Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump the github-actions group with 4 updates #1625

Merged
merged 1 commit into from
Jan 24, 2024

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 24, 2024

Bumps the github-actions group with 4 updates: actions/checkout, actions/setup-python, codecov/codecov-action and stefanzweifel/git-auto-commit-action.

Updates actions/checkout from 2 to 4

Release notes

Sourced from actions/checkout's releases.

v4.0.0

What's Changed

New Contributors

Full Changelog: actions/checkout@v3...v4.0.0

v3.6.0

What's Changed

New Contributors

Full Changelog: actions/checkout@v3.5.3...v3.6.0

v3.5.3

What's Changed

New Contributors

Full Changelog: actions/checkout@v3...v3.5.3

v3.5.2

What's Changed

Full Changelog: actions/checkout@v3.5.1...v3.5.2

v3.5.1

What's Changed

New Contributors

... (truncated)

Changelog

Sourced from actions/checkout's changelog.

Changelog

v4.1.0

v4.0.0

v3.6.0

v3.5.3

v3.5.2

v3.5.1

v3.5.0

v3.4.0

v3.3.0

v3.2.0

v3.1.0

v3.0.2

... (truncated)

Commits

Updates actions/setup-python from 2 to 5

Release notes

Sourced from actions/setup-python's releases.

v5.0.0

What's Changed

In scope of this release, we update node version runtime from node16 to node20 (actions/setup-python#772). Besides, we update dependencies to the latest versions.

Full Changelog: actions/setup-python@v4.8.0...v5.0.0

v4.8.0

What's Changed

In scope of this release we added support for GraalPy (actions/setup-python#694). You can use this snippet to set up GraalPy:

steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v4 
  with:
    python-version: 'graalpy-22.3' 
- run: python my_script.py

Besides, the release contains such changes as:

New Contributors

Full Changelog: actions/setup-python@v4...v4.8.0

v4.7.1

What's Changed

Full Changelog: actions/setup-python@v4...v4.7.1

v4.7.0

In scope of this release, the support for reading python version from pyproject.toml was added (actions/setup-python#669).

      - name: Setup Python
        uses: actions/setup-python@v4
</tr></table> 

... (truncated)

Commits

Updates codecov/codecov-action from 2 to 3

Release notes

Sourced from codecov/codecov-action's releases.

v3.0.0

Breaking Changes

  • #689 Bump to node16 and small fixes

Features

  • #688 Incorporate gcov arguments for the Codecov uploader

Dependencies

  • #548 build(deps-dev): bump jest-junit from 12.2.0 to 13.0.0
  • #603 [Snyk] Upgrade @​actions/core from 1.5.0 to 1.6.0
  • #628 build(deps): bump node-fetch from 2.6.1 to 3.1.1
  • #634 build(deps): bump node-fetch from 3.1.1 to 3.2.0
  • #636 build(deps): bump openpgp from 5.0.1 to 5.1.0
  • #652 build(deps-dev): bump @​vercel/ncc from 0.30.0 to 0.33.3
  • #653 build(deps-dev): bump @​types/node from 16.11.21 to 17.0.18
  • #659 build(deps-dev): bump @​types/jest from 27.4.0 to 27.4.1
  • #667 build(deps): bump actions/checkout from 2 to 3
  • #673 build(deps): bump node-fetch from 3.2.0 to 3.2.3
  • #683 build(deps): bump minimist from 1.2.5 to 1.2.6
  • #685 build(deps): bump @​actions/github from 5.0.0 to 5.0.1
  • #681 build(deps-dev): bump @​types/node from 17.0.18 to 17.0.23
  • #682 build(deps-dev): bump typescript from 4.5.5 to 4.6.3
  • #676 build(deps): bump @​actions/exec from 1.1.0 to 1.1.1
  • #675 build(deps): bump openpgp from 5.1.0 to 5.2.1

v2.1.0

2.1.0

Features

  • #515 Allow specifying version of Codecov uploader

Dependencies

  • #499 build(deps-dev): bump @​vercel/ncc from 0.29.0 to 0.30.0
  • #508 build(deps): bump openpgp from 5.0.0-5 to 5.0.0
  • #514 build(deps-dev): bump @​types/node from 16.6.0 to 16.9.0

v2.0.3

2.0.3

Fixes

  • #464 Fix wrong link in the readme
  • #485 fix: Add override OS and linux default to platform

Dependencies

  • #447 build(deps): bump openpgp from 5.0.0-4 to 5.0.0-5
  • #458 build(deps-dev): bump eslint from 7.31.0 to 7.32.0
  • #465 build(deps-dev): bump @​typescript-eslint/eslint-plugin from 4.28.4 to 4.29.1
  • #466 build(deps-dev): bump @​typescript-eslint/parser from 4.28.4 to 4.29.1
  • #468 build(deps-dev): bump @​types/jest from 26.0.24 to 27.0.0
  • #470 build(deps-dev): bump @​types/node from 16.4.0 to 16.6.0
  • #472 build(deps): bump path-parse from 1.0.6 to 1.0.7
  • #473 build(deps-dev): bump @​types/jest from 27.0.0 to 27.0.1

... (truncated)

Changelog

Sourced from codecov/codecov-action's changelog.

4.0.0-beta.2

Fixes

  • #1085 not adding -n if empty to do-upload command

4.0.0-beta.1

v4 represents a move from the universal uploader to the Codecov CLI. Although this will unlock new features for our users, the CLI is not yet at feature parity with the universal uploader.

Breaking Changes

  • No current support for aarch64 and alpine architectures.
  • Tokenless uploading is unsuported
  • Various arguments to the Action have been removed

3.1.4

Fixes

  • #967 Fix typo in README.md
  • #971 fix: add back in working dir
  • #969 fix: CLI option names for uploader

Dependencies

  • #970 build(deps-dev): bump @​types/node from 18.15.12 to 18.16.3
  • #979 build(deps-dev): bump @​types/node from 20.1.0 to 20.1.2
  • #981 build(deps-dev): bump @​types/node from 20.1.2 to 20.1.4

3.1.3

Fixes

  • #960 fix: allow for aarch64 build

Dependencies

  • #957 build(deps-dev): bump jest-junit from 15.0.0 to 16.0.0
  • #958 build(deps): bump openpgp from 5.7.0 to 5.8.0
  • #959 build(deps-dev): bump @​types/node from 18.15.10 to 18.15.12

3.1.2

Fixes

  • #718 Update README.md
  • #851 Remove unsupported path_to_write_report argument
  • #898 codeql-analysis.yml
  • #901 Update README to contain correct information - inputs and negate feature
  • #955 fix: add in all the extra arguments for uploader

Dependencies

  • #819 build(deps): bump openpgp from 5.4.0 to 5.5.0
  • #835 build(deps): bump node-fetch from 3.2.4 to 3.2.10
  • #840 build(deps): bump ossf/scorecard-action from 1.1.1 to 2.0.4
  • #841 build(deps): bump @​actions/core from 1.9.1 to 1.10.0
  • #843 build(deps): bump @​actions/github from 5.0.3 to 5.1.1
  • #869 build(deps): bump node-fetch from 3.2.10 to 3.3.0
  • #872 build(deps-dev): bump jest-junit from 13.2.0 to 15.0.0
  • #879 build(deps): bump decode-uri-component from 0.2.0 to 0.2.2

... (truncated)

Commits

Updates stefanzweifel/git-auto-commit-action from 4 to 5

Release notes

Sourced from stefanzweifel/git-auto-commit-action's releases.

v5.0.0

New major release that bumps the default runtime to Node 20. There are no other breaking changes.

Changed

Fixed

Dependency Updates

v4.16.0

Changed

Fixed

v4.15.4

Fixed

Dependency Updates

v4.15.3

Changed

  • Use deprecated set-output syntax if GITHUB_OUTPUT environment is not available (#255) @​stefanzweifel

v4.15.2

Changed

... (truncated)

Changelog

Sourced from stefanzweifel/git-auto-commit-action's changelog.

v4.15.4 - 2022-11-05

Fixed

Dependency Updates

v4.15.3 - 2022-10-26

Changed

  • Use deprecated set-output syntax if GITHUB_OUTPUT environment is not available (#255) @​stefanzweifel

v4.15.2 - 2022-10-22

Changed

v4.15.1 - 2022-10-10

Fixed

Commits
  • 8756aa0 Update node version to node20 (#300)
  • 17a44b0 Merge branch 'master' of github.com:stefanzweifel/git-auto-commit-action
  • 43818d5 Fix Typo
  • 1094465 Use actions/checkout v4 in examples
  • 3d1b5e0 Bump actions/checkout from 3 to 4 (#302)
  • 47a8ad5 Bump bats from 1.9.0 to 1.10.0 (#293)
  • 77a7b3f Bump github/super-linter from 4 to 5 (#289)
  • 9cc0a1f Seems like there is an extra space (#288)
  • 0b5f8a5 Update Test
  • 3a446b7 Merge branch 'master' of github.com:stefanzweifel/git-auto-commit-action
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the github-actions group with 4 updates: [actions/checkout](https://github.com/actions/checkout), [actions/setup-python](https://github.com/actions/setup-python), [codecov/codecov-action](https://github.com/codecov/codecov-action) and [stefanzweifel/git-auto-commit-action](https://github.com/stefanzweifel/git-auto-commit-action).


Updates `actions/checkout` from 2 to 4
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v2...v4)

Updates `actions/setup-python` from 2 to 5
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](actions/setup-python@v2...v5)

Updates `codecov/codecov-action` from 2 to 3
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](codecov/codecov-action@v2...v3)

Updates `stefanzweifel/git-auto-commit-action` from 4 to 5
- [Release notes](https://github.com/stefanzweifel/git-auto-commit-action/releases)
- [Changelog](https://github.com/stefanzweifel/git-auto-commit-action/blob/master/CHANGELOG.md)
- [Commits](stefanzweifel/git-auto-commit-action@v4...v5)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: stefanzweifel/git-auto-commit-action
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Jan 24, 2024
@roll roll merged commit ebbc48c into main Jan 24, 2024
5 checks passed
@roll roll deleted the dependabot/github_actions/github-actions-7042fa6eef branch January 24, 2024 15:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant