shishantbiswas/coder
1
0
Fork 0
mirror of https://github.com/coder/coder.git synced 2026-06-03 13:08:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
10,619 Commits 1,141 Branches 344 Tags
0a3afeddc8a077dd90b472b04dcafe4ca1cd54eb
Commit Graph

300 Commits

Author SHA1 Message Date
dependabot[bot] 5df3bf713c ci: bump the github-actions group with 6 updates (#19149) 
Bumps the github-actions group with 6 updates:

| Package | From | To |
| --- | --- | --- |
|
[step-security/harden-runner](https://github.com/step-security/harden-runner)
| `2.12.2` | `2.13.0` |
| [chromaui/action](https://github.com/chromaui/action) | `13.1.2` |
`13.1.3` |
|
[google-github-actions/auth](https://github.com/google-github-actions/auth)
| `2.1.11` | `2.1.12` |
|
[tj-actions/changed-files](https://github.com/tj-actions/changed-files)
| `055970845dd036d7345da7399b7e89f2e10f2b04` |
`c2ca2493190021783138cb8aac49bcee14b4bb89` |
| [tj-actions/branch-names](https://github.com/tj-actions/branch-names)
| `8.2.1` | `9.0.2` |
| [github/codeql-action](https://github.com/github/codeql-action) |
`3.29.3` | `3.29.5` |

Updates `step-security/harden-runner` from 2.12.2 to 2.13.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's
releases</a>.</em></p>
<blockquote>
<h2>v2.13.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Improved job markdown summary</li>
<li>Https monitoring for all domains (included with the enterprise
tier)</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/step-security/harden-runner/compare/v2...v2.13.0">https://github.com/step-security/harden-runner/compare/v2...v2.13.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/step-security/harden-runner/commit/ec9f2d5744a09debf3a187a3f4f675c53b671911"><code>ec9f2d5</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/565">#565</a>
from step-security/rc-24</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/04bcbc31cfcefe0cf4720832008735021cec5ec4"><code>04bcbc3</code></a>
update agent</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/7c7a56fcaa124ab72fff1cc3e81257f264fd7317"><code>7c7a56f</code></a>
feat: get job summary from API</li>
<li>See full diff in <a
href="https://github.com/step-security/harden-runner/compare/v2.12.2...ec9f2d5744a09debf3a187a3f4f675c53b671911">compare
view</a></li>
</ul>
</details>
<br />

Updates `chromaui/action` from 13.1.2 to 13.1.3
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/chromaui/action/commit/58d9ffb36c90c97a02d061544ecc849cc4a242a9"><code>58d9ffb</code></a>
v13.1.3</li>
<li>See full diff in <a
href="https://github.com/chromaui/action/compare/4d8ebd13658d795114f8051e25c28d66f14886c6...58d9ffb36c90c97a02d061544ecc849cc4a242a9">compare
view</a></li>
</ul>
</details>
<br />

Updates `google-github-actions/auth` from 2.1.11 to 2.1.12
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/google-github-actions/auth/releases">google-github-actions/auth's
releases</a>.</em></p>
<blockquote>
<h2>v2.1.12</h2>
<h2>What's Changed</h2>
<ul>
<li>Add retries for getIDToken by <a
href="https://github.com/sethvargo"><code>@​sethvargo</code></a> in <a
href="https://redirect.github.com/google-github-actions/auth/pull/502">google-github-actions/auth#502</a></li>
<li>Release: v2.1.12 by <a
href="https://github.com/google-github-actions-bot"><code>@​google-github-actions-bot</code></a>
in <a
href="https://redirect.github.com/google-github-actions/auth/pull/503">google-github-actions/auth#503</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/google-github-actions/auth/compare/v2.1.11...v2.1.12">https://github.com/google-github-actions/auth/compare/v2.1.11...v2.1.12</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/google-github-actions/auth/commit/b7593ed2efd1c1617e1b0254da33b86225adb2a5"><code>b7593ed</code></a>
Release: v2.1.12 (<a
href="https://redirect.github.com/google-github-actions/auth/issues/503">#503</a>)</li>
<li><a
href="https://github.com/google-github-actions/auth/commit/c1ee334b4fb145a02e9d8343bb2e9f0dd06e586b"><code>c1ee334</code></a>
Add retries for getIDToken (<a
href="https://redirect.github.com/google-github-actions/auth/issues/502">#502</a>)</li>
<li>See full diff in <a
href="https://github.com/google-github-actions/auth/compare/140bb5113ffb6b65a7e9b937a81fa96cf5064462...b7593ed2efd1c1617e1b0254da33b86225adb2a5">compare
view</a></li>
</ul>
</details>
<br />

Updates `tj-actions/changed-files` from
055970845dd036d7345da7399b7e89f2e10f2b04 to
c2ca2493190021783138cb8aac49bcee14b4bb89
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h1><a
href="https://github.com/tj-actions/changed-files/compare/v46.0.4...v46.0.5">46.0.5</a>
- (2025-04-09)</h1>
<h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2>
<ul>
<li><strong>deps:</strong> Bump yaml from 2.7.0 to 2.7.1 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2520">#2520</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/ed68ef82c095e0d48ec87eccea555d944a631a4c">ed68ef8</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump typescript from 5.8.2 to 5.8.3 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2516">#2516</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/a7bc14b808f23d3b467a4079c69a81f1a4500fd5">a7bc14b</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump <code>@​types/node</code> from
22.13.11 to 22.14.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2517">#2517</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/3d751f6b6d84071a17e1b9cf4ed79a80a27dd0ab">3d751f6</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump eslint-plugin-prettier from 5.2.3 to
5.2.6 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2519">#2519</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/e2fda4ec3cb0bc2a353843cae823430b3124db8f">e2fda4e</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump ts-jest from 29.2.6 to 29.3.1 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2518">#2518</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/0bed1b1132ec4879a39a2d624cf82a00d0bcfa48">0bed1b1</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump github/codeql-action from 3.28.12 to
3.28.15 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2530">#2530</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/68024587dc36f49685c96d59d3f1081830f968bb">6802458</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump tj-actions/branch-names from 8.0.1 to
8.1.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2521">#2521</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/cf2e39e86bf842d1f9bc5bca56c0a6b207cca792">cf2e39e</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump tj-actions/verify-changed-files from
20.0.1 to 20.0.4 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2523">#2523</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/6abeaa506a419f85fa9e681260b443adbeebb3d4">6abeaa5</a>)
- (dependabot[bot])</li>
</ul>
<h2><!-- raw HTML omitted -->⬆️ Upgrades</h2>
<ul>
<li>Upgraded to v46.0.4 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2511">#2511</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot]
&lt;41898282+github-actions[bot]<a
href="https://github.com/users"><code>@​users</code></a>.noreply.github.com&gt;
(<a
href="https://github.com/tj-actions/changed-files/commit/6f67ee9ac810f0192ea7b3d2086406f97847bcf9">6f67ee9</a>)
- (github-actions[bot])</p>
<h1><a
href="https://github.com/tj-actions/changed-files/compare/v46.0.3...v46.0.4">46.0.4</a>
- (2025-04-03)</h1>
<h2><!-- raw HTML omitted -->🐛 Bug Fixes</h2>
<ul>
<li>Bug modified_keys and changed_key outputs not set when no changes
detected (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2509">#2509</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/6cb76d07bee4c9772c6882c06c37837bf82a04d3">6cb76d0</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted -->📚 Documentation</h2>
<ul>
<li>Update readme (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2508">#2508</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/b74df86ccb65173a8e33ba5492ac1a2ca6b216fd">b74df86</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted -->⬆️ Upgrades</h2>
<ul>
<li>Upgraded to v46.0.3 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2506">#2506</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot]
&lt;41898282+github-actions[bot]<a
href="https://github.com/users"><code>@​users</code></a>.noreply.github.com&gt;
Co-authored-by: Tonye Jack <a
href="mailto:jtonye@ymail.com">jtonye@ymail.com</a> (<a
href="https://github.com/tj-actions/changed-files/commit/27ae6b33eaed7bf87272fdeb9f1c54f9facc9d99">27ae6b3</a>)
- (github-actions[bot])</p>
<h1><a
href="https://github.com/tj-actions/changed-files/compare/v46.0.2...v46.0.3">46.0.3</a>
- (2025-03-23)</h1>
<h2><!-- raw HTML omitted -->🔄 Update</h2>
<ul>
<li>Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2501">#2501</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot]
&lt;41898282+github-actions[bot]<a
href="https://github.com/users"><code>@​users</code></a>.noreply.github.com&gt;
(<a
href="https://github.com/tj-actions/changed-files/commit/41e0de576a0f2b64d9f06f2773f539109e55a70a">41e0de5</a>)
- (github-actions[bot])</p>
<ul>
<li>Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2499">#2499</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot]
&lt;41898282+github-actions[bot]<a
href="https://github.com/users"><code>@​users</code></a>.noreply.github.com&gt;
(<a
href="https://github.com/tj-actions/changed-files/commit/945787811a795cd840a1157ac590dd7827a05c8e">9457878</a>)
- (github-actions[bot])</p>
<h2><!-- raw HTML omitted -->📚 Documentation</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/tj-actions/changed-files/commit/c2ca2493190021783138cb8aac49bcee14b4bb89"><code>c2ca249</code></a>
test: manual triggered workflows (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2637">#2637</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/94d97fe3f88298bf8b2f2db6fa2ab150f3c1ab77"><code>94d97fe</code></a>
chore(deps): bump tj-actions/branch-names from 9.0.1 to 9.0.2 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2636">#2636</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/18b05b98fcd9dc0bd3870d7a6571535999ba0c3f"><code>18b05b9</code></a>
chore(deps): bump github/codeql-action from 3.29.4 to 3.29.5 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2635">#2635</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/db8d0bfea5a44e51abd5dc1454386c668ae901f9"><code>db8d0bf</code></a>
chore(deps): bump tj-actions/git-cliff from 1.5.0 to 2.0.2 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2632">#2632</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/0e2e8f70c5c6854ee9ff9f94bc2f1b9e7fcead78"><code>0e2e8f7</code></a>
chore(deps): bump tj-actions/branch-names from 8.2.1 to 9.0.1 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2633">#2633</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/5f2e971c1fcf53fda99e27a542f5e79cff0e7059"><code>5f2e971</code></a>
chore(deps-dev): bump <code>@​types/node</code> from 24.0.15 to 24.1.0
(<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2626">#2626</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/498cf3f89140b3c7b8353c5ae1354765717026ad"><code>498cf3f</code></a>
chore(deps-dev): bump jest from 30.0.4 to 30.0.5 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2627">#2627</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/8378ac87b7b199cd230495c133c4f6b19215e757"><code>8378ac8</code></a>
chore(deps): bump github/codeql-action from 3.29.3 to 3.29.4 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2628">#2628</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/4bfe3cb5bd6f0db4dc8668c4d6bef45ccf2b8ab5"><code>4bfe3cb</code></a>
chore(deps): bump nrwl/nx-set-shas from 4.3.0 to 4.3.3 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2630">#2630</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/a0370f61698fcac830a08949da9fdf96ea0f3ab7"><code>a0370f6</code></a>
chore(deps): bump github/codeql-action from 3.29.2 to 3.29.3 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2625">#2625</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/tj-actions/changed-files/compare/055970845dd036d7345da7399b7e89f2e10f2b04...c2ca2493190021783138cb8aac49bcee14b4bb89">compare
view</a></li>
</ul>
</details>
<br />

Updates `tj-actions/branch-names` from 8.2.1 to 9.0.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tj-actions/branch-names/releases">tj-actions/branch-names's
releases</a>.</em></p>
<blockquote>
<h2>v9.0.2</h2>
<h2>What's Changed</h2>
<ul>
<li>Upgraded to v9.0.1 by <a
href="https://github.com/github-actions"><code>@​github-actions</code></a>[bot]
in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/424">tj-actions/branch-names#424</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/tj-actions/branch-names/compare/v9...v9.0.2">https://github.com/tj-actions/branch-names/compare/v9...v9.0.2</a></p>
<h2>v9.0.1</h2>
<h2>What's Changed</h2>
<ul>
<li>build(deps): bump tj-actions/git-cliff from 1.5.0 to 2.0.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/422">tj-actions/branch-names#422</a></li>
<li>build(deps): bump codacy/codacy-analysis-cli-action from 4.4.5 to
4.4.7 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/421">tj-actions/branch-names#421</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/tj-actions/branch-names/compare/v9.0.0...v9.0.1">https://github.com/tj-actions/branch-names/compare/v9.0.0...v9.0.1</a></p>
<h2>v9.0.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Upgraded to v8.2.1 by <a
href="https://github.com/github-actions"><code>@​github-actions</code></a>[bot]
in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/417">tj-actions/branch-names#417</a></li>
<li>chore: update action.yml by <a
href="https://github.com/jackton1"><code>@​jackton1</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/418">tj-actions/branch-names#418</a></li>
<li>Updated README.md by <a
href="https://github.com/github-actions"><code>@​github-actions</code></a>[bot]
in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/419">tj-actions/branch-names#419</a></li>
<li>security: fix unsafe outputs by <a
href="https://github.com/jackton1"><code>@​jackton1</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/420">tj-actions/branch-names#420</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/tj-actions/branch-names/compare/v8...v9.0.0">https://github.com/tj-actions/branch-names/compare/v8...v9.0.0</a></p>
<h2>v9</h2>
<h1>Changes in v9.0.2</h1>
<h2>What's Changed</h2>
<ul>
<li>Upgraded to v9.0.1 by <a
href="https://github.com/github-actions"><code>@​github-actions</code></a>[bot]
in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/424">tj-actions/branch-names#424</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/tj-actions/branch-names/compare/v9...v9.0.2">https://github.com/tj-actions/branch-names/compare/v9...v9.0.2</a></p>
<hr />
<h1>Changes in v9.0.1</h1>
<h2>What's Changed</h2>
<ul>
<li>build(deps): bump tj-actions/git-cliff from 1.5.0 to 2.0.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/422">tj-actions/branch-names#422</a></li>
<li>build(deps): bump codacy/codacy-analysis-cli-action from 4.4.5 to
4.4.7 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/421">tj-actions/branch-names#421</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/tj-actions/branch-names/compare/v9.0.0...v9.0.1">https://github.com/tj-actions/branch-names/compare/v9.0.0...v9.0.1</a></p>
<hr />
<h1>Changes in v9.0.0</h1>
<h2>What's Changed</h2>
<ul>
<li>Upgraded to v8.2.1 by <a
href="https://github.com/github-actions"><code>@​github-actions</code></a>[bot]
in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/417">tj-actions/branch-names#417</a></li>
<li>chore: update action.yml by <a
href="https://github.com/jackton1"><code>@​jackton1</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/418">tj-actions/branch-names#418</a></li>
<li>Updated README.md by <a
href="https://github.com/github-actions"><code>@​github-actions</code></a>[bot]
in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/419">tj-actions/branch-names#419</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/tj-actions/branch-names/blob/main/HISTORY.md">tj-actions/branch-names's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h1><a
href="https://github.com/tj-actions/branch-names/compare/v9.0.1...v9.0.2">9.0.2</a>
- (2025-07-31)</h1>
<h2><!-- raw HTML omitted -->🔄 Update</h2>
<ul>
<li>Update update-readme.yml (<a
href="https://github.com/tj-actions/branch-names/commit/5250492686b253f06fa55861556d1027b067aeb5">5250492</a>)
- (Tonye Jack)</li>
<li>Update update-readme.yml (<a
href="https://github.com/tj-actions/branch-names/commit/a2bc4958de72a5590a03c317bcb11581ae7866e7">a2bc495</a>)
- (Tonye Jack)</li>
<li>Update README.md (<a
href="https://github.com/tj-actions/branch-names/commit/169ddc10b28b8cbc75996ee56c1dbf4448ca6f06">169ddc1</a>)
- (Tonye Jack)</li>
<li>Update README.md (<a
href="https://github.com/tj-actions/branch-names/commit/4d35052be347a49c829b8a8e9855f40f14a00be6">4d35052</a>)
- (Tonye Jack)</li>
<li>Updated README.md (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/423">#423</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot]
&lt;41898282+github-actions[bot]<a
href="https://github.com/users"><code>@​users</code></a>.noreply.github.com&gt;
(<a
href="https://github.com/tj-actions/branch-names/commit/6be34a848cdd6067dda01ded8bd9b0853bbe3b23">6be34a8</a>)
- (github-actions[bot])</p>
<h2><!-- raw HTML omitted -->⬆️ Upgrades</h2>
<ul>
<li>Upgraded from v9.0.0 -&gt; v9.0.1 (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/424">#424</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot]
&lt;41898282+github-actions[bot]<a
href="https://github.com/users"><code>@​users</code></a>.noreply.github.com&gt;
(<a
href="https://github.com/tj-actions/branch-names/commit/c0714e7ecc0a7baec34a69b87df070fa6a823e7f">c0714e7</a>)
- (github-actions[bot])</p>
<h1><a
href="https://github.com/tj-actions/branch-names/compare/v9.0.0...v9.0.1">9.0.1</a>
- (2025-07-26)</h1>
<h2><!-- raw HTML omitted -->👷 CI/CD</h2>
<ul>
<li><strong>deps:</strong> Bump codacy/codacy-analysis-cli-action from
4.4.5 to 4.4.7 (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/421">#421</a>)
(<a
href="https://github.com/tj-actions/branch-names/commit/386e117ea34339627a40843704a60a3bc9359234">386e117</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump tj-actions/git-cliff from 1.5.0 to 2.0.2
(<a
href="https://redirect.github.com/tj-actions/branch-names/issues/422">#422</a>)
(<a
href="https://github.com/tj-actions/branch-names/commit/2114174008e541048c2313bfc2c296a484785f14">2114174</a>)
- (dependabot[bot])</li>
</ul>
<h1><a
href="https://github.com/tj-actions/branch-names/compare/v8.2.1...v9.0.0">9.0.0</a>
- (2025-07-25)</h1>
<h2><!-- raw HTML omitted -->🔄 Update</h2>
<ul>
<li>Updated README.md (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/419">#419</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot]
&lt;41898282+github-actions[bot]<a
href="https://github.com/users"><code>@​users</code></a>.noreply.github.com&gt;
(<a
href="https://github.com/tj-actions/branch-names/commit/f904073f20285d3ff38d2dedb647c7e81ab9ccc6">f904073</a>)
- (github-actions[bot])</p>
<h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2>
<ul>
<li>Update action.yml (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/418">#418</a>)
(<a
href="https://github.com/tj-actions/branch-names/commit/c81796132291bcac45a405bba3ff42c5c0c2a3e2">c817961</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted -->🛡️ Security</h2>
<ul>
<li>Fix unsafe outputs (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/420">#420</a>)
(<a
href="https://github.com/tj-actions/branch-names/commit/e497ceb8ccd43fd9573cf2e375216625bc411d1f">e497ceb</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted -->⬆️ Upgrades</h2>
<ul>
<li>Upgraded from v8.2.0 -&gt; v8.2.1 (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/417">#417</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot]
&lt;41898282+github-actions[bot]<a
href="https://github.com/users"><code>@​users</code></a>.noreply.github.com&gt;
(<a
href="https://github.com/tj-actions/branch-names/commit/46ae71df6d27dd78ff96d2aaf0a59411f9c19e4e">46ae71d</a>)
- (github-actions[bot])</p>
<h1><a
href="https://github.com/tj-actions/branch-names/compare/v8.2.0...v8.2.1">8.2.1</a>
- (2025-04-11)</h1>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/tj-actions/branch-names/commit/5250492686b253f06fa55861556d1027b067aeb5"><code>5250492</code></a>
Update update-readme.yml</li>
<li><a
href="https://github.com/tj-actions/branch-names/commit/a2bc4958de72a5590a03c317bcb11581ae7866e7"><code>a2bc495</code></a>
Update update-readme.yml</li>
<li><a
href="https://github.com/tj-actions/branch-names/commit/169ddc10b28b8cbc75996ee56c1dbf4448ca6f06"><code>169ddc1</code></a>
Update README.md</li>
<li><a
href="https://github.com/tj-actions/branch-names/commit/4d35052be347a49c829b8a8e9855f40f14a00be6"><code>4d35052</code></a>
Update README.md</li>
<li><a
href="https://github.com/tj-actions/branch-names/commit/c0714e7ecc0a7baec34a69b87df070fa6a823e7f"><code>c0714e7</code></a>
Upgraded from v9.0.0 -&gt; v9.0.1 (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/424">#424</a>)</li>
<li><a
href="https://github.com/tj-actions/branch-names/commit/6be34a848cdd6067dda01ded8bd9b0853bbe3b23"><code>6be34a8</code></a>
Updated README.md (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/423">#423</a>)</li>
<li><a
href="https://github.com/tj-actions/branch-names/commit/386e117ea34339627a40843704a60a3bc9359234"><code>386e117</code></a>
build(deps): bump codacy/codacy-analysis-cli-action from 4.4.5 to 4.4.7
(<a
href="https://redirect.github.com/tj-actions/branch-names/issues/421">#421</a>)</li>
<li><a
href="https://github.com/tj-actions/branch-names/commit/2114174008e541048c2313bfc2c296a484785f14"><code>2114174</code></a>
build(deps): bump tj-actions/git-cliff from 1.5.0 to 2.0.2 (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/422">#422</a>)</li>
<li><a
href="https://github.com/tj-actions/branch-names/commit/e497ceb8ccd43fd9573cf2e375216625bc411d1f"><code>e497ceb</code></a>
security: fix unsafe outputs (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/420">#420</a>)</li>
<li><a
href="https://github.com/tj-actions/branch-names/commit/f904073f20285d3ff38d2dedb647c7e81ab9ccc6"><code>f904073</code></a>
Updated README.md (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/419">#419</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/tj-actions/branch-names/compare/dde14ac574a8b9b1cedc59a1cf312788af43d8d8...5250492686b253f06fa55861556d1027b067aeb5">compare
view</a></li>
</ul>
</details>
<br />

Updates `github/codeql-action` from 3.29.3 to 3.29.5
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.29.5</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.29.5 - 29 Jul 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.22.2. <a
href="https://redirect.github.com/github/codeql-action/pull/2986">#2986</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.29.5/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
<h2>v3.29.4</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.29.4 - 23 Jul 2025</h2>
<p>No user facing changes.</p>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.29.4/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.29.5 - 29 Jul 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.22.2. <a
href="https://redirect.github.com/github/codeql-action/pull/2986">#2986</a></li>
</ul>
<h2>3.29.4 - 23 Jul 2025</h2>
<p>No user facing changes.</p>
<h2>3.29.3 - 21 Jul 2025</h2>
<p>No user facing changes.</p>
<h2>3.29.2 - 30 Jun 2025</h2>
<ul>
<li>Experimental: When the <code>quality-queries</code> input for the
<code>init</code> action is provided with an argument, separate
<code>.quality.sarif</code> files are produced and uploaded for each
language with the results of the specified queries. Do not use this in
production as it is part of an internal experiment and subject to change
at any time. <a
href="https://redirect.github.com/github/codeql-action/pull/2935">#2935</a></li>
</ul>
<h2>3.29.1 - 27 Jun 2025</h2>
<ul>
<li>Fix bug in PR analysis where user-provided <code>include</code>
query filter fails to exclude non-included queries. <a
href="https://redirect.github.com/github/codeql-action/pull/2938">#2938</a></li>
<li>Update default CodeQL bundle version to 2.22.1. <a
href="https://redirect.github.com/github/codeql-action/pull/2950">#2950</a></li>
</ul>
<h2>3.29.0 - 11 Jun 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.22.0. <a
href="https://redirect.github.com/github/codeql-action/pull/2925">#2925</a></li>
<li>Bump minimum CodeQL bundle version to 2.16.6. <a
href="https://redirect.github.com/github/codeql-action/pull/2912">#2912</a></li>
</ul>
<h2>3.28.21 - 28 July 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.20 - 21 July 2025</h2>
<ul>
<li>Remove support for combining SARIF files from a single upload for
GHES 3.18, see <a
href="https://github.blog/changelog/2024-05-06-code-scanning-will-stop-combining-runs-from-a-single-upload/">the
changelog post</a>. <a
href="https://redirect.github.com/github/codeql-action/pull/2959">#2959</a></li>
</ul>
<h2>3.28.19 - 03 Jun 2025</h2>
<ul>
<li>The CodeQL Action no longer includes its own copy of the extractor
for the <code>actions</code> language, which is currently in public
preview.
The <code>actions</code> extractor has been included in the CodeQL CLI
since v2.20.6. If your workflow has enabled the <code>actions</code>
language <em>and</em> you have pinned
your <code>tools:</code> property to a specific version of the CodeQL
CLI earlier than v2.20.6, you will need to update to at least CodeQL
v2.20.6 or disable
<code>actions</code> analysis.</li>
<li>Update default CodeQL bundle version to 2.21.4. <a
href="https://redirect.github.com/github/codeql-action/pull/2910">#2910</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/51f77329afa6477de8c49fc9c7046c15b9a4e79d"><code>51f7732</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2997">#2997</a>
from github/update-v3.29.5-80a09d7b0</li>
<li><a
href="https://github.com/github/codeql-action/commit/8e90243ddbe0de3f12f4fa361675387b7f94c48d"><code>8e90243</code></a>
Update changelog for v3.29.5</li>
<li><a
href="https://github.com/github/codeql-action/commit/80a09d7b0b5468297f127c81b43cb7335eed0f30"><code>80a09d7</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2996">#2996</a>
from github/dependabot/npm_and_yarn/npm-240ab9fad0</li>
<li><a
href="https://github.com/github/codeql-action/commit/8388115dc8d6af25bf915cc8455a7d6a77253970"><code>8388115</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2994">#2994</a>
from github/mergeback/changelog/v3.28.21</li>
<li><a
href="https://github.com/github/codeql-action/commit/401ecaf503b1a19fc0fbd253cc5afe7759870068"><code>401ecaf</code></a>
Merge branch 'main' into mergeback/changelog/v3.28.21</li>
<li><a
href="https://github.com/github/codeql-action/commit/ab5c0c5fa56442a68c2d51b194ccc93faaaaa639"><code>ab5c0c5</code></a>
Merge branch 'main' into dependabot/npm_and_yarn/npm-240ab9fad0</li>
<li><a
href="https://github.com/github/codeql-action/commit/cd264d4dcdc5ee89d8590821e29c66a1bdcaa968"><code>cd264d4</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2986">#2986</a>
from github/update-bundle/codeql-bundle-v2.22.2</li>
<li><a
href="https://github.com/github/codeql-action/commit/4599055b1e273f63344615ade2c46c852c6d5c63"><code>4599055</code></a>
Merge branch 'main' into update-bundle/codeql-bundle-v2.22.2</li>
<li><a
href="https://github.com/github/codeql-action/commit/fd7ad511e6bd5985ebbc84944e0e173d39a968b8"><code>fd7ad51</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2971">#2971</a>
from github/update-supported-enterprise-server-versions</li>
<li><a
href="https://github.com/github/codeql-action/commit/ac0c9bfe1e34d6a76860325c1b4abe8208ce98a6"><code>ac0c9bf</code></a>
Merge branch 'main' into
update-supported-enterprise-server-versions</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/d6bbdef45e766d081b84a2def353b0055f728d3e...51f77329afa6477de8c49fc9c7046c15b9a4e79d">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-04 14:57:47 +00:00
Spike Curtis d4b44185da chore: add database dump and dbfake logging (#19144) 
relates to  #778

Somehow in `TestWorkspaceAgent` the agent with the test instance identifier is not being added to the database, or is getting deleted.

I'm adding some additional logging to `dbfake` and setting the affected tests to dump postgres on error, to see if we can get to the bottom of the issue.
 2025-08-04 13:22:04 +04:00
Cian Johnston 0d7cc5c156 ci: bump xcode version to 16.1.0 (#19125) 2025-08-03 20:53:04 +01:00
Cian Johnston 6a35400f67 ci: conditionally disable spotlight indexing (#19124) 
Work around for following issue:
```
Run sudo mdutil -a -i off
  sudo mdutil -a -i off
  sudo mdutil -X /
  sudo launchctl bootout system /System/Library/LaunchDaemons/com.apple.metadata.mds.plist
  shell: /bin/bash -e {0}
4 files/directories removed
Boot-out failed: 5: Input/output error
```

This can happen if spotlight has already been disabled.
 2025-08-02 18:23:46 +01:00
Ethan 415273f648 ci: sign macos slim binaries on dogfood builds (#19077) 
This will be necessary for future versions of Coder Desktop to connect to dogfood.
 2025-07-30 01:22:16 +10:00
dependabot[bot] 6b141d76de ci: bump the github-actions group with 6 updates (#18938) 
Bumps the github-actions group with 6 updates:

| Package | From | To |
| --- | --- | --- |
|
[step-security/harden-runner](https://github.com/step-security/harden-runner)
| `2.12.2` | `2.13.0` |
|
[google-github-actions/auth](https://github.com/google-github-actions/auth)
| `2.1.10` | `2.1.11` |
|
[google-github-actions/setup-gcloud](https://github.com/google-github-actions/setup-gcloud)
| `2.1.4` | `2.1.5` |
|
[google-github-actions/get-gke-credentials](https://github.com/google-github-actions/get-gke-credentials)
| `2.3.3` | `2.3.4` |
| [github/codeql-action](https://github.com/github/codeql-action) |
`3.29.2` | `3.29.3` |
|
[umbrelladocs/action-linkspector](https://github.com/umbrelladocs/action-linkspector)
| `1.3.6` | `1.3.7` |

Updates `step-security/harden-runner` from 2.12.2 to 2.13.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's
releases</a>.</em></p>
<blockquote>
<h2>v2.13.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Improved job markdown summary</li>
<li>Https monitoring for all domains (included with the enterprise
tier)</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/step-security/harden-runner/compare/v2...v2.13.0">https://github.com/step-security/harden-runner/compare/v2...v2.13.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/step-security/harden-runner/commit/ec9f2d5744a09debf3a187a3f4f675c53b671911"><code>ec9f2d5</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/565">#565</a>
from step-security/rc-24</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/04bcbc31cfcefe0cf4720832008735021cec5ec4"><code>04bcbc3</code></a>
update agent</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/7c7a56fcaa124ab72fff1cc3e81257f264fd7317"><code>7c7a56f</code></a>
feat: get job summary from API</li>
<li>See full diff in <a
href="https://github.com/step-security/harden-runner/compare/6c439dc8bdf85cadbbce9ed30d1c7b959517bc49...ec9f2d5744a09debf3a187a3f4f675c53b671911">compare
view</a></li>
</ul>
</details>
<br />

Updates `google-github-actions/auth` from 2.1.10 to 2.1.11
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/google-github-actions/auth/releases">google-github-actions/auth's
releases</a>.</em></p>
<blockquote>
<h2>v2.1.11</h2>
<h2>What's Changed</h2>
<ul>
<li>Update troubleshooting docs for Python by <a
href="https://github.com/sethvargo"><code>@​sethvargo</code></a> in <a
href="https://redirect.github.com/google-github-actions/auth/pull/488">google-github-actions/auth#488</a></li>
<li>Add linters by <a
href="https://github.com/sethvargo"><code>@​sethvargo</code></a> in <a
href="https://redirect.github.com/google-github-actions/auth/pull/499">google-github-actions/auth#499</a></li>
<li>Update deps by <a
href="https://github.com/sethvargo"><code>@​sethvargo</code></a> in <a
href="https://redirect.github.com/google-github-actions/auth/pull/500">google-github-actions/auth#500</a></li>
<li>Release: v2.1.11 by <a
href="https://github.com/google-github-actions-bot"><code>@​google-github-actions-bot</code></a>
in <a
href="https://redirect.github.com/google-github-actions/auth/pull/501">google-github-actions/auth#501</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/google-github-actions/auth/compare/v2.1.10...v2.1.11">https://github.com/google-github-actions/auth/compare/v2.1.10...v2.1.11</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/google-github-actions/auth/commit/140bb5113ffb6b65a7e9b937a81fa96cf5064462"><code>140bb51</code></a>
Release: v2.1.11 (<a
href="https://redirect.github.com/google-github-actions/auth/issues/501">#501</a>)</li>
<li><a
href="https://github.com/google-github-actions/auth/commit/ab3132e2ad698521ee1355566103fa838732e48c"><code>ab3132e</code></a>
Update deps (<a
href="https://redirect.github.com/google-github-actions/auth/issues/500">#500</a>)</li>
<li><a
href="https://github.com/google-github-actions/auth/commit/25b96bac992fdf64486c6fd3fd3d9c4cddb3a812"><code>25b96ba</code></a>
Add linters (<a
href="https://redirect.github.com/google-github-actions/auth/issues/499">#499</a>)</li>
<li><a
href="https://github.com/google-github-actions/auth/commit/0920706a19e9d22c3d0da43d1db5939c6ad837a8"><code>0920706</code></a>
Update troubleshooting docs for Python (<a
href="https://redirect.github.com/google-github-actions/auth/issues/488">#488</a>)</li>
<li>See full diff in <a
href="https://github.com/google-github-actions/auth/compare/ba79af03959ebeac9769e648f473a284504d9193...140bb5113ffb6b65a7e9b937a81fa96cf5064462">compare
view</a></li>
</ul>
</details>
<br />

Updates `google-github-actions/setup-gcloud` from 2.1.4 to 2.1.5
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/google-github-actions/setup-gcloud/releases">google-github-actions/setup-gcloud's
releases</a>.</em></p>
<blockquote>
<h2>v2.1.5</h2>
<h2>What's Changed</h2>
<ul>
<li>security: bump undici from 5.28.5 to 5.29.0 in the npm_and_yarn
group by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/711">google-github-actions/setup-gcloud#711</a></li>
<li>Update linters by <a
href="https://github.com/sethvargo"><code>@​sethvargo</code></a> in <a
href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/715">google-github-actions/setup-gcloud#715</a></li>
<li>Update deps by <a
href="https://github.com/sethvargo"><code>@​sethvargo</code></a> in <a
href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/716">google-github-actions/setup-gcloud#716</a></li>
<li>Release: v2.1.5 by <a
href="https://github.com/google-github-actions-bot"><code>@​google-github-actions-bot</code></a>
in <a
href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/717">google-github-actions/setup-gcloud#717</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/google-github-actions/setup-gcloud/compare/v2.1.4...v2.1.5">https://github.com/google-github-actions/setup-gcloud/compare/v2.1.4...v2.1.5</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/google-github-actions/setup-gcloud/commit/6a7c903a70c8625ed6700fa299f5ddb4ca6022e9"><code>6a7c903</code></a>
Release: v2.1.5 (<a
href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/717">#717</a>)</li>
<li><a
href="https://github.com/google-github-actions/setup-gcloud/commit/e838bc6edfe3907980c74d5aad506fd6e173b0d6"><code>e838bc6</code></a>
Update deps (<a
href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/716">#716</a>)</li>
<li><a
href="https://github.com/google-github-actions/setup-gcloud/commit/98d8f78fcc2354c736499a506ad9e7be3f4c2640"><code>98d8f78</code></a>
Update linters (<a
href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/715">#715</a>)</li>
<li><a
href="https://github.com/google-github-actions/setup-gcloud/commit/a8b58010a5b2a061afd605f50e88629c9ec7536b"><code>a8b5801</code></a>
security: bump undici from 5.28.5 to 5.29.0 in the npm_and_yarn group
(<a
href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/711">#711</a>)</li>
<li>See full diff in <a
href="https://github.com/google-github-actions/setup-gcloud/compare/77e7a554d41e2ee56fc945c52dfd3f33d12def9a...6a7c903a70c8625ed6700fa299f5ddb4ca6022e9">compare
view</a></li>
</ul>
</details>
<br />

Updates `google-github-actions/get-gke-credentials` from 2.3.3 to 2.3.4
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/google-github-actions/get-gke-credentials/releases">google-github-actions/get-gke-credentials's
releases</a>.</em></p>
<blockquote>
<h2>v2.3.4</h2>
<h2>What's Changed</h2>
<ul>
<li>security: bump undici from 5.28.5 to 5.29.0 in the npm_and_yarn
group by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/333">google-github-actions/get-gke-credentials#333</a></li>
<li>Update linters by <a
href="https://github.com/sethvargo"><code>@​sethvargo</code></a> in <a
href="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/334">google-github-actions/get-gke-credentials#334</a></li>
<li>Update deps by <a
href="https://github.com/sethvargo"><code>@​sethvargo</code></a> in <a
href="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/335">google-github-actions/get-gke-credentials#335</a></li>
<li>Release: v2.3.4 by <a
href="https://github.com/google-github-actions-bot"><code>@​google-github-actions-bot</code></a>
in <a
href="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/336">google-github-actions/get-gke-credentials#336</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/google-github-actions/get-gke-credentials/compare/v2.3.3...v2.3.4">https://github.com/google-github-actions/get-gke-credentials/compare/v2.3.3...v2.3.4</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/google-github-actions/get-gke-credentials/commit/8e574c49425fa7efed1e74650a449bfa6a23308a"><code>8e574c4</code></a>
Release: v2.3.4 (<a
href="https://redirect.github.com/google-github-actions/get-gke-credentials/issues/336">#336</a>)</li>
<li><a
href="https://github.com/google-github-actions/get-gke-credentials/commit/820551c1d9b3734a98590d5020e3a479a3600019"><code>820551c</code></a>
Update deps (<a
href="https://redirect.github.com/google-github-actions/get-gke-credentials/issues/335">#335</a>)</li>
<li><a
href="https://github.com/google-github-actions/get-gke-credentials/commit/503071673e50fd4fe5973d69174dc780288d61e9"><code>5030716</code></a>
Update linters (<a
href="https://redirect.github.com/google-github-actions/get-gke-credentials/issues/334">#334</a>)</li>
<li><a
href="https://github.com/google-github-actions/get-gke-credentials/commit/36f99de330d5a168c801b87721b96719a0a9ada0"><code>36f99de</code></a>
security: bump undici from 5.28.5 to 5.29.0 in the npm_and_yarn group
(<a
href="https://redirect.github.com/google-github-actions/get-gke-credentials/issues/333">#333</a>)</li>
<li>See full diff in <a
href="https://github.com/google-github-actions/get-gke-credentials/compare/d0cee45012069b163a631894b98904a9e6723729...8e574c49425fa7efed1e74650a449bfa6a23308a">compare
view</a></li>
</ul>
</details>
<br />

Updates `github/codeql-action` from 3.29.2 to 3.29.3
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.29.3</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.29.3 - 21 Jul 2025</h2>
<p>No user facing changes.</p>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.29.3/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.29.3 - 21 Jul 2025</h2>
<p>No user facing changes.</p>
<h2>3.29.2 - 30 Jun 2025</h2>
<ul>
<li>Experimental: When the <code>quality-queries</code> input for the
<code>init</code> action is provided with an argument, separate
<code>.quality.sarif</code> files are produced and uploaded for each
language with the results of the specified queries. Do not use this in
production as it is part of an internal experiment and subject to change
at any time. <a
href="https://redirect.github.com/github/codeql-action/pull/2935">#2935</a></li>
</ul>
<h2>3.29.1 - 27 Jun 2025</h2>
<ul>
<li>Fix bug in PR analysis where user-provided <code>include</code>
query filter fails to exclude non-included queries. <a
href="https://redirect.github.com/github/codeql-action/pull/2938">#2938</a></li>
<li>Update default CodeQL bundle version to 2.22.1. <a
href="https://redirect.github.com/github/codeql-action/pull/2950">#2950</a></li>
</ul>
<h2>3.29.0 - 11 Jun 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.22.0. <a
href="https://redirect.github.com/github/codeql-action/pull/2925">#2925</a></li>
<li>Bump minimum CodeQL bundle version to 2.16.6. <a
href="https://redirect.github.com/github/codeql-action/pull/2912">#2912</a></li>
</ul>
<h2>3.28.20 - 21 July 2025</h2>
<ul>
<li>Remove support for combining SARIF files from a single upload for
GHES 3.18, see <a
href="https://github.blog/changelog/2024-05-06-code-scanning-will-stop-combining-runs-from-a-single-upload/">the
changelog post</a>. <a
href="https://redirect.github.com/github/codeql-action/pull/2959">#2959</a></li>
</ul>
<h2>3.28.19 - 03 Jun 2025</h2>
<ul>
<li>The CodeQL Action no longer includes its own copy of the extractor
for the <code>actions</code> language, which is currently in public
preview.
The <code>actions</code> extractor has been included in the CodeQL CLI
since v2.20.6. If your workflow has enabled the <code>actions</code>
language <em>and</em> you have pinned
your <code>tools:</code> property to a specific version of the CodeQL
CLI earlier than v2.20.6, you will need to update to at least CodeQL
v2.20.6 or disable
<code>actions</code> analysis.</li>
<li>Update default CodeQL bundle version to 2.21.4. <a
href="https://redirect.github.com/github/codeql-action/pull/2910">#2910</a></li>
</ul>
<h2>3.28.18 - 16 May 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2893">#2893</a></li>
<li>Skip validating SARIF produced by CodeQL for improved performance.
<a
href="https://redirect.github.com/github/codeql-action/pull/2894">#2894</a></li>
<li>The number of threads and amount of RAM used by CodeQL can now be
set via the <code>CODEQL_THREADS</code> and <code>CODEQL_RAM</code>
runner environment variables. If set, these environment variables
override the <code>threads</code> and <code>ram</code> inputs
respectively. <a
href="https://redirect.github.com/github/codeql-action/pull/2891">#2891</a></li>
</ul>
<h2>3.28.17 - 02 May 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.2. <a
href="https://redirect.github.com/github/codeql-action/pull/2872">#2872</a></li>
</ul>
<h2>3.28.16 - 23 Apr 2025</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/d6bbdef45e766d081b84a2def353b0055f728d3e"><code>d6bbdef</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2977">#2977</a>
from github/update-v3.29.3-7710ed11e</li>
<li><a
href="https://github.com/github/codeql-action/commit/210cc9bfa2103f4b7c4701ee383183b944c62578"><code>210cc9b</code></a>
Update changelog for v3.29.3</li>
<li><a
href="https://github.com/github/codeql-action/commit/7710ed11e398ea99c7f7004c2b2e0f580458db42"><code>7710ed1</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2970">#2970</a>
from github/cklin/diff-informed-feature-enable</li>
<li><a
href="https://github.com/github/codeql-action/commit/6a49a8cbce6ecbd74ea251a48dbc84e64ce3be4d"><code>6a49a8c</code></a>
build: refresh js files</li>
<li><a
href="https://github.com/github/codeql-action/commit/3aef4108d1730e17b6fd24f8b9c49d8fcc87d46d"><code>3aef410</code></a>
Add diff-informed-analysis-utils.test.ts</li>
<li><a
href="https://github.com/github/codeql-action/commit/614b64c6ec97a4ad54f7c99c5becbf593144dbfb"><code>614b64c</code></a>
Diff-informed analysis: disable for GHES below 3.19</li>
<li><a
href="https://github.com/github/codeql-action/commit/aefb854fe5563f4650638224c839c6e9b33c25b5"><code>aefb854</code></a>
Feature.DiffInformedQueries: default to true</li>
<li><a
href="https://github.com/github/codeql-action/commit/03a2a17e75d20e4ff461b43f161fb2b52165f632"><code>03a2a17</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2967">#2967</a>
from github/cklin/overlay-feature-flags</li>
<li><a
href="https://github.com/github/codeql-action/commit/07455ed3c36f739ad76d1c4e55f8b49550f74344"><code>07455ed</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2972">#2972</a>
from github/koesie10/ghes-satisfies</li>
<li><a
href="https://github.com/github/codeql-action/commit/3fb562ddcce3ca92b83ea1bb7abaa579a1ab882d"><code>3fb562d</code></a>
build: refresh js files</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/181d5eefc20863364f96762470ba6f862bdef56b...d6bbdef45e766d081b84a2def353b0055f728d3e">compare
view</a></li>
</ul>
</details>
<br />

Updates `umbrelladocs/action-linkspector` from 1.3.6 to 1.3.7
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/umbrelladocs/action-linkspector/releases">umbrelladocs/action-linkspector's
releases</a>.</em></p>
<blockquote>
<h2>Release v1.3.7</h2>
<p>v1.3.7: PR <a
href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/47">#47</a>
- Update linkspector version to 0.4.7</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/UmbrellaDocs/action-linkspector/commit/874d01cae9fd488e3077b08952093235bd626977"><code>874d01c</code></a>
Merge pull request <a
href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/47">#47</a>
from UmbrellaDocs/update-linkspector-version</li>
<li><a
href="https://github.com/UmbrellaDocs/action-linkspector/commit/bfc5bc55f5a8fc268165639b78b3ce6ae64915ad"><code>bfc5bc5</code></a>
Update linkspector version to 0.4.7</li>
<li>See full diff in <a
href="https://github.com/umbrelladocs/action-linkspector/compare/3a951c1f0dca72300c2320d0eb39c2bafe429ab1...874d01cae9fd488e3077b08952093235bd626977">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-21 13:21:37 +00:00
Spike Curtis 4980f18022 ci: remove retries/reruns (#18788) 
Removes retries / reruns from our CI as they are masking flaky tests
that don't get fixed.

Also limits the Windows and macOS postgresql tests to the CLI and Agent
for now, since we don't officially support coderd on these platforms and
they are particularly flaky.
 2025-07-14 17:40:33 +02:00
dependabot[bot] b56c6a1d2d ci: bump the github-actions group with 3 updates (#18853) 
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-14 14:53:45 +00:00
Jakub Domeracki dc0919da33 feat: sign coder binaries with the release key using GPG (#18774) 
### Description
This PR introduces GPG signing for all Coder *slim-binaries*.
Detached signatures will allow users to verify the integrity and
authenticity of the binaries they download.

### Changes
  * `scripts/sign_with_gpg.sh`: New script to sign a given binary
     using GPG. It imports the release key, signs the binary, and
     verifies the signature.
   * `scripts/build_go.sh`: Updated to call `sign_with_gpg.sh` when the
     `CODER_SIGN_GPG` environment variable is set to 1.
   * `.github/workflows/release.yaml`: The` CODER_SIGN_GPG` environment
     variable is now set to 1 during the release build, enabling GPG
     signing for all release binaries.
   * `.github/workflows/ci.yaml`: The `CODER_SIGN_GPG` environment
     variable is now set to 1 during the CI build, enabling GPG
     signing for all CI binaries.
* `Makefile`: Detached signatures are moved to the `/site/out/bin/
`directory
 2025-07-09 11:53:27 +02:00
Hugo Dutka 3c2f3d640b chore: remove dbmem (#18803) 
Remove the in-memory database. Addresses #15109.
 2025-07-09 09:46:31 +02:00
dependabot[bot] 3477ed67a5 ci: bump the github-actions group with 6 updates (#18769) 
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-07 13:44:06 +00:00
dependabot[bot] 851cda55d6 ci: bump the github-actions group with 3 updates (#18665) 
Bumps the github-actions group with 3 updates:
[step-security/harden-runner](https://github.com/step-security/harden-runner),
[fluxcd/flux2](https://github.com/fluxcd/flux2) and
[github/codeql-action](https://github.com/github/codeql-action).

Updates `step-security/harden-runner` from 2.12.1 to 2.12.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's
releases</a>.</em></p>
<blockquote>
<h2>v2.12.2</h2>
<h2>What's Changed</h2>
<p>Added HTTPS Monitoring for additional destinations -
*.githubusercontent.com
Bug fixes:</p>
<ul>
<li>Implicitly allow local multicast, local unicast and broadcast IP
addresses in block mode</li>
<li>Increased policy map size for block mode</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/step-security/harden-runner/compare/v2...v2.12.2">https://github.com/step-security/harden-runner/compare/v2...v2.12.2</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/step-security/harden-runner/commit/6c439dc8bdf85cadbbce9ed30d1c7b959517bc49"><code>6c439dc</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/562">#562</a>
from step-security/rc-22</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/bf5688696d0b2cf8221eadb38e4232386015763a"><code>bf56886</code></a>
update agent</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/5436dac7b5fa76a1a179168f5f4de86c00e22c84"><code>5436dac</code></a>
update agent</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/88d305a3530acfa6d1939000baaa571e520df9c8"><code>88d305a</code></a>
update agent</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/b976878278dbe3bc16039f7165b8faf809c50297"><code>b976878</code></a>
update agent</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/875cc92db280a03598e7492a3e6c165c689f7af6"><code>875cc92</code></a>
Update agent</li>
<li>See full diff in <a
href="https://github.com/step-security/harden-runner/compare/002fdce3c6a235733a90a27c80493a3241e56863...6c439dc8bdf85cadbbce9ed30d1c7b959517bc49">compare
view</a></li>
</ul>
</details>
<br />

Updates `fluxcd/flux2` from 2.6.2 to 2.6.3
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/fluxcd/flux2/releases">fluxcd/flux2's
releases</a>.</em></p>
<blockquote>
<h2>v2.6.3</h2>
<h2>Highlights</h2>
<p>Flux v2.6.3 is a patch release that comes with various fixes. Users
are encouraged to upgrade for the best experience.</p>
<p>Fixes:</p>
<ul>
<li>Fix for <code>rsa-sha2-512</code> and <code>rsa-sha2-256</code>
algorithms not being prioritized for <code>ssh-rsa</code> host keys in
source-controller, image-automation-controller and Flux CLI
bootstrap.</li>
</ul>
<h2>Components changelog</h2>
<ul>
<li>source-controller <a
href="https://github.com/fluxcd/source-controller/blob/v1.6.2/CHANGELOG.md">v1.6.2</a></li>
<li>image-automation-controller <a
href="https://github.com/fluxcd/image-automation-controller/blob/v0.41.2/CHANGELOG.md">v0.41.2</a></li>
</ul>
<h2>CLI changed</h2>
<ul>
<li>[release/v2.6.x] Update toolkit components by <a
href="https://github.com/fluxcdbot"><code>@​fluxcdbot</code></a> in <a
href="https://redirect.github.com/fluxcd/flux2/pull/5427">fluxcd/flux2#5427</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/fluxcd/flux2/compare/v2.6.2...v2.6.3">https://github.com/fluxcd/flux2/compare/v2.6.2...v2.6.3</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/fluxcd/flux2/commit/bda4c8187e436462be0d072e728b67afa215c593"><code>bda4c81</code></a>
Merge pull request <a
href="https://redirect.github.com/fluxcd/flux2/issues/5427">#5427</a>
from fluxcd/backport-5426-to-release/v2.6.x</li>
<li><a
href="https://github.com/fluxcd/flux2/commit/3f281da7381e3984913244d78b9768e4fa5fbb65"><code>3f281da</code></a>
Fix: Prioritize sha2-512 and sha2-256 for ssh-rsa host keys</li>
<li><a
href="https://github.com/fluxcd/flux2/commit/963e99188cb0a77dfbe70a3db7a34c0f6e159dd3"><code>963e991</code></a>
Update toolkit components</li>
<li>See full diff in <a
href="https://github.com/fluxcd/flux2/compare/a48f81a66c4ca9fbd993233ab99dd03a7cfbe09a...bda4c8187e436462be0d072e728b67afa215c593">compare
view</a></li>
</ul>
</details>
<br />

Updates `github/codeql-action` from 3.29.0 to 3.29.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.29.1</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.29.1 - 27 Jun 2025</h2>
<ul>
<li>Fix bug in PR analysis where user-provided <code>include</code>
query filter fails to exclude non-included queries. <a
href="https://redirect.github.com/github/codeql-action/pull/2938">#2938</a></li>
<li>Update default CodeQL bundle version to 2.22.1. <a
href="https://redirect.github.com/github/codeql-action/pull/2950">#2950</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.29.1/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<ul>
<li>Experimental: When the <code>quality-queries</code> input for the
<code>init</code> action is provided with an argument, separate
<code>.quality.sarif</code> files are produced and uploaded for each
language with the results of the specified queries. Do not use this in
production as it is part of an internal experiment and subject to change
at any time. <a
href="https://redirect.github.com/github/codeql-action/pull/2935">#2376</a></li>
</ul>
<h2>3.29.1 - 27 Jun 2025</h2>
<ul>
<li>Fix bug in PR analysis where user-provided <code>include</code>
query filter fails to exclude non-included queries. <a
href="https://redirect.github.com/github/codeql-action/pull/2938">#2938</a></li>
<li>Update default CodeQL bundle version to 2.22.1. <a
href="https://redirect.github.com/github/codeql-action/pull/2950">#2950</a></li>
</ul>
<h2>3.29.0 - 11 Jun 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.22.0. <a
href="https://redirect.github.com/github/codeql-action/pull/2925">#2925</a></li>
<li>Bump minimum CodeQL bundle version to 2.16.6. <a
href="https://redirect.github.com/github/codeql-action/pull/2912">#2912</a></li>
</ul>
<h2>3.28.19 - 03 Jun 2025</h2>
<ul>
<li>The CodeQL Action no longer includes its own copy of the extractor
for the <code>actions</code> language, which is currently in public
preview.
The <code>actions</code> extractor has been included in the CodeQL CLI
since v2.20.6. If your workflow has enabled the <code>actions</code>
language <em>and</em> you have pinned
your <code>tools:</code> property to a specific version of the CodeQL
CLI earlier than v2.20.6, you will need to update to at least CodeQL
v2.20.6 or disable
<code>actions</code> analysis.</li>
<li>Update default CodeQL bundle version to 2.21.4. <a
href="https://redirect.github.com/github/codeql-action/pull/2910">#2910</a></li>
</ul>
<h2>3.28.18 - 16 May 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2893">#2893</a></li>
<li>Skip validating SARIF produced by CodeQL for improved performance.
<a
href="https://redirect.github.com/github/codeql-action/pull/2894">#2894</a></li>
<li>The number of threads and amount of RAM used by CodeQL can now be
set via the <code>CODEQL_THREADS</code> and <code>CODEQL_RAM</code>
runner environment variables. If set, these environment variables
override the <code>threads</code> and <code>ram</code> inputs
respectively. <a
href="https://redirect.github.com/github/codeql-action/pull/2891">#2891</a></li>
</ul>
<h2>3.28.17 - 02 May 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.2. <a
href="https://redirect.github.com/github/codeql-action/pull/2872">#2872</a></li>
</ul>
<h2>3.28.16 - 23 Apr 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.1. <a
href="https://redirect.github.com/github/codeql-action/pull/2863">#2863</a></li>
</ul>
<h2>3.28.15 - 07 Apr 2025</h2>
<ul>
<li>Fix bug where the action would fail if it tried to produce a debug
artifact with more than 65535 files. <a
href="https://redirect.github.com/github/codeql-action/pull/2842">#2842</a></li>
</ul>
<h2>3.28.14 - 07 Apr 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.0. <a
href="https://redirect.github.com/github/codeql-action/pull/2838">#2838</a></li>
</ul>
<h2>3.28.13 - 24 Mar 2025</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/39edc492dbe16b1465b0cafca41432d857bdb31a"><code>39edc49</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2953">#2953</a>
from github/update-v3.29.1-428aea55f</li>
<li><a
href="https://github.com/github/codeql-action/commit/27c4fb1eef772029c0bbeed96d8538a2af79e541"><code>27c4fb1</code></a>
Update changelog for v3.29.1</li>
<li><a
href="https://github.com/github/codeql-action/commit/428aea55f52aac0db14530fe4e5c97462c533f7d"><code>428aea5</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2952">#2952</a>
from github/redsun82/fix-swift-test</li>
<li><a
href="https://github.com/github/codeql-action/commit/973250f3d233f50890a597fef853ae3b2a538a31"><code>973250f</code></a>
Swift: recreate a default Swift package to fix test</li>
<li><a
href="https://github.com/github/codeql-action/commit/8ef17824cfb2a3f40cbc7f41bac7e055e53b8164"><code>8ef1782</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2950">#2950</a>
from github/update-bundle/codeql-bundle-v2.22.1</li>
<li><a
href="https://github.com/github/codeql-action/commit/f3bfb9860305f6e80e048f4785d6bee33bf77356"><code>f3bfb98</code></a>
Add changelog note</li>
<li><a
href="https://github.com/github/codeql-action/commit/2b4afc20b636de8884609ee2a501a68a67766f26"><code>2b4afc2</code></a>
Update default bundle to codeql-bundle-v2.22.1</li>
<li><a
href="https://github.com/github/codeql-action/commit/9b02dc2f60288b463e7a66e39c78829b62780db7"><code>9b02dc2</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2928">#2928</a>
from github/update-supported-enterprise-server-versions</li>
<li><a
href="https://github.com/github/codeql-action/commit/7ab92d0295a9b09eb653169acdb2c24f7c43614a"><code>7ab92d0</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2948">#2948</a>
from github/mbg/copilot-instructions</li>
<li><a
href="https://github.com/github/codeql-action/commit/2cae828745579fc9309404e09440d23bba2f7b79"><code>2cae828</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2947">#2947</a>
from github/dependency-proxy/codeql-bundle-v2.22.0</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/ce28f5bb42b7a9f2c824e633a3f6ee835bab6858...39edc492dbe16b1465b0cafca41432d857bdb31a">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-06-30 15:37:51 +00:00
Cian Johnston 42fd1c1291 ci: cache embedded postgres downloaded binaries (#18477) 
Updates CI job definitions to cache downloaded binaries for embedded-postgres.
 2025-06-25 12:00:20 +01:00
dependabot[bot] 183eaa21dc ci: bump the github-actions group with 5 updates (#18497) 
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-06-23 13:46:08 +00:00
dependabot[bot] d83706bd5b ci: bump the github-actions group with 7 updates (#18388) 
Bumps the github-actions group with 7 updates:

| Package | From | To |
| --- | --- | --- |
|
[step-security/harden-runner](https://github.com/step-security/harden-runner)
| `2.12.0` | `2.12.1` |
| [chromaui/action](https://github.com/chromaui/action) | `12.1.1` |
`12.2.0` |
| [actions/attest](https://github.com/actions/attest) | `2.3.0` |
`2.4.0` |
| [fluxcd/flux2](https://github.com/fluxcd/flux2) | `2.6.1` | `2.6.2` |
|
[tj-actions/changed-files](https://github.com/tj-actions/changed-files)
| `115870536a85eaf050e369291c7895748ff12aea` |
`d52d20fa3f981cb852b861fd8f55308b5fe29637` |
| [github/codeql-action](https://github.com/github/codeql-action) |
`3.28.19` | `3.29.0` |
|
[umbrelladocs/action-linkspector](https://github.com/umbrelladocs/action-linkspector)
| `1.3.4` | `1.3.5` |

Updates `step-security/harden-runner` from 2.12.0 to 2.12.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's
releases</a>.</em></p>
<blockquote>
<h2>v2.12.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Detection capabilities have been upgraded to better recognize
attempts at runner tampering. These improvements are informed by
real-world incident learnings, including analysis of anomalous behaviors
observed in the tj-actions and reviewdog supply chain attack.</li>
<li>Resolved an issue where the block policy was not enforced correctly
when the GitHub Actions job was running inside a container on a
self-hosted VM runner.</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/step-security/harden-runner/compare/v2...v2.12.1">https://github.com/step-security/harden-runner/compare/v2...v2.12.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/step-security/harden-runner/commit/002fdce3c6a235733a90a27c80493a3241e56863"><code>002fdce</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/544">#544</a>
from step-security/rc-21</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/2489e3fcb3d00eac3cb27c9b490431a4d26eac58"><code>2489e3f</code></a>
Merge branch 'main' into rc-21</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/75dd441a816c3c7ea21313ec8ff21d9f7b69f534"><code>75dd441</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/555">#555</a>
from step-security/dependabot/github_actions/step-sec...</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/4381ace9c4db180c9cc8ff9a6dd4220f17a95690"><code>4381ace</code></a>
Bump step-security/publish-unit-test-result-action from 2.19.0 to
2.20.0</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/a9da90b635b492e68edb2a24949fcab1e313e9eb"><code>a9da90b</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/553">#553</a>
from h0x0er/feat/container-workflows</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/a60ef21c0c1f49c7ac6c8d65b6f4d16d419789c1"><code>a60ef21</code></a>
update</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/4ad512f16553ff1c022684cc96be0329a7618db8"><code>4ad512f</code></a>
Merge branch 'rc-21' into feat/container-workflows</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/6b41a3923518db2abe77790e47793760b5c47c28"><code>6b41a39</code></a>
fixed test case</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/fa70c45ca9a73bcef023a3e6afac49ffa3007480"><code>fa70c45</code></a>
update agent</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/eb47845632e48a7532e7e363ba78b9bc48c09264"><code>eb47845</code></a>
self-hosted: refactored block-policy apply logic</li>
<li>Additional commits viewable in <a
href="https://github.com/step-security/harden-runner/compare/0634a2670c59f64b4a01f0f96f84700a4088b9f0...002fdce3c6a235733a90a27c80493a3241e56863">compare
view</a></li>
</ul>
</details>
<br />

Updates `chromaui/action` from 12.1.1 to 12.2.0
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/chromaui/action/commit/c50adf8eaa8c2878af3263499a73077854de39d4"><code>c50adf8</code></a>
v12.2.0</li>
<li>See full diff in <a
href="https://github.com/chromaui/action/compare/8536229ee904071f8edce292596f6dbe0da96b9b...c50adf8eaa8c2878af3263499a73077854de39d4">compare
view</a></li>
</ul>
</details>
<br />

Updates `actions/attest` from 2.3.0 to 2.4.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/attest/releases">actions/attest's
releases</a>.</em></p>
<blockquote>
<h2>v2.4.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Bump <code>@​actions/github</code> from 6.0.0 to 6.0.1 in the
npm-production group by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/attest/pull/242">actions/attest#242</a></li>
<li>Bump undici from 5.28.5 to 5.29.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/attest/pull/246">actions/attest#246</a></li>
<li>Add path to created attestation in a well-known summary file by <a
href="https://github.com/kommendorkapten"><code>@​kommendorkapten</code></a>
in <a
href="https://redirect.github.com/actions/attest/pull/252">actions/attest#252</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/kommendorkapten"><code>@​kommendorkapten</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/attest/pull/252">actions/attest#252</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/attest/compare/v2...v2.4.0">https://github.com/actions/attest/compare/v2...v2.4.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/attest/commit/ce27ba3b4a9a139d9a20a4a07d69fabb52f1e5bc"><code>ce27ba3</code></a>
bump package version to 2.4.0 (<a
href="https://redirect.github.com/actions/attest/issues/253">#253</a>)</li>
<li><a
href="https://github.com/actions/attest/commit/6a89e1286443a80c6d1e0cebb7b24d8299c16774"><code>6a89e12</code></a>
Add path to created attestation in a well-known summary file (<a
href="https://redirect.github.com/actions/attest/issues/252">#252</a>)</li>
<li><a
href="https://github.com/actions/attest/commit/cbc14bbf255d1e79ad201d4308009aabd79cafdc"><code>cbc14bb</code></a>
Bump the npm-development group with 3 updates (<a
href="https://redirect.github.com/actions/attest/issues/250">#250</a>)</li>
<li><a
href="https://github.com/actions/attest/commit/b87aa13652d8ee3c0c86d3582b965c842f7f388f"><code>b87aa13</code></a>
Bump the npm-development group across 1 directory with 5 updates (<a
href="https://redirect.github.com/actions/attest/issues/249">#249</a>)</li>
<li><a
href="https://github.com/actions/attest/commit/5ae9aa28e10f70b771c67101892b7ffc141ef958"><code>5ae9aa2</code></a>
Bump undici from 5.28.5 to 5.29.0 (<a
href="https://redirect.github.com/actions/attest/issues/246">#246</a>)</li>
<li><a
href="https://github.com/actions/attest/commit/4119d34e49ca6230f84a5e799710eae4f2428d02"><code>4119d34</code></a>
Bump the npm-development group across 1 directory with 6 updates (<a
href="https://redirect.github.com/actions/attest/issues/245">#245</a>)</li>
<li><a
href="https://github.com/actions/attest/commit/7e777b150d7bec9c2cfe2c0993b186c15e97e81c"><code>7e777b1</code></a>
Bump <code>@​actions/github</code> from 6.0.0 to 6.0.1 in the
npm-production group (<a
href="https://redirect.github.com/actions/attest/issues/242">#242</a>)</li>
<li><a
href="https://github.com/actions/attest/commit/4d8a13a13f8c2075b78844846f6d7e38b6a920bf"><code>4d8a13a</code></a>
Bump super-linter/super-linter in the actions-minor group (<a
href="https://redirect.github.com/actions/attest/issues/244">#244</a>)</li>
<li><a
href="https://github.com/actions/attest/commit/647f15244eb261577c4910e1356026e9c1d9cda9"><code>647f152</code></a>
Bump the npm-development group with 4 updates (<a
href="https://redirect.github.com/actions/attest/issues/240">#240</a>)</li>
<li><a
href="https://github.com/actions/attest/commit/20551343079b1bce85b235f46add92bbbddb8a7a"><code>2055134</code></a>
Bump the npm-development group with 4 updates (<a
href="https://redirect.github.com/actions/attest/issues/239">#239</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/attest/compare/afd638254319277bb3d7f0a234478733e2e46a73...ce27ba3b4a9a139d9a20a4a07d69fabb52f1e5bc">compare
view</a></li>
</ul>
</details>
<br />

Updates `fluxcd/flux2` from 2.6.1 to 2.6.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/fluxcd/flux2/releases">fluxcd/flux2's
releases</a>.</em></p>
<blockquote>
<h2>v2.6.2</h2>
<h2>What's Changed</h2>
<ul>
<li>[release/v2.6.x] fix: Allow Azure CLI calls in <code>flux push
artifact --provider azure</code> on DevOps runners by <a
href="https://github.com/fluxcdbot"><code>@​fluxcdbot</code></a> in <a
href="https://redirect.github.com/fluxcd/flux2/pull/5396">fluxcd/flux2#5396</a></li>
<li>[release/v2.6.x] Fix <code>knownhosts key mismatch</code> regression
bug by <a
href="https://github.com/fluxcdbot"><code>@​fluxcdbot</code></a> in <a
href="https://redirect.github.com/fluxcd/flux2/pull/5405">fluxcd/flux2#5405</a></li>
<li>[release/v2.6.x] Update toolkit components by <a
href="https://github.com/fluxcdbot"><code>@​fluxcdbot</code></a> in <a
href="https://redirect.github.com/fluxcd/flux2/pull/5410">fluxcd/flux2#5410</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/fluxcd/flux2/compare/v2.6.1...v2.6.2">https://github.com/fluxcd/flux2/compare/v2.6.1...v2.6.2</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/fluxcd/flux2/commit/a48f81a66c4ca9fbd993233ab99dd03a7cfbe09a"><code>a48f81a</code></a>
Merge pull request <a
href="https://redirect.github.com/fluxcd/flux2/issues/5410">#5410</a>
from fluxcd/backport-5409-to-release/v2.6.x</li>
<li><a
href="https://github.com/fluxcd/flux2/commit/55104dc188ec3015c64fa6452db179fc081e8a91"><code>55104dc</code></a>
Update toolkit components</li>
<li><a
href="https://github.com/fluxcd/flux2/commit/e771ff28abd76684f43122b3becd99ae31a7cdb7"><code>e771ff2</code></a>
Merge pull request <a
href="https://redirect.github.com/fluxcd/flux2/issues/5405">#5405</a>
from fluxcd/backport-5404-to-release/v2.6.x</li>
<li><a
href="https://github.com/fluxcd/flux2/commit/998fe11166a950f54fe20c5bb94552a4c701ff0a"><code>998fe11</code></a>
Upgrade dependencies</li>
<li><a
href="https://github.com/fluxcd/flux2/commit/a6ac4c5b60f4e94e1b4a12ca579648985020f9c7"><code>a6ac4c5</code></a>
Merge pull request <a
href="https://redirect.github.com/fluxcd/flux2/issues/5396">#5396</a>
from fluxcd/backport-5390-to-release/v2.6.x</li>
<li><a
href="https://github.com/fluxcd/flux2/commit/0d397d7d1f8cc62c4d201f10b0d8b61bcfdcb97d"><code>0d397d7</code></a>
Introduce support for shelling out to Azure binaries in
authentication</li>
<li>See full diff in <a
href="https://github.com/fluxcd/flux2/compare/b73c7f7191086ca7629840e680e71873349787f8...a48f81a66c4ca9fbd993233ab99dd03a7cfbe09a">compare
view</a></li>
</ul>
</details>
<br />

Updates `tj-actions/changed-files` from
115870536a85eaf050e369291c7895748ff12aea to
d52d20fa3f981cb852b861fd8f55308b5fe29637
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h1><a
href="https://github.com/tj-actions/changed-files/compare/v46.0.4...v46.0.5">46.0.5</a>
- (2025-04-09)</h1>
<h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2>
<ul>
<li><strong>deps:</strong> Bump yaml from 2.7.0 to 2.7.1 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2520">#2520</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/ed68ef82c095e0d48ec87eccea555d944a631a4c">ed68ef8</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump typescript from 5.8.2 to 5.8.3 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2516">#2516</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/a7bc14b808f23d3b467a4079c69a81f1a4500fd5">a7bc14b</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump <code>@​types/node</code> from
22.13.11 to 22.14.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2517">#2517</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/3d751f6b6d84071a17e1b9cf4ed79a80a27dd0ab">3d751f6</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump eslint-plugin-prettier from 5.2.3 to
5.2.6 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2519">#2519</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/e2fda4ec3cb0bc2a353843cae823430b3124db8f">e2fda4e</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump ts-jest from 29.2.6 to 29.3.1 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2518">#2518</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/0bed1b1132ec4879a39a2d624cf82a00d0bcfa48">0bed1b1</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump github/codeql-action from 3.28.12 to
3.28.15 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2530">#2530</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/68024587dc36f49685c96d59d3f1081830f968bb">6802458</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump tj-actions/branch-names from 8.0.1 to
8.1.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2521">#2521</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/cf2e39e86bf842d1f9bc5bca56c0a6b207cca792">cf2e39e</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump tj-actions/verify-changed-files from
20.0.1 to 20.0.4 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2523">#2523</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/6abeaa506a419f85fa9e681260b443adbeebb3d4">6abeaa5</a>)
- (dependabot[bot])</li>
</ul>
<h2><!-- raw HTML omitted -->⬆️ Upgrades</h2>
<ul>
<li>Upgraded to v46.0.4 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2511">#2511</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a
href="https://github.com/tj-actions/changed-files/commit/6f67ee9ac810f0192ea7b3d2086406f97847bcf9">6f67ee9</a>)
- (github-actions[bot])</p>
<h1><a
href="https://github.com/tj-actions/changed-files/compare/v46.0.3...v46.0.4">46.0.4</a>
- (2025-04-03)</h1>
<h2><!-- raw HTML omitted -->🐛 Bug Fixes</h2>
<ul>
<li>Bug modified_keys and changed_key outputs not set when no changes
detected (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2509">#2509</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/6cb76d07bee4c9772c6882c06c37837bf82a04d3">6cb76d0</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted -->📚 Documentation</h2>
<ul>
<li>Update readme (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2508">#2508</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/b74df86ccb65173a8e33ba5492ac1a2ca6b216fd">b74df86</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted -->⬆️ Upgrades</h2>
<ul>
<li>Upgraded to v46.0.3 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2506">#2506</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted -->
Co-authored-by: Tonye Jack <a
href="mailto:jtonye@ymail.com">jtonye@ymail.com</a> (<a
href="https://github.com/tj-actions/changed-files/commit/27ae6b33eaed7bf87272fdeb9f1c54f9facc9d99">27ae6b3</a>)
- (github-actions[bot])</p>
<h1><a
href="https://github.com/tj-actions/changed-files/compare/v46.0.2...v46.0.3">46.0.3</a>
- (2025-03-23)</h1>
<h2><!-- raw HTML omitted -->🔄 Update</h2>
<ul>
<li>Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2501">#2501</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a
href="https://github.com/tj-actions/changed-files/commit/41e0de576a0f2b64d9f06f2773f539109e55a70a">41e0de5</a>)
- (github-actions[bot])</p>
<ul>
<li>Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2499">#2499</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a
href="https://github.com/tj-actions/changed-files/commit/945787811a795cd840a1157ac590dd7827a05c8e">9457878</a>)
- (github-actions[bot])</p>
<h2><!-- raw HTML omitted -->📚 Documentation</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/tj-actions/changed-files/commit/d52d20fa3f981cb852b861fd8f55308b5fe29637"><code>d52d20f</code></a>
chore(deps-dev): bump <code>@​types/node</code> from 22.15.26 to 24.0.1
(<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2587">#2587</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/f1c0eb959957d4094cf86adeb8bb4852f373e197"><code>f1c0eb9</code></a>
chore(deps-dev): bump eslint-plugin-prettier from 5.4.0 to 5.4.1 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2578">#2578</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/944a0f723952a370222de3178b25805235c65933"><code>944a0f7</code></a>
chore(deps-dev): bump eslint-plugin-jest from 28.13.0 to 28.13.3 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2585">#2585</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/3dbc1e181273d808ccff822a6e00cf18b6628ef0"><code>3dbc1e1</code></a>
Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2592">#2592</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/7a7221b7baecf19ec83f6a411a2670a43174c883"><code>7a7221b</code></a>
chore(deps): bump github/codeql-action from 3.28.18 to 3.29.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2588">#2588</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/c260d49a827b5eb266673bed7871c5d3ee9b5aef"><code>c260d49</code></a>
feat: add any_added to outputs (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2567">#2567</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/b1ccff8c0892ad141d7d2de6f31e526a9dad931f"><code>b1ccff8</code></a>
Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2591">#2591</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/a892f50f7a7187bc288633c09230b09ce7ad8fd0"><code>a892f50</code></a>
docs: update link to glob patterns (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2590">#2590</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/5ca5422070674a4bb487ecebf3c33251f3723c9b"><code>5ca5422</code></a>
chore(deps-dev): bump ts-jest from 29.3.4 to 29.4.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2589">#2589</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/4140eb99d2cced9bfd78375c2088371853262f79"><code>4140eb9</code></a>
chore(deps-dev): bump eslint-plugin-jest from 28.12.0 to 28.13.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2583">#2583</a>)</li>
<li>See full diff in <a
href="https://github.com/tj-actions/changed-files/compare/115870536a85eaf050e369291c7895748ff12aea...d52d20fa3f981cb852b861fd8f55308b5fe29637">compare
view</a></li>
</ul>
</details>
<br />

Updates `github/codeql-action` from 3.28.19 to 3.29.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.29.0</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.29.0 - 11 Jun 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.22.0. <a
href="https://redirect.github.com/github/codeql-action/pull/2925">#2925</a></li>
<li>Bump minimum CodeQL bundle version to 2.16.6. <a
href="https://redirect.github.com/github/codeql-action/pull/2912">#2912</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.29.0/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.29.0 - 11 Jun 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.22.0. <a
href="https://redirect.github.com/github/codeql-action/pull/2925">#2925</a></li>
<li>Bump minimum CodeQL bundle version to 2.16.6. <a
href="https://redirect.github.com/github/codeql-action/pull/2912">#2912</a></li>
</ul>
<h2>3.28.19 - 03 Jun 2025</h2>
<ul>
<li>The CodeQL Action no longer includes its own copy of the extractor
for the <code>actions</code> language, which is currently in public
preview.
The <code>actions</code> extractor has been included in the CodeQL CLI
since v2.20.6. If your workflow has enabled the <code>actions</code>
language <em>and</em> you have pinned
your <code>tools:</code> property to a specific version of the CodeQL
CLI earlier than v2.20.6, you will need to update to at least CodeQL
v2.20.6 or disable
<code>actions</code> analysis.</li>
<li>Update default CodeQL bundle version to 2.21.4. <a
href="https://redirect.github.com/github/codeql-action/pull/2910">#2910</a></li>
</ul>
<h2>3.28.18 - 16 May 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2893">#2893</a></li>
<li>Skip validating SARIF produced by CodeQL for improved performance.
<a
href="https://redirect.github.com/github/codeql-action/pull/2894">#2894</a></li>
<li>The number of threads and amount of RAM used by CodeQL can now be
set via the <code>CODEQL_THREADS</code> and <code>CODEQL_RAM</code>
runner environment variables. If set, these environment variables
override the <code>threads</code> and <code>ram</code> inputs
respectively. <a
href="https://redirect.github.com/github/codeql-action/pull/2891">#2891</a></li>
</ul>
<h2>3.28.17 - 02 May 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.2. <a
href="https://redirect.github.com/github/codeql-action/pull/2872">#2872</a></li>
</ul>
<h2>3.28.16 - 23 Apr 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.1. <a
href="https://redirect.github.com/github/codeql-action/pull/2863">#2863</a></li>
</ul>
<h2>3.28.15 - 07 Apr 2025</h2>
<ul>
<li>Fix bug where the action would fail if it tried to produce a debug
artifact with more than 65535 files. <a
href="https://redirect.github.com/github/codeql-action/pull/2842">#2842</a></li>
</ul>
<h2>3.28.14 - 07 Apr 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.0. <a
href="https://redirect.github.com/github/codeql-action/pull/2838">#2838</a></li>
</ul>
<h2>3.28.13 - 24 Mar 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.12 - 19 Mar 2025</h2>
<ul>
<li>Dependency caching should now cache more dependencies for Java
<code>build-mode: none</code> extractions. This should speed up
workflows and avoid inconsistent alerts in some cases.</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/ce28f5bb42b7a9f2c824e633a3f6ee835bab6858"><code>ce28f5b</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2926">#2926</a>
from github/update-v3.29.0-e8799281c</li>
<li><a
href="https://github.com/github/codeql-action/commit/bc251b7932638a7881a8db15d1aaf0151642af99"><code>bc251b7</code></a>
Update changelog for v3.29.0</li>
<li><a
href="https://github.com/github/codeql-action/commit/e8799281c8dee3b2e1aaed2c059e530fcfdc2d6d"><code>e879928</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2925">#2925</a>
from github/update-bundle/codeql-bundle-v2.22.0</li>
<li><a
href="https://github.com/github/codeql-action/commit/efd43b3097c094d883d91934155f0a32af09dff7"><code>efd43b3</code></a>
Merge branch 'main' into update-bundle/codeql-bundle-v2.22.0</li>
<li><a
href="https://github.com/github/codeql-action/commit/7cb9b16051842e6c23c8b9fbcf92481f92d0644a"><code>7cb9b16</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2912">#2912</a>
from github/henrymercer/bump-minimum-codeql-2.16.6</li>
<li><a
href="https://github.com/github/codeql-action/commit/3855117ba18b27e082b12e3e92e00d1b52aaa605"><code>3855117</code></a>
Add changelog note</li>
<li><a
href="https://github.com/github/codeql-action/commit/f5d4e2a7ca2a5826357748bb8743390a4775946f"><code>f5d4e2a</code></a>
Update default bundle to codeql-bundle-v2.22.0</li>
<li><a
href="https://github.com/github/codeql-action/commit/22deae890c55a1dc3ffba1aa20ad4148284e72d1"><code>22deae8</code></a>
Update package-lock.json</li>
<li><a
href="https://github.com/github/codeql-action/commit/df2a830ca4348a013f4804b56f41795f408f1e4e"><code>df2a830</code></a>
Merge branch 'main' into henrymercer/bump-minimum-codeql-2.16.6</li>
<li><a
href="https://github.com/github/codeql-action/commit/b1e4dc3db58c9601794e22a9f6d28d45461b9dbf"><code>b1e4dc3</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2916">#2916</a>
from github/dependabot/npm_and_yarn/npm-5cdccdc43f</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/fca7ace96b7d713c7035871441bd52efbe39e27e...ce28f5bb42b7a9f2c824e633a3f6ee835bab6858">compare
view</a></li>
</ul>
</details>
<br />

Updates `umbrelladocs/action-linkspector` from 1.3.4 to 1.3.5
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/umbrelladocs/action-linkspector/releases">umbrelladocs/action-linkspector's
releases</a>.</em></p>
<blockquote>
<h2>Release v1.3.5</h2>
<p>v1.3.5: PR <a
href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/45">#45</a>
- Update linkspector version to 0.4.5</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/UmbrellaDocs/action-linkspector/commit/e2ccef58c4b9eb89cd71ee23a8629744bba75aa6"><code>e2ccef5</code></a>
Merge pull request <a
href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/45">#45</a>
from UmbrellaDocs/update-linkspector-version</li>
<li><a
href="https://github.com/UmbrellaDocs/action-linkspector/commit/6cc23b20f1b7de3860f639255ccebc2b6428c62e"><code>6cc23b2</code></a>
Update linkspector version to 0.4.5</li>
<li>See full diff in <a
href="https://github.com/umbrelladocs/action-linkspector/compare/a0567ce1c7c13de4a2358587492ed43cab5d0102...e2ccef58c4b9eb89cd71ee23a8629744bba75aa6">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-06-16 13:28:00 +00:00
dependabot[bot] cba99a13e7 ci: bump the github-actions group with 6 updates (#18386) 
Bumps the github-actions group with 6 updates:

| Package | From | To |
| --- | --- | --- |
|
[step-security/harden-runner](https://github.com/step-security/harden-runner)
| `2.12.0` | `2.12.1` |
| [chromaui/action](https://github.com/chromaui/action) | `12.1.1` |
`12.2.0` |
| [actions/attest](https://github.com/actions/attest) | `2.3.0` |
`2.4.0` |
|
[tj-actions/changed-files](https://github.com/tj-actions/changed-files)
| `115870536a85eaf050e369291c7895748ff12aea` |
`d52d20fa3f981cb852b861fd8f55308b5fe29637` |
| [github/codeql-action](https://github.com/github/codeql-action) |
`3.28.19` | `3.29.0` |
|
[umbrelladocs/action-linkspector](https://github.com/umbrelladocs/action-linkspector)
| `1.3.4` | `1.3.5` |

Updates `step-security/harden-runner` from 2.12.0 to 2.12.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's
releases</a>.</em></p>
<blockquote>
<h2>v2.12.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Detection capabilities have been upgraded to better recognize
attempts at runner tampering. These improvements are informed by
real-world incident learnings, including analysis of anomalous behaviors
observed in the tj-actions and reviewdog supply chain attack.</li>
<li>Resolved an issue where the block policy was not enforced correctly
when the GitHub Actions job was running inside a container on a
self-hosted VM runner.</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/step-security/harden-runner/compare/v2...v2.12.1">https://github.com/step-security/harden-runner/compare/v2...v2.12.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/step-security/harden-runner/commit/002fdce3c6a235733a90a27c80493a3241e56863"><code>002fdce</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/544">#544</a>
from step-security/rc-21</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/2489e3fcb3d00eac3cb27c9b490431a4d26eac58"><code>2489e3f</code></a>
Merge branch 'main' into rc-21</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/75dd441a816c3c7ea21313ec8ff21d9f7b69f534"><code>75dd441</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/555">#555</a>
from step-security/dependabot/github_actions/step-sec...</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/4381ace9c4db180c9cc8ff9a6dd4220f17a95690"><code>4381ace</code></a>
Bump step-security/publish-unit-test-result-action from 2.19.0 to
2.20.0</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/a9da90b635b492e68edb2a24949fcab1e313e9eb"><code>a9da90b</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/553">#553</a>
from h0x0er/feat/container-workflows</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/a60ef21c0c1f49c7ac6c8d65b6f4d16d419789c1"><code>a60ef21</code></a>
update</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/4ad512f16553ff1c022684cc96be0329a7618db8"><code>4ad512f</code></a>
Merge branch 'rc-21' into feat/container-workflows</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/6b41a3923518db2abe77790e47793760b5c47c28"><code>6b41a39</code></a>
fixed test case</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/fa70c45ca9a73bcef023a3e6afac49ffa3007480"><code>fa70c45</code></a>
update agent</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/eb47845632e48a7532e7e363ba78b9bc48c09264"><code>eb47845</code></a>
self-hosted: refactored block-policy apply logic</li>
<li>Additional commits viewable in <a
href="https://github.com/step-security/harden-runner/compare/0634a2670c59f64b4a01f0f96f84700a4088b9f0...002fdce3c6a235733a90a27c80493a3241e56863">compare
view</a></li>
</ul>
</details>
<br />

Updates `chromaui/action` from 12.1.1 to 12.2.0
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/chromaui/action/commit/c50adf8eaa8c2878af3263499a73077854de39d4"><code>c50adf8</code></a>
v12.2.0</li>
<li>See full diff in <a
href="https://github.com/chromaui/action/compare/8536229ee904071f8edce292596f6dbe0da96b9b...c50adf8eaa8c2878af3263499a73077854de39d4">compare
view</a></li>
</ul>
</details>
<br />

Updates `actions/attest` from 2.3.0 to 2.4.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/attest/releases">actions/attest's
releases</a>.</em></p>
<blockquote>
<h2>v2.4.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Bump <code>@​actions/github</code> from 6.0.0 to 6.0.1 in the
npm-production group by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/attest/pull/242">actions/attest#242</a></li>
<li>Bump undici from 5.28.5 to 5.29.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/attest/pull/246">actions/attest#246</a></li>
<li>Add path to created attestation in a well-known summary file by <a
href="https://github.com/kommendorkapten"><code>@​kommendorkapten</code></a>
in <a
href="https://redirect.github.com/actions/attest/pull/252">actions/attest#252</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/kommendorkapten"><code>@​kommendorkapten</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/attest/pull/252">actions/attest#252</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/attest/compare/v2...v2.4.0">https://github.com/actions/attest/compare/v2...v2.4.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/attest/commit/ce27ba3b4a9a139d9a20a4a07d69fabb52f1e5bc"><code>ce27ba3</code></a>
bump package version to 2.4.0 (<a
href="https://redirect.github.com/actions/attest/issues/253">#253</a>)</li>
<li><a
href="https://github.com/actions/attest/commit/6a89e1286443a80c6d1e0cebb7b24d8299c16774"><code>6a89e12</code></a>
Add path to created attestation in a well-known summary file (<a
href="https://redirect.github.com/actions/attest/issues/252">#252</a>)</li>
<li><a
href="https://github.com/actions/attest/commit/cbc14bbf255d1e79ad201d4308009aabd79cafdc"><code>cbc14bb</code></a>
Bump the npm-development group with 3 updates (<a
href="https://redirect.github.com/actions/attest/issues/250">#250</a>)</li>
<li><a
href="https://github.com/actions/attest/commit/b87aa13652d8ee3c0c86d3582b965c842f7f388f"><code>b87aa13</code></a>
Bump the npm-development group across 1 directory with 5 updates (<a
href="https://redirect.github.com/actions/attest/issues/249">#249</a>)</li>
<li><a
href="https://github.com/actions/attest/commit/5ae9aa28e10f70b771c67101892b7ffc141ef958"><code>5ae9aa2</code></a>
Bump undici from 5.28.5 to 5.29.0 (<a
href="https://redirect.github.com/actions/attest/issues/246">#246</a>)</li>
<li><a
href="https://github.com/actions/attest/commit/4119d34e49ca6230f84a5e799710eae4f2428d02"><code>4119d34</code></a>
Bump the npm-development group across 1 directory with 6 updates (<a
href="https://redirect.github.com/actions/attest/issues/245">#245</a>)</li>
<li><a
href="https://github.com/actions/attest/commit/7e777b150d7bec9c2cfe2c0993b186c15e97e81c"><code>7e777b1</code></a>
Bump <code>@​actions/github</code> from 6.0.0 to 6.0.1 in the
npm-production group (<a
href="https://redirect.github.com/actions/attest/issues/242">#242</a>)</li>
<li><a
href="https://github.com/actions/attest/commit/4d8a13a13f8c2075b78844846f6d7e38b6a920bf"><code>4d8a13a</code></a>
Bump super-linter/super-linter in the actions-minor group (<a
href="https://redirect.github.com/actions/attest/issues/244">#244</a>)</li>
<li><a
href="https://github.com/actions/attest/commit/647f15244eb261577c4910e1356026e9c1d9cda9"><code>647f152</code></a>
Bump the npm-development group with 4 updates (<a
href="https://redirect.github.com/actions/attest/issues/240">#240</a>)</li>
<li><a
href="https://github.com/actions/attest/commit/20551343079b1bce85b235f46add92bbbddb8a7a"><code>2055134</code></a>
Bump the npm-development group with 4 updates (<a
href="https://redirect.github.com/actions/attest/issues/239">#239</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/attest/compare/afd638254319277bb3d7f0a234478733e2e46a73...ce27ba3b4a9a139d9a20a4a07d69fabb52f1e5bc">compare
view</a></li>
</ul>
</details>
<br />

Updates `tj-actions/changed-files` from
115870536a85eaf050e369291c7895748ff12aea to
d52d20fa3f981cb852b861fd8f55308b5fe29637
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h1><a
href="https://github.com/tj-actions/changed-files/compare/v46.0.4...v46.0.5">46.0.5</a>
- (2025-04-09)</h1>
<h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2>
<ul>
<li><strong>deps:</strong> Bump yaml from 2.7.0 to 2.7.1 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2520">#2520</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/ed68ef82c095e0d48ec87eccea555d944a631a4c">ed68ef8</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump typescript from 5.8.2 to 5.8.3 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2516">#2516</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/a7bc14b808f23d3b467a4079c69a81f1a4500fd5">a7bc14b</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump <code>@​types/node</code> from
22.13.11 to 22.14.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2517">#2517</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/3d751f6b6d84071a17e1b9cf4ed79a80a27dd0ab">3d751f6</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump eslint-plugin-prettier from 5.2.3 to
5.2.6 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2519">#2519</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/e2fda4ec3cb0bc2a353843cae823430b3124db8f">e2fda4e</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump ts-jest from 29.2.6 to 29.3.1 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2518">#2518</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/0bed1b1132ec4879a39a2d624cf82a00d0bcfa48">0bed1b1</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump github/codeql-action from 3.28.12 to
3.28.15 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2530">#2530</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/68024587dc36f49685c96d59d3f1081830f968bb">6802458</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump tj-actions/branch-names from 8.0.1 to
8.1.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2521">#2521</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/cf2e39e86bf842d1f9bc5bca56c0a6b207cca792">cf2e39e</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump tj-actions/verify-changed-files from
20.0.1 to 20.0.4 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2523">#2523</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/6abeaa506a419f85fa9e681260b443adbeebb3d4">6abeaa5</a>)
- (dependabot[bot])</li>
</ul>
<h2><!-- raw HTML omitted -->⬆️ Upgrades</h2>
<ul>
<li>Upgraded to v46.0.4 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2511">#2511</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a
href="https://github.com/tj-actions/changed-files/commit/6f67ee9ac810f0192ea7b3d2086406f97847bcf9">6f67ee9</a>)
- (github-actions[bot])</p>
<h1><a
href="https://github.com/tj-actions/changed-files/compare/v46.0.3...v46.0.4">46.0.4</a>
- (2025-04-03)</h1>
<h2><!-- raw HTML omitted -->🐛 Bug Fixes</h2>
<ul>
<li>Bug modified_keys and changed_key outputs not set when no changes
detected (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2509">#2509</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/6cb76d07bee4c9772c6882c06c37837bf82a04d3">6cb76d0</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted -->📚 Documentation</h2>
<ul>
<li>Update readme (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2508">#2508</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/b74df86ccb65173a8e33ba5492ac1a2ca6b216fd">b74df86</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted -->⬆️ Upgrades</h2>
<ul>
<li>Upgraded to v46.0.3 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2506">#2506</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted -->
Co-authored-by: Tonye Jack <a
href="mailto:jtonye@ymail.com">jtonye@ymail.com</a> (<a
href="https://github.com/tj-actions/changed-files/commit/27ae6b33eaed7bf87272fdeb9f1c54f9facc9d99">27ae6b3</a>)
- (github-actions[bot])</p>
<h1><a
href="https://github.com/tj-actions/changed-files/compare/v46.0.2...v46.0.3">46.0.3</a>
- (2025-03-23)</h1>
<h2><!-- raw HTML omitted -->🔄 Update</h2>
<ul>
<li>Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2501">#2501</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a
href="https://github.com/tj-actions/changed-files/commit/41e0de576a0f2b64d9f06f2773f539109e55a70a">41e0de5</a>)
- (github-actions[bot])</p>
<ul>
<li>Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2499">#2499</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a
href="https://github.com/tj-actions/changed-files/commit/945787811a795cd840a1157ac590dd7827a05c8e">9457878</a>)
- (github-actions[bot])</p>
<h2><!-- raw HTML omitted -->📚 Documentation</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/tj-actions/changed-files/commit/d52d20fa3f981cb852b861fd8f55308b5fe29637"><code>d52d20f</code></a>
chore(deps-dev): bump <code>@​types/node</code> from 22.15.26 to 24.0.1
(<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2587">#2587</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/f1c0eb959957d4094cf86adeb8bb4852f373e197"><code>f1c0eb9</code></a>
chore(deps-dev): bump eslint-plugin-prettier from 5.4.0 to 5.4.1 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2578">#2578</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/944a0f723952a370222de3178b25805235c65933"><code>944a0f7</code></a>
chore(deps-dev): bump eslint-plugin-jest from 28.13.0 to 28.13.3 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2585">#2585</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/3dbc1e181273d808ccff822a6e00cf18b6628ef0"><code>3dbc1e1</code></a>
Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2592">#2592</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/7a7221b7baecf19ec83f6a411a2670a43174c883"><code>7a7221b</code></a>
chore(deps): bump github/codeql-action from 3.28.18 to 3.29.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2588">#2588</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/c260d49a827b5eb266673bed7871c5d3ee9b5aef"><code>c260d49</code></a>
feat: add any_added to outputs (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2567">#2567</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/b1ccff8c0892ad141d7d2de6f31e526a9dad931f"><code>b1ccff8</code></a>
Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2591">#2591</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/a892f50f7a7187bc288633c09230b09ce7ad8fd0"><code>a892f50</code></a>
docs: update link to glob patterns (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2590">#2590</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/5ca5422070674a4bb487ecebf3c33251f3723c9b"><code>5ca5422</code></a>
chore(deps-dev): bump ts-jest from 29.3.4 to 29.4.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2589">#2589</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/4140eb99d2cced9bfd78375c2088371853262f79"><code>4140eb9</code></a>
chore(deps-dev): bump eslint-plugin-jest from 28.12.0 to 28.13.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2583">#2583</a>)</li>
<li>See full diff in <a
href="https://github.com/tj-actions/changed-files/compare/115870536a85eaf050e369291c7895748ff12aea...d52d20fa3f981cb852b861fd8f55308b5fe29637">compare
view</a></li>
</ul>
</details>
<br />

Updates `github/codeql-action` from 3.28.19 to 3.29.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.29.0</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.29.0 - 11 Jun 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.22.0. <a
href="https://redirect.github.com/github/codeql-action/pull/2925">#2925</a></li>
<li>Bump minimum CodeQL bundle version to 2.16.6. <a
href="https://redirect.github.com/github/codeql-action/pull/2912">#2912</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.29.0/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.29.0 - 11 Jun 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.22.0. <a
href="https://redirect.github.com/github/codeql-action/pull/2925">#2925</a></li>
<li>Bump minimum CodeQL bundle version to 2.16.6. <a
href="https://redirect.github.com/github/codeql-action/pull/2912">#2912</a></li>
</ul>
<h2>3.28.19 - 03 Jun 2025</h2>
<ul>
<li>The CodeQL Action no longer includes its own copy of the extractor
for the <code>actions</code> language, which is currently in public
preview.
The <code>actions</code> extractor has been included in the CodeQL CLI
since v2.20.6. If your workflow has enabled the <code>actions</code>
language <em>and</em> you have pinned
your <code>tools:</code> property to a specific version of the CodeQL
CLI earlier than v2.20.6, you will need to update to at least CodeQL
v2.20.6 or disable
<code>actions</code> analysis.</li>
<li>Update default CodeQL bundle version to 2.21.4. <a
href="https://redirect.github.com/github/codeql-action/pull/2910">#2910</a></li>
</ul>
<h2>3.28.18 - 16 May 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2893">#2893</a></li>
<li>Skip validating SARIF produced by CodeQL for improved performance.
<a
href="https://redirect.github.com/github/codeql-action/pull/2894">#2894</a></li>
<li>The number of threads and amount of RAM used by CodeQL can now be
set via the <code>CODEQL_THREADS</code> and <code>CODEQL_RAM</code>
runner environment variables. If set, these environment variables
override the <code>threads</code> and <code>ram</code> inputs
respectively. <a
href="https://redirect.github.com/github/codeql-action/pull/2891">#2891</a></li>
</ul>
<h2>3.28.17 - 02 May 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.2. <a
href="https://redirect.github.com/github/codeql-action/pull/2872">#2872</a></li>
</ul>
<h2>3.28.16 - 23 Apr 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.1. <a
href="https://redirect.github.com/github/codeql-action/pull/2863">#2863</a></li>
</ul>
<h2>3.28.15 - 07 Apr 2025</h2>
<ul>
<li>Fix bug where the action would fail if it tried to produce a debug
artifact with more than 65535 files. <a
href="https://redirect.github.com/github/codeql-action/pull/2842">#2842</a></li>
</ul>
<h2>3.28.14 - 07 Apr 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.0. <a
href="https://redirect.github.com/github/codeql-action/pull/2838">#2838</a></li>
</ul>
<h2>3.28.13 - 24 Mar 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.12 - 19 Mar 2025</h2>
<ul>
<li>Dependency caching should now cache more dependencies for Java
<code>build-mode: none</code> extractions. This should speed up
workflows and avoid inconsistent alerts in some cases.</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/ce28f5bb42b7a9f2c824e633a3f6ee835bab6858"><code>ce28f5b</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2926">#2926</a>
from github/update-v3.29.0-e8799281c</li>
<li><a
href="https://github.com/github/codeql-action/commit/bc251b7932638a7881a8db15d1aaf0151642af99"><code>bc251b7</code></a>
Update changelog for v3.29.0</li>
<li><a
href="https://github.com/github/codeql-action/commit/e8799281c8dee3b2e1aaed2c059e530fcfdc2d6d"><code>e879928</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2925">#2925</a>
from github/update-bundle/codeql-bundle-v2.22.0</li>
<li><a
href="https://github.com/github/codeql-action/commit/efd43b3097c094d883d91934155f0a32af09dff7"><code>efd43b3</code></a>
Merge branch 'main' into update-bundle/codeql-bundle-v2.22.0</li>
<li><a
href="https://github.com/github/codeql-action/commit/7cb9b16051842e6c23c8b9fbcf92481f92d0644a"><code>7cb9b16</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2912">#2912</a>
from github/henrymercer/bump-minimum-codeql-2.16.6</li>
<li><a
href="https://github.com/github/codeql-action/commit/3855117ba18b27e082b12e3e92e00d1b52aaa605"><code>3855117</code></a>
Add changelog note</li>
<li><a
href="https://github.com/github/codeql-action/commit/f5d4e2a7ca2a5826357748bb8743390a4775946f"><code>f5d4e2a</code></a>
Update default bundle to codeql-bundle-v2.22.0</li>
<li><a
href="https://github.com/github/codeql-action/commit/22deae890c55a1dc3ffba1aa20ad4148284e72d1"><code>22deae8</code></a>
Update package-lock.json</li>
<li><a
href="https://github.com/github/codeql-action/commit/df2a830ca4348a013f4804b56f41795f408f1e4e"><code>df2a830</code></a>
Merge branch 'main' into henrymercer/bump-minimum-codeql-2.16.6</li>
<li><a
href="https://github.com/github/codeql-action/commit/b1e4dc3db58c9601794e22a9f6d28d45461b9dbf"><code>b1e4dc3</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2916">#2916</a>
from github/dependabot/npm_and_yarn/npm-5cdccdc43f</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/fca7ace96b7d713c7035871441bd52efbe39e27e...ce28f5bb42b7a9f2c824e633a3f6ee835bab6858">compare
view</a></li>
</ul>
</details>
<br />

Updates `umbrelladocs/action-linkspector` from 1.3.4 to 1.3.5
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/umbrelladocs/action-linkspector/releases">umbrelladocs/action-linkspector's
releases</a>.</em></p>
<blockquote>
<h2>Release v1.3.5</h2>
<p>v1.3.5: PR <a
href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/45">#45</a>
- Update linkspector version to 0.4.5</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/UmbrellaDocs/action-linkspector/commit/e2ccef58c4b9eb89cd71ee23a8629744bba75aa6"><code>e2ccef5</code></a>
Merge pull request <a
href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/45">#45</a>
from UmbrellaDocs/update-linkspector-version</li>
<li><a
href="https://github.com/UmbrellaDocs/action-linkspector/commit/6cc23b20f1b7de3860f639255ccebc2b6428c62e"><code>6cc23b2</code></a>
Update linkspector version to 0.4.5</li>
<li>See full diff in <a
href="https://github.com/umbrelladocs/action-linkspector/compare/a0567ce1c7c13de4a2358587492ed43cab5d0102...e2ccef58c4b9eb89cd71ee23a8629744bba75aa6">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-06-16 12:39:39 +00:00
Dean Sheather ae3882a600 chore: move all images to new GCP project (#18324) 2025-06-11 13:06:31 +00:00
dependabot[bot] f6dd50a6ee ci: bump the github-actions group with 4 updates (#18289) 
Bumps the github-actions group with 4 updates:
[crate-ci/typos](https://github.com/crate-ci/typos),
[chromaui/action](https://github.com/chromaui/action),
[github/codeql-action](https://github.com/github/codeql-action) and
[aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action).

Updates `crate-ci/typos` from 1.32.0 to 1.33.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/crate-ci/typos/releases">crate-ci/typos's
releases</a>.</em></p>
<blockquote>
<h2>v1.33.1</h2>
<h2>[1.33.1] - 2025-06-02</h2>
<h3>Fixes</h3>
<ul>
<li><em>(dict)</em> Don't correct <code>wasn't</code> to
<code>wasm't</code></li>
</ul>
<h2>v1.33.0</h2>
<h2>[1.33.0] - 2025-06-02</h2>
<h3>Features</h3>
<ul>
<li>Updated the dictionary with the <a
href="https://redirect.github.com/crate-ci/typos/issues/1290">May
2025</a> changes</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/crate-ci/typos/blob/master/CHANGELOG.md">crate-ci/typos's
changelog</a>.</em></p>
<blockquote>
<h1>Change Log</h1>
<p>All notable changes to this project will be documented in this
file.</p>
<p>The format is based on <a href="http://keepachangelog.com/">Keep a
Changelog</a>
and this project adheres to <a href="http://semver.org/">Semantic
Versioning</a>.</p>
<!-- raw HTML omitted -->
<h2>[Unreleased] - ReleaseDate</h2>
<h2>[1.33.1] - 2025-06-02</h2>
<h3>Fixes</h3>
<ul>
<li><em>(dict)</em> Don't correct <code>wasn't</code> to
<code>wasm't</code></li>
</ul>
<h2>[1.33.0] - 2025-06-02</h2>
<h3>Features</h3>
<ul>
<li>Updated the dictionary with the <a
href="https://redirect.github.com/crate-ci/typos/issues/1290">May
2025</a> changes</li>
</ul>
<h2>[1.32.0] - 2025-05-02</h2>
<h3>Features</h3>
<ul>
<li>Updated the dictionary with the <a
href="https://redirect.github.com/crate-ci/typos/issues/1264">April
2025</a> changes</li>
</ul>
<h2>[1.31.2] - 2025-04-28</h2>
<h3>Fixes</h3>
<ul>
<li><em>(exclusion)</em> Don't confused emails as base64</li>
<li><em>(dict)</em> Correct <code>contamint</code> to
<code>contaminant</code>, not <code>contaminat</code></li>
<li><em>(dict)</em> Correct <code>contamints</code> to
<code>contaminants</code>, not <code>contaminats</code></li>
</ul>
<h3>Performance</h3>
<ul>
<li>Improve tokenization performance</li>
</ul>
<h2>[1.31.1] - 2025-03-31</h2>
<h3>Fixes</h3>
<ul>
<li><em>(dict)</em> Also correct <code>typ</code> to
<code>type</code></li>
</ul>
<h2>[1.31.0] - 2025-03-28</h2>
<h3>Features</h3>
<ul>
<li>Updated the dictionary with the <a
href="https://redirect.github.com/crate-ci/typos/issues/1248">March
2025</a> changes</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/crate-ci/typos/commit/b1ae8d918b6e85bd611117d3d9a3be4f903ee5e4"><code>b1ae8d9</code></a>
chore: Release</li>
<li><a
href="https://github.com/crate-ci/typos/commit/6c5d17de8e16370e7e1d8dd41c8dc0a7f22ea981"><code>6c5d17d</code></a>
docs: Update changelog</li>
<li><a
href="https://github.com/crate-ci/typos/commit/0a237ba81a86b72399a05f3441449ddeab9faf16"><code>0a237ba</code></a>
Merge pull request <a
href="https://redirect.github.com/crate-ci/typos/issues/1311">#1311</a>
from epage/wasn</li>
<li><a
href="https://github.com/crate-ci/typos/commit/79920cf06905dd147d4e784ae17136d98c211083"><code>79920cf</code></a>
fix(dict): Don't correct <code>wasn't</code></li>
<li><a
href="https://github.com/crate-ci/typos/commit/e99b2b47d9910ae09f6e828594c33ab3e0936491"><code>e99b2b4</code></a>
chore: Release</li>
<li><a
href="https://github.com/crate-ci/typos/commit/2afc152754dd1bf58997ad87bcc84f7797bb52ab"><code>2afc152</code></a>
chore: Release</li>
<li><a
href="https://github.com/crate-ci/typos/commit/544a19b4ae1a0814151fd081008bb9305abccdfc"><code>544a19b</code></a>
docs: Update changelog</li>
<li><a
href="https://github.com/crate-ci/typos/commit/2e0ca28a9540837425705660401059467b721ab9"><code>2e0ca28</code></a>
Merge pull request <a
href="https://redirect.github.com/crate-ci/typos/issues/1310">#1310</a>
from epage/may</li>
<li><a
href="https://github.com/crate-ci/typos/commit/94eb4e7b407daa7967ca1a23c72902898ab599f6"><code>94eb4e7</code></a>
feat(dict): May 2025 updates</li>
<li><a
href="https://github.com/crate-ci/typos/commit/a4cce4ca70447aa8b294fc0eaada68193eeec1fa"><code>a4cce4c</code></a>
Merge pull request <a
href="https://redirect.github.com/crate-ci/typos/issues/1308">#1308</a>
from crate-ci/renovate/schemars-0.x</li>
<li>Additional commits viewable in <a
href="https://github.com/crate-ci/typos/compare/0f0ccba9ed1df83948f0c15026e4f5ccfce46109...b1ae8d918b6e85bd611117d3d9a3be4f903ee5e4">compare
view</a></li>
</ul>
</details>
<br />

Updates `chromaui/action` from 12.0.0 to 12.1.1
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/chromaui/action/commit/8536229ee904071f8edce292596f6dbe0da96b9b"><code>8536229</code></a>
v12.1.1</li>
<li><a
href="https://github.com/chromaui/action/commit/39708fe33252ca58c08b791fef95536ed2a1b976"><code>39708fe</code></a>
v12.1.0</li>
<li>See full diff in <a
href="https://github.com/chromaui/action/compare/d7afd50124cf4f337bcd943e7f45cfa85a5e4476...8536229ee904071f8edce292596f6dbe0da96b9b">compare
view</a></li>
</ul>
</details>
<br />

Updates `github/codeql-action` from 3.28.18 to 3.28.19
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.28.19</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.28.19 - 03 Jun 2025</h2>
<ul>
<li>The CodeQL Action no longer includes its own copy of the extractor
for the <code>actions</code> language, which is currently in public
preview.
The <code>actions</code> extractor has been included in the CodeQL CLI
since v2.20.6. If your workflow has enabled the <code>actions</code>
language <em>and</em> you have pinned
your <code>tools:</code> property to a specific version of the CodeQL
CLI earlier than v2.20.6, you will need to update to at least CodeQL
v2.20.6 or disable
<code>actions</code> analysis.</li>
<li>Update default CodeQL bundle version to 2.21.4. <a
href="https://redirect.github.com/github/codeql-action/pull/2910">#2910</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.28.19/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.28.19 - 03 Jun 2025</h2>
<ul>
<li>The CodeQL Action no longer includes its own copy of the extractor
for the <code>actions</code> language, which is currently in public
preview.
The <code>actions</code> extractor has been included in the CodeQL CLI
since v2.20.6. If your workflow has enabled the <code>actions</code>
language <em>and</em> you have pinned
your <code>tools:</code> property to a specific version of the CodeQL
CLI earlier than v2.20.6, you will need to update to at least CodeQL
v2.20.6 or disable
<code>actions</code> analysis.</li>
<li>Update default CodeQL bundle version to 2.21.4. <a
href="https://redirect.github.com/github/codeql-action/pull/2910">#2910</a></li>
</ul>
<h2>3.28.18 - 16 May 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2893">#2893</a></li>
<li>Skip validating SARIF produced by CodeQL for improved performance.
<a
href="https://redirect.github.com/github/codeql-action/pull/2894">#2894</a></li>
<li>The number of threads and amount of RAM used by CodeQL can now be
set via the <code>CODEQL_THREADS</code> and <code>CODEQL_RAM</code>
runner environment variables. If set, these environment variables
override the <code>threads</code> and <code>ram</code> inputs
respectively. <a
href="https://redirect.github.com/github/codeql-action/pull/2891">#2891</a></li>
</ul>
<h2>3.28.17 - 02 May 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.2. <a
href="https://redirect.github.com/github/codeql-action/pull/2872">#2872</a></li>
</ul>
<h2>3.28.16 - 23 Apr 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.1. <a
href="https://redirect.github.com/github/codeql-action/pull/2863">#2863</a></li>
</ul>
<h2>3.28.15 - 07 Apr 2025</h2>
<ul>
<li>Fix bug where the action would fail if it tried to produce a debug
artifact with more than 65535 files. <a
href="https://redirect.github.com/github/codeql-action/pull/2842">#2842</a></li>
</ul>
<h2>3.28.14 - 07 Apr 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.0. <a
href="https://redirect.github.com/github/codeql-action/pull/2838">#2838</a></li>
</ul>
<h2>3.28.13 - 24 Mar 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.12 - 19 Mar 2025</h2>
<ul>
<li>Dependency caching should now cache more dependencies for Java
<code>build-mode: none</code> extractions. This should speed up
workflows and avoid inconsistent alerts in some cases.</li>
<li>Update default CodeQL bundle version to 2.20.7. <a
href="https://redirect.github.com/github/codeql-action/pull/2810">#2810</a></li>
</ul>
<h2>3.28.11 - 07 Mar 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.6. <a
href="https://redirect.github.com/github/codeql-action/pull/2793">#2793</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/fca7ace96b7d713c7035871441bd52efbe39e27e"><code>fca7ace</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2918">#2918</a>
from github/update-v3.28.19-4a00331d4</li>
<li><a
href="https://github.com/github/codeql-action/commit/1dcd2bebbb31e92a94fd28ed1885b2e6331afdd3"><code>1dcd2be</code></a>
Update changelog for v3.28.19</li>
<li><a
href="https://github.com/github/codeql-action/commit/4a00331d4ecf79a214751520faf8e540e60c7567"><code>4a00331</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2910">#2910</a>
from github/update-bundle/codeql-bundle-v2.21.4</li>
<li><a
href="https://github.com/github/codeql-action/commit/c0a821da119108a26c647de84b1e6a857fda1279"><code>c0a821d</code></a>
Add changelog note</li>
<li><a
href="https://github.com/github/codeql-action/commit/d6216866b42d1cb95b8942447efe91161628ccfd"><code>d621686</code></a>
Update default bundle to codeql-bundle-v2.21.4</li>
<li><a
href="https://github.com/github/codeql-action/commit/dc138d4f519ecc58013d8fcef428272e2436cafd"><code>dc138d4</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2913">#2913</a>
from github/henrymercer/win-2019-deprecated</li>
<li><a
href="https://github.com/github/codeql-action/commit/3201e46e2615110190ca536fbf1280ccc7f3a247"><code>3201e46</code></a>
Stop running CI on <code>windows-2019</code></li>
<li><a
href="https://github.com/github/codeql-action/commit/7fd62151d9daff11d4b981415ffb365dcd93f75a"><code>7fd6215</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2911">#2911</a>
from github/update-supported-enterprise-server-versions</li>
<li><a
href="https://github.com/github/codeql-action/commit/31eae5e821e97c8b2903ca297cc8894bd9b609fb"><code>31eae5e</code></a>
Update supported GitHub Enterprise Server versions</li>
<li><a
href="https://github.com/github/codeql-action/commit/bc02a25f6449997c5e9d5a368879b28f56ae19a1"><code>bc02a25</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2908">#2908</a>
from github/henrymercer/dependabot</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/ff0a06e83cb2de871e5a09832bc6a81e7276941f...fca7ace96b7d713c7035871441bd52efbe39e27e">compare
view</a></li>
</ul>
</details>
<br />

Updates `aquasecurity/trivy-action` from 0.30.0 to 0.31.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/aquasecurity/trivy-action/releases">aquasecurity/trivy-action's
releases</a>.</em></p>
<blockquote>
<h2>v0.31.0</h2>
<h2>What's Changed</h2>
<ul>
<li>docs: add info that <code>unix:/</code> prefix is required for
<code>docker-host</code> input by <a
href="https://github.com/DmitriyLewen"><code>@​DmitriyLewen</code></a>
in <a
href="https://redirect.github.com/aquasecurity/trivy-action/pull/455">aquasecurity/trivy-action#455</a></li>
<li>Fix Trivy action inputs leaking between invocations (<a
href="https://redirect.github.com/aquasecurity/trivy-action/issues/422">#422</a>)
by <a href="https://github.com/rvesse"><code>@​rvesse</code></a> in <a
href="https://redirect.github.com/aquasecurity/trivy-action/pull/454">aquasecurity/trivy-action#454</a></li>
<li>Pin aquasecuriy/setup-trivy to hash instead of tag by <a
href="https://github.com/lhotari"><code>@​lhotari</code></a> in <a
href="https://redirect.github.com/aquasecurity/trivy-action/pull/456">aquasecurity/trivy-action#456</a></li>
<li>Bump Trivy version to fix GitHub actions by <a
href="https://github.com/maximmasiutin"><code>@​maximmasiutin</code></a>
in <a
href="https://redirect.github.com/aquasecurity/trivy-action/pull/460">aquasecurity/trivy-action#460</a></li>
<li>refactor: use ubuntu 24.04 in example code by <a
href="https://github.com/simar7"><code>@​simar7</code></a> in <a
href="https://redirect.github.com/aquasecurity/trivy-action/pull/465">aquasecurity/trivy-action#465</a></li>
<li>ci: fix workflow to bump Trivy by <a
href="https://github.com/nikpivkin"><code>@​nikpivkin</code></a> in <a
href="https://redirect.github.com/aquasecurity/trivy-action/pull/466">aquasecurity/trivy-action#466</a></li>
<li>chore(deps): Update trivy to v0.63.0 by <a
href="https://github.com/aqua-bot"><code>@​aqua-bot</code></a> in <a
href="https://redirect.github.com/aquasecurity/trivy-action/pull/467">aquasecurity/trivy-action#467</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/lhotari"><code>@​lhotari</code></a> made
their first contribution in <a
href="https://redirect.github.com/aquasecurity/trivy-action/pull/456">aquasecurity/trivy-action#456</a></li>
<li><a
href="https://github.com/maximmasiutin"><code>@​maximmasiutin</code></a>
made their first contribution in <a
href="https://redirect.github.com/aquasecurity/trivy-action/pull/460">aquasecurity/trivy-action#460</a></li>
<li><a href="https://github.com/aqua-bot"><code>@​aqua-bot</code></a>
made their first contribution in <a
href="https://redirect.github.com/aquasecurity/trivy-action/pull/467">aquasecurity/trivy-action#467</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/aquasecurity/trivy-action/compare/0.30.0...0.31.0">https://github.com/aquasecurity/trivy-action/compare/0.30.0...0.31.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/aquasecurity/trivy-action/commit/76071ef0d7ec797419534a183b498b4d6366cf37"><code>76071ef</code></a>
chore(deps): Update trivy to v0.63.0 (<a
href="https://redirect.github.com/aquasecurity/trivy-action/issues/467">#467</a>)</li>
<li><a
href="https://github.com/aquasecurity/trivy-action/commit/4844d823d3541b70e147062249823a5cf735b7b8"><code>4844d82</code></a>
ci: fix workflow to bump Trivy (<a
href="https://redirect.github.com/aquasecurity/trivy-action/issues/466">#466</a>)</li>
<li><a
href="https://github.com/aquasecurity/trivy-action/commit/26d71e622b84d103f86fb33a5a42c558e11f4ae0"><code>26d71e6</code></a>
refactor: use ubuntu 24.04 (<a
href="https://redirect.github.com/aquasecurity/trivy-action/issues/465">#465</a>)</li>
<li><a
href="https://github.com/aquasecurity/trivy-action/commit/b3dafe507ffa004210975439a1e6156b8ebb3f50"><code>b3dafe5</code></a>
Bump Trivy version to fix GitHub actions (<a
href="https://redirect.github.com/aquasecurity/trivy-action/issues/460">#460</a>)</li>
<li><a
href="https://github.com/aquasecurity/trivy-action/commit/99baf0d8b4e787c3cfd7b602664c8ce60a43cd38"><code>99baf0d</code></a>
Pin aquasecuriy/setup-trivy to hash instead of tag (<a
href="https://redirect.github.com/aquasecurity/trivy-action/issues/456">#456</a>)</li>
<li><a
href="https://github.com/aquasecurity/trivy-action/commit/7aca5acc9500b463826cc47a47a65ad7d404b045"><code>7aca5ac</code></a>
fix: Trivy action inputs leaking between invocations (<a
href="https://redirect.github.com/aquasecurity/trivy-action/issues/422">#422</a>)
(<a
href="https://redirect.github.com/aquasecurity/trivy-action/issues/454">#454</a>)</li>
<li><a
href="https://github.com/aquasecurity/trivy-action/commit/ea27ac12e15e065601133e2e439657937385d5a8"><code>ea27ac1</code></a>
docs: add info that <code>unix:/</code> prefix is required (<a
href="https://redirect.github.com/aquasecurity/trivy-action/issues/455">#455</a>)</li>
<li>See full diff in <a
href="https://github.com/aquasecurity/trivy-action/compare/6c175e9c4083a92bbca2f9724c8a5e33bc2d97a5...76071ef0d7ec797419534a183b498b4d6366cf37">compare
view</a></li>
</ul>
</details>
<br />

<details>
<summary>Most Recent Ignore Conditions Applied to This Pull
Request</summary>

| Dependency Name | Ignore Conditions |
| --- | --- |
| crate-ci/typos | [>= 1.30.a, < 1.31] |
</details>


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-06-09 12:27:00 +00:00
dependabot[bot] 9ef44e6be2 ci: bump the github-actions group with 3 updates (#18177) 
Bumps the github-actions group with 3 updates:
[fluxcd/flux2](https://github.com/fluxcd/flux2),
[tj-actions/changed-files](https://github.com/tj-actions/changed-files)
and [ossf/scorecard-action](https://github.com/ossf/scorecard-action).

Updates `fluxcd/flux2` from 2.5.1 to 2.6.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/fluxcd/flux2/releases">fluxcd/flux2's
releases</a>.</em></p>
<blockquote>
<h2>v2.6.1</h2>
<h2>Highlights</h2>
<p>Flux v2.6.1 is a patch release that comes with various fixes. Users
are encouraged to upgrade for the best experience.</p>
<p>Fixes:</p>
<ul>
<li>Fix a bug introduced in image-reflector-controller v0.35.0 that was
causing spurious error events for policies during image repository
reconciliation.</li>
<li>Fix excessive logging in image-reflector-controller after a restart
when the image tags cache is empty.</li>
</ul>
<h2>Components changelog</h2>
<ul>
<li>image-reflector-controller <a
href="https://github.com/fluxcd/image-reflector-controller/blob/v0.35.1/CHANGELOG.md">v0.35.1</a></li>
</ul>
<h2>What's Changed</h2>
<ul>
<li>[release/v2.6.x] Update image-reflector-controller to v0.35.1 by <a
href="https://github.com/fluxcdbot"><code>@​fluxcdbot</code></a> in <a
href="https://redirect.github.com/fluxcd/flux2/pull/5382">fluxcd/flux2#5382</a></li>
<li>[release/v2.6.x] Add digest pinning to image automation testing by
<a href="https://github.com/fluxcdbot"><code>@​fluxcdbot</code></a> in
<a
href="https://redirect.github.com/fluxcd/flux2/pull/5384">fluxcd/flux2#5384</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/fluxcd/flux2/compare/v2.6.0...v2.6.1">https://github.com/fluxcd/flux2/compare/v2.6.0...v2.6.1</a></p>
<h2>v2.6.0</h2>
<h2>Highlights</h2>
<p>Flux v2.6.0 is a feature release. Users are encouraged to upgrade for
the best experience.</p>
<p>For a compressive overview of new features and API changes included
in this release, please refer to the <a
href="https://fluxcd.io/blog/2025/05/flux-v2.6.0/">Announcing Flux 2.6
GA blog post</a>.</p>
<p>Overview of the new features:</p>
<ul>
<li>General availability release for the Flux OCI Artifacts APIs and
<code>flux artifact</code> commands</li>
<li>Support for OCI digests pinning (ImagePolicy,
ImageUpdateAutomation)</li>
<li>Object-level workload identity authentication (OCIRepository,
ImageRepository, Kustomization, Alert Provider)</li>
<li>Cache registry credentials for cloud providers (OCIRepository,
ImageRepository)</li>
<li>Git HTTP/S Mutual TLS authentication (GitRepository,
ImageUpdateAutomation)</li>
<li>Support for sparse checkout (GitRepository)</li>
<li>Support for GitHub App authentication (Alert Provider)</li>
<li>Support for managed Identity authentication to Azure Event Hub
(Alert Provider)</li>
<li>Customize the ID of the Git commit status with CEL expressions
(Alert Provider)</li>
<li><code>WaitForTermination</code> deletion policy (Kustomization)</li>
<li><code>DisableChartDigestTracking</code> feature gate
(HelmRelease)</li>
</ul>
<p>❤️ Big thanks to all the Flux contributors that helped us with this
release!</p>
<h3>Kubernetes compatibility</h3>
<p>This release is compatible with the following Kubernetes
versions:</p>
<p>| Kubernetes version | Minimum required |</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/fluxcd/flux2/commit/b73c7f7191086ca7629840e680e71873349787f8"><code>b73c7f7</code></a>
Merge pull request <a
href="https://redirect.github.com/fluxcd/flux2/issues/5384">#5384</a>
from fluxcd/backport-5383-to-release/v2.6.x</li>
<li><a
href="https://github.com/fluxcd/flux2/commit/7aff0327adc117c1501ee24d4983e3f6d06fc2ee"><code>7aff032</code></a>
Add digest pinning to image automation testing</li>
<li><a
href="https://github.com/fluxcd/flux2/commit/3bb3ae361744e0d121f095829e44c5dede33dbb9"><code>3bb3ae3</code></a>
Merge pull request <a
href="https://redirect.github.com/fluxcd/flux2/issues/5382">#5382</a>
from fluxcd/backport-5381-to-release/v2.6.x</li>
<li><a
href="https://github.com/fluxcd/flux2/commit/bf1af3c12059ed11f51a6ff345ed15e5567a1e21"><code>bf1af3c</code></a>
Update toolkit components</li>
<li><a
href="https://github.com/fluxcd/flux2/commit/4c66d375454b5841cc816e7728e8ae684cf70dc3"><code>4c66d37</code></a>
Merge pull request <a
href="https://redirect.github.com/fluxcd/flux2/issues/5370">#5370</a>
from fluxcd/update-components</li>
<li><a
href="https://github.com/fluxcd/flux2/commit/481c3c6e1e1c7056f0d1907ea39f22eee0c53473"><code>481c3c6</code></a>
Update toolkit components</li>
<li><a
href="https://github.com/fluxcd/flux2/commit/1d1d96b4895115aa1bb092f7bb3de6611681ebae"><code>1d1d96b</code></a>
Merge pull request <a
href="https://redirect.github.com/fluxcd/flux2/issues/5373">#5373</a>
from fluxcd/dependabot-up</li>
<li><a
href="https://github.com/fluxcd/flux2/commit/0b972771fdcdd8cf290f16398fb0c09cd2ad128d"><code>0b97277</code></a>
Update dependabot config</li>
<li><a
href="https://github.com/fluxcd/flux2/commit/650732109e1cef23fdf753e8caeb4efea984fe10"><code>6507321</code></a>
Merge pull request <a
href="https://redirect.github.com/fluxcd/flux2/issues/5371">#5371</a>
from fluxcd/oci-ga</li>
<li><a
href="https://github.com/fluxcd/flux2/commit/79fed691cafed9022fc37242e498cf108a0a1725"><code>79fed69</code></a>
Update CLI to OCIRepository v1 (GA)</li>
<li>Additional commits viewable in <a
href="https://github.com/fluxcd/flux2/compare/8d5f40dca5aa5d3c0fc3414457dda15a0ac92fa4...b73c7f7191086ca7629840e680e71873349787f8">compare
view</a></li>
</ul>
</details>
<br />

Updates `tj-actions/changed-files` from
3981e4f74104e7a4c67a835e1e5dd5d9eb0f0a57 to
115870536a85eaf050e369291c7895748ff12aea
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h1><a
href="https://github.com/tj-actions/changed-files/compare/v46.0.4...v46.0.5">46.0.5</a>
- (2025-04-09)</h1>
<h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2>
<ul>
<li><strong>deps:</strong> Bump yaml from 2.7.0 to 2.7.1 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2520">#2520</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/ed68ef82c095e0d48ec87eccea555d944a631a4c">ed68ef8</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump typescript from 5.8.2 to 5.8.3 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2516">#2516</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/a7bc14b808f23d3b467a4079c69a81f1a4500fd5">a7bc14b</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump <code>@​types/node</code> from
22.13.11 to 22.14.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2517">#2517</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/3d751f6b6d84071a17e1b9cf4ed79a80a27dd0ab">3d751f6</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump eslint-plugin-prettier from 5.2.3 to
5.2.6 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2519">#2519</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/e2fda4ec3cb0bc2a353843cae823430b3124db8f">e2fda4e</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump ts-jest from 29.2.6 to 29.3.1 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2518">#2518</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/0bed1b1132ec4879a39a2d624cf82a00d0bcfa48">0bed1b1</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump github/codeql-action from 3.28.12 to
3.28.15 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2530">#2530</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/68024587dc36f49685c96d59d3f1081830f968bb">6802458</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump tj-actions/branch-names from 8.0.1 to
8.1.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2521">#2521</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/cf2e39e86bf842d1f9bc5bca56c0a6b207cca792">cf2e39e</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump tj-actions/verify-changed-files from
20.0.1 to 20.0.4 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2523">#2523</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/6abeaa506a419f85fa9e681260b443adbeebb3d4">6abeaa5</a>)
- (dependabot[bot])</li>
</ul>
<h2><!-- raw HTML omitted -->⬆️ Upgrades</h2>
<ul>
<li>Upgraded to v46.0.4 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2511">#2511</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a
href="https://github.com/tj-actions/changed-files/commit/6f67ee9ac810f0192ea7b3d2086406f97847bcf9">6f67ee9</a>)
- (github-actions[bot])</p>
<h1><a
href="https://github.com/tj-actions/changed-files/compare/v46.0.3...v46.0.4">46.0.4</a>
- (2025-04-03)</h1>
<h2><!-- raw HTML omitted -->🐛 Bug Fixes</h2>
<ul>
<li>Bug modified_keys and changed_key outputs not set when no changes
detected (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2509">#2509</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/6cb76d07bee4c9772c6882c06c37837bf82a04d3">6cb76d0</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted -->📚 Documentation</h2>
<ul>
<li>Update readme (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2508">#2508</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/b74df86ccb65173a8e33ba5492ac1a2ca6b216fd">b74df86</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted -->⬆️ Upgrades</h2>
<ul>
<li>Upgraded to v46.0.3 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2506">#2506</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted -->
Co-authored-by: Tonye Jack <a
href="mailto:jtonye@ymail.com">jtonye@ymail.com</a> (<a
href="https://github.com/tj-actions/changed-files/commit/27ae6b33eaed7bf87272fdeb9f1c54f9facc9d99">27ae6b3</a>)
- (github-actions[bot])</p>
<h1><a
href="https://github.com/tj-actions/changed-files/compare/v46.0.2...v46.0.3">46.0.3</a>
- (2025-03-23)</h1>
<h2><!-- raw HTML omitted -->🔄 Update</h2>
<ul>
<li>Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2501">#2501</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a
href="https://github.com/tj-actions/changed-files/commit/41e0de576a0f2b64d9f06f2773f539109e55a70a">41e0de5</a>)
- (github-actions[bot])</p>
<ul>
<li>Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2499">#2499</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a
href="https://github.com/tj-actions/changed-files/commit/945787811a795cd840a1157ac590dd7827a05c8e">9457878</a>)
- (github-actions[bot])</p>
<h2><!-- raw HTML omitted -->📚 Documentation</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/tj-actions/changed-files/commit/115870536a85eaf050e369291c7895748ff12aea"><code>1158705</code></a>
chore(deps-dev): bump eslint-plugin-jest from 28.11.0 to 28.12.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2575">#2575</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/48aea2e1ab598202feb33bfd4df18f25cf0bf56a"><code>48aea2e</code></a>
chore(deps-dev): bump <code>@​types/node</code> from 22.15.24 to
22.15.26 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2576">#2576</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/050a3d3360d29711ee9d8210fc639d902d23ad07"><code>050a3d3</code></a>
Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2574">#2574</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/f000a9b97f254f9590ff26f651cccde827ad36da"><code>f000a9b</code></a>
docs: add Jellyfrog as a contributor for code, and doc (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2573">#2573</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/7a9a6d21056d4fc643159b536584c95a903da077"><code>7a9a6d2</code></a>
chore(deps-dev): bump <code>@​types/node</code> from 22.15.21 to
22.15.24 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2572">#2572</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/abda8aa2d055f53806b6d35f984ea80315fab52b"><code>abda8aa</code></a>
chore: update build job to fail when there are uncommited changes (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2571">#2571</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/c6634ca281a9fc05b03bee224ba00910cb78ab6e"><code>c6634ca</code></a>
chore(deps): bump github/codeql-action from 3.28.17 to 3.28.18 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2564">#2564</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/860b02dbf9f4dfded5b31c3ef9eca758918910b2"><code>860b02d</code></a>
chore(deps): bump <code>@​octokit/rest</code> from 21.1.1 to 22.0.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2568">#2568</a>)</li>
<li>See full diff in <a
href="https://github.com/tj-actions/changed-files/compare/3981e4f74104e7a4c67a835e1e5dd5d9eb0f0a57...115870536a85eaf050e369291c7895748ff12aea">compare
view</a></li>
</ul>
</details>
<br />

Updates `ossf/scorecard-action` from 2.4.1 to 2.4.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/ossf/scorecard-action/releases">ossf/scorecard-action's
releases</a>.</em></p>
<blockquote>
<h2>v2.4.2</h2>
<h2>What's Changed</h2>
<p>This update bumps the Scorecard version to the v5.2.1 release. For a
complete list of changes, please refer to the Scorecard <a
href="https://github.com/ossf/scorecard/releases/tag/v5.2.0">v5.2.0</a>
and <a
href="https://github.com/ossf/scorecard/releases/tag/v5.2.1">v5.2.1</a>
release notes.</p>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/ossf/scorecard-action/compare/v2.4.1...v2.4.2">https://github.com/ossf/scorecard-action/compare/v2.4.1...v2.4.2</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/ossf/scorecard-action/commit/05b42c624433fc40578a4040d5cf5e36ddca8cde"><code>05b42c6</code></a>
🌱 bump docker to ghcr v2.4.2 (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1548">#1548</a>)</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/b225da6b2b97811a123bb34532642f3ad6a4f011"><code>b225da6</code></a>
Bump github.com/ossf/scorecard/v5 from v5.2.0 to v5.2.1 (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1550">#1550</a>)</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/9399f6f42496e38fbb8dbcf85e17223226a5dafe"><code>9399f6f</code></a>
🌱 Bump the docker-images group across 1 directory with 2
updates (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1">#1</a>...</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/e1daa8c5c7ed469dbb0167e261ed1c9fa673a9ae"><code>e1daa8c</code></a>
🌱 Bump the github-actions group across 1 directory with 5
updates (#...</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/9fe6511b9b36af3b03200e49cf8fb09d261b5402"><code>9fe6511</code></a>
🌱 Bump golang.org/x/net from 0.39.0 to 0.40.0 (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1542">#1542</a>)</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/25b9cd9cd11610dcac11e59afed9910714b12129"><code>25b9cd9</code></a>
🌱 Bump github.com/ossf/scorecard/v5 from v5.1.1 to v5.2.0 (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1547">#1547</a>)</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/18cc9b81307fc5ab3c2cd7092955f06dcfdf8c42"><code>18cc9b8</code></a>
🌱 Bump golang.org/x/net from 0.38.0 to 0.39.0 (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1536">#1536</a>)</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/db7814227b097a902957aa24d989c6e473613a8e"><code>db78142</code></a>
🌱 Bump the github-actions group with 2 updates (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1538">#1538</a>)</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/de386ed459e2f85111697f50fe076d0ea617a32f"><code>de386ed</code></a>
🌱 Bump golang from 1.24.1 to 1.24.2 in the docker-images group
(<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1534">#1534</a>)</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/5b7cedba4eccfb66a6277e40cbe18d1d559ecc00"><code>5b7cedb</code></a>
🌱 Bump github.com/sigstore/cosign/v2 from 2.4.3 to 2.5.0 (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1537">#1537</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/ossf/scorecard-action/compare/f49aabe0b5af0936a0987cfb85d86b75731b0186...05b42c624433fc40578a4040d5cf5e36ddca8cde">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-06-05 02:52:25 +00:00
Hugo Dutka 9ada1232f3 chore: make the $RUNNER_TEMP RAM disk bigger on Windows in CI (#18050) 2025-05-27 12:26:50 +02:00
dependabot[bot] a605c09d2b ci: bump the github-actions group with 2 updates (#18035) 
Bumps the github-actions group with 2 updates:
[chromaui/action](https://github.com/chromaui/action) and
[tj-actions/changed-files](https://github.com/tj-actions/changed-files).

Updates `chromaui/action` from 11.29.0 to 12.0.0
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/chromaui/action/commit/d7afd50124cf4f337bcd943e7f45cfa85a5e4476"><code>d7afd50</code></a>
v12.0.0</li>
<li>See full diff in <a
href="https://github.com/chromaui/action/compare/1cfa065cbdab28f6ca3afaeb3d761383076a35aa...d7afd50124cf4f337bcd943e7f45cfa85a5e4476">compare
view</a></li>
</ul>
</details>
<br />

Updates `tj-actions/changed-files` from
480f49412651059a414a6a5c96887abb1877de8a to
3981e4f74104e7a4c67a835e1e5dd5d9eb0f0a57
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h1><a
href="https://github.com/tj-actions/changed-files/compare/v46.0.4...v46.0.5">46.0.5</a>
- (2025-04-09)</h1>
<h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2>
<ul>
<li><strong>deps:</strong> Bump yaml from 2.7.0 to 2.7.1 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2520">#2520</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/ed68ef82c095e0d48ec87eccea555d944a631a4c">ed68ef8</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump typescript from 5.8.2 to 5.8.3 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2516">#2516</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/a7bc14b808f23d3b467a4079c69a81f1a4500fd5">a7bc14b</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump <code>@​types/node</code> from
22.13.11 to 22.14.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2517">#2517</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/3d751f6b6d84071a17e1b9cf4ed79a80a27dd0ab">3d751f6</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump eslint-plugin-prettier from 5.2.3 to
5.2.6 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2519">#2519</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/e2fda4ec3cb0bc2a353843cae823430b3124db8f">e2fda4e</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump ts-jest from 29.2.6 to 29.3.1 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2518">#2518</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/0bed1b1132ec4879a39a2d624cf82a00d0bcfa48">0bed1b1</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump github/codeql-action from 3.28.12 to
3.28.15 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2530">#2530</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/68024587dc36f49685c96d59d3f1081830f968bb">6802458</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump tj-actions/branch-names from 8.0.1 to
8.1.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2521">#2521</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/cf2e39e86bf842d1f9bc5bca56c0a6b207cca792">cf2e39e</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump tj-actions/verify-changed-files from
20.0.1 to 20.0.4 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2523">#2523</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/6abeaa506a419f85fa9e681260b443adbeebb3d4">6abeaa5</a>)
- (dependabot[bot])</li>
</ul>
<h2><!-- raw HTML omitted -->⬆️ Upgrades</h2>
<ul>
<li>Upgraded to v46.0.4 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2511">#2511</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a
href="https://github.com/tj-actions/changed-files/commit/6f67ee9ac810f0192ea7b3d2086406f97847bcf9">6f67ee9</a>)
- (github-actions[bot])</p>
<h1><a
href="https://github.com/tj-actions/changed-files/compare/v46.0.3...v46.0.4">46.0.4</a>
- (2025-04-03)</h1>
<h2><!-- raw HTML omitted -->🐛 Bug Fixes</h2>
<ul>
<li>Bug modified_keys and changed_key outputs not set when no changes
detected (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2509">#2509</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/6cb76d07bee4c9772c6882c06c37837bf82a04d3">6cb76d0</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted -->📚 Documentation</h2>
<ul>
<li>Update readme (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2508">#2508</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/b74df86ccb65173a8e33ba5492ac1a2ca6b216fd">b74df86</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted -->⬆️ Upgrades</h2>
<ul>
<li>Upgraded to v46.0.3 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2506">#2506</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted -->
Co-authored-by: Tonye Jack <a
href="mailto:jtonye@ymail.com">jtonye@ymail.com</a> (<a
href="https://github.com/tj-actions/changed-files/commit/27ae6b33eaed7bf87272fdeb9f1c54f9facc9d99">27ae6b3</a>)
- (github-actions[bot])</p>
<h1><a
href="https://github.com/tj-actions/changed-files/compare/v46.0.2...v46.0.3">46.0.3</a>
- (2025-03-23)</h1>
<h2><!-- raw HTML omitted -->🔄 Update</h2>
<ul>
<li>Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2501">#2501</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a
href="https://github.com/tj-actions/changed-files/commit/41e0de576a0f2b64d9f06f2773f539109e55a70a">41e0de5</a>)
- (github-actions[bot])</p>
<ul>
<li>Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2499">#2499</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a
href="https://github.com/tj-actions/changed-files/commit/945787811a795cd840a1157ac590dd7827a05c8e">9457878</a>)
- (github-actions[bot])</p>
<h2><!-- raw HTML omitted -->📚 Documentation</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/tj-actions/changed-files/commit/3981e4f74104e7a4c67a835e1e5dd5d9eb0f0a57"><code>3981e4f</code></a>
chore(deps-dev): bump <code>@​types/node</code> from 22.15.17 to
22.15.21 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2566">#2566</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/403a8a6fd188648f8a5adab2047d8eab5c0a4b34"><code>403a8a6</code></a>
chore(deps-dev): bump ts-jest from 29.3.2 to 29.3.4 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2563">#2563</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/5c5e8c9b886c1ff1c08a9df23b1ee6e0c0d44001"><code>5c5e8c9</code></a>
chore(deps): bump yaml from 2.7.1 to 2.8.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2561">#2561</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/d869acea438612407cf27745d747734afb0140db"><code>d869ace</code></a>
chore(deps-dev): bump <code>@​types/lodash</code> from 4.17.16 to
4.17.17 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2565">#2565</a>)</li>
<li>See full diff in <a
href="https://github.com/tj-actions/changed-files/compare/480f49412651059a414a6a5c96887abb1877de8a...3981e4f74104e7a4c67a835e1e5dd5d9eb0f0a57">compare
view</a></li>
</ul>
</details>
<br />

<details>
<summary>Most Recent Ignore Conditions Applied to This Pull
Request</summary>

| Dependency Name | Ignore Conditions |
| --- | --- |
| chromaui/action | [>= 11.a, < 12] |
</details>


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-05-24 22:25:19 +00:00
Bruno Quaresma e8306cc790 chore: improve chromatic CI (#18014) 
Following [this Chromatic
guide](https://www.chromatic.com/docs/turbosnap-best-practices) to
improve our Chromatic jobs.
 2025-05-23 15:10:06 -03:00
Hugo Dutka a0e229afec chore: run test-go-pg on macOS and Windows in regular CI (#17853) 
This PR starts running test-go-pg on macOS and Windows in regular CI.
Previously this suite was only run in the nightly gauntlet for 2
reasons:

- it was flaky
- it was slow (took 17 minutes)

We've since stabilized the flakiness by switching to depot runners,
using ram disks, optimizing the number of tests run in parallel, and
automatically re-running failing tests. We've also [brought
down](https://github.com/coder/coder/pull/17756) the time to run the
suite to 9 minutes. Additionally, this PR allows test-go-pg to use cache
from previous runs, which speeds it up further. The cache is only used
on PRs, `main` will still run tests without it.

This PR also:

- removes the nightly gauntlet since all tests now run in regular CI
- removes the `test-cli` job for the same reason
- removes the `setup-imdisk` action which is now fully replaced by
[coder/setup-ramdisk-action](https://github.com/coder/setup-ramdisk-action)
- makes 2 minor changes which could be separate PRs, but I rolled them
into this because they were helpful when iterating on it:
- replace the `if: always()` condition on the `gen` job with a `if: ${{
!cancelled() }}` to allow the job to be cancelled. Previously the job
would run to completion even if the entire workflow was cancelled. See
[the GitHub
docs](https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/evaluate-expressions-in-workflows-and-actions#always)
for more details.
- disable the recently added `TestReinitializeAgent` since it does not
pass on Windows with Postgres. There's an open issue to fix it:
https://github.com/coder/internal/issues/642

This PR will:

- unblock https://github.com/coder/coder/issues/15109
- alleviate https://github.com/coder/internal/issues/647

I tested caching by temporarily enabling cache upload on this PR: here's
[a
run](https://github.com/coder/coder/actions/runs/15119046903/job/42496939341?pr=17853#step:13:1296)
showing cache being used.
 2025-05-22 15:53:37 +02:00
Hugo Dutka cb0f778baf chore: update setup-ramdisk-action (#17883) 
Update setup-ramdisk-action to [a
version](https://github.com/coder/setup-ramdisk-action/commit/81c5c441bda00c6c3d6bcee2e5a33ed4aadbbcc1)
that instructs curl to fail on network errors and retry them.

It should mitigate flakes like the one seen here:
https://github.com/coder/coder/actions/runs/15068089742/job/42357451808#step:4:54
 2025-05-16 15:21:25 +02:00
Hugo Dutka 6e1ba75b06 chore: retry failed race tests in CI (#17846) 
This PR enables retrying failed tests in the race suites unless a data
race was detected. The goal is to reduce how often flakes disrupt
developers' workflows.

I bumped gotestsum to a revision from the `main` branch because it
includes the `--rerun-fails-abort-on-data-race` flag which [I recently
contributed](https://github.com/gotestyourself/gotestsum/pull/497).

Incidentally, you can see it [in action in a CI job on this very
PR](https://github.com/coder/coder/actions/runs/15040840724/job/42271999592?pr=17846#step:8:647).
 2025-05-15 14:11:36 +02:00
Hugo Dutka ea2cae0e20 chore: tune postgres CI tests (#17756) 
Changes:
- use a bigger runner for test-go-pg on Linux
- use a depot runner to run postgres tests on Windows
- use the same Windows ramdisk action for postgres tests as the one
currently used for in-memory tests
- put GOTMPDIR on a ramdisk on Windows
- tune the number of tests running in parallel on macOS and Windows
- use a ramdisk for postgres on macOS
- turn off Spotlight indexing on macOS
- rerun failing tests to stop flakes from disrupting developers

Results:
- test-go-pg on Linux completing in 50% of the time it takes to run on
main ([run on
main](https://github.com/coder/coder/actions/runs/14937632073/job/41968714750),
[run on this
PR](https://github.com/coder/coder/actions/runs/14956584795/job/42013097674?pr=17756))
- macOS tests completing in 70% of the time ([run on
main](https://github.com/coder/coder/actions/runs/14921155015/job/41916639889),
[run on this
PR](https://github.com/coder/coder/actions/runs/14956590940/job/42013102975))
- Windows tests completing in 50% of the time ([run on
main](https://github.com/coder/coder/actions/runs/14921155015/job/41916640058),
[run on this
PR](https://github.com/coder/coder/actions/runs/14956590940/job/42013103116))

This PR helps unblock https://github.com/coder/coder/issues/15109.
 2025-05-12 17:38:25 +02:00
dependabot[bot] 87152db05b ci: bump the github-actions group across 1 directory with 4 updates (#17760) 
Bumps the github-actions group with 4 updates in the / directory:
[crate-ci/typos](https://github.com/crate-ci/typos),
[dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata),
[tj-actions/changed-files](https://github.com/tj-actions/changed-files)
and [github/codeql-action](https://github.com/github/codeql-action).

Updates `crate-ci/typos` from 1.31.1 to 1.32.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/crate-ci/typos/releases">crate-ci/typos's
releases</a>.</em></p>
<blockquote>
<h2>v1.32.0</h2>
<h2>[1.32.0] - 2025-05-02</h2>
<h3>Features</h3>
<ul>
<li>Updated the dictionary with the <a
href="https://redirect.github.com/crate-ci/typos/issues/1264">April
2025</a> changes</li>
</ul>
<h2>v1.31.2</h2>
<h2>[1.31.2] - 2025-04-28</h2>
<h3>Fixes</h3>
<ul>
<li><em>(exclusion)</em> Don't confused emails as base64</li>
<li><em>(dict)</em> Correct <code>contamint</code> to
<code>contaminant</code>, not <code>contaminat</code></li>
<li><em>(dict)</em> Correct <code>contamints</code> to
<code>contaminants</code>, not <code>contaminats</code></li>
</ul>
<h3>Performance</h3>
<ul>
<li>Improve tokenization performance</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/crate-ci/typos/blob/master/CHANGELOG.md">crate-ci/typos's
changelog</a>.</em></p>
<blockquote>
<h1>Change Log</h1>
<p>All notable changes to this project will be documented in this
file.</p>
<p>The format is based on <a href="http://keepachangelog.com/">Keep a
Changelog</a>
and this project adheres to <a href="http://semver.org/">Semantic
Versioning</a>.</p>
<!-- raw HTML omitted -->
<h2>[Unreleased] - ReleaseDate</h2>
<h2>[1.32.0] - 2025-05-02</h2>
<h3>Features</h3>
<ul>
<li>Updated the dictionary with the <a
href="https://redirect.github.com/crate-ci/typos/issues/1264">April
2025</a> changes</li>
</ul>
<h2>[1.31.2] - 2025-04-28</h2>
<h3>Fixes</h3>
<ul>
<li><em>(exclusion)</em> Don't confused emails as base64</li>
<li><em>(dict)</em> Correct <code>contamint</code> to
<code>contaminant</code>, not <code>contaminat</code></li>
<li><em>(dict)</em> Correct <code>contamints</code> to
<code>contaminants</code>, not <code>contaminats</code></li>
</ul>
<h3>Performance</h3>
<ul>
<li>Improve tokenization performance</li>
</ul>
<h2>[1.31.1] - 2025-03-31</h2>
<h3>Fixes</h3>
<ul>
<li><em>(dict)</em> Also correct <code>typ</code> to
<code>type</code></li>
</ul>
<h2>[1.31.0] - 2025-03-28</h2>
<h3>Features</h3>
<ul>
<li>Updated the dictionary with the <a
href="https://redirect.github.com/crate-ci/typos/issues/1248">March
2025</a> changes</li>
</ul>
<h2>[1.30.3] - 2025-03-24</h2>
<h3>Features</h3>
<ul>
<li>Support detecting <code>go.work</code> and <code>go.work.sum</code>
files</li>
</ul>
<h2>[1.30.2] - 2025-03-10</h2>
<h3>Features</h3>
<ul>
<li>Add <code>--highlight-words</code> and
<code>--highlight-identifiers</code> for easier debugging of config</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/crate-ci/typos/commit/0f0ccba9ed1df83948f0c15026e4f5ccfce46109"><code>0f0ccba</code></a>
chore: Release</li>
<li><a
href="https://github.com/crate-ci/typos/commit/5cb94233a615fb61c4500572b64d22425e96099a"><code>5cb9423</code></a>
chore: Release</li>
<li><a
href="https://github.com/crate-ci/typos/commit/2af8019e8687956766fbe303524b7f9b820885dd"><code>2af8019</code></a>
docs: Update changelog</li>
<li><a
href="https://github.com/crate-ci/typos/commit/970eb5442de8ea11b6b0e84904a11eda611a65db"><code>970eb54</code></a>
Merge pull request <a
href="https://redirect.github.com/crate-ci/typos/issues/1291">#1291</a>
from epage/may</li>
<li><a
href="https://github.com/crate-ci/typos/commit/e84064f2d66ab3e807cfa29a1e203f78e56e115e"><code>e84064f</code></a>
feat(dict): April 2025 updates</li>
<li><a
href="https://github.com/crate-ci/typos/commit/8dddd500291130802cbb593827be9d862181402c"><code>8dddd50</code></a>
chore(deps): Update compatible (<a
href="https://redirect.github.com/crate-ci/typos/issues/1289">#1289</a>)</li>
<li><a
href="https://github.com/crate-ci/typos/commit/3be83342e28b9421997e9f781f713f8dde8453d2"><code>3be8334</code></a>
chore: Release</li>
<li><a
href="https://github.com/crate-ci/typos/commit/f16e5d44ec16bfba422e39e66c11d58fc1a3da76"><code>f16e5d4</code></a>
docs: Update changelog</li>
<li><a
href="https://github.com/crate-ci/typos/commit/e0927bd9d2433efaf2c8a998ad0434cb94304415"><code>e0927bd</code></a>
docs(action): Remove non-existent variables</li>
<li><a
href="https://github.com/crate-ci/typos/commit/2dbcebf645e8918080b28c7eb1f913143a3426da"><code>2dbcebf</code></a>
Merge pull request <a
href="https://redirect.github.com/crate-ci/typos/issues/1287">#1287</a>
from epage/dict</li>
<li>Additional commits viewable in <a
href="https://github.com/crate-ci/typos/compare/b1a1ef3893ff35ade0cfa71523852a49bfd05d19...0f0ccba9ed1df83948f0c15026e4f5ccfce46109">compare
view</a></li>
</ul>
</details>
<br />

Updates `dependabot/fetch-metadata` from 2.3.0 to 2.4.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/dependabot/fetch-metadata/releases">dependabot/fetch-metadata's
releases</a>.</em></p>
<blockquote>
<h2>v2.4.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Bump actions/create-github-app-token from 1.11.0 to 1.11.3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/598">dependabot/fetch-metadata#598</a></li>
<li>Bump <code>@​vercel/ncc</code> from 0.38.1 to 0.38.3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/578">dependabot/fetch-metadata#578</a></li>
<li>Add missing <code>@octokit/request-error</code> to
<code>package.json</code> by <a
href="https://github.com/jeffwidman"><code>@​jeffwidman</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/605">dependabot/fetch-metadata#605</a></li>
<li>Bump to ESLint 9 by <a
href="https://github.com/jeffwidman"><code>@​jeffwidman</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/606">dependabot/fetch-metadata#606</a></li>
<li>Stop using a node16 devcontainer image by <a
href="https://github.com/jeffwidman"><code>@​jeffwidman</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/608">dependabot/fetch-metadata#608</a></li>
<li>Make typescript compile to <code>&quot;es2022&quot;</code> by <a
href="https://github.com/jeffwidman"><code>@​jeffwidman</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/609">dependabot/fetch-metadata#609</a></li>
<li>Bump the dev-dependencies group across 1 directory with 8 updates by
<a href="https://github.com/dependabot"><code>@​dependabot</code></a> in
<a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/607">dependabot/fetch-metadata#607</a></li>
<li>Tidy up examples slightly by <a
href="https://github.com/jeffwidman"><code>@​jeffwidman</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/611">dependabot/fetch-metadata#611</a></li>
<li>Fixup some anchor tags that weren't deeplinking by <a
href="https://github.com/jeffwidman"><code>@​jeffwidman</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/614">dependabot/fetch-metadata#614</a></li>
<li>Remove unnecessary hardcoding of <code>ref</code> by <a
href="https://github.com/jeffwidman"><code>@​jeffwidman</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/617">dependabot/fetch-metadata#617</a></li>
<li>Bump actions/create-github-app-token from 1.11.3 to 2.0.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/616">dependabot/fetch-metadata#616</a></li>
<li>Enable caching of <code>npm install</code>/<code>npm ci</code> for
<code>setup-node</code> action by <a
href="https://github.com/jeffwidman"><code>@​jeffwidman</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/618">dependabot/fetch-metadata#618</a></li>
<li>Add workflow to publish new version of immutable action on every
release by <a
href="https://github.com/jeffwidman"><code>@​jeffwidman</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/623">dependabot/fetch-metadata#623</a></li>
<li>Bump actions/create-github-app-token from 2.0.2 to 2.0.6 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/621">dependabot/fetch-metadata#621</a></li>
<li>v2.4.0 by <a
href="https://github.com/fetch-metadata-action-automation"><code>@​fetch-metadata-action-automation</code></a>
in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/594">dependabot/fetch-metadata#594</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/dependabot/fetch-metadata/compare/v2...v2.4.0">https://github.com/dependabot/fetch-metadata/compare/v2...v2.4.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/dependabot/fetch-metadata/commit/08eff52bf64351f401fb50d4972fa95b9f2c2d1b"><code>08eff52</code></a>
v2.4.0 (<a
href="https://redirect.github.com/dependabot/fetch-metadata/issues/594">#594</a>)</li>
<li><a
href="https://github.com/dependabot/fetch-metadata/commit/821b65425137ec0dd9fa4e4931297ce81a017ed7"><code>821b654</code></a>
Merge pull request <a
href="https://redirect.github.com/dependabot/fetch-metadata/issues/621">#621</a>
from dependabot/dependabot/github_actions/actions/cre...</li>
<li><a
href="https://github.com/dependabot/fetch-metadata/commit/2c22a370e3e9f4d539470325c4c46acc607ef78e"><code>2c22a37</code></a>
Bump actions/create-github-app-token from 2.0.2 to 2.0.6</li>
<li><a
href="https://github.com/dependabot/fetch-metadata/commit/6ad01a0495c3f8488ba16705f5031cadde56c8ba"><code>6ad01a0</code></a>
Add workflow to publish new version of immutable action on every release
(<a
href="https://redirect.github.com/dependabot/fetch-metadata/issues/623">#623</a>)</li>
<li><a
href="https://github.com/dependabot/fetch-metadata/commit/8ca800c1642f5e46fd4fe73c07af0e3baf1375d6"><code>8ca800c</code></a>
Enable caching of <code>npm install</code>/<code>npm ci</code> for
<code>setup-node</code> action (<a
href="https://redirect.github.com/dependabot/fetch-metadata/issues/618">#618</a>)</li>
<li><a
href="https://github.com/dependabot/fetch-metadata/commit/67876354acc60aadf59dc57d46959117cee2b764"><code>6787635</code></a>
Merge pull request <a
href="https://redirect.github.com/dependabot/fetch-metadata/issues/616">#616</a>
from dependabot/dependabot/github_actions/actions/cre...</li>
<li><a
href="https://github.com/dependabot/fetch-metadata/commit/a09d4affbb4e2c87349169de0a2ced55e3c27168"><code>a09d4af</code></a>
Bump actions/create-github-app-token from 1.11.3 to 2.0.2</li>
<li><a
href="https://github.com/dependabot/fetch-metadata/commit/3a5ce46470ca6c67f17694ac27f0db1caf53b518"><code>3a5ce46</code></a>
Remove unnecessary hardcoding of <code>ref</code> (<a
href="https://redirect.github.com/dependabot/fetch-metadata/issues/617">#617</a>)</li>
<li><a
href="https://github.com/dependabot/fetch-metadata/commit/798f45cdc56b81396c637207204f29f0f55da017"><code>798f45c</code></a>
Fixup some anchor tags that weren't deeplinking (<a
href="https://redirect.github.com/dependabot/fetch-metadata/issues/614">#614</a>)</li>
<li><a
href="https://github.com/dependabot/fetch-metadata/commit/6c031ac618d23a38e886535b1c8ea06caaf2a444"><code>6c031ac</code></a>
Tidy up examples slightly (<a
href="https://redirect.github.com/dependabot/fetch-metadata/issues/611">#611</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/dependabot/fetch-metadata/compare/d7267f607e9d3fb96fc2fbe83e0af444713e90b7...08eff52bf64351f401fb50d4972fa95b9f2c2d1b">compare
view</a></li>
</ul>
</details>
<br />

Updates `tj-actions/changed-files` from
5426ecc3f5c2b10effaefbd374f0abdc6a571b2f to
480f49412651059a414a6a5c96887abb1877de8a
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h1><a
href="https://github.com/tj-actions/changed-files/compare/v46.0.4...v46.0.5">46.0.5</a>
- (2025-04-09)</h1>
<h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2>
<ul>
<li><strong>deps:</strong> Bump yaml from 2.7.0 to 2.7.1 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2520">#2520</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/ed68ef82c095e0d48ec87eccea555d944a631a4c">ed68ef8</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump typescript from 5.8.2 to 5.8.3 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2516">#2516</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/a7bc14b808f23d3b467a4079c69a81f1a4500fd5">a7bc14b</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump <code>@​types/node</code> from
22.13.11 to 22.14.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2517">#2517</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/3d751f6b6d84071a17e1b9cf4ed79a80a27dd0ab">3d751f6</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump eslint-plugin-prettier from 5.2.3 to
5.2.6 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2519">#2519</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/e2fda4ec3cb0bc2a353843cae823430b3124db8f">e2fda4e</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump ts-jest from 29.2.6 to 29.3.1 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2518">#2518</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/0bed1b1132ec4879a39a2d624cf82a00d0bcfa48">0bed1b1</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump github/codeql-action from 3.28.12 to
3.28.15 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2530">#2530</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/68024587dc36f49685c96d59d3f1081830f968bb">6802458</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump tj-actions/branch-names from 8.0.1 to
8.1.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2521">#2521</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/cf2e39e86bf842d1f9bc5bca56c0a6b207cca792">cf2e39e</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump tj-actions/verify-changed-files from
20.0.1 to 20.0.4 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2523">#2523</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/6abeaa506a419f85fa9e681260b443adbeebb3d4">6abeaa5</a>)
- (dependabot[bot])</li>
</ul>
<h2><!-- raw HTML omitted -->⬆️ Upgrades</h2>
<ul>
<li>Upgraded to v46.0.4 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2511">#2511</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a
href="https://github.com/tj-actions/changed-files/commit/6f67ee9ac810f0192ea7b3d2086406f97847bcf9">6f67ee9</a>)
- (github-actions[bot])</p>
<h1><a
href="https://github.com/tj-actions/changed-files/compare/v46.0.3...v46.0.4">46.0.4</a>
- (2025-04-03)</h1>
<h2><!-- raw HTML omitted -->🐛 Bug Fixes</h2>
<ul>
<li>Bug modified_keys and changed_key outputs not set when no changes
detected (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2509">#2509</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/6cb76d07bee4c9772c6882c06c37837bf82a04d3">6cb76d0</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted -->📚 Documentation</h2>
<ul>
<li>Update readme (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2508">#2508</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/b74df86ccb65173a8e33ba5492ac1a2ca6b216fd">b74df86</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted -->⬆️ Upgrades</h2>
<ul>
<li>Upgraded to v46.0.3 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2506">#2506</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted -->
Co-authored-by: Tonye Jack <a
href="mailto:jtonye@ymail.com">jtonye@ymail.com</a> (<a
href="https://github.com/tj-actions/changed-files/commit/27ae6b33eaed7bf87272fdeb9f1c54f9facc9d99">27ae6b3</a>)
- (github-actions[bot])</p>
<h1><a
href="https://github.com/tj-actions/changed-files/compare/v46.0.2...v46.0.3">46.0.3</a>
- (2025-03-23)</h1>
<h2><!-- raw HTML omitted -->🔄 Update</h2>
<ul>
<li>Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2501">#2501</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a
href="https://github.com/tj-actions/changed-files/commit/41e0de576a0f2b64d9f06f2773f539109e55a70a">41e0de5</a>)
- (github-actions[bot])</p>
<ul>
<li>Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2499">#2499</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a
href="https://github.com/tj-actions/changed-files/commit/945787811a795cd840a1157ac590dd7827a05c8e">9457878</a>)
- (github-actions[bot])</p>
<h2><!-- raw HTML omitted -->📚 Documentation</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/tj-actions/changed-files/commit/480f49412651059a414a6a5c96887abb1877de8a"><code>480f494</code></a>
chore(deps): bump <code>@​actions/github</code> from 6.0.0 to 6.0.1 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2556">#2556</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/405524a214f00911f11de2cd3a9a36902ddafa52"><code>405524a</code></a>
chore(deps-dev): bump <code>@​types/node</code> from 22.15.14 to
22.15.17 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2557">#2557</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/b6970c44e602dd27272fdfc4e3cf76054f721d15"><code>b6970c4</code></a>
chore(deps-dev): bump eslint-config-prettier from 10.1.2 to 10.1.5 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2558">#2558</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/11fe0a22639570798676000acac7be726130b5ee"><code>11fe0a2</code></a>
chore(deps): bump github/codeql-action from 3.28.16 to 3.28.17 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2551">#2551</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/e7b157b1c4ad44acfc8d9be14b8cd8f5058636e3"><code>e7b157b</code></a>
chore(deps-dev): bump <code>@​types/node</code> from 22.15.3 to 22.15.10
(<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2552">#2552</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/9132e0305b2a924727467f54f064d30bc85d67c1"><code>9132e03</code></a>
chore(deps-dev): bump eslint-plugin-prettier from 5.2.6 to 5.4.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2553">#2553</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/4168bb487d5b82227665ab4ec90b67ce02691741"><code>4168bb4</code></a>
chore(deps-dev): bump <code>@​types/node</code> from 22.15.0 to 22.15.3
(<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2548">#2548</a>)</li>
<li>See full diff in <a
href="https://github.com/tj-actions/changed-files/compare/5426ecc3f5c2b10effaefbd374f0abdc6a571b2f...480f49412651059a414a6a5c96887abb1877de8a">compare
view</a></li>
</ul>
</details>
<br />

Updates `github/codeql-action` from 3.28.16 to 3.28.17
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.28.17</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.28.17 - 02 May 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.2. <a
href="https://redirect.github.com/github/codeql-action/pull/2872">#2872</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.28.17/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.28.17 - 02 May 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.2. <a
href="https://redirect.github.com/github/codeql-action/pull/2872">#2872</a></li>
</ul>
<h2>3.28.16 - 23 Apr 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.1. <a
href="https://redirect.github.com/github/codeql-action/pull/2863">#2863</a></li>
</ul>
<h2>3.28.15 - 07 Apr 2025</h2>
<ul>
<li>Fix bug where the action would fail if it tried to produce a debug
artifact with more than 65535 files. <a
href="https://redirect.github.com/github/codeql-action/pull/2842">#2842</a></li>
</ul>
<h2>3.28.14 - 07 Apr 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.0. <a
href="https://redirect.github.com/github/codeql-action/pull/2838">#2838</a></li>
</ul>
<h2>3.28.13 - 24 Mar 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.12 - 19 Mar 2025</h2>
<ul>
<li>Dependency caching should now cache more dependencies for Java
<code>build-mode: none</code> extractions. This should speed up
workflows and avoid inconsistent alerts in some cases.</li>
<li>Update default CodeQL bundle version to 2.20.7. <a
href="https://redirect.github.com/github/codeql-action/pull/2810">#2810</a></li>
</ul>
<h2>3.28.11 - 07 Mar 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.6. <a
href="https://redirect.github.com/github/codeql-action/pull/2793">#2793</a></li>
</ul>
<h2>3.28.10 - 21 Feb 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.5. <a
href="https://redirect.github.com/github/codeql-action/pull/2772">#2772</a></li>
<li>Address an issue where the CodeQL Bundle would occasionally fail to
decompress on macOS. <a
href="https://redirect.github.com/github/codeql-action/pull/2768">#2768</a></li>
</ul>
<h2>3.28.9 - 07 Feb 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.4. <a
href="https://redirect.github.com/github/codeql-action/pull/2753">#2753</a></li>
</ul>
<h2>3.28.8 - 29 Jan 2025</h2>
<ul>
<li>Enable support for Kotlin 2.1.10 when running with CodeQL CLI
v2.20.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2744">#2744</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/60168efe1c415ce0f5521ea06d5c2062adbeed1b"><code>60168ef</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2886">#2886</a>
from github/update-v3.28.17-97a2bfd2a</li>
<li><a
href="https://github.com/github/codeql-action/commit/0d5a3115da6459f8ab4333164184f8292c0c7a7f"><code>0d5a311</code></a>
Update changelog for v3.28.17</li>
<li><a
href="https://github.com/github/codeql-action/commit/97a2bfd2a3d26d458da69e548f7f859d6fca634d"><code>97a2bfd</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2872">#2872</a>
from github/update-bundle/codeql-bundle-v2.21.2</li>
<li><a
href="https://github.com/github/codeql-action/commit/9aba20e4c91fd8c3a71d5ab2bdeba0da11713864"><code>9aba20e</code></a>
Merge branch 'main' into update-bundle/codeql-bundle-v2.21.2</li>
<li><a
href="https://github.com/github/codeql-action/commit/81a9508deb02898c1a7be79bd5b49bb0ab9c787e"><code>81a9508</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2876">#2876</a>
from github/henrymercer/fix-diff-informed-multiple-a...</li>
<li><a
href="https://github.com/github/codeql-action/commit/1569f4c145413fbce7d6573c6ee9212d2612d27f"><code>1569f4c</code></a>
Disable diff-informed queries in code scanning config tests</li>
<li><a
href="https://github.com/github/codeql-action/commit/62fbeb66b359bfbdec7d4d96af8f68aece59b4db"><code>62fbeb6</code></a>
Merge branch 'main' into
henrymercer/fix-diff-informed-multiple-analyze</li>
<li><a
href="https://github.com/github/codeql-action/commit/f122d1dc9eb83b12dc16b38495b667a2dddfa6f9"><code>f122d1d</code></a>
Address test failures from computing temporary directory too early</li>
<li><a
href="https://github.com/github/codeql-action/commit/083772aae48a3be5654921bb6e6ccb00e0e1d563"><code>083772a</code></a>
Do not fail diff informed analyses when <code>analyze</code> is run
twice in the same job</li>
<li><a
href="https://github.com/github/codeql-action/commit/5db14d0471303d6eee1e2a51393f5ae1669b6703"><code>5db14d0</code></a>
Merge branch 'main' into update-bundle/codeql-bundle-v2.21.2</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/28deaeda66b76a05916b6923827895f2b14ab387...60168efe1c415ce0f5521ea06d5c2062adbeed1b">compare
view</a></li>
</ul>
</details>
<br />

<details>
<summary>Most Recent Ignore Conditions Applied to This Pull
Request</summary>

| Dependency Name | Ignore Conditions |
| --- | --- |
| crate-ci/typos | [>= 1.30.a, < 1.31] |
</details>


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-05-12 11:58:20 +00:00
Hugo Dutka a7e828593f chore: retry failing tests in CI (#17681) 
This PR introduces failing test retries in CI for e2e tests, Go tests
with the in-memory database, Go tests with Postgres, and the CLI tests.
Retries are not enabled for race tests.

The goal is to reduce how often flakes disrupt developers' workflows.
 2025-05-06 16:53:26 +02:00
Hugo Dutka 87f4535357 chore: optimize CI setup time on Windows (#17666) 
This PR focuses on optimizing go-test CI times on Windows. It:

- backs the `$RUNNER_TEMP` directory with a RAM disk. This directory is
used by actions like cache, setup-go, and setup-terraform as a staging
area
- backs `GOCACHE`, `GOMODCACHE`, and `GOPATH` with a RAM disk
- backs `$GITHUB_WORKSPACE` with a RAM disk - that's where the
repository is checked out
- uses preinstalled Go on Windows runners
- starts using the depot Windows runner

From what I've seen, these changes bring test times down to be on par
with Linux and macOS. The biggest improvement comes from backing
frequently accessed paths with RAM disks. The C drive is surprisingly
slow - I ran some performance tests with
[fio](https://fio.readthedocs.io/en/latest/fio_doc.html#) where I tested
IOPS on many small files, and the RAM disk was 100x faster.

Additionally, the depot runners seem to have more consistent performance
than the ones provided by GitHub.
 2025-05-05 14:26:30 +02:00
dependabot[bot] 0a26eeec0c ci: bump the github-actions group with 7 updates (#17581) 
Bumps the github-actions group with 7 updates:

| Package | From | To |
| --- | --- | --- |
|
[step-security/harden-runner](https://github.com/step-security/harden-runner)
| `2.11.1` | `2.12.0` |
|
[google-github-actions/auth](https://github.com/google-github-actions/auth)
| `2.1.8` | `2.1.10` |
|
[actions/download-artifact](https://github.com/actions/download-artifact)
| `4.2.1` | `4.3.0` |
| [actions/attest](https://github.com/actions/attest) | `2.2.1` |
`2.3.0` |
|
[tj-actions/changed-files](https://github.com/tj-actions/changed-files)
| `9934ab3fdf63239da75d9e0fbd339c48620c72c4` |
`5426ecc3f5c2b10effaefbd374f0abdc6a571b2f` |
|
[nix-community/cache-nix-action](https://github.com/nix-community/cache-nix-action)
| `6.1.2` | `6.1.3` |
| [github/codeql-action](https://github.com/github/codeql-action) |
`3.28.15` | `3.28.16` |

Updates `step-security/harden-runner` from 2.11.1 to 2.12.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's
releases</a>.</em></p>
<blockquote>
<h2>v2.12.0</h2>
<h2>What's Changed</h2>
<ol>
<li>
<p>A new option, <code>disable-sudo-and-containers</code>, is now
available to replace the <code>disable-sudo policy</code>, addressing
Docker-based privilege escalation (<a
href="https://github.com/step-security/harden-runner/security/advisories/GHSA-mxr3-8whj-j74r">CVE-2025-32955</a>).
More details can be found in this <a
href="https://www.stepsecurity.io/blog/evolving-harden-runners-disable-sudo-policy-for-improved-runner-security">blog
post</a>.</p>
</li>
<li>
<p>New detections have been added based on insights from the tj-actions
and reviewdog actions incidents.</p>
</li>
</ol>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/step-security/harden-runner/compare/v2...v2.12.0">https://github.com/step-security/harden-runner/compare/v2...v2.12.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/step-security/harden-runner/commit/0634a2670c59f64b4a01f0f96f84700a4088b9f0"><code>0634a26</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/541">#541</a>
from step-security/rc-20</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/2e3c5113419044c10e6826351ff7cf7d56cbebe4"><code>2e3c511</code></a>
Update action.yml</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/40873e6a41e9ae4f46268f8ee038b3561bb88504"><code>40873e6</code></a>
Update README.md</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/484c2799ec63f20b4acc41bcf649dd4003718616"><code>484c279</code></a>
Update README.md</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/4c8582f45544ce2dafb2cfae82cfbebf0f41bde2"><code>4c8582f</code></a>
Update agent versions</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/e8d595cd66544d43aca8ac7e42a212a5a83b41f8"><code>e8d595c</code></a>
fix disable_sudo_and_containers bug</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/5d277fc8734baba8746d0c18cb0a2594d4692c66"><code>5d277fc</code></a>
fix journalctl related bug</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/ff2ab228bdb9f0c9129169d47dbb2bdf4b8f9b0e"><code>ff2ab22</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/536">#536</a>
from rohan-stepsecurity/feat/flag/disable-sudo-and-co...</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/b81d650d0e627a80d0d73d192b33d729507e0ef5"><code>b81d650</code></a>
fix: run sudo command only when both disable-sudo and
disable-sudo-and-docker...</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/769df4ef5d6336b33b11e5b0d43934309cf439f6"><code>769df4e</code></a>
Update agent</li>
<li>Additional commits viewable in <a
href="https://github.com/step-security/harden-runner/compare/c6295a65d1254861815972266d5933fd6e532bdf...0634a2670c59f64b4a01f0f96f84700a4088b9f0">compare
view</a></li>
</ul>
</details>
<br />

Updates `google-github-actions/auth` from 2.1.8 to 2.1.10
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/google-github-actions/auth/releases">google-github-actions/auth's
releases</a>.</em></p>
<blockquote>
<h2>v2.1.10</h2>
<h2>What's Changed</h2>
<ul>
<li>Declare workflow permissions by <a
href="https://github.com/sethvargo"><code>@​sethvargo</code></a> in <a
href="https://redirect.github.com/google-github-actions/auth/pull/482">google-github-actions/auth#482</a></li>
<li>Document that the OIDC token expires in 5min by <a
href="https://github.com/sethvargo"><code>@​sethvargo</code></a> in <a
href="https://redirect.github.com/google-github-actions/auth/pull/483">google-github-actions/auth#483</a></li>
<li>Release: v2.1.10 by <a
href="https://github.com/google-github-actions-bot"><code>@​google-github-actions-bot</code></a>
in <a
href="https://redirect.github.com/google-github-actions/auth/pull/484">google-github-actions/auth#484</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/google-github-actions/auth/compare/v2.1.9...v2.1.10">https://github.com/google-github-actions/auth/compare/v2.1.9...v2.1.10</a></p>
<h2>v2.1.9</h2>
<h2>What's Changed</h2>
<ul>
<li>Use our custom boolean parsing by <a
href="https://github.com/sethvargo"><code>@​sethvargo</code></a> in <a
href="https://redirect.github.com/google-github-actions/auth/pull/478">google-github-actions/auth#478</a></li>
<li>Update deps by <a
href="https://github.com/sethvargo"><code>@​sethvargo</code></a> in <a
href="https://redirect.github.com/google-github-actions/auth/pull/479">google-github-actions/auth#479</a></li>
<li>Release: v2.1.9 by <a
href="https://github.com/google-github-actions-bot"><code>@​google-github-actions-bot</code></a>
in <a
href="https://redirect.github.com/google-github-actions/auth/pull/480">google-github-actions/auth#480</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/google-github-actions/auth/compare/v2.1.8...v2.1.9">https://github.com/google-github-actions/auth/compare/v2.1.8...v2.1.9</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/google-github-actions/auth/commit/ba79af03959ebeac9769e648f473a284504d9193"><code>ba79af0</code></a>
Release: v2.1.10 (<a
href="https://redirect.github.com/google-github-actions/auth/issues/484">#484</a>)</li>
<li><a
href="https://github.com/google-github-actions/auth/commit/bfaa66bd663615688155de119a676d67396f6bb7"><code>bfaa66b</code></a>
Document that the OIDC token expires in 5min (<a
href="https://redirect.github.com/google-github-actions/auth/issues/483">#483</a>)</li>
<li><a
href="https://github.com/google-github-actions/auth/commit/d0822ad9bf77d35dee590e455d9ef5b96ccb243c"><code>d0822ad</code></a>
Declare workflow permissions (<a
href="https://redirect.github.com/google-github-actions/auth/issues/482">#482</a>)</li>
<li><a
href="https://github.com/google-github-actions/auth/commit/7b53cdc2a387814ed14eec026287aac689ae8c9b"><code>7b53cdc</code></a>
Release: v2.1.9 (<a
href="https://redirect.github.com/google-github-actions/auth/issues/480">#480</a>)</li>
<li><a
href="https://github.com/google-github-actions/auth/commit/a9cfddf5d2f27aa426027a399f75d209953ade8e"><code>a9cfddf</code></a>
Update deps (<a
href="https://redirect.github.com/google-github-actions/auth/issues/479">#479</a>)</li>
<li><a
href="https://github.com/google-github-actions/auth/commit/b011f3988e66cb193db0f34974b1d7cde74e4f95"><code>b011f39</code></a>
Use our custom boolean parsing (<a
href="https://redirect.github.com/google-github-actions/auth/issues/478">#478</a>)</li>
<li>See full diff in <a
href="https://github.com/google-github-actions/auth/compare/71f986410dfbc7added4569d411d040a91dc6935...ba79af03959ebeac9769e648f473a284504d9193">compare
view</a></li>
</ul>
</details>
<br />

Updates `actions/download-artifact` from 4.2.1 to 4.3.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/download-artifact/releases">actions/download-artifact's
releases</a>.</em></p>
<blockquote>
<h2>v4.3.0</h2>
<h2>What's Changed</h2>
<ul>
<li>feat: implement new <code>artifact-ids</code> input by <a
href="https://github.com/GrantBirki"><code>@​GrantBirki</code></a> in <a
href="https://redirect.github.com/actions/download-artifact/pull/401">actions/download-artifact#401</a></li>
<li>Fix workflow example for downloading by artifact ID by <a
href="https://github.com/joshmgross"><code>@​joshmgross</code></a> in <a
href="https://redirect.github.com/actions/download-artifact/pull/402">actions/download-artifact#402</a></li>
<li>Prep for v4.3.0 release by <a
href="https://github.com/robherley"><code>@​robherley</code></a> in <a
href="https://redirect.github.com/actions/download-artifact/pull/404">actions/download-artifact#404</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/GrantBirki"><code>@​GrantBirki</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/download-artifact/pull/401">actions/download-artifact#401</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/download-artifact/compare/v4.2.1...v4.3.0">https://github.com/actions/download-artifact/compare/v4.2.1...v4.3.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/download-artifact/commit/d3f86a106a0bac45b974a628896c90dbdf5c8093"><code>d3f86a1</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/download-artifact/issues/404">#404</a>
from actions/robherley/v4.3.0</li>
<li><a
href="https://github.com/actions/download-artifact/commit/fc02353415da80201a0da48ab47022efd7725d11"><code>fc02353</code></a>
prep for v4.3.0 release</li>
<li><a
href="https://github.com/actions/download-artifact/commit/77454371a433f370a16d329ef7db197f700a7a8f"><code>7745437</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/download-artifact/issues/402">#402</a>
from actions/joshmgross/download-by-id-example</li>
<li><a
href="https://github.com/actions/download-artifact/commit/84fc7a0a358aabc7f97f7f590cbfc25f57e26c6a"><code>84fc7a0</code></a>
Remove path filters from Check dist workflow</li>
<li><a
href="https://github.com/actions/download-artifact/commit/67f2bc382f6ba5ba75812a05909e8c25a366b5fb"><code>67f2bc3</code></a>
Fix workflow example for downloading by artifact ID</li>
<li><a
href="https://github.com/actions/download-artifact/commit/8ea3c2c174f79a56792e9fdd9baad75d27c5d369"><code>8ea3c2c</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/download-artifact/issues/401">#401</a>
from actions/download-by-id</li>
<li><a
href="https://github.com/actions/download-artifact/commit/d219c630f65d8bd14366a9e2f731cbf854f62258"><code>d219c63</code></a>
add supporting unit tests for artifact downloads with ids</li>
<li><a
href="https://github.com/actions/download-artifact/commit/54124fbd881f8ce794405a06896c93c49c17463e"><code>54124fb</code></a>
revert <code>getArtifact()</code> changes - for now we have to list and
filter by artifa...</li>
<li><a
href="https://github.com/actions/download-artifact/commit/b83057b90d3e218abf5c7b1906579eb6c598ae85"><code>b83057b</code></a>
bundle</li>
<li><a
href="https://github.com/actions/download-artifact/commit/171183c7dce98c3cf8a1fc842429d0a38ed21d33"><code>171183c</code></a>
use the same <code>artifactClient.getArtifact</code> structure as seen
above in `isSingl...</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/download-artifact/compare/95815c38cf2ff2164869cbab79da8d1f422bc89e...d3f86a106a0bac45b974a628896c90dbdf5c8093">compare
view</a></li>
</ul>
</details>
<br />

Updates `actions/attest` from 2.2.1 to 2.3.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/attest/releases">actions/attest's
releases</a>.</em></p>
<blockquote>
<h2>v2.3.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Bump <code>@​octokit/request</code> from 8.2.0 to 8.4.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/attest/pull/229">actions/attest#229</a></li>
<li>Bump <code>@​sigstore/oci</code> from 0.4.0 to 0.5.0 by <a
href="https://github.com/bdehamer"><code>@​bdehamer</code></a> in <a
href="https://redirect.github.com/actions/attest/pull/235">actions/attest#235</a>
<ul>
<li>Adds support for reading the <code>HttpHeaders</code> value from the
Docker config file</li>
</ul>
</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/attest/compare/v2...v2.3.0">https://github.com/actions/attest/compare/v2...v2.3.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/attest/commit/afd638254319277bb3d7f0a234478733e2e46a73"><code>afd6382</code></a>
Bump <code>@​sigstore/oci</code> from 0.4.0 to 0.5.0 (<a
href="https://redirect.github.com/actions/attest/issues/235">#235</a>)</li>
<li><a
href="https://github.com/actions/attest/commit/d73111199c05526c91684e5e845606249f88accc"><code>d731111</code></a>
Bump the npm-development group across 1 directory with 6 updates (<a
href="https://redirect.github.com/actions/attest/issues/234">#234</a>)</li>
<li><a
href="https://github.com/actions/attest/commit/13aa4f6a9ce09dcf318f1ac18a48388699d96a62"><code>13aa4f6</code></a>
Bump <code>@​octokit/request</code> from 8.2.0 to 8.4.1 (<a
href="https://redirect.github.com/actions/attest/issues/229">#229</a>)</li>
<li><a
href="https://github.com/actions/attest/commit/129b656e44fad75bb154cc2953cf07ba1da8a419"><code>129b656</code></a>
Bump the npm-development group with 3 updates (<a
href="https://redirect.github.com/actions/attest/issues/227">#227</a>)</li>
<li><a
href="https://github.com/actions/attest/commit/f3c169c8df83481993e3075060fc687e87747125"><code>f3c169c</code></a>
Bump the npm-development group with 5 updates (<a
href="https://redirect.github.com/actions/attest/issues/225">#225</a>)</li>
<li><a
href="https://github.com/actions/attest/commit/48e991bfda5b806f66f0a2ad8ae4e17f14cdfd33"><code>48e991b</code></a>
Bump the npm-development group across 1 directory with 6 updates (<a
href="https://redirect.github.com/actions/attest/issues/223">#223</a>)</li>
<li>See full diff in <a
href="https://github.com/actions/attest/compare/a63cfcc7d1aab266ee064c58250cfc2c7d07bc31...afd638254319277bb3d7f0a234478733e2e46a73">compare
view</a></li>
</ul>
</details>
<br />

Updates `tj-actions/changed-files` from
9934ab3fdf63239da75d9e0fbd339c48620c72c4 to
5426ecc3f5c2b10effaefbd374f0abdc6a571b2f
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h1><a
href="https://github.com/tj-actions/changed-files/compare/v46.0.4...v46.0.5">46.0.5</a>
- (2025-04-09)</h1>
<h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2>
<ul>
<li><strong>deps:</strong> Bump yaml from 2.7.0 to 2.7.1 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2520">#2520</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/ed68ef82c095e0d48ec87eccea555d944a631a4c">ed68ef8</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump typescript from 5.8.2 to 5.8.3 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2516">#2516</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/a7bc14b808f23d3b467a4079c69a81f1a4500fd5">a7bc14b</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump <code>@​types/node</code> from
22.13.11 to 22.14.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2517">#2517</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/3d751f6b6d84071a17e1b9cf4ed79a80a27dd0ab">3d751f6</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump eslint-plugin-prettier from 5.2.3 to
5.2.6 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2519">#2519</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/e2fda4ec3cb0bc2a353843cae823430b3124db8f">e2fda4e</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump ts-jest from 29.2.6 to 29.3.1 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2518">#2518</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/0bed1b1132ec4879a39a2d624cf82a00d0bcfa48">0bed1b1</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump github/codeql-action from 3.28.12 to
3.28.15 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2530">#2530</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/68024587dc36f49685c96d59d3f1081830f968bb">6802458</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump tj-actions/branch-names from 8.0.1 to
8.1.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2521">#2521</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/cf2e39e86bf842d1f9bc5bca56c0a6b207cca792">cf2e39e</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump tj-actions/verify-changed-files from
20.0.1 to 20.0.4 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2523">#2523</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/6abeaa506a419f85fa9e681260b443adbeebb3d4">6abeaa5</a>)
- (dependabot[bot])</li>
</ul>
<h2><!-- raw HTML omitted -->⬆️ Upgrades</h2>
<ul>
<li>Upgraded to v46.0.4 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2511">#2511</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a
href="https://github.com/tj-actions/changed-files/commit/6f67ee9ac810f0192ea7b3d2086406f97847bcf9">6f67ee9</a>)
- (github-actions[bot])</p>
<h1><a
href="https://github.com/tj-actions/changed-files/compare/v46.0.3...v46.0.4">46.0.4</a>
- (2025-04-03)</h1>
<h2><!-- raw HTML omitted -->🐛 Bug Fixes</h2>
<ul>
<li>Bug modified_keys and changed_key outputs not set when no changes
detected (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2509">#2509</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/6cb76d07bee4c9772c6882c06c37837bf82a04d3">6cb76d0</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted -->📚 Documentation</h2>
<ul>
<li>Update readme (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2508">#2508</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/b74df86ccb65173a8e33ba5492ac1a2ca6b216fd">b74df86</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted -->⬆️ Upgrades</h2>
<ul>
<li>Upgraded to v46.0.3 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2506">#2506</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted -->
Co-authored-by: Tonye Jack <a
href="mailto:jtonye@ymail.com">jtonye@ymail.com</a> (<a
href="https://github.com/tj-actions/changed-files/commit/27ae6b33eaed7bf87272fdeb9f1c54f9facc9d99">27ae6b3</a>)
- (github-actions[bot])</p>
<h1><a
href="https://github.com/tj-actions/changed-files/compare/v46.0.2...v46.0.3">46.0.3</a>
- (2025-03-23)</h1>
<h2><!-- raw HTML omitted -->🔄 Update</h2>
<ul>
<li>Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2501">#2501</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a
href="https://github.com/tj-actions/changed-files/commit/41e0de576a0f2b64d9f06f2773f539109e55a70a">41e0de5</a>)
- (github-actions[bot])</p>
<ul>
<li>Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2499">#2499</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a
href="https://github.com/tj-actions/changed-files/commit/945787811a795cd840a1157ac590dd7827a05c8e">9457878</a>)
- (github-actions[bot])</p>
<h2><!-- raw HTML omitted -->📚 Documentation</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/tj-actions/changed-files/commit/5426ecc3f5c2b10effaefbd374f0abdc6a571b2f"><code>5426ecc</code></a>
chore(deps): bump actions/download-artifact from 4.2.1 to 4.3.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2545">#2545</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/513a44e6095ccea82c33927169db11eb75f72791"><code>513a44e</code></a>
chore(deps-dev): bump <code>@​types/node</code> from 22.14.1 to 22.15.0
(<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2544">#2544</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/46e217dc3e3b2601594036314ca9212588075592"><code>46e217d</code></a>
chore(deps): bump github/codeql-action from 3.28.15 to 3.28.16 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2542">#2542</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/c34c1c13a740b06851baff92ab9a653d93ad6ce7"><code>c34c1c1</code></a>
chore(deps): bump actions/setup-node from 4.3.0 to 4.4.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2539">#2539</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/52c3beb9971d42006b24e86bf3ea3fff18dde67f"><code>52c3beb</code></a>
chore(deps-dev): bump ts-jest from 29.3.1 to 29.3.2 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2536">#2536</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/ea3010bc88ae93076e154efd9eb64d1f5e6993f9"><code>ea3010b</code></a>
chore(deps-dev): bump <code>@​types/node</code> from 22.14.0 to 22.14.1
(<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2537">#2537</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/be393a90381e27c9fec2c8c2e02b00f005710145"><code>be393a9</code></a>
remove: commit and push step from build job (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2538">#2538</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/9b4bb2bedb217d3ede225b6b07ebde713177cd8f"><code>9b4bb2b</code></a>
chore(deps): bump tj-actions/branch-names from 8.1.0 to 8.2.1 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2535">#2535</a>)</li>
<li>See full diff in <a
href="https://github.com/tj-actions/changed-files/compare/9934ab3fdf63239da75d9e0fbd339c48620c72c4...5426ecc3f5c2b10effaefbd374f0abdc6a571b2f">compare
view</a></li>
</ul>
</details>
<br />

Updates `nix-community/cache-nix-action` from 6.1.2 to 6.1.3
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/nix-community/cache-nix-action/releases">nix-community/cache-nix-action's
releases</a>.</em></p>
<blockquote>
<h2>v6.1.3</h2>
<h2>Fixes</h2>
<ul>
<li>Use <code>bigint</code> instead of <code>number</code> for the store
size (<a
href="https://redirect.github.com/nix-community/cache-nix-action/issues/117">#117</a>)</li>
<li>Fix saving a cache (<a
href="https://redirect.github.com/nix-community/cache-nix-action/issues/122">#122</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/nix-community/cache-nix-action/commit/135667ec418502fa5a3598af6fb9eb733888ce6a"><code>135667e</code></a>
Merge pull request <a
href="https://redirect.github.com/nix-community/cache-nix-action/issues/122">#122</a>
from nix-community/118-bug-cant-save-a-cache</li>
<li><a
href="https://github.com/nix-community/cache-nix-action/commit/e29de90a039b410e88cd97a0029c3cbdad611ad5"><code>e29de90</code></a>
chore: build the action</li>
<li><a
href="https://github.com/nix-community/cache-nix-action/commit/6bd39b8caa31871d2bc38356ab8b94621ca1e116"><code>6bd39b8</code></a>
fix(action): use TarCommandModifiers</li>
<li><a
href="https://github.com/nix-community/cache-nix-action/commit/1b6f6754d3c59414aad4ab660cd611b1e35c0232"><code>1b6f675</code></a>
chore(deps): update buildjet/toolkit</li>
<li><a
href="https://github.com/nix-community/cache-nix-action/commit/2b45b8cabe18b0f3db2eb2cf4e195238eee4a325"><code>2b45b8c</code></a>
chore(deps): update actions/toolkit</li>
<li><a
href="https://github.com/nix-community/cache-nix-action/commit/f68581e27a06c8c9115dec37e42325d562d9664b"><code>f68581e</code></a>
chore: build the action</li>
<li><a
href="https://github.com/nix-community/cache-nix-action/commit/b6406dc6e7f9c6ad6b399ed561f29f7e406544d5"><code>b6406dc</code></a>
Merge pull request <a
href="https://redirect.github.com/nix-community/cache-nix-action/issues/117">#117</a>
from nix-community/116-bug-inputsgcmaxstoresizevalue-...</li>
<li><a
href="https://github.com/nix-community/cache-nix-action/commit/a91821953137cbb5f2a2d45fa174d69fea427ef4"><code>a918219</code></a>
chore: build the action</li>
<li><a
href="https://github.com/nix-community/cache-nix-action/commit/c6081efc5157c972934491630ade96e53259023c"><code>c6081ef</code></a>
feat(ci): add example of large gc-max-store-size</li>
<li><a
href="https://github.com/nix-community/cache-nix-action/commit/cf6af9e3e9fb402a3b92286b7c8b48afa94de5a6"><code>cf6af9e</code></a>
fix(action): use bigint for the store size</li>
<li>Additional commits viewable in <a
href="https://github.com/nix-community/cache-nix-action/compare/c448f065ba14308da81de769632ca67a3ce67cf5...135667ec418502fa5a3598af6fb9eb733888ce6a">compare
view</a></li>
</ul>
</details>
<br />

Updates `github/codeql-action` from 3.28.15 to 3.28.16
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.28.16</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.28.16 - 23 Apr 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.1. <a
href="https://redirect.github.com/github/codeql-action/pull/2863">#2863</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.28.16/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.28.16 - 23 Apr 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.1. <a
href="https://redirect.github.com/github/codeql-action/pull/2863">#2863</a></li>
</ul>
<h2>3.28.15 - 07 Apr 2025</h2>
<ul>
<li>Fix bug where the action would fail if it tried to produce a debug
artifact with more than 65535 files. <a
href="https://redirect.github.com/github/codeql-action/pull/2842">#2842</a></li>
</ul>
<h2>3.28.14 - 07 Apr 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.0. <a
href="https://redirect.github.com/github/codeql-action/pull/2838">#2838</a></li>
</ul>
<h2>3.28.13 - 24 Mar 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.12 - 19 Mar 2025</h2>
<ul>
<li>Dependency caching should now cache more dependencies for Java
<code>build-mode: none</code> extractions. This should speed up
workflows and avoid inconsistent alerts in some cases.</li>
<li>Update default CodeQL bundle version to 2.20.7. <a
href="https://redirect.github.com/github/codeql-action/pull/2810">#2810</a></li>
</ul>
<h2>3.28.11 - 07 Mar 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.6. <a
href="https://redirect.github.com/github/codeql-action/pull/2793">#2793</a></li>
</ul>
<h2>3.28.10 - 21 Feb 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.5. <a
href="https://redirect.github.com/github/codeql-action/pull/2772">#2772</a></li>
<li>Address an issue where the CodeQL Bundle would occasionally fail to
decompress on macOS. <a
href="https://redirect.github.com/github/codeql-action/pull/2768">#2768</a></li>
</ul>
<h2>3.28.9 - 07 Feb 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.4. <a
href="https://redirect.github.com/github/codeql-action/pull/2753">#2753</a></li>
</ul>
<h2>3.28.8 - 29 Jan 2025</h2>
<ul>
<li>Enable support for Kotlin 2.1.10 when running with CodeQL CLI
v2.20.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2744">#2744</a></li>
</ul>
<h2>3.28.7 - 29 Jan 2025</h2>
<p>No user facing changes.</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/28deaeda66b76a05916b6923827895f2b14ab387"><code>28deaed</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2865">#2865</a>
from github/update-v3.28.16-2a8cbadc0</li>
<li><a
href="https://github.com/github/codeql-action/commit/03c5d71c11f6cb2c5ba7eef371219a862be30193"><code>03c5d71</code></a>
Update changelog for v3.28.16</li>
<li><a
href="https://github.com/github/codeql-action/commit/2a8cbadc02bb64a7fd15d37c977acbad02496c80"><code>2a8cbad</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2863">#2863</a>
from github/update-bundle/codeql-bundle-v2.21.1</li>
<li><a
href="https://github.com/github/codeql-action/commit/f76eaf51a636a5c1d927998267d92d6475363ace"><code>f76eaf5</code></a>
Add changelog note</li>
<li><a
href="https://github.com/github/codeql-action/commit/e63b3f5166c15fda4eb17886f01abe9445dd13f5"><code>e63b3f5</code></a>
Update default bundle to codeql-bundle-v2.21.1</li>
<li><a
href="https://github.com/github/codeql-action/commit/4c3e5362829f0b0bb62ff5f6c938d7f95574c306"><code>4c3e536</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2853">#2853</a>
from github/dependabot/npm_and_yarn/npm-7d84c66b66</li>
<li><a
href="https://github.com/github/codeql-action/commit/56dd02f26d99811d607284494ff84b7d862fe837"><code>56dd02f</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2852">#2852</a>
from github/dependabot/github_actions/actions-457587...</li>
<li><a
href="https://github.com/github/codeql-action/commit/192406dd845fb2228fcea74898b98df2a6cdcef6"><code>192406d</code></a>
Merge branch 'main' into
dependabot/github_actions/actions-4575878e06</li>
<li><a
href="https://github.com/github/codeql-action/commit/c7dbb2084ed1bb623fbbb3976cd6dbae6daaf1fe"><code>c7dbb20</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2857">#2857</a>
from github/nickfyson/address-vulns</li>
<li><a
href="https://github.com/github/codeql-action/commit/9a45cd8c5025281c30bbb652197ace083c291e49"><code>9a45cd8</code></a>
move use of input variables into env vars</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/45775bd8235c68ba998cffa5171334d58593da47...28deaeda66b76a05916b6923827895f2b14ab387">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-28 13:22:26 +00:00
Hugo Dutka b47d54d777 chore: cache terraform providers between CI test runs (#17373) 
Addresses https://github.com/coder/internal/issues/322.

This PR starts caching Terraform providers used by `TestProvision` in
`provisioner/terraform/provision_test.go`. The goal is to improve the
reliability of this test by cutting down on the number of network calls
to external services. It leverages GitHub Actions cache, which [on depot
runners is persisted for 14 days by
default](https://depot.dev/docs/github-actions/overview#cache-retention-policy).

Other than the aforementioned `TestProvision`, I couldn't find any other
tests which depend on external terraform providers.
 2025-04-28 10:57:24 +02:00
Ethan 4f70b596dc ci: move go install tools to separate action (#17552) 
I think using an older version of mockgen on the schmoder CI broke the
workflow, so I'm gonna sync it via this action, like we do with the
other `make build` dependencies.
 2025-04-24 03:02:57 +00:00
dependabot[bot] fa594f4f6a ci: bump the github-actions group across 1 directory with 8 updates (#17377) 
Bumps the github-actions group with 8 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
|
[step-security/harden-runner](https://github.com/step-security/harden-runner)
| `2.11.0` | `2.11.1` |
| [crate-ci/typos](https://github.com/crate-ci/typos) | `1.29.10` |
`1.31.1` |
| [actions/setup-java](https://github.com/actions/setup-java) | `4.7.0`
| `4.7.1` |
|
[tj-actions/changed-files](https://github.com/tj-actions/changed-files)
| `27ae6b33eaed7bf87272fdeb9f1c54f9facc9d99` |
`9934ab3fdf63239da75d9e0fbd339c48620c72c4` |
| [tj-actions/branch-names](https://github.com/tj-actions/branch-names)
| `8.1.0` | `8.2.1` |
| [github/codeql-action](https://github.com/github/codeql-action) |
`3.28.12` | `3.28.15` |
|
[coder/start-workspace-action](https://github.com/coder/start-workspace-action)
| `26d3600161d67901f24d8612793d3b82771cde2d` |
`35a4608cefc7e8cc56573cae7c3b85304575cb72` |
|
[umbrelladocs/action-linkspector](https://github.com/umbrelladocs/action-linkspector)
| `1.3.2` | `1.3.4` |


Updates `step-security/harden-runner` from 2.11.0 to 2.11.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's
releases</a>.</em></p>
<blockquote>
<h2>v2.11.1</h2>
<h2>What's Changed</h2>
<ul>
<li>cache: add support for GitHub Actions cache v2 by <a
href="https://github.com/h0x0er"><code>@​h0x0er</code></a> in <a
href="https://redirect.github.com/step-security/harden-runner/pull/529">step-security/harden-runner#529</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/step-security/harden-runner/compare/v2...v2.11.1">https://github.com/step-security/harden-runner/compare/v2...v2.11.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/step-security/harden-runner/commit/c6295a65d1254861815972266d5933fd6e532bdf"><code>c6295a6</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/530">#530</a>
from step-security/rc-19</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/3e118b145bd13a08b2e465cf3a216df0f6c7746e"><code>3e118b1</code></a>
Improve error handling</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/b38e918ba8cf8d08113e53089af0d89429dcc51a"><code>b38e918</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/529">#529</a>
from h0x0er/jatin/cache-fix</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/0664d30cda4109be234d326b54ac1cc6385597a2"><code>0664d30</code></a>
cache: added support for cache v2</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/b131ca5ebfca4930fe6d4a3e82d1e386b4873c94"><code>b131ca5</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/524">#524</a>
from step-security/fix/security/GHSA-968p-4wvh-cqc8</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/2dc9579753e01c4033425fcc7b74e652b583ca50"><code>2dc9579</code></a>
Address vulnerabilities</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/f054d811b5b89fde2f954d54dc8622ec3aaab9ab"><code>f054d81</code></a>
Update README (<a
href="https://redirect.github.com/step-security/harden-runner/issues/522">#522</a>)</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/8a09271fed8277ab7fb02dbb5917c8d0e78323b4"><code>8a09271</code></a>
Update Readme (<a
href="https://redirect.github.com/step-security/harden-runner/issues/520">#520</a>)</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/6ec6af7d622602bd852df48848f3cae95c760a48"><code>6ec6af7</code></a>
Update readme (<a
href="https://redirect.github.com/step-security/harden-runner/issues/518">#518</a>)</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/539365ba33fd040cf8c4db243b6f0ed3b32c3283"><code>539365b</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/516">#516</a>
from vorburger/patch-1</li>
<li>Additional commits viewable in <a
href="https://github.com/step-security/harden-runner/compare/4d991eb9b905ef189e4c376166672c3f2f230481...c6295a65d1254861815972266d5933fd6e532bdf">compare
view</a></li>
</ul>
</details>
<br />

Updates `crate-ci/typos` from 1.29.10 to 1.31.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/crate-ci/typos/releases">crate-ci/typos's
releases</a>.</em></p>
<blockquote>
<h2>v1.31.1</h2>
<h2>[1.31.1] - 2025-03-31</h2>
<h3>Fixes</h3>
<ul>
<li><em>(dict)</em> Also correct <code>typ</code> to
<code>type</code></li>
</ul>
<h2>v1.31.0</h2>
<h2>[1.31.0] - 2025-03-28</h2>
<h3>Features</h3>
<ul>
<li>Updated the dictionary with the <a
href="https://redirect.github.com/crate-ci/typos/issues/1266">March
2025</a> changes</li>
</ul>
<h2>v1.30.3</h2>
<h2>[1.30.3] - 2025-03-24</h2>
<h3>Features</h3>
<ul>
<li>Support detecting <code>go.work</code> and <code>go.work.sum</code>
files</li>
</ul>
<h2>v1.30.2</h2>
<h2>[1.30.2] - 2025-03-10</h2>
<h3>Features</h3>
<ul>
<li>Add <code>--highlight-words</code> and
<code>--highlight-identifiers</code> for easier debugging of config</li>
</ul>
<h2>v1.30.1</h2>
<h2>[1.30.1] - 2025-03-04</h2>
<h3>Features</h3>
<ul>
<li><em>(action)</em> Create <code>v1</code> tag</li>
</ul>
<h2>v1.30.0</h2>
<h2>[1.30.0] - 2025-03-01</h2>
<h3>Features</h3>
<ul>
<li>Updated the dictionary with the <a
href="https://redirect.github.com/crate-ci/typos/issues/1221">February
2025</a> changes</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/crate-ci/typos/blob/master/CHANGELOG.md">crate-ci/typos's
changelog</a>.</em></p>
<blockquote>
<h1>Change Log</h1>
<p>All notable changes to this project will be documented in this
file.</p>
<p>The format is based on <a href="http://keepachangelog.com/">Keep a
Changelog</a>
and this project adheres to <a href="http://semver.org/">Semantic
Versioning</a>.</p>
<!-- raw HTML omitted -->
<h2>[Unreleased] - ReleaseDate</h2>
<h2>[1.31.1] - 2025-03-31</h2>
<h3>Fixes</h3>
<ul>
<li><em>(dict)</em> Also correct <code>typ</code> to
<code>type</code></li>
</ul>
<h2>[1.31.0] - 2025-03-28</h2>
<h3>Features</h3>
<ul>
<li>Updated the dictionary with the <a
href="https://redirect.github.com/crate-ci/typos/issues/1266">March
2025</a> changes</li>
</ul>
<h2>[1.30.3] - 2025-03-24</h2>
<h3>Features</h3>
<ul>
<li>Support detecting <code>go.work</code> and <code>go.work.sum</code>
files</li>
</ul>
<h2>[1.30.2] - 2025-03-10</h2>
<h3>Features</h3>
<ul>
<li>Add <code>--highlight-words</code> and
<code>--highlight-identifiers</code> for easier debugging of config</li>
</ul>
<h2>[1.30.1] - 2025-03-04</h2>
<h3>Features</h3>
<ul>
<li><em>(action)</em> Create <code>v1</code> tag</li>
</ul>
<h2>[1.30.0] - 2025-03-01</h2>
<h3>Features</h3>
<ul>
<li>Updated the dictionary with the <a
href="https://redirect.github.com/crate-ci/typos/issues/1221">February
2025</a> changes</li>
</ul>
<h2>[1.29.10] - 2025-02-25</h2>
<h3>Fixes</h3>
<ul>
<li>Also correct <code>contaminent</code> as
<code>contaminant</code></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/crate-ci/typos/commit/b1a1ef3893ff35ade0cfa71523852a49bfd05d19"><code>b1a1ef3</code></a>
chore: Release</li>
<li><a
href="https://github.com/crate-ci/typos/commit/9c8a2c384f9b92ac5e7166040a1571141e271e7a"><code>9c8a2c3</code></a>
docs: Update changelog</li>
<li><a
href="https://github.com/crate-ci/typos/commit/12195d75fea9498ad83cb8d85e357a986e90fb7e"><code>12195d7</code></a>
Merge pull request <a
href="https://redirect.github.com/crate-ci/typos/issues/1267">#1267</a>
from epage/type</li>
<li><a
href="https://github.com/crate-ci/typos/commit/d4dbe5f77bde37609ce3424df4a713a61f87ad2b"><code>d4dbe5f</code></a>
fix(dict): Also correct typ to type</li>
<li><a
href="https://github.com/crate-ci/typos/commit/718c4ff697435edabd4f1c52c3775521adbb33a3"><code>718c4ff</code></a>
chore: Release</li>
<li><a
href="https://github.com/crate-ci/typos/commit/bfbf137ed65f9abe0e9a3a92a354a787ca084240"><code>bfbf137</code></a>
chore: Release</li>
<li><a
href="https://github.com/crate-ci/typos/commit/d47e90e4ffad8924461124c3b3787e220b811956"><code>d47e90e</code></a>
docs: Update changelog</li>
<li><a
href="https://github.com/crate-ci/typos/commit/0694c2a98227bebeefdfff96f2086480295d00a5"><code>0694c2a</code></a>
Merge pull request <a
href="https://redirect.github.com/crate-ci/typos/issues/1266">#1266</a>
from epage/march</li>
<li><a
href="https://github.com/crate-ci/typos/commit/f715ca8b0824515b13e3e51ed80c8a255d8a7d07"><code>f715ca8</code></a>
feat(dict): March 2025 updates</li>
<li><a
href="https://github.com/crate-ci/typos/commit/d08e4083f112e684fb88f6babd9ae60a1f1cd84f"><code>d08e408</code></a>
chore: Release</li>
<li>Additional commits viewable in <a
href="https://github.com/crate-ci/typos/compare/db35ee91e80fbb447f33b0e5fbddb24d2a1a884f...b1a1ef3893ff35ade0cfa71523852a49bfd05d19">compare
view</a></li>
</ul>
</details>
<br />

Updates `actions/setup-java` from 4.7.0 to 4.7.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/setup-java/releases">actions/setup-java's
releases</a>.</em></p>
<blockquote>
<h2>v4.7.1</h2>
<h2>What's Changed</h2>
<h3>Documentation changes</h3>
<ul>
<li>Add Documentation to Recommend Using GraalVM JDK 17 Version to
17.0.12 to Align with GFTC License Terms by <a
href="https://github.com/aparnajyothi-y"><code>@​aparnajyothi-y</code></a>
in <a
href="https://redirect.github.com/actions/setup-java/pull/704">actions/setup-java#704</a></li>
<li>Remove duplicated GraalVM section in documentation by <a
href="https://github.com/Marcono1234"><code>@​Marcono1234</code></a> in
<a
href="https://redirect.github.com/actions/setup-java/pull/716">actions/setup-java#716</a></li>
</ul>
<h3>Dependency updates:</h3>
<ul>
<li>Upgrade <code>@​action/cache</code> from 4.0.0 to 4.0.2 by <a
href="https://github.com/aparnajyothi-y"><code>@​aparnajyothi-y</code></a>
in <a
href="https://redirect.github.com/actions/setup-java/pull/766">actions/setup-java#766</a></li>
<li>Upgrade <code>@​actions/glob</code> from 0.4.0 to 0.5.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-java/pull/744">actions/setup-java#744</a></li>
<li>Upgrade ts-jest from 29.1.2 to 29.2.5 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-java/pull/743">actions/setup-java#743</a></li>
<li>Upgrade <code>@​action/cache</code> to 4.0.3 by <a
href="https://github.com/aparnajyothi-y"><code>@​aparnajyothi-y</code></a>
in <a
href="https://redirect.github.com/actions/setup-java/pull/773">actions/setup-java#773</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/setup-java/compare/v4...v4.7.1">https://github.com/actions/setup-java/compare/v4...v4.7.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/setup-java/commit/c5195efecf7bdfc987ee8bae7a71cb8b11521c00"><code>c5195ef</code></a>
actions/cache upgrade to 4.0.3 (<a
href="https://redirect.github.com/actions/setup-java/issues/773">#773</a>)</li>
<li><a
href="https://github.com/actions/setup-java/commit/dd38875f930accc291b5816356a21f72056c0b70"><code>dd38875</code></a>
Bump ts-jest from 29.1.2 to 29.2.5 (<a
href="https://redirect.github.com/actions/setup-java/issues/743">#743</a>)</li>
<li><a
href="https://github.com/actions/setup-java/commit/148017a9b0c6af80330bcc5db11d1c670d2e7074"><code>148017a</code></a>
Bump <code>@​actions/glob</code> from 0.4.0 to 0.5.0 (<a
href="https://redirect.github.com/actions/setup-java/issues/744">#744</a>)</li>
<li><a
href="https://github.com/actions/setup-java/commit/3b6c050358614dd082e53cdbc55580431fc4e437"><code>3b6c050</code></a>
Remove duplicated GraalVM section in documentation (<a
href="https://redirect.github.com/actions/setup-java/issues/716">#716</a>)</li>
<li><a
href="https://github.com/actions/setup-java/commit/b8ebb8ba1d9655f7f159c0a8b8135606ae11b5c9"><code>b8ebb8b</code></a>
upgrade <code>@​action/cache</code> from 4.0.0 to 4.0.2 (<a
href="https://redirect.github.com/actions/setup-java/issues/766">#766</a>)</li>
<li><a
href="https://github.com/actions/setup-java/commit/799ee7c97e9721ef38d1a7e8486c39753b9d6102"><code>799ee7c</code></a>
Add Documentation to Recommend Using GraalVM JDK 17 Version to 17.0.12
to Ali...</li>
<li>See full diff in <a
href="https://github.com/actions/setup-java/compare/3a4f6e1af504cf6a31855fa899c6aa5355ba6c12...c5195efecf7bdfc987ee8bae7a71cb8b11521c00">compare
view</a></li>
</ul>
</details>
<br />

Updates `tj-actions/changed-files` from
27ae6b33eaed7bf87272fdeb9f1c54f9facc9d99 to
9934ab3fdf63239da75d9e0fbd339c48620c72c4
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h1><a
href="https://github.com/tj-actions/changed-files/compare/v46.0.4...v46.0.5">46.0.5</a>
- (2025-04-09)</h1>
<h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2>
<ul>
<li><strong>deps:</strong> Bump yaml from 2.7.0 to 2.7.1 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2520">#2520</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/ed68ef82c095e0d48ec87eccea555d944a631a4c">ed68ef8</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump typescript from 5.8.2 to 5.8.3 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2516">#2516</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/a7bc14b808f23d3b467a4079c69a81f1a4500fd5">a7bc14b</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump <code>@​types/node</code> from
22.13.11 to 22.14.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2517">#2517</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/3d751f6b6d84071a17e1b9cf4ed79a80a27dd0ab">3d751f6</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump eslint-plugin-prettier from 5.2.3 to
5.2.6 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2519">#2519</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/e2fda4ec3cb0bc2a353843cae823430b3124db8f">e2fda4e</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump ts-jest from 29.2.6 to 29.3.1 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2518">#2518</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/0bed1b1132ec4879a39a2d624cf82a00d0bcfa48">0bed1b1</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump github/codeql-action from 3.28.12 to
3.28.15 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2530">#2530</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/68024587dc36f49685c96d59d3f1081830f968bb">6802458</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump tj-actions/branch-names from 8.0.1 to
8.1.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2521">#2521</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/cf2e39e86bf842d1f9bc5bca56c0a6b207cca792">cf2e39e</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump tj-actions/verify-changed-files from
20.0.1 to 20.0.4 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2523">#2523</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/6abeaa506a419f85fa9e681260b443adbeebb3d4">6abeaa5</a>)
- (dependabot[bot])</li>
</ul>
<h2><!-- raw HTML omitted -->⬆️ Upgrades</h2>
<ul>
<li>Upgraded to v46.0.4 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2511">#2511</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a
href="https://github.com/tj-actions/changed-files/commit/6f67ee9ac810f0192ea7b3d2086406f97847bcf9">6f67ee9</a>)
- (github-actions[bot])</p>
<h1><a
href="https://github.com/tj-actions/changed-files/compare/v46.0.3...v46.0.4">46.0.4</a>
- (2025-04-03)</h1>
<h2><!-- raw HTML omitted -->🐛 Bug Fixes</h2>
<ul>
<li>Bug modified_keys and changed_key outputs not set when no changes
detected (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2509">#2509</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/6cb76d07bee4c9772c6882c06c37837bf82a04d3">6cb76d0</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted -->📚 Documentation</h2>
<ul>
<li>Update readme (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2508">#2508</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/b74df86ccb65173a8e33ba5492ac1a2ca6b216fd">b74df86</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted -->⬆️ Upgrades</h2>
<ul>
<li>Upgraded to v46.0.3 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2506">#2506</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted -->
Co-authored-by: Tonye Jack <a
href="mailto:jtonye@ymail.com">jtonye@ymail.com</a> (<a
href="https://github.com/tj-actions/changed-files/commit/27ae6b33eaed7bf87272fdeb9f1c54f9facc9d99">27ae6b3</a>)
- (github-actions[bot])</p>
<h1><a
href="https://github.com/tj-actions/changed-files/compare/v46.0.2...v46.0.3">46.0.3</a>
- (2025-03-23)</h1>
<h2><!-- raw HTML omitted -->🔄 Update</h2>
<ul>
<li>Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2501">#2501</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a
href="https://github.com/tj-actions/changed-files/commit/41e0de576a0f2b64d9f06f2773f539109e55a70a">41e0de5</a>)
- (github-actions[bot])</p>
<ul>
<li>Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2499">#2499</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a
href="https://github.com/tj-actions/changed-files/commit/945787811a795cd840a1157ac590dd7827a05c8e">9457878</a>)
- (github-actions[bot])</p>
<h2><!-- raw HTML omitted -->📚 Documentation</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/tj-actions/changed-files/commit/9934ab3fdf63239da75d9e0fbd339c48620c72c4"><code>9934ab3</code></a>
chore(deps-dev): bump eslint-config-prettier from 10.1.1 to 10.1.2 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2532">#2532</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/db731a131ccd81ed52a3d463b6d2a4b2856c7ec9"><code>db731a1</code></a>
Upgraded to v46.0.5 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2531">#2531</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/ed68ef82c095e0d48ec87eccea555d944a631a4c"><code>ed68ef8</code></a>
chore(deps): bump yaml from 2.7.0 to 2.7.1 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2520">#2520</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/a7bc14b808f23d3b467a4079c69a81f1a4500fd5"><code>a7bc14b</code></a>
chore(deps-dev): bump typescript from 5.8.2 to 5.8.3 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2516">#2516</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/3d751f6b6d84071a17e1b9cf4ed79a80a27dd0ab"><code>3d751f6</code></a>
chore(deps-dev): bump <code>@​types/node</code> from 22.13.11 to 22.14.0
(<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2517">#2517</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/e2fda4ec3cb0bc2a353843cae823430b3124db8f"><code>e2fda4e</code></a>
chore(deps-dev): bump eslint-plugin-prettier from 5.2.3 to 5.2.6 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2519">#2519</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/0bed1b1132ec4879a39a2d624cf82a00d0bcfa48"><code>0bed1b1</code></a>
chore(deps-dev): bump ts-jest from 29.2.6 to 29.3.1 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2518">#2518</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/68024587dc36f49685c96d59d3f1081830f968bb"><code>6802458</code></a>
chore(deps): bump github/codeql-action from 3.28.12 to 3.28.15 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2530">#2530</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/cf2e39e86bf842d1f9bc5bca56c0a6b207cca792"><code>cf2e39e</code></a>
chore(deps): bump tj-actions/branch-names from 8.0.1 to 8.1.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2521">#2521</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/6abeaa506a419f85fa9e681260b443adbeebb3d4"><code>6abeaa5</code></a>
chore(deps): bump tj-actions/verify-changed-files from 20.0.1 to 20.0.4
(<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2523">#2523</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/tj-actions/changed-files/compare/27ae6b33eaed7bf87272fdeb9f1c54f9facc9d99...9934ab3fdf63239da75d9e0fbd339c48620c72c4">compare
view</a></li>
</ul>
</details>
<br />

Updates `tj-actions/branch-names` from 8.1.0 to 8.2.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tj-actions/branch-names/releases">tj-actions/branch-names's
releases</a>.</em></p>
<blockquote>
<h2>v8.2.1</h2>
<h2>What's Changed</h2>
<ul>
<li>fix: update sync-release-version.yml to sign commits by <a
href="https://github.com/jackton1"><code>@​jackton1</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/416">tj-actions/branch-names#416</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/tj-actions/branch-names/compare/v8.2.0...v8.2.1">https://github.com/tj-actions/branch-names/compare/v8.2.0...v8.2.1</a></p>
<h2>v8.2.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Upgraded to v8.1.0 by <a
href="https://github.com/jackton1"><code>@​jackton1</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/410">tj-actions/branch-names#410</a></li>
<li>feat: add support for replace forward slashes with hyphens by <a
href="https://github.com/jackton1"><code>@​jackton1</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/412">tj-actions/branch-names#412</a></li>
<li>chore: update update-readme.yml by <a
href="https://github.com/jackton1"><code>@​jackton1</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/414">tj-actions/branch-names#414</a></li>
<li>Updated README.md by <a
href="https://github.com/github-actions"><code>@​github-actions</code></a>
in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/415">tj-actions/branch-names#415</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/github-actions"><code>@​github-actions</code></a>
made their first contribution in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/415">tj-actions/branch-names#415</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/tj-actions/branch-names/compare/v8...v8.2.0">https://github.com/tj-actions/branch-names/compare/v8...v8.2.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/tj-actions/branch-names/blob/main/HISTORY.md">tj-actions/branch-names's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h1><a
href="https://github.com/tj-actions/branch-names/compare/v8.2.0...v8.2.1">8.2.1</a>
- (2025-04-11)</h1>
<h2><!-- raw HTML omitted -->🐛 Bug Fixes</h2>
<ul>
<li>Update sync-release-version.yml to sign commits (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/416">#416</a>)
(<a
href="https://github.com/tj-actions/branch-names/commit/dde14ac574a8b9b1cedc59a1cf312788af43d8d8">dde14ac</a>)
- (Tonye Jack)</li>
</ul>
<h1><a
href="https://github.com/tj-actions/branch-names/compare/v8.1.0...v8.2.0">8.2.0</a>
- (2025-04-11)</h1>
<h2><!-- raw HTML omitted -->🚀 Features</h2>
<ul>
<li>Add support for replace forward slashes with hyphens (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/412">#412</a>)
(<a
href="https://github.com/tj-actions/branch-names/commit/af406356b42c0855d5d112babee4a0b76ee630df">af40635</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted --> Remove</h2>
<ul>
<li>Deleted .github/workflows/rebase.yml (<a
href="https://github.com/tj-actions/branch-names/commit/c209967c9a91450d7dced6e5adc3c61ca030c868">c209967</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted -->🔄 Update</h2>
<ul>
<li>Updated README.md (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/415">#415</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a
href="https://github.com/tj-actions/branch-names/commit/47dfecabcf7a70329c1d7fc49d56ce56739c5420">47dfeca</a>)
- (github-actions[bot])</p>
<ul>
<li>Update update-readme.yml (<a
href="https://github.com/tj-actions/branch-names/commit/c9cf6f9a0e21d41fb9acf4025894c022a1dd22db">c9cf6f9</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2>
<ul>
<li>Update update-readme.yml (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/414">#414</a>)
(<a
href="https://github.com/tj-actions/branch-names/commit/b1f61bc147718240eda9ab8a823f836416ab297c">b1f61bc</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted -->⬆️ Upgrades</h2>
<ul>
<li>Upgraded from v8.0.2 -&gt; v8.1.0 (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/410">#410</a>)</li>
</ul>
<p>(<a
href="https://github.com/tj-actions/branch-names/commit/96012203a066021edaf47a9381953d843444eacf">9601220</a>)
- (Tonye Jack)</p>
<h1><a
href="https://github.com/tj-actions/branch-names/compare/v8.0.2...v8.1.0">8.1.0</a>
- (2025-03-23)</h1>
<h2><!-- raw HTML omitted -->🚀 Features</h2>
<ul>
<li>Add support for strip_branch_prefix (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/406">#406</a>)
(<a
href="https://github.com/tj-actions/branch-names/commit/c83c87ab5379a8ff88c905ea78c391c0d53972ac">c83c87a</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted -->🔄 Update</h2>
<ul>
<li>Updated README.md (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/408">#408</a>)</li>
</ul>
<p>(<a
href="https://github.com/tj-actions/branch-names/commit/d18e657ed32f367301fdebeb9a88b7e5539f3052">d18e657</a>)
- (Tonye Jack)</p>
<h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2>
<ul>
<li>Update test.yml (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/409">#409</a>)
(<a
href="https://github.com/tj-actions/branch-names/commit/f44339b51f74753b57583fbbd124e18a81170ab1">f44339b</a>)
- (Tonye Jack)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/tj-actions/branch-names/commit/dde14ac574a8b9b1cedc59a1cf312788af43d8d8"><code>dde14ac</code></a>
fix: update sync-release-version.yml to sign commits (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/416">#416</a>)</li>
<li><a
href="https://github.com/tj-actions/branch-names/commit/47dfecabcf7a70329c1d7fc49d56ce56739c5420"><code>47dfeca</code></a>
Updated README.md (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/415">#415</a>)</li>
<li><a
href="https://github.com/tj-actions/branch-names/commit/c9cf6f9a0e21d41fb9acf4025894c022a1dd22db"><code>c9cf6f9</code></a>
Update update-readme.yml</li>
<li><a
href="https://github.com/tj-actions/branch-names/commit/b1f61bc147718240eda9ab8a823f836416ab297c"><code>b1f61bc</code></a>
chore: update update-readme.yml (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/414">#414</a>)</li>
<li><a
href="https://github.com/tj-actions/branch-names/commit/af406356b42c0855d5d112babee4a0b76ee630df"><code>af40635</code></a>
feat: add support for replace forward slashes with hyphens (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/412">#412</a>)</li>
<li><a
href="https://github.com/tj-actions/branch-names/commit/c209967c9a91450d7dced6e5adc3c61ca030c868"><code>c209967</code></a>
Deleted .github/workflows/rebase.yml</li>
<li><a
href="https://github.com/tj-actions/branch-names/commit/96012203a066021edaf47a9381953d843444eacf"><code>9601220</code></a>
Upgraded from v8.0.2 -&gt; v8.1.0 (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/410">#410</a>)</li>
<li>See full diff in <a
href="https://github.com/tj-actions/branch-names/compare/f44339b51f74753b57583fbbd124e18a81170ab1...dde14ac574a8b9b1cedc59a1cf312788af43d8d8">compare
view</a></li>
</ul>
</details>
<br />

Updates `github/codeql-action` from 3.28.12 to 3.28.15
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.28.15</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.28.15 - 07 Apr 2025</h2>
<ul>
<li>Fix bug where the action would fail if it tried to produce a debug
artifact with more than 65535 files. <a
href="https://redirect.github.com/github/codeql-action/pull/2842">#2842</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.28.15/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
<h2>v3.28.14</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.28.14 - 07 Apr 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.0. <a
href="https://redirect.github.com/github/codeql-action/pull/2838">#2838</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.28.14/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
<h2>v3.28.13</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.28.13 - 24 Mar 2025</h2>
<p>No user facing changes.</p>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.28.13/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.28.15 - 07 Apr 2025</h2>
<ul>
<li>Fix bug where the action would fail if it tried to produce a debug
artifact with more than 65535 files. <a
href="https://redirect.github.com/github/codeql-action/pull/2842">#2842</a></li>
</ul>
<h2>3.28.14 - 07 Apr 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.0. <a
href="https://redirect.github.com/github/codeql-action/pull/2838">#2838</a></li>
</ul>
<h2>3.28.13 - 24 Mar 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.12 - 19 Mar 2025</h2>
<ul>
<li>Dependency caching should now cache more dependencies for Java
<code>build-mode: none</code> extractions. This should speed up
workflows and avoid inconsistent alerts in some cases.</li>
<li>Update default CodeQL bundle version to 2.20.7. <a
href="https://redirect.github.com/github/codeql-action/pull/2810">#2810</a></li>
</ul>
<h2>3.28.11 - 07 Mar 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.6. <a
href="https://redirect.github.com/github/codeql-action/pull/2793">#2793</a></li>
</ul>
<h2>3.28.10 - 21 Feb 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.5. <a
href="https://redirect.github.com/github/codeql-action/pull/2772">#2772</a></li>
<li>Address an issue where the CodeQL Bundle would occasionally fail to
decompress on macOS. <a
href="https://redirect.github.com/github/codeql-action/pull/2768">#2768</a></li>
</ul>
<h2>3.28.9 - 07 Feb 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.4. <a
href="https://redirect.github.com/github/codeql-action/pull/2753">#2753</a></li>
</ul>
<h2>3.28.8 - 29 Jan 2025</h2>
<ul>
<li>Enable support for Kotlin 2.1.10 when running with CodeQL CLI
v2.20.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2744">#2744</a></li>
</ul>
<h2>3.28.7 - 29 Jan 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.6 - 27 Jan 2025</h2>
<ul>
<li>Re-enable debug artifact upload for CLI versions 2.20.3 or greater.
<a
href="https://redirect.github.com/github/codeql-action/pull/2726">#2726</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/45775bd8235c68ba998cffa5171334d58593da47"><code>45775bd</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2854">#2854</a>
from github/update-v3.28.15-a35ae8c38</li>
<li><a
href="https://github.com/github/codeql-action/commit/dd78aab4078b17a672a66d6a80a990beb672ede1"><code>dd78aab</code></a>
Update CHANGELOG.md with bug fix details</li>
<li><a
href="https://github.com/github/codeql-action/commit/e40af591743761de70080085b4e6ce37f7f6e657"><code>e40af59</code></a>
Update changelog for v3.28.15</li>
<li><a
href="https://github.com/github/codeql-action/commit/a35ae8c380fa35365cd546f9a397a46f60dd82cf"><code>a35ae8c</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2843">#2843</a>
from github/cklin/diff-informed-compat</li>
<li><a
href="https://github.com/github/codeql-action/commit/bb59df6c174a91d88eec1c48f2ab0ef7b5f96e99"><code>bb59df6</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2842">#2842</a>
from github/henrymercer/zip64</li>
<li><a
href="https://github.com/github/codeql-action/commit/4b508f59648bef88ef72c74f1ffff531fda55ea8"><code>4b508f5</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2845">#2845</a>
from github/mergeback/v3.28.14-to-main-fc7e4a0f</li>
<li><a
href="https://github.com/github/codeql-action/commit/ca00afb5f1457cf1c85da6cda07d73e720ff061a"><code>ca00afb</code></a>
Update checked-in dependencies</li>
<li><a
href="https://github.com/github/codeql-action/commit/2969c78ce0262bf75658058604498d2b4bdb0b9b"><code>2969c78</code></a>
Update changelog and version after v3.28.14</li>
<li><a
href="https://github.com/github/codeql-action/commit/fc7e4a0fa01c3cca5fd6a1fddec5c0740c977aa2"><code>fc7e4a0</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2844">#2844</a>
from github/update-v3.28.14-362ef4ce2</li>
<li><a
href="https://github.com/github/codeql-action/commit/be0175c800fe14dd962aaa2c97f55371f6f95b35"><code>be0175c</code></a>
Update changelog for v3.28.14</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/5f8171a638ada777af81d42b55959a643bb29017...45775bd8235c68ba998cffa5171334d58593da47">compare
view</a></li>
</ul>
</details>
<br />

Updates `coder/start-workspace-action` from
26d3600161d67901f24d8612793d3b82771cde2d to
35a4608cefc7e8cc56573cae7c3b85304575cb72
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/coder/start-workspace-action/commit/35a4608cefc7e8cc56573cae7c3b85304575cb72"><code>35a4608</code></a>
update <code>github-username</code> description to specify requirement
for Coder 2.21 or...</li>
<li><a
href="https://github.com/coder/start-workspace-action/commit/0054568c043bba479899edb91ef96a5cfca21c55"><code>0054568</code></a>
clarify requirements for the <code>github-username</code> input</li>
<li><a
href="https://github.com/coder/start-workspace-action/commit/f3cda2e65a469e6dd60478c111c745b919c0ec68"><code>f3cda2e</code></a>
fix variable names</li>
<li><a
href="https://github.com/coder/start-workspace-action/commit/a6a41dc1eb63a8e58dc43a97a2c2cb04ccc40b36"><code>a6a41dc</code></a>
update readme</li>
<li><a
href="https://github.com/coder/start-workspace-action/commit/a09e31de35a1d153448ed707d63708e2a2acef3c"><code>a09e31d</code></a>
more defaults for inputs</li>
<li><a
href="https://github.com/coder/start-workspace-action/commit/13304209b2b4449befcb6d0392693311aad1faff"><code>1330420</code></a>
Add a screenshot to the README</li>
<li><a
href="https://github.com/coder/start-workspace-action/commit/8d0b0d4118b6fa0c504b79c06dc99f4ed024c749"><code>8d0b0d4</code></a>
clarify status comment</li>
<li><a
href="https://github.com/coder/start-workspace-action/commit/747b408cb53f6e3440ba04f951c75077994ff95a"><code>747b408</code></a>
update input descriptions</li>
<li><a
href="https://github.com/coder/start-workspace-action/commit/e526e6fb8e781ffacf59c6066194286a9f3cee8a"><code>e526e6f</code></a>
update example action tag</li>
<li><a
href="https://github.com/coder/start-workspace-action/commit/212ab2f68a115ca64029be34610433cfa16a89e0"><code>212ab2f</code></a>
update readme and add a license</li>
<li>Additional commits viewable in <a
href="https://github.com/coder/start-workspace-action/compare/26d3600161d67901f24d8612793d3b82771cde2d...35a4608cefc7e8cc56573cae7c3b85304575cb72">compare
view</a></li>
</ul>
</details>
<br />

Updates `umbrelladocs/action-linkspector` from 1.3.2 to 1.3.4
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/umbrelladocs/action-linkspector/releases">umbrelladocs/action-linkspector's
releases</a>.</em></p>
<blockquote>
<h2>Release v1.3.4</h2>
<p>v1.3.4: PR <a
href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/42">#42</a>
- Update linkspector version to 0.4.4</p>
<h2>Release v1.3.3</h2>
<p>v1.3.3: PR <a
href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/41">#41</a>
- Update linkspector version to 0.4.3</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/UmbrellaDocs/action-linkspector/commit/a0567ce1c7c13de4a2358587492ed43cab5d0102"><code>a0567ce</code></a>
Merge pull request <a
href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/42">#42</a>
from UmbrellaDocs/update-linkspector-version</li>
<li><a
href="https://github.com/UmbrellaDocs/action-linkspector/commit/f5418fddbc33d4b79076fee4e41451501c6ceb0f"><code>f5418fd</code></a>
Update linkspector version to 0.4.4</li>
<li><a
href="https://github.com/UmbrellaDocs/action-linkspector/commit/3e12ade1e0b1823455dae8cf8b4f9cc92ec7dd20"><code>3e12ade</code></a>
Merge pull request <a
href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/41">#41</a>
from UmbrellaDocs/update-linkspector-version</li>
<li><a
href="https://github.com/UmbrellaDocs/action-linkspector/commit/8dfab6548de1b83b975ac3262626c2d1875f59f1"><code>8dfab65</code></a>
Update linkspector version to 0.4.3</li>
<li>See full diff in <a
href="https://github.com/umbrelladocs/action-linkspector/compare/49cf4f8da82db70e691bb8284053add5028fa244...a0567ce1c7c13de4a2358587492ed43cab5d0102">compare
view</a></li>
</ul>
</details>
<br />

<details>
<summary>Most Recent Ignore Conditions Applied to This Pull
Request</summary>

| Dependency Name | Ignore Conditions |
| --- | --- |
| crate-ci/typos | [>= 1.30.a, < 1.31] |
</details>


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Muhammad Atif Ali <atif@coder.com>
 2025-04-14 19:55:01 +00:00
Thomas Kosiewski abe3ad68f5 fix: add continue-on-error to SBOM generation and force flag to cosign clean (#17288) 
This PR makes the SBOM generation and attestation process more resilient
by:

1. Adding `continue-on-error: true` to the SBOM generation steps in both
CI and release workflows
2. Adding `--force=true` flag to all `cosign clean` commands to ensure
they don't fail if in a non-interactive shell (which is the case for CI)

Change-Id: Ide303c059b1a3d0e3fd77863310e99668325bc69
Signed-off-by: Thomas Kosiewski <tk@coder.com>

Signed-off-by: Thomas Kosiewski <tk@coder.com>
 2025-04-08 10:29:00 +02:00
Thomas Kosiewski f48a24c18e feat: add SBOM generation and attestation to GitHub workflow (#17277) 
Move SBOM generation and attestation to GitHub workflow

This PR moves the SBOM generation and attestation process from the `build_docker.sh` script to the GitHub workflow. The change:

1. Removes SBOM generation and attestation from the `build_docker.sh` script
2. Adds a new "SBOM Generation and Attestation" step in the GitHub workflow
3. Generates and attests SBOMs for both multi-arch images and latest tags when applicable

This approach ensures SBOM generation happens once for the final multi-architecture image rather than for each architecture separately.

Change-Id: I2e15d7322ddec933bbc9bd7880abba9b0842719f
Signed-off-by: Thomas Kosiewski <tk@coder.com>
 2025-04-07 17:54:05 +02:00
Jon Ayers b1f5d45112 chore: disable e2e-premium tests (#17213) 
- These tests are providing no value in their current state due to the
frequency of their intermittent failures.
 2025-04-02 07:26:12 +00:00
Cian Johnston cc733aba71 ci: check go versions are consistent (#17149) 
Fixes https://github.com/coder/coder/issues/17063

I'm ignoring flake.nix for now.

```
$ IGNORE_NIX=true ./scripts/check_go_versions.sh
INFO : go.mod                   : 1.24.1
INFO : dogfood/coder/Dockerfile : 1.24.1
INFO : setup-go/action.yaml     : 1.24.1
INFO : flake.nix                : 1.22
INFO : Ignoring flake.nix, as IGNORE_NIX=true
Go version check passed, all versions are 1.24.1

$ ./scripts/check_go_versions.sh
INFO : go.mod                   : 1.24.1
INFO : dogfood/coder/Dockerfile : 1.24.1
INFO : setup-go/action.yaml     : 1.24.1
INFO : flake.nix                : 1.22
ERROR: Go version mismatch between go.mod and flake.nix
```
 2025-04-01 09:03:54 +01:00
Jon Ayers 989c3ec62e chore: pin various dependencies in CI files (#17180) 2025-04-01 00:15:15 -04:00
Jon Ayers 83405677bf chore: pin goimports to 0.31.0 (#17177) 2025-03-31 22:56:21 -04:00
M Atif Ali 51cfec3261 chore: reuse syft and cosign install actions across workflows (#16981) 
This pull request adds new GitHub Actions for installing `cosign` and
`syft`, and updates the CI, release, and security workflows.

**New Actions:**  
- [`install-cosign`](.github/actions/install-cosign/action.yaml):
Installs `cosign` with a configurable version.
- [`install-syft`](.github/actions/install-syft/action.yaml): Installs
`syft` with a configurable version.

**Workflow Updates:**  
- CI, release, and security workflows now use `install-cosign` and
`install-syft`.
 2025-03-25 01:22:17 +00:00
dependabot[bot] 4e38e6de04 ci: bump the github-actions group with 8 updates (#17068) 
Bumps the github-actions group with 8 updates:

| Package | From | To |
| --- | --- | --- |
| [actions/cache](https://github.com/actions/cache) | `4.2.2` | `4.2.3`
|
| [actions/upload-artifact](https://github.com/actions/upload-artifact)
| `4.6.1` | `4.6.2` |
|
[actions/download-artifact](https://github.com/actions/download-artifact)
| `4.1.9` | `4.2.1` |
|
[tj-actions/changed-files](https://github.com/tj-actions/changed-files)
| `531f5f7d163941f0c1c04e0ff4d8bb243ac4366f` |
`27ae6b33eaed7bf87272fdeb9f1c54f9facc9d99` |
| [tj-actions/branch-names](https://github.com/tj-actions/branch-names)
| `8.0.1` | `8.1.0` |
| [github/codeql-action](https://github.com/github/codeql-action) |
`3.28.11` | `3.28.12` |
|
[beatlabs/delete-old-branches-action](https://github.com/beatlabs/delete-old-branches-action)
| `0.0.10` | `0.0.11` |
|
[umbrelladocs/action-linkspector](https://github.com/umbrelladocs/action-linkspector)
| `1.2.5` | `1.3.2` |

Updates `actions/cache` from 4.2.2 to 4.2.3
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/releases">actions/cache's
releases</a>.</em></p>
<blockquote>
<h2>v4.2.3</h2>
<h2>What's Changed</h2>
<ul>
<li>Update to use <code>@​actions/cache</code> 4.0.3 package &amp;
prepare for new release by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1577">actions/cache#1577</a>
(SAS tokens for cache entries are now masked in debug logs)</li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/cache/pull/1577">actions/cache#1577</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/cache/compare/v4.2.2...v4.2.3">https://github.com/actions/cache/compare/v4.2.2...v4.2.3</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/blob/main/RELEASES.md">actions/cache's
changelog</a>.</em></p>
<blockquote>
<h1>Releases</h1>
<h3>4.2.3</h3>
<ul>
<li>Bump <code>@actions/cache</code> to v4.0.3 (obfuscates SAS token in
debug logs for cache entries)</li>
</ul>
<h3>4.2.2</h3>
<ul>
<li>Bump <code>@actions/cache</code> to v4.0.2</li>
</ul>
<h3>4.2.1</h3>
<ul>
<li>Bump <code>@actions/cache</code> to v4.0.1</li>
</ul>
<h3>4.2.0</h3>
<p>TLDR; The cache backend service has been rewritten from the ground up
for improved performance and reliability. <a
href="https://github.com/actions/cache">actions/cache</a> now integrates
with the new cache service (v2) APIs.</p>
<p>The new service will gradually roll out as of <strong>February 1st,
2025</strong>. The legacy service will also be sunset on the same date.
Changes in these release are <strong>fully backward
compatible</strong>.</p>
<p><strong>We are deprecating some versions of this action</strong>. We
recommend upgrading to version <code>v4</code> or <code>v3</code> as
soon as possible before <strong>February 1st, 2025.</strong> (Upgrade
instructions below).</p>
<p>If you are using pinned SHAs, please use the SHAs of versions
<code>v4.2.0</code> or <code>v3.4.0</code></p>
<p>If you do not upgrade, all workflow runs using any of the deprecated
<a href="https://github.com/actions/cache">actions/cache</a> will
fail.</p>
<p>Upgrading to the recommended versions will not break your
workflows.</p>
<h3>4.1.2</h3>
<ul>
<li>Add GitHub Enterprise Cloud instances hostname filters to inform API
endpoint choices - <a
href="https://redirect.github.com/actions/cache/pull/1474">#1474</a></li>
<li>Security fix: Bump braces from 3.0.2 to 3.0.3 - <a
href="https://redirect.github.com/actions/cache/pull/1475">#1475</a></li>
</ul>
<h3>4.1.1</h3>
<ul>
<li>Restore original behavior of <code>cache-hit</code> output - <a
href="https://redirect.github.com/actions/cache/pull/1467">#1467</a></li>
</ul>
<h3>4.1.0</h3>
<ul>
<li>Ensure <code>cache-hit</code> output is set when a cache is missed -
<a
href="https://redirect.github.com/actions/cache/pull/1404">#1404</a></li>
<li>Deprecate <code>save-always</code> input - <a
href="https://redirect.github.com/actions/cache/pull/1452">#1452</a></li>
</ul>
<h3>4.0.2</h3>
<ul>
<li>Fixed restore <code>fail-on-cache-miss</code> not working.</li>
</ul>
<h3>4.0.1</h3>
<ul>
<li>Updated <code>isGhes</code> check</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/cache/commit/5a3ec84eff668545956fd18022155c47e93e2684"><code>5a3ec84</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1577">#1577</a>
from salmanmkc/salmanmkc/4-test</li>
<li><a
href="https://github.com/actions/cache/commit/7de21022a7b6824c106a9847befcbd8154b45b6a"><code>7de2102</code></a>
Update releases.md</li>
<li><a
href="https://github.com/actions/cache/commit/76d40dd347779762a1c829bbeeda5da4d81ca8c1"><code>76d40dd</code></a>
Update to use the latest version of the cache package to obfuscate the
SAS</li>
<li><a
href="https://github.com/actions/cache/commit/76dd5eb692f606c28d4b7a4ea7cfdffc926ba06a"><code>76dd5eb</code></a>
update cache with main</li>
<li><a
href="https://github.com/actions/cache/commit/8c80c27c5e4498d5675b05fb1eff96a56c593b06"><code>8c80c27</code></a>
new package</li>
<li><a
href="https://github.com/actions/cache/commit/45cfd0e7fffd1869ea4d5bfb54a464d825c1f742"><code>45cfd0e</code></a>
updates</li>
<li><a
href="https://github.com/actions/cache/commit/edd449b9cf39c2a20dc7c3d505ff6dc193c48a02"><code>edd449b</code></a>
updated cache with latest changes</li>
<li><a
href="https://github.com/actions/cache/commit/0576707e373f92196b81695442ed3f80c347f9c7"><code>0576707</code></a>
latest test before pr</li>
<li><a
href="https://github.com/actions/cache/commit/3105dc9754dd9cd935ffcf45c091ed2cadbf42b9"><code>3105dc9</code></a>
update</li>
<li><a
href="https://github.com/actions/cache/commit/9450d42d15022999ad2fa60a8b91f01fc92a0563"><code>9450d42</code></a>
mask</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/cache/compare/d4323d4df104b026a6aa633fdb11d772146be0bf...5a3ec84eff668545956fd18022155c47e93e2684">compare
view</a></li>
</ul>
</details>
<br />

Updates `actions/upload-artifact` from 4.6.1 to 4.6.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's
releases</a>.</em></p>
<blockquote>
<h2>v4.6.2</h2>
<h2>What's Changed</h2>
<ul>
<li>Update to use artifact 2.3.2 package &amp; prepare for new
upload-artifact release by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/upload-artifact/pull/685">actions/upload-artifact#685</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/upload-artifact/pull/685">actions/upload-artifact#685</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/upload-artifact/compare/v4...v4.6.2">https://github.com/actions/upload-artifact/compare/v4...v4.6.2</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/upload-artifact/commit/ea165f8d65b6e75b540449e92b4886f43607fa02"><code>ea165f8</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/upload-artifact/issues/685">#685</a>
from salmanmkc/salmanmkc/3-new-upload-artifacts-release</li>
<li><a
href="https://github.com/actions/upload-artifact/commit/08396203c179e13c71b9754ce3472ed71842eec0"><code>0839620</code></a>
Prepare for new release of actions/upload-artifact with new toolkit
cache ver...</li>
<li>See full diff in <a
href="https://github.com/actions/upload-artifact/compare/4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1...ea165f8d65b6e75b540449e92b4886f43607fa02">compare
view</a></li>
</ul>
</details>
<br />

Updates `actions/download-artifact` from 4.1.9 to 4.2.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/download-artifact/releases">actions/download-artifact's
releases</a>.</em></p>
<blockquote>
<h2>v4.2.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Add unit tests by <a
href="https://github.com/GhadimiR"><code>@​GhadimiR</code></a> in <a
href="https://redirect.github.com/actions/download-artifact/pull/392">actions/download-artifact#392</a></li>
<li>Fix bug introduced in 4.2.0 by <a
href="https://github.com/GhadimiR"><code>@​GhadimiR</code></a> in <a
href="https://redirect.github.com/actions/download-artifact/pull/391">actions/download-artifact#391</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/download-artifact/compare/v4.2.0...v4.2.1">https://github.com/actions/download-artifact/compare/v4.2.0...v4.2.1</a></p>
<h2>v4.2.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Update README.md by <a
href="https://github.com/lkfortuna"><code>@​lkfortuna</code></a> in <a
href="https://redirect.github.com/actions/download-artifact/pull/384">actions/download-artifact#384</a></li>
<li>Bump artifact version, do digest check by <a
href="https://github.com/GhadimiR"><code>@​GhadimiR</code></a> in <a
href="https://redirect.github.com/actions/download-artifact/pull/383">actions/download-artifact#383</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/lkfortuna"><code>@​lkfortuna</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/download-artifact/pull/384">actions/download-artifact#384</a></li>
<li><a href="https://github.com/GhadimiR"><code>@​GhadimiR</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/download-artifact/pull/383">actions/download-artifact#383</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/download-artifact/compare/v4.1.9...v4.2.0">https://github.com/actions/download-artifact/compare/v4.1.9...v4.2.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/download-artifact/commit/95815c38cf2ff2164869cbab79da8d1f422bc89e"><code>95815c3</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/download-artifact/issues/391">#391</a>
from GhadimiR/main</li>
<li><a
href="https://github.com/actions/download-artifact/commit/278fca438a0f334c0505181835b4796f2785949b"><code>278fca4</code></a>
Move log statements</li>
<li><a
href="https://github.com/actions/download-artifact/commit/68909842a1073010f1cf920ed7f153e2948f9c16"><code>6890984</code></a>
Merge branch 'main' into main</li>
<li><a
href="https://github.com/actions/download-artifact/commit/f9415c0ec30f02c18e075f091cafcfe4159168d0"><code>f9415c0</code></a>
Run unit tests in CI</li>
<li><a
href="https://github.com/actions/download-artifact/commit/76a6eb5cbca98dccb5e14c0116e53f5df13b220d"><code>76a6eb5</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/download-artifact/issues/392">#392</a>
from GhadimiR/add_unit_tests</li>
<li><a
href="https://github.com/actions/download-artifact/commit/a2426d7c4522072f4d5824c9508d7ea97107cb8e"><code>a2426d7</code></a>
Merge branch 'main' into add_unit_tests</li>
<li><a
href="https://github.com/actions/download-artifact/commit/3ffa694f6f7e3d53f63807f78267796f57911dd4"><code>3ffa694</code></a>
lint</li>
<li><a
href="https://github.com/actions/download-artifact/commit/53f6aa5f93b626e252398abac720a28f6eb048ed"><code>53f6aa5</code></a>
Add extra assertion to download single artifact test</li>
<li><a
href="https://github.com/actions/download-artifact/commit/b456700053c87aa7d6b31d212292755e1e6eb923"><code>b456700</code></a>
lint</li>
<li><a
href="https://github.com/actions/download-artifact/commit/9eab798a9885c1be58a1c4381da1109644016e98"><code>9eab798</code></a>
Configure tsconfig</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/download-artifact/compare/cc203385981b70ca67e1cc392babf9cc229d5806...95815c38cf2ff2164869cbab79da8d1f422bc89e">compare
view</a></li>
</ul>
</details>
<br />

Updates `tj-actions/changed-files` from
531f5f7d163941f0c1c04e0ff4d8bb243ac4366f to
27ae6b33eaed7bf87272fdeb9f1c54f9facc9d99
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h1><a
href="https://github.com/tj-actions/changed-files/compare/v46.0.2...v46.0.3">46.0.3</a>
- (2025-03-23)</h1>
<h2><!-- raw HTML omitted -->🔄 Update</h2>
<ul>
<li>Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2501">#2501</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a
href="https://github.com/tj-actions/changed-files/commit/41e0de576a0f2b64d9f06f2773f539109e55a70a">41e0de5</a>)
- (github-actions[bot])</p>
<ul>
<li>Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2499">#2499</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a
href="https://github.com/tj-actions/changed-files/commit/945787811a795cd840a1157ac590dd7827a05c8e">9457878</a>)
- (github-actions[bot])</p>
<h2><!-- raw HTML omitted -->📚 Documentation</h2>
<ul>
<li>Remove warning (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2504">#2504</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/813235684248c47a3518575ef56906084b59e7e8">8132356</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2>
<ul>
<li><strong>deps:</strong> Bump test/demo from <code>5dfac2e</code> to
<code>c6bd3b3</code> (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2505">#2505</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/823fcebdb31bb35fdf2229d9f769b400309430d0">823fceb</a>)
- (dependabot[bot])</li>
<li>Pin github actions (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2503">#2503</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/7a369a71758acce79205e5145cb728a08ae607fb">7a369a7</a>)
- (Tonye Jack)</li>
<li><strong>deps-dev:</strong> Bump <code>@​types/node</code> from
22.13.10 to 22.13.11 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2502">#2502</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/9468856c2214566e4f7d96d3a018fb3e889a4d6d">9468856</a>)
- (dependabot[bot])</li>
</ul>
<h2><!-- raw HTML omitted -->⬆️ Upgrades</h2>
<ul>
<li>Upgraded to v46.0.2 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2500">#2500</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted -->
Co-authored-by: Tonye Jack <a
href="mailto:jtonye@ymail.com">jtonye@ymail.com</a> (<a
href="https://github.com/tj-actions/changed-files/commit/401c7227d10aad0ed26ab13735f1b290c3bcc919">401c722</a>)
- (github-actions[bot])</p>
<h1><a
href="https://github.com/tj-actions/changed-files/compare/v46.0.1...v46.0.2">46.0.2</a>
- (2025-03-22)</h1>
<h2><!-- raw HTML omitted -->🐛 Bug Fixes</h2>
<ul>
<li>Update log message when attempting to locate merge base (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2493">#2493</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/a5cad85977a53287a694f9509c03feb50ac58428">a5cad85</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted --> Add</h2>
<ul>
<li>Add hint to revoke leaked token (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2475">#2475</a>)</li>
</ul>
<p>(<a
href="https://github.com/tj-actions/changed-files/commit/d52b942ee0c535798f0df9e1c05683f8e818c79b">d52b942</a>)
- (undefined)</p>
<h2><!-- raw HTML omitted -->🔄 Update</h2>
<ul>
<li>Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2496">#2496</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a
href="https://github.com/tj-actions/changed-files/commit/9cc867cd4a5df418b1538ffecaaef26144a0e51f">9cc867c</a>)
- (github-actions[bot])</p>
<ul>
<li>Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2492">#2492</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a
href="https://github.com/tj-actions/changed-files/commit/f2f439bb2f890f0ec22e3ca95985b46003688a8f">f2f439b</a>)
- (github-actions[bot])</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/tj-actions/changed-files/commit/27ae6b33eaed7bf87272fdeb9f1c54f9facc9d99"><code>27ae6b3</code></a>
Upgraded to v46.0.3 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2506">#2506</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/823fcebdb31bb35fdf2229d9f769b400309430d0"><code>823fceb</code></a>
chore(deps): bump test/demo from <code>5dfac2e</code> to
<code>c6bd3b3</code> (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2505">#2505</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/813235684248c47a3518575ef56906084b59e7e8"><code>8132356</code></a>
doc: remove warning (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2504">#2504</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/7a369a71758acce79205e5145cb728a08ae607fb"><code>7a369a7</code></a>
chore: pin github actions (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2503">#2503</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/9468856c2214566e4f7d96d3a018fb3e889a4d6d"><code>9468856</code></a>
chore(deps-dev): bump <code>@​types/node</code> from 22.13.10 to
22.13.11 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2502">#2502</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/401c7227d10aad0ed26ab13735f1b290c3bcc919"><code>401c722</code></a>
Upgraded to v46.0.2 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2500">#2500</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/41e0de576a0f2b64d9f06f2773f539109e55a70a"><code>41e0de5</code></a>
Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2501">#2501</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/945787811a795cd840a1157ac590dd7827a05c8e"><code>9457878</code></a>
Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2499">#2499</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/26a38635fc1173cc5820336ce97be6188d0de9f5"><code>26a3863</code></a>
docs: add undefined-moe as a contributor for doc (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2498">#2498</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/a530a27a793d93d428bac022c621a9ed52f75efd"><code>a530a27</code></a>
chore: update sync-release-version.yml to use commit hash for tags in
docs (#...</li>
<li>Additional commits viewable in <a
href="https://github.com/tj-actions/changed-files/compare/531f5f7d163941f0c1c04e0ff4d8bb243ac4366f...27ae6b33eaed7bf87272fdeb9f1c54f9facc9d99">compare
view</a></li>
</ul>
</details>
<br />

Updates `tj-actions/branch-names` from 8.0.1 to 8.1.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tj-actions/branch-names/releases">tj-actions/branch-names's
releases</a>.</em></p>
<blockquote>
<h2>v8.1.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Upgraded to v8.0.2 by <a
href="https://github.com/jackton1"><code>@​jackton1</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/407">tj-actions/branch-names#407</a></li>
<li>feat: add support for strip_branch_prefix by <a
href="https://github.com/jackton1"><code>@​jackton1</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/406">tj-actions/branch-names#406</a></li>
<li>Updated README.md by <a
href="https://github.com/jackton1"><code>@​jackton1</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/408">tj-actions/branch-names#408</a></li>
<li>chore: Update test.yml by <a
href="https://github.com/jackton1"><code>@​jackton1</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/409">tj-actions/branch-names#409</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/tj-actions/branch-names/compare/v8...v8.1.0">https://github.com/tj-actions/branch-names/compare/v8...v8.1.0</a></p>
<h2>v8.0.2</h2>
<h2>What's Changed</h2>
<ul>
<li>Upgraded to v8.0.1 by <a
href="https://github.com/tj-actions-bot"><code>@​tj-actions-bot</code></a>
in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/283">tj-actions/branch-names#283</a></li>
<li>chore(deps): update codacy/codacy-analysis-cli-action action to
v4.4.0 by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/284">tj-actions/branch-names#284</a></li>
<li>chore(deps): update tj-actions/verify-changed-files action to v19 by
<a href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/285">tj-actions/branch-names#285</a></li>
<li>docs: add boidolr as a contributor for doc by <a
href="https://github.com/allcontributors"><code>@​allcontributors</code></a>
in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/287">tj-actions/branch-names#287</a></li>
<li>Updated README.md by <a
href="https://github.com/tj-actions-bot"><code>@​tj-actions-bot</code></a>
in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/288">tj-actions/branch-names#288</a></li>
<li>docs: update checkout action by <a
href="https://github.com/boidolr"><code>@​boidolr</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/286">tj-actions/branch-names#286</a></li>
<li>chore(deps): update actions/checkout action to v4.1.2 by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/290">tj-actions/branch-names#290</a></li>
<li>Bump actions/checkout from 4.1.1 to 4.1.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/289">tj-actions/branch-names#289</a></li>
<li>chore(deps): update actions/checkout digest to b4ffde6 by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/291">tj-actions/branch-names#291</a></li>
<li>Bump actions/checkout from 4.1.1 to 4.1.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/292">tj-actions/branch-names#292</a></li>
<li>chore(deps): update actions/checkout digest to b4ffde6 by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/293">tj-actions/branch-names#293</a></li>
<li>Bump actions/checkout from 4.1.1 to 4.1.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/294">tj-actions/branch-names#294</a></li>
<li>chore(deps): update actions/checkout digest to b4ffde6 by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/295">tj-actions/branch-names#295</a></li>
<li>Bump actions/checkout from 4.1.1 to 4.1.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/296">tj-actions/branch-names#296</a></li>
<li>chore(deps): update actions/checkout digest to b4ffde6 by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/297">tj-actions/branch-names#297</a></li>
<li>Bump actions/checkout from 4.1.1 to 4.1.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/298">tj-actions/branch-names#298</a></li>
<li>chore(deps): update actions/checkout digest to b4ffde6 by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/299">tj-actions/branch-names#299</a></li>
<li>Bump actions/checkout from 4.1.1 to 4.1.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/300">tj-actions/branch-names#300</a></li>
<li>chore(deps): update actions/checkout digest to b4ffde6 by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/301">tj-actions/branch-names#301</a></li>
<li>Bump actions/checkout from 4.1.1 to 4.1.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/302">tj-actions/branch-names#302</a></li>
<li>chore(deps): update actions/checkout digest to b4ffde6 by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/303">tj-actions/branch-names#303</a></li>
<li>Bump actions/checkout from 4.1.1 to 4.1.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/304">tj-actions/branch-names#304</a></li>
<li>chore(deps): update actions/checkout digest to b4ffde6 by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/305">tj-actions/branch-names#305</a></li>
<li>Bump actions/checkout from 4.1.1 to 4.1.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/306">tj-actions/branch-names#306</a></li>
<li>chore(deps): update actions/checkout digest to b4ffde6 by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/307">tj-actions/branch-names#307</a></li>
<li>Bump actions/checkout from 4.1.1 to 4.1.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/308">tj-actions/branch-names#308</a></li>
<li>chore(deps): update actions/checkout digest to b4ffde6 by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/309">tj-actions/branch-names#309</a></li>
<li>Bump actions/checkout from 4.1.1 to 4.1.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/310">tj-actions/branch-names#310</a></li>
<li>chore(deps): update actions/checkout digest to b4ffde6 by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/311">tj-actions/branch-names#311</a></li>
<li>Bump actions/checkout from 4.1.1 to 4.1.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/312">tj-actions/branch-names#312</a></li>
<li>chore(deps): update actions/checkout digest to b4ffde6 by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/313">tj-actions/branch-names#313</a></li>
<li>Bump actions/checkout from 4.1.1 to 4.1.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/314">tj-actions/branch-names#314</a></li>
<li>chore(deps): update actions/checkout digest to b4ffde6 by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/315">tj-actions/branch-names#315</a></li>
<li>Bump actions/checkout from 4.1.1 to 4.1.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/316">tj-actions/branch-names#316</a></li>
<li>chore(deps): update actions/checkout digest to b4ffde6 by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/317">tj-actions/branch-names#317</a></li>
<li>Bump actions/checkout from 4.1.1 to 4.1.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/318">tj-actions/branch-names#318</a></li>
<li>chore(deps): update actions/checkout digest to b4ffde6 by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/319">tj-actions/branch-names#319</a></li>
<li>Bump actions/checkout from 4.1.1 to 4.1.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/320">tj-actions/branch-names#320</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/tj-actions/branch-names/blob/main/HISTORY.md">tj-actions/branch-names's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h1><a
href="https://github.com/tj-actions/branch-names/compare/v8.0.2...v8.1.0">8.1.0</a>
- (2025-03-23)</h1>
<h2><!-- raw HTML omitted -->🚀 Features</h2>
<ul>
<li>Add support for strip_branch_prefix (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/406">#406</a>)
(<a
href="https://github.com/tj-actions/branch-names/commit/c83c87ab5379a8ff88c905ea78c391c0d53972ac">c83c87a</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted -->🔄 Update</h2>
<ul>
<li>Updated README.md (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/408">#408</a>)</li>
</ul>
<p>(<a
href="https://github.com/tj-actions/branch-names/commit/d18e657ed32f367301fdebeb9a88b7e5539f3052">d18e657</a>)
- (Tonye Jack)</p>
<h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2>
<ul>
<li>Update test.yml (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/409">#409</a>)
(<a
href="https://github.com/tj-actions/branch-names/commit/f44339b51f74753b57583fbbd124e18a81170ab1">f44339b</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted -->⬆️ Upgrades</h2>
<ul>
<li>Upgraded from v8.0.1 -&gt; v8.0.2 (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/407">#407</a>)</li>
</ul>
<p>(<a
href="https://github.com/tj-actions/branch-names/commit/86aaf170e74d8cad1e7d4f566f2e9bed6cf000af">86aaf17</a>)
- (Tonye Jack)</p>
<h1><a
href="https://github.com/tj-actions/branch-names/compare/v8.0.1...v8.0.2">8.0.2</a>
- (2025-03-15)</h1>
<h2><!-- raw HTML omitted -->📦 Bumps</h2>
<ul>
<li>Bump actions/checkout from 4.1.1 to 4.1.2</li>
</ul>
<p>Bumps <a
href="https://github.com/actions/checkout">actions/checkout</a> from
4.1.1 to 4.1.2.</p>
<ul>
<li><a href="https://github.com/actions/checkout/releases">Release
notes</a></li>
<li><a
href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">Changelog</a></li>
<li><a
href="https://github.com/actions/checkout/compare/v4.1.1...9bb56186c3b09b4f86b1c65136769dd318469633">Commits</a></li>
</ul>
<hr />
<p>updated-dependencies:</p>
<ul>
<li>dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-patch
...</li>
</ul>
<p>Signed-off-by: dependabot[bot] <a
href="mailto:support@github.com">support@github.com</a> (<a
href="https://github.com/tj-actions/branch-names/commit/534653b2272678c76b23f2e681c8cfc2056d7b99">534653b</a>)
- (dependabot[bot])</p>
<ul>
<li>Bump actions/checkout from 4.1.1 to 4.1.2</li>
</ul>
<p>Bumps <a
href="https://github.com/actions/checkout">actions/checkout</a> from
4.1.1 to 4.1.2.</p>
<ul>
<li><a href="https://github.com/actions/checkout/releases">Release
notes</a></li>
<li><a
href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">Changelog</a></li>
<li><a
href="https://github.com/actions/checkout/compare/v4.1.1...9bb56186c3b09b4f86b1c65136769dd318469633">Commits</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/tj-actions/branch-names/commit/f44339b51f74753b57583fbbd124e18a81170ab1"><code>f44339b</code></a>
chore: Update test.yml (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/409">#409</a>)</li>
<li><a
href="https://github.com/tj-actions/branch-names/commit/d18e657ed32f367301fdebeb9a88b7e5539f3052"><code>d18e657</code></a>
Updated README.md (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/408">#408</a>)</li>
<li><a
href="https://github.com/tj-actions/branch-names/commit/c83c87ab5379a8ff88c905ea78c391c0d53972ac"><code>c83c87a</code></a>
feat: add support for strip_branch_prefix (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/406">#406</a>)</li>
<li><a
href="https://github.com/tj-actions/branch-names/commit/86aaf170e74d8cad1e7d4f566f2e9bed6cf000af"><code>86aaf17</code></a>
Upgraded from v8.0.1 -&gt; v8.0.2 (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/407">#407</a>)</li>
<li><a
href="https://github.com/tj-actions/branch-names/commit/394802c2335dc81582b3569322f3d7da41a9978e"><code>394802c</code></a>
Deleted renovate.json</li>
<li><a
href="https://github.com/tj-actions/branch-names/commit/32798b2266752bb2b274d694923596fdc67c399a"><code>32798b2</code></a>
chore(deps): update actions/checkout action to v4.2.2</li>
<li><a
href="https://github.com/tj-actions/branch-names/commit/9a04c058bb2ddc036c2d273df7a6a21d42f28533"><code>9a04c05</code></a>
chore(deps): update actions/checkout digest to 11bd719</li>
<li><a
href="https://github.com/tj-actions/branch-names/commit/e400ca0ec8ef23d62fca0f9492fc40093a3f1012"><code>e400ca0</code></a>
chore(deps): update actions/checkout digest to eef6144</li>
<li><a
href="https://github.com/tj-actions/branch-names/commit/5d79051f9e52a0067942d0b42e53ca411220c07b"><code>5d79051</code></a>
chore(deps): update actions/checkout action to v4.2.1</li>
<li><a
href="https://github.com/tj-actions/branch-names/commit/d353900ec68b69229ad98021a530af33c416dcb1"><code>d353900</code></a>
chore(deps): update actions/checkout digest to 692973e (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/394">#394</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/tj-actions/branch-names/compare/6871f53176ad61624f978536bbf089c574dc19a2...f44339b51f74753b57583fbbd124e18a81170ab1">compare
view</a></li>
</ul>
</details>
<br />

Updates `github/codeql-action` from 3.28.11 to 3.28.12
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.28.12</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.28.12 - 19 Mar 2025</h2>
<ul>
<li>Dependency caching should now cache more dependencies for Java
<code>build-mode: none</code> extractions. This should speed up
workflows and avoid inconsistent alerts in some cases.</li>
<li>Update default CodeQL bundle version to 2.20.7. <a
href="https://redirect.github.com/github/codeql-action/pull/2810">#2810</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.28.12/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.28.12 - 19 Mar 2025</h2>
<ul>
<li>Dependency caching should now cache more dependencies for Java
<code>build-mode: none</code> extractions. This should speed up
workflows and avoid inconsistent alerts in some cases.</li>
<li>Update default CodeQL bundle version to 2.20.7. <a
href="https://redirect.github.com/github/codeql-action/pull/2810">#2810</a></li>
</ul>
<h2>3.28.11 - 07 Mar 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.6. <a
href="https://redirect.github.com/github/codeql-action/pull/2793">#2793</a></li>
</ul>
<h2>3.28.10 - 21 Feb 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.5. <a
href="https://redirect.github.com/github/codeql-action/pull/2772">#2772</a></li>
<li>Address an issue where the CodeQL Bundle would occasionally fail to
decompress on macOS. <a
href="https://redirect.github.com/github/codeql-action/pull/2768">#2768</a></li>
</ul>
<h2>3.28.9 - 07 Feb 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.4. <a
href="https://redirect.github.com/github/codeql-action/pull/2753">#2753</a></li>
</ul>
<h2>3.28.8 - 29 Jan 2025</h2>
<ul>
<li>Enable support for Kotlin 2.1.10 when running with CodeQL CLI
v2.20.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2744">#2744</a></li>
</ul>
<h2>3.28.7 - 29 Jan 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.6 - 27 Jan 2025</h2>
<ul>
<li>Re-enable debug artifact upload for CLI versions 2.20.3 or greater.
<a
href="https://redirect.github.com/github/codeql-action/pull/2726">#2726</a></li>
</ul>
<h2>3.28.5 - 24 Jan 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2717">#2717</a></li>
</ul>
<h2>3.28.4 - 23 Jan 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.3 - 22 Jan 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.2. <a
href="https://redirect.github.com/github/codeql-action/pull/2707">#2707</a></li>
<li>Fix an issue downloading the CodeQL Bundle from a GitHub Enterprise
Server instance which occurred when the CodeQL Bundle had been synced to
the instance using the <a
href="https://github.com/github/codeql-action-sync-tool">CodeQL Action
sync tool</a> and the Actions runner did not have Zstandard installed.
<a
href="https://redirect.github.com/github/codeql-action/pull/2710">#2710</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/5f8171a638ada777af81d42b55959a643bb29017"><code>5f8171a</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2814">#2814</a>
from github/update-v3.28.12-6349095d1</li>
<li><a
href="https://github.com/github/codeql-action/commit/bb59f7707d836b040802dbdf2ad1a16482d319da"><code>bb59f77</code></a>
Update changelog for v3.28.12</li>
<li><a
href="https://github.com/github/codeql-action/commit/6349095d19ec30397ffb02a63b7aa4f867deb563"><code>6349095</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2810">#2810</a>
from github/update-bundle/codeql-bundle-v2.20.7</li>
<li><a
href="https://github.com/github/codeql-action/commit/d7d03fda1241f6b0b3fae460c9f19c6e887158ad"><code>d7d03fd</code></a>
Add changelog note</li>
<li><a
href="https://github.com/github/codeql-action/commit/4e3a5342c5e8e627915b9a29b363f49da8c4a32e"><code>4e3a534</code></a>
Update default bundle to codeql-bundle-v2.20.7</li>
<li><a
href="https://github.com/github/codeql-action/commit/55f023701cfc1e7d11ef2ae0c5ec3193dae4fce4"><code>55f0237</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2802">#2802</a>
from github/mbg/dependency-caching/java-buildless</li>
<li><a
href="https://github.com/github/codeql-action/commit/6a151cd77488e58567da1dcf953e7aeeaca4950c"><code>6a151cd</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2811">#2811</a>
from github/dependabot/github_actions/actions-c2c311...</li>
<li><a
href="https://github.com/github/codeql-action/commit/7866bcdb1b15b5d5cba0021b87f36d9f6d977156"><code>7866bcd</code></a>
Manually bump workflow to match autogenerated file</li>
<li><a
href="https://github.com/github/codeql-action/commit/611289e0b0ce1f6fc14820f1b72edaed2de4ba2c"><code>611289e</code></a>
build(deps): bump ruby/setup-ruby in the actions group</li>
<li><a
href="https://github.com/github/codeql-action/commit/4c409a5b664afa7d5b12cd8487e310f286487472"><code>4c409a5</code></a>
Remove temporary dependency directory in <code>analyze</code> post
action</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/6bb031afdd8eb862ea3fc1848194185e076637e5...5f8171a638ada777af81d42b55959a643bb29017">compare
view</a></li>
</ul>
</details>
<br />

Updates `beatlabs/delete-old-branches-action` from 0.0.10 to 0.0.11
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/beatlabs/delete-old-branches-action/releases">beatlabs/delete-old-branches-action's
releases</a>.</em></p>
<blockquote>
<h2>v0.0.11</h2>
<h2>What's Changed</h2>
<ul>
<li>chore: update readme by <a
href="https://github.com/Edgaraszs"><code>@​Edgaraszs</code></a> in <a
href="https://redirect.github.com/beatlabs/delete-old-branches-action/pull/36">beatlabs/delete-old-branches-action#36</a></li>
<li>fix: retrieve all branches through pagination by <a
href="https://github.com/nikaro"><code>@​nikaro</code></a> in <a
href="https://redirect.github.com/beatlabs/delete-old-branches-action/pull/38">beatlabs/delete-old-branches-action#38</a></li>
<li>fix: apply shellcheck recommandations by <a
href="https://github.com/nikaro"><code>@​nikaro</code></a> in <a
href="https://redirect.github.com/beatlabs/delete-old-branches-action/pull/37">beatlabs/delete-old-branches-action#37</a></li>
<li>fix: bump versions by <a
href="https://github.com/Edgaraszs"><code>@​Edgaraszs</code></a> in <a
href="https://redirect.github.com/beatlabs/delete-old-branches-action/pull/40">beatlabs/delete-old-branches-action#40</a></li>
<li>Sort tags via semver to preserve newest tags by <a
href="https://github.com/ecdemis123"><code>@​ecdemis123</code></a> in <a
href="https://redirect.github.com/beatlabs/delete-old-branches-action/pull/42">beatlabs/delete-old-branches-action#42</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/Edgaraszs"><code>@​Edgaraszs</code></a>
made their first contribution in <a
href="https://redirect.github.com/beatlabs/delete-old-branches-action/pull/36">beatlabs/delete-old-branches-action#36</a></li>
<li><a href="https://github.com/nikaro"><code>@​nikaro</code></a> made
their first contribution in <a
href="https://redirect.github.com/beatlabs/delete-old-branches-action/pull/38">beatlabs/delete-old-branches-action#38</a></li>
<li><a
href="https://github.com/ecdemis123"><code>@​ecdemis123</code></a> made
their first contribution in <a
href="https://redirect.github.com/beatlabs/delete-old-branches-action/pull/42">beatlabs/delete-old-branches-action#42</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/beatlabs/delete-old-branches-action/compare/v0.0.10...v0.0.11">https://github.com/beatlabs/delete-old-branches-action/compare/v0.0.10...v0.0.11</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/beatlabs/delete-old-branches-action/commit/4eeeb8740ff8b3cb310296ddd6b43c3387734588"><code>4eeeb87</code></a>
sort tags via semver (<a
href="https://redirect.github.com/beatlabs/delete-old-branches-action/issues/42">#42</a>)</li>
<li><a
href="https://github.com/beatlabs/delete-old-branches-action/commit/1e32837fd650c9749fe7c36701f4ae6774639f40"><code>1e32837</code></a>
fix: bump versions (<a
href="https://redirect.github.com/beatlabs/delete-old-branches-action/issues/40">#40</a>)</li>
<li><a
href="https://github.com/beatlabs/delete-old-branches-action/commit/3dd382723bf794a122239bc1d6b0116662d5ec0f"><code>3dd3827</code></a>
fix: apply shellcheck recommandations (<a
href="https://redirect.github.com/beatlabs/delete-old-branches-action/issues/37">#37</a>)</li>
<li><a
href="https://github.com/beatlabs/delete-old-branches-action/commit/3a54bdf0f3658e31347dde33ff983b11fab69c7b"><code>3a54bdf</code></a>
fix: retrieve all branches through pagination (<a
href="https://redirect.github.com/beatlabs/delete-old-branches-action/issues/38">#38</a>)</li>
<li><a
href="https://github.com/beatlabs/delete-old-branches-action/commit/3aac1083bb9bf5d1111a27300a1b3891b0a68dce"><code>3aac108</code></a>
chore: update readme (<a
href="https://redirect.github.com/beatlabs/delete-old-branches-action/issues/36">#36</a>)</li>
<li>See full diff in <a
href="https://github.com/beatlabs/delete-old-branches-action/compare/6e94df089372a619c01ae2c2f666bf474f890911...4eeeb8740ff8b3cb310296ddd6b43c3387734588">compare
view</a></li>
</ul>
</details>
<br />

Updates `umbrelladocs/action-linkspector` from 1.2.5 to 1.3.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/umbrelladocs/action-linkspector/releases">umbrelladocs/action-linkspector's
releases</a>.</em></p>
<blockquote>
<h2>Release v1.3.2</h2>
<p>v1.3.2: PR <a
href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/40">#40</a>
- Update linkspector version to 0.4.2</p>
<h2>Release v1.3.1</h2>
<p>v1.3.1: PR <a
href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/38">#38</a>
- Add support for showing stats</p>
<h2>Release v1.3.0</h2>
<p>v1.3.0: PR <a
href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/37">#37</a>
- Update linkspector version to 0.4.1</p>
<h2>What's Changed</h2>
<ul>
<li>Update linkspector version to 0.4.1 by <a
href="https://github.com/github-actions"><code>@​github-actions</code></a>
in <a
href="https://redirect.github.com/UmbrellaDocs/action-linkspector/pull/37">UmbrellaDocs/action-linkspector#37</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/UmbrellaDocs/action-linkspector/compare/v1.2...v1.3.0">https://github.com/UmbrellaDocs/action-linkspector/compare/v1.2...v1.3.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/UmbrellaDocs/action-linkspector/commit/49cf4f8da82db70e691bb8284053add5028fa244"><code>49cf4f8</code></a>
Merge pull request <a
href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/40">#40</a>
from UmbrellaDocs/update-linkspector-version</li>
<li><a
href="https://github.com/UmbrellaDocs/action-linkspector/commit/fb49f30059a34b9bfab39967511559fef398f2c1"><code>fb49f30</code></a>
Update linkspector version to 0.4.2</li>
<li><a
href="https://github.com/UmbrellaDocs/action-linkspector/commit/c6d4525e9f50b27a0e78fc42b537141058d034ef"><code>c6d4525</code></a>
Merge pull request <a
href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/38">#38</a>
from UmbrellaDocs/stats</li>
<li><a
href="https://github.com/UmbrellaDocs/action-linkspector/commit/c311faff00cc2318a96e3cb41e1fc7dba4dffffd"><code>c311faf</code></a>
Add support for showing stats</li>
<li><a
href="https://github.com/UmbrellaDocs/action-linkspector/commit/808d98be382b6e1f97bd3dfa6aa85b4410769dc6"><code>808d98b</code></a>
Merge pull request <a
href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/37">#37</a>
from UmbrellaDocs/update-linkspector-version</li>
<li><a
href="https://github.com/UmbrellaDocs/action-linkspector/commit/3935e7368cfeff39766dbcd3b514cbc3ff90df4c"><code>3935e73</code></a>
Update linkspector version to 0.4.1</li>
<li>See full diff in <a
href="https://github.com/umbrelladocs/action-linkspector/compare/de84085e0f51452a470558693d7d308fbb2fa261...49cf4f8da82db70e691bb8284053add5028fa244">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-03-24 12:25:03 +00:00
Mathias Fredriksson b79167293c chore(Makefile): update golden files as part of make gen (#17039) 
Updating golden files is an unnecessary extra step in addition to gen
that is easily overlooked, leading to the developer noticing the issue
in CI leading to lost developer time waiting for tests to complete.
 2025-03-21 13:04:30 +00:00
dependabot[bot] 27a160d136 ci: bump the github-actions group with 4 updates (#16966) 
Bumps the github-actions group with 4 updates:
[docker/login-action](https://github.com/docker/login-action),
[tj-actions/changed-files](https://github.com/tj-actions/changed-files),
[nix-community/cache-nix-action](https://github.com/nix-community/cache-nix-action)
and
[aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action).

Updates `docker/login-action` from 3.3.0 to 3.4.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/login-action/releases">docker/login-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.4.0</h2>
<ul>
<li>Bump <code>@​actions/core</code> from 1.10.1 to 1.11.1 in <a
href="https://redirect.github.com/docker/login-action/pull/791">docker/login-action#791</a></li>
<li>Bump <code>@​aws-sdk/client-ecr</code> to 3.766.0 in <a
href="https://redirect.github.com/docker/login-action/pull/789">docker/login-action#789</a>
<a
href="https://redirect.github.com/docker/login-action/pull/856">docker/login-action#856</a></li>
<li>Bump <code>@​aws-sdk/client-ecr-public</code> to 3.758.0 in <a
href="https://redirect.github.com/docker/login-action/pull/789">docker/login-action#789</a>
<a
href="https://redirect.github.com/docker/login-action/pull/856">docker/login-action#856</a></li>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.35.0 to 0.57.0 in
<a
href="https://redirect.github.com/docker/login-action/pull/801">docker/login-action#801</a>
<a
href="https://redirect.github.com/docker/login-action/pull/806">docker/login-action#806</a>
<a
href="https://redirect.github.com/docker/login-action/pull/858">docker/login-action#858</a></li>
<li>Bump cross-spawn from 7.0.3 to 7.0.6 in <a
href="https://redirect.github.com/docker/login-action/pull/814">docker/login-action#814</a></li>
<li>Bump https-proxy-agent from 7.0.5 to 7.0.6 in <a
href="https://redirect.github.com/docker/login-action/pull/823">docker/login-action#823</a></li>
<li>Bump path-to-regexp from 6.2.2 to 6.3.0 in <a
href="https://redirect.github.com/docker/login-action/pull/777">docker/login-action#777</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/login-action/compare/v3.3.0...v3.4.0">https://github.com/docker/login-action/compare/v3.3.0...v3.4.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/docker/login-action/commit/74a5d142397b4f367a81961eba4e8cd7edddf772"><code>74a5d14</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/856">#856</a>
from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...</li>
<li><a
href="https://github.com/docker/login-action/commit/2f4f00e4c6fe8a50cdd1fd618421be2e92b2f201"><code>2f4f00e</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/login-action/commit/67c184546cf989af16f02a1b5359e4bde3cdc524"><code>67c1845</code></a>
build(deps): bump the aws-sdk-dependencies group across 1 directory with
2 up...</li>
<li><a
href="https://github.com/docker/login-action/commit/3d4cc89e85e0cac73870ab81d3b72c0b700870d1"><code>3d4cc89</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/844">#844</a>
from graysonpike/master</li>
<li><a
href="https://github.com/docker/login-action/commit/6cc823a6c4738f797f031790fa7f982b7a8dcfdc"><code>6cc823a</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/823">#823</a>
from docker/dependabot/npm_and_yarn/proxy-agent-depen...</li>
<li><a
href="https://github.com/docker/login-action/commit/d94e792124647378e94c07359922f0f821a9fab2"><code>d94e792</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/login-action/commit/033db0da3047b4d01e249d66f56ae16a2ed6af87"><code>033db0d</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/812">#812</a>
from docker/dependabot/github_actions/codecov/codecov...</li>
<li><a
href="https://github.com/docker/login-action/commit/09c2ae9716c0bacef3c03e120a61c28adfb8595b"><code>09c2ae9</code></a>
build(deps): bump https-proxy-agent</li>
<li><a
href="https://github.com/docker/login-action/commit/ba56f006fc7190f752d4e6e1312f85697984a229"><code>ba56f00</code></a>
ci: update deprecated input for codecov-action</li>
<li><a
href="https://github.com/docker/login-action/commit/75bf9a79af089e9aa009972a6ecb22190a520679"><code>75bf9a7</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/858">#858</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li>Additional commits viewable in <a
href="https://github.com/docker/login-action/compare/9780b0c442fbb1117ed29e0efdff1e18412f7567...74a5d142397b4f367a81961eba4e8cd7edddf772">compare
view</a></li>
</ul>
</details>
<br />

Updates `tj-actions/changed-files` from
dcc7a0cba800f454d79fff4b993e8c3555bcc0a8 to
531f5f7d163941f0c1c04e0ff4d8bb243ac4366f
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h1><a
href="https://github.com/tj-actions/changed-files/compare/v46.0.0...v46.0.1">46.0.1</a>
- (2025-03-16)</h1>
<h2><!-- raw HTML omitted -->🔄 Update</h2>
<ul>
<li>Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2473">#2473</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a
href="https://github.com/tj-actions/changed-files/commit/2f7c5bfce28377bc069a65ba478de0a74aa0ca32">2f7c5bf</a>)
- (github-actions[bot])</p>
<ul>
<li>Sync-release-version.yml to use signed commits (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2472">#2472</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/4189ec62c445484531e9ad97157d990be96e88ee">4189ec6</a>)
- (Tonye Jack)</li>
</ul>
<h1><a
href="https://github.com/tj-actions/changed-files/compare/v45.0.9...v46.0.0">46.0.0</a>
- (2025-03-16)</h1>
<h2><!-- raw HTML omitted -->🐛 Bug Fixes</h2>
<ul>
<li>Update update-readme.yml to sign-commits (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2468">#2468</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/0f1ffe61855cb317d5fd66122c14dc0627eab141">0f1ffe6</a>)
- (Tonye Jack)</li>
<li>Update permission in update-readme.yml workflow (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2467">#2467</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/ddef03e37c84cfb9ee89fa055b86359aaf949c86">ddef03e</a>)
- (Tonye Jack)</li>
<li>Update github workflow update-readme.yml (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2466">#2466</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/9c2df0d54a911c819d7368d7e5ed7c01c0796e0a">9c2df0d</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted --> Remove</h2>
<ul>
<li>Deleted renovate.json (<a
href="https://github.com/tj-actions/changed-files/commit/e37e952786556966c1fb6183c5937b3966bab099">e37e952</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted -->🔄 Update</h2>
<ul>
<li>Sync-release-version.yml (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2471">#2471</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/4cd184a1dd542b79cca1d4d7938e4154a6520ca7">4cd184a</a>)
- (Tonye Jack)</li>
<li>Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2469">#2469</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a
href="https://github.com/tj-actions/changed-files/commit/5cbf22026d05fbef0c027d1b1f118fe3a1b6e435">5cbf220</a>)
- (github-actions[bot])</p>
<h2><!-- raw HTML omitted -->📚 Documentation</h2>
<ul>
<li>Update docs to highlight security issues (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2465">#2465</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/65253327cf47481b4b1b4b9fea78e143a1353147">6525332</a>)
- (Tonye Jack)</li>
</ul>
<h1><a
href="https://github.com/tj-actions/changed-files/compare/v45.0.4...v45.0.9">45.0.9</a>
- (2025-03-15)</h1>
<h2><!-- raw HTML omitted -->🐛 Bug Fixes</h2>
<ul>
<li><strong>deps:</strong> Update dependency <code>@​octokit/rest</code>
to v21.1.1 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2435">#2435</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/fb8dcda5fb8954cec37773d2b275a8579c86c781">fb8dcda</a>)
- (renovate[bot])</li>
<li><strong>deps:</strong> Update dependency <code>@​octokit/rest</code>
to v21.1.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2394">#2394</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/7b72c97d739f955f5cadca0d59799d826ae9f6c9">7b72c97</a>)
- (renovate[bot])</li>
<li><strong>deps:</strong> Update dependency yaml to v2.7.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2383">#2383</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/5f974c28f5044c411f0c9e7becf3f172029cf9cf">5f974c2</a>)
- (renovate[bot])</li>
</ul>
<h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2>
<ul>
<li><strong>deps:</strong> Lock file maintenance (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2460">#2460</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/9200e69727eb73eb060652b19946b8a2fdfb654b">9200e69</a>)
- (renovate[bot])</li>
<li><strong>deps:</strong> Update dependency <code>@​types/node</code>
to v22.13.10 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2459">#2459</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/e650cfdae513481a20f538e88d98b39106523006">e650cfd</a>)
- (renovate[bot])</li>
<li><strong>deps:</strong> Update dependency eslint-config-prettier to
v10.1.1 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2458">#2458</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/82af21f4a05896ca18c950539469bee225c45a89">82af21f</a>)
- (renovate[bot])</li>
<li><strong>deps:</strong> Update dependency eslint-config-prettier to
v10.1.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2457">#2457</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/82fa4a6402582d5c8c9c0e95b7ff7cc88992bbb4">82fa4a6</a>)
- (renovate[bot])</li>
<li><strong>deps:</strong> Update peter-evans/create-pull-request action
to v7.0.8 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2455">#2455</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/315505acf41d2913b71af48080fb158cd01f79e7">315505a</a>)
- (renovate[bot])</li>
<li><strong>deps:</strong> Update dependency <code>@​types/node</code>
to v22.13.9 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2454">#2454</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/c8e1cdb9ea135ee549963c167ffaec5e7d4a71cd">c8e1cdb</a>)
- (renovate[bot])</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/tj-actions/changed-files/commit/531f5f7d163941f0c1c04e0ff4d8bb243ac4366f"><code>531f5f7</code></a>
Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2479">#2479</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/dccd1949addfa3d93d458019c5495581c620b00c"><code>dccd194</code></a>
doc: update README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2478">#2478</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/9237eb7a0f95c801719e6224d45095d4dda0f9bd"><code>9237eb7</code></a>
Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2476">#2476</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/d52b942ee0c535798f0df9e1c05683f8e818c79b"><code>d52b942</code></a>
add hint to revoke leaked token (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2475">#2475</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/45fb12d7a8bedb4da42342e52fe054c6c2c3fd73"><code>45fb12d</code></a>
Upgraded to v46.0.1 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2474">#2474</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/2f7c5bfce28377bc069a65ba478de0a74aa0ca32"><code>2f7c5bf</code></a>
Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2473">#2473</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/4189ec62c445484531e9ad97157d990be96e88ee"><code>4189ec6</code></a>
update: sync-release-version.yml to use signed commits (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2472">#2472</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/4cd184a1dd542b79cca1d4d7938e4154a6520ca7"><code>4cd184a</code></a>
update: sync-release-version.yml (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2471">#2471</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/5cbf22026d05fbef0c027d1b1f118fe3a1b6e435"><code>5cbf220</code></a>
Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2469">#2469</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/0f1ffe61855cb317d5fd66122c14dc0627eab141"><code>0f1ffe6</code></a>
fix: update update-readme.yml to sign-commits (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2468">#2468</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/tj-actions/changed-files/compare/dcc7a0cba800f454d79fff4b993e8c3555bcc0a8...531f5f7d163941f0c1c04e0ff4d8bb243ac4366f">compare
view</a></li>
</ul>
</details>
<br />

Updates `nix-community/cache-nix-action` from 6.1.1 to 6.1.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/nix-community/cache-nix-action/releases">nix-community/cache-nix-action's
releases</a>.</em></p>
<blockquote>
<h2>v6.1.2</h2>
<h2>Fixes</h2>
<ul>
<li>Fix nix store database merging logic (<a
href="https://redirect.github.com/nix-community/cache-nix-action/pull/84">nix-community/cache-nix-action#84</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/nix-community/cache-nix-action/commit/c448f065ba14308da81de769632ca67a3ce67cf5"><code>c448f06</code></a>
Merge pull request <a
href="https://redirect.github.com/nix-community/cache-nix-action/issues/84">#84</a>
from nix-community/82-bug-v610-and-v611-dont-seem-to-w...</li>
<li><a
href="https://github.com/nix-community/cache-nix-action/commit/fc908ede39799ad79a606fe33e69e88457d34ebc"><code>fc908ed</code></a>
chore: build the action</li>
<li><a
href="https://github.com/nix-community/cache-nix-action/commit/57dad844a98b1a6324aa4453a8a8dc9625b1acc9"><code>57dad84</code></a>
chore: build the action</li>
<li><a
href="https://github.com/nix-community/cache-nix-action/commit/0d5803d685b779eaef4f25299f3df35ec63d995d"><code>0d5803d</code></a>
fix(action): print a message after the check</li>
<li><a
href="https://github.com/nix-community/cache-nix-action/commit/db360de0f846626dcb5183d838d0f1436d09c3c4"><code>db360de</code></a>
chore: build the action</li>
<li><a
href="https://github.com/nix-community/cache-nix-action/commit/07c1e7f98e139e19f4042ac93d7a36b68012fde7"><code>07c1e7f</code></a>
fix(action): join on the derivation path, not the output path</li>
<li><a
href="https://github.com/nix-community/cache-nix-action/commit/1b9cbefbf818ca652a08a9d1be8f18e7e2a244f7"><code>1b9cbef</code></a>
fix(action): parse gc-max-store-size correctly</li>
<li>See full diff in <a
href="https://github.com/nix-community/cache-nix-action/compare/aee88ae5efbbeb38ac5d9862ecbebdb404a19e69...c448f065ba14308da81de769632ca67a3ce67cf5">compare
view</a></li>
</ul>
</details>
<br />

Updates `aquasecurity/trivy-action` from 0.29.0 to 0.30.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/aquasecurity/trivy-action/releases">aquasecurity/trivy-action's
releases</a>.</em></p>
<blockquote>
<h2>v0.30.0</h2>
<h2>What's Changed</h2>
<ul>
<li>fix: Update default trivy version in README by <a
href="https://github.com/derrix060"><code>@​derrix060</code></a> in <a
href="https://redirect.github.com/aquasecurity/trivy-action/pull/444">aquasecurity/trivy-action#444</a></li>
<li>fix: typo in description of an input for action.yaml by <a
href="https://github.com/yutatokoi"><code>@​yutatokoi</code></a> in <a
href="https://redirect.github.com/aquasecurity/trivy-action/pull/452">aquasecurity/trivy-action#452</a></li>
<li>Improve README/SBOM by <a
href="https://github.com/AB-xdev"><code>@​AB-xdev</code></a> in <a
href="https://redirect.github.com/aquasecurity/trivy-action/pull/439">aquasecurity/trivy-action#439</a></li>
<li>chore: bump trivy to v0.60.0 by <a
href="https://github.com/nikpivkin"><code>@​nikpivkin</code></a> in <a
href="https://redirect.github.com/aquasecurity/trivy-action/pull/453">aquasecurity/trivy-action#453</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/derrix060"><code>@​derrix060</code></a>
made their first contribution in <a
href="https://redirect.github.com/aquasecurity/trivy-action/pull/444">aquasecurity/trivy-action#444</a></li>
<li><a href="https://github.com/yutatokoi"><code>@​yutatokoi</code></a>
made their first contribution in <a
href="https://redirect.github.com/aquasecurity/trivy-action/pull/452">aquasecurity/trivy-action#452</a></li>
<li><a href="https://github.com/AB-xdev"><code>@​AB-xdev</code></a> made
their first contribution in <a
href="https://redirect.github.com/aquasecurity/trivy-action/pull/439">aquasecurity/trivy-action#439</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/aquasecurity/trivy-action/compare/0.29.0...0.30.0">https://github.com/aquasecurity/trivy-action/compare/0.29.0...0.30.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/aquasecurity/trivy-action/commit/6c175e9c4083a92bbca2f9724c8a5e33bc2d97a5"><code>6c175e9</code></a>
chore: bump trivy to v0.60.0 (<a
href="https://redirect.github.com/aquasecurity/trivy-action/issues/453">#453</a>)</li>
<li><a
href="https://github.com/aquasecurity/trivy-action/commit/53e8848d3e517db48b0e70ae4f648a12ae04fe02"><code>53e8848</code></a>
Improve README/SBOM (<a
href="https://redirect.github.com/aquasecurity/trivy-action/issues/439">#439</a>)</li>
<li><a
href="https://github.com/aquasecurity/trivy-action/commit/ef1b561207528e89045580cdc5a02032d8a544df"><code>ef1b561</code></a>
fix: typo in description of an input for action.yaml (<a
href="https://redirect.github.com/aquasecurity/trivy-action/issues/452">#452</a>)</li>
<li><a
href="https://github.com/aquasecurity/trivy-action/commit/a11da62073708815958ea6d84f5650c78a3ef85b"><code>a11da62</code></a>
fix: Update default trivy version in README (<a
href="https://redirect.github.com/aquasecurity/trivy-action/issues/444">#444</a>)</li>
<li>See full diff in <a
href="https://github.com/aquasecurity/trivy-action/compare/18f2510ee396bbf400402947b394f2dd8c87dbb0...6c175e9c4083a92bbca2f9724c8a5e33bc2d97a5">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-03-17 11:56:03 +00:00
M Atif Ali 4987de654e chore: enable SBOM attestations for docker images (#16894) 
- Enable SBOM and provenance attestations in Docker builds
- Installs `cosign` and `syft` in dogfood image
- Adds [github
attestations](https://docs.github.com/en/actions/security-for-github-actions/using-artifact-attestations/using-artifact-attestations-to-establish-provenance-for-builds)

Signed-off-by: Thomas Kosiewski <tk@coder.com>

---------

Signed-off-by: Thomas Kosiewski <tk@coder.com>
Co-authored-by: Thomas Kosiewski <tk@coder.com>
 2025-03-13 21:45:11 +05:00
Cian Johnston 09dd69a7e8 chore(dogfood): include multiple templates under dogfood/ (#16846) 
* Renames `dogfood/contents` to `dogfood/coder`.
* Moves `coder-envbuilder` to `dogfood/coder-envbuilder`.
* Updates `dogfood/main.tf` to push `coder-envbuilder` template.
* Replaces hard-coded organization IDs with
`data.coderd_organization.default.id`.
 2025-03-11 13:17:40 +00:00
dependabot[bot] f21fcbd001 ci: bump the github-actions group across 1 directory with 5 updates (#16803) 
Bumps the github-actions group with 5 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [actions/cache](https://github.com/actions/cache) | `4.2.1` | `4.2.2`
|
| [crate-ci/typos](https://github.com/crate-ci/typos) | `1.29.9` |
`1.29.10` |
|
[actions/download-artifact](https://github.com/actions/download-artifact)
| `4.1.8` | `4.1.9` |
|
[google-github-actions/get-gke-credentials](https://github.com/google-github-actions/get-gke-credentials)
| `2.3.1` | `2.3.3` |
|
[docker/setup-buildx-action](https://github.com/docker/setup-buildx-action)
| `3.9.0` | `3.10.0` |


Updates `actions/cache` from 4.2.1 to 4.2.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/releases">actions/cache's
releases</a>.</em></p>
<blockquote>
<h2>v4.2.2</h2>
<h2>What's Changed</h2>
<blockquote>
<p>[!IMPORTANT]
As a reminder, there were important backend changes to release v4.2.0,
see <a href="https://github.com/actions/cache/releases/tag/v4.2.0">those
release notes</a> and <a
href="https://github.com/actions/cache/discussions/1510">the
announcement</a> for more details.</p>
</blockquote>
<ul>
<li>Bump <code>@​actions/cache</code> to v4.0.2 by <a
href="https://github.com/robherley"><code>@​robherley</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1560">actions/cache#1560</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/cache/compare/v4.2.1...v4.2.2">https://github.com/actions/cache/compare/v4.2.1...v4.2.2</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/blob/main/RELEASES.md">actions/cache's
changelog</a>.</em></p>
<blockquote>
<h1>Releases</h1>
<h3>4.2.2</h3>
<ul>
<li>Bump <code>@actions/cache</code> to v4.0.2</li>
</ul>
<h3>4.2.1</h3>
<ul>
<li>Bump <code>@actions/cache</code> to v4.0.1</li>
</ul>
<h3>4.2.0</h3>
<p>TLDR; The cache backend service has been rewritten from the ground up
for improved performance and reliability. <a
href="https://github.com/actions/cache">actions/cache</a> now integrates
with the new cache service (v2) APIs.</p>
<p>The new service will gradually roll out as of <strong>February 1st,
2025</strong>. The legacy service will also be sunset on the same date.
Changes in these release are <strong>fully backward
compatible</strong>.</p>
<p><strong>We are deprecating some versions of this action</strong>. We
recommend upgrading to version <code>v4</code> or <code>v3</code> as
soon as possible before <strong>February 1st, 2025.</strong> (Upgrade
instructions below).</p>
<p>If you are using pinned SHAs, please use the SHAs of versions
<code>v4.2.0</code> or <code>v3.4.0</code></p>
<p>If you do not upgrade, all workflow runs using any of the deprecated
<a href="https://github.com/actions/cache">actions/cache</a> will
fail.</p>
<p>Upgrading to the recommended versions will not break your
workflows.</p>
<h3>4.1.2</h3>
<ul>
<li>Add GitHub Enterprise Cloud instances hostname filters to inform API
endpoint choices - <a
href="https://redirect.github.com/actions/cache/pull/1474">#1474</a></li>
<li>Security fix: Bump braces from 3.0.2 to 3.0.3 - <a
href="https://redirect.github.com/actions/cache/pull/1475">#1475</a></li>
</ul>
<h3>4.1.1</h3>
<ul>
<li>Restore original behavior of <code>cache-hit</code> output - <a
href="https://redirect.github.com/actions/cache/pull/1467">#1467</a></li>
</ul>
<h3>4.1.0</h3>
<ul>
<li>Ensure <code>cache-hit</code> output is set when a cache is missed -
<a
href="https://redirect.github.com/actions/cache/pull/1404">#1404</a></li>
<li>Deprecate <code>save-always</code> input - <a
href="https://redirect.github.com/actions/cache/pull/1452">#1452</a></li>
</ul>
<h3>4.0.2</h3>
<ul>
<li>Fixed restore <code>fail-on-cache-miss</code> not working.</li>
</ul>
<h3>4.0.1</h3>
<ul>
<li>Updated <code>isGhes</code> check</li>
</ul>
<h3>4.0.0</h3>
<ul>
<li>Updated minimum runner version support from node 12 -&gt; node
20</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/cache/commit/d4323d4df104b026a6aa633fdb11d772146be0bf"><code>d4323d4</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1560">#1560</a>
from actions/robherley/v4.2.2</li>
<li><a
href="https://github.com/actions/cache/commit/da26677639ccfb4615f1acc52d1fc3dc89152490"><code>da26677</code></a>
bump <code>@​actions/cache</code> to v4.0.2, prep for v4.2.2
release</li>
<li><a
href="https://github.com/actions/cache/commit/7921ae235bdcb376cc8f22558dc5f8ddc3c3c2f9"><code>7921ae2</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1557">#1557</a>
from actions/robherley/ia-workflow-released</li>
<li><a
href="https://github.com/actions/cache/commit/393773170624981bfaa3aac1cb736e3004eac1de"><code>3937731</code></a>
Update publish-immutable-actions.yml</li>
<li>See full diff in <a
href="https://github.com/actions/cache/compare/0c907a75c2c80ebcb7f088228285e798b750cf8f...d4323d4df104b026a6aa633fdb11d772146be0bf">compare
view</a></li>
</ul>
</details>
<br />

Updates `crate-ci/typos` from 1.29.9 to 1.29.10
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/crate-ci/typos/releases">crate-ci/typos's
releases</a>.</em></p>
<blockquote>
<h2>v1.29.10</h2>
<h2>[1.29.10] - 2025-02-25</h2>
<h3>Fixes</h3>
<ul>
<li>Also correct <code>contaminent</code> as
<code>contaminant</code></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/crate-ci/typos/blob/master/CHANGELOG.md">crate-ci/typos's
changelog</a>.</em></p>
<blockquote>
<h1>Change Log</h1>
<p>All notable changes to this project will be documented in this
file.</p>
<p>The format is based on <a href="http://keepachangelog.com/">Keep a
Changelog</a>
and this project adheres to <a href="http://semver.org/">Semantic
Versioning</a>.</p>
<!-- raw HTML omitted -->
<h2>[Unreleased] - ReleaseDate</h2>
<h2>[1.30.1] - 2025-03-04</h2>
<h3>Features</h3>
<ul>
<li><em>(action)</em> Create <code>v1</code> tag</li>
</ul>
<h2>[1.30.0] - 2025-03-01</h2>
<h3>Features</h3>
<ul>
<li>Updated the dictionary with the <a
href="https://redirect.github.com/crate-ci/typos/issues/1221">February
2025</a> changes</li>
</ul>
<h2>[1.29.10] - 2025-02-25</h2>
<h3>Fixes</h3>
<ul>
<li>Also correct <code>contaminent</code> as
<code>contaminant</code></li>
</ul>
<h2>[1.29.9] - 2025-02-20</h2>
<h3>Fixes</h3>
<ul>
<li><em>(action)</em> Correctly get binary for some aarch64 systems</li>
</ul>
<h2>[1.29.8] - 2025-02-19</h2>
<h3>Features</h3>
<ul>
<li>Attempt to build Linux aarch64 binaries</li>
</ul>
<h2>[1.29.7] - 2025-02-13</h2>
<h3>Fixes</h3>
<ul>
<li>Don't correct <code>implementors</code></li>
</ul>
<h2>[1.29.6] - 2025-02-13</h2>
<h3>Features</h3>
<ul>
<li>Updated the dictionary with the <a
href="https://redirect.github.com/crate-ci/typos/issues/1200">January
2025</a> changes</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/crate-ci/typos/commit/db35ee91e80fbb447f33b0e5fbddb24d2a1a884f"><code>db35ee9</code></a>
chore: Release</li>
<li><a
href="https://github.com/crate-ci/typos/commit/9f43c4dbd2d1468320524b1bf059d6032cbc5a9e"><code>9f43c4d</code></a>
docs: Update changelog</li>
<li><a
href="https://github.com/crate-ci/typos/commit/a1da2ce137a90ed418bda5bdb706e97e958f18e7"><code>a1da2ce</code></a>
Merge pull request <a
href="https://redirect.github.com/crate-ci/typos/issues/1244">#1244</a>
from epage/containment</li>
<li><a
href="https://github.com/crate-ci/typos/commit/d74d5fd5ad85ea0d689c44b7d4013431b28423ac"><code>d74d5fd</code></a>
Merge pull request <a
href="https://redirect.github.com/crate-ci/typos/issues/1243">#1243</a>
from epage/dict</li>
<li><a
href="https://github.com/crate-ci/typos/commit/fa6122604f999e8dafb43b92eb3da3e90136a789"><code>fa61226</code></a>
refactor(dict): Drop a dict</li>
<li><a
href="https://github.com/crate-ci/typos/commit/6276d585f79214fb7db70ff1f93dbcb404e0bc9c"><code>6276d58</code></a>
fix(dict): Correct contaminents to another spelling</li>
<li><a
href="https://github.com/crate-ci/typos/commit/07c9e1f6faffe39ca3e52afe58ae8731cc4ebcf7"><code>07c9e1f</code></a>
chore(deps): Update Rust Stable to v1.85 (<a
href="https://redirect.github.com/crate-ci/typos/issues/1241">#1241</a>)</li>
<li><a
href="https://github.com/crate-ci/typos/commit/71643b1191585cd20de3b91d9c1e73d949309530"><code>71643b1</code></a>
Merge pull request <a
href="https://redirect.github.com/crate-ci/typos/issues/1240">#1240</a>
from szepeviktor/patch-1</li>
<li><a
href="https://github.com/crate-ci/typos/commit/931a5804a4dffb6343188d152e0c08c2147b5174"><code>931a580</code></a>
Fix typo in README</li>
<li><a
href="https://github.com/crate-ci/typos/commit/c5137fd6aab66cddb011a1cb93e2553f56cafc9f"><code>c5137fd</code></a>
refactor(action): Isolate unique parts</li>
<li>See full diff in <a
href="https://github.com/crate-ci/typos/compare/212923e4ff05b7fc2294a204405eec047b807138...db35ee91e80fbb447f33b0e5fbddb24d2a1a884f">compare
view</a></li>
</ul>
</details>
<br />

Updates `actions/download-artifact` from 4.1.8 to 4.1.9
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/download-artifact/releases">actions/download-artifact's
releases</a>.</em></p>
<blockquote>
<h2>v4.1.9</h2>
<h2>What's Changed</h2>
<ul>
<li>Add workflow file for publishing releases to immutable action
package by <a
href="https://github.com/Jcambass"><code>@​Jcambass</code></a> in <a
href="https://redirect.github.com/actions/download-artifact/pull/354">actions/download-artifact#354</a></li>
<li>docs: small migration fix by <a
href="https://github.com/froblesmartin"><code>@​froblesmartin</code></a>
in <a
href="https://redirect.github.com/actions/download-artifact/pull/370">actions/download-artifact#370</a></li>
<li>Update MIGRATION.md by <a
href="https://github.com/andyfeller"><code>@​andyfeller</code></a> in <a
href="https://redirect.github.com/actions/download-artifact/pull/372">actions/download-artifact#372</a></li>
<li>Update artifact package to 2.2.2 by <a
href="https://github.com/yacaovsnc"><code>@​yacaovsnc</code></a> in <a
href="https://redirect.github.com/actions/download-artifact/pull/380">actions/download-artifact#380</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/Jcambass"><code>@​Jcambass</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/download-artifact/pull/354">actions/download-artifact#354</a></li>
<li><a
href="https://github.com/froblesmartin"><code>@​froblesmartin</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/download-artifact/pull/370">actions/download-artifact#370</a></li>
<li><a
href="https://github.com/andyfeller"><code>@​andyfeller</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/download-artifact/pull/372">actions/download-artifact#372</a></li>
<li><a href="https://github.com/yacaovsnc"><code>@​yacaovsnc</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/download-artifact/pull/380">actions/download-artifact#380</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/download-artifact/compare/v4...v4.1.9">https://github.com/actions/download-artifact/compare/v4...v4.1.9</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/download-artifact/commit/cc203385981b70ca67e1cc392babf9cc229d5806"><code>cc20338</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/download-artifact/issues/380">#380</a>
from actions/yacaovsnc/release_4_1_9</li>
<li><a
href="https://github.com/actions/download-artifact/commit/1fc0fee191f40422f502da571c0f01ff460afe53"><code>1fc0fee</code></a>
Update artifact package to 2.2.2</li>
<li><a
href="https://github.com/actions/download-artifact/commit/7fba95161a0924506ed1ae69cdbae8371ee00b3f"><code>7fba951</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/download-artifact/issues/372">#372</a>
from andyfeller/patch-1</li>
<li><a
href="https://github.com/actions/download-artifact/commit/f9ceb7763ba1fdfd81b2e2f93aa1f6015ff6b35d"><code>f9ceb77</code></a>
Update MIGRATION.md</li>
<li><a
href="https://github.com/actions/download-artifact/commit/533298bc57c27f112a2c04a74a04a4d43e2866fd"><code>533298b</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/download-artifact/issues/370">#370</a>
from froblesmartin/patch-1</li>
<li><a
href="https://github.com/actions/download-artifact/commit/d06289e120b300840a833b25db66cb8c19f5d274"><code>d06289e</code></a>
docs: small migration fix</li>
<li><a
href="https://github.com/actions/download-artifact/commit/d0ce8fd1167ed839810201de977912a090ab10a7"><code>d0ce8fd</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/download-artifact/issues/354">#354</a>
from actions/Jcambass-patch-1</li>
<li><a
href="https://github.com/actions/download-artifact/commit/1ce0d91ace59dfbf6763107ee5aa8466ebbadf48"><code>1ce0d91</code></a>
Add workflow file for publishing releases to immutable action
package</li>
<li>See full diff in <a
href="https://github.com/actions/download-artifact/compare/fa0a91b85d4f404e444e00e005971372dc801d16...cc203385981b70ca67e1cc392babf9cc229d5806">compare
view</a></li>
</ul>
</details>
<br />

Updates `google-github-actions/get-gke-credentials` from 2.3.1 to 2.3.3
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/google-github-actions/get-gke-credentials/releases">google-github-actions/get-gke-credentials's
releases</a>.</em></p>
<blockquote>
<h2>v2.3.3</h2>
<h2>What's Changed</h2>
<ul>
<li>Description must be less than 125 characters by <a
href="https://github.com/sethvargo"><code>@​sethvargo</code></a> in <a
href="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/331">google-github-actions/get-gke-credentials#331</a></li>
<li>Release: v2.3.3 by <a
href="https://github.com/google-github-actions-bot"><code>@​google-github-actions-bot</code></a>
in <a
href="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/332">google-github-actions/get-gke-credentials#332</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/google-github-actions/get-gke-credentials/compare/v2.3.2...v2.3.3">https://github.com/google-github-actions/get-gke-credentials/compare/v2.3.2...v2.3.3</a></p>
<h2>v2.3.2</h2>
<h2>What's Changed</h2>
<ul>
<li>security: bump jsonpath-plus from 10.2.0 to 10.3.0 in the
npm_and_yarn group by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/327">google-github-actions/get-gke-credentials#327</a></li>
<li>Update deps by <a
href="https://github.com/sethvargo"><code>@​sethvargo</code></a> in <a
href="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/329">google-github-actions/get-gke-credentials#329</a></li>
<li>Release: v2.3.2 by <a
href="https://github.com/google-github-actions-bot"><code>@​google-github-actions-bot</code></a>
in <a
href="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/330">google-github-actions/get-gke-credentials#330</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/google-github-actions/get-gke-credentials/compare/v2.3.1...v2.3.2">https://github.com/google-github-actions/get-gke-credentials/compare/v2.3.1...v2.3.2</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/google-github-actions/get-gke-credentials/commit/d0cee45012069b163a631894b98904a9e6723729"><code>d0cee45</code></a>
Release: v2.3.3 (<a
href="https://redirect.github.com/google-github-actions/get-gke-credentials/issues/332">#332</a>)</li>
<li><a
href="https://github.com/google-github-actions/get-gke-credentials/commit/c1387e6b1efc91945c5f6150f3375ef91a6b69a0"><code>c1387e6</code></a>
Description must be less than 125 characters (<a
href="https://redirect.github.com/google-github-actions/get-gke-credentials/issues/331">#331</a>)</li>
<li><a
href="https://github.com/google-github-actions/get-gke-credentials/commit/d08c14912d6642ca79ec62782b87462236685240"><code>d08c149</code></a>
Release: v2.3.2 (<a
href="https://redirect.github.com/google-github-actions/get-gke-credentials/issues/330">#330</a>)</li>
<li><a
href="https://github.com/google-github-actions/get-gke-credentials/commit/5f781aae169bd8866ca79bbc10c402a1256d2ed1"><code>5f781aa</code></a>
Update deps (<a
href="https://redirect.github.com/google-github-actions/get-gke-credentials/issues/329">#329</a>)</li>
<li><a
href="https://github.com/google-github-actions/get-gke-credentials/commit/67b31da175b2546b2afc28460d0cafe927e6fd42"><code>67b31da</code></a>
security: bump jsonpath-plus from 10.2.0 to 10.3.0 in the npm_and_yarn
group ...</li>
<li>See full diff in <a
href="https://github.com/google-github-actions/get-gke-credentials/compare/7a108e64ed8546fe38316b4086e91da13f4785e1...d0cee45012069b163a631894b98904a9e6723729">compare
view</a></li>
</ul>
</details>
<br />

Updates `docker/setup-buildx-action` from 3.9.0 to 3.10.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.10.0</h2>
<ul>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.54.0 to 0.56.0 in
<a
href="https://redirect.github.com/docker/setup-buildx-action/pull/408">docker/setup-buildx-action#408</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-buildx-action/compare/v3.9.0...v3.10.0">https://github.com/docker/setup-buildx-action/compare/v3.9.0...v3.10.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/docker/setup-buildx-action/commit/b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2"><code>b5ca514</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/408">#408</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li><a
href="https://github.com/docker/setup-buildx-action/commit/1418a4ef330cff3d80e8707b47780be815fb20db"><code>1418a4e</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/setup-buildx-action/commit/93acf831ce48bc806b62b1e892b89fca8bf213e0"><code>93acf83</code></a>
build(deps): bump <code>@​docker/actions-toolkit</code> from 0.54.0 to
0.56.0</li>
<li>See full diff in <a
href="https://github.com/docker/setup-buildx-action/compare/f7ce87c1d6bead3e36075b2ce75da1f6cc28aaca...b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2">compare
view</a></li>
</ul>
</details>
<br />

<details>
<summary>Most Recent Ignore Conditions Applied to This Pull
Request</summary>

| Dependency Name | Ignore Conditions |
| --- | --- |
| crate-ci/typos | [>= 1.30.a, < 1.31] |
</details>


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-03-04 16:39:00 +00:00
Dean Sheather 64fec8bf0b feat: include winres metadata in Windows binaries (#16706) 
Adds information like product/file version, description, product name
and copyright to compiled Windows binaries in dogfood and release
builds. Also adds an icon to the executable.

This is necessary for Coder Desktop to be able to check the version on
binaries.

### Before:

![image](https://github.com/user-attachments/assets/82351b63-6b23-4ef8-ab89-7f9e6dafeabd)

![image](https://github.com/user-attachments/assets/d17d8098-e330-4ac0-b104-31163f84279f)

### After:

![image](https://github.com/user-attachments/assets/0ba50afa-ad53-4ad2-b5e2-557358cda037)

![image](https://github.com/user-attachments/assets/d305cc27-e3f3-41a8-9098-498b71344faa)

![image](https://github.com/user-attachments/assets/42f74ace-bda1-414f-b514-68d4d928c958)

Closes https://github.com/coder/coder/issues/16693
 2025-02-28 16:03:08 +11:00
Cian Johnston 2971957b88 ci: also restart tagged provisioner deployment (#16716) 
Forgot to add this to CI a while ago, and it only recently became
apparent!
 2025-02-26 17:12:51 +00:00
dependabot[bot] 3a2d4a2ccc ci: bump the github-actions group with 7 updates (#16671) 
Bumps the github-actions group with 7 updates:

| Package | From | To |
| --- | --- | --- |
| [actions/cache](https://github.com/actions/cache) | `4.2.0` | `4.2.1`
|
| [crate-ci/typos](https://github.com/crate-ci/typos) | `1.29.7` |
`1.29.9` |
| [azure/setup-helm](https://github.com/azure/setup-helm) | `4.2.0` |
`4.3.0` |
| [actions/upload-artifact](https://github.com/actions/upload-artifact)
| `4.6.0` | `4.6.1` |
| [fluxcd/flux2](https://github.com/fluxcd/flux2) | `2.4.0` | `2.5.0` |
| [ossf/scorecard-action](https://github.com/ossf/scorecard-action) |
`2.4.0` | `2.4.1` |
| [github/codeql-action](https://github.com/github/codeql-action) |
`3.28.9` | `3.28.10` |

Updates `actions/cache` from 4.2.0 to 4.2.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/releases">actions/cache's
releases</a>.</em></p>
<blockquote>
<h2>v4.2.1</h2>
<h2>What's Changed</h2>
<blockquote>
<p>[!IMPORTANT]
As a reminder, there were important backend changes to release v4.2.0,
see <a href="https://github.com/actions/cache/releases/tag/v4.2.0">those
release notes</a> and <a
href="https://github.com/actions/cache/discussions/1510">the
announcement</a> for more details.</p>
</blockquote>
<ul>
<li>docs: GitHub is spelled incorrectly in caching-strategies.md by <a
href="https://github.com/janco-absa"><code>@​janco-absa</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1526">actions/cache#1526</a></li>
<li>docs: Make the &quot;always save prime numbers&quot; example more
clear by <a href="https://github.com/Tobbe"><code>@​Tobbe</code></a> in
<a
href="https://redirect.github.com/actions/cache/pull/1525">actions/cache#1525</a></li>
<li>Update force deletion docs due a recent deprecation by <a
href="https://github.com/sebbalex"><code>@​sebbalex</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1500">actions/cache#1500</a></li>
<li>Bump <code>@​actions/cache</code> to v4.0.1 by <a
href="https://github.com/robherley"><code>@​robherley</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1554">actions/cache#1554</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/janco-absa"><code>@​janco-absa</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/cache/pull/1526">actions/cache#1526</a></li>
<li><a href="https://github.com/Tobbe"><code>@​Tobbe</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/cache/pull/1525">actions/cache#1525</a></li>
<li><a href="https://github.com/sebbalex"><code>@​sebbalex</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/cache/pull/1500">actions/cache#1500</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/cache/compare/v4.2.0...v4.2.1">https://github.com/actions/cache/compare/v4.2.0...v4.2.1</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/blob/main/RELEASES.md">actions/cache's
changelog</a>.</em></p>
<blockquote>
<h1>Releases</h1>
<h3>4.2.1</h3>
<ul>
<li>Bump <code>@actions/cache</code> to v4.0.1</li>
</ul>
<h3>4.2.0</h3>
<p>TLDR; The cache backend service has been rewritten from the ground up
for improved performance and reliability. <a
href="https://github.com/actions/cache">actions/cache</a> now integrates
with the new cache service (v2) APIs.</p>
<p>The new service will gradually roll out as of <strong>February 1st,
2025</strong>. The legacy service will also be sunset on the same date.
Changes in these release are <strong>fully backward
compatible</strong>.</p>
<p><strong>We are deprecating some versions of this action</strong>. We
recommend upgrading to version <code>v4</code> or <code>v3</code> as
soon as possible before <strong>February 1st, 2025.</strong> (Upgrade
instructions below).</p>
<p>If you are using pinned SHAs, please use the SHAs of versions
<code>v4.2.0</code> or <code>v3.4.0</code></p>
<p>If you do not upgrade, all workflow runs using any of the deprecated
<a href="https://github.com/actions/cache">actions/cache</a> will
fail.</p>
<p>Upgrading to the recommended versions will not break your
workflows.</p>
<h3>4.1.2</h3>
<ul>
<li>Add GitHub Enterprise Cloud instances hostname filters to inform API
endpoint choices - <a
href="https://redirect.github.com/actions/cache/pull/1474">#1474</a></li>
<li>Security fix: Bump braces from 3.0.2 to 3.0.3 - <a
href="https://redirect.github.com/actions/cache/pull/1475">#1475</a></li>
</ul>
<h3>4.1.1</h3>
<ul>
<li>Restore original behavior of <code>cache-hit</code> output - <a
href="https://redirect.github.com/actions/cache/pull/1467">#1467</a></li>
</ul>
<h3>4.1.0</h3>
<ul>
<li>Ensure <code>cache-hit</code> output is set when a cache is missed -
<a
href="https://redirect.github.com/actions/cache/pull/1404">#1404</a></li>
<li>Deprecate <code>save-always</code> input - <a
href="https://redirect.github.com/actions/cache/pull/1452">#1452</a></li>
</ul>
<h3>4.0.2</h3>
<ul>
<li>Fixed restore <code>fail-on-cache-miss</code> not working.</li>
</ul>
<h3>4.0.1</h3>
<ul>
<li>Updated <code>isGhes</code> check</li>
</ul>
<h3>4.0.0</h3>
<ul>
<li>Updated minimum runner version support from node 12 -&gt; node
20</li>
</ul>
<h3>3.4.0</h3>
<ul>
<li>Integrated with the new cache service (v2) APIs</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/cache/commit/0c907a75c2c80ebcb7f088228285e798b750cf8f"><code>0c907a7</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1554">#1554</a>
from actions/robherley/v4.2.1</li>
<li><a
href="https://github.com/actions/cache/commit/710893c2369beb60748049b671f18c43a3656fce"><code>710893c</code></a>
bump <code>@​actions/cache</code> to v4.0.1</li>
<li><a
href="https://github.com/actions/cache/commit/9fa7e61ec7e1f44ac75218e7aaea81da8856fd11"><code>9fa7e61</code></a>
Update force deletion docs due a recent deprecation (<a
href="https://redirect.github.com/actions/cache/issues/1500">#1500</a>)</li>
<li><a
href="https://github.com/actions/cache/commit/36f1e144e1c8edb0a652766b484448563d8baf46"><code>36f1e14</code></a>
docs: Make the &quot;always save prime numbers&quot; example more clear
(<a
href="https://redirect.github.com/actions/cache/issues/1525">#1525</a>)</li>
<li><a
href="https://github.com/actions/cache/commit/53aa38c736a561b9c17b62df3fe885a17b78ee6d"><code>53aa38c</code></a>
Correct GitHub Spelling in caching-strategies.md (<a
href="https://redirect.github.com/actions/cache/issues/1526">#1526</a>)</li>
<li>See full diff in <a
href="https://github.com/actions/cache/compare/1bd1e32a3bdc45362d1e726936510720a7c30a57...0c907a75c2c80ebcb7f088228285e798b750cf8f">compare
view</a></li>
</ul>
</details>
<br />

Updates `crate-ci/typos` from 1.29.7 to 1.29.9
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/crate-ci/typos/releases">crate-ci/typos's
releases</a>.</em></p>
<blockquote>
<h2>v1.29.9</h2>
<h2>[1.29.9] - 2025-02-20</h2>
<h3>Fixes</h3>
<ul>
<li><em>(action)</em> Correctly get binary for some aarch64 systems</li>
</ul>
<h2>v1.29.8</h2>
<h2>[1.29.8] - 2025-02-19</h2>
<h3>Features</h3>
<ul>
<li>Attempt to build Linux aarch64 binaries</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/crate-ci/typos/blob/master/CHANGELOG.md">crate-ci/typos's
changelog</a>.</em></p>
<blockquote>
<h1>Change Log</h1>
<p>All notable changes to this project will be documented in this
file.</p>
<p>The format is based on <a href="http://keepachangelog.com/">Keep a
Changelog</a>
and this project adheres to <a href="http://semver.org/">Semantic
Versioning</a>.</p>
<!-- raw HTML omitted -->
<h2>[Unreleased] - ReleaseDate</h2>
<h2>[1.29.9] - 2025-02-20</h2>
<h3>Fixes</h3>
<ul>
<li><em>(action)</em> Correctly get binary for some aarch64 systems</li>
</ul>
<h2>[1.29.8] - 2025-02-19</h2>
<h3>Features</h3>
<ul>
<li>Attempt to build Linux aarch64 binaries</li>
</ul>
<h2>[1.29.7] - 2025-02-13</h2>
<h3>Fixes</h3>
<ul>
<li>Don't correct <code>implementors</code></li>
</ul>
<h2>[1.29.6] - 2025-02-13</h2>
<h3>Features</h3>
<ul>
<li>Updated the dictionary with the <a
href="https://redirect.github.com/crate-ci/typos/issues/1200">January
2025</a> changes</li>
</ul>
<h2>[1.29.5] - 2025-01-30</h2>
<h3>Internal</h3>
<ul>
<li>Update a dependency</li>
</ul>
<h2>[1.29.4] - 2025-01-03</h2>
<h2>[1.29.3] - 2025-01-02</h2>
<h2>[1.29.2] - 2025-01-02</h2>
<h2>[1.29.1] - 2025-01-02</h2>
<h3>Fixes</h3>
<ul>
<li>Don't correct <code>deriver</code></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/crate-ci/typos/commit/212923e4ff05b7fc2294a204405eec047b807138"><code>212923e</code></a>
chore: Release</li>
<li><a
href="https://github.com/crate-ci/typos/commit/659bf5525349fd206cd1678999f83d18de56aff1"><code>659bf55</code></a>
docs: Update changelog</li>
<li><a
href="https://github.com/crate-ci/typos/commit/092b7056bbee0592fb00c370409b891f458a6e08"><code>092b705</code></a>
Merge pull request <a
href="https://redirect.github.com/crate-ci/typos/issues/1239">#1239</a>
from codingskynet/fix/support-aarch64</li>
<li><a
href="https://github.com/crate-ci/typos/commit/298a143ed0001bf83403a9ac2acd9d97bf90fb8c"><code>298a143</code></a>
chore(gh): Fix links</li>
<li><a
href="https://github.com/crate-ci/typos/commit/d7059d7796bd95ed84d7371925404ada3ef367b2"><code>d7059d7</code></a>
chore(gh): Fix links</li>
<li><a
href="https://github.com/crate-ci/typos/commit/636d59beef47e4c8c75497423a853bc830349dcf"><code>636d59b</code></a>
chore(gh): Encourage people to check for dupes</li>
<li><a
href="https://github.com/crate-ci/typos/commit/51cd88f328acb0b208a232c5cbccb83de6ac8188"><code>51cd88f</code></a>
chore(gh): Add a data template</li>
<li><a
href="https://github.com/crate-ci/typos/commit/c11cf6c0e1b424b62965a1370ec9926a0266dfb1"><code>c11cf6c</code></a>
chore(gh): Try to clarify template</li>
<li><a
href="https://github.com/crate-ci/typos/commit/3bcb9191487d04efb8260b9753e6f62262199265"><code>3bcb919</code></a>
fix: add aarch64 on arm64 cond</li>
<li><a
href="https://github.com/crate-ci/typos/commit/1ea66fdf4d62b5a980bff2c47e0be131365bfcf2"><code>1ea66fd</code></a>
docs(readme): Call out that the readme is not exhaustive</li>
<li>Additional commits viewable in <a
href="https://github.com/crate-ci/typos/compare/51f257b946f503b768e522781f56e9b7b5570d48...212923e4ff05b7fc2294a204405eec047b807138">compare
view</a></li>
</ul>
</details>
<br />

Updates `azure/setup-helm` from 4.2.0 to 4.3.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/azure/setup-helm/releases">azure/setup-helm's
releases</a>.</em></p>
<blockquote>
<h2>v4.3.0</h2>
<ul>
<li><a
href="https://redirect.github.com/azure/setup-helm/issues/152">#152</a>
feat: log when restoring from cache</li>
<li><a
href="https://redirect.github.com/azure/setup-helm/issues/157">#157</a>
Dependencies Update</li>
<li><a
href="https://redirect.github.com/azure/setup-helm/issues/137">#137</a>
Add dependabot</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/Azure/setup-helm/blob/main/CHANGELOG.md">azure/setup-helm's
changelog</a>.</em></p>
<blockquote>
<h1>Change Log</h1>
<h2>[4.3.0] - 2025-02-15</h2>
<ul>
<li><a
href="https://redirect.github.com/azure/setup-helm/issues/152">#152</a>
feat: log when restoring from cache</li>
<li><a
href="https://redirect.github.com/azure/setup-helm/issues/157">#157</a>
Dependencies Update</li>
<li><a
href="https://redirect.github.com/azure/setup-helm/issues/137">#137</a>
Add dependabot</li>
</ul>
<h2>[4.2.0] - 2024-04-15</h2>
<ul>
<li><a
href="https://redirect.github.com/azure/setup-helm/issues/124">#124</a>
Fix OS detection and download OS-native archive extension</li>
</ul>
<h2>[4.1.0] - 2024-03-01</h2>
<ul>
<li><a
href="https://redirect.github.com/azure/setup-helm/issues/130">#130</a>
switches to use Helm published file to read latest version instead of
using GitHub releases</li>
</ul>
<h2>[4.0.0] - 2024-02-12</h2>
<ul>
<li><a
href="https://redirect.github.com/azure/setup-helm/issues/121">#121</a>
update to node20 as node16 is deprecated</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/Azure/setup-helm/commit/b9e51907a09c216f16ebe8536097933489208112"><code>b9e5190</code></a>
build</li>
<li><a
href="https://github.com/Azure/setup-helm/commit/0e8654bb94582592935dc70ca0438926cea61865"><code>0e8654b</code></a>
Release setup-helm version 4.3.0 (<a
href="https://redirect.github.com/azure/setup-helm/issues/162">#162</a>)</li>
<li><a
href="https://github.com/Azure/setup-helm/commit/b48e1dfac1cac293240bf5ea8d7054a228769739"><code>b48e1df</code></a>
feat: log when restoring from cache (<a
href="https://redirect.github.com/azure/setup-helm/issues/152">#152</a>)</li>
<li><a
href="https://github.com/Azure/setup-helm/commit/855ae7a03c297d33ee0f6e0959cfc87f4ba7ee0c"><code>855ae7a</code></a>
Bump the actions group across 1 directory with 3 updates (<a
href="https://redirect.github.com/azure/setup-helm/issues/159">#159</a>)</li>
<li><a
href="https://github.com/Azure/setup-helm/commit/124c6d88e7a75334a4fad6d0905089d6d714d088"><code>124c6d8</code></a>
Dependencies Update (<a
href="https://redirect.github.com/azure/setup-helm/issues/157">#157</a>)</li>
<li><a
href="https://github.com/Azure/setup-helm/commit/048f4e7eae1192e88a86787d033f837a2aa27d4c"><code>048f4e7</code></a>
Bump the actions group across 1 directory with 2 updates (<a
href="https://redirect.github.com/azure/setup-helm/issues/151">#151</a>)</li>
<li><a
href="https://github.com/Azure/setup-helm/commit/8618769467d74e09809f09197c6fb7ca9f50d5ae"><code>8618769</code></a>
Bump the actions group across 1 directory with 4 updates (<a
href="https://redirect.github.com/azure/setup-helm/issues/149">#149</a>)</li>
<li><a
href="https://github.com/Azure/setup-helm/commit/4eb898eef0f80e48f43929d83a1db3b30e766a1f"><code>4eb898e</code></a>
Bump the actions group across 1 directory with 2 updates (<a
href="https://redirect.github.com/azure/setup-helm/issues/145">#145</a>)</li>
<li><a
href="https://github.com/Azure/setup-helm/commit/7a2001c0f6ca6db9afce16d84b88c7307ed9a707"><code>7a2001c</code></a>
Bump the actions group across 1 directory with 2 updates (<a
href="https://redirect.github.com/azure/setup-helm/issues/143">#143</a>)</li>
<li><a
href="https://github.com/Azure/setup-helm/commit/e90c86ceeaceb8a9de7d8225d29b43fa620e3709"><code>e90c86c</code></a>
Bump the actions group across 1 directory with 9 updates (<a
href="https://redirect.github.com/azure/setup-helm/issues/141">#141</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/azure/setup-helm/compare/fe7b79cd5ee1e45176fcad797de68ecaf3ca4814...b9e51907a09c216f16ebe8536097933489208112">compare
view</a></li>
</ul>
</details>
<br />

Updates `actions/upload-artifact` from 4.6.0 to 4.6.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's
releases</a>.</em></p>
<blockquote>
<h2>v4.6.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Update to use artifact 2.2.2 package by <a
href="https://github.com/yacaovsnc"><code>@​yacaovsnc</code></a> in <a
href="https://redirect.github.com/actions/upload-artifact/pull/673">actions/upload-artifact#673</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/upload-artifact/compare/v4...v4.6.1">https://github.com/actions/upload-artifact/compare/v4...v4.6.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/upload-artifact/commit/4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1"><code>4cec3d8</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/upload-artifact/issues/673">#673</a>
from actions/yacaovsnc/artifact_2.2.2</li>
<li><a
href="https://github.com/actions/upload-artifact/commit/e9fad966ccdffceea5de0445882c9455934bcf8e"><code>e9fad96</code></a>
license cache update for artifact</li>
<li><a
href="https://github.com/actions/upload-artifact/commit/b26fd06e9da88a61ada55f23d7863325b1f115d3"><code>b26fd06</code></a>
Update to use artifact 2.2.2 package</li>
<li>See full diff in <a
href="https://github.com/actions/upload-artifact/compare/65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08...4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1">compare
view</a></li>
</ul>
</details>
<br />

Updates `fluxcd/flux2` from 2.4.0 to 2.5.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/fluxcd/flux2/releases">fluxcd/flux2's
releases</a>.</em></p>
<blockquote>
<h2>v2.5.0</h2>
<h2>Highlights</h2>
<p>Flux v2.5.0 is a feature release. Users are encouraged to upgrade for
the best experience.</p>
<p>For a compressive overview of new features and API changes included
in this release,
please refer to the <a
href="https://fluxcd.io/blog/2025/02/flux-v2.5.0/">Announcing Flux 2.5
GA blog post</a>.</p>
<p>Overview of the new features:</p>
<ul>
<li>Support for GitHub App authentication (<code>GitRepository</code>
and <code>ImageUpdateAutomation</code> API)</li>
<li>Custom Health Checks using CEL (<code>Kustomization</code> API)</li>
<li>Fine-grained control of garbage collection
(<code>Kustomization</code> API)</li>
<li>Enable decryption of secrets generated by Kustomize components
(<code>Kustomization</code> API)</li>
<li>Support for custom event metadata from annotations
(<code>Alert</code> API)</li>
<li>Git commit status updates for Flux Kustomizations with OCIRepository
sources (<code>Alert</code> API)</li>
<li>Resource filtering using CEL for webhook receivers
(<code>Receiver</code> API)</li>
<li>Debug commands for Flux Kustomizations and HelmReleases (Flux
CLI)</li>
</ul>
<p>❤️ Big thanks to all the Flux contributors that helped us with this
release!</p>
<h3>Kubernetes compatibility</h3>
<p>This release is compatible with the following Kubernetes
versions:</p>
<table>
<thead>
<tr>
<th>Kubernetes version</th>
<th>Minimum required</th>
</tr>
</thead>
<tbody>
<tr>
<td><code>v1.30</code></td>
<td><code>&gt;= 1.30.0</code></td>
</tr>
<tr>
<td><code>v1.31</code></td>
<td><code>&gt;= 1.31.0</code></td>
</tr>
<tr>
<td><code>v1.32</code></td>
<td><code>&gt;= 1.32.0</code></td>
</tr>
</tbody>
</table>
<blockquote>
<p>[!NOTE]
Note that the Flux project offers support only for the latest three
minor versions of Kubernetes.
Backwards compatibility with older versions of Kubernetes and OpenShift
is offered by vendors such as
<a
href="https://control-plane.io/enterprise-for-flux-cd/">ControlPlane</a>
that provide enterprise support for Flux.</p>
</blockquote>
<h3>OpenShift compatibility</h3>
<p>Flux can be installed on Red Hat OpenShift cluster directly from
OperatorHub using
<a href="https://operatorhub.io/operator/flux-operator">Flux
Operator</a>.
The operator allows the configuration of Flux multi-tenancy lockdown,
network policies,
persistent storage, sharding, vertical scaling and the synchronization
of the cluster state from Git repositories, OCI artifacts and
S3-compatible storage.</p>
<h2>Upgrade procedure</h2>
<p>Upgrade Flux from <code>v2.4.0</code> to <code>v2.5.0</code> by
following the <a
href="https://fluxcd.io/flux/installation/upgrade/">upgrade
guide</a>.</p>
<p>There are no new API versions in this release, so no changes are
required in the YAML manifests containing Flux resources.</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/fluxcd/flux2/commit/af67405ee43a6cd66e0b73f4b3802e8583f9d961"><code>af67405</code></a>
Merge pull request <a
href="https://redirect.github.com/fluxcd/flux2/issues/5204">#5204</a>
from fluxcd/kubectl-1.32.2</li>
<li><a
href="https://github.com/fluxcd/flux2/commit/6f65c92fe7f335ba965d743ffb6d53c0b3470779"><code>6f65c92</code></a>
Update kubectl in flux-cli image</li>
<li><a
href="https://github.com/fluxcd/flux2/commit/c84d3122890a05491ce9ef6215e5b1dfb741cc99"><code>c84d312</code></a>
Merge pull request <a
href="https://redirect.github.com/fluxcd/flux2/issues/5203">#5203</a>
from fluxcd/fix-cli-build</li>
<li><a
href="https://github.com/fluxcd/flux2/commit/d37473ff4469cb62f2b5c8fe142209be624c9afc"><code>d37473f</code></a>
Update flux-cli image</li>
<li><a
href="https://github.com/fluxcd/flux2/commit/712b03727ae48f9366b80af783f334b2f5d7d919"><code>712b037</code></a>
Merge pull request <a
href="https://redirect.github.com/fluxcd/flux2/issues/5200">#5200</a>
from fluxcd/update-k8s-check</li>
<li><a
href="https://github.com/fluxcd/flux2/commit/14da7d58be2f61eac70e206bfa040707676354e6"><code>14da7d5</code></a>
Update Kubernetes min supported version to 1.30</li>
<li><a
href="https://github.com/fluxcd/flux2/commit/45da6a86f84e1a6839afbbf723c11c8548911764"><code>45da6a8</code></a>
Merge pull request <a
href="https://redirect.github.com/fluxcd/flux2/issues/5199">#5199</a>
from fluxcd/tests-2.5</li>
<li><a
href="https://github.com/fluxcd/flux2/commit/3053a0b8405545b406bab8b27d3aac252c92374c"><code>3053a0b</code></a>
Update integration tests dependencies for Flux 2.5</li>
<li><a
href="https://github.com/fluxcd/flux2/commit/96f95b6b4c9c9dc3b9e02f1045f756093f36630c"><code>96f95b6</code></a>
Merge pull request <a
href="https://redirect.github.com/fluxcd/flux2/issues/5195">#5195</a>
from fluxcd/update-components</li>
<li><a
href="https://github.com/fluxcd/flux2/commit/cf92e02f531dede408ba81add5adcaf7ae8d7e70"><code>cf92e02</code></a>
Update toolkit components</li>
<li>Additional commits viewable in <a
href="https://github.com/fluxcd/flux2/compare/5350425cdcd5fa015337e09fa502153c0275bd4b...af67405ee43a6cd66e0b73f4b3802e8583f9d961">compare
view</a></li>
</ul>
</details>
<br />

Updates `ossf/scorecard-action` from 2.4.0 to 2.4.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/ossf/scorecard-action/releases">ossf/scorecard-action's
releases</a>.</em></p>
<blockquote>
<h2>v2.4.1</h2>
<h2>What's Changed</h2>
<ul>
<li>This update bumps the Scorecard version to the v5.1.1 release. For a
complete list of changes, please refer to the <a
href="https://github.com/ossf/scorecard/releases/tag/v5.1.0">v5.1.0</a>
and <a
href="https://github.com/ossf/scorecard/releases/tag/v5.1.1">v5.1.1</a>
release notes.</li>
<li>Publishing results now uses half the API quota as before. The exact
savings depends on the repository in question.
<ul>
<li>use Scorecard library entrypoint instead of Cobra hooking by <a
href="https://github.com/spencerschrock"><code>@​spencerschrock</code></a>
in <a
href="https://redirect.github.com/ossf/scorecard-action/pull/1423">ossf/scorecard-action#1423</a></li>
</ul>
</li>
<li>Some errors were made into annotations to make them more visible
<ul>
<li>Make default branch error more prominent by <a
href="https://github.com/jsoref"><code>@​jsoref</code></a> in <a
href="https://redirect.github.com/ossf/scorecard-action/pull/1459">ossf/scorecard-action#1459</a></li>
</ul>
</li>
<li>There is now an optional <code>file_mode</code> input which controls
how repository files are fetched from GitHub. The default is
<code>archive</code>, but <code>git</code> produces the most accurate
results for repositories with <code>.gitattributes</code> files at the
cost of analysis speed.
<ul>
<li>add input for specifying <code>--file-mode</code> by <a
href="https://github.com/spencerschrock"><code>@​spencerschrock</code></a>
in <a
href="https://redirect.github.com/ossf/scorecard-action/pull/1509">ossf/scorecard-action#1509</a></li>
</ul>
</li>
<li>The underlying container for the action is now <a
href="https://github.com/ossf/scorecard-action/pkgs/container/scorecard-action">hosted
on GitHub Container Registry</a>. There should be no functional changes.
<ul>
<li>🌱 publish docker images to GitHub Container Registry by <a
href="https://github.com/spencerschrock"><code>@​spencerschrock</code></a>
in <a
href="https://redirect.github.com/ossf/scorecard-action/pull/1453">ossf/scorecard-action#1453</a></li>
</ul>
</li>
</ul>
<h3>Docs</h3>
<ul>
<li>Installation docs update by <a
href="https://github.com/JeremiahAHoward"><code>@​JeremiahAHoward</code></a>
in <a
href="https://redirect.github.com/ossf/scorecard-action/pull/1416">ossf/scorecard-action#1416</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/JeremiahAHoward"><code>@​JeremiahAHoward</code></a>
made their first contribution in <a
href="https://redirect.github.com/ossf/scorecard-action/pull/1416">ossf/scorecard-action#1416</a></li>
<li><a href="https://github.com/jsoref"><code>@​jsoref</code></a> made
their first contribution in <a
href="https://redirect.github.com/ossf/scorecard-action/pull/1459">ossf/scorecard-action#1459</a>
<strong>Full Changelog</strong>: <a
href="https://github.com/ossf/scorecard-action/compare/v2.4.0...v2.4.1">https://github.com/ossf/scorecard-action/compare/v2.4.0...v2.4.1</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/ossf/scorecard-action/commit/f49aabe0b5af0936a0987cfb85d86b75731b0186"><code>f49aabe</code></a>
bump docker to ghcr v2.4.1 (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1478">#1478</a>)</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/30a595ba8670f7bd5e2d33119dfeeb6ab2f64991"><code>30a595b</code></a>
🌱 Bump github.com/sigstore/cosign/v2 from 2.4.2 to 2.4.3 (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1515">#1515</a>)</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/69ae593b7addfd5241b46c43c7ed6abbd7203d55"><code>69ae593</code></a>
omit vcs info from build (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1514">#1514</a>)</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/6a62a1cbf28018bd61197d0c2852b94b046fe1a4"><code>6a62a1c</code></a>
add input for specifying <code>--file-mode</code> (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1509">#1509</a>)</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/2722664778d49161a69d42f8e82e15ed38fea8d1"><code>2722664</code></a>
🌱 Bump the github-actions group with 2 updates (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1510">#1510</a>)</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/ae0ef3171a81cb48c3fdaaf34cba323d0c51fefb"><code>ae0ef31</code></a>
🌱 Bump github.com/spf13/cobra from 1.8.1 to 1.9.1 (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1512">#1512</a>)</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/3676bbc29082184ac34a84d1573c0419f81c4a68"><code>3676bbc</code></a>
🌱 Bump golang from 1.23.6 to 1.24.0 in the docker-images group
(<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1513">#1513</a>)</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/ae7548a0ff1b94dda3a89eeda8f59c031874f035"><code>ae7548a</code></a>
Limit codeQL push trigger to main branch (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1507">#1507</a>)</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/9165624e75f0c73d13a9db2d4d920bcc5fc3a801"><code>9165624</code></a>
upgrade scorecard to v5.1.0 (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1508">#1508</a>)</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/620fd28d6b2ba01c1d70cf63dfb4bdf868e19d6f"><code>620fd28</code></a>
🌱 Bump the github-actions group with 2 updates (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1505">#1505</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/ossf/scorecard-action/compare/62b2cac7ed8198b15735ed49ab1e5cf35480ba46...f49aabe0b5af0936a0987cfb85d86b75731b0186">compare
view</a></li>
</ul>
</details>
<br />

Updates `github/codeql-action` from 3.28.9 to 3.28.10
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.28.10</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.28.10 - 21 Feb 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.5. <a
href="https://redirect.github.com/github/codeql-action/pull/2772">#2772</a></li>
<li>Address an issue where the CodeQL Bundle would occasionally fail to
decompress on macOS. <a
href="https://redirect.github.com/github/codeql-action/pull/2768">#2768</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.28.10/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.28.10 - 21 Feb 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.5. <a
href="https://redirect.github.com/github/codeql-action/pull/2772">#2772</a></li>
<li>Address an issue where the CodeQL Bundle would occasionally fail to
decompress on macOS. <a
href="https://redirect.github.com/github/codeql-action/pull/2768">#2768</a></li>
</ul>
<h2>3.28.9 - 07 Feb 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.4. <a
href="https://redirect.github.com/github/codeql-action/pull/2753">#2753</a></li>
</ul>
<h2>3.28.8 - 29 Jan 2025</h2>
<ul>
<li>Enable support for Kotlin 2.1.10 when running with CodeQL CLI
v2.20.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2744">#2744</a></li>
</ul>
<h2>3.28.7 - 29 Jan 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.6 - 27 Jan 2025</h2>
<ul>
<li>Re-enable debug artifact upload for CLI versions 2.20.3 or greater.
<a
href="https://redirect.github.com/github/codeql-action/pull/2726">#2726</a></li>
</ul>
<h2>3.28.5 - 24 Jan 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2717">#2717</a></li>
</ul>
<h2>3.28.4 - 23 Jan 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.3 - 22 Jan 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.2. <a
href="https://redirect.github.com/github/codeql-action/pull/2707">#2707</a></li>
<li>Fix an issue downloading the CodeQL Bundle from a GitHub Enterprise
Server instance which occurred when the CodeQL Bundle had been synced to
the instance using the <a
href="https://github.com/github/codeql-action-sync-tool">CodeQL Action
sync tool</a> and the Actions runner did not have Zstandard installed.
<a
href="https://redirect.github.com/github/codeql-action/pull/2710">#2710</a></li>
<li>Uploading debug artifacts for CodeQL analysis is temporarily
disabled. <a
href="https://redirect.github.com/github/codeql-action/pull/2712">#2712</a></li>
</ul>
<h2>3.28.2 - 21 Jan 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.1 - 10 Jan 2025</h2>
<ul>
<li>CodeQL Action v2 is now deprecated, and is no longer updated or
supported. For better performance, improved security, and new features,
upgrade to v3. For more information, see <a
href="https://github.blog/changelog/2025-01-10-code-scanning-codeql-action-v2-is-now-deprecated/">this
changelog post</a>. <a
href="https://redirect.github.com/github/codeql-action/pull/2677">#2677</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d"><code>b56ba49</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2778">#2778</a>
from github/update-v3.28.10-9856c48b1</li>
<li><a
href="https://github.com/github/codeql-action/commit/60c9c77c33f2cd66390a3778d54de88b735b2526"><code>60c9c77</code></a>
Update changelog for v3.28.10</li>
<li><a
href="https://github.com/github/codeql-action/commit/9856c48b1a54789454314b4c32ef2354fe213208"><code>9856c48</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2773">#2773</a>
from github/redsun82/rust</li>
<li><a
href="https://github.com/github/codeql-action/commit/9572e09da430b4c71f7488e4195b4ca6ce1c6ef0"><code>9572e09</code></a>
Rust: fix log string</li>
<li><a
href="https://github.com/github/codeql-action/commit/1a529366ac3620317d953e2d4018eafa7459cb1c"><code>1a52936</code></a>
Rust: special case default setup</li>
<li><a
href="https://github.com/github/codeql-action/commit/cf7e90952bcceaebd4a548c2809ea6a5d461a1bc"><code>cf7e909</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2772">#2772</a>
from github/update-bundle/codeql-bundle-v2.20.5</li>
<li><a
href="https://github.com/github/codeql-action/commit/b7006aab6d38638d18e38a27c18f67138529c2f8"><code>b7006aa</code></a>
Merge branch 'main' into update-bundle/codeql-bundle-v2.20.5</li>
<li><a
href="https://github.com/github/codeql-action/commit/cfedae723eaced5e13052b529375e7b00d49a9cd"><code>cfedae7</code></a>
Rust: throw configuration errors if requested and not correctly
enabled</li>
<li><a
href="https://github.com/github/codeql-action/commit/3971ed2a74ede0669fa7f4f5af4292030280dbfd"><code>3971ed2</code></a>
Merge branch 'main' into redsun82/rust</li>
<li><a
href="https://github.com/github/codeql-action/commit/d38c6e60dfb0232f85e388dd416559ed07da5f3a"><code>d38c6e6</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2775">#2775</a>
from github/angelapwen/bump-octokit</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0...b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-02-24 13:10:51 +00:00
dependabot[bot] e39f39ee20 ci: bump the github-actions group with 2 updates (#16593) 
Bumps the github-actions group with 2 updates:
[step-security/harden-runner](https://github.com/step-security/harden-runner)
and [crate-ci/typos](https://github.com/crate-ci/typos).

Updates `step-security/harden-runner` from 2.10.4 to 2.11.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's
releases</a>.</em></p>
<blockquote>
<h2>v2.11.0</h2>
<h2>What's Changed</h2>
<p>Release v2.11.0 in <a
href="https://redirect.github.com/step-security/harden-runner/issues/498">#498</a>
Harden-Runner Enterprise tier now supports the use of eBPF for DNS
resolution and network call monitoring</p>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/step-security/harden-runner/compare/v2...v2.11.0">https://github.com/step-security/harden-runner/compare/v2...v2.11.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/step-security/harden-runner/commit/4d991eb9b905ef189e4c376166672c3f2f230481"><code>4d991eb</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/498">#498</a>
from step-security/rc-18</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/4ea872f89714b83576609e6f89476dfb114a6246"><code>4ea872f</code></a>
Update README.md</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/65d6f6e4ee070283fc8739e8d8295eb6c554029a"><code>65d6f6e</code></a>
Add workflows</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/1034c9a80544b55a7706ed377ea64ded8b0c7ea4"><code>1034c9a</code></a>
Update package-lock.json</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/ab221e2d7a450f54fde8ccb211cea73c5bcf1e2a"><code>ab221e2</code></a>
Update agent</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/7cb6c2fb524eafc78ce834c51af420c289690789"><code>7cb6c2f</code></a>
Update agent</li>
<li>See full diff in <a
href="https://github.com/step-security/harden-runner/compare/cb605e52c26070c328afc4562f0b4ada7618a84e...4d991eb9b905ef189e4c376166672c3f2f230481">compare
view</a></li>
</ul>
</details>
<br />

Updates `crate-ci/typos` from 1.29.5 to 1.29.7
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/crate-ci/typos/releases">crate-ci/typos's
releases</a>.</em></p>
<blockquote>
<h2>v1.29.7</h2>
<h2>[1.29.7] - 2025-02-13</h2>
<h3>Fixes</h3>
<ul>
<li>Don't correct <code>implementors</code></li>
</ul>
<h2>v1.29.6</h2>
<h2>[1.29.6] - 2025-02-13</h2>
<h3>Features</h3>
<ul>
<li>Updated the dictionary with the <a
href="https://redirect.github.com/crate-ci/typos/issues/1200">January
2025</a> changes</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/crate-ci/typos/blob/master/CHANGELOG.md">crate-ci/typos's
changelog</a>.</em></p>
<blockquote>
<h1>Change Log</h1>
<p>All notable changes to this project will be documented in this
file.</p>
<p>The format is based on <a href="http://keepachangelog.com/">Keep a
Changelog</a>
and this project adheres to <a href="http://semver.org/">Semantic
Versioning</a>.</p>
<!-- raw HTML omitted -->
<h2>[Unreleased] - ReleaseDate</h2>
<h2>[1.29.7] - 2025-02-13</h2>
<h3>Fixes</h3>
<ul>
<li>Don't correct <code>implementors</code></li>
</ul>
<h2>[1.29.6] - 2025-02-13</h2>
<h3>Features</h3>
<ul>
<li>Updated the dictionary with the <a
href="https://redirect.github.com/crate-ci/typos/issues/1200">January
2025</a> changes</li>
</ul>
<h2>[1.29.5] - 2025-01-30</h2>
<h3>Internal</h3>
<ul>
<li>Update a dependency</li>
</ul>
<h2>[1.29.4] - 2025-01-03</h2>
<h2>[1.29.3] - 2025-01-02</h2>
<h2>[1.29.2] - 2025-01-02</h2>
<h2>[1.29.1] - 2025-01-02</h2>
<h3>Fixes</h3>
<ul>
<li>Don't correct <code>deriver</code></li>
</ul>
<h2>[1.29.0] - 2024-12-31</h2>
<h3>Features</h3>
<ul>
<li>Updated the dictionary with the <a
href="https://redirect.github.com/crate-ci/typos/issues/1156">December
2024</a> changes</li>
</ul>
<h3>Performance</h3>
<ul>
<li>Sped up dictionary lookups</li>
</ul>
<h2>[1.28.4] - 2024-12-16</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/crate-ci/typos/commit/51f257b946f503b768e522781f56e9b7b5570d48"><code>51f257b</code></a>
chore: Release</li>
<li><a
href="https://github.com/crate-ci/typos/commit/26abf5bab7c077003c530d632ba2d194dcb50eaf"><code>26abf5b</code></a>
docs: Update changelog</li>
<li><a
href="https://github.com/crate-ci/typos/commit/70356ad394aed5f2198728ae716d07306284545d"><code>70356ad</code></a>
Merge pull request <a
href="https://redirect.github.com/crate-ci/typos/issues/1229">#1229</a>
from epage/english</li>
<li><a
href="https://github.com/crate-ci/typos/commit/1121a62d94115d9a7196fbfd6920b2690cbb427f"><code>1121a62</code></a>
fix(dict): Don't correct implementors</li>
<li><a
href="https://github.com/crate-ci/typos/commit/991878ee7836dc567b3478ec87191e3bd2e3db73"><code>991878e</code></a>
chore: Release</li>
<li><a
href="https://github.com/crate-ci/typos/commit/c89d673ca19e503777d7d71b76908d4dab2b5138"><code>c89d673</code></a>
chore(ci): Update builder image</li>
<li><a
href="https://github.com/crate-ci/typos/commit/0fad3ddc6e0fedf679217dcc61886fbeabd09346"><code>0fad3dd</code></a>
chore(deps): Update compatible (<a
href="https://redirect.github.com/crate-ci/typos/issues/1223">#1223</a>)</li>
<li><a
href="https://github.com/crate-ci/typos/commit/b65799a5c4a8931f965b1d7cbabca95913c2ab0a"><code>b65799a</code></a>
chore: Release</li>
<li><a
href="https://github.com/crate-ci/typos/commit/2c0968908d0d79fa0acaa67f017f9b539fab24c5"><code>2c09689</code></a>
docs: Update changelog</li>
<li><a
href="https://github.com/crate-ci/typos/commit/4af6a01f528aaca60cc5571e741ce05eb2d3f267"><code>4af6a01</code></a>
Merge pull request <a
href="https://redirect.github.com/crate-ci/typos/issues/1222">#1222</a>
from epage/jan</li>
<li>Additional commits viewable in <a
href="https://github.com/crate-ci/typos/compare/11ca4583f2f3f74c7e7785c0ecb20fe2c99a4308...51f257b946f503b768e522781f56e9b7b5570d48">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-02-17 12:49:20 +00:00