Bump the actions group across 1 directory with 15 updates #875

dependabot · 2024-07-10T13:09:59Z

Bumps the actions group with 15 updates in the / directory:

Package	From	To
actions/checkout	`4.1.6`	`4.1.7`
docker/setup-buildx-action	`3.3.0`	`3.4.0`
docker/setup-qemu-action	`3.0.0`	`3.1.0`
docker/build-push-action	`5.3.0`	`6.3.0`
aquasecurity/trivy-action	`0.21.0`	`0.24.0`
github/codeql-action	`3.25.7`	`3.25.11`
actions/upload-artifact	`4.3.3`	`4.3.4`
nginxinc/aws-marketplace-publish	`1.0.3`	`1.0.4`
codecov/codecov-action	`4.4.1`	`4.5.0`
anchore/sbom-action	`0.16.0`	`0.16.1`
goreleaser/goreleaser-action	`5.1.0`	`6.0.0`
dependabot/fetch-metadata	`2.1.0`	`2.2.0`
actions/dependency-review-action	`4.3.2`	`4.3.3`
reviewdog/action-actionlint	`1.47.0`	`1.53.0`
peter-evans/create-pull-request	`6.0.5`	`6.1.0`

Updates actions/checkout from 4.1.6 to 4.1.7

Release notes

Sourced from actions/checkout's releases.

v4.1.7

What's Changed

Bump the minor-npm-dependencies group across 1 directory with 4 updates by @dependabot in actions/checkout#1739

Bump actions/checkout from 3 to 4 by @dependabot in actions/checkout#1697

Check out other refs/* by commit by @orhantoy in actions/checkout#1774

Pin actions/checkout's own workflows to a known, good, stable version. by @jww3 in actions/checkout#1776

New Contributors

@orhantoy made their first contribution in actions/checkout#1774

Full Changelog: actions/checkout@v4.1.6...v4.1.7

Changelog

Sourced from actions/checkout's changelog.

Changelog

v4.1.7

Bump the minor-npm-dependencies group across 1 directory with 4 updates by @dependabot in actions/checkout#1739

Bump actions/checkout from 3 to 4 by @dependabot in actions/checkout#1697

Check out other refs/* by commit by @orhantoy in actions/checkout#1774

Pin actions/checkout's own workflows to a known, good, stable version. by @jww3 in actions/checkout#1776

v4.1.6

Check platform to set archive extension appropriately by @cory-miller in actions/checkout#1732

v4.1.5

Update NPM dependencies by @cory-miller in actions/checkout#1703

Bump github/codeql-action from 2 to 3 by @dependabot in actions/checkout#1694

Bump actions/setup-node from 1 to 4 by @dependabot in actions/checkout#1696

Bump actions/upload-artifact from 2 to 4 by @dependabot in actions/checkout#1695

README: Suggest user.email to be 41898282+github-actions[bot]@users.noreply.github.com by @cory-miller in actions/checkout#1707

v4.1.4

Disable extensions.worktreeConfig when disabling sparse-checkout by @jww3 in actions/checkout#1692

Add dependabot config by @cory-miller in actions/checkout#1688

Bump the minor-actions-dependencies group with 2 updates by @dependabot in actions/checkout#1693

Bump word-wrap from 1.2.3 to 1.2.5 by @dependabot in actions/checkout#1643

v4.1.3

Check git version before attempting to disable sparse-checkout by @jww3 in actions/checkout#1656

Add SSH user parameter by @cory-miller in actions/checkout#1685

Update actions/checkout version in update-main-version.yml by @jww3 in actions/checkout#1650

v4.1.2

Fix: Disable sparse checkout whenever sparse-checkout option is not present @dscho in actions/checkout#1598

v4.1.1

Correct link to GitHub Docs by @peterbe in actions/checkout#1511

Link to release page from what's new section by @cory-miller in actions/checkout#1514

v4.1.0

Add support for partial checkout filters

v4.0.0

Support fetching without the --progress option

Update to node20

v3.6.0

Fix: Mark test scripts with Bash'isms to be run via Bash

Add option to fetch tags even if fetch-depth > 0

v3.5.3

Fix: Checkout fail in self-hosted runners when faulty submodule are checked-in

Fix typos found by codespell

... (truncated)

Commits

692973e Prepare 4.1.7 release (#1775)
6ccd57f Pin actions/checkout's own workflows to a known, good, stable version. (#1776)
b17fe1e Handle hidden refs (#1774)
b80ff79 Bump actions/checkout from 3 to 4 (#1697)
b1ec302 Bump the minor-npm-dependencies group across 1 directory with 4 updates (#1739)
See full diff in compare view

Updates docker/setup-buildx-action from 3.3.0 to 3.4.0

Release notes

Sourced from docker/setup-buildx-action's releases.

v3.4.0

Throw error message instead of exit code by @crazy-max in docker/setup-buildx-action#315

Bump @docker/actions-toolkit from 0.20.0 to 0.31.0 in docker/setup-buildx-action#321 docker/setup-buildx-action#338

Bump braces from 3.0.2 to 3.0.3 in docker/setup-buildx-action#329

Bump undici from 5.28.3 to 5.28.4 in docker/setup-buildx-action#312

Bump uuid from 9.0.1 to 10.0.0 in docker/setup-buildx-action#326

Full Changelog: docker/setup-buildx-action@v3.3.0...v3.4.0

Commits

4fd8129 Merge pull request #312 from docker/dependabot/npm_and_yarn/undici-5.28.4
3386dc4 chore: update generated content
d191aef build(deps): bump undici from 5.28.3 to 5.28.4
f686054 Merge pull request #338 from docker/dependabot/npm_and_yarn/docker/actions-to...
7854785 chore: update generated content
830928c fix builder type path
26d2aec build(deps): bump @docker/actions-toolkit from 0.23.0 to 0.31.0
ab17e3e Merge pull request #339 from crazy-max/missing-types-jsyaml
d79cb80 missing types for js-yaml
13cf788 Merge pull request #326 from docker/dependabot/npm_and_yarn/uuid-10.0.0
Additional commits viewable in compare view

Updates docker/setup-qemu-action from 3.0.0 to 3.1.0

Release notes

Sourced from docker/setup-qemu-action's releases.

v3.1.0

Set docker.io domain for default binfmt image by @crazy-max in docker/setup-qemu-action#151

Throw error message instead of exit code by @crazy-max in docker/setup-qemu-action#129

build(deps): bump @docker/actions-toolkit from 0.12.0 to 0.31.0 in docker/setup-qemu-action#115 docker/setup-qemu-action#128 docker/setup-qemu-action#131 docker/setup-qemu-action#134 docker/setup-qemu-action#149

build(deps): bump @babel/traverse from 7.20.13 to 7.23.2 in docker/setup-qemu-action#109

build(deps): bump braces from 3.0.2 to 3.0.3 in docker/setup-qemu-action#142

build(deps): bump undici from 5.28.2 to 5.28.4 in docker/setup-qemu-action#118 docker/setup-qemu-action#127

Full Changelog: docker/setup-qemu-action@v3.0.0...v3.1.0

Commits

5927c83 Merge pull request #149 from docker/dependabot/npm_and_yarn/docker/actions-to...
32ea29b chore: update generated content
92ac892 build(deps): bump @docker/actions-toolkit from 0.23.0 to 0.31.0
dcf3f67 Merge pull request #151 from crazy-max/default-image
b34393b Merge pull request #141 from docker/dependabot/github_actions/docker/bake-act...
ca1bf68 Merge pull request #142 from docker/dependabot/npm_and_yarn/braces-3.0.3
599f288 chore: update generated content
af38981 set docker.io domain for default binfmt image
9d4d56c build(deps): bump braces from 3.0.2 to 3.0.3
a05dd92 build(deps): bump docker/bake-action from 4 to 5
Additional commits viewable in compare view

Updates docker/build-push-action from 5.3.0 to 6.3.0

Release notes

Sourced from docker/build-push-action's releases.

v6.3.0

DOCKER_BUILD_RECORD_UPLOAD environment variable to enable/disable build record upload by @crazy-max in docker/build-push-action#1172

DOCKER_BUILD_NO_SUMMARY has been deprecated. Set DOCKER_BUILD_SUMMARY to false instead by @crazy-max in docker/build-push-action#1170 docker/build-push-action#1173

Bump @docker/actions-toolkit from 0.28.0 to 0.31.0 in docker/build-push-action#1171 docker/build-push-action#1159 docker/build-push-action#1169

Full Changelog: docker/build-push-action@v6.2.0...v6.3.0

v6.2.0

Use default retention days for build export artifact by @crazy-max in docker/build-push-action#1153

Bump @docker/actions-toolkit from 0.27.0 to 0.28.0 in docker/build-push-action#1158

Full Changelog: docker/build-push-action@v6.1.0...v6.2.0

v6.1.0

Bump @docker/actions-toolkit from 0.26.2 to 0.27.0 in docker/build-push-action#1149

Full Changelog: docker/build-push-action@v6.0.2...v6.1.0

v6.0.2

Bump @docker/actions-toolkit from 0.26.1 to 0.26.2 in docker/build-push-action#1147

Full Changelog: docker/build-push-action@v6.0.1...v6.0.2

v6.0.1

Bump @docker/actions-toolkit from 0.26.0 to 0.26.1 in docker/build-push-action#1142

Full Changelog: docker/build-push-action@v6.0.0...v6.0.1

v6.0.0

Export build record and generate build summary by @crazy-max in docker/build-push-action#1120

Bump @docker/actions-toolkit from 0.24.0 to 0.26.0 in docker/build-push-action#1132 docker/build-push-action#1136 docker/build-push-action#1138

Bump braces from 3.0.2 to 3.0.3 in docker/build-push-action#1137

[!NOTE] This major release adds support for generating Build summary and exporting build record for your build. You can disable this feature by setting DOCKER_BUILD_NO_SUMMARY: true environment variable in your workflow.

Full Changelog: docker/build-push-action@v5.4.0...v6.0.0

v5.4.0

Show builder information before building by @crazy-max in docker/build-push-action#1128

Handle attestations correctly with provenance and sbom inputs by @crazy-max in docker/build-push-action#1086

Bump @docker/actions-toolkit from 0.19.0 to 0.24.0 in docker/build-push-action#1088 docker/build-push-action#1105 docker/build-push-action#1121 docker/build-push-action#1127

Bump undici from 5.28.3 to 5.28.4 in docker/build-push-action#1090

Full Changelog: docker/build-push-action@v5.3.0...v5.4.0

Commits

1a16264 Merge pull request #1172 from crazy-max/build-export-disable
9eea548 chore: update generated content
11c2faa rename DOCKER_BUILD_EXPORT_RETENTION_DAYS to DOCKER_BUILD_RECORD_RETENTION_DAYS
de2365a opt to disable build record upload
bca5082 Merge pull request #1173 from crazy-max/build-summary-env-change
e7aab40 chore: update generated content
63eb759 switch DOCKER_BUILD_SUMMARY_DISABLE to DOCKER_BUILD_SUMMARY
53ec486 Merge pull request #1171 from docker/dependabot/npm_and_yarn/docker/actions-t...
fe9d9f1 chore: update generated content
ad37ba1 chore(deps): Bump @docker/actions-toolkit from 0.30.0 to 0.31.0
Additional commits viewable in compare view

Updates aquasecurity/trivy-action from 0.21.0 to 0.24.0

Release notes

Sourced from aquasecurity/trivy-action's releases.

v0.24.0

What's Changed

Upgrade trivy to v0.53.0 by @Dr-DevOps in aquasecurity/trivy-action#369

Full Changelog: aquasecurity/trivy-action@0.23.0...0.24.0

v0.23.0

What's Changed

Upgrade trivy to v0.52.2 by @Dr-DevOps in aquasecurity/trivy-action#367

Full Changelog: aquasecurity/trivy-action@0.22.0...0.23.0

v0.22.0

What's Changed

chore(docs): Reference the use of a pinned version by @simar7 in aquasecurity/trivy-action#356

Upgrade trivy to v0.52.0 by @Keralin in aquasecurity/trivy-action#364

New Contributors

@Keralin made their first contribution in aquasecurity/trivy-action#364

Full Changelog: aquasecurity/trivy-action@0.21.0...0.22.0

Commits

6e7b7d1 Upgrade trivy to v0.53.0 (#369)
7c2007b Upgrade trivy to v0.52.2 (#367)
595be6a Upgrade trivy to v0.52.0 (#364)
841fb37 chore(docs): Reference the use of a pinned version (#356)
See full diff in compare view

Updates github/codeql-action from 3.25.7 to 3.25.11

Changelog

Sourced from github/codeql-action's changelog.

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

[UNRELEASED]

Improve the reliability and performance of analyzing code when analyzing a compiled language with the autobuild build mode on GitHub Enterprise Server. This feature is already available to GitHub.com users. #2353

3.25.11 - 28 Jun 2024

Avoid failing the workflow run if there is an error while uploading debug artifacts. #2349

Update default CodeQL bundle version to 2.17.6. #2352

3.25.10 - 13 Jun 2024

Update default CodeQL bundle version to 2.17.5. #2327

3.25.9 - 12 Jun 2024

Avoid failing database creation if the database folder already exists and contains some unexpected files. Requires CodeQL 2.18.0 or higher. #2330

The init Action will attempt to clean up the database cluster directory before creating a new database and at the end of the job. This will help to avoid issues where the database cluster directory is left in an inconsistent state. #2332

3.25.8 - 04 Jun 2024

Update default CodeQL bundle version to 2.17.4. #2321

3.25.7 - 31 May 2024

We are rolling out a feature in May/June 2024 that will reduce the Actions cache usage of the Action by keeping only the newest TRAP cache for each language. #2306

3.25.6 - 20 May 2024

Update default CodeQL bundle version to 2.17.3. #2295

3.25.5 - 13 May 2024

Add a compatibility matrix of supported CodeQL Action, CodeQL CLI, and GitHub Enterprise Server versions to the https://github.com/github/codeql-action/blob/main/README.md. #2273

Avoid printing out a warning for a missing on.push trigger when the CodeQL Action is triggered via a workflow_call event. #2274

The tools: latest input to the init Action has been renamed to tools: linked. This option specifies that the Action should use the tools shipped at the same time as the Action. The old name will continue to work for backwards compatibility, but we recommend that new workflows use the new name. #2281

3.25.4 - 08 May 2024

Update default CodeQL bundle version to 2.17.2. #2270

3.25.3 - 25 Apr 2024

Update default CodeQL bundle version to 2.17.1. #2247

Workflows running on macos-latest using CodeQL CLI versions before v2.15.1 will need to either upgrade their CLI version to v2.15.1 or newer, or change the platform to an Intel MacOS runner, such as macos-12. ARM machines with SIP disabled, including the newest macos-latest image, are unsupported for CLI versions before 2.15.1. #2261

... (truncated)

Commits

b611370 Merge pull request #2357 from github/update-v3.25.11-de945755c
3e6431f Update changelog for v3.25.11
de94575 Merge pull request #2352 from github/update-bundle/codeql-bundle-v2.17.6
a32d305 Add changelog note
9ccc995 Update default bundle to codeql-bundle-v2.17.6
9b7c22c Merge pull request #2351 from github/dependabot/npm_and_yarn/npm-6791eaa26c
9cf3243 Rebuild
1895b29 Update checked-in dependencies
9dcfde9 Bump the npm group with 2 updates
8723b5b Merge pull request #2350 from github/angelapwen/add-exclude-pr-check-param
Additional commits viewable in compare view

Updates actions/upload-artifact from 4.3.3 to 4.3.4

Release notes

Sourced from actions/upload-artifact's releases.

v4.3.4

What's Changed

Update @actions/artifact version, bump dependencies by @robherley in actions/upload-artifact#584

Full Changelog: actions/upload-artifact@v4.3.3...v4.3.4

Commits

0b2256b Merge pull request #584 from actions/robherley/bump-pkgs
488dcef licensed cache
04c51f5 ncc
32a9e27 bump @actions/artifact and npm audit
552bf37 new version
79616d2 Merge pull request #565 from actions/eggyhead/use-artifact-v2.1.6
See full diff in compare view

Updates nginxinc/aws-marketplace-publish from 1.0.3 to 1.0.4

Release notes

Sourced from nginxinc/aws-marketplace-publish's releases.

v1.0.4

What's Changed

⬆️ Dependencies

Bump the npm-development group with 5 updates by @dependabot in nginxinc/aws-marketplace-publish#256

Bump github/codeql-action from 3.24.0 to 3.24.9 by @dependabot in nginxinc/aws-marketplace-publish#255

Bump actions/checkout from 4.1.1 to 4.1.2 by @dependabot in nginxinc/aws-marketplace-publish#254

Bump lucacome/draft-release from 1.0.3 to 1.0.4 by @dependabot in nginxinc/aws-marketplace-publish#253

Bump dependabot/fetch-metadata from 1.6.0 to 2.0.0 by @dependabot in nginxinc/aws-marketplace-publish#252

Bump @aws-sdk/client-marketplace-catalog from 3.511.0 to 3.545.0 by @dependabot in nginxinc/aws-marketplace-publish#257

Bump dependabot/fetch-metadata from 2.0.0 to 2.1.0 by @dependabot in nginxinc/aws-marketplace-publish#258

Bump actions/checkout from 4.1.2 to 4.1.4 by @dependabot in nginxinc/aws-marketplace-publish#259

Bump github/codeql-action from 3.24.9 to 3.25.3 by @dependabot in nginxinc/aws-marketplace-publish#260

Bump actions/upload-artifact from 4.3.1 to 4.3.3 by @dependabot in nginxinc/aws-marketplace-publish#261

Bump stefanzweifel/git-auto-commit-action from 5.0.0 to 5.0.1 by @dependabot in nginxinc/aws-marketplace-publish#262

Bump the npm-development group with 2 updates by @dependabot in nginxinc/aws-marketplace-publish#263

Bump eslint-plugin-jest from 27.9.0 to 28.3.0 by @dependabot in nginxinc/aws-marketplace-publish#264

Bump actions/checkout from 4.1.4 to 4.1.6 by @dependabot in nginxinc/aws-marketplace-publish#268

Bump @aws-sdk/client-marketplace-catalog from 3.545.0 to 3.565.0 by @dependabot in nginxinc/aws-marketplace-publish#266

Bump @typescript-eslint/eslint-plugin from 6.21.0 to 7.0.0 by @dependabot in nginxinc/aws-marketplace-publish#265

Bump @typescript-eslint/parser from 6.21.0 to 7.10.0 by @dependabot in nginxinc/aws-marketplace-publish#269

Bump lucacome/draft-release from 1.0.4 to 1.1.0 by @dependabot in nginxinc/aws-marketplace-publish#271

Bump actions/checkout from 4.1.6 to 4.1.7 by @dependabot in nginxinc/aws-marketplace-publish#275

Bump github/codeql-action from 3.25.3 to 3.25.10 by @dependabot in nginxinc/aws-marketplace-publish#274

Bump the npm-development group across 1 directory with 6 updates by @dependabot in nginxinc/aws-marketplace-publish#277

Bump @aws-sdk/client-marketplace-catalog from 3.565.0 to 3.600.0 by @dependabot in nginxinc/aws-marketplace-publish#278

Bump eslint-plugin-github from 4.10.2 to 5.0.1 by @dependabot in nginxinc/aws-marketplace-publish#279

Bump the npm-development group with 2 updates by @dependabot in nginxinc/aws-marketplace-publish#280

Update dependencies by @lucacome in nginxinc/aws-marketplace-publish#281

Full Changelog: nginxinc/aws-marketplace-publish@v1.0.3...v1.0.4

Commits

9f17851 Update dependencies (#281)
609f9a5 Bump the npm-development group with 2 updates (#280)
270fc64 Bump eslint-plugin-github from 4.10.2 to 5.0.1 (#279)
dd9a58c Bump @aws-sdk/client-marketplace-catalog from 3.565.0 to 3.600.0 (#278)
5c7e310 Bump the npm-development group across 1 directory with 6 updates (#277)
d83ac49 Bump github/codeql-action from 3.25.3 to 3.25.10 (#274)
51ee198 Bump actions/checkout from 4.1.6 to 4.1.7 (#275)
c68886a Bump lucacome/draft-release from 1.0.4 to 1.1.0 (#271)
55d8aaf Bump @typescript-eslint/parser from 6.21.0 to 7.10.0 (#269)
101fe76 Bump @typescript-eslint/eslint-plugin from 6.21.0 to 7.0.0 (#265)
Additional commits viewable in compare view

Updates codecov/codecov-action from 4.4.1 to 4.5.0

Release notes

Sourced from codecov/codecov-action's releases.

v4.5.0

What's Changed

build(deps-dev): bump @typescript-eslint/eslint-plugin from 7.9.0 to 7.10.0 by @dependabot in codecov/codecov-action#1446

build(deps-dev): bump ts-jest from 29.1.2 to 29.1.3 by @dependabot in codecov/codecov-action#1443

build(deps-dev): bump @typescript-eslint/parser from 7.9.0 to 7.10.0 by @dependabot in codecov/codecov-action#1445

build(deps-dev): bump @typescript-eslint/parser from 7.10.0 to 7.11.0 by @dependabot in codecov/codecov-action#1459

build(deps-dev): bump @typescript-eslint/eslint-plugin from 7.10.0 to 7.11.0 by @dependabot in codecov/codecov-action#1458

build(deps): bump github/codeql-action from 3.25.5 to 3.25.6 by @dependabot in codecov/codecov-action#1456

build(deps-dev): bump ts-jest from 29.1.3 to 29.1.4 by @dependabot in codecov/codecov-action#1460

build(deps): bump github/codeql-action from 3.25.6 to 3.25.7 by @dependabot in codecov/codecov-action#1466

build(deps-dev): bump @typescript-eslint/parser from 7.11.0 to 7.12.0 by @dependabot in codecov/codecov-action#1467

build(deps-dev): bump @typescript-eslint/eslint-plugin from 7.11.0 to 7.12.0 by @dependabot in codecov/codecov-action#1468

build(deps): bump github/codeql-action from 3.25.7 to 3.25.8 by @dependabot in codecov/codecov-action#1472

fix: handle trailing commas by @joseph-sentry in codecov/codecov-action#1470

build(deps-dev): bump @typescript-eslint/parser from 7.12.0 to 7.13.0 by @dependabot in codecov/codecov-action#1474

build(deps-dev): bump braces from 3.0.2 to 3.0.3 by @dependabot in codecov/codecov-action#1475

build(deps-dev): bump @typescript-eslint/eslint-plugin from 7.12.0 to 7.13.0 by @dependabot in codecov/codecov-action#1473

feat: add support for tokenless v3 by @joseph-sentry in codecov/codecov-action#1410

Use an existing token even if the PR is from a fork by @leofeyer in codecov/codecov-action#1471

chore(release): bump to 4.5.0 by @thomasrockhu-codecov in codecov/codecov-action#1477

New Contributors

@joseph-sentry made their first contribution in codecov/codecov-action#1470

@leofeyer made their first contribution in codecov/codecov-action#1471

Full Changelog: codecov/codecov-action@v4.4.1...v4.5.0

Commits

e28ff12 chore(release): bump to 4.5.0 (#1477)
7594baa Use an existing token even if the PR is from a fork (#1471)
81c0a51 feat: add support for tokenless v3 (#1410)
f5e203f build(deps-dev): bump @typescript-eslint/eslint-plugin from 7.12.0 to 7.13.0 ...
7c48363 build(deps-dev): bump braces from 3.0.2 to 3.0.3 (#1475)
69e5d09 build(deps-dev): bump @typescript-eslint/parser from 7.12.0 to 7.13.0 (#1474)
feaf700 fix: handle trailing commas (#1470)
7b6a727 build(deps): bump github/codeql-action from 3.25.7 to 3.25.8 (#1472)
ccf7a1f build(deps-dev): bump @typescript-eslint/eslint-plugin from 7.11.0 to 7.12.0 ...
f03f015 build(deps-dev): bump @typescript-eslint/parser from 7.11.0 to 7.12.0 (#1467)
Additional commits viewable in compare view

Updates anchore/sbom-action from 0.16.0 to 0.16.1

Release notes

Sourced from anchore/sbom-action's releases.

v0.16.1

Changes in v0.16.1

fix: workaround windows install issue (#477) [willmurphyscode]

fix: allow users to properly use the file input over the default path value (#471) [komish]

chore(deps): update Syft to v1.5.0 (#470) [anchore-actions-token-generator]

docs: notes for matrix and required permissions (#469) [kzantow]

chore(deps): bump actions/checkout from 4.1.5 to 4.1.6 (#466) [dependabot]

Commits

95b086a fix: workaround windows install script (#477)
72370e1 fix: allow users to properly use the file input over the default path value (...
e28bab5 chore(deps): update Syft to v1.5.0 (#470)
2283abe docs: notes for matrix and required permissions (#469)
07e5b3a chore(deps): bump actions/checkout from 4.1.5 to 4.1.6 (#466)
See full diff in compare view

Updates goreleaser/goreleaser-action from 5.1.0 to 6.0.0

Release notes

Sourced from goreleaser/goreleaser-action's releases.

v6.0.0

[!WARNING] This is a breaking change!

Follow the instructions here to upgrade!

What's Changed

feat!: use "~> v2" as default by @caarlos0 in goreleaser/goreleaser-action#463

Full Changelog: goreleaser/goreleaser-action@v5...v6.0.0

Commits

286f3b1 ci: fix tests
beac410 ci: update workflow and .goreleaser.yml
18bbabc feat!: use "~> v2" as default (#463)
See full diff in compare view

Updates dependabot/fetch-metadata from 2.1.0 to 2.2.0

Release notes

Sourced from dependabot/fetch-metadata's releases.

v2.2.0

What's Changed

Bump actions/create-github-app-token from 1.9.0 to 1.10.0 by @dependabot in dependabot/fetch-metadata#523

Bump actions/create-github-app-token from 1.10.0 to 1.10.2 by @dependabot in dependabot/fetch-metadata#534

Bump braces from 3.0.2 to 3.0.3 by @dependabot in Description has been truncated

Bumps the actions group with 15 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `4.1.6` | `4.1.7` | | [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `3.3.0` | `3.4.0` | | [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) | `3.0.0` | `3.1.0` | | [docker/build-push-action](https://github.com/docker/build-push-action) | `5.3.0` | `6.3.0` | | [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) | `0.21.0` | `0.24.0` | | [github/codeql-action](https://github.com/github/codeql-action) | `3.25.7` | `3.25.11` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.3.3` | `4.3.4` | | [nginxinc/aws-marketplace-publish](https://github.com/nginxinc/aws-marketplace-publish) | `1.0.3` | `1.0.4` | | [codecov/codecov-action](https://github.com/codecov/codecov-action) | `4.4.1` | `4.5.0` | | [anchore/sbom-action](https://github.com/anchore/sbom-action) | `0.16.0` | `0.16.1` | | [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action) | `5.1.0` | `6.0.0` | | [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata) | `2.1.0` | `2.2.0` | | [actions/dependency-review-action](https://github.com/actions/dependency-review-action) | `4.3.2` | `4.3.3` | | [reviewdog/action-actionlint](https://github.com/reviewdog/action-actionlint) | `1.47.0` | `1.53.0` | | [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) | `6.0.5` | `6.1.0` | Updates `actions/checkout` from 4.1.6 to 4.1.7 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@a5ac7e5...692973e) Updates `docker/setup-buildx-action` from 3.3.0 to 3.4.0 - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](docker/setup-buildx-action@d70bba7...4fd8129) Updates `docker/setup-qemu-action` from 3.0.0 to 3.1.0 - [Release notes](https://github.com/docker/setup-qemu-action/releases) - [Commits](docker/setup-qemu-action@6882732...5927c83) Updates `docker/build-push-action` from 5.3.0 to 6.3.0 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](docker/build-push-action@2cdde99...1a16264) Updates `aquasecurity/trivy-action` from 0.21.0 to 0.24.0 - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](aquasecurity/trivy-action@fd25fed...6e7b7d1) Updates `github/codeql-action` from 3.25.7 to 3.25.11 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@f079b84...b611370) Updates `actions/upload-artifact` from 4.3.3 to 4.3.4 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@6546280...0b2256b) Updates `nginxinc/aws-marketplace-publish` from 1.0.3 to 1.0.4 - [Release notes](https://github.com/nginxinc/aws-marketplace-publish/releases) - [Commits](nginxinc/aws-marketplace-publish@be512a7...9f17851) Updates `codecov/codecov-action` from 4.4.1 to 4.5.0 - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](codecov/codecov-action@125fc84...e28ff12) Updates `anchore/sbom-action` from 0.16.0 to 0.16.1 - [Release notes](https://github.com/anchore/sbom-action/releases) - [Commits](anchore/sbom-action@e8d2a69...95b086a) Updates `goreleaser/goreleaser-action` from 5.1.0 to 6.0.0 - [Release notes](https://github.com/goreleaser/goreleaser-action/releases) - [Commits](goreleaser/goreleaser-action@5742e2a...286f3b1) Updates `dependabot/fetch-metadata` from 2.1.0 to 2.2.0 - [Release notes](https://github.com/dependabot/fetch-metadata/releases) - [Commits](dependabot/fetch-metadata@5e5f996...dbb049a) Updates `actions/dependency-review-action` from 4.3.2 to 4.3.3 - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](actions/dependency-review-action@0c155c5...72eb03d) Updates `reviewdog/action-actionlint` from 1.47.0 to 1.53.0 - [Release notes](https://github.com/reviewdog/action-actionlint/releases) - [Commits](reviewdog/action-actionlint@4797143...d99f1ce) Updates `peter-evans/create-pull-request` from 6.0.5 to 6.1.0 - [Release notes](https://github.com/peter-evans/create-pull-request/releases) - [Commits](peter-evans/create-pull-request@6d6857d...c5a7806) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions - dependency-name: docker/setup-buildx-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: docker/setup-qemu-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions - dependency-name: nginxinc/aws-marketplace-publish dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions - dependency-name: codecov/codecov-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: anchore/sbom-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions - dependency-name: goreleaser/goreleaser-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: dependabot/fetch-metadata dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: actions/dependency-review-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions - dependency-name: reviewdog/action-actionlint dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: peter-evans/create-pull-request dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions ... Signed-off-by: dependabot[bot] <[email protected]>

cloudflare-workers-and-pages · 2024-07-10T13:10:01Z

Deploying kubernetes-ingress with Cloudflare Pages

Latest commit:	`7e5f2a1`
Status:	🚫 Build failed.

View logs

dependabot · 2024-07-11T13:06:39Z

Looks like these dependencies are updatable in another way, so this is no longer needed.

dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update Github_actions code labels Jul 10, 2024

github-actions bot added the chore label Jul 10, 2024

dependabot bot closed this Jul 11, 2024

dependabot bot deleted the dependabot/github_actions/actions-accd2f7cce branch July 11, 2024 13:06

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the actions group across 1 directory with 15 updates #875

Bump the actions group across 1 directory with 15 updates #875

dependabot bot commented on behalf of github Jul 10, 2024 •

edited

Loading

cloudflare-workers-and-pages bot commented Jul 10, 2024 •

edited

Loading

dependabot bot commented on behalf of github Jul 11, 2024

Bump the actions group across 1 directory with 15 updates #875

Bump the actions group across 1 directory with 15 updates #875

Conversation

dependabot bot commented on behalf of github Jul 10, 2024 • edited Loading

v4.1.7

What's Changed

New Contributors

Changelog

v4.1.7

v4.1.6

v4.1.5

v4.1.4

v4.1.3

v4.1.2

v4.1.1

v4.1.0

v4.0.0

v3.6.0

v3.5.3

v3.4.0

v3.1.0

v6.3.0

v6.2.0

v6.1.0

v6.0.2

v6.0.1

v6.0.0

v5.4.0

v0.24.0

What's Changed

v0.23.0

What's Changed

v0.22.0

What's Changed

New Contributors

CodeQL Action Changelog

[UNRELEASED]

3.25.11 - 28 Jun 2024

3.25.10 - 13 Jun 2024

3.25.9 - 12 Jun 2024

3.25.8 - 04 Jun 2024

3.25.7 - 31 May 2024

3.25.6 - 20 May 2024

3.25.5 - 13 May 2024

3.25.4 - 08 May 2024

3.25.3 - 25 Apr 2024

v4.3.4

What's Changed

v1.0.4

What's Changed

⬆️ Dependencies

v4.5.0

What's Changed

New Contributors

v0.16.1

Changes in v0.16.1

v6.0.0

What's Changed

v2.2.0

What's Changed

cloudflare-workers-and-pages bot commented Jul 10, 2024 • edited Loading

Deploying kubernetes-ingress with Cloudflare Pages

dependabot bot commented on behalf of github Jul 11, 2024

dependabot bot commented on behalf of github Jul 10, 2024 •

edited

Loading

cloudflare-workers-and-pages bot commented Jul 10, 2024 •

edited

Loading