shishantbiswas/coder
1
0
Fork 0
mirror of https://github.com/coder/coder.git synced 2026-06-05 05:58:20 +00:00
Code Issues Packages Projects Releases Wiki Activity
10,619 Commits 1,149 Branches 344 Tags
0a3afeddc8a077dd90b472b04dcafe4ca1cd54eb
Commit Graph

41 Commits

Author SHA1 Message Date
Kyle Carberry 7b273b0b8c fix: add blink-so to contributors bypass (#18215) 2025-06-03 17:45:28 +00:00
Ben Potter 2a0a268946 chore: exempt blink agent from CLA (#18190) 2025-06-02 13:31:28 -04:00
Ethan 186a9b5bdc ci: fix not setting breaking label on ready_for_review (#16616) 
Noticed in my PR this wasn't getting added when I moved it out of draft: https://github.com/coder/coder/actions/runs/13406348393/job/37446868622

Related to https://github.com/coder/coder/pull/14667
 2025-02-20 13:01:41 +11:00
Ethan 8815b38c88 ci!: set pr write perms on release-labels (#16380) 
I'm pretty sure this is the fix, but I can't test it without merging it,
as `pull_request_target` causes the workflow to run using the workflow
on `main` (where the permissions aren't set).

This comment would seem to indicate that `pull_request_target` with PR
write perms does the trick:
https://github.com/actions/labeler/issues/136#issuecomment-1357839196

From what I can tell this job has been broken since ~nov '24, which
leads me to believe it was the permissions change made that month:
https://github.com/coder/coder/actions/runs/11915659159/job/33206435274
 2025-02-03 20:49:37 +11:00
M Atif Ali e37b7fc481 ci: fix cla and dependabot notifications jobs (#16343) 2025-01-31 14:17:47 +00:00
dependabot[bot] 84a54c1d7b ci: bump the github-actions group with 3 updates (#16299) 
Bumps the github-actions group with 3 updates:
[dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata),
[github/codeql-action](https://github.com/github/codeql-action) and
[umbrelladocs/action-linkspector](https://github.com/umbrelladocs/action-linkspector).

Updates `dependabot/fetch-metadata` from 2.2.0 to 2.3.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/dependabot/fetch-metadata/releases">dependabot/fetch-metadata's
releases</a>.</em></p>
<blockquote>
<h2>v2.3.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Bump actions/create-github-app-token from 1.10.2 to 1.10.3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/537">dependabot/fetch-metadata#537</a></li>
<li>Update readme to include an if conditional by <a
href="https://github.com/Nishnha"><code>@​Nishnha</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/548">dependabot/fetch-metadata#548</a></li>
<li>Silence audit and funding messages from <code>npm</code> by <a
href="https://github.com/jeffwidman"><code>@​jeffwidman</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/550">dependabot/fetch-metadata#550</a></li>
<li>Bump actions/create-github-app-token from 1.10.3 to 1.11.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/554">dependabot/fetch-metadata#554</a></li>
<li>fix readme action example by <a
href="https://github.com/CloudNStoyan"><code>@​CloudNStoyan</code></a>
in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/563">dependabot/fetch-metadata#563</a></li>
<li>Fixed missing outputs in action.yml by <a
href="https://github.com/CatChen"><code>@​CatChen</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/564">dependabot/fetch-metadata#564</a></li>
<li>Handle branch names containing dependency group by <a
href="https://github.com/CloudNStoyan"><code>@​CloudNStoyan</code></a>
in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/565">dependabot/fetch-metadata#565</a></li>
<li>v2.3.0 by <a
href="https://github.com/fetch-metadata-action-automation"><code>@​fetch-metadata-action-automation</code></a>
in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/543">dependabot/fetch-metadata#543</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/CloudNStoyan"><code>@​CloudNStoyan</code></a>
made their first contribution in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/563">dependabot/fetch-metadata#563</a></li>
<li><a href="https://github.com/CatChen"><code>@​CatChen</code></a> made
their first contribution in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/564">dependabot/fetch-metadata#564</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/dependabot/fetch-metadata/compare/v2...v2.3.0">https://github.com/dependabot/fetch-metadata/compare/v2...v2.3.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/dependabot/fetch-metadata/commit/d7267f607e9d3fb96fc2fbe83e0af444713e90b7"><code>d7267f6</code></a>
Merge pull request <a
href="https://redirect.github.com/dependabot/fetch-metadata/issues/543">#543</a>
from dependabot/bump-to-v2.3.0</li>
<li><a
href="https://github.com/dependabot/fetch-metadata/commit/e3dd295a04f6eccc15a116fc5cde058f1735c05d"><code>e3dd295</code></a>
v2.3.0</li>
<li><a
href="https://github.com/dependabot/fetch-metadata/commit/3da9521b8c62beab87c4d18ad1e9bd7fd7b9d3bf"><code>3da9521</code></a>
Merge pull request <a
href="https://redirect.github.com/dependabot/fetch-metadata/issues/565">#565</a>
from CloudNStoyan/main</li>
<li><a
href="https://github.com/dependabot/fetch-metadata/commit/de52f600152fa3f48a82e88e06e864cba8421436"><code>de52f60</code></a>
update build</li>
<li><a
href="https://github.com/dependabot/fetch-metadata/commit/59d2b1fb73ac123a1953e2ddc99ea8f1b869463a"><code>59d2b1f</code></a>
fix incorrect parsing of directory when using dependency-group</li>
<li><a
href="https://github.com/dependabot/fetch-metadata/commit/0d270694949cee4e6c179fc89629d95e0b9fb763"><code>0d27069</code></a>
Merge pull request <a
href="https://redirect.github.com/dependabot/fetch-metadata/issues/564">#564</a>
from CatChen/fixed-missing-outputs-in-action-yml</li>
<li><a
href="https://github.com/dependabot/fetch-metadata/commit/5a7546a6e709997b54d62d4e673a23eaa8621a26"><code>5a7546a</code></a>
Fixed missing outputs in action.yml</li>
<li><a
href="https://github.com/dependabot/fetch-metadata/commit/06ea45a2e4582d87b11f03c7ce596ae3261f39f6"><code>06ea45a</code></a>
Merge pull request <a
href="https://redirect.github.com/dependabot/fetch-metadata/issues/563">#563</a>
from CloudNStoyan/main</li>
<li><a
href="https://github.com/dependabot/fetch-metadata/commit/bbfca7ec1c0b06b16cc955f242ebc9f1c8daa4f4"><code>bbfca7e</code></a>
fix readme action example</li>
<li><a
href="https://github.com/dependabot/fetch-metadata/commit/b0d0393a82702c1819b5ae7ad6ea780cd8c18aae"><code>b0d0393</code></a>
Merge pull request <a
href="https://redirect.github.com/dependabot/fetch-metadata/issues/554">#554</a>
from dependabot/dependabot/github_actions/actions/cre...</li>
<li>Additional commits viewable in <a
href="https://github.com/dependabot/fetch-metadata/compare/dbb049abf0d677abbd7f7eee0375145b417fdd34...d7267f607e9d3fb96fc2fbe83e0af444713e90b7">compare
view</a></li>
</ul>
</details>
<br />

Updates `github/codeql-action` from 3.28.1 to 3.28.5
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.28.5</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.28.5 - 24 Jan 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2717">#2717</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.28.5/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
<h2>v3.28.4</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.28.4 - 23 Jan 2025</h2>
<p>No user facing changes.</p>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.28.4/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
<h2>v3.28.3</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.28.3 - 22 Jan 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.2. <a
href="https://redirect.github.com/github/codeql-action/pull/2707">#2707</a></li>
<li>Fix an issue downloading the CodeQL Bundle from a GitHub Enterprise
Server instance which occurred when the CodeQL Bundle had been synced to
the instance using the <a
href="https://github.com/github/codeql-action-sync-tool">CodeQL Action
sync tool</a> and the Actions runner did not have Zstandard installed.
<a
href="https://redirect.github.com/github/codeql-action/pull/2710">#2710</a></li>
<li>Uploading debug artifacts for CodeQL analysis is temporarily
disabled. <a
href="https://redirect.github.com/github/codeql-action/pull/2712">#2712</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.28.3/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
<h2>v3.28.2</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.28.2 - 21 Jan 2025</h2>
<p>No user facing changes.</p>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.28.2/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.28.5 - 24 Jan 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2717">#2717</a></li>
</ul>
<h2>3.28.4 - 23 Jan 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.3 - 22 Jan 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.2. <a
href="https://redirect.github.com/github/codeql-action/pull/2707">#2707</a></li>
<li>Fix an issue downloading the CodeQL Bundle from a GitHub Enterprise
Server instance which occurred when the CodeQL Bundle had been synced to
the instance using the <a
href="https://github.com/github/codeql-action-sync-tool">CodeQL Action
sync tool</a> and the Actions runner did not have Zstandard installed.
<a
href="https://redirect.github.com/github/codeql-action/pull/2710">#2710</a></li>
<li>Uploading debug artifacts for CodeQL analysis is temporarily
disabled. <a
href="https://redirect.github.com/github/codeql-action/pull/2712">#2712</a></li>
</ul>
<h2>3.28.2 - 21 Jan 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.1 - 10 Jan 2025</h2>
<ul>
<li>CodeQL Action v2 is now deprecated, and is no longer updated or
supported. For better performance, improved security, and new features,
upgrade to v3. For more information, see <a
href="https://github.blog/changelog/2025-01-10-code-scanning-codeql-action-v2-is-now-deprecated/">this
changelog post</a>. <a
href="https://redirect.github.com/github/codeql-action/pull/2677">#2677</a></li>
<li>Update default CodeQL bundle version to 2.20.1. <a
href="https://redirect.github.com/github/codeql-action/pull/2678">#2678</a></li>
</ul>
<h2>3.28.0 - 20 Dec 2024</h2>
<ul>
<li>Bump the minimum CodeQL bundle version to 2.15.5. <a
href="https://redirect.github.com/github/codeql-action/pull/2655">#2655</a></li>
<li>Don't fail in the unusual case that a file is on the search path. <a
href="https://redirect.github.com/github/codeql-action/pull/2660">#2660</a>.</li>
</ul>
<h2>3.27.9 - 12 Dec 2024</h2>
<p>No user facing changes.</p>
<h2>3.27.8 - 12 Dec 2024</h2>
<ul>
<li>Fixed an issue where streaming the download and extraction of the
CodeQL bundle did not respect proxy settings. <a
href="https://redirect.github.com/github/codeql-action/pull/2624">#2624</a></li>
</ul>
<h2>3.27.7 - 10 Dec 2024</h2>
<ul>
<li>We are rolling out a change in December 2024 that will extract the
CodeQL bundle directly to the toolcache to improve performance. <a
href="https://redirect.github.com/github/codeql-action/pull/2631">#2631</a></li>
<li>Update default CodeQL bundle version to 2.20.0. <a
href="https://redirect.github.com/github/codeql-action/pull/2636">#2636</a></li>
</ul>
<h2>3.27.6 - 03 Dec 2024</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/f6091c0113d1dcf9b98e269ee48e8a7e51b7bdd4"><code>f6091c0</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2721">#2721</a>
from github/update-v3.28.5-01f001931</li>
<li><a
href="https://github.com/github/codeql-action/commit/064af10f0de41995b41632364b4bfb00a34df047"><code>064af10</code></a>
Update changelog for v3.28.5</li>
<li><a
href="https://github.com/github/codeql-action/commit/01f0019310ce544d1cf748667a69f8fd6e26e48a"><code>01f0019</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2717">#2717</a>
from github/update-bundle/codeql-bundle-v2.20.3</li>
<li><a
href="https://github.com/github/codeql-action/commit/573ad887cd5b527e9baef02653bd455e1ff5181c"><code>573ad88</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2718">#2718</a>
from github/kaeluka/4779-1</li>
<li><a
href="https://github.com/github/codeql-action/commit/d7f39764f685cbe3764f763469a0d72383d7b9c8"><code>d7f3976</code></a>
permissions block in query-filters.yml</li>
<li><a
href="https://github.com/github/codeql-action/commit/428975ce2cf327a0e919004c63e734eddd0e6255"><code>428975c</code></a>
Add changelog note</li>
<li><a
href="https://github.com/github/codeql-action/commit/208091da0a1069394981cdf5e7a91a8ee3f10709"><code>208091d</code></a>
Update default bundle to codeql-bundle-v2.20.3</li>
<li><a
href="https://github.com/github/codeql-action/commit/7e3036b9cd87fc26dd06747b7aa4b96c27aaef3a"><code>7e3036b</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2716">#2716</a>
from github/mergeback/v3.28.4-to-main-ee117c90</li>
<li><a
href="https://github.com/github/codeql-action/commit/e32a0d62d44ac06377953bfaf3ffd43618be076a"><code>e32a0d6</code></a>
Update checked-in dependencies</li>
<li><a
href="https://github.com/github/codeql-action/commit/67c21e4084d5e020fbc969b839d42911b87fb8b5"><code>67c21e4</code></a>
Update changelog and version after v3.28.4</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/b6a472f63d85b9c78a3ac5e89422239fc15e9b3c...f6091c0113d1dcf9b98e269ee48e8a7e51b7bdd4">compare
view</a></li>
</ul>
</details>
<br />

Updates `umbrelladocs/action-linkspector` from 1.2.4 to 1.2.5
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/umbrelladocs/action-linkspector/releases">umbrelladocs/action-linkspector's
releases</a>.</em></p>
<blockquote>
<h2>Release v1.2.5</h2>
<h2>What's Changed</h2>
<ul>
<li>fix: disable AppArmor user namespace restrictions on the runner by
<a href="https://github.com/Realiserad"><code>@​Realiserad</code></a> in
<a
href="https://redirect.github.com/UmbrellaDocs/action-linkspector/pull/34">UmbrellaDocs/action-linkspector#34</a></li>
<li>chore(deps): update reviewdog/reviewdog to 0.20.3 by <a
href="https://github.com/github-actions"><code>@​github-actions</code></a>
in <a
href="https://redirect.github.com/UmbrellaDocs/action-linkspector/pull/31">UmbrellaDocs/action-linkspector#31</a></li>
<li>Add fail_level argument and deprecate fail_on_error by <a
href="https://github.com/bitcoin-tools"><code>@​bitcoin-tools</code></a>
in <a
href="https://redirect.github.com/UmbrellaDocs/action-linkspector/pull/23">UmbrellaDocs/action-linkspector#23</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/Realiserad"><code>@​Realiserad</code></a> made
their first contribution in <a
href="https://redirect.github.com/UmbrellaDocs/action-linkspector/pull/34">UmbrellaDocs/action-linkspector#34</a></li>
<li><a
href="https://github.com/bitcoin-tools"><code>@​bitcoin-tools</code></a>
made their first contribution in <a
href="https://redirect.github.com/UmbrellaDocs/action-linkspector/pull/23">UmbrellaDocs/action-linkspector#23</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/UmbrellaDocs/action-linkspector/compare/v1.2.4...UmbrellaDocs:release-1.2.5">https://github.com/UmbrellaDocs/action-linkspector/compare/v1.2.4...UmbrellaDocs:release-1.2.5</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/UmbrellaDocs/action-linkspector/commit/de84085e0f51452a470558693d7d308fbb2fa261"><code>de84085</code></a>
Merge pull request <a
href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/35">#35</a>
from UmbrellaDocs/release-1.2.5</li>
<li><a
href="https://github.com/UmbrellaDocs/action-linkspector/commit/c6a59a6bf98fa2b8a152acaeff16921a3e39bc7b"><code>c6a59a6</code></a>
Added sample usage</li>
<li><a
href="https://github.com/UmbrellaDocs/action-linkspector/commit/21ce8cd6fc4d2812628c7d6a353ea86bf085eb59"><code>21ce8cd</code></a>
Merge pull request <a
href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/23">#23</a>
from bitcoin-tools/deprecate-fail-on-error</li>
<li><a
href="https://github.com/UmbrellaDocs/action-linkspector/commit/e62bb2d5a68b84dfc5c0d1f61b133585a16ade13"><code>e62bb2d</code></a>
Fix YAML issues</li>
<li><a
href="https://github.com/UmbrellaDocs/action-linkspector/commit/64e2b9bf4f671dd0c213d87f40148216b4a0882a"><code>64e2b9b</code></a>
mitigate risk of untrusted inputs and define shell</li>
<li><a
href="https://github.com/UmbrellaDocs/action-linkspector/commit/e376d76f51c09def617e6cff4a49d04956213a15"><code>e376d76</code></a>
add backwards-compatability for <code>fail_on_error</code></li>
<li><a
href="https://github.com/UmbrellaDocs/action-linkspector/commit/c6a531461dff91607a44a0221d82d3c087d5aeb1"><code>c6a5314</code></a>
replace deprecated option with fail_level</li>
<li><a
href="https://github.com/UmbrellaDocs/action-linkspector/commit/b8d796f06117f0151d00b6131c5c6ae9884c8ddf"><code>b8d796f</code></a>
Merge pull request <a
href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/31">#31</a>
from UmbrellaDocs/depup/reviewdog/reviewdog</li>
<li><a
href="https://github.com/UmbrellaDocs/action-linkspector/commit/cde5159538b1a07765b494a136968cb9833df246"><code>cde5159</code></a>
Merge pull request <a
href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/34">#34</a>
from Realiserad/main</li>
<li><a
href="https://github.com/UmbrellaDocs/action-linkspector/commit/d32de29fc2dd0fcdcf3da8f8a95e0a0c15f30e26"><code>d32de29</code></a>
fix: disable AppArmor user namespace restrictions on the runner</li>
<li>Additional commits viewable in <a
href="https://github.com/umbrelladocs/action-linkspector/compare/fc382e19892aca958e189954912fe379a8df270c...de84085e0f51452a470558693d7d308fbb2fa261">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-01-27 13:10:49 +00:00
M Atif Ali 8b5d22fdd2 ci: change PR merge strategy to squash in contrib workflow (#16297) 2025-01-27 12:25:42 +00:00
M Atif Ali 4e1c0eb743 ci: grant 'contents' write permission to auto-merge dependabot PRs (#16293) 2025-01-27 17:08:03 +05:00
M Atif Ali 7d6b73552a chore: remove patch condition for dependabot PRs (#16279) 2025-01-27 11:51:37 +00:00
Muhammad Atif Ali 84081e90eb chore: notify on auto merged dependabot PRs (#16234) 2025-01-23 15:38:54 +05:00
Muhammad Atif Ali f495ff07b7 chore: auto merge dependabot PRs for patch updates (#16222) 2025-01-22 21:24:07 +05:00
dependabot[bot] f8844cab0a ci: bump the github-actions group with 4 updates (#16192) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Muhammad Atif Ali <atif@coder.com>
 2025-01-21 15:31:30 +00:00
Ethan ea9e39d87c fix: give cla workflow pull request write permissions (#15820) 
When https://github.com/coder/coder/pull/15349 was added, it implicitly
set all the other permissions to none.

From
https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/controlling-permissions-for-github_token
> If you specify the access for any of these permissions, all of those
that are not specified are set to none.
 2024-12-11 15:53:08 +11:00
Dean Sheather 018723c6b0 chore: use cdrci2 account for CLA (#15783) 2024-12-09 22:30:41 +10:00
dependabot[bot] 9e78aaeea3 ci: bump the github-actions group with 3 updates (#15649) 
Bumps the github-actions group with 3 updates:
[step-security/harden-runner](https://github.com/step-security/harden-runner),
[github/codeql-action](https://github.com/github/codeql-action) and
[aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action).

Updates `step-security/harden-runner` from 2.10.1 to 2.10.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's
releases</a>.</em></p>
<blockquote>
<h2>v2.10.2</h2>
<h2>What's Changed</h2>
<ol>
<li>
<p>Fixes low-severity command injection weaknesses
The advisory is here: <a
href="https://github.com/step-security/harden-runner/security/advisories/GHSA-g85v-wf27-67xc">https://github.com/step-security/harden-runner/security/advisories/GHSA-g85v-wf27-67xc</a></p>
</li>
<li>
<p>Bug fix to improve detection of whether Harden-Runner is running in a
container</p>
</li>
</ol>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/step-security/harden-runner/compare/v2...v2.10.2">https://github.com/step-security/harden-runner/compare/v2...v2.10.2</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/step-security/harden-runner/commit/0080882f6c36860b6ba35c610c98ce87d4e2f26f"><code>0080882</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/476">#476</a>
from step-security/rc-16</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/4a3a88bbf8f2e304f84e1042472c02dce37eba82"><code>4a3a88b</code></a>
Update dist</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/556aae632a6c1f630efa52e90d706218618e5f2f"><code>556aae6</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/480">#480</a>
from h0x0er/jatin/cleanup</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/6c39b8466160e86ad8606033d399fe7f4052aee1"><code>6c39b84</code></a>
chore: clean the code</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/40401cf6183a0ab2dae5c7e485c1d073fe911e91"><code>40401cf</code></a>
Update for isdocker</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/806ab1cccb47a439a89d5f8f85d3ea41a7fb1e4c"><code>806ab1c</code></a>
Update check for isdocker</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/28468118cdb665b2214b64175253b83fcb4b25f6"><code>2846811</code></a>
update dist</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/df8a07c1712fac199e8d6e78d64a46092afffa44"><code>df8a07c</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/475">#475</a>
from h0x0er/fix-execSync</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/30636fb583e59a926da2f17677e5cd3b63cf1be1"><code>30636fb</code></a>
bug fixes</li>
<li>See full diff in <a
href="https://github.com/step-security/harden-runner/compare/91182cccc01eb5e619899d80e4e971d6181294a7...0080882f6c36860b6ba35c610c98ce87d4e2f26f">compare
view</a></li>
</ul>
</details>
<br />

Updates `github/codeql-action` from 3.27.4 to 3.27.5
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.27.5</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<p>Note that the only difference between <code>v2</code> and
<code>v3</code> of the CodeQL Action is the node version they support,
with <code>v3</code> running on node 20 while we continue to release
<code>v2</code> to support running on node 16. For example
<code>3.22.11</code> was the first <code>v3</code> release and is
functionally identical to <code>2.22.11</code>. This approach ensures an
easy way to track exactly which features are included in different
versions, indicated by the minor and patch version numbers.</p>
<h2>3.27.5 - 19 Nov 2024</h2>
<p>No user facing changes.</p>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.27.5/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<p>Note that the only difference between <code>v2</code> and
<code>v3</code> of the CodeQL Action is the node version they support,
with <code>v3</code> running on node 20 while we continue to release
<code>v2</code> to support running on node 16. For example
<code>3.22.11</code> was the first <code>v3</code> release and is
functionally identical to <code>2.22.11</code>. This approach ensures an
easy way to track exactly which features are included in different
versions, indicated by the minor and patch version numbers.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.27.5 - 19 Nov 2024</h2>
<p>No user facing changes.</p>
<h2>3.27.4 - 14 Nov 2024</h2>
<p>No user facing changes.</p>
<h2>3.27.3 - 12 Nov 2024</h2>
<p>No user facing changes.</p>
<h2>3.27.2 - 12 Nov 2024</h2>
<ul>
<li>Fixed an issue where setting up the CodeQL tools would sometimes
fail with the message &quot;Invalid value 'undefined' for header
'authorization'&quot;. <a
href="https://redirect.github.com/github/codeql-action/pull/2590">#2590</a></li>
</ul>
<h2>3.27.1 - 08 Nov 2024</h2>
<ul>
<li>The CodeQL Action now downloads bundles compressed using Zstandard
on GitHub Enterprise Server when using Linux or macOS runners. This
speeds up the installation of the CodeQL tools. This feature is already
available to GitHub.com users. <a
href="https://redirect.github.com/github/codeql-action/pull/2573">#2573</a></li>
<li>Update default CodeQL bundle version to 2.19.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2576">#2576</a></li>
</ul>
<h2>3.27.0 - 22 Oct 2024</h2>
<ul>
<li>Bump the minimum CodeQL bundle version to 2.14.6. <a
href="https://redirect.github.com/github/codeql-action/pull/2549">#2549</a></li>
<li>Fix an issue where the <code>upload-sarif</code> Action would fail
with &quot;upload-sarif post-action step failed: Input required and not
supplied: token&quot; when called in a composite Action that had a
different set of inputs to the ones expected by the
<code>upload-sarif</code> Action. <a
href="https://redirect.github.com/github/codeql-action/pull/2557">#2557</a></li>
<li>Update default CodeQL bundle version to 2.19.2. <a
href="https://redirect.github.com/github/codeql-action/pull/2552">#2552</a></li>
</ul>
<h2>3.26.13 - 14 Oct 2024</h2>
<p>No user facing changes.</p>
<h2>3.26.12 - 07 Oct 2024</h2>
<ul>
<li>
<p><em>Upcoming breaking change</em>: Add a deprecation warning for
customers using CodeQL version 2.14.5 and earlier. These versions of
CodeQL were discontinued on 24 September 2024 alongside GitHub
Enterprise Server 3.10, and will be unsupported by CodeQL Action
versions 3.27.0 and later and versions 2.27.0 and later. <a
href="https://redirect.github.com/github/codeql-action/pull/2520">#2520</a></p>
<ul>
<li>
<p>If you are using one of these versions, please update to CodeQL CLI
version 2.14.6 or later. For instance, if you have specified a custom
version of the CLI using the 'tools' input to the 'init' Action, you can
remove this input to use the default version.</p>
</li>
<li>
<p>Alternatively, if you want to continue using a version of the CodeQL
CLI between 2.13.5 and 2.14.5, you can replace
<code>github/codeql-action/*@v3</code> by
<code>github/codeql-action/*@v3.26.11</code> and
<code>github/codeql-action/*@v2</code> by
<code>github/codeql-action/*@v2.26.11</code> in your code scanning
workflow to ensure you continue using this version of the CodeQL
Action.</p>
</li>
</ul>
</li>
</ul>
<h2>3.26.11 - 03 Oct 2024</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/f09c1c0a94de965c15400f5634aa42fac8fb8f88"><code>f09c1c0</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2616">#2616</a>
from github/update-v3.27.5-a6c8729a5</li>
<li><a
href="https://github.com/github/codeql-action/commit/67b73eaba559c7e6913377065b0362ccbfc94e87"><code>67b73ea</code></a>
Update changelog for v3.27.5</li>
<li><a
href="https://github.com/github/codeql-action/commit/a6c8729a5d7573eb8d440e52a9645ce4db61d97c"><code>a6c8729</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2614">#2614</a>
from github/marcogario/per-platform-proxy</li>
<li><a
href="https://github.com/github/codeql-action/commit/8f3b48727ff1b076c28967a258b95fcee30a3a48"><code>8f3b487</code></a>
Start-proxy: Fetch OS specific binary</li>
<li><a
href="https://github.com/github/codeql-action/commit/cba5fb58d4f85affaf03eb9da32f5b6c9d76838b"><code>cba5fb5</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2613">#2613</a>
from github/dependabot/npm_and_yarn/npm_and_yarn-018...</li>
<li><a
href="https://github.com/github/codeql-action/commit/e782c3a145d9946aba8fa390e406acbe4e4c05c5"><code>e782c3a</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2612">#2612</a>
from github/angelapwen/report-linux-runner-release</li>
<li><a
href="https://github.com/github/codeql-action/commit/db6788195b646f87b3d1c616b0c14a6d5b7fa9a6"><code>db67881</code></a>
Update checked-in dependencies</li>
<li><a
href="https://github.com/github/codeql-action/commit/ecde4d232d18cf2dba6c1a6b76810332abff736f"><code>ecde4d2</code></a>
Bump cross-spawn from 7.0.3 to 7.0.6 in the npm_and_yarn group</li>
<li><a
href="https://github.com/github/codeql-action/commit/e3c67a01d31d9c173ba5ffccc9d0f275540d99de"><code>e3c67a0</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2610">#2610</a>
from github/dependabot/npm_and_yarn/npm-d2ca52e617</li>
<li><a
href="https://github.com/github/codeql-action/commit/f9ada54538b47b6db28c4d11f53848689968909e"><code>f9ada54</code></a>
Telemetry: report OS release for GitHub-hosted Linux runners</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/ea9e4e37992a54ee68a9622e985e60c8e8f12d9f...f09c1c0a94de965c15400f5634aa42fac8fb8f88">compare
view</a></li>
</ul>
</details>
<br />

Updates `aquasecurity/trivy-action` from 0.28.0 to 0.29.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/aquasecurity/trivy-action/releases">aquasecurity/trivy-action's
releases</a>.</em></p>
<blockquote>
<h2>v0.29.0</h2>
<h2>What's Changed</h2>
<ul>
<li>feat: Allow skipping setup by <a
href="https://github.com/rvesse"><code>@​rvesse</code></a> in <a
href="https://redirect.github.com/aquasecurity/trivy-action/pull/414">aquasecurity/trivy-action#414</a></li>
<li>Fix oras command not found in &quot;Update Trivy Cache&quot; action
by <a href="https://github.com/Tiryoh"><code>@​Tiryoh</code></a> in <a
href="https://redirect.github.com/aquasecurity/trivy-action/pull/413">aquasecurity/trivy-action#413</a></li>
<li>Update README.md by <a
href="https://github.com/simar7"><code>@​simar7</code></a> in <a
href="https://redirect.github.com/aquasecurity/trivy-action/pull/420">aquasecurity/trivy-action#420</a></li>
<li>feat: add token for <code>setup-trivy</code> by <a
href="https://github.com/DmitriyLewen"><code>@​DmitriyLewen</code></a>
in <a
href="https://redirect.github.com/aquasecurity/trivy-action/pull/421">aquasecurity/trivy-action#421</a></li>
<li>fix: bump <code>setup-trivy</code> and add new <code>contrib</code>
directory path info by <a
href="https://github.com/DmitriyLewen"><code>@​DmitriyLewen</code></a>
in <a
href="https://redirect.github.com/aquasecurity/trivy-action/pull/424">aquasecurity/trivy-action#424</a></li>
<li>docs: remove ignore-unfixed from IaC scan example by <a
href="https://github.com/nikpivkin"><code>@​nikpivkin</code></a> in <a
href="https://redirect.github.com/aquasecurity/trivy-action/pull/429">aquasecurity/trivy-action#429</a></li>
<li>chore(deps): Bump trivy to v0.57.1 by <a
href="https://github.com/simar7"><code>@​simar7</code></a> in <a
href="https://redirect.github.com/aquasecurity/trivy-action/pull/434">aquasecurity/trivy-action#434</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/rvesse"><code>@​rvesse</code></a> made
their first contribution in <a
href="https://redirect.github.com/aquasecurity/trivy-action/pull/414">aquasecurity/trivy-action#414</a></li>
<li><a href="https://github.com/Tiryoh"><code>@​Tiryoh</code></a> made
their first contribution in <a
href="https://redirect.github.com/aquasecurity/trivy-action/pull/413">aquasecurity/trivy-action#413</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/aquasecurity/trivy-action/compare/0.28.0...0.29.0">https://github.com/aquasecurity/trivy-action/compare/0.28.0...0.29.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/aquasecurity/trivy-action/commit/18f2510ee396bbf400402947b394f2dd8c87dbb0"><code>18f2510</code></a>
chore(deps): Bump trivy to v0.57.1 (<a
href="https://redirect.github.com/aquasecurity/trivy-action/issues/434">#434</a>)</li>
<li><a
href="https://github.com/aquasecurity/trivy-action/commit/93941cebba762da4c91a91883859bf1bfb221c73"><code>93941ce</code></a>
docs: remove ignore-unfixed from IaC scan example (<a
href="https://redirect.github.com/aquasecurity/trivy-action/issues/429">#429</a>)</li>
<li><a
href="https://github.com/aquasecurity/trivy-action/commit/d2a392a13760cb64cb6bbd31d4bed2a7d9a5298d"><code>d2a392a</code></a>
fix: bump <code>setup-trivy</code> and add new <code>contrib</code>
directory path info (<a
href="https://redirect.github.com/aquasecurity/trivy-action/issues/424">#424</a>)</li>
<li><a
href="https://github.com/aquasecurity/trivy-action/commit/ee8934673cc18947baf4b05c01c4100ff36648da"><code>ee89346</code></a>
feat: add token for <code>setup-trivy</code> (<a
href="https://redirect.github.com/aquasecurity/trivy-action/issues/421">#421</a>)</li>
<li><a
href="https://github.com/aquasecurity/trivy-action/commit/cf990b19d84bbbe1eb8833659989a7c1029132e3"><code>cf990b1</code></a>
Update README.md (<a
href="https://redirect.github.com/aquasecurity/trivy-action/issues/420">#420</a>)</li>
<li><a
href="https://github.com/aquasecurity/trivy-action/commit/bff40be51b9207cf8f2148d628a9836cc7370247"><code>bff40be</code></a>
docs: Fix oras command not found (<a
href="https://redirect.github.com/aquasecurity/trivy-action/issues/413">#413</a>)</li>
<li><a
href="https://github.com/aquasecurity/trivy-action/commit/fc1500abdcdc9fc681e98d8912a52fa70dbc67de"><code>fc1500a</code></a>
feat: Allow skipping setup (<a
href="https://redirect.github.com/aquasecurity/trivy-action/issues/414">#414</a>)</li>
<li>See full diff in <a
href="https://github.com/aquasecurity/trivy-action/compare/915b19bbe73b92a6cf82a1bc12b087c9a19a5fe2...18f2510ee396bbf400402947b394f2dd8c87dbb0">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-11-26 16:24:10 +05:00
Muhammad Atif Ali 3a5a42ffa9 chore: update workflow permissions (#15349) 2024-11-04 11:09:40 +05:00
Muhammad Atif Ali 8e254cbb07 chore: integrate step-security/harden-runner in workflows (#15099) 
Redoing #15097
Part of #14879
 2024-10-16 11:23:00 -07:00
Muhammad Atif Ali 57a65c15bf chore: use commit sha for GitHub actions (#15019) 
Use specific commit SHAs for GitHub actions across various workflows to
enhance reliability and reproducibility. This change ensures that
actions run against a known version, reducing the risk of unexpected
issues due to updates in the third-party action repositories.

This contributes to improving the score in #14879
 2024-10-14 08:49:55 -07:00
dependabot[bot] 0623531ab8 ci: bump contributor-assistant/github-action from 2.6.0 to 2.6.1 in the github-actions group (#14870) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-10-01 17:33:10 +00:00
dependabot[bot] 86a82b5a2a ci: bump the github-actions group with 2 updates (#14770) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-09-25 19:40:06 +05:00
Mathias Fredriksson 7780087526 ci(.github): run release-labels when draft PRs are ready (#14667) 2024-09-13 12:41:45 +00:00
Mathias Fredriksson 95fc962871 ci(.github): remove success from release-labels job (#14664) 
It used to depend on another job which has since been removed.
 2024-09-13 11:28:27 +03:00
dependabot[bot] f007c90a30 ci: bump contributor-assistant/github-action (#14345) 
Bumps the github-actions group with 1 update in the / directory: [contributor-assistant/github-action](https://github.com/contributor-assistant/github-action).


Updates `contributor-assistant/github-action` from 2.4.0 to 2.5.1
- [Release notes](https://github.com/contributor-assistant/github-action/releases)
- [Commits](https://github.com/contributor-assistant/github-action/compare/v2.4.0...v2.5.1)

---
updated-dependencies:
- dependency-name: contributor-assistant/github-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-08-19 21:53:20 +03:00
dependabot[bot] 8c9560ddb8 ci: bump the github-actions group with 2 updates (#13238) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-10 17:38:07 +00:00
dependabot[bot] 064a08efa5 ci: bump the github-actions group with 1 update (#12743) 
Bumps the github-actions group with 1 update: [contributor-assistant/github-action](https://github.com/contributor-assistant/github-action).


Updates `contributor-assistant/github-action` from 2.3.1 to 2.3.2
- [Release notes](https://github.com/contributor-assistant/github-action/releases)
- [Commits](https://github.com/contributor-assistant/github-action/compare/v2.3.1...v2.3.2)

---
updated-dependencies:
- dependency-name: contributor-assistant/github-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-25 23:40:35 +03:00
dependabot[bot] 52ec3edd5d ci: bump the github-actions group with 4 updates (#12019) 
Bumps the github-actions group with 4 updates: [buildjet/cache](https://github.com/buildjet/cache), [crate-ci/typos](https://github.com/crate-ci/typos), [codecov/codecov-action](https://github.com/codecov/codecov-action) and [hmarr/auto-approve-action](https://github.com/hmarr/auto-approve-action).


Updates `buildjet/cache` from 3 to 4
- [Changelog](https://github.com/BuildJet/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/buildjet/cache/compare/v3...v4)

Updates `crate-ci/typos` from 1.17.2 to 1.18.0
- [Release notes](https://github.com/crate-ci/typos/releases)
- [Changelog](https://github.com/crate-ci/typos/blob/master/CHANGELOG.md)
- [Commits](https://github.com/crate-ci/typos/compare/v1.17.2...v1.18.0)

Updates `codecov/codecov-action` from 3 to 4
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/codecov/codecov-action/compare/v3...v4)

Updates `hmarr/auto-approve-action` from 3 to 4
- [Release notes](https://github.com/hmarr/auto-approve-action/releases)
- [Commits](https://github.com/hmarr/auto-approve-action/compare/v3...v4)

---
updated-dependencies:
- dependency-name: buildjet/cache
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: crate-ci/typos
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: hmarr/auto-approve-action
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-02-05 14:46:05 +00:00
dependabot[bot] c14c1cce13 ci: bump the github-actions group with 1 update (#10694) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-11-14 20:15:52 +00:00
dependabot[bot] eb72866a29 ci: bump the github-actions group with 2 updates (#9722) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-09-18 11:15:56 +00:00
Ben Potter f96622f192 chore: add exempt users to CLAbot allowlist (#9292) 2023-08-23 23:17:22 +00:00
Muhammad Atif Ali be1013899f chore: use names for all GitHub actions steps and use sqlc setup action (#8495) 2023-07-13 22:46:18 +03:00
Muhammad Atif Ali 80269ba1b9 hotfix(.github): fix dependency in contrib.yaml (#7754) 
`title` job was removed in #7743, so this job was falling.
 2023-06-01 10:29:07 +03:00
Ammar Bandukwala 828f33ac7b hotfix(.github): remove legacy title validator (#7743) 
* hotfix(.github): remove legacy title validator

`cdr-bot` centralizes the behavior and can enforce stricter
standards.

* Increase jest timeout
 2023-05-31 19:39:41 +00:00
Muhammad Atif Ali ce6b698048 hotfix(ci): fix a syntax issue in contrib.yaml (#7727) 2023-05-31 07:21:25 +00:00
Ammar Bandukwala 867996aa18 chore(.github): specify PR types 2023-05-30 23:57:45 +00:00
Kyle Carberry 4c204fc348 chore: ensure auto-approve-docs has a deep enough depth (#6484) 
* chore: ensure auto-approve-docs has a deep enough depth

This was failing on numerous PRs.

* Remove check because it isn't working
 2023-03-07 10:05:00 -06:00
Ben Potter 02100c64b5 fix: docs auto-approval (#6450) 
* fix: docs auto-approval

* empty commit
 2023-03-06 13:31:07 -06:00
Ammar Bandukwala 02f0968b33 chore: automatically approve Ben's docs PRs (#6444) 2023-03-04 08:07:45 -06:00
dependabot[bot] b56e1bb002 chore: bump contributor-assistant/github-action from 2.2.1 to 2.3.0 (#6384) 
Bumps [contributor-assistant/github-action](https://github.com/contributor-assistant/github-action) from 2.2.1 to 2.3.0.
- [Release notes](https://github.com/contributor-assistant/github-action/releases)
- [Commits](https://github.com/contributor-assistant/github-action/compare/v2.2.1...v2.3.0)

---
updated-dependencies:
- dependency-name: contributor-assistant/github-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-03-01 09:18:01 -06:00
Kyle Carberry e49f41652f chore: merge codeql checks to run in parallel (#5907) 
* chore: merge codeql checks to run in parallel

This reduces a check and should maintain ~the same CI time.

* fix: close reconnecting pty conn when exiting agent

Fixes https://github.com/coder/coder/actions/runs/4038282899/jobs/6942170850

* Fix closing when agent fails

* Fix conpty

* Fix contrib

* Skip runner tests for being flakes

* Fix gpg key test

* Fix golden files

* Fix comments

* Fix closed

* Fix capitalized title

* Add a timeout when checking for dead links
 2023-01-29 15:28:22 -06:00
Kyle Carberry 8487127f5c chore: skip reconnecting pty scale tests (#5908) 
* fix: close reconnecting pty conn when exiting agent

Fixes https://github.com/coder/coder/actions/runs/4038282899/jobs/6942170850

* Fix conpty

* Fix contrib

* Skip runner tests for being flakes

* Fix gpg key test

* Fix golden files

* Fix comments
 2023-01-29 14:53:49 -06:00
Kyle Carberry 33c6260efb chore: merge CI linting jobs (#5904) 
* chore: merge CI linting jobs

* Merge the `markdown-lint-check` step into `lint`

* Rename `coder.yaml` to `ci.yaml`

* Improve casing of security workflow

* Remove unused workflows and merge into contrib

* Format ci.yaml

* Fix CodeQL language

* Fix github action name
 2023-01-29 13:16:48 -06:00