From 8c7393cbbbba7a5d38c6772371f92d6b38e433fc Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 1 Apr 2024 02:13:05 +0000
Subject: [PATCH 1/7] Bump actions/checkout from 4.1.1 to 4.1.2 (#83)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.1 to 4.1.2.
Release notes
Sourced from actions/checkout's releases.
v4.1.2
We are investigating the following issue with this release and have rolled-back the v4 tag to point to v4.1.1
What's Changed
New Contributors
Full Changelog: https://github.com/actions/checkout/compare/v4.1.1...v4.1.2
Changelog
Sourced from actions/checkout's changelog.
Changelog
v4.1.2
v4.1.1
v4.1.0
v4.0.0
v3.6.0
v3.5.3
v3.5.2
v3.5.1
v3.5.0
v3.4.0
v3.3.0
v3.2.0
... (truncated)
Commits
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
---
.github/workflows/test-package.yml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/.github/workflows/test-package.yml b/.github/workflows/test-package.yml
index fb748d7..a090316 100644
--- a/.github/workflows/test-package.yml
+++ b/.github/workflows/test-package.yml
@@ -22,7 +22,7 @@ jobs:
matrix:
sdk: [dev]
steps:
- - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
+ - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633
- uses: dart-lang/setup-dart@fedb1266e91cf51be2fdb382869461a434b920a3
with:
sdk: ${{ matrix.sdk }}
@@ -49,7 +49,7 @@ jobs:
os: [ubuntu-latest]
sdk: [3.0.0, dev]
steps:
- - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
+ - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633
- uses: dart-lang/setup-dart@fedb1266e91cf51be2fdb382869461a434b920a3
with:
sdk: ${{ matrix.sdk }}
From 82e3b6dfd3b61f003023e845c099d0b60c85edd4 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 1 May 2024 02:11:08 +0000
Subject: [PATCH 2/7] Bump actions/checkout from 4.1.2 to 4.1.4 (#84)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.2 to 4.1.4.
Release notes
Sourced from actions/checkout's releases.
v4.1.4
What's Changed
Full Changelog: https://github.com/actions/checkout/compare/v4.1.3...v4.1.4
v4.1.3
What's Changed
Full Changelog: https://github.com/actions/checkout/compare/v4.1.2...v4.1.3
Changelog
Sourced from actions/checkout's changelog.
Changelog
v4.1.4
v4.1.3
v4.1.2
v4.1.1
v4.1.0
v4.0.0
v3.6.0
v3.5.3
v3.5.2
v3.5.1
v3.5.0
v3.4.0
... (truncated)
Commits
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
---
.github/workflows/test-package.yml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/.github/workflows/test-package.yml b/.github/workflows/test-package.yml
index a090316..ee7dc66 100644
--- a/.github/workflows/test-package.yml
+++ b/.github/workflows/test-package.yml
@@ -22,7 +22,7 @@ jobs:
matrix:
sdk: [dev]
steps:
- - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633
+ - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b
- uses: dart-lang/setup-dart@fedb1266e91cf51be2fdb382869461a434b920a3
with:
sdk: ${{ matrix.sdk }}
@@ -49,7 +49,7 @@ jobs:
os: [ubuntu-latest]
sdk: [3.0.0, dev]
steps:
- - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633
+ - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b
- uses: dart-lang/setup-dart@fedb1266e91cf51be2fdb382869461a434b920a3
with:
sdk: ${{ matrix.sdk }}
From 5b3708eb633593b30868871301e8e15d344d7585 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 1 May 2024 15:21:32 +0000
Subject: [PATCH 3/7] Bump dart-lang/setup-dart from 1.6.2 to 1.6.4 (#85)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Bumps [dart-lang/setup-dart](https://github.com/dart-lang/setup-dart) from 1.6.2 to 1.6.4.
Release notes
Sourced from dart-lang/setup-dart's releases.
v1.6.4
- Rebuild JS code to include changes from v1.6.3
v1.6.3
Changelog
Sourced from dart-lang/setup-dart's changelog.
v1.6.4
v1.6.3
v1.6.2
v1.6.1
- Updated the google storage url for
main channel releases.
v1.6.0
- Enable provisioning of the latest Dart SDK patch release by specifying just
the major and minor version (e.g.
3.2).
v1.5.1
- No longer test the
setup-dart action on pre-2.12 SDKs.
- Upgrade JS interop code to use extension types
(the new name for inline classes).
- The upcoming rename of the
be channel to main is now supported with
forward compatibility that switches when the rename happens.
v1.5.0
- Re-wrote the implementation of the action into Dart.
- Auto-detect the platform architecture (
x64, ia32, arm, arm64).
- Improved the caching and download resilience of the sdk.
- Added a new action output:
dart-version - the installed version of the sdk.
v1.4.0
- Automatically create OIDC token for pub.dev.
- Add a reusable workflow for publishing.
v1.3.0
- The install location of the Dart SDK is now available
... (truncated)
Commits
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
---
.github/workflows/test-package.yml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/.github/workflows/test-package.yml b/.github/workflows/test-package.yml
index ee7dc66..0366d58 100644
--- a/.github/workflows/test-package.yml
+++ b/.github/workflows/test-package.yml
@@ -23,7 +23,7 @@ jobs:
sdk: [dev]
steps:
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b
- - uses: dart-lang/setup-dart@fedb1266e91cf51be2fdb382869461a434b920a3
+ - uses: dart-lang/setup-dart@f0ead981b4d9a35b37f30d36160575d60931ec30
with:
sdk: ${{ matrix.sdk }}
- id: install
@@ -50,7 +50,7 @@ jobs:
sdk: [3.0.0, dev]
steps:
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b
- - uses: dart-lang/setup-dart@fedb1266e91cf51be2fdb382869461a434b920a3
+ - uses: dart-lang/setup-dart@f0ead981b4d9a35b37f30d36160575d60931ec30
with:
sdk: ${{ matrix.sdk }}
- id: install
From 9c4cb6f7649bd9328369b73f3c72eeb0ed468036 Mon Sep 17 00:00:00 2001
From: Devon Carew
Date: Mon, 13 May 2024 10:35:58 -0700
Subject: [PATCH 4/7] blast_repo fixes (#86)
dependabot
---
.github/dependabot.yml | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 725f03a..cde02ad 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -9,3 +9,7 @@ updates:
interval: monthly
labels:
- autosubmit
+ groups:
+ github-actions:
+ patterns:
+ - "*"
From fb1958ca880d650972e124222d3d9e41bd35c76c Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 13 May 2024 17:39:15 +0000
Subject: [PATCH 5/7] Bump actions/checkout from 4.1.4 to 4.1.5 in the
github-actions group (#87)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Bumps the github-actions group with 1 update: [actions/checkout](https://github.com/actions/checkout).
Updates `actions/checkout` from 4.1.4 to 4.1.5
Release notes
Sourced from actions/checkout's releases.
v4.1.5
What's Changed
Full Changelog: https://github.com/actions/checkout/compare/v4.1.4...v4.1.5
Commits
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
- `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
- `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency
- `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
---
.github/workflows/test-package.yml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/.github/workflows/test-package.yml b/.github/workflows/test-package.yml
index 0366d58..b488fb1 100644
--- a/.github/workflows/test-package.yml
+++ b/.github/workflows/test-package.yml
@@ -22,7 +22,7 @@ jobs:
matrix:
sdk: [dev]
steps:
- - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b
+ - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b
- uses: dart-lang/setup-dart@f0ead981b4d9a35b37f30d36160575d60931ec30
with:
sdk: ${{ matrix.sdk }}
@@ -49,7 +49,7 @@ jobs:
os: [ubuntu-latest]
sdk: [3.0.0, dev]
steps:
- - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b
+ - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b
- uses: dart-lang/setup-dart@f0ead981b4d9a35b37f30d36160575d60931ec30
with:
sdk: ${{ matrix.sdk }}
From d14f9654f7a5d6baa7dcc27691bd0fa56769fb67 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Sun, 2 Jun 2024 18:51:00 +0000
Subject: [PATCH 6/7] Bump actions/checkout from 4.1.5 to 4.1.6 in the
github-actions group (#88)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Bumps the github-actions group with 1 update: [actions/checkout](https://github.com/actions/checkout).
Updates `actions/checkout` from 4.1.5 to 4.1.6
Release notes
Sourced from actions/checkout's releases.
v4.1.6
What's Changed
Full Changelog: https://github.com/actions/checkout/compare/v4.1.5...v4.1.6
Changelog
Sourced from actions/checkout's changelog.
Changelog
v4.1.6
v4.1.5
v4.1.4
v4.1.3
v4.1.2
v4.1.1
v4.1.0
v4.0.0
v3.6.0
v3.5.3
v3.5.2
v3.5.1
... (truncated)
Commits
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
- `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
- `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency
- `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
---
.github/workflows/test-package.yml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/.github/workflows/test-package.yml b/.github/workflows/test-package.yml
index b488fb1..4638220 100644
--- a/.github/workflows/test-package.yml
+++ b/.github/workflows/test-package.yml
@@ -22,7 +22,7 @@ jobs:
matrix:
sdk: [dev]
steps:
- - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b
+ - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29
- uses: dart-lang/setup-dart@f0ead981b4d9a35b37f30d36160575d60931ec30
with:
sdk: ${{ matrix.sdk }}
@@ -49,7 +49,7 @@ jobs:
os: [ubuntu-latest]
sdk: [3.0.0, dev]
steps:
- - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b
+ - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29
- uses: dart-lang/setup-dart@f0ead981b4d9a35b37f30d36160575d60931ec30
with:
sdk: ${{ matrix.sdk }}
From c90e624f655798eaff94a041ec589ca39462e1f1 Mon Sep 17 00:00:00 2001
From: Kevin Moore
Date: Thu, 20 Jun 2024 10:30:58 -0700
Subject: [PATCH 7/7] blast_repo fixes (#89)
auto-publish, github-actions, no-response
---
.github/workflows/no-response.yml | 37 ++++++++++++++++++++++++++++++
.github/workflows/publish.yaml | 17 ++++++++++++++
.github/workflows/test-package.yml | 4 ++--
3 files changed, 56 insertions(+), 2 deletions(-)
create mode 100644 .github/workflows/no-response.yml
create mode 100644 .github/workflows/publish.yaml
diff --git a/.github/workflows/no-response.yml b/.github/workflows/no-response.yml
new file mode 100644
index 0000000..ab1ac49
--- /dev/null
+++ b/.github/workflows/no-response.yml
@@ -0,0 +1,37 @@
+# A workflow to close issues where the author hasn't responded to a request for
+# more information; see https://github.com/actions/stale.
+
+name: No Response
+
+# Run as a daily cron.
+on:
+ schedule:
+ # Every day at 8am
+ - cron: '0 8 * * *'
+
+# All permissions not specified are set to 'none'.
+permissions:
+ issues: write
+ pull-requests: write
+
+jobs:
+ no-response:
+ runs-on: ubuntu-latest
+ if: ${{ github.repository_owner == 'dart-lang' }}
+ steps:
+ - uses: actions/stale@28ca1036281a5e5922ead5184a1bbf96e5fc984e
+ with:
+ # Don't automatically mark inactive issues+PRs as stale.
+ days-before-stale: -1
+ # Close needs-info issues and PRs after 14 days of inactivity.
+ days-before-close: 14
+ stale-issue-label: "needs-info"
+ close-issue-message: >
+ Without additional information we're not able to resolve this issue.
+ Feel free to add more info or respond to any questions above and we
+ can reopen the case. Thanks for your contribution!
+ stale-pr-label: "needs-info"
+ close-pr-message: >
+ Without additional information we're not able to resolve this PR.
+ Feel free to add more info or respond to any questions above.
+ Thanks for your contribution!
diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml
new file mode 100644
index 0000000..27157a0
--- /dev/null
+++ b/.github/workflows/publish.yaml
@@ -0,0 +1,17 @@
+# A CI configuration to auto-publish pub packages.
+
+name: Publish
+
+on:
+ pull_request:
+ branches: [ master ]
+ push:
+ tags: [ 'v[0-9]+.[0-9]+.[0-9]+' ]
+
+jobs:
+ publish:
+ if: ${{ github.repository_owner == 'dart-lang' }}
+ uses: dart-lang/ecosystem/.github/workflows/publish.yaml@main
+ permissions:
+ id-token: write # Required for authentication using OIDC
+ pull-requests: write # Required for writing the pull request note
diff --git a/.github/workflows/test-package.yml b/.github/workflows/test-package.yml
index 4638220..b214faa 100644
--- a/.github/workflows/test-package.yml
+++ b/.github/workflows/test-package.yml
@@ -22,7 +22,7 @@ jobs:
matrix:
sdk: [dev]
steps:
- - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29
+ - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
- uses: dart-lang/setup-dart@f0ead981b4d9a35b37f30d36160575d60931ec30
with:
sdk: ${{ matrix.sdk }}
@@ -49,7 +49,7 @@ jobs:
os: [ubuntu-latest]
sdk: [3.0.0, dev]
steps:
- - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29
+ - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
- uses: dart-lang/setup-dart@f0ead981b4d9a35b37f30d36160575d60931ec30
with:
sdk: ${{ matrix.sdk }}