-
Notifications
You must be signed in to change notification settings - Fork 602
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
build(deps): bump the ci group across 1 directory with 13 updates #4926
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Bumps the ci group with 13 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `4.1.6` | `4.1.7` | | [actions/setup-go](https://github.com/actions/setup-go) | `5.0.1` | `5.0.2` | | [google-github-actions/auth](https://github.com/google-github-actions/auth) | `2.1.3` | `2.1.4` | | [google-github-actions/setup-gcloud](https://github.com/google-github-actions/setup-gcloud) | `2.1.0` | `2.1.1` | | [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) | `3.0.0` | `3.2.0` | | [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `3.3.0` | `3.6.1` | | [docker/login-action](https://github.com/docker/login-action) | `3.2.0` | `3.3.0` | | [ossf/scorecard-action](https://github.com/ossf/scorecard-action) | `2.3.3` | `2.4.0` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.3.3` | `4.3.6` | | [github/codeql-action](https://github.com/github/codeql-action) | `3.25.8` | `3.26.0` | | [anchore/sbom-action](https://github.com/anchore/sbom-action) | `0.16.0` | `0.17.0` | | [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) | `3.5.0` | `3.6.0` | | [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) | `6.0.5` | `6.1.0` | Updates `actions/checkout` from 4.1.6 to 4.1.7 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@a5ac7e5...692973e) Updates `actions/setup-go` from 5.0.1 to 5.0.2 - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](actions/setup-go@cdcb360...0a12ed9) Updates `google-github-actions/auth` from 2.1.3 to 2.1.4 - [Release notes](https://github.com/google-github-actions/auth/releases) - [Changelog](https://github.com/google-github-actions/auth/blob/main/CHANGELOG.md) - [Commits](google-github-actions/auth@71fee32...f112390) Updates `google-github-actions/setup-gcloud` from 2.1.0 to 2.1.1 - [Release notes](https://github.com/google-github-actions/setup-gcloud/releases) - [Changelog](https://github.com/google-github-actions/setup-gcloud/blob/main/CHANGELOG.md) - [Commits](google-github-actions/setup-gcloud@98ddc00...f099058) Updates `docker/setup-qemu-action` from 3.0.0 to 3.2.0 - [Release notes](https://github.com/docker/setup-qemu-action/releases) - [Commits](docker/setup-qemu-action@6882732...49b3bc8) Updates `docker/setup-buildx-action` from 3.3.0 to 3.6.1 - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](docker/setup-buildx-action@d70bba7...988b5a0) Updates `docker/login-action` from 3.2.0 to 3.3.0 - [Release notes](https://github.com/docker/login-action/releases) - [Commits](docker/login-action@0d4c9c5...9780b0c) Updates `ossf/scorecard-action` from 2.3.3 to 2.4.0 - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](ossf/scorecard-action@dc50aa9...62b2cac) Updates `actions/upload-artifact` from 4.3.3 to 4.3.6 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@6546280...834a144) Updates `github/codeql-action` from 3.25.8 to 3.26.0 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@2e230e8...eb055d7) Updates `anchore/sbom-action` from 0.16.0 to 0.17.0 - [Release notes](https://github.com/anchore/sbom-action/releases) - [Commits](anchore/sbom-action@e8d2a69...d94f46e) Updates `sigstore/cosign-installer` from 3.5.0 to 3.6.0 - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](sigstore/cosign-installer@59acb62...4959ce0) Updates `peter-evans/create-pull-request` from 6.0.5 to 6.1.0 - [Release notes](https://github.com/peter-evans/create-pull-request/releases) - [Commits](peter-evans/create-pull-request@6d6857d...c5a7806) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch dependency-group: ci - dependency-name: actions/setup-go dependency-type: direct:production update-type: version-update:semver-patch dependency-group: ci - dependency-name: google-github-actions/auth dependency-type: direct:production update-type: version-update:semver-patch dependency-group: ci - dependency-name: google-github-actions/setup-gcloud dependency-type: direct:production update-type: version-update:semver-patch dependency-group: ci - dependency-name: docker/setup-qemu-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ci - dependency-name: docker/setup-buildx-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ci - dependency-name: docker/login-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ci - dependency-name: ossf/scorecard-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ci - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch dependency-group: ci - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ci - dependency-name: anchore/sbom-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ci - dependency-name: sigstore/cosign-installer dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ci - dependency-name: peter-evans/create-pull-request dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ci ... Signed-off-by: dependabot[bot] <[email protected]>
dependabot
bot
added
area/ci
CI related issues and pull requests
dependencies
Pull requests that update a dependency
labels
Aug 12, 2024
Superseded by #4930. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
0 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps the ci group with 13 updates in the / directory:
4.1.6
4.1.7
5.0.1
5.0.2
2.1.3
2.1.4
2.1.0
2.1.1
3.0.0
3.2.0
3.3.0
3.6.1
3.2.0
3.3.0
2.3.3
2.4.0
4.3.3
4.3.6
3.25.8
3.26.0
0.16.0
0.17.0
3.5.0
3.6.0
6.0.5
6.1.0
Updates
actions/checkout
from 4.1.6 to 4.1.7Release notes
Sourced from actions/checkout's releases.
Changelog
Sourced from actions/checkout's changelog.
... (truncated)
Commits
692973e
Prepare 4.1.7 release (#1775)6ccd57f
Pin actions/checkout's own workflows to a known, good, stable version. (#1776)b17fe1e
Handle hidden refs (#1774)b80ff79
Bump actions/checkout from 3 to 4 (#1697)b1ec302
Bump the minor-npm-dependencies group across 1 directory with 4 updates (#1739)Updates
actions/setup-go
from 5.0.1 to 5.0.2Release notes
Sourced from actions/setup-go's releases.
Commits
0a12ed9
Bump braces from 3.0.2 to 3.0.3 (#487)4ab57d7
Fix versions check failure (#479)Updates
google-github-actions/auth
from 2.1.3 to 2.1.4Release notes
Sourced from google-github-actions/auth's releases.
Commits
f112390
Release: v2.1.4 (#431)984b9cf
Update deps (#430)5e210ff
Update spelling and workflow versions (#422)49ae1e8
security: bump braces from 3.0.2 to 3.0.3 in the npm_and_yarn group (#420)Updates
google-github-actions/setup-gcloud
from 2.1.0 to 2.1.1Release notes
Sourced from google-github-actions/setup-gcloud's releases.
Commits
f099058
Release: v2.1.1 (#692)4f016c9
Update deps (#691)012c5df
Update deps and switch to autodoc (#690)744a572
Disable prompts (#688)f431b4b
security: bump undici from 5.28.3 to 5.28.4 in the npm_and_yarn group (#687)f989621
Fix ADC documentation, issue#685 (#686)87fba63
Fix typo in sample workflow shown in README.md. (#682)a061e39
security: bump undici from 5.28.2 to 5.28.3 (#681)Updates
docker/setup-qemu-action
from 3.0.0 to 3.2.0Release notes
Sourced from docker/setup-qemu-action's releases.
Commits
49b3bc8
Merge pull request #155 from docker/dependabot/npm_and_yarn/docker/actions-to...9dec05b
chore: update generated content73387bc
build(deps): bump@docker/actions-toolkit
from 0.34.0 to 0.35.0fcfabe0
Merge pull request #154 from docker/dependabot/npm_and_yarn/docker/actions-to...948a838
chore: update generated content31629f6
switch to Docker exec6ae1d4d
build(deps): bump@docker/actions-toolkit
from 0.31.0 to 0.34.05927c83
Merge pull request #149 from docker/dependabot/npm_and_yarn/docker/actions-to...32ea29b
chore: update generated content92ac892
build(deps): bump@docker/actions-toolkit
from 0.23.0 to 0.31.0Updates
docker/setup-buildx-action
from 3.3.0 to 3.6.1Release notes
Sourced from docker/setup-buildx-action's releases.
Commits
988b5a0
Merge pull request #347 from crazy-max/skip-malformed-context2c21562
chore: update generated content3382292
check for malformed docker context3d68780
Merge pull request #341 from crazy-max/docker-context-tlsd069e98
chore: update generated content8b850f8
create docker context if default one has TLS data loadedaa33708
Merge pull request #345 from docker/dependabot/npm_and_yarn/docker/actions-to...2d99e34
chore: update generated content4dab436
build(deps): bump@docker/actions-toolkit
from 0.34.0 to 0.35.049a04d6
Merge pull request #344 from docker/dependabot/npm_and_yarn/docker/actions-to...Updates
docker/login-action
from 3.2.0 to 3.3.0Release notes
Sourced from docker/login-action's releases.
Commits
9780b0c
Merge pull request #741 from docker/dependabot/npm_and_yarn/proxy-agent-depen...2fa130c
chore: update generated content5e87b2a
build(deps): bump https-proxy-agente039495
Merge pull request #754 from docker/dependabot/npm_and_yarn/docker/actions-to...9af18aa
chore: update generated content668190a
switch to Docker execbe5150d
build(deps): bump@docker/actions-toolkit
from 0.24.0 to 0.35.0e80ebca
Merge pull request #730 from docker/dependabot/npm_and_yarn/braces-3.0.375ee3ea
Merge pull request #733 from docker/dependabot/github_actions/docker/bake-act...793c19c
build(deps): bump docker/bake-action from 4 to 5Updates
ossf/scorecard-action
from 2.3.3 to 2.4.0Release notes
Sourced from ossf/scorecard-action's releases.
Commits
62b2cac
bump docker tag to v2.4.0 for release (#1414)c09630c
lower license score alert threshold to 9 (#1411)cf8594c
🌱 Bump github.com/sigstore/cosign/v2 from 2.2.4 to 2.3.0 (#1413)de5fcb9
🌱 Bump the github-actions group with 2 updates (#1412)a46b90b
bump scorecard to v5.0.0 release (#1410)9fc518d
🌱 Bump golang in the docker-images group (#1407)a8eaa1b
🌱 Bump the github-actions group with 2 updates (#1408)873d5fd
🌱 Bump the github-actions group across 1 directory with 2 updates (#...54cc1fe
🌱 Bump the docker-images group with 2 updates (#1401)82bcb91
🌱 Bump golang.org/x/net from 0.26.0 to 0.27.0 (#1400)Updates
actions/upload-artifact
from 4.3.3 to 4.3.6Release notes
Sourced from actions/upload-artifact's releases.
Commits
834a144
Merge pull request #594 from actions/robherley/4.3.6134dcf3
v4.3.673a0b9c
revert back to@actions/artifact
2.1.889ef406
Merge pull request #588 from actions/robherley/4.3.523d796d
license updatese445c64
bump@actions/artifact
to v2.1.90b2256b
Merge pull request #584 from actions/robherley/bump-pkgs488dcef
licensed cache04c51f5
ncc32a9e27
bump@actions/artifact
and npm auditUpdates
github/codeql-action
from 3.25.8 to 3.26.0Changelog
Sourced from github/codeql-action's changelog.
... (truncated)
Commits
eb055d7
Merge pull request #2410 from github/update-v3.26.0-c24926b733884d04
Update changelog for v3.26.0c24926b
Merge pull request #2407 from github/dependabot/npm_and_yarn/npm-7954a73ad268ba39b
Merge branch 'main' into dependabot/npm_and_yarn/npm-7954a73ad28dd1773
Merge pull request #2408 from github/henrymercer/deprecate-codeql-2.13.4441c9d9
Merge pull request #2409 from github/henrymercer/fix-required-checksf03da13
Exclude push-only unit tests job from required PR checks script29a5cfc
Bump version to 3.26.09e440ad
Add changelog note136f5a5
Add CodeQL v2.17.6 to default test versionsUpdates
anchore/sbom-action
from 0.16.0 to 0.17.0Release notes
Sourced from anchore/sbom-action's releases.
Commits
d94f46e
chore(deps): update Syft to v1.9.0 (#479)ee41e6a
chore(deps): bump actions/checkout from 4.1.6 to 4.1.7 (#474)23e0b38
chore(deps): bump peter-evans/create-pull-request from 6.0.5 to 6.1.0 (#475)f4035cd
chore: serialize tests to prevent install race (#478)f3253ca
chore(deps): update Syft to v1.8.0 (#473)95b086a
fix: workaround windows install script (#477)72370e1
fix: allow users to properly use the file input over the default path value (...e28bab5
chore(deps): update Syft to v1.5.0 (#470)2283abe
docs: notes for matrix and required permissions (#469)07e5b3a
chore(deps): bump actions/checkout from 4.1.5 to 4.1.6 (#466)Updates
sigstore/cosign-installer
from 3.5.0 to 3.6.0Release notes
Sourced from sigstore/cosign-installer's releases.
Commits
4959ce0
update readme for new release (#170)45ffe83
bump default version to v2.4.0 release (#168)7e1d9c1
pin public key used for verification (#169)cc23fe1
Bump actions/setup-go from 5.0.1 to 5.0.2 (#167)b235ed9
Bump actions/checkout from 4.1.6 to 4.1.7 (#166)b49ef6b
Bump actions/checkout from 4.1.5 to 4.1.6 (#165)7a59e5a
Bump actions/checkout from 4.1.4 to 4.1.5 (#164)8d927bd
Bump actions/setup-go from 5.0.0 to 5.0.1 (#163)8c9caa0
Bump actions/checkout from 4.1.3 to 4.1.4 (#162)19351d0
Bump actions/checkout from 4.1.2 to 4.1.3 (#161)Updates
peter-evans/create-pull-request
from 6.0.5 to 6.1.0Release notes
Sourced from peter-evans/create-pull-request's releases.