Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): Bump the github-actions group with 4 updates #43921

Merged
merged 1 commit into from
Mar 1, 2024
Merged

chore(deps): Bump the github-actions group with 4 updates #43921

merged 1 commit into from
Mar 1, 2024

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 29, 2024
edited
Loading

Bumps the github-actions group with 4 updates: andstor/file-existence-action, cypress-io/github-action, codecov/codecov-action and peter-evans/create-pull-request.

Updates andstor/file-existence-action from 2.0.0 to 3.0.0

Release notes

Sourced from andstor/file-existence-action's releases.

v3.0.0

Changed

  • Updated to the node20 runtime by default
Commits

Updates cypress-io/github-action from 6.6.0 to 6.6.1

Release notes

Sourced from cypress-io/github-action's releases.

v6.6.1

6.6.1 (2024-01-18)

Bug Fixes

  • deps: update cycjimmy/semantic-release-action to v4 (#1112) (1b70233)
Commits
  • 1b70233 fix(deps): update cycjimmy/semantic-release-action to v4 (#1112)
  • 32df80b test(deps): update action/cache to v4 (#1111)
  • 03f1f60 chore(deps): update dependency prettier to v3.2.4 (#1109)
  • c5d9431 chore(deps): update cypress to 13.6.3 (#1110)
  • 3d4376e chore(deps): update follow-redirects to resolve vulnerability (#1106)
  • 632b42e chore(deps): update dependency @​types/node to v20.10.8 (#1105)
  • 58e9fea chore(deps): update vite to resolve vulnerability (#1104)
  • a23cea4 chore(deps): update cypress to 13.6.2 (#1103)
  • 691a66e chore(deps): update dependency @​types/node to v20.10.6 (#1092)
  • 4ef4686 test(deps): update github action upload-artifact to v4 (#1098)
  • Additional commits viewable in compare view

Updates codecov/codecov-action from 3 to 4

Release notes

Sourced from codecov/codecov-action's releases.

v4.0.0

v4 of the Codecov Action uses the CLI as the underlying upload. The CLI has helped to power new features including local upload, the global upload token, and new upcoming features.

Breaking Changes

  • The Codecov Action runs as a node20 action due to node16 deprecation. See this post from GitHub on how to migrate.
  • Tokenless uploading is unsupported. However, PRs made from forks to the upstream public repos will support tokenless (e.g. contributors to OS projects do not need the upstream repo's Codecov token). This doc shows instructions on how to add the Codecov token.
  • OS platforms have been added, though some may not be automatically detected. To see a list of platforms, see our CLI download page
  • Various arguments to the Action have been changed. Please be aware that the arguments match with the CLI's needs

v3 versions and below will not have access to CLI features (e.g. global upload token, ATS).

What's Changed

... (truncated)

Commits
  • 54bcd87 chore(release): v4.1.0 (#1307)
  • 8ba77ef build(deps-dev): bump eslint from 8.56.0 to 8.57.0 (#1305)
  • c60aa80 build(deps): bump github/codeql-action from 3.24.3 to 3.24.5 (#1306)
  • 2fc4847 fix: set safe directory (#1304)
  • 0cfda1d chore(release): bump to 4.0.2 (#1302)
  • 7d3a55e build(deps): bump actions/upload-artifact from 4.3.0 to 4.3.1 (#1286)
  • fe84a0b build(deps-dev): bump @​typescript-eslint/eslint-plugin from 6.21.0 to 7.0.0 (...
  • e12c940 Use updated syntax for GitHub Markdown notes (#1300)
  • ef7f8a5 build(deps): bump github/codeql-action from 3.24.0 to 3.24.3 (#1298)
  • b8a1d6a build(deps-dev): bump @​typescript-eslint/eslint-plugin from 6.20.0 to 6.21.0 ...
  • Additional commits viewable in compare view

Updates peter-evans/create-pull-request from 5.0.2 to 6.0.1

Release notes

Sourced from peter-evans/create-pull-request's releases.

Create Pull Request v6.0.1

⚙️ Fixes an issue where updating a pull request leads to the error Cannot read properties of undefined (reading 'number'). This was likely caused by GitHub fixing a long standing bug with an API endpoint, resulting in a breaking change.

What's Changed

Full Changelog: peter-evans/create-pull-request@v6.0.0...v6.0.1

Create Pull Request v6.0.0

Behaviour changes

  • The default values for author and committer have changed. See "What's new" below for details. If you are overriding the default values you will not be affected by this change.
  • On completion, the action now removes the temporary git remote configuration it adds when using push-to-fork. This should not affect you unless you were using the temporary configuration for some other purpose after the action completes.

What's new

  • Updated runtime to Node.js 20
    • The action now requires a minimum version of v2.308.0 for the Actions runner. Update self-hosted runners to v2.308.0 or later to ensure compatibility.
  • The default value for author has been changed to ${{ github.actor }} <${{ github.actor_id }}+${{ github.actor }}@users.noreply.github.com>. The change adds the ${{ github.actor_id }}+ prefix to the email address to align with GitHub's standard format for the author email address.
  • The default value for committer has been changed to github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>. This is to align with the default GitHub Actions bot user account.
  • Adds input git-token, the Personal Access Token (PAT) that the action will use for git operations. This input defaults to the value of token. Use this input if you would like the action to use a different token for git operations than the one used for the GitHub API.
  • push-to-fork now supports pushing to sibling repositories in the same network.
  • Previously, when using push-to-fork, the action did not remove temporary git remote configuration it adds during execution. This has been fixed and the configuration is now removed when the action completes.
  • If the pull request body is truncated due to exceeding the maximum length, the action will now suffix the body with the message "...[Pull request body truncated]" to indicate that the body has been truncated.
  • The action now uses --unshallow only when necessary, rather than as a default argument of git fetch. This should improve performance, particularly for large git repositories with extensive commit history.
  • The action can now be executed on one GitHub server and create pull requests on a different GitHub server. Server products include GitHub hosted (github.com), GitHub Enterprise Server (GHES), and GitHub Enterprise Cloud (GHEC). For example, the action can be executed on GitHub hosted and create pull requests on a GHES or GHEC instance.

What's Changed

New Contributors

... (truncated)

Commits
  • a4f52f8 fix: list pulls using the correct head format (#2792)
  • 853c071 build(deps-dev): bump eslint from 8.56.0 to 8.57.0 (#2781)
  • d2c126e build(deps-dev): bump @​types/node from 18.19.17 to 18.19.18 (#2780)
  • 43d39c6 build(deps-dev): bump @​types/node from 18.19.15 to 18.19.17 (#2768)
  • 5a9d206 build(deps-dev): bump eslint-plugin-jest from 27.6.3 to 27.9.0 (#2769)
  • e0743ed build(deps-dev): bump @​types/node from 18.19.14 to 18.19.15 (#2759)
  • e1529cb build(deps): bump peter-evans/create-pull-request from 5 to 6 (#2747)
  • aad52e8 build(deps): bump peter-evans/slash-command-dispatch from 3 to 4 (#2748)
  • a64ebdd build(deps-dev): bump @​types/node from 18.19.10 to 18.19.14 (#2732)
  • 51b40af build(deps-dev): bump prettier from 3.2.4 to 3.2.5 (#2731)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot will merge this PR once CI passes on it, as requested by @skjnldsv.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): Bump the github-actions group with 4 updates
3586d1e 
Bumps the github-actions group with 4 updates: [andstor/file-existence-action](https://github.com/andstor/file-existence-action), [cypress-io/github-action](https://github.com/cypress-io/github-action), [codecov/codecov-action](https://github.com/codecov/codecov-action) and [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request).


Updates `andstor/file-existence-action` from 2.0.0 to 3.0.0
- [Release notes](https://github.com/andstor/file-existence-action/releases)
- [Commits](andstor/file-existence-action@20b4d2e...076e007)

Updates `cypress-io/github-action` from 6.6.0 to 6.6.1
- [Release notes](https://github.com/cypress-io/github-action/releases)
- [Changelog](https://github.com/cypress-io/github-action/blob/master/CHANGELOG.md)
- [Commits](cypress-io/github-action@ebe8b24...1b70233)

Updates `codecov/codecov-action` from 3 to 4
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Commits](codecov/codecov-action@v3...v4)

Updates `peter-evans/create-pull-request` from 5.0.2 to 6.0.1
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](peter-evans/create-pull-request@1534078...a4f52f8)

---
updated-dependencies:
- dependency-name: andstor/file-existence-action
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: cypress-io/github-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: peter-evans/create-pull-request
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot requested a review from a team February 29, 2024 23:41
@dependabot dependabot bot mentioned this pull request Feb 29, 2024
Closed
@skjnldsv
Copy link
Member

skjnldsv commented Mar 1, 2024

@dependabot merge

@skjnldsv skjnldsv merged commit 61cb75c into master Mar 1, 2024
160 checks passed
@skjnldsv skjnldsv deleted the dependabot/github_actions/github-actions-145a57c0cf branch March 1, 2024 07:57
@blizzz blizzz mentioned this pull request Mar 5, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@github-actions github-actions[bot] github-actions[bot] approved these changes

@skjnldsv skjnldsv skjnldsv approved these changes

Assignees
No one assigned
Labels
3. to review Waiting for reviews feature: dependencies
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@skjnldsv