump docker tag to v2.4.0 for release (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1414">#1414</a>)</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/c09630c42e97d04c7cd8f69735ddf0ec53f0e189"><code>c09630c</code></a>
lower license score alert threshold to 9 (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1411">#1411</a>)</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/cf8594c5485256008de4ec57c936bd4a1a381a0b"><code>cf8594c</code></a>
:seedling: Bump github.com/sigstore/cosign/v2 from 2.2.4 to 2.3.0 (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1413">#1413</a>)</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/de5fcb95b9d8f899bc5dc11b4e202eb6a2fd67e9"><code>de5fcb9</code></a>
:seedling: Bump the github-actions group with 2 updates (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1412">#1412</a>)</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/a46b90b4caca61e2298cc4a9bd4c90d3dfe7f09d"><code>a46b90b</code></a>
bump scorecard to v5.0.0 release (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1410">#1410</a>)</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/9fc518d5249b2564cbeb11d029b87d7d1ba55396"><code>9fc518d</code></a>
:seedling: Bump golang in the docker-images group (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1407">#1407</a>)</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/a8eaa1b46e3fd7e003f79fd39dff99ca53bbe732"><code>a8eaa1b</code></a>
:seedling: Bump the github-actions group with 2 updates (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1408">#1408</a>)</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/873d5fdf63bc863d140f57ed481e6a297324030b"><code>873d5fd</code></a>
:seedling: Bump the github-actions group across 1 directory with 2
updates (#...</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/54cc1fe4e2c7bc69051a267c8e183497ca7d8da7"><code>54cc1fe</code></a>
:seedling: Bump the docker-images group with 2 updates (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1401">#1401</a>)</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/82bcb91c5d3f72aaf692a0d3e399c425a29ac512"><code>82bcb91</code></a>
:seedling: Bump golang.org/x/net from 0.26.0 to 0.27.0 (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1400">#1400</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/ossf/scorecard-action/compare/0864cf19026789058feabb7e87baa5f140aac736...62b2cac7ed8198b15735ed49ab1e5cf35480ba46">compare
view</a></li>
</ul>
</details>
<br />

Updates `crate-ci/typos` from 1.26.8 to 1.27.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/crate-ci/typos/releases">crate-ci/typos's
releases</a>.</em></p>
<blockquote>
<h2>v1.27.0</h2>
<h2>[1.27.0] - 2024-11-01</h2>
<h3>Features</h3>
<ul>
<li>Updated the dictionary with the <a
href="https://redirect.github.com/crate-ci/typos/issues/1106">October
2024</a> changes</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/crate-ci/typos/blob/master/CHANGELOG.md">crate-ci/typos's
changelog</a>.</em></p>
<blockquote>
<h1>Change Log</h1>
<p>All notable changes to this project will be documented in this
file.</p>
<p>The format is based on <a href="http://keepachangelog.com/">Keep a
Changelog</a>
and this project adheres to <a href="http://semver.org/">Semantic
Versioning</a>.</p>
<!-- raw HTML omitted -->
<h2>[Unreleased] - ReleaseDate</h2>
<h2>[1.27.0] - 2024-11-01</h2>
<h3>Features</h3>
<ul>
<li>Updated the dictionary with the <a
href="https://redirect.github.com/crate-ci/typos/issues/1106">October
2024</a> changes</li>
</ul>
<h2>[1.26.8] - 2024-10-24</h2>
<h2>[1.26.7] - 2024-10-24</h2>
<h2>[1.26.6] - 2024-10-24</h2>
<h2>[1.26.5] - 2024-10-24</h2>
<h2>[1.26.4] - 2024-10-24</h2>
<h2>[1.26.3] - 2024-10-24</h2>
<h3>Fixes</h3>
<ul>
<li>Accept <code>additionals</code></li>
</ul>
<h2>[1.26.2] - 2024-10-24</h2>
<h3>Fixes</h3>
<ul>
<li>Accept <code>tesselate</code> variants</li>
</ul>
<h2>[1.26.1] - 2024-10-23</h2>
<h3>Fixes</h3>
<ul>
<li>Respect <code>--force-exclude</code> for binary files</li>
</ul>
<h2>[1.26.0] - 2024-10-07</h2>
<h3>Compatibility</h3>
<ul>
<li><em>(pre-commit)</em> Requires 3.2+</li>
</ul>
<h3>Fixes</h3>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/crate-ci/typos/commit/d01f29c66d1bf1a08730750f61d86c210b0d039d"><code>d01f29c</code></a>
chore: Release</li>
<li><a
href="https://github.com/crate-ci/typos/commit/52e950bb130b2bdee93bba2b1973c8f7d8ac5c46"><code>52e950b</code></a>
chore: Release</li>
<li><a
href="https://github.com/crate-ci/typos/commit/19cfc03ea4e6fd581972b77eb3761351a4db7ee6"><code>19cfc03</code></a>
docs: Update changelog</li>
<li><a
href="https://github.com/crate-ci/typos/commit/f80b1564bd618fb5325b8c0d52849ac7da0bbaea"><code>f80b156</code></a>
Merge pull request <a
href="https://redirect.github.com/crate-ci/typos/issues/1140">#1140</a>
from epage/oct</li>
<li><a
href="https://github.com/crate-ci/typos/commit/6b5c8079a9416f5aba90f4cc1348921aa72d9538"><code>6b5c807</code></a>
feat(dict): Oct updates</li>
<li><a
href="https://github.com/crate-ci/typos/commit/d64f202a88f87f2e3fbbd1f5a45ab2ec3ef9b832"><code>d64f202</code></a>
chore(deps): Update compatible (<a
href="https://redirect.github.com/crate-ci/typos/issues/1137">#1137</a>)</li>
<li><a
href="https://github.com/crate-ci/typos/commit/e903c4628799da0b9fc51e03d200e4fa62ba2c0a"><code>e903c46</code></a>
Merge pull request <a
href="https://redirect.github.com/crate-ci/typos/issues/1136">#1136</a>
from PigeonF/PigeonF/push-mlqnlvmswwmp</li>
<li><a
href="https://github.com/crate-ci/typos/commit/b994765ef920d85d7a7115db2e9afce611cdcf93"><code>b994765</code></a>
chore: Fix typo &quot;potemtial&quot; -&gt; &quot;potential&quot;</li>
<li>See full diff in <a
href="https://github.com/crate-ci/typos/compare/0d9e0c2c1bd7f770f6eb90f87780848ca02fc12c...d01f29c66d1bf1a08730750f61d86c210b0d039d">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
  • Loading branch information
@dependabot
dependabot[bot] authored Nov 1, 2024
1 parent 5999037 commit 13c9a29
Show file tree
Hide file tree
Showing 6 changed files with 12 additions and 12 deletions.
4 changes: 2 additions & 2 deletions .github/workflows/benchmark.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,12 +14,12 @@ jobs:
benchmark:
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
- uses: dtolnay/rust-toolchain@7b1c307e0dcbda6122208f10795a713336a9b35a
with:
toolchain: stable
- uses: Swatinem/rust-cache@82a92a6e8fbeee089604da2575dc567ae9ddeaab
- uses: taiki-e/install-action@6d49eff78fe8ad9f571fb25522747f2d9e84be6b
- uses: taiki-e/install-action@684122deb17127bf60d1d99224e12e8fc0012210
with:
tool: cargo-codspeed

Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/links.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ jobs:
link-check:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
- name: Check for broken links
id: lychee
uses: lycheeverse/lychee-action@7cd0af4c74a61395d455af97419279d86aafaede
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/publish.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ jobs:
cargo-publish:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
- uses: dtolnay/rust-toolchain@7b1c307e0dcbda6122208f10795a713336a9b35a
with:
toolchain: stable
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/scorecard.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,12 +25,12 @@ jobs:
id-token: write

steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
persist-credentials: false

- name: Run analysis
uses: ossf/scorecard-action@0864cf19026789058feabb7e87baa5f140aac736 # v2.3.1
uses: ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46 # v2.4.0
with:
results_file: results.sarif
results_format: sarif
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/test.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,13 +18,13 @@ jobs:
matrix:
rust_version: ["1.74", "stable"]
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
- uses: dtolnay/rust-toolchain@1482605bfc5719782e1267fd0c0cc350fe7646b8
with:
toolchain: ${{ matrix.rust_version }}
components: llvm-tools-preview
- uses: Swatinem/rust-cache@82a92a6e8fbeee089604da2575dc567ae9ddeaab
- uses: taiki-e/install-action@6d49eff78fe8ad9f571fb25522747f2d9e84be6b
- uses: taiki-e/install-action@684122deb17127bf60d1d99224e12e8fc0012210
with:
tool: cargo-llvm-cov
- uses: extractions/setup-just@dd310ad5a97d8e7b41793f8ef055398d51ad4de6
Expand Down
8 changes: 4 additions & 4 deletions .github/workflows/verify.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ jobs:
lint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
- uses: dtolnay/rust-toolchain@1482605bfc5719782e1267fd0c0cc350fe7646b8
with:
toolchain: stable
Expand All @@ -23,9 +23,9 @@ jobs:
spellcheck:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
- name: check for typos
uses: crate-ci/typos@0d9e0c2c1bd7f770f6eb90f87780848ca02fc12c
uses: crate-ci/typos@d01f29c66d1bf1a08730750f61d86c210b0d039d
cargo-deny:
runs-on: ubuntu-latest
strategy:
Expand All @@ -36,7 +36,7 @@ jobs:
# Prevent sudden announcement of a new advisory from failing CI:
continue-on-error: ${{ matrix.checks == 'advisories' }}
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
- uses: EmbarkStudios/cargo-deny-action@8371184bd11e21dcf8ac82ebf8c9c9f74ebf7268
with:
command: check ${{ matrix.checks }}

0 comments on commit 13c9a29

Please sign in to comment.