Skip to content

chore(deps): bump the github-actions group with 10 updates #1

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

chore(deps): bump the github-actions group with 10 updates #1

wants to merge 1 commit into from

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github Jul 29, 2024
edited
Loading

Bumps the github-actions group with 10 updates:

Package From To
actions/checkout 3 4
actions/setup-go 3 5
github/codeql-action 2 3
labd/changie-release-action 0.3.1 0.4.0
arduino/setup-task 1 2
golangci/golangci-lint-action 3 6
codecov/codecov-action 3 4
actions/upload-artifact 2 4
goreleaser/goreleaser-action 3 6
actions/add-to-project 1.0.1 1.0.2

Updates actions/checkout from 3 to 4

Release notes

Sourced from actions/checkout's releases.

v4.0.0

What's Changed

New Contributors

Full Changelog: actions/checkout@v3...v4.0.0

v3.6.0

What's Changed

New Contributors

Full Changelog: actions/checkout@v3.5.3...v3.6.0

v3.5.3

What's Changed

New Contributors

Full Changelog: actions/checkout@v3...v3.5.3

v3.5.2

What's Changed

Full Changelog: actions/checkout@v3.5.1...v3.5.2

v3.5.1

What's Changed

New Contributors

... (truncated)

Changelog

Sourced from actions/checkout's changelog.

Changelog

v4.1.7

v4.1.6

v4.1.5

v4.1.4

v4.1.3

v4.1.2

v4.1.1

v4.1.0

v4.0.0

v3.6.0

v3.5.3

... (truncated)

Commits

Updates actions/setup-go from 3 to 5

Release notes

Sourced from actions/setup-go's releases.

v5.0.0

What's Changed

In scope of this release, we change Nodejs runtime from node16 to node20 (actions/setup-go#421). Moreover, we update some dependencies to the latest versions (actions/setup-go#445).

Besides, this release contains such changes as:

New Contributors

Full Changelog: actions/setup-go@v4...v5.0.0

v4.1.0

What's Changed

In scope of this release, slow installation on Windows was fixed by @​dsame in actions/setup-go#393 and OS version was added to primaryKey for Ubuntu runners to avoid conflicts (actions/setup-go#383)

This release also includes the following changes:

New Contributors

Full Changelog: actions/setup-go@v4...v4.1.0

v4.0.1

What's Changed

New Contributors

Full Changelog: actions/setup-go@v4...v4.0.1

v4.0.0

In scope of release we enable cache by default. The action won’t throw an error if the cache can’t be restored or saved. The action will throw a warning message but it won’t stop a build process. The cache can be disabled by specifying cache: false.

</tr></table>

... (truncated)

Commits

Updates github/codeql-action from 2 to 3

Release notes

Sourced from github/codeql-action's releases.

CodeQL Bundle v2.18.1

Bundles CodeQL CLI v2.18.1

Includes the following CodeQL language packs from github/codeql@codeql-cli/v2.18.1:

CodeQL Bundle v2.18.0

Bundles CodeQL CLI v2.18.0

Includes the following CodeQL language packs from github/codeql@codeql-cli/v2.18.0:

CodeQL Bundle v2.17.6

Bundles CodeQL CLI v2.17.6

Includes the following CodeQL language packs from github/codeql@codeql-cli/v2.17.6:

... (truncated)

Changelog

Sourced from github/codeql-action's changelog.

3.25.15 - 26 Jul 2024

  • Update default CodeQL bundle version to 2.18.1. #2385

3.25.14 - 25 Jul 2024

  • Experimental: add a new start-proxy action which starts the same HTTP proxy as used by github/dependabot-action. Do not use this in production as it is part of an internal experiment and subject to change at any time.

3.25.13 - 19 Jul 2024

  • Add codeql-version to outputs. #2368
  • Add a deprecation warning for customers using CodeQL version 2.13.4 and earlier. These versions of CodeQL were discontinued on 9 July 2024 alongside GitHub Enterprise Server 3.9, and will be unsupported by CodeQL Action versions 3.26.0 and later and versions 2.26.0 and later. #2375
    • If you are using one of these versions, please update to CodeQL CLI version 2.13.5 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version.
    • Alternatively, if you want to continue using a version of the CodeQL CLI between 2.12.6 and 2.13.4, you can replace github/codeql-action/*@v3 by github/codeql-action/*@v3.25.13 and github/codeql-action/*@v2 by github/codeql-action/*@v2.25.13 in your code scanning workflow to ensure you continue using this version of the CodeQL Action.

3.25.12 - 12 Jul 2024

  • Improve the reliability and performance of analyzing code when analyzing a compiled language with the autobuild build mode on GitHub Enterprise Server. This feature is already available to GitHub.com users. #2353
  • Update default CodeQL bundle version to 2.18.0. #2364

3.25.11 - 28 Jun 2024

  • Avoid failing the workflow run if there is an error while uploading debug artifacts. #2349
  • Update default CodeQL bundle version to 2.17.6. #2352

3.25.10 - 13 Jun 2024

  • Update default CodeQL bundle version to 2.17.5. #2327

3.25.9 - 12 Jun 2024

  • Avoid failing database creation if the database folder already exists and contains some unexpected files. Requires CodeQL 2.18.0 or higher. #2330
  • The init Action will attempt to clean up the database cluster directory before creating a new database and at the end of the job. This will help to avoid issues where the database cluster directory is left in an inconsistent state. #2332

3.25.8 - 04 Jun 2024

  • Update default CodeQL bundle version to 2.17.4. #2321

3.25.7 - 31 May 2024

  • We are rolling out a feature in May/June 2024 that will reduce the Actions cache usage of the Action by keeping only the newest TRAP cache for each language. #2306

3.25.6 - 20 May 2024

  • Update default CodeQL bundle version to 2.17.3. #2295

3.25.5 - 13 May 2024

... (truncated)

Commits
  • b400d0f Merge pull request #2355 from github/angelapwen/make-log-links-clickable
  • 736528d Add changelog note
  • 98042e7 Update default bundle to codeql-bundle-v2.18.1
  • 892ff9e Fix linting errors
  • edfef27 Further standardize doc URL messages
  • 7ad1090 Refactor all doc URLs into their own enum
  • 7cb4b5a Make all instances of doc links in logs clickable
  • 0e346f2 Merge pull request #2384 from github/dependabot/npm_and_yarn/npm-3ec7586e85
  • 4e038cc Update checked-in dependencies
  • 59c6d06 Bump the npm group with 3 updates
  • Additional commits viewable in compare view

Updates labd/changie-release-action from 0.3.1 to 0.4.0

Changelog

Sourced from labd/changie-release-action's changelog.

v0.4.0 - 2024-07-19

Added

  • Add option to specify changie version

v0.3.2 - 2024-05-17

Fixed

  • Updated peter-evans/create-pull-request to v6
Commits
  • c3368fd Release v0.4.0
  • 3abe169 Fix syntax error in workflow
  • c1daf3c Add option to specify changie version
  • cabe11e Merge pull request #13 from labd/release/v0.3.2
  • b0f2789 Merge pull request #14 from labd/dependabot/github_actions/github-actions-999...
  • e4a0bf9 chore(deps): bump the github-actions group with 3 updates
  • daabefd Release v0.3.2
  • 1a3cbd6 fix: added dependency type
  • 477d699 Merge pull request #12 from labd/fix/bump-create-pull-request
  • a2c5514 fix: added dependabot-changie.yaml
  • Additional commits viewable in compare view

Updates arduino/setup-task from 1 to 2

Release notes

Sourced from arduino/setup-task's releases.

2.0.0

Migration Guide

The version of the Node.js runtime used to execute the action has been updated from 16 to 20. This could be a breaking change for certain GitHub Actions workflows.

If a workflow with dependency on the arduino/setup-task action uses only GitHub-hosted GitHub Actions runners, no changes are required.

If the workflow uses a self-hosted runner, the workflow run might fail after updating arduino/setup-task:

Error: System.ArgumentOutOfRangeException: Specified argument was out of the range of valid values. (Parameter ''using: node20' is not supported, use 'docker', 'node12' or 'node16' instead.')
   at GitHub.Runner.Worker.ActionManifestManager.ConvertRuns(IExecutionContext executionContext, TemplateContext templateContext, TemplateToken inputsToken, String fileRelativePath, MappingToken outputs)
   at GitHub.Runner.Worker.ActionManifestManager.Load(IExecutionContext executionContext, String manifestFile)
Error: Fail to load arduino/setup-task/v2/action.yml

This means an older runner version that does not provide Node.js 20.x is installed on the runner machine and you must update the runner version.

Changelog

Breaking

  • Update Node.js runtime for action from 16 to 20 (#919)

Enhancement

Full Changeset

arduino/setup-task@1.0.3...2.0.0

Contributors

1.0.3

Changelog

Enhancement

  • Add support for all Task build architectures (43e1bb8c37ce39c24e88b4622c2f66b6d7d9ebbd)

Full Changeset

arduino/setup-task@1.0.2...1.0.3

1.0.2

Release Notes

... (truncated)

Commits
  • b91d5d2 update readme (#929)
  • f2514b0 Bump node from 16 to 20 (#919)
  • 2007903 Merge pull request #928 from arduino/dependabot/npm_and_yarn/prettier-3.2.5
  • 3f2ef95 build(deps-dev): bump prettier from 3.2.2 to 3.2.5
  • 88d658b Merge pull request #927 from arduino/dependabot/npm_and_yarn/types/node-16.18.79
  • b79a1c3 build(deps-dev): bump @​types/node from 16.18.78 to 16.18.79
  • 5abddba Merge pull request #926 from arduino/dependabot/npm_and_yarn/types/node-16.18.78
  • b3e99c0 build(deps-dev): bump @​types/node from 16.18.76 to 16.18.78
  • 4145542 Merge pull request #924 from arduino/dependabot/npm_and_yarn/typescript-eslin...
  • 10406e6 build(deps-dev): bump @​typescript-eslint/parser from 6.19.1 to 6.20.0
  • Additional commits viewable in compare view

Updates golangci/golangci-lint-action from 3 to 6

Release notes

Sourced from golangci/golangci-lint-action's releases.

v6.0.0

What's Changed

This version removes annotations option (because it was useless), and removes the default output format (github-actions). The annotations are still produced but with another approach.

Changes

Dependencies

Full Changelog: golangci/golangci-lint-action@v5.3.0...v6.0.0

v5.3.0

What's Changed

Changes

Full Changelog: golangci/golangci-lint-action@v5.2.0...v5.3.0

v5.2.0

What's Changed

Changes

Full Changelog: golangci/golangci-lint-action@v5.1.0...v5.2.0

v5.1.0

What's Changed

Changes

Dependencies

... (truncated)

Commits
  • a4f60bb fix: use 3-dots syntax for diff on push (#1040)
  • 5815a4b doc: improve readme
  • 23faadf doc: improve readme
  • b556f25 doc: improve readme
  • 789f114 feat: rewrite format handling (#1038)
  • d36b91c build(deps-dev): bump @​typescript-eslint/parser from 7.7.1 to 7.8.0 (#1035)
  • a9eb115 build(deps): bump @​types/node from 20.12.7 to 20.12.8 (#1036)
  • bd4fa7c build(deps-dev): bump @​typescript-eslint/eslint-plugin from 7.7.1 to 7.8.0 (#...
  • 38e1018 feat: improve log about pwd/cwd (#1033)
  • 21e9e6b feat: use OS and working-directory as cache key (#1032)
  • Additional commits viewable in compare view

Updates codecov/codecov-action from 3 to 4

Release notes

Sourced from codecov/codecov-action's releases.

v4.0.0

v4 of the Codecov Action uses the CLI as the underlying upload. The CLI has helped to power new features including local upload, the global upload token, and new upcoming features.

Breaking Changes

  • The Codecov Action runs as a node20 action due to node16 deprecation. See this post from GitHub on how to migrate.
  • Tokenless uploading is unsupported. However, PRs made from forks to the upstream public repos will support tokenless (e.g. contributors to OS projects do not need the upstream repo's Codecov token). This doc shows instructions on how to add the Codecov token.
  • OS platforms have been added, though some may not be automatically detected. To see a list of platforms, see our CLI download page
  • Various arguments to the Action have been changed. Please be aware that the arguments match with the CLI's needs

v3 versions and below will not have access to CLI features (e.g. global upload token, ATS).

What's Changed

@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Jul 29, 2024
@dependabot dependabot bot force-pushed the dependabot/github_actions/github-actions-07f7d81e76 branch from 992f461 to 4876d61 Compare July 30, 2024 04:58
@dependabot
chore(deps): bump the github-actions group with 10 updates
340a309 
Bumps the github-actions group with 10 updates:

| Package | From | To |
| --- | --- | --- |
| [actions/checkout](https://github.com/actions/checkout) | `3` | `4` |
| [actions/setup-go](https://github.com/actions/setup-go) | `3` | `5` |
| [github/codeql-action](https://github.com/github/codeql-action) | `2` | `3` |
| [labd/changie-release-action](https://github.com/labd/changie-release-action) | `0.3.1` | `0.4.0` |
| [arduino/setup-task](https://github.com/arduino/setup-task) | `1` | `2` |
| [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) | `3` | `6` |
| [codecov/codecov-action](https://github.com/codecov/codecov-action) | `3` | `4` |
| [actions/upload-artifact](https://github.com/actions/upload-artifact) | `2` | `4` |
| [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action) | `3` | `6` |
| [actions/add-to-project](https://github.com/actions/add-to-project) | `1.0.1` | `1.0.2` |


Updates `actions/checkout` from 3 to 4
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v3...v4)

Updates `actions/setup-go` from 3 to 5
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](actions/setup-go@v3...v5)

Updates `github/codeql-action` from 2 to 3
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@v2...v3)

Updates `labd/changie-release-action` from 0.3.1 to 0.4.0
- [Release notes](https://github.com/labd/changie-release-action/releases)
- [Changelog](https://github.com/labd/changie-release-action/blob/main/CHANGELOG.md)
- [Commits](labd/changie-release-action@v0.3.1...v0.4.0)

Updates `arduino/setup-task` from 1 to 2
- [Release notes](https://github.com/arduino/setup-task/releases)
- [Commits](arduino/setup-task@v1...v2)

Updates `golangci/golangci-lint-action` from 3 to 6
- [Release notes](https://github.com/golangci/golangci-lint-action/releases)
- [Commits](golangci/golangci-lint-action@v3...v6)

Updates `codecov/codecov-action` from 3 to 4
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](codecov/codecov-action@v3...v4)

Updates `actions/upload-artifact` from 2 to 4
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](actions/upload-artifact@v2...v4)

Updates `goreleaser/goreleaser-action` from 3 to 6
- [Release notes](https://github.com/goreleaser/goreleaser-action/releases)
- [Commits](goreleaser/goreleaser-action@v3...v6)

Updates `actions/add-to-project` from 1.0.1 to 1.0.2
- [Release notes](https://github.com/actions/add-to-project/releases)
- [Commits](actions/add-to-project@v1.0.1...v1.0.2)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: labd/changie-release-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: arduino/setup-task
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: golangci/golangci-lint-action
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: goreleaser/goreleaser-action
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: actions/add-to-project
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/github_actions/github-actions-07f7d81e76 branch from 4876d61 to 340a309 Compare August 2, 2024 11:48
@dependabot @github
Copy link
Author

dependabot bot commented on behalf of github Oct 1, 2024

Superseded by #2.

@dependabot dependabot bot closed this Oct 1, 2024
@dependabot dependabot bot deleted the dependabot/github_actions/github-actions-07f7d81e76 branch October 1, 2024 04:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant