Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

build(deps): bump the github-actions group with 7 updates #1785

Merged
merged 1 commit into from
Nov 19, 2024
Merged

build(deps): bump the github-actions group with 7 updates #1785

merged 1 commit into from
Nov 19, 2024

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 19, 2024

Bumps the github-actions group with 7 updates:

Package From To
webfactory/ssh-agent 0.4.1 0.9.0
JamesIves/github-pages-deploy-action 3.7.1 4.6.9
codecov/codecov-action 4 5
actions/github-script 0.3.0 7.0.1
docker/login-action 65b78e6e13532edd9afa3aa52ac7964289d1a9c1 7ca345011ac4304463197fac0e56eab1bc7e6af0
docker/metadata-action 9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7 115662203e5f4c9b240a57397f721baaab82a488
docker/build-push-action f2a1d5e99d037542a71f64918e516c093c6f3fc4 5e99dacf67635c4f273e532b9266ddb609b3025a

Updates webfactory/ssh-agent from 0.4.1 to 0.9.0

Release notes

Sourced from webfactory/ssh-agent's releases.

Update to node20

This release updates the action to run on Node.js v20. When you're running on GitHub hosted runners, just go ahead and update. When you're using self-hosted runners, please make sure you have Node.js v20 installed before updating from v0.8.0 to v0.9.0 of this action.

New Contributors

Full Changelog: webfactory/ssh-agent@v0.8.0...v0.9.0

What's Changed

New Contributors

Full Changelog: webfactory/ssh-agent@v0.8.0...v0.9.0

SSH host keys no longer managed – read below 👇

Starting with this release, this action no longer writes GitHub's SSH host keys into the known_hosts SSH config file upon start.

GitHub changed their host keys on short notice this morning, see https://github.blog/2023-03-23-we-updated-our-rsa-ssh-host-key/. We took this as an opportunity to stop maintaining GH SSH keys in the code shipped with this action (#171).

What you need to do:

Other code changes in this release

New Contributors

Full Changelog: webfactory/ssh-agent@v0.7.0...v0.8.0

... (truncated)

Changelog

Sourced from webfactory/ssh-agent's changelog.

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

[Unreleased]

v0.7.0 [2022-10-19]

Added

  • Add the log-public-key input that can be used to turn off logging key identities (#122)

Fixed

  • Fix path to git binary on Windows, assuming GitHub-hosted runners (#136, #137)
  • Fix a nonsensical log message (#139)

v0.6.0 [2022-10-19]

Changed

v0.5.4 [2021-11-21]

Fixed

  • Update changed GitHub Host Keys (#102, #101)

Changed

  • Various documentation (README) improvements and additions
  • Change logging to more precisely state that public keys are being printed

v0.5.3 [2021-06-11]

Fixed

  • Fixed cleanup phase to really terminate the ssh-agent (#80)
  • Fix termination of ssh-agent also on workflow failure (#79)

Changed

  • Various documentation (README) improvements and additions

v0.5.2 [2021-04-07]

... (truncated)

Commits
  • dc588b6 Update version numbers in the README examples
  • 204eb35 Bump to node20 (#201)
  • 9f6f312 chore: update all versions of actions/checkout to v4 (#199)
  • 2e59dd7 Remove outdated claim from README (#206)
  • fd34b8d Update README.md to reflect latest version (#196)
  • d4b9b8f Stop adding GitHub SSH keys (#171)
  • ea17a05 Add missing semicolons (#159)
  • 9fbc246 Clarify usage for Docker build processes, especially with deployment keys (#145)
  • 6f828cc Allow the user to override the commands for git, ssh-agent, and ssh-add...
  • 209e2d7 Fix a typo in the README.md (#146)
  • Additional commits viewable in compare view

Updates JamesIves/github-pages-deploy-action from 3.7.1 to 4.6.9

Release notes

Sourced from JamesIves/github-pages-deploy-action's releases.

v4.6.9

What's Changed

Dependencies 🤖

  • chore(deps): mass bump dependencies
  • chore(deps): switch to using .node-version instead of .nvmrc for Node dependency management.
  • chore(deps): updated node version to 22.11.0 for development

Full Changelog: JamesIves/github-pages-deploy-action@v4...v4.6.9

v4.6.8

What's Changed

Bug Fixes 🐝

  • fix: 🐛 Added the temp deployment directory created by the action to the git safe directory list. This resolves an issue in certain circumstances where the deployment would fail depending on the types of files moved around by the workflow - #1694.
  • fix: Resolved a rare deployment error where the action would complain that origin/${branch_name} is not a commit and a branch cannot be created from it. The action will continue to attempt to track the origin branch, but if this step fails, it will create a new untracked branch to continue the deployment from. - #1689.

Testing 🧪

  • test: 🧪 Improved the integration test suite so it now runs immediately post-release to ensure that any issues do no longer in the major version tag (ie @v4). This was done to combat problems raised by #1697.

Full Changelog: JamesIves/github-pages-deploy-action@v4...v4.6.8

v4.6.7

What's Changed

Bug Fixes 🐝

  • fix: resolved an issue where main.js was not found in the v4 major tag.

v4.6.6

What's Changed

Bug Fixes 🐝

  • revert: reverts a prior change that unsets safe directories to prevent dubious ownership, this change will be re-visited later.

v4.6.5

What's Changed

What's Changed

Bug Fixes 🐝

  • fix: resolved an issue where the full working directory was not properly getting added to the safe directory list, preventing deployments in certain circumstances.

Full Changelog: JamesIves/github-pages-deploy-action@v4...v4.6.5

v4.6.4

... (truncated)

Commits

Updates codecov/codecov-action from 4 to 5

Release notes

Sourced from codecov/codecov-action's releases.

v5.0.0

v5 Release

v5 of the Codecov GitHub Action will use the Codecov Wrapper to encapsulate the CLI. This will help ensure that the Action gets updates quicker.

Migration Guide

The v5 release also coincides with the opt-out feature for tokens for public repositories. In the Global Upload Token section of the settings page of an organization in codecov.io, you can set the ability for Codecov to receive a coverage reports from any source. This will allow contributors or other members of a repository to upload without needing access to the Codecov token. For more details see how to upload without a token.

[!WARNING]
The following arguments have been changed

  • file (this has been deprecated in favor of files)
  • plugin (this has been deprecated in favor of plugins)

The following arguments have been added:

  • binary
  • gcov_args
  • gcov_executable
  • gcov_ignore
  • gcov_include
  • report_type
  • skip_validation
  • swift_project

You can see their usage in the action.yml file.

What's Changed

... (truncated)

Changelog

Sourced from codecov/codecov-action's changelog.

4.0.0-beta.2

Fixes

  • #1085 not adding -n if empty to do-upload command

4.0.0-beta.1

v4 represents a move from the universal uploader to the Codecov CLI. Although this will unlock new features for our users, the CLI is not yet at feature parity with the universal uploader.

Breaking Changes

  • No current support for aarch64 and alpine architectures.
  • Tokenless uploading is unsuported
  • Various arguments to the Action have been removed

3.1.4

Fixes

  • #967 Fix typo in README.md
  • #971 fix: add back in working dir
  • #969 fix: CLI option names for uploader

Dependencies

  • #970 build(deps-dev): bump @​types/node from 18.15.12 to 18.16.3
  • #979 build(deps-dev): bump @​types/node from 20.1.0 to 20.1.2
  • #981 build(deps-dev): bump @​types/node from 20.1.2 to 20.1.4

3.1.3

Fixes

  • #960 fix: allow for aarch64 build

Dependencies

  • #957 build(deps-dev): bump jest-junit from 15.0.0 to 16.0.0
  • #958 build(deps): bump openpgp from 5.7.0 to 5.8.0
  • #959 build(deps-dev): bump @​types/node from 18.15.10 to 18.15.12

3.1.2

Fixes

  • #718 Update README.md
  • #851 Remove unsupported path_to_write_report argument
  • #898 codeql-analysis.yml
  • #901 Update README to contain correct information - inputs and negate feature
  • #955 fix: add in all the extra arguments for uploader

Dependencies

  • #819 build(deps): bump openpgp from 5.4.0 to 5.5.0
  • #835 build(deps): bump node-fetch from 3.2.4 to 3.2.10
  • #840 build(deps): bump ossf/scorecard-action from 1.1.1 to 2.0.4
  • #841 build(deps): bump @​actions/core from 1.9.1 to 1.10.0
  • #843 build(deps): bump @​actions/github from 5.0.3 to 5.1.1
  • #869 build(deps): bump node-fetch from 3.2.10 to 3.3.0
  • #872 build(deps-dev): bump jest-junit from 13.2.0 to 15.0.0
  • #879 build(deps): bump decode-uri-component from 0.2.0 to 0.2.2

... (truncated)

Commits

Updates actions/github-script from 0.3.0 to 7.0.1

Release notes

Sourced from actions/github-script's releases.

v7.0.1

What's Changed

Full Changelog: actions/github-script@v7.0.0...v7.0.1

v7.0.0

What's Changed

New Contributors

Full Changelog: actions/github-script@v6.4.1...v7.0.0

v6.4.1

What's Changed

New Contributors

Full Changelog: actions/github-script@v6.4.0...v6.4.1

v6.4.0

What's Changed

New Contributors

Full Changelog: actions/github-script@v6.3.3...v6.4.0

v6.3.3

What's Changed

New Contributors

... (truncated)

Commits
  • 60a0d83 Merge pull request #440 from actions/joshmgross/v7.0.1
  • b7fb200 Update version to 7.0.1
  • 12e22ed Merge pull request #439 from actions/joshmgross/avoid-setting-base-url
  • d319f8f Avoid setting baseUrl to undefined when input is not provided
  • e69ef54 Merge pull request #425 from actions/joshmgross/node-20
  • ee0914b Update licenses
  • d6fc56f Use @types/node for Node 20
  • 384d6cf Fix quotations in tests
  • 8472492 Only validate GraphQL previews
  • 84903f5 Remove node-fetch from type
  • Additional commits viewable in compare view

Updates docker/login-action from 65b78e6e13532edd9afa3aa52ac7964289d1a9c1 to 7ca345011ac4304463197fac0e56eab1bc7e6af0

Commits
  • 7ca3450 Merge pull request #806 from docker/dependabot/npm_and_yarn/docker/actions-to...
  • 02b671a build(deps): bump @​docker/actions-toolkit from 0.40.0 to 0.42.0
  • 0689575 Merge pull request #800 from crazy-max/publish-immutable-action
  • 02c9ff3 ci: publish as immutable action workflow
  • 5d8785b Merge pull request #801 from docker/dependabot/npm_and_yarn/docker/actions-to...
  • 7a65d3d chore: update generated content
  • bd2f409 build(deps): bump @​docker/actions-toolkit from 0.35.0 to 0.40.0
  • 9fd0581 Merge pull request #791 from docker/dependabot/npm_and_yarn/actions/core-1.11.1
  • eefb7e8 chore: update generated content
  • cb13d66 build(deps): bump @​actions/core from 1.10.1 to 1.11.1
  • Additional commits viewable in compare view

Updates docker/metadata-action from 9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7 to 115662203e5f4c9b240a57397f721baaab82a488

Commits
  • 1156622 Merge pull request #474 from docker/dependabot/npm_and_yarn/cross-spawn-7.0.5
  • 95ea8d0 chore(deps): Bump cross-spawn from 7.0.3 to 7.0.5
  • a4c10ad Merge pull request #473 from docker/dependabot/github_actions/codecov/codecov...
  • c85c22a Merge pull request #471 from trim21/commit-date
  • 526d403 feat: add variable commit_date
  • 86622a9 chore(deps): Bump codecov/codecov-action from 4 to 5
  • 44d81d6 Merge pull request #472 from crazy-max/ci-context
  • 9aaeb62 ci: context job
  • 32323e5 Merge pull request #470 from docker/dependabot/npm_and_yarn/docker/actions-to...
  • 3d8d1d9 chore: update generated content
  • Additional commits viewable in compare view

Updates docker/build-push-action from f2a1d5e99d037542a71f64918e516c093c6f3fc4 to 5e99dacf67635c4f273e532b9266ddb609b3025a

Commits
  • 5e99dac Merge pull request #1245 from crazy-max/publish-immutable-action
  • b249570 ci: publish as immutable action workflow
  • 4f58ea7 Merge pull request #1234 from docker/dependabot/npm_and_yarn/docker/actions-t...
  • 49b5ea6 chore: update generated content
  • 13c9fdd chore(deps): Bump @​docker/actions-toolkit from 0.38.0 to 0.39.0
  • e44afff Merge pull request #1232 from docker/dependabot/npm_and_yarn/path-to-regexp-6...
  • 67ebad3 chore(deps): Bump path-to-regexp from 6.2.2 to 6.3.0
  • 32945a3 Merge pull request #1230 from docker/dependabot/npm_and_yarn/docker/actions-t...
  • e0fe9cf chore: update generated content
  • 8f1ff6b chore(deps): Bump @​docker/actions-toolkit from 0.37.1 to 0.38.0
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
build(deps): bump the github-actions group with 7 updates
65a3c80 
Bumps the github-actions group with 7 updates:

| Package | From | To |
| --- | --- | --- |
| [webfactory/ssh-agent](https://github.com/webfactory/ssh-agent) | `0.4.1` | `0.9.0` |
| [JamesIves/github-pages-deploy-action](https://github.com/jamesives/github-pages-deploy-action) | `3.7.1` | `4.6.9` |
| [codecov/codecov-action](https://github.com/codecov/codecov-action) | `4` | `5` |
| [actions/github-script](https://github.com/actions/github-script) | `0.3.0` | `7.0.1` |
| [docker/login-action](https://github.com/docker/login-action) | `65b78e6e13532edd9afa3aa52ac7964289d1a9c1` | `7ca345011ac4304463197fac0e56eab1bc7e6af0` |
| [docker/metadata-action](https://github.com/docker/metadata-action) | `9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7` | `115662203e5f4c9b240a57397f721baaab82a488` |
| [docker/build-push-action](https://github.com/docker/build-push-action) | `f2a1d5e99d037542a71f64918e516c093c6f3fc4` | `5e99dacf67635c4f273e532b9266ddb609b3025a` |


Updates `webfactory/ssh-agent` from 0.4.1 to 0.9.0
- [Release notes](https://github.com/webfactory/ssh-agent/releases)
- [Changelog](https://github.com/webfactory/ssh-agent/blob/master/CHANGELOG.md)
- [Commits](webfactory/ssh-agent@v0.4.1...v0.9.0)

Updates `JamesIves/github-pages-deploy-action` from 3.7.1 to 4.6.9
- [Release notes](https://github.com/jamesives/github-pages-deploy-action/releases)
- [Commits](JamesIves/github-pages-deploy-action@3.7.1...v4.6.9)

Updates `codecov/codecov-action` from 4 to 5
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](codecov/codecov-action@v4...v5)

Updates `actions/github-script` from 0.3.0 to 7.0.1
- [Release notes](https://github.com/actions/github-script/releases)
- [Commits](actions/github-script@0.3.0...v7.0.1)

Updates `docker/login-action` from 65b78e6e13532edd9afa3aa52ac7964289d1a9c1 to 7ca345011ac4304463197fac0e56eab1bc7e6af0
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](docker/login-action@65b78e6...7ca3450)

Updates `docker/metadata-action` from 9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7 to 115662203e5f4c9b240a57397f721baaab82a488
- [Release notes](https://github.com/docker/metadata-action/releases)
- [Commits](docker/metadata-action@9ec57ed...1156622)

Updates `docker/build-push-action` from f2a1d5e99d037542a71f64918e516c093c6f3fc4 to 5e99dacf67635c4f273e532b9266ddb609b3025a
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](docker/build-push-action@f2a1d5e...5e99dac)

---
updated-dependencies:
- dependency-name: webfactory/ssh-agent
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: JamesIves/github-pages-deploy-action
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: actions/github-script
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: docker/login-action
  dependency-type: direct:production
  dependency-group: github-actions
- dependency-name: docker/metadata-action
  dependency-type: direct:production
  dependency-group: github-actions
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the topic: ci Related to CI label Nov 19, 2024
@felixdittrich92
Copy link
Contributor

@dependabot squash and merge

@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Nov 19, 2024

Dependabot tried to merge this PR, but received the following error from GitHub:

You're not authorized to push to this branch. Visit https://docs.github.com/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches for more information.

@felixdittrich92 felixdittrich92 merged commit 63dfbc9 into main Nov 19, 2024
68 checks passed
@dependabot dependabot bot deleted the dependabot/github_actions/main/github-actions-5635e09f63 branch November 19, 2024 13:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@felixdittrich92 felixdittrich92 felixdittrich92 approved these changes

@charlesmindee charlesmindee Awaiting requested review from charlesmindee

@frgfm frgfm Awaiting requested review from frgfm

@odulcy-mindee odulcy-mindee Awaiting requested review from odulcy-mindee

Assignees
No one assigned
Labels
topic: ci Related to CI
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@felixdittrich92