Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): bump the github-actions-dependencies group with 4 updates #272

Merged
merged 1 commit into from
Apr 2, 2024
Merged

chore(deps): bump the github-actions-dependencies group with 4 updates #272

merged 1 commit into from
Apr 2, 2024

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Apr 1, 2024

Bumps the github-actions-dependencies group with 4 updates: actions/checkout, actions/setup-python, dawidd6/action-download-artifact and peter-evans/create-pull-request.

Updates actions/checkout from 3 to 4

Release notes

Sourced from actions/checkout's releases.

v4.0.0

What's Changed

New Contributors

Full Changelog: actions/checkout@v3...v4.0.0

v3.6.0

What's Changed

New Contributors

Full Changelog: actions/checkout@v3.5.3...v3.6.0

v3.5.3

What's Changed

New Contributors

Full Changelog: actions/checkout@v3...v3.5.3

v3.5.2

What's Changed

Full Changelog: actions/checkout@v3.5.1...v3.5.2

v3.5.1

What's Changed

New Contributors

... (truncated)

Changelog

Sourced from actions/checkout's changelog.

Changelog

v4.1.2

v4.1.1

v4.1.0

v4.0.0

v3.6.0

v3.5.3

v3.5.2

v3.5.1

v3.5.0

v3.4.0

v3.3.0

v3.2.0

... (truncated)

Commits

Updates actions/setup-python from 2 to 5

Release notes

Sourced from actions/setup-python's releases.

v5.0.0

What's Changed

In scope of this release, we update node version runtime from node16 to node20 (actions/setup-python#772). Besides, we update dependencies to the latest versions.

Full Changelog: actions/setup-python@v4.8.0...v5.0.0

v4.8.0

What's Changed

In scope of this release we added support for GraalPy (actions/setup-python#694). You can use this snippet to set up GraalPy:

steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v4 
  with:
    python-version: 'graalpy-22.3' 
- run: python my_script.py

Besides, the release contains such changes as:

New Contributors

Full Changelog: actions/setup-python@v4...v4.8.0

v4.7.1

What's Changed

Full Changelog: actions/setup-python@v4...v4.7.1

v4.7.0

In scope of this release, the support for reading python version from pyproject.toml was added (actions/setup-python#669).

      - name: Setup Python
        uses: actions/setup-python@v4
</tr></table>

... (truncated)

Commits
  • 82c7e63 Documentation changes for avoiding rate limit issues on GHES (#835)
  • 10aa35a feat: fallback to raw endpoint for manifest when rate limit is reached (#766)
  • 9a7ac94 Bump undici from 5.27.2 to 5.28.3 (#817)
  • 871daa9 Fix the "Specifying multiple Python/PyPy versions" link (#782)
  • 2f07895 Fix broken README.md link (#793)
  • e9d6f99 Replace setup-python@v4 by setup-python@v5 in README (#776)
  • 0a5c615 Update action to node20 (#772)
  • 0ae5836 Add example of GraalPy to docs (#773)
  • b64ffca update actions/checkout to v4 (#761)
  • 8d28961 Examples now use checkout@v4 (#738)
  • Additional commits viewable in compare view

Updates dawidd6/action-download-artifact from 3.0.0 to 3.1.4

Release notes

Sourced from dawidd6/action-download-artifact's releases.

v3.1.4

What's Changed

New Contributors

Full Changelog: dawidd6/action-download-artifact@v3...v3.1.4

v3.1.3

What's Changed

Full Changelog: dawidd6/action-download-artifact@v3.1.2...v3.1.3

v3.1.2

What's Changed

New Contributors

Full Changelog: dawidd6/action-download-artifact@v3.1.1...v3.1.2

v3.1.1

What's Changed

Full Changelog: dawidd6/action-download-artifact@v3...v3.1.1

v3.1.0

What's Changed

New Contributors

Full Changelog: dawidd6/action-download-artifact@v3...v3.1.0

Commits
  • 09f2f74 fix: accept expired artifacts with documentation url (#283)
  • 4a559ba build(deps): bump @​actions/artifact from 2.1.2 to 2.1.4 (#280)
  • ffef66c build(deps): bump adm-zip from 0.5.10 to 0.5.12 (#282)
  • a430ac5 build(deps): bump @​actions/artifact from 2.1.1 to 2.1.2 (#277)
  • 0a65e25 node_modules: upgrade (#276)
  • 71072fb Read workflow_search input as a boolean (#273)
  • 72aaadc build(deps): bump undici from 5.28.2 to 5.28.3 (#272)
  • e454ec2 Head sha revert (#271)
  • f6b0bac Optionally search for workflows (#270)
  • a07e1dd build(deps): bump @​actions/artifact from 2.0.1 to 2.1.1 (#269)
  • Additional commits viewable in compare view

Updates peter-evans/create-pull-request from 5 to 6

Release notes

Sourced from peter-evans/create-pull-request's releases.

Create Pull Request v6.0.0

Behaviour changes

  • The default values for author and committer have changed. See "What's new" below for details. If you are overriding the default values you will not be affected by this change.
  • On completion, the action now removes the temporary git remote configuration it adds when using push-to-fork. This should not affect you unless you were using the temporary configuration for some other purpose after the action completes.

What's new

  • Updated runtime to Node.js 20
    • The action now requires a minimum version of v2.308.0 for the Actions runner. Update self-hosted runners to v2.308.0 or later to ensure compatibility.
  • The default value for author has been changed to ${{ github.actor }} <${{ github.actor_id }}+${{ github.actor }}@users.noreply.github.com>. The change adds the ${{ github.actor_id }}+ prefix to the email address to align with GitHub's standard format for the author email address.
  • The default value for committer has been changed to github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>. This is to align with the default GitHub Actions bot user account.
  • Adds input git-token, the Personal Access Token (PAT) that the action will use for git operations. This input defaults to the value of token. Use this input if you would like the action to use a different token for git operations than the one used for the GitHub API.
  • push-to-fork now supports pushing to sibling repositories in the same network.
  • Previously, when using push-to-fork, the action did not remove temporary git remote configuration it adds during execution. This has been fixed and the configuration is now removed when the action completes.
  • If the pull request body is truncated due to exceeding the maximum length, the action will now suffix the body with the message "...[Pull request body truncated]" to indicate that the body has been truncated.
  • The action now uses --unshallow only when necessary, rather than as a default argument of git fetch. This should improve performance, particularly for large git repositories with extensive commit history.
  • The action can now be executed on one GitHub server and create pull requests on a different GitHub server. Server products include GitHub hosted (github.com), GitHub Enterprise Server (GHES), and GitHub Enterprise Cloud (GHEC). For example, the action can be executed on GitHub hosted and create pull requests on a GHES or GHEC instance.

What's Changed

New Contributors

Full Changelog: peter-evans/create-pull-request@v5.0.2...v6.0.0

Create Pull Request v5.0.2

⚙️ Fixes an issue that occurs when using push-to-fork and both base and head repositories are in the same org/user account.

What's Changed

Full Changelog: peter-evans/create-pull-request@v5.0.1...v5.0.2

Create Pull Request v5.0.1

What's Changed

Full Changelog: peter-evans/create-pull-request@v5.0.0...v5.0.1

Commits
  • 70a41ab perf: shallow fetch the actual base when rebasing from working base (#2816)
  • 57a1014 build(deps-dev): bump @​types/node from 18.19.21 to 18.19.23 (#2811)
  • b3a2c5d build(deps-dev): bump @​types/node from 18.19.18 to 18.19.21 (#2798)
  • 02c7da5 build(deps-dev): bump eslint-plugin-github from 4.10.1 to 4.10.2 (#2797)
  • bac6da8 docs: update description of delete-branch
  • a4f52f8 fix: list pulls using the correct head format (#2792)
  • 853c071 build(deps-dev): bump eslint from 8.56.0 to 8.57.0 (#2781)
  • d2c126e build(deps-dev): bump @​types/node from 18.19.17 to 18.19.18 (#2780)
  • 43d39c6 build(deps-dev): bump @​types/node from 18.19.15 to 18.19.17 (#2768)
  • 5a9d206 build(deps-dev): bump eslint-plugin-jest from 27.6.3 to 27.9.0 (#2769)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): bump the github-actions-dependencies group with 4 updates
78a9525 
Bumps the github-actions-dependencies group with 4 updates: [actions/checkout](https://github.com/actions/checkout), [actions/setup-python](https://github.com/actions/setup-python), [dawidd6/action-download-artifact](https://github.com/dawidd6/action-download-artifact) and [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request).


Updates `actions/checkout` from 3 to 4
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v3...v4)

Updates `actions/setup-python` from 2 to 5
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](actions/setup-python@v2...v5)

Updates `dawidd6/action-download-artifact` from 3.0.0 to 3.1.4
- [Release notes](https://github.com/dawidd6/action-download-artifact/releases)
- [Commits](dawidd6/action-download-artifact@v3.0.0...v3.1.4)

Updates `peter-evans/create-pull-request` from 5 to 6
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](peter-evans/create-pull-request@v5...v6)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions-dependencies
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions-dependencies
- dependency-name: dawidd6/action-download-artifact
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-dependencies
- dependency-name: peter-evans/create-pull-request
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions-dependencies
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot requested a review from a team as a code owner April 1, 2024 07:57
@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Apr 1, 2024
@sasa-tomic sasa-tomic added this pull request to the merge queue Apr 2, 2024
Merged via the queue into main with commit e9b64a5 Apr 2, 2024
3 checks passed
@sasa-tomic sasa-tomic deleted the dependabot/github_actions/github-actions-dependencies-41746014a6 branch April 2, 2024 10:40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sasa-tomic sasa-tomic sasa-tomic approved these changes

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@sasa-tomic