shishantbiswas/coder
1
0
Fork 0
mirror of https://github.com/coder/coder.git synced 2026-06-03 13:08:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
10,619 Commits 1,141 Branches 344 Tags
0a3afeddc8a077dd90b472b04dcafe4ca1cd54eb
Commit Graph

145 Commits

Author SHA1 Message Date
Jakub Domeracki 408e19fd98 fix: adjust the condition to actually run this step from release branches (#19187) 
fix: adjust the condition to actually run this step from release branches
 2025-08-06 10:06:23 +02:00
dependabot[bot] 5df3bf713c ci: bump the github-actions group with 6 updates (#19149) 
Bumps the github-actions group with 6 updates:

| Package | From | To |
| --- | --- | --- |
|
[step-security/harden-runner](https://github.com/step-security/harden-runner)
| `2.12.2` | `2.13.0` |
| [chromaui/action](https://github.com/chromaui/action) | `13.1.2` |
`13.1.3` |
|
[google-github-actions/auth](https://github.com/google-github-actions/auth)
| `2.1.11` | `2.1.12` |
|
[tj-actions/changed-files](https://github.com/tj-actions/changed-files)
| `055970845dd036d7345da7399b7e89f2e10f2b04` |
`c2ca2493190021783138cb8aac49bcee14b4bb89` |
| [tj-actions/branch-names](https://github.com/tj-actions/branch-names)
| `8.2.1` | `9.0.2` |
| [github/codeql-action](https://github.com/github/codeql-action) |
`3.29.3` | `3.29.5` |

Updates `step-security/harden-runner` from 2.12.2 to 2.13.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's
releases</a>.</em></p>
<blockquote>
<h2>v2.13.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Improved job markdown summary</li>
<li>Https monitoring for all domains (included with the enterprise
tier)</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/step-security/harden-runner/compare/v2...v2.13.0">https://github.com/step-security/harden-runner/compare/v2...v2.13.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/step-security/harden-runner/commit/ec9f2d5744a09debf3a187a3f4f675c53b671911"><code>ec9f2d5</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/565">#565</a>
from step-security/rc-24</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/04bcbc31cfcefe0cf4720832008735021cec5ec4"><code>04bcbc3</code></a>
update agent</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/7c7a56fcaa124ab72fff1cc3e81257f264fd7317"><code>7c7a56f</code></a>
feat: get job summary from API</li>
<li>See full diff in <a
href="https://github.com/step-security/harden-runner/compare/v2.12.2...ec9f2d5744a09debf3a187a3f4f675c53b671911">compare
view</a></li>
</ul>
</details>
<br />

Updates `chromaui/action` from 13.1.2 to 13.1.3
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/chromaui/action/commit/58d9ffb36c90c97a02d061544ecc849cc4a242a9"><code>58d9ffb</code></a>
v13.1.3</li>
<li>See full diff in <a
href="https://github.com/chromaui/action/compare/4d8ebd13658d795114f8051e25c28d66f14886c6...58d9ffb36c90c97a02d061544ecc849cc4a242a9">compare
view</a></li>
</ul>
</details>
<br />

Updates `google-github-actions/auth` from 2.1.11 to 2.1.12
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/google-github-actions/auth/releases">google-github-actions/auth's
releases</a>.</em></p>
<blockquote>
<h2>v2.1.12</h2>
<h2>What's Changed</h2>
<ul>
<li>Add retries for getIDToken by <a
href="https://github.com/sethvargo"><code>@​sethvargo</code></a> in <a
href="https://redirect.github.com/google-github-actions/auth/pull/502">google-github-actions/auth#502</a></li>
<li>Release: v2.1.12 by <a
href="https://github.com/google-github-actions-bot"><code>@​google-github-actions-bot</code></a>
in <a
href="https://redirect.github.com/google-github-actions/auth/pull/503">google-github-actions/auth#503</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/google-github-actions/auth/compare/v2.1.11...v2.1.12">https://github.com/google-github-actions/auth/compare/v2.1.11...v2.1.12</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/google-github-actions/auth/commit/b7593ed2efd1c1617e1b0254da33b86225adb2a5"><code>b7593ed</code></a>
Release: v2.1.12 (<a
href="https://redirect.github.com/google-github-actions/auth/issues/503">#503</a>)</li>
<li><a
href="https://github.com/google-github-actions/auth/commit/c1ee334b4fb145a02e9d8343bb2e9f0dd06e586b"><code>c1ee334</code></a>
Add retries for getIDToken (<a
href="https://redirect.github.com/google-github-actions/auth/issues/502">#502</a>)</li>
<li>See full diff in <a
href="https://github.com/google-github-actions/auth/compare/140bb5113ffb6b65a7e9b937a81fa96cf5064462...b7593ed2efd1c1617e1b0254da33b86225adb2a5">compare
view</a></li>
</ul>
</details>
<br />

Updates `tj-actions/changed-files` from
055970845dd036d7345da7399b7e89f2e10f2b04 to
c2ca2493190021783138cb8aac49bcee14b4bb89
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h1><a
href="https://github.com/tj-actions/changed-files/compare/v46.0.4...v46.0.5">46.0.5</a>
- (2025-04-09)</h1>
<h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2>
<ul>
<li><strong>deps:</strong> Bump yaml from 2.7.0 to 2.7.1 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2520">#2520</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/ed68ef82c095e0d48ec87eccea555d944a631a4c">ed68ef8</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump typescript from 5.8.2 to 5.8.3 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2516">#2516</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/a7bc14b808f23d3b467a4079c69a81f1a4500fd5">a7bc14b</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump <code>@​types/node</code> from
22.13.11 to 22.14.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2517">#2517</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/3d751f6b6d84071a17e1b9cf4ed79a80a27dd0ab">3d751f6</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump eslint-plugin-prettier from 5.2.3 to
5.2.6 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2519">#2519</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/e2fda4ec3cb0bc2a353843cae823430b3124db8f">e2fda4e</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump ts-jest from 29.2.6 to 29.3.1 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2518">#2518</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/0bed1b1132ec4879a39a2d624cf82a00d0bcfa48">0bed1b1</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump github/codeql-action from 3.28.12 to
3.28.15 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2530">#2530</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/68024587dc36f49685c96d59d3f1081830f968bb">6802458</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump tj-actions/branch-names from 8.0.1 to
8.1.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2521">#2521</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/cf2e39e86bf842d1f9bc5bca56c0a6b207cca792">cf2e39e</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump tj-actions/verify-changed-files from
20.0.1 to 20.0.4 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2523">#2523</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/6abeaa506a419f85fa9e681260b443adbeebb3d4">6abeaa5</a>)
- (dependabot[bot])</li>
</ul>
<h2><!-- raw HTML omitted -->⬆️ Upgrades</h2>
<ul>
<li>Upgraded to v46.0.4 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2511">#2511</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot]
&lt;41898282+github-actions[bot]<a
href="https://github.com/users"><code>@​users</code></a>.noreply.github.com&gt;
(<a
href="https://github.com/tj-actions/changed-files/commit/6f67ee9ac810f0192ea7b3d2086406f97847bcf9">6f67ee9</a>)
- (github-actions[bot])</p>
<h1><a
href="https://github.com/tj-actions/changed-files/compare/v46.0.3...v46.0.4">46.0.4</a>
- (2025-04-03)</h1>
<h2><!-- raw HTML omitted -->🐛 Bug Fixes</h2>
<ul>
<li>Bug modified_keys and changed_key outputs not set when no changes
detected (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2509">#2509</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/6cb76d07bee4c9772c6882c06c37837bf82a04d3">6cb76d0</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted -->📚 Documentation</h2>
<ul>
<li>Update readme (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2508">#2508</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/b74df86ccb65173a8e33ba5492ac1a2ca6b216fd">b74df86</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted -->⬆️ Upgrades</h2>
<ul>
<li>Upgraded to v46.0.3 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2506">#2506</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot]
&lt;41898282+github-actions[bot]<a
href="https://github.com/users"><code>@​users</code></a>.noreply.github.com&gt;
Co-authored-by: Tonye Jack <a
href="mailto:jtonye@ymail.com">jtonye@ymail.com</a> (<a
href="https://github.com/tj-actions/changed-files/commit/27ae6b33eaed7bf87272fdeb9f1c54f9facc9d99">27ae6b3</a>)
- (github-actions[bot])</p>
<h1><a
href="https://github.com/tj-actions/changed-files/compare/v46.0.2...v46.0.3">46.0.3</a>
- (2025-03-23)</h1>
<h2><!-- raw HTML omitted -->🔄 Update</h2>
<ul>
<li>Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2501">#2501</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot]
&lt;41898282+github-actions[bot]<a
href="https://github.com/users"><code>@​users</code></a>.noreply.github.com&gt;
(<a
href="https://github.com/tj-actions/changed-files/commit/41e0de576a0f2b64d9f06f2773f539109e55a70a">41e0de5</a>)
- (github-actions[bot])</p>
<ul>
<li>Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2499">#2499</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot]
&lt;41898282+github-actions[bot]<a
href="https://github.com/users"><code>@​users</code></a>.noreply.github.com&gt;
(<a
href="https://github.com/tj-actions/changed-files/commit/945787811a795cd840a1157ac590dd7827a05c8e">9457878</a>)
- (github-actions[bot])</p>
<h2><!-- raw HTML omitted -->📚 Documentation</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/tj-actions/changed-files/commit/c2ca2493190021783138cb8aac49bcee14b4bb89"><code>c2ca249</code></a>
test: manual triggered workflows (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2637">#2637</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/94d97fe3f88298bf8b2f2db6fa2ab150f3c1ab77"><code>94d97fe</code></a>
chore(deps): bump tj-actions/branch-names from 9.0.1 to 9.0.2 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2636">#2636</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/18b05b98fcd9dc0bd3870d7a6571535999ba0c3f"><code>18b05b9</code></a>
chore(deps): bump github/codeql-action from 3.29.4 to 3.29.5 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2635">#2635</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/db8d0bfea5a44e51abd5dc1454386c668ae901f9"><code>db8d0bf</code></a>
chore(deps): bump tj-actions/git-cliff from 1.5.0 to 2.0.2 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2632">#2632</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/0e2e8f70c5c6854ee9ff9f94bc2f1b9e7fcead78"><code>0e2e8f7</code></a>
chore(deps): bump tj-actions/branch-names from 8.2.1 to 9.0.1 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2633">#2633</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/5f2e971c1fcf53fda99e27a542f5e79cff0e7059"><code>5f2e971</code></a>
chore(deps-dev): bump <code>@​types/node</code> from 24.0.15 to 24.1.0
(<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2626">#2626</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/498cf3f89140b3c7b8353c5ae1354765717026ad"><code>498cf3f</code></a>
chore(deps-dev): bump jest from 30.0.4 to 30.0.5 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2627">#2627</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/8378ac87b7b199cd230495c133c4f6b19215e757"><code>8378ac8</code></a>
chore(deps): bump github/codeql-action from 3.29.3 to 3.29.4 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2628">#2628</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/4bfe3cb5bd6f0db4dc8668c4d6bef45ccf2b8ab5"><code>4bfe3cb</code></a>
chore(deps): bump nrwl/nx-set-shas from 4.3.0 to 4.3.3 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2630">#2630</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/a0370f61698fcac830a08949da9fdf96ea0f3ab7"><code>a0370f6</code></a>
chore(deps): bump github/codeql-action from 3.29.2 to 3.29.3 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2625">#2625</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/tj-actions/changed-files/compare/055970845dd036d7345da7399b7e89f2e10f2b04...c2ca2493190021783138cb8aac49bcee14b4bb89">compare
view</a></li>
</ul>
</details>
<br />

Updates `tj-actions/branch-names` from 8.2.1 to 9.0.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tj-actions/branch-names/releases">tj-actions/branch-names's
releases</a>.</em></p>
<blockquote>
<h2>v9.0.2</h2>
<h2>What's Changed</h2>
<ul>
<li>Upgraded to v9.0.1 by <a
href="https://github.com/github-actions"><code>@​github-actions</code></a>[bot]
in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/424">tj-actions/branch-names#424</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/tj-actions/branch-names/compare/v9...v9.0.2">https://github.com/tj-actions/branch-names/compare/v9...v9.0.2</a></p>
<h2>v9.0.1</h2>
<h2>What's Changed</h2>
<ul>
<li>build(deps): bump tj-actions/git-cliff from 1.5.0 to 2.0.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/422">tj-actions/branch-names#422</a></li>
<li>build(deps): bump codacy/codacy-analysis-cli-action from 4.4.5 to
4.4.7 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/421">tj-actions/branch-names#421</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/tj-actions/branch-names/compare/v9.0.0...v9.0.1">https://github.com/tj-actions/branch-names/compare/v9.0.0...v9.0.1</a></p>
<h2>v9.0.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Upgraded to v8.2.1 by <a
href="https://github.com/github-actions"><code>@​github-actions</code></a>[bot]
in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/417">tj-actions/branch-names#417</a></li>
<li>chore: update action.yml by <a
href="https://github.com/jackton1"><code>@​jackton1</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/418">tj-actions/branch-names#418</a></li>
<li>Updated README.md by <a
href="https://github.com/github-actions"><code>@​github-actions</code></a>[bot]
in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/419">tj-actions/branch-names#419</a></li>
<li>security: fix unsafe outputs by <a
href="https://github.com/jackton1"><code>@​jackton1</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/420">tj-actions/branch-names#420</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/tj-actions/branch-names/compare/v8...v9.0.0">https://github.com/tj-actions/branch-names/compare/v8...v9.0.0</a></p>
<h2>v9</h2>
<h1>Changes in v9.0.2</h1>
<h2>What's Changed</h2>
<ul>
<li>Upgraded to v9.0.1 by <a
href="https://github.com/github-actions"><code>@​github-actions</code></a>[bot]
in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/424">tj-actions/branch-names#424</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/tj-actions/branch-names/compare/v9...v9.0.2">https://github.com/tj-actions/branch-names/compare/v9...v9.0.2</a></p>
<hr />
<h1>Changes in v9.0.1</h1>
<h2>What's Changed</h2>
<ul>
<li>build(deps): bump tj-actions/git-cliff from 1.5.0 to 2.0.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/422">tj-actions/branch-names#422</a></li>
<li>build(deps): bump codacy/codacy-analysis-cli-action from 4.4.5 to
4.4.7 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/421">tj-actions/branch-names#421</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/tj-actions/branch-names/compare/v9.0.0...v9.0.1">https://github.com/tj-actions/branch-names/compare/v9.0.0...v9.0.1</a></p>
<hr />
<h1>Changes in v9.0.0</h1>
<h2>What's Changed</h2>
<ul>
<li>Upgraded to v8.2.1 by <a
href="https://github.com/github-actions"><code>@​github-actions</code></a>[bot]
in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/417">tj-actions/branch-names#417</a></li>
<li>chore: update action.yml by <a
href="https://github.com/jackton1"><code>@​jackton1</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/418">tj-actions/branch-names#418</a></li>
<li>Updated README.md by <a
href="https://github.com/github-actions"><code>@​github-actions</code></a>[bot]
in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/419">tj-actions/branch-names#419</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/tj-actions/branch-names/blob/main/HISTORY.md">tj-actions/branch-names's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h1><a
href="https://github.com/tj-actions/branch-names/compare/v9.0.1...v9.0.2">9.0.2</a>
- (2025-07-31)</h1>
<h2><!-- raw HTML omitted -->🔄 Update</h2>
<ul>
<li>Update update-readme.yml (<a
href="https://github.com/tj-actions/branch-names/commit/5250492686b253f06fa55861556d1027b067aeb5">5250492</a>)
- (Tonye Jack)</li>
<li>Update update-readme.yml (<a
href="https://github.com/tj-actions/branch-names/commit/a2bc4958de72a5590a03c317bcb11581ae7866e7">a2bc495</a>)
- (Tonye Jack)</li>
<li>Update README.md (<a
href="https://github.com/tj-actions/branch-names/commit/169ddc10b28b8cbc75996ee56c1dbf4448ca6f06">169ddc1</a>)
- (Tonye Jack)</li>
<li>Update README.md (<a
href="https://github.com/tj-actions/branch-names/commit/4d35052be347a49c829b8a8e9855f40f14a00be6">4d35052</a>)
- (Tonye Jack)</li>
<li>Updated README.md (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/423">#423</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot]
&lt;41898282+github-actions[bot]<a
href="https://github.com/users"><code>@​users</code></a>.noreply.github.com&gt;
(<a
href="https://github.com/tj-actions/branch-names/commit/6be34a848cdd6067dda01ded8bd9b0853bbe3b23">6be34a8</a>)
- (github-actions[bot])</p>
<h2><!-- raw HTML omitted -->⬆️ Upgrades</h2>
<ul>
<li>Upgraded from v9.0.0 -&gt; v9.0.1 (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/424">#424</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot]
&lt;41898282+github-actions[bot]<a
href="https://github.com/users"><code>@​users</code></a>.noreply.github.com&gt;
(<a
href="https://github.com/tj-actions/branch-names/commit/c0714e7ecc0a7baec34a69b87df070fa6a823e7f">c0714e7</a>)
- (github-actions[bot])</p>
<h1><a
href="https://github.com/tj-actions/branch-names/compare/v9.0.0...v9.0.1">9.0.1</a>
- (2025-07-26)</h1>
<h2><!-- raw HTML omitted -->👷 CI/CD</h2>
<ul>
<li><strong>deps:</strong> Bump codacy/codacy-analysis-cli-action from
4.4.5 to 4.4.7 (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/421">#421</a>)
(<a
href="https://github.com/tj-actions/branch-names/commit/386e117ea34339627a40843704a60a3bc9359234">386e117</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump tj-actions/git-cliff from 1.5.0 to 2.0.2
(<a
href="https://redirect.github.com/tj-actions/branch-names/issues/422">#422</a>)
(<a
href="https://github.com/tj-actions/branch-names/commit/2114174008e541048c2313bfc2c296a484785f14">2114174</a>)
- (dependabot[bot])</li>
</ul>
<h1><a
href="https://github.com/tj-actions/branch-names/compare/v8.2.1...v9.0.0">9.0.0</a>
- (2025-07-25)</h1>
<h2><!-- raw HTML omitted -->🔄 Update</h2>
<ul>
<li>Updated README.md (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/419">#419</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot]
&lt;41898282+github-actions[bot]<a
href="https://github.com/users"><code>@​users</code></a>.noreply.github.com&gt;
(<a
href="https://github.com/tj-actions/branch-names/commit/f904073f20285d3ff38d2dedb647c7e81ab9ccc6">f904073</a>)
- (github-actions[bot])</p>
<h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2>
<ul>
<li>Update action.yml (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/418">#418</a>)
(<a
href="https://github.com/tj-actions/branch-names/commit/c81796132291bcac45a405bba3ff42c5c0c2a3e2">c817961</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted -->🛡️ Security</h2>
<ul>
<li>Fix unsafe outputs (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/420">#420</a>)
(<a
href="https://github.com/tj-actions/branch-names/commit/e497ceb8ccd43fd9573cf2e375216625bc411d1f">e497ceb</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted -->⬆️ Upgrades</h2>
<ul>
<li>Upgraded from v8.2.0 -&gt; v8.2.1 (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/417">#417</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot]
&lt;41898282+github-actions[bot]<a
href="https://github.com/users"><code>@​users</code></a>.noreply.github.com&gt;
(<a
href="https://github.com/tj-actions/branch-names/commit/46ae71df6d27dd78ff96d2aaf0a59411f9c19e4e">46ae71d</a>)
- (github-actions[bot])</p>
<h1><a
href="https://github.com/tj-actions/branch-names/compare/v8.2.0...v8.2.1">8.2.1</a>
- (2025-04-11)</h1>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/tj-actions/branch-names/commit/5250492686b253f06fa55861556d1027b067aeb5"><code>5250492</code></a>
Update update-readme.yml</li>
<li><a
href="https://github.com/tj-actions/branch-names/commit/a2bc4958de72a5590a03c317bcb11581ae7866e7"><code>a2bc495</code></a>
Update update-readme.yml</li>
<li><a
href="https://github.com/tj-actions/branch-names/commit/169ddc10b28b8cbc75996ee56c1dbf4448ca6f06"><code>169ddc1</code></a>
Update README.md</li>
<li><a
href="https://github.com/tj-actions/branch-names/commit/4d35052be347a49c829b8a8e9855f40f14a00be6"><code>4d35052</code></a>
Update README.md</li>
<li><a
href="https://github.com/tj-actions/branch-names/commit/c0714e7ecc0a7baec34a69b87df070fa6a823e7f"><code>c0714e7</code></a>
Upgraded from v9.0.0 -&gt; v9.0.1 (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/424">#424</a>)</li>
<li><a
href="https://github.com/tj-actions/branch-names/commit/6be34a848cdd6067dda01ded8bd9b0853bbe3b23"><code>6be34a8</code></a>
Updated README.md (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/423">#423</a>)</li>
<li><a
href="https://github.com/tj-actions/branch-names/commit/386e117ea34339627a40843704a60a3bc9359234"><code>386e117</code></a>
build(deps): bump codacy/codacy-analysis-cli-action from 4.4.5 to 4.4.7
(<a
href="https://redirect.github.com/tj-actions/branch-names/issues/421">#421</a>)</li>
<li><a
href="https://github.com/tj-actions/branch-names/commit/2114174008e541048c2313bfc2c296a484785f14"><code>2114174</code></a>
build(deps): bump tj-actions/git-cliff from 1.5.0 to 2.0.2 (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/422">#422</a>)</li>
<li><a
href="https://github.com/tj-actions/branch-names/commit/e497ceb8ccd43fd9573cf2e375216625bc411d1f"><code>e497ceb</code></a>
security: fix unsafe outputs (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/420">#420</a>)</li>
<li><a
href="https://github.com/tj-actions/branch-names/commit/f904073f20285d3ff38d2dedb647c7e81ab9ccc6"><code>f904073</code></a>
Updated README.md (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/419">#419</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/tj-actions/branch-names/compare/dde14ac574a8b9b1cedc59a1cf312788af43d8d8...5250492686b253f06fa55861556d1027b067aeb5">compare
view</a></li>
</ul>
</details>
<br />

Updates `github/codeql-action` from 3.29.3 to 3.29.5
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.29.5</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.29.5 - 29 Jul 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.22.2. <a
href="https://redirect.github.com/github/codeql-action/pull/2986">#2986</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.29.5/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
<h2>v3.29.4</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.29.4 - 23 Jul 2025</h2>
<p>No user facing changes.</p>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.29.4/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.29.5 - 29 Jul 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.22.2. <a
href="https://redirect.github.com/github/codeql-action/pull/2986">#2986</a></li>
</ul>
<h2>3.29.4 - 23 Jul 2025</h2>
<p>No user facing changes.</p>
<h2>3.29.3 - 21 Jul 2025</h2>
<p>No user facing changes.</p>
<h2>3.29.2 - 30 Jun 2025</h2>
<ul>
<li>Experimental: When the <code>quality-queries</code> input for the
<code>init</code> action is provided with an argument, separate
<code>.quality.sarif</code> files are produced and uploaded for each
language with the results of the specified queries. Do not use this in
production as it is part of an internal experiment and subject to change
at any time. <a
href="https://redirect.github.com/github/codeql-action/pull/2935">#2935</a></li>
</ul>
<h2>3.29.1 - 27 Jun 2025</h2>
<ul>
<li>Fix bug in PR analysis where user-provided <code>include</code>
query filter fails to exclude non-included queries. <a
href="https://redirect.github.com/github/codeql-action/pull/2938">#2938</a></li>
<li>Update default CodeQL bundle version to 2.22.1. <a
href="https://redirect.github.com/github/codeql-action/pull/2950">#2950</a></li>
</ul>
<h2>3.29.0 - 11 Jun 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.22.0. <a
href="https://redirect.github.com/github/codeql-action/pull/2925">#2925</a></li>
<li>Bump minimum CodeQL bundle version to 2.16.6. <a
href="https://redirect.github.com/github/codeql-action/pull/2912">#2912</a></li>
</ul>
<h2>3.28.21 - 28 July 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.20 - 21 July 2025</h2>
<ul>
<li>Remove support for combining SARIF files from a single upload for
GHES 3.18, see <a
href="https://github.blog/changelog/2024-05-06-code-scanning-will-stop-combining-runs-from-a-single-upload/">the
changelog post</a>. <a
href="https://redirect.github.com/github/codeql-action/pull/2959">#2959</a></li>
</ul>
<h2>3.28.19 - 03 Jun 2025</h2>
<ul>
<li>The CodeQL Action no longer includes its own copy of the extractor
for the <code>actions</code> language, which is currently in public
preview.
The <code>actions</code> extractor has been included in the CodeQL CLI
since v2.20.6. If your workflow has enabled the <code>actions</code>
language <em>and</em> you have pinned
your <code>tools:</code> property to a specific version of the CodeQL
CLI earlier than v2.20.6, you will need to update to at least CodeQL
v2.20.6 or disable
<code>actions</code> analysis.</li>
<li>Update default CodeQL bundle version to 2.21.4. <a
href="https://redirect.github.com/github/codeql-action/pull/2910">#2910</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/51f77329afa6477de8c49fc9c7046c15b9a4e79d"><code>51f7732</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2997">#2997</a>
from github/update-v3.29.5-80a09d7b0</li>
<li><a
href="https://github.com/github/codeql-action/commit/8e90243ddbe0de3f12f4fa361675387b7f94c48d"><code>8e90243</code></a>
Update changelog for v3.29.5</li>
<li><a
href="https://github.com/github/codeql-action/commit/80a09d7b0b5468297f127c81b43cb7335eed0f30"><code>80a09d7</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2996">#2996</a>
from github/dependabot/npm_and_yarn/npm-240ab9fad0</li>
<li><a
href="https://github.com/github/codeql-action/commit/8388115dc8d6af25bf915cc8455a7d6a77253970"><code>8388115</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2994">#2994</a>
from github/mergeback/changelog/v3.28.21</li>
<li><a
href="https://github.com/github/codeql-action/commit/401ecaf503b1a19fc0fbd253cc5afe7759870068"><code>401ecaf</code></a>
Merge branch 'main' into mergeback/changelog/v3.28.21</li>
<li><a
href="https://github.com/github/codeql-action/commit/ab5c0c5fa56442a68c2d51b194ccc93faaaaa639"><code>ab5c0c5</code></a>
Merge branch 'main' into dependabot/npm_and_yarn/npm-240ab9fad0</li>
<li><a
href="https://github.com/github/codeql-action/commit/cd264d4dcdc5ee89d8590821e29c66a1bdcaa968"><code>cd264d4</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2986">#2986</a>
from github/update-bundle/codeql-bundle-v2.22.2</li>
<li><a
href="https://github.com/github/codeql-action/commit/4599055b1e273f63344615ade2c46c852c6d5c63"><code>4599055</code></a>
Merge branch 'main' into update-bundle/codeql-bundle-v2.22.2</li>
<li><a
href="https://github.com/github/codeql-action/commit/fd7ad511e6bd5985ebbc84944e0e173d39a968b8"><code>fd7ad51</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2971">#2971</a>
from github/update-supported-enterprise-server-versions</li>
<li><a
href="https://github.com/github/codeql-action/commit/ac0c9bfe1e34d6a76860325c1b4abe8208ce98a6"><code>ac0c9bf</code></a>
Merge branch 'main' into
update-supported-enterprise-server-versions</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/d6bbdef45e766d081b84a2def353b0055f728d3e...51f77329afa6477de8c49fc9c7046c15b9a4e79d">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-04 14:57:47 +00:00
Ethan b95cf47f99 ci: set valid xcode version in release script (#19143) 
16.0.0 was yanked from the macOS runners, so this will likely need cherry picking into the upcoming release branch.

We've already checked everything builds fine on #19125.

In a few releases we'll stop building the dylib and also therefore remove xcode as a dependency on coder/coder altogether.
 2025-08-04 15:01:24 +10:00
dependabot[bot] 6b141d76de ci: bump the github-actions group with 6 updates (#18938) 
Bumps the github-actions group with 6 updates:

| Package | From | To |
| --- | --- | --- |
|
[step-security/harden-runner](https://github.com/step-security/harden-runner)
| `2.12.2` | `2.13.0` |
|
[google-github-actions/auth](https://github.com/google-github-actions/auth)
| `2.1.10` | `2.1.11` |
|
[google-github-actions/setup-gcloud](https://github.com/google-github-actions/setup-gcloud)
| `2.1.4` | `2.1.5` |
|
[google-github-actions/get-gke-credentials](https://github.com/google-github-actions/get-gke-credentials)
| `2.3.3` | `2.3.4` |
| [github/codeql-action](https://github.com/github/codeql-action) |
`3.29.2` | `3.29.3` |
|
[umbrelladocs/action-linkspector](https://github.com/umbrelladocs/action-linkspector)
| `1.3.6` | `1.3.7` |

Updates `step-security/harden-runner` from 2.12.2 to 2.13.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's
releases</a>.</em></p>
<blockquote>
<h2>v2.13.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Improved job markdown summary</li>
<li>Https monitoring for all domains (included with the enterprise
tier)</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/step-security/harden-runner/compare/v2...v2.13.0">https://github.com/step-security/harden-runner/compare/v2...v2.13.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/step-security/harden-runner/commit/ec9f2d5744a09debf3a187a3f4f675c53b671911"><code>ec9f2d5</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/565">#565</a>
from step-security/rc-24</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/04bcbc31cfcefe0cf4720832008735021cec5ec4"><code>04bcbc3</code></a>
update agent</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/7c7a56fcaa124ab72fff1cc3e81257f264fd7317"><code>7c7a56f</code></a>
feat: get job summary from API</li>
<li>See full diff in <a
href="https://github.com/step-security/harden-runner/compare/6c439dc8bdf85cadbbce9ed30d1c7b959517bc49...ec9f2d5744a09debf3a187a3f4f675c53b671911">compare
view</a></li>
</ul>
</details>
<br />

Updates `google-github-actions/auth` from 2.1.10 to 2.1.11
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/google-github-actions/auth/releases">google-github-actions/auth's
releases</a>.</em></p>
<blockquote>
<h2>v2.1.11</h2>
<h2>What's Changed</h2>
<ul>
<li>Update troubleshooting docs for Python by <a
href="https://github.com/sethvargo"><code>@​sethvargo</code></a> in <a
href="https://redirect.github.com/google-github-actions/auth/pull/488">google-github-actions/auth#488</a></li>
<li>Add linters by <a
href="https://github.com/sethvargo"><code>@​sethvargo</code></a> in <a
href="https://redirect.github.com/google-github-actions/auth/pull/499">google-github-actions/auth#499</a></li>
<li>Update deps by <a
href="https://github.com/sethvargo"><code>@​sethvargo</code></a> in <a
href="https://redirect.github.com/google-github-actions/auth/pull/500">google-github-actions/auth#500</a></li>
<li>Release: v2.1.11 by <a
href="https://github.com/google-github-actions-bot"><code>@​google-github-actions-bot</code></a>
in <a
href="https://redirect.github.com/google-github-actions/auth/pull/501">google-github-actions/auth#501</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/google-github-actions/auth/compare/v2.1.10...v2.1.11">https://github.com/google-github-actions/auth/compare/v2.1.10...v2.1.11</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/google-github-actions/auth/commit/140bb5113ffb6b65a7e9b937a81fa96cf5064462"><code>140bb51</code></a>
Release: v2.1.11 (<a
href="https://redirect.github.com/google-github-actions/auth/issues/501">#501</a>)</li>
<li><a
href="https://github.com/google-github-actions/auth/commit/ab3132e2ad698521ee1355566103fa838732e48c"><code>ab3132e</code></a>
Update deps (<a
href="https://redirect.github.com/google-github-actions/auth/issues/500">#500</a>)</li>
<li><a
href="https://github.com/google-github-actions/auth/commit/25b96bac992fdf64486c6fd3fd3d9c4cddb3a812"><code>25b96ba</code></a>
Add linters (<a
href="https://redirect.github.com/google-github-actions/auth/issues/499">#499</a>)</li>
<li><a
href="https://github.com/google-github-actions/auth/commit/0920706a19e9d22c3d0da43d1db5939c6ad837a8"><code>0920706</code></a>
Update troubleshooting docs for Python (<a
href="https://redirect.github.com/google-github-actions/auth/issues/488">#488</a>)</li>
<li>See full diff in <a
href="https://github.com/google-github-actions/auth/compare/ba79af03959ebeac9769e648f473a284504d9193...140bb5113ffb6b65a7e9b937a81fa96cf5064462">compare
view</a></li>
</ul>
</details>
<br />

Updates `google-github-actions/setup-gcloud` from 2.1.4 to 2.1.5
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/google-github-actions/setup-gcloud/releases">google-github-actions/setup-gcloud's
releases</a>.</em></p>
<blockquote>
<h2>v2.1.5</h2>
<h2>What's Changed</h2>
<ul>
<li>security: bump undici from 5.28.5 to 5.29.0 in the npm_and_yarn
group by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/711">google-github-actions/setup-gcloud#711</a></li>
<li>Update linters by <a
href="https://github.com/sethvargo"><code>@​sethvargo</code></a> in <a
href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/715">google-github-actions/setup-gcloud#715</a></li>
<li>Update deps by <a
href="https://github.com/sethvargo"><code>@​sethvargo</code></a> in <a
href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/716">google-github-actions/setup-gcloud#716</a></li>
<li>Release: v2.1.5 by <a
href="https://github.com/google-github-actions-bot"><code>@​google-github-actions-bot</code></a>
in <a
href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/717">google-github-actions/setup-gcloud#717</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/google-github-actions/setup-gcloud/compare/v2.1.4...v2.1.5">https://github.com/google-github-actions/setup-gcloud/compare/v2.1.4...v2.1.5</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/google-github-actions/setup-gcloud/commit/6a7c903a70c8625ed6700fa299f5ddb4ca6022e9"><code>6a7c903</code></a>
Release: v2.1.5 (<a
href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/717">#717</a>)</li>
<li><a
href="https://github.com/google-github-actions/setup-gcloud/commit/e838bc6edfe3907980c74d5aad506fd6e173b0d6"><code>e838bc6</code></a>
Update deps (<a
href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/716">#716</a>)</li>
<li><a
href="https://github.com/google-github-actions/setup-gcloud/commit/98d8f78fcc2354c736499a506ad9e7be3f4c2640"><code>98d8f78</code></a>
Update linters (<a
href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/715">#715</a>)</li>
<li><a
href="https://github.com/google-github-actions/setup-gcloud/commit/a8b58010a5b2a061afd605f50e88629c9ec7536b"><code>a8b5801</code></a>
security: bump undici from 5.28.5 to 5.29.0 in the npm_and_yarn group
(<a
href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/711">#711</a>)</li>
<li>See full diff in <a
href="https://github.com/google-github-actions/setup-gcloud/compare/77e7a554d41e2ee56fc945c52dfd3f33d12def9a...6a7c903a70c8625ed6700fa299f5ddb4ca6022e9">compare
view</a></li>
</ul>
</details>
<br />

Updates `google-github-actions/get-gke-credentials` from 2.3.3 to 2.3.4
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/google-github-actions/get-gke-credentials/releases">google-github-actions/get-gke-credentials's
releases</a>.</em></p>
<blockquote>
<h2>v2.3.4</h2>
<h2>What's Changed</h2>
<ul>
<li>security: bump undici from 5.28.5 to 5.29.0 in the npm_and_yarn
group by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/333">google-github-actions/get-gke-credentials#333</a></li>
<li>Update linters by <a
href="https://github.com/sethvargo"><code>@​sethvargo</code></a> in <a
href="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/334">google-github-actions/get-gke-credentials#334</a></li>
<li>Update deps by <a
href="https://github.com/sethvargo"><code>@​sethvargo</code></a> in <a
href="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/335">google-github-actions/get-gke-credentials#335</a></li>
<li>Release: v2.3.4 by <a
href="https://github.com/google-github-actions-bot"><code>@​google-github-actions-bot</code></a>
in <a
href="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/336">google-github-actions/get-gke-credentials#336</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/google-github-actions/get-gke-credentials/compare/v2.3.3...v2.3.4">https://github.com/google-github-actions/get-gke-credentials/compare/v2.3.3...v2.3.4</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/google-github-actions/get-gke-credentials/commit/8e574c49425fa7efed1e74650a449bfa6a23308a"><code>8e574c4</code></a>
Release: v2.3.4 (<a
href="https://redirect.github.com/google-github-actions/get-gke-credentials/issues/336">#336</a>)</li>
<li><a
href="https://github.com/google-github-actions/get-gke-credentials/commit/820551c1d9b3734a98590d5020e3a479a3600019"><code>820551c</code></a>
Update deps (<a
href="https://redirect.github.com/google-github-actions/get-gke-credentials/issues/335">#335</a>)</li>
<li><a
href="https://github.com/google-github-actions/get-gke-credentials/commit/503071673e50fd4fe5973d69174dc780288d61e9"><code>5030716</code></a>
Update linters (<a
href="https://redirect.github.com/google-github-actions/get-gke-credentials/issues/334">#334</a>)</li>
<li><a
href="https://github.com/google-github-actions/get-gke-credentials/commit/36f99de330d5a168c801b87721b96719a0a9ada0"><code>36f99de</code></a>
security: bump undici from 5.28.5 to 5.29.0 in the npm_and_yarn group
(<a
href="https://redirect.github.com/google-github-actions/get-gke-credentials/issues/333">#333</a>)</li>
<li>See full diff in <a
href="https://github.com/google-github-actions/get-gke-credentials/compare/d0cee45012069b163a631894b98904a9e6723729...8e574c49425fa7efed1e74650a449bfa6a23308a">compare
view</a></li>
</ul>
</details>
<br />

Updates `github/codeql-action` from 3.29.2 to 3.29.3
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.29.3</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.29.3 - 21 Jul 2025</h2>
<p>No user facing changes.</p>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.29.3/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.29.3 - 21 Jul 2025</h2>
<p>No user facing changes.</p>
<h2>3.29.2 - 30 Jun 2025</h2>
<ul>
<li>Experimental: When the <code>quality-queries</code> input for the
<code>init</code> action is provided with an argument, separate
<code>.quality.sarif</code> files are produced and uploaded for each
language with the results of the specified queries. Do not use this in
production as it is part of an internal experiment and subject to change
at any time. <a
href="https://redirect.github.com/github/codeql-action/pull/2935">#2935</a></li>
</ul>
<h2>3.29.1 - 27 Jun 2025</h2>
<ul>
<li>Fix bug in PR analysis where user-provided <code>include</code>
query filter fails to exclude non-included queries. <a
href="https://redirect.github.com/github/codeql-action/pull/2938">#2938</a></li>
<li>Update default CodeQL bundle version to 2.22.1. <a
href="https://redirect.github.com/github/codeql-action/pull/2950">#2950</a></li>
</ul>
<h2>3.29.0 - 11 Jun 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.22.0. <a
href="https://redirect.github.com/github/codeql-action/pull/2925">#2925</a></li>
<li>Bump minimum CodeQL bundle version to 2.16.6. <a
href="https://redirect.github.com/github/codeql-action/pull/2912">#2912</a></li>
</ul>
<h2>3.28.20 - 21 July 2025</h2>
<ul>
<li>Remove support for combining SARIF files from a single upload for
GHES 3.18, see <a
href="https://github.blog/changelog/2024-05-06-code-scanning-will-stop-combining-runs-from-a-single-upload/">the
changelog post</a>. <a
href="https://redirect.github.com/github/codeql-action/pull/2959">#2959</a></li>
</ul>
<h2>3.28.19 - 03 Jun 2025</h2>
<ul>
<li>The CodeQL Action no longer includes its own copy of the extractor
for the <code>actions</code> language, which is currently in public
preview.
The <code>actions</code> extractor has been included in the CodeQL CLI
since v2.20.6. If your workflow has enabled the <code>actions</code>
language <em>and</em> you have pinned
your <code>tools:</code> property to a specific version of the CodeQL
CLI earlier than v2.20.6, you will need to update to at least CodeQL
v2.20.6 or disable
<code>actions</code> analysis.</li>
<li>Update default CodeQL bundle version to 2.21.4. <a
href="https://redirect.github.com/github/codeql-action/pull/2910">#2910</a></li>
</ul>
<h2>3.28.18 - 16 May 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2893">#2893</a></li>
<li>Skip validating SARIF produced by CodeQL for improved performance.
<a
href="https://redirect.github.com/github/codeql-action/pull/2894">#2894</a></li>
<li>The number of threads and amount of RAM used by CodeQL can now be
set via the <code>CODEQL_THREADS</code> and <code>CODEQL_RAM</code>
runner environment variables. If set, these environment variables
override the <code>threads</code> and <code>ram</code> inputs
respectively. <a
href="https://redirect.github.com/github/codeql-action/pull/2891">#2891</a></li>
</ul>
<h2>3.28.17 - 02 May 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.2. <a
href="https://redirect.github.com/github/codeql-action/pull/2872">#2872</a></li>
</ul>
<h2>3.28.16 - 23 Apr 2025</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/d6bbdef45e766d081b84a2def353b0055f728d3e"><code>d6bbdef</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2977">#2977</a>
from github/update-v3.29.3-7710ed11e</li>
<li><a
href="https://github.com/github/codeql-action/commit/210cc9bfa2103f4b7c4701ee383183b944c62578"><code>210cc9b</code></a>
Update changelog for v3.29.3</li>
<li><a
href="https://github.com/github/codeql-action/commit/7710ed11e398ea99c7f7004c2b2e0f580458db42"><code>7710ed1</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2970">#2970</a>
from github/cklin/diff-informed-feature-enable</li>
<li><a
href="https://github.com/github/codeql-action/commit/6a49a8cbce6ecbd74ea251a48dbc84e64ce3be4d"><code>6a49a8c</code></a>
build: refresh js files</li>
<li><a
href="https://github.com/github/codeql-action/commit/3aef4108d1730e17b6fd24f8b9c49d8fcc87d46d"><code>3aef410</code></a>
Add diff-informed-analysis-utils.test.ts</li>
<li><a
href="https://github.com/github/codeql-action/commit/614b64c6ec97a4ad54f7c99c5becbf593144dbfb"><code>614b64c</code></a>
Diff-informed analysis: disable for GHES below 3.19</li>
<li><a
href="https://github.com/github/codeql-action/commit/aefb854fe5563f4650638224c839c6e9b33c25b5"><code>aefb854</code></a>
Feature.DiffInformedQueries: default to true</li>
<li><a
href="https://github.com/github/codeql-action/commit/03a2a17e75d20e4ff461b43f161fb2b52165f632"><code>03a2a17</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2967">#2967</a>
from github/cklin/overlay-feature-flags</li>
<li><a
href="https://github.com/github/codeql-action/commit/07455ed3c36f739ad76d1c4e55f8b49550f74344"><code>07455ed</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2972">#2972</a>
from github/koesie10/ghes-satisfies</li>
<li><a
href="https://github.com/github/codeql-action/commit/3fb562ddcce3ca92b83ea1bb7abaa579a1ab882d"><code>3fb562d</code></a>
build: refresh js files</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/181d5eefc20863364f96762470ba6f862bdef56b...d6bbdef45e766d081b84a2def353b0055f728d3e">compare
view</a></li>
</ul>
</details>
<br />

Updates `umbrelladocs/action-linkspector` from 1.3.6 to 1.3.7
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/umbrelladocs/action-linkspector/releases">umbrelladocs/action-linkspector's
releases</a>.</em></p>
<blockquote>
<h2>Release v1.3.7</h2>
<p>v1.3.7: PR <a
href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/47">#47</a>
- Update linkspector version to 0.4.7</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/UmbrellaDocs/action-linkspector/commit/874d01cae9fd488e3077b08952093235bd626977"><code>874d01c</code></a>
Merge pull request <a
href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/47">#47</a>
from UmbrellaDocs/update-linkspector-version</li>
<li><a
href="https://github.com/UmbrellaDocs/action-linkspector/commit/bfc5bc55f5a8fc268165639b78b3ce6ae64915ad"><code>bfc5bc5</code></a>
Update linkspector version to 0.4.7</li>
<li>See full diff in <a
href="https://github.com/umbrelladocs/action-linkspector/compare/3a951c1f0dca72300c2320d0eb39c2bafe429ab1...874d01cae9fd488e3077b08952093235bd626977">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-21 13:21:37 +00:00
Jakub Domeracki e4d3453e2b feat: publish CLI binaries and detached signatures to releases.coder.com (#18874) 
Starting with version `2.24.X `, Coder CLI binaries & corresponding
detached signatures will get published to the GCS bucket
releases.coder.com.
 2025-07-15 13:15:58 +02:00
Jakub Domeracki dc0919da33 feat: sign coder binaries with the release key using GPG (#18774) 
### Description
This PR introduces GPG signing for all Coder *slim-binaries*.
Detached signatures will allow users to verify the integrity and
authenticity of the binaries they download.

### Changes
  * `scripts/sign_with_gpg.sh`: New script to sign a given binary
     using GPG. It imports the release key, signs the binary, and
     verifies the signature.
   * `scripts/build_go.sh`: Updated to call `sign_with_gpg.sh` when the
     `CODER_SIGN_GPG` environment variable is set to 1.
   * `.github/workflows/release.yaml`: The` CODER_SIGN_GPG` environment
     variable is now set to 1 during the release build, enabling GPG
     signing for all release binaries.
   * `.github/workflows/ci.yaml`: The `CODER_SIGN_GPG` environment
     variable is now set to 1 during the CI build, enabling GPG
     signing for all CI binaries.
* `Makefile`: Detached signatures are moved to the `/site/out/bin/
`directory
 2025-07-09 11:53:27 +02:00
Allen Conlon 10c1e36fff feat: add publishing of helm charts to ghcr registry (#18316) 2025-07-08 22:19:12 +05:00
dependabot[bot] 851cda55d6 ci: bump the github-actions group with 3 updates (#18665) 
Bumps the github-actions group with 3 updates:
[step-security/harden-runner](https://github.com/step-security/harden-runner),
[fluxcd/flux2](https://github.com/fluxcd/flux2) and
[github/codeql-action](https://github.com/github/codeql-action).

Updates `step-security/harden-runner` from 2.12.1 to 2.12.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's
releases</a>.</em></p>
<blockquote>
<h2>v2.12.2</h2>
<h2>What's Changed</h2>
<p>Added HTTPS Monitoring for additional destinations -
*.githubusercontent.com
Bug fixes:</p>
<ul>
<li>Implicitly allow local multicast, local unicast and broadcast IP
addresses in block mode</li>
<li>Increased policy map size for block mode</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/step-security/harden-runner/compare/v2...v2.12.2">https://github.com/step-security/harden-runner/compare/v2...v2.12.2</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/step-security/harden-runner/commit/6c439dc8bdf85cadbbce9ed30d1c7b959517bc49"><code>6c439dc</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/562">#562</a>
from step-security/rc-22</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/bf5688696d0b2cf8221eadb38e4232386015763a"><code>bf56886</code></a>
update agent</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/5436dac7b5fa76a1a179168f5f4de86c00e22c84"><code>5436dac</code></a>
update agent</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/88d305a3530acfa6d1939000baaa571e520df9c8"><code>88d305a</code></a>
update agent</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/b976878278dbe3bc16039f7165b8faf809c50297"><code>b976878</code></a>
update agent</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/875cc92db280a03598e7492a3e6c165c689f7af6"><code>875cc92</code></a>
Update agent</li>
<li>See full diff in <a
href="https://github.com/step-security/harden-runner/compare/002fdce3c6a235733a90a27c80493a3241e56863...6c439dc8bdf85cadbbce9ed30d1c7b959517bc49">compare
view</a></li>
</ul>
</details>
<br />

Updates `fluxcd/flux2` from 2.6.2 to 2.6.3
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/fluxcd/flux2/releases">fluxcd/flux2's
releases</a>.</em></p>
<blockquote>
<h2>v2.6.3</h2>
<h2>Highlights</h2>
<p>Flux v2.6.3 is a patch release that comes with various fixes. Users
are encouraged to upgrade for the best experience.</p>
<p>Fixes:</p>
<ul>
<li>Fix for <code>rsa-sha2-512</code> and <code>rsa-sha2-256</code>
algorithms not being prioritized for <code>ssh-rsa</code> host keys in
source-controller, image-automation-controller and Flux CLI
bootstrap.</li>
</ul>
<h2>Components changelog</h2>
<ul>
<li>source-controller <a
href="https://github.com/fluxcd/source-controller/blob/v1.6.2/CHANGELOG.md">v1.6.2</a></li>
<li>image-automation-controller <a
href="https://github.com/fluxcd/image-automation-controller/blob/v0.41.2/CHANGELOG.md">v0.41.2</a></li>
</ul>
<h2>CLI changed</h2>
<ul>
<li>[release/v2.6.x] Update toolkit components by <a
href="https://github.com/fluxcdbot"><code>@​fluxcdbot</code></a> in <a
href="https://redirect.github.com/fluxcd/flux2/pull/5427">fluxcd/flux2#5427</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/fluxcd/flux2/compare/v2.6.2...v2.6.3">https://github.com/fluxcd/flux2/compare/v2.6.2...v2.6.3</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/fluxcd/flux2/commit/bda4c8187e436462be0d072e728b67afa215c593"><code>bda4c81</code></a>
Merge pull request <a
href="https://redirect.github.com/fluxcd/flux2/issues/5427">#5427</a>
from fluxcd/backport-5426-to-release/v2.6.x</li>
<li><a
href="https://github.com/fluxcd/flux2/commit/3f281da7381e3984913244d78b9768e4fa5fbb65"><code>3f281da</code></a>
Fix: Prioritize sha2-512 and sha2-256 for ssh-rsa host keys</li>
<li><a
href="https://github.com/fluxcd/flux2/commit/963e99188cb0a77dfbe70a3db7a34c0f6e159dd3"><code>963e991</code></a>
Update toolkit components</li>
<li>See full diff in <a
href="https://github.com/fluxcd/flux2/compare/a48f81a66c4ca9fbd993233ab99dd03a7cfbe09a...bda4c8187e436462be0d072e728b67afa215c593">compare
view</a></li>
</ul>
</details>
<br />

Updates `github/codeql-action` from 3.29.0 to 3.29.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.29.1</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.29.1 - 27 Jun 2025</h2>
<ul>
<li>Fix bug in PR analysis where user-provided <code>include</code>
query filter fails to exclude non-included queries. <a
href="https://redirect.github.com/github/codeql-action/pull/2938">#2938</a></li>
<li>Update default CodeQL bundle version to 2.22.1. <a
href="https://redirect.github.com/github/codeql-action/pull/2950">#2950</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.29.1/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<ul>
<li>Experimental: When the <code>quality-queries</code> input for the
<code>init</code> action is provided with an argument, separate
<code>.quality.sarif</code> files are produced and uploaded for each
language with the results of the specified queries. Do not use this in
production as it is part of an internal experiment and subject to change
at any time. <a
href="https://redirect.github.com/github/codeql-action/pull/2935">#2376</a></li>
</ul>
<h2>3.29.1 - 27 Jun 2025</h2>
<ul>
<li>Fix bug in PR analysis where user-provided <code>include</code>
query filter fails to exclude non-included queries. <a
href="https://redirect.github.com/github/codeql-action/pull/2938">#2938</a></li>
<li>Update default CodeQL bundle version to 2.22.1. <a
href="https://redirect.github.com/github/codeql-action/pull/2950">#2950</a></li>
</ul>
<h2>3.29.0 - 11 Jun 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.22.0. <a
href="https://redirect.github.com/github/codeql-action/pull/2925">#2925</a></li>
<li>Bump minimum CodeQL bundle version to 2.16.6. <a
href="https://redirect.github.com/github/codeql-action/pull/2912">#2912</a></li>
</ul>
<h2>3.28.19 - 03 Jun 2025</h2>
<ul>
<li>The CodeQL Action no longer includes its own copy of the extractor
for the <code>actions</code> language, which is currently in public
preview.
The <code>actions</code> extractor has been included in the CodeQL CLI
since v2.20.6. If your workflow has enabled the <code>actions</code>
language <em>and</em> you have pinned
your <code>tools:</code> property to a specific version of the CodeQL
CLI earlier than v2.20.6, you will need to update to at least CodeQL
v2.20.6 or disable
<code>actions</code> analysis.</li>
<li>Update default CodeQL bundle version to 2.21.4. <a
href="https://redirect.github.com/github/codeql-action/pull/2910">#2910</a></li>
</ul>
<h2>3.28.18 - 16 May 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2893">#2893</a></li>
<li>Skip validating SARIF produced by CodeQL for improved performance.
<a
href="https://redirect.github.com/github/codeql-action/pull/2894">#2894</a></li>
<li>The number of threads and amount of RAM used by CodeQL can now be
set via the <code>CODEQL_THREADS</code> and <code>CODEQL_RAM</code>
runner environment variables. If set, these environment variables
override the <code>threads</code> and <code>ram</code> inputs
respectively. <a
href="https://redirect.github.com/github/codeql-action/pull/2891">#2891</a></li>
</ul>
<h2>3.28.17 - 02 May 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.2. <a
href="https://redirect.github.com/github/codeql-action/pull/2872">#2872</a></li>
</ul>
<h2>3.28.16 - 23 Apr 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.1. <a
href="https://redirect.github.com/github/codeql-action/pull/2863">#2863</a></li>
</ul>
<h2>3.28.15 - 07 Apr 2025</h2>
<ul>
<li>Fix bug where the action would fail if it tried to produce a debug
artifact with more than 65535 files. <a
href="https://redirect.github.com/github/codeql-action/pull/2842">#2842</a></li>
</ul>
<h2>3.28.14 - 07 Apr 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.0. <a
href="https://redirect.github.com/github/codeql-action/pull/2838">#2838</a></li>
</ul>
<h2>3.28.13 - 24 Mar 2025</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/39edc492dbe16b1465b0cafca41432d857bdb31a"><code>39edc49</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2953">#2953</a>
from github/update-v3.29.1-428aea55f</li>
<li><a
href="https://github.com/github/codeql-action/commit/27c4fb1eef772029c0bbeed96d8538a2af79e541"><code>27c4fb1</code></a>
Update changelog for v3.29.1</li>
<li><a
href="https://github.com/github/codeql-action/commit/428aea55f52aac0db14530fe4e5c97462c533f7d"><code>428aea5</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2952">#2952</a>
from github/redsun82/fix-swift-test</li>
<li><a
href="https://github.com/github/codeql-action/commit/973250f3d233f50890a597fef853ae3b2a538a31"><code>973250f</code></a>
Swift: recreate a default Swift package to fix test</li>
<li><a
href="https://github.com/github/codeql-action/commit/8ef17824cfb2a3f40cbc7f41bac7e055e53b8164"><code>8ef1782</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2950">#2950</a>
from github/update-bundle/codeql-bundle-v2.22.1</li>
<li><a
href="https://github.com/github/codeql-action/commit/f3bfb9860305f6e80e048f4785d6bee33bf77356"><code>f3bfb98</code></a>
Add changelog note</li>
<li><a
href="https://github.com/github/codeql-action/commit/2b4afc20b636de8884609ee2a501a68a67766f26"><code>2b4afc2</code></a>
Update default bundle to codeql-bundle-v2.22.1</li>
<li><a
href="https://github.com/github/codeql-action/commit/9b02dc2f60288b463e7a66e39c78829b62780db7"><code>9b02dc2</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2928">#2928</a>
from github/update-supported-enterprise-server-versions</li>
<li><a
href="https://github.com/github/codeql-action/commit/7ab92d0295a9b09eb653169acdb2c24f7c43614a"><code>7ab92d0</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2948">#2948</a>
from github/mbg/copilot-instructions</li>
<li><a
href="https://github.com/github/codeql-action/commit/2cae828745579fc9309404e09440d23bba2f7b79"><code>2cae828</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2947">#2947</a>
from github/dependency-proxy/codeql-bundle-v2.22.0</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/ce28f5bb42b7a9f2c824e633a3f6ee835bab6858...39edc492dbe16b1465b0cafca41432d857bdb31a">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-06-30 15:37:51 +00:00
dependabot[bot] 183eaa21dc ci: bump the github-actions group with 5 updates (#18497) 
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-06-23 13:46:08 +00:00
dependabot[bot] cba99a13e7 ci: bump the github-actions group with 6 updates (#18386) 
Bumps the github-actions group with 6 updates:

| Package | From | To |
| --- | --- | --- |
|
[step-security/harden-runner](https://github.com/step-security/harden-runner)
| `2.12.0` | `2.12.1` |
| [chromaui/action](https://github.com/chromaui/action) | `12.1.1` |
`12.2.0` |
| [actions/attest](https://github.com/actions/attest) | `2.3.0` |
`2.4.0` |
|
[tj-actions/changed-files](https://github.com/tj-actions/changed-files)
| `115870536a85eaf050e369291c7895748ff12aea` |
`d52d20fa3f981cb852b861fd8f55308b5fe29637` |
| [github/codeql-action](https://github.com/github/codeql-action) |
`3.28.19` | `3.29.0` |
|
[umbrelladocs/action-linkspector](https://github.com/umbrelladocs/action-linkspector)
| `1.3.4` | `1.3.5` |

Updates `step-security/harden-runner` from 2.12.0 to 2.12.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's
releases</a>.</em></p>
<blockquote>
<h2>v2.12.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Detection capabilities have been upgraded to better recognize
attempts at runner tampering. These improvements are informed by
real-world incident learnings, including analysis of anomalous behaviors
observed in the tj-actions and reviewdog supply chain attack.</li>
<li>Resolved an issue where the block policy was not enforced correctly
when the GitHub Actions job was running inside a container on a
self-hosted VM runner.</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/step-security/harden-runner/compare/v2...v2.12.1">https://github.com/step-security/harden-runner/compare/v2...v2.12.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/step-security/harden-runner/commit/002fdce3c6a235733a90a27c80493a3241e56863"><code>002fdce</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/544">#544</a>
from step-security/rc-21</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/2489e3fcb3d00eac3cb27c9b490431a4d26eac58"><code>2489e3f</code></a>
Merge branch 'main' into rc-21</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/75dd441a816c3c7ea21313ec8ff21d9f7b69f534"><code>75dd441</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/555">#555</a>
from step-security/dependabot/github_actions/step-sec...</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/4381ace9c4db180c9cc8ff9a6dd4220f17a95690"><code>4381ace</code></a>
Bump step-security/publish-unit-test-result-action from 2.19.0 to
2.20.0</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/a9da90b635b492e68edb2a24949fcab1e313e9eb"><code>a9da90b</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/553">#553</a>
from h0x0er/feat/container-workflows</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/a60ef21c0c1f49c7ac6c8d65b6f4d16d419789c1"><code>a60ef21</code></a>
update</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/4ad512f16553ff1c022684cc96be0329a7618db8"><code>4ad512f</code></a>
Merge branch 'rc-21' into feat/container-workflows</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/6b41a3923518db2abe77790e47793760b5c47c28"><code>6b41a39</code></a>
fixed test case</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/fa70c45ca9a73bcef023a3e6afac49ffa3007480"><code>fa70c45</code></a>
update agent</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/eb47845632e48a7532e7e363ba78b9bc48c09264"><code>eb47845</code></a>
self-hosted: refactored block-policy apply logic</li>
<li>Additional commits viewable in <a
href="https://github.com/step-security/harden-runner/compare/0634a2670c59f64b4a01f0f96f84700a4088b9f0...002fdce3c6a235733a90a27c80493a3241e56863">compare
view</a></li>
</ul>
</details>
<br />

Updates `chromaui/action` from 12.1.1 to 12.2.0
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/chromaui/action/commit/c50adf8eaa8c2878af3263499a73077854de39d4"><code>c50adf8</code></a>
v12.2.0</li>
<li>See full diff in <a
href="https://github.com/chromaui/action/compare/8536229ee904071f8edce292596f6dbe0da96b9b...c50adf8eaa8c2878af3263499a73077854de39d4">compare
view</a></li>
</ul>
</details>
<br />

Updates `actions/attest` from 2.3.0 to 2.4.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/attest/releases">actions/attest's
releases</a>.</em></p>
<blockquote>
<h2>v2.4.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Bump <code>@​actions/github</code> from 6.0.0 to 6.0.1 in the
npm-production group by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/attest/pull/242">actions/attest#242</a></li>
<li>Bump undici from 5.28.5 to 5.29.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/attest/pull/246">actions/attest#246</a></li>
<li>Add path to created attestation in a well-known summary file by <a
href="https://github.com/kommendorkapten"><code>@​kommendorkapten</code></a>
in <a
href="https://redirect.github.com/actions/attest/pull/252">actions/attest#252</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/kommendorkapten"><code>@​kommendorkapten</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/attest/pull/252">actions/attest#252</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/attest/compare/v2...v2.4.0">https://github.com/actions/attest/compare/v2...v2.4.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/attest/commit/ce27ba3b4a9a139d9a20a4a07d69fabb52f1e5bc"><code>ce27ba3</code></a>
bump package version to 2.4.0 (<a
href="https://redirect.github.com/actions/attest/issues/253">#253</a>)</li>
<li><a
href="https://github.com/actions/attest/commit/6a89e1286443a80c6d1e0cebb7b24d8299c16774"><code>6a89e12</code></a>
Add path to created attestation in a well-known summary file (<a
href="https://redirect.github.com/actions/attest/issues/252">#252</a>)</li>
<li><a
href="https://github.com/actions/attest/commit/cbc14bbf255d1e79ad201d4308009aabd79cafdc"><code>cbc14bb</code></a>
Bump the npm-development group with 3 updates (<a
href="https://redirect.github.com/actions/attest/issues/250">#250</a>)</li>
<li><a
href="https://github.com/actions/attest/commit/b87aa13652d8ee3c0c86d3582b965c842f7f388f"><code>b87aa13</code></a>
Bump the npm-development group across 1 directory with 5 updates (<a
href="https://redirect.github.com/actions/attest/issues/249">#249</a>)</li>
<li><a
href="https://github.com/actions/attest/commit/5ae9aa28e10f70b771c67101892b7ffc141ef958"><code>5ae9aa2</code></a>
Bump undici from 5.28.5 to 5.29.0 (<a
href="https://redirect.github.com/actions/attest/issues/246">#246</a>)</li>
<li><a
href="https://github.com/actions/attest/commit/4119d34e49ca6230f84a5e799710eae4f2428d02"><code>4119d34</code></a>
Bump the npm-development group across 1 directory with 6 updates (<a
href="https://redirect.github.com/actions/attest/issues/245">#245</a>)</li>
<li><a
href="https://github.com/actions/attest/commit/7e777b150d7bec9c2cfe2c0993b186c15e97e81c"><code>7e777b1</code></a>
Bump <code>@​actions/github</code> from 6.0.0 to 6.0.1 in the
npm-production group (<a
href="https://redirect.github.com/actions/attest/issues/242">#242</a>)</li>
<li><a
href="https://github.com/actions/attest/commit/4d8a13a13f8c2075b78844846f6d7e38b6a920bf"><code>4d8a13a</code></a>
Bump super-linter/super-linter in the actions-minor group (<a
href="https://redirect.github.com/actions/attest/issues/244">#244</a>)</li>
<li><a
href="https://github.com/actions/attest/commit/647f15244eb261577c4910e1356026e9c1d9cda9"><code>647f152</code></a>
Bump the npm-development group with 4 updates (<a
href="https://redirect.github.com/actions/attest/issues/240">#240</a>)</li>
<li><a
href="https://github.com/actions/attest/commit/20551343079b1bce85b235f46add92bbbddb8a7a"><code>2055134</code></a>
Bump the npm-development group with 4 updates (<a
href="https://redirect.github.com/actions/attest/issues/239">#239</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/attest/compare/afd638254319277bb3d7f0a234478733e2e46a73...ce27ba3b4a9a139d9a20a4a07d69fabb52f1e5bc">compare
view</a></li>
</ul>
</details>
<br />

Updates `tj-actions/changed-files` from
115870536a85eaf050e369291c7895748ff12aea to
d52d20fa3f981cb852b861fd8f55308b5fe29637
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h1><a
href="https://github.com/tj-actions/changed-files/compare/v46.0.4...v46.0.5">46.0.5</a>
- (2025-04-09)</h1>
<h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2>
<ul>
<li><strong>deps:</strong> Bump yaml from 2.7.0 to 2.7.1 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2520">#2520</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/ed68ef82c095e0d48ec87eccea555d944a631a4c">ed68ef8</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump typescript from 5.8.2 to 5.8.3 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2516">#2516</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/a7bc14b808f23d3b467a4079c69a81f1a4500fd5">a7bc14b</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump <code>@​types/node</code> from
22.13.11 to 22.14.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2517">#2517</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/3d751f6b6d84071a17e1b9cf4ed79a80a27dd0ab">3d751f6</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump eslint-plugin-prettier from 5.2.3 to
5.2.6 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2519">#2519</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/e2fda4ec3cb0bc2a353843cae823430b3124db8f">e2fda4e</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump ts-jest from 29.2.6 to 29.3.1 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2518">#2518</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/0bed1b1132ec4879a39a2d624cf82a00d0bcfa48">0bed1b1</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump github/codeql-action from 3.28.12 to
3.28.15 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2530">#2530</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/68024587dc36f49685c96d59d3f1081830f968bb">6802458</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump tj-actions/branch-names from 8.0.1 to
8.1.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2521">#2521</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/cf2e39e86bf842d1f9bc5bca56c0a6b207cca792">cf2e39e</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump tj-actions/verify-changed-files from
20.0.1 to 20.0.4 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2523">#2523</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/6abeaa506a419f85fa9e681260b443adbeebb3d4">6abeaa5</a>)
- (dependabot[bot])</li>
</ul>
<h2><!-- raw HTML omitted -->⬆️ Upgrades</h2>
<ul>
<li>Upgraded to v46.0.4 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2511">#2511</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a
href="https://github.com/tj-actions/changed-files/commit/6f67ee9ac810f0192ea7b3d2086406f97847bcf9">6f67ee9</a>)
- (github-actions[bot])</p>
<h1><a
href="https://github.com/tj-actions/changed-files/compare/v46.0.3...v46.0.4">46.0.4</a>
- (2025-04-03)</h1>
<h2><!-- raw HTML omitted -->🐛 Bug Fixes</h2>
<ul>
<li>Bug modified_keys and changed_key outputs not set when no changes
detected (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2509">#2509</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/6cb76d07bee4c9772c6882c06c37837bf82a04d3">6cb76d0</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted -->📚 Documentation</h2>
<ul>
<li>Update readme (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2508">#2508</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/b74df86ccb65173a8e33ba5492ac1a2ca6b216fd">b74df86</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted -->⬆️ Upgrades</h2>
<ul>
<li>Upgraded to v46.0.3 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2506">#2506</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted -->
Co-authored-by: Tonye Jack <a
href="mailto:jtonye@ymail.com">jtonye@ymail.com</a> (<a
href="https://github.com/tj-actions/changed-files/commit/27ae6b33eaed7bf87272fdeb9f1c54f9facc9d99">27ae6b3</a>)
- (github-actions[bot])</p>
<h1><a
href="https://github.com/tj-actions/changed-files/compare/v46.0.2...v46.0.3">46.0.3</a>
- (2025-03-23)</h1>
<h2><!-- raw HTML omitted -->🔄 Update</h2>
<ul>
<li>Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2501">#2501</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a
href="https://github.com/tj-actions/changed-files/commit/41e0de576a0f2b64d9f06f2773f539109e55a70a">41e0de5</a>)
- (github-actions[bot])</p>
<ul>
<li>Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2499">#2499</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a
href="https://github.com/tj-actions/changed-files/commit/945787811a795cd840a1157ac590dd7827a05c8e">9457878</a>)
- (github-actions[bot])</p>
<h2><!-- raw HTML omitted -->📚 Documentation</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/tj-actions/changed-files/commit/d52d20fa3f981cb852b861fd8f55308b5fe29637"><code>d52d20f</code></a>
chore(deps-dev): bump <code>@​types/node</code> from 22.15.26 to 24.0.1
(<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2587">#2587</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/f1c0eb959957d4094cf86adeb8bb4852f373e197"><code>f1c0eb9</code></a>
chore(deps-dev): bump eslint-plugin-prettier from 5.4.0 to 5.4.1 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2578">#2578</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/944a0f723952a370222de3178b25805235c65933"><code>944a0f7</code></a>
chore(deps-dev): bump eslint-plugin-jest from 28.13.0 to 28.13.3 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2585">#2585</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/3dbc1e181273d808ccff822a6e00cf18b6628ef0"><code>3dbc1e1</code></a>
Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2592">#2592</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/7a7221b7baecf19ec83f6a411a2670a43174c883"><code>7a7221b</code></a>
chore(deps): bump github/codeql-action from 3.28.18 to 3.29.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2588">#2588</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/c260d49a827b5eb266673bed7871c5d3ee9b5aef"><code>c260d49</code></a>
feat: add any_added to outputs (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2567">#2567</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/b1ccff8c0892ad141d7d2de6f31e526a9dad931f"><code>b1ccff8</code></a>
Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2591">#2591</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/a892f50f7a7187bc288633c09230b09ce7ad8fd0"><code>a892f50</code></a>
docs: update link to glob patterns (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2590">#2590</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/5ca5422070674a4bb487ecebf3c33251f3723c9b"><code>5ca5422</code></a>
chore(deps-dev): bump ts-jest from 29.3.4 to 29.4.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2589">#2589</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/4140eb99d2cced9bfd78375c2088371853262f79"><code>4140eb9</code></a>
chore(deps-dev): bump eslint-plugin-jest from 28.12.0 to 28.13.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2583">#2583</a>)</li>
<li>See full diff in <a
href="https://github.com/tj-actions/changed-files/compare/115870536a85eaf050e369291c7895748ff12aea...d52d20fa3f981cb852b861fd8f55308b5fe29637">compare
view</a></li>
</ul>
</details>
<br />

Updates `github/codeql-action` from 3.28.19 to 3.29.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.29.0</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.29.0 - 11 Jun 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.22.0. <a
href="https://redirect.github.com/github/codeql-action/pull/2925">#2925</a></li>
<li>Bump minimum CodeQL bundle version to 2.16.6. <a
href="https://redirect.github.com/github/codeql-action/pull/2912">#2912</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.29.0/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.29.0 - 11 Jun 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.22.0. <a
href="https://redirect.github.com/github/codeql-action/pull/2925">#2925</a></li>
<li>Bump minimum CodeQL bundle version to 2.16.6. <a
href="https://redirect.github.com/github/codeql-action/pull/2912">#2912</a></li>
</ul>
<h2>3.28.19 - 03 Jun 2025</h2>
<ul>
<li>The CodeQL Action no longer includes its own copy of the extractor
for the <code>actions</code> language, which is currently in public
preview.
The <code>actions</code> extractor has been included in the CodeQL CLI
since v2.20.6. If your workflow has enabled the <code>actions</code>
language <em>and</em> you have pinned
your <code>tools:</code> property to a specific version of the CodeQL
CLI earlier than v2.20.6, you will need to update to at least CodeQL
v2.20.6 or disable
<code>actions</code> analysis.</li>
<li>Update default CodeQL bundle version to 2.21.4. <a
href="https://redirect.github.com/github/codeql-action/pull/2910">#2910</a></li>
</ul>
<h2>3.28.18 - 16 May 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2893">#2893</a></li>
<li>Skip validating SARIF produced by CodeQL for improved performance.
<a
href="https://redirect.github.com/github/codeql-action/pull/2894">#2894</a></li>
<li>The number of threads and amount of RAM used by CodeQL can now be
set via the <code>CODEQL_THREADS</code> and <code>CODEQL_RAM</code>
runner environment variables. If set, these environment variables
override the <code>threads</code> and <code>ram</code> inputs
respectively. <a
href="https://redirect.github.com/github/codeql-action/pull/2891">#2891</a></li>
</ul>
<h2>3.28.17 - 02 May 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.2. <a
href="https://redirect.github.com/github/codeql-action/pull/2872">#2872</a></li>
</ul>
<h2>3.28.16 - 23 Apr 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.1. <a
href="https://redirect.github.com/github/codeql-action/pull/2863">#2863</a></li>
</ul>
<h2>3.28.15 - 07 Apr 2025</h2>
<ul>
<li>Fix bug where the action would fail if it tried to produce a debug
artifact with more than 65535 files. <a
href="https://redirect.github.com/github/codeql-action/pull/2842">#2842</a></li>
</ul>
<h2>3.28.14 - 07 Apr 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.0. <a
href="https://redirect.github.com/github/codeql-action/pull/2838">#2838</a></li>
</ul>
<h2>3.28.13 - 24 Mar 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.12 - 19 Mar 2025</h2>
<ul>
<li>Dependency caching should now cache more dependencies for Java
<code>build-mode: none</code> extractions. This should speed up
workflows and avoid inconsistent alerts in some cases.</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/ce28f5bb42b7a9f2c824e633a3f6ee835bab6858"><code>ce28f5b</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2926">#2926</a>
from github/update-v3.29.0-e8799281c</li>
<li><a
href="https://github.com/github/codeql-action/commit/bc251b7932638a7881a8db15d1aaf0151642af99"><code>bc251b7</code></a>
Update changelog for v3.29.0</li>
<li><a
href="https://github.com/github/codeql-action/commit/e8799281c8dee3b2e1aaed2c059e530fcfdc2d6d"><code>e879928</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2925">#2925</a>
from github/update-bundle/codeql-bundle-v2.22.0</li>
<li><a
href="https://github.com/github/codeql-action/commit/efd43b3097c094d883d91934155f0a32af09dff7"><code>efd43b3</code></a>
Merge branch 'main' into update-bundle/codeql-bundle-v2.22.0</li>
<li><a
href="https://github.com/github/codeql-action/commit/7cb9b16051842e6c23c8b9fbcf92481f92d0644a"><code>7cb9b16</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2912">#2912</a>
from github/henrymercer/bump-minimum-codeql-2.16.6</li>
<li><a
href="https://github.com/github/codeql-action/commit/3855117ba18b27e082b12e3e92e00d1b52aaa605"><code>3855117</code></a>
Add changelog note</li>
<li><a
href="https://github.com/github/codeql-action/commit/f5d4e2a7ca2a5826357748bb8743390a4775946f"><code>f5d4e2a</code></a>
Update default bundle to codeql-bundle-v2.22.0</li>
<li><a
href="https://github.com/github/codeql-action/commit/22deae890c55a1dc3ffba1aa20ad4148284e72d1"><code>22deae8</code></a>
Update package-lock.json</li>
<li><a
href="https://github.com/github/codeql-action/commit/df2a830ca4348a013f4804b56f41795f408f1e4e"><code>df2a830</code></a>
Merge branch 'main' into henrymercer/bump-minimum-codeql-2.16.6</li>
<li><a
href="https://github.com/github/codeql-action/commit/b1e4dc3db58c9601794e22a9f6d28d45461b9dbf"><code>b1e4dc3</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2916">#2916</a>
from github/dependabot/npm_and_yarn/npm-5cdccdc43f</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/fca7ace96b7d713c7035871441bd52efbe39e27e...ce28f5bb42b7a9f2c824e633a3f6ee835bab6858">compare
view</a></li>
</ul>
</details>
<br />

Updates `umbrelladocs/action-linkspector` from 1.3.4 to 1.3.5
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/umbrelladocs/action-linkspector/releases">umbrelladocs/action-linkspector's
releases</a>.</em></p>
<blockquote>
<h2>Release v1.3.5</h2>
<p>v1.3.5: PR <a
href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/45">#45</a>
- Update linkspector version to 0.4.5</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/UmbrellaDocs/action-linkspector/commit/e2ccef58c4b9eb89cd71ee23a8629744bba75aa6"><code>e2ccef5</code></a>
Merge pull request <a
href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/45">#45</a>
from UmbrellaDocs/update-linkspector-version</li>
<li><a
href="https://github.com/UmbrellaDocs/action-linkspector/commit/6cc23b20f1b7de3860f639255ccebc2b6428c62e"><code>6cc23b2</code></a>
Update linkspector version to 0.4.5</li>
<li>See full diff in <a
href="https://github.com/umbrelladocs/action-linkspector/compare/a0567ce1c7c13de4a2358587492ed43cab5d0102...e2ccef58c4b9eb89cd71ee23a8629744bba75aa6">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-06-16 12:39:39 +00:00
M Atif Ali fb0e3d64db chore: remove update release calendar job (#17884) 2025-05-16 20:06:00 +05:00
dependabot[bot] 0a26eeec0c ci: bump the github-actions group with 7 updates (#17581) 
Bumps the github-actions group with 7 updates:

| Package | From | To |
| --- | --- | --- |
|
[step-security/harden-runner](https://github.com/step-security/harden-runner)
| `2.11.1` | `2.12.0` |
|
[google-github-actions/auth](https://github.com/google-github-actions/auth)
| `2.1.8` | `2.1.10` |
|
[actions/download-artifact](https://github.com/actions/download-artifact)
| `4.2.1` | `4.3.0` |
| [actions/attest](https://github.com/actions/attest) | `2.2.1` |
`2.3.0` |
|
[tj-actions/changed-files](https://github.com/tj-actions/changed-files)
| `9934ab3fdf63239da75d9e0fbd339c48620c72c4` |
`5426ecc3f5c2b10effaefbd374f0abdc6a571b2f` |
|
[nix-community/cache-nix-action](https://github.com/nix-community/cache-nix-action)
| `6.1.2` | `6.1.3` |
| [github/codeql-action](https://github.com/github/codeql-action) |
`3.28.15` | `3.28.16` |

Updates `step-security/harden-runner` from 2.11.1 to 2.12.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's
releases</a>.</em></p>
<blockquote>
<h2>v2.12.0</h2>
<h2>What's Changed</h2>
<ol>
<li>
<p>A new option, <code>disable-sudo-and-containers</code>, is now
available to replace the <code>disable-sudo policy</code>, addressing
Docker-based privilege escalation (<a
href="https://github.com/step-security/harden-runner/security/advisories/GHSA-mxr3-8whj-j74r">CVE-2025-32955</a>).
More details can be found in this <a
href="https://www.stepsecurity.io/blog/evolving-harden-runners-disable-sudo-policy-for-improved-runner-security">blog
post</a>.</p>
</li>
<li>
<p>New detections have been added based on insights from the tj-actions
and reviewdog actions incidents.</p>
</li>
</ol>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/step-security/harden-runner/compare/v2...v2.12.0">https://github.com/step-security/harden-runner/compare/v2...v2.12.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/step-security/harden-runner/commit/0634a2670c59f64b4a01f0f96f84700a4088b9f0"><code>0634a26</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/541">#541</a>
from step-security/rc-20</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/2e3c5113419044c10e6826351ff7cf7d56cbebe4"><code>2e3c511</code></a>
Update action.yml</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/40873e6a41e9ae4f46268f8ee038b3561bb88504"><code>40873e6</code></a>
Update README.md</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/484c2799ec63f20b4acc41bcf649dd4003718616"><code>484c279</code></a>
Update README.md</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/4c8582f45544ce2dafb2cfae82cfbebf0f41bde2"><code>4c8582f</code></a>
Update agent versions</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/e8d595cd66544d43aca8ac7e42a212a5a83b41f8"><code>e8d595c</code></a>
fix disable_sudo_and_containers bug</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/5d277fc8734baba8746d0c18cb0a2594d4692c66"><code>5d277fc</code></a>
fix journalctl related bug</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/ff2ab228bdb9f0c9129169d47dbb2bdf4b8f9b0e"><code>ff2ab22</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/536">#536</a>
from rohan-stepsecurity/feat/flag/disable-sudo-and-co...</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/b81d650d0e627a80d0d73d192b33d729507e0ef5"><code>b81d650</code></a>
fix: run sudo command only when both disable-sudo and
disable-sudo-and-docker...</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/769df4ef5d6336b33b11e5b0d43934309cf439f6"><code>769df4e</code></a>
Update agent</li>
<li>Additional commits viewable in <a
href="https://github.com/step-security/harden-runner/compare/c6295a65d1254861815972266d5933fd6e532bdf...0634a2670c59f64b4a01f0f96f84700a4088b9f0">compare
view</a></li>
</ul>
</details>
<br />

Updates `google-github-actions/auth` from 2.1.8 to 2.1.10
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/google-github-actions/auth/releases">google-github-actions/auth's
releases</a>.</em></p>
<blockquote>
<h2>v2.1.10</h2>
<h2>What's Changed</h2>
<ul>
<li>Declare workflow permissions by <a
href="https://github.com/sethvargo"><code>@​sethvargo</code></a> in <a
href="https://redirect.github.com/google-github-actions/auth/pull/482">google-github-actions/auth#482</a></li>
<li>Document that the OIDC token expires in 5min by <a
href="https://github.com/sethvargo"><code>@​sethvargo</code></a> in <a
href="https://redirect.github.com/google-github-actions/auth/pull/483">google-github-actions/auth#483</a></li>
<li>Release: v2.1.10 by <a
href="https://github.com/google-github-actions-bot"><code>@​google-github-actions-bot</code></a>
in <a
href="https://redirect.github.com/google-github-actions/auth/pull/484">google-github-actions/auth#484</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/google-github-actions/auth/compare/v2.1.9...v2.1.10">https://github.com/google-github-actions/auth/compare/v2.1.9...v2.1.10</a></p>
<h2>v2.1.9</h2>
<h2>What's Changed</h2>
<ul>
<li>Use our custom boolean parsing by <a
href="https://github.com/sethvargo"><code>@​sethvargo</code></a> in <a
href="https://redirect.github.com/google-github-actions/auth/pull/478">google-github-actions/auth#478</a></li>
<li>Update deps by <a
href="https://github.com/sethvargo"><code>@​sethvargo</code></a> in <a
href="https://redirect.github.com/google-github-actions/auth/pull/479">google-github-actions/auth#479</a></li>
<li>Release: v2.1.9 by <a
href="https://github.com/google-github-actions-bot"><code>@​google-github-actions-bot</code></a>
in <a
href="https://redirect.github.com/google-github-actions/auth/pull/480">google-github-actions/auth#480</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/google-github-actions/auth/compare/v2.1.8...v2.1.9">https://github.com/google-github-actions/auth/compare/v2.1.8...v2.1.9</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/google-github-actions/auth/commit/ba79af03959ebeac9769e648f473a284504d9193"><code>ba79af0</code></a>
Release: v2.1.10 (<a
href="https://redirect.github.com/google-github-actions/auth/issues/484">#484</a>)</li>
<li><a
href="https://github.com/google-github-actions/auth/commit/bfaa66bd663615688155de119a676d67396f6bb7"><code>bfaa66b</code></a>
Document that the OIDC token expires in 5min (<a
href="https://redirect.github.com/google-github-actions/auth/issues/483">#483</a>)</li>
<li><a
href="https://github.com/google-github-actions/auth/commit/d0822ad9bf77d35dee590e455d9ef5b96ccb243c"><code>d0822ad</code></a>
Declare workflow permissions (<a
href="https://redirect.github.com/google-github-actions/auth/issues/482">#482</a>)</li>
<li><a
href="https://github.com/google-github-actions/auth/commit/7b53cdc2a387814ed14eec026287aac689ae8c9b"><code>7b53cdc</code></a>
Release: v2.1.9 (<a
href="https://redirect.github.com/google-github-actions/auth/issues/480">#480</a>)</li>
<li><a
href="https://github.com/google-github-actions/auth/commit/a9cfddf5d2f27aa426027a399f75d209953ade8e"><code>a9cfddf</code></a>
Update deps (<a
href="https://redirect.github.com/google-github-actions/auth/issues/479">#479</a>)</li>
<li><a
href="https://github.com/google-github-actions/auth/commit/b011f3988e66cb193db0f34974b1d7cde74e4f95"><code>b011f39</code></a>
Use our custom boolean parsing (<a
href="https://redirect.github.com/google-github-actions/auth/issues/478">#478</a>)</li>
<li>See full diff in <a
href="https://github.com/google-github-actions/auth/compare/71f986410dfbc7added4569d411d040a91dc6935...ba79af03959ebeac9769e648f473a284504d9193">compare
view</a></li>
</ul>
</details>
<br />

Updates `actions/download-artifact` from 4.2.1 to 4.3.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/download-artifact/releases">actions/download-artifact's
releases</a>.</em></p>
<blockquote>
<h2>v4.3.0</h2>
<h2>What's Changed</h2>
<ul>
<li>feat: implement new <code>artifact-ids</code> input by <a
href="https://github.com/GrantBirki"><code>@​GrantBirki</code></a> in <a
href="https://redirect.github.com/actions/download-artifact/pull/401">actions/download-artifact#401</a></li>
<li>Fix workflow example for downloading by artifact ID by <a
href="https://github.com/joshmgross"><code>@​joshmgross</code></a> in <a
href="https://redirect.github.com/actions/download-artifact/pull/402">actions/download-artifact#402</a></li>
<li>Prep for v4.3.0 release by <a
href="https://github.com/robherley"><code>@​robherley</code></a> in <a
href="https://redirect.github.com/actions/download-artifact/pull/404">actions/download-artifact#404</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/GrantBirki"><code>@​GrantBirki</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/download-artifact/pull/401">actions/download-artifact#401</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/download-artifact/compare/v4.2.1...v4.3.0">https://github.com/actions/download-artifact/compare/v4.2.1...v4.3.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/download-artifact/commit/d3f86a106a0bac45b974a628896c90dbdf5c8093"><code>d3f86a1</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/download-artifact/issues/404">#404</a>
from actions/robherley/v4.3.0</li>
<li><a
href="https://github.com/actions/download-artifact/commit/fc02353415da80201a0da48ab47022efd7725d11"><code>fc02353</code></a>
prep for v4.3.0 release</li>
<li><a
href="https://github.com/actions/download-artifact/commit/77454371a433f370a16d329ef7db197f700a7a8f"><code>7745437</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/download-artifact/issues/402">#402</a>
from actions/joshmgross/download-by-id-example</li>
<li><a
href="https://github.com/actions/download-artifact/commit/84fc7a0a358aabc7f97f7f590cbfc25f57e26c6a"><code>84fc7a0</code></a>
Remove path filters from Check dist workflow</li>
<li><a
href="https://github.com/actions/download-artifact/commit/67f2bc382f6ba5ba75812a05909e8c25a366b5fb"><code>67f2bc3</code></a>
Fix workflow example for downloading by artifact ID</li>
<li><a
href="https://github.com/actions/download-artifact/commit/8ea3c2c174f79a56792e9fdd9baad75d27c5d369"><code>8ea3c2c</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/download-artifact/issues/401">#401</a>
from actions/download-by-id</li>
<li><a
href="https://github.com/actions/download-artifact/commit/d219c630f65d8bd14366a9e2f731cbf854f62258"><code>d219c63</code></a>
add supporting unit tests for artifact downloads with ids</li>
<li><a
href="https://github.com/actions/download-artifact/commit/54124fbd881f8ce794405a06896c93c49c17463e"><code>54124fb</code></a>
revert <code>getArtifact()</code> changes - for now we have to list and
filter by artifa...</li>
<li><a
href="https://github.com/actions/download-artifact/commit/b83057b90d3e218abf5c7b1906579eb6c598ae85"><code>b83057b</code></a>
bundle</li>
<li><a
href="https://github.com/actions/download-artifact/commit/171183c7dce98c3cf8a1fc842429d0a38ed21d33"><code>171183c</code></a>
use the same <code>artifactClient.getArtifact</code> structure as seen
above in `isSingl...</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/download-artifact/compare/95815c38cf2ff2164869cbab79da8d1f422bc89e...d3f86a106a0bac45b974a628896c90dbdf5c8093">compare
view</a></li>
</ul>
</details>
<br />

Updates `actions/attest` from 2.2.1 to 2.3.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/attest/releases">actions/attest's
releases</a>.</em></p>
<blockquote>
<h2>v2.3.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Bump <code>@​octokit/request</code> from 8.2.0 to 8.4.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/attest/pull/229">actions/attest#229</a></li>
<li>Bump <code>@​sigstore/oci</code> from 0.4.0 to 0.5.0 by <a
href="https://github.com/bdehamer"><code>@​bdehamer</code></a> in <a
href="https://redirect.github.com/actions/attest/pull/235">actions/attest#235</a>
<ul>
<li>Adds support for reading the <code>HttpHeaders</code> value from the
Docker config file</li>
</ul>
</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/attest/compare/v2...v2.3.0">https://github.com/actions/attest/compare/v2...v2.3.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/attest/commit/afd638254319277bb3d7f0a234478733e2e46a73"><code>afd6382</code></a>
Bump <code>@​sigstore/oci</code> from 0.4.0 to 0.5.0 (<a
href="https://redirect.github.com/actions/attest/issues/235">#235</a>)</li>
<li><a
href="https://github.com/actions/attest/commit/d73111199c05526c91684e5e845606249f88accc"><code>d731111</code></a>
Bump the npm-development group across 1 directory with 6 updates (<a
href="https://redirect.github.com/actions/attest/issues/234">#234</a>)</li>
<li><a
href="https://github.com/actions/attest/commit/13aa4f6a9ce09dcf318f1ac18a48388699d96a62"><code>13aa4f6</code></a>
Bump <code>@​octokit/request</code> from 8.2.0 to 8.4.1 (<a
href="https://redirect.github.com/actions/attest/issues/229">#229</a>)</li>
<li><a
href="https://github.com/actions/attest/commit/129b656e44fad75bb154cc2953cf07ba1da8a419"><code>129b656</code></a>
Bump the npm-development group with 3 updates (<a
href="https://redirect.github.com/actions/attest/issues/227">#227</a>)</li>
<li><a
href="https://github.com/actions/attest/commit/f3c169c8df83481993e3075060fc687e87747125"><code>f3c169c</code></a>
Bump the npm-development group with 5 updates (<a
href="https://redirect.github.com/actions/attest/issues/225">#225</a>)</li>
<li><a
href="https://github.com/actions/attest/commit/48e991bfda5b806f66f0a2ad8ae4e17f14cdfd33"><code>48e991b</code></a>
Bump the npm-development group across 1 directory with 6 updates (<a
href="https://redirect.github.com/actions/attest/issues/223">#223</a>)</li>
<li>See full diff in <a
href="https://github.com/actions/attest/compare/a63cfcc7d1aab266ee064c58250cfc2c7d07bc31...afd638254319277bb3d7f0a234478733e2e46a73">compare
view</a></li>
</ul>
</details>
<br />

Updates `tj-actions/changed-files` from
9934ab3fdf63239da75d9e0fbd339c48620c72c4 to
5426ecc3f5c2b10effaefbd374f0abdc6a571b2f
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h1><a
href="https://github.com/tj-actions/changed-files/compare/v46.0.4...v46.0.5">46.0.5</a>
- (2025-04-09)</h1>
<h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2>
<ul>
<li><strong>deps:</strong> Bump yaml from 2.7.0 to 2.7.1 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2520">#2520</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/ed68ef82c095e0d48ec87eccea555d944a631a4c">ed68ef8</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump typescript from 5.8.2 to 5.8.3 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2516">#2516</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/a7bc14b808f23d3b467a4079c69a81f1a4500fd5">a7bc14b</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump <code>@​types/node</code> from
22.13.11 to 22.14.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2517">#2517</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/3d751f6b6d84071a17e1b9cf4ed79a80a27dd0ab">3d751f6</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump eslint-plugin-prettier from 5.2.3 to
5.2.6 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2519">#2519</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/e2fda4ec3cb0bc2a353843cae823430b3124db8f">e2fda4e</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump ts-jest from 29.2.6 to 29.3.1 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2518">#2518</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/0bed1b1132ec4879a39a2d624cf82a00d0bcfa48">0bed1b1</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump github/codeql-action from 3.28.12 to
3.28.15 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2530">#2530</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/68024587dc36f49685c96d59d3f1081830f968bb">6802458</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump tj-actions/branch-names from 8.0.1 to
8.1.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2521">#2521</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/cf2e39e86bf842d1f9bc5bca56c0a6b207cca792">cf2e39e</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump tj-actions/verify-changed-files from
20.0.1 to 20.0.4 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2523">#2523</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/6abeaa506a419f85fa9e681260b443adbeebb3d4">6abeaa5</a>)
- (dependabot[bot])</li>
</ul>
<h2><!-- raw HTML omitted -->⬆️ Upgrades</h2>
<ul>
<li>Upgraded to v46.0.4 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2511">#2511</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a
href="https://github.com/tj-actions/changed-files/commit/6f67ee9ac810f0192ea7b3d2086406f97847bcf9">6f67ee9</a>)
- (github-actions[bot])</p>
<h1><a
href="https://github.com/tj-actions/changed-files/compare/v46.0.3...v46.0.4">46.0.4</a>
- (2025-04-03)</h1>
<h2><!-- raw HTML omitted -->🐛 Bug Fixes</h2>
<ul>
<li>Bug modified_keys and changed_key outputs not set when no changes
detected (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2509">#2509</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/6cb76d07bee4c9772c6882c06c37837bf82a04d3">6cb76d0</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted -->📚 Documentation</h2>
<ul>
<li>Update readme (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2508">#2508</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/b74df86ccb65173a8e33ba5492ac1a2ca6b216fd">b74df86</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted -->⬆️ Upgrades</h2>
<ul>
<li>Upgraded to v46.0.3 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2506">#2506</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted -->
Co-authored-by: Tonye Jack <a
href="mailto:jtonye@ymail.com">jtonye@ymail.com</a> (<a
href="https://github.com/tj-actions/changed-files/commit/27ae6b33eaed7bf87272fdeb9f1c54f9facc9d99">27ae6b3</a>)
- (github-actions[bot])</p>
<h1><a
href="https://github.com/tj-actions/changed-files/compare/v46.0.2...v46.0.3">46.0.3</a>
- (2025-03-23)</h1>
<h2><!-- raw HTML omitted -->🔄 Update</h2>
<ul>
<li>Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2501">#2501</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a
href="https://github.com/tj-actions/changed-files/commit/41e0de576a0f2b64d9f06f2773f539109e55a70a">41e0de5</a>)
- (github-actions[bot])</p>
<ul>
<li>Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2499">#2499</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a
href="https://github.com/tj-actions/changed-files/commit/945787811a795cd840a1157ac590dd7827a05c8e">9457878</a>)
- (github-actions[bot])</p>
<h2><!-- raw HTML omitted -->📚 Documentation</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/tj-actions/changed-files/commit/5426ecc3f5c2b10effaefbd374f0abdc6a571b2f"><code>5426ecc</code></a>
chore(deps): bump actions/download-artifact from 4.2.1 to 4.3.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2545">#2545</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/513a44e6095ccea82c33927169db11eb75f72791"><code>513a44e</code></a>
chore(deps-dev): bump <code>@​types/node</code> from 22.14.1 to 22.15.0
(<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2544">#2544</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/46e217dc3e3b2601594036314ca9212588075592"><code>46e217d</code></a>
chore(deps): bump github/codeql-action from 3.28.15 to 3.28.16 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2542">#2542</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/c34c1c13a740b06851baff92ab9a653d93ad6ce7"><code>c34c1c1</code></a>
chore(deps): bump actions/setup-node from 4.3.0 to 4.4.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2539">#2539</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/52c3beb9971d42006b24e86bf3ea3fff18dde67f"><code>52c3beb</code></a>
chore(deps-dev): bump ts-jest from 29.3.1 to 29.3.2 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2536">#2536</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/ea3010bc88ae93076e154efd9eb64d1f5e6993f9"><code>ea3010b</code></a>
chore(deps-dev): bump <code>@​types/node</code> from 22.14.0 to 22.14.1
(<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2537">#2537</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/be393a90381e27c9fec2c8c2e02b00f005710145"><code>be393a9</code></a>
remove: commit and push step from build job (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2538">#2538</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/9b4bb2bedb217d3ede225b6b07ebde713177cd8f"><code>9b4bb2b</code></a>
chore(deps): bump tj-actions/branch-names from 8.1.0 to 8.2.1 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2535">#2535</a>)</li>
<li>See full diff in <a
href="https://github.com/tj-actions/changed-files/compare/9934ab3fdf63239da75d9e0fbd339c48620c72c4...5426ecc3f5c2b10effaefbd374f0abdc6a571b2f">compare
view</a></li>
</ul>
</details>
<br />

Updates `nix-community/cache-nix-action` from 6.1.2 to 6.1.3
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/nix-community/cache-nix-action/releases">nix-community/cache-nix-action's
releases</a>.</em></p>
<blockquote>
<h2>v6.1.3</h2>
<h2>Fixes</h2>
<ul>
<li>Use <code>bigint</code> instead of <code>number</code> for the store
size (<a
href="https://redirect.github.com/nix-community/cache-nix-action/issues/117">#117</a>)</li>
<li>Fix saving a cache (<a
href="https://redirect.github.com/nix-community/cache-nix-action/issues/122">#122</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/nix-community/cache-nix-action/commit/135667ec418502fa5a3598af6fb9eb733888ce6a"><code>135667e</code></a>
Merge pull request <a
href="https://redirect.github.com/nix-community/cache-nix-action/issues/122">#122</a>
from nix-community/118-bug-cant-save-a-cache</li>
<li><a
href="https://github.com/nix-community/cache-nix-action/commit/e29de90a039b410e88cd97a0029c3cbdad611ad5"><code>e29de90</code></a>
chore: build the action</li>
<li><a
href="https://github.com/nix-community/cache-nix-action/commit/6bd39b8caa31871d2bc38356ab8b94621ca1e116"><code>6bd39b8</code></a>
fix(action): use TarCommandModifiers</li>
<li><a
href="https://github.com/nix-community/cache-nix-action/commit/1b6f6754d3c59414aad4ab660cd611b1e35c0232"><code>1b6f675</code></a>
chore(deps): update buildjet/toolkit</li>
<li><a
href="https://github.com/nix-community/cache-nix-action/commit/2b45b8cabe18b0f3db2eb2cf4e195238eee4a325"><code>2b45b8c</code></a>
chore(deps): update actions/toolkit</li>
<li><a
href="https://github.com/nix-community/cache-nix-action/commit/f68581e27a06c8c9115dec37e42325d562d9664b"><code>f68581e</code></a>
chore: build the action</li>
<li><a
href="https://github.com/nix-community/cache-nix-action/commit/b6406dc6e7f9c6ad6b399ed561f29f7e406544d5"><code>b6406dc</code></a>
Merge pull request <a
href="https://redirect.github.com/nix-community/cache-nix-action/issues/117">#117</a>
from nix-community/116-bug-inputsgcmaxstoresizevalue-...</li>
<li><a
href="https://github.com/nix-community/cache-nix-action/commit/a91821953137cbb5f2a2d45fa174d69fea427ef4"><code>a918219</code></a>
chore: build the action</li>
<li><a
href="https://github.com/nix-community/cache-nix-action/commit/c6081efc5157c972934491630ade96e53259023c"><code>c6081ef</code></a>
feat(ci): add example of large gc-max-store-size</li>
<li><a
href="https://github.com/nix-community/cache-nix-action/commit/cf6af9e3e9fb402a3b92286b7c8b48afa94de5a6"><code>cf6af9e</code></a>
fix(action): use bigint for the store size</li>
<li>Additional commits viewable in <a
href="https://github.com/nix-community/cache-nix-action/compare/c448f065ba14308da81de769632ca67a3ce67cf5...135667ec418502fa5a3598af6fb9eb733888ce6a">compare
view</a></li>
</ul>
</details>
<br />

Updates `github/codeql-action` from 3.28.15 to 3.28.16
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.28.16</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.28.16 - 23 Apr 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.1. <a
href="https://redirect.github.com/github/codeql-action/pull/2863">#2863</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.28.16/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.28.16 - 23 Apr 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.1. <a
href="https://redirect.github.com/github/codeql-action/pull/2863">#2863</a></li>
</ul>
<h2>3.28.15 - 07 Apr 2025</h2>
<ul>
<li>Fix bug where the action would fail if it tried to produce a debug
artifact with more than 65535 files. <a
href="https://redirect.github.com/github/codeql-action/pull/2842">#2842</a></li>
</ul>
<h2>3.28.14 - 07 Apr 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.0. <a
href="https://redirect.github.com/github/codeql-action/pull/2838">#2838</a></li>
</ul>
<h2>3.28.13 - 24 Mar 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.12 - 19 Mar 2025</h2>
<ul>
<li>Dependency caching should now cache more dependencies for Java
<code>build-mode: none</code> extractions. This should speed up
workflows and avoid inconsistent alerts in some cases.</li>
<li>Update default CodeQL bundle version to 2.20.7. <a
href="https://redirect.github.com/github/codeql-action/pull/2810">#2810</a></li>
</ul>
<h2>3.28.11 - 07 Mar 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.6. <a
href="https://redirect.github.com/github/codeql-action/pull/2793">#2793</a></li>
</ul>
<h2>3.28.10 - 21 Feb 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.5. <a
href="https://redirect.github.com/github/codeql-action/pull/2772">#2772</a></li>
<li>Address an issue where the CodeQL Bundle would occasionally fail to
decompress on macOS. <a
href="https://redirect.github.com/github/codeql-action/pull/2768">#2768</a></li>
</ul>
<h2>3.28.9 - 07 Feb 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.4. <a
href="https://redirect.github.com/github/codeql-action/pull/2753">#2753</a></li>
</ul>
<h2>3.28.8 - 29 Jan 2025</h2>
<ul>
<li>Enable support for Kotlin 2.1.10 when running with CodeQL CLI
v2.20.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2744">#2744</a></li>
</ul>
<h2>3.28.7 - 29 Jan 2025</h2>
<p>No user facing changes.</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/28deaeda66b76a05916b6923827895f2b14ab387"><code>28deaed</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2865">#2865</a>
from github/update-v3.28.16-2a8cbadc0</li>
<li><a
href="https://github.com/github/codeql-action/commit/03c5d71c11f6cb2c5ba7eef371219a862be30193"><code>03c5d71</code></a>
Update changelog for v3.28.16</li>
<li><a
href="https://github.com/github/codeql-action/commit/2a8cbadc02bb64a7fd15d37c977acbad02496c80"><code>2a8cbad</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2863">#2863</a>
from github/update-bundle/codeql-bundle-v2.21.1</li>
<li><a
href="https://github.com/github/codeql-action/commit/f76eaf51a636a5c1d927998267d92d6475363ace"><code>f76eaf5</code></a>
Add changelog note</li>
<li><a
href="https://github.com/github/codeql-action/commit/e63b3f5166c15fda4eb17886f01abe9445dd13f5"><code>e63b3f5</code></a>
Update default bundle to codeql-bundle-v2.21.1</li>
<li><a
href="https://github.com/github/codeql-action/commit/4c3e5362829f0b0bb62ff5f6c938d7f95574c306"><code>4c3e536</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2853">#2853</a>
from github/dependabot/npm_and_yarn/npm-7d84c66b66</li>
<li><a
href="https://github.com/github/codeql-action/commit/56dd02f26d99811d607284494ff84b7d862fe837"><code>56dd02f</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2852">#2852</a>
from github/dependabot/github_actions/actions-457587...</li>
<li><a
href="https://github.com/github/codeql-action/commit/192406dd845fb2228fcea74898b98df2a6cdcef6"><code>192406d</code></a>
Merge branch 'main' into
dependabot/github_actions/actions-4575878e06</li>
<li><a
href="https://github.com/github/codeql-action/commit/c7dbb2084ed1bb623fbbb3976cd6dbae6daaf1fe"><code>c7dbb20</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2857">#2857</a>
from github/nickfyson/address-vulns</li>
<li><a
href="https://github.com/github/codeql-action/commit/9a45cd8c5025281c30bbb652197ace083c291e49"><code>9a45cd8</code></a>
move use of input variables into env vars</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/45775bd8235c68ba998cffa5171334d58593da47...28deaeda66b76a05916b6923827895f2b14ab387">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-28 13:22:26 +00:00
M Atif Ali 166d88e279 docs: add automatic release calendar updates in docs (#17531) 2025-04-24 13:52:34 +05:00
dependabot[bot] fa594f4f6a ci: bump the github-actions group across 1 directory with 8 updates (#17377) 
Bumps the github-actions group with 8 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
|
[step-security/harden-runner](https://github.com/step-security/harden-runner)
| `2.11.0` | `2.11.1` |
| [crate-ci/typos](https://github.com/crate-ci/typos) | `1.29.10` |
`1.31.1` |
| [actions/setup-java](https://github.com/actions/setup-java) | `4.7.0`
| `4.7.1` |
|
[tj-actions/changed-files](https://github.com/tj-actions/changed-files)
| `27ae6b33eaed7bf87272fdeb9f1c54f9facc9d99` |
`9934ab3fdf63239da75d9e0fbd339c48620c72c4` |
| [tj-actions/branch-names](https://github.com/tj-actions/branch-names)
| `8.1.0` | `8.2.1` |
| [github/codeql-action](https://github.com/github/codeql-action) |
`3.28.12` | `3.28.15` |
|
[coder/start-workspace-action](https://github.com/coder/start-workspace-action)
| `26d3600161d67901f24d8612793d3b82771cde2d` |
`35a4608cefc7e8cc56573cae7c3b85304575cb72` |
|
[umbrelladocs/action-linkspector](https://github.com/umbrelladocs/action-linkspector)
| `1.3.2` | `1.3.4` |


Updates `step-security/harden-runner` from 2.11.0 to 2.11.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's
releases</a>.</em></p>
<blockquote>
<h2>v2.11.1</h2>
<h2>What's Changed</h2>
<ul>
<li>cache: add support for GitHub Actions cache v2 by <a
href="https://github.com/h0x0er"><code>@​h0x0er</code></a> in <a
href="https://redirect.github.com/step-security/harden-runner/pull/529">step-security/harden-runner#529</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/step-security/harden-runner/compare/v2...v2.11.1">https://github.com/step-security/harden-runner/compare/v2...v2.11.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/step-security/harden-runner/commit/c6295a65d1254861815972266d5933fd6e532bdf"><code>c6295a6</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/530">#530</a>
from step-security/rc-19</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/3e118b145bd13a08b2e465cf3a216df0f6c7746e"><code>3e118b1</code></a>
Improve error handling</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/b38e918ba8cf8d08113e53089af0d89429dcc51a"><code>b38e918</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/529">#529</a>
from h0x0er/jatin/cache-fix</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/0664d30cda4109be234d326b54ac1cc6385597a2"><code>0664d30</code></a>
cache: added support for cache v2</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/b131ca5ebfca4930fe6d4a3e82d1e386b4873c94"><code>b131ca5</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/524">#524</a>
from step-security/fix/security/GHSA-968p-4wvh-cqc8</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/2dc9579753e01c4033425fcc7b74e652b583ca50"><code>2dc9579</code></a>
Address vulnerabilities</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/f054d811b5b89fde2f954d54dc8622ec3aaab9ab"><code>f054d81</code></a>
Update README (<a
href="https://redirect.github.com/step-security/harden-runner/issues/522">#522</a>)</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/8a09271fed8277ab7fb02dbb5917c8d0e78323b4"><code>8a09271</code></a>
Update Readme (<a
href="https://redirect.github.com/step-security/harden-runner/issues/520">#520</a>)</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/6ec6af7d622602bd852df48848f3cae95c760a48"><code>6ec6af7</code></a>
Update readme (<a
href="https://redirect.github.com/step-security/harden-runner/issues/518">#518</a>)</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/539365ba33fd040cf8c4db243b6f0ed3b32c3283"><code>539365b</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/516">#516</a>
from vorburger/patch-1</li>
<li>Additional commits viewable in <a
href="https://github.com/step-security/harden-runner/compare/4d991eb9b905ef189e4c376166672c3f2f230481...c6295a65d1254861815972266d5933fd6e532bdf">compare
view</a></li>
</ul>
</details>
<br />

Updates `crate-ci/typos` from 1.29.10 to 1.31.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/crate-ci/typos/releases">crate-ci/typos's
releases</a>.</em></p>
<blockquote>
<h2>v1.31.1</h2>
<h2>[1.31.1] - 2025-03-31</h2>
<h3>Fixes</h3>
<ul>
<li><em>(dict)</em> Also correct <code>typ</code> to
<code>type</code></li>
</ul>
<h2>v1.31.0</h2>
<h2>[1.31.0] - 2025-03-28</h2>
<h3>Features</h3>
<ul>
<li>Updated the dictionary with the <a
href="https://redirect.github.com/crate-ci/typos/issues/1266">March
2025</a> changes</li>
</ul>
<h2>v1.30.3</h2>
<h2>[1.30.3] - 2025-03-24</h2>
<h3>Features</h3>
<ul>
<li>Support detecting <code>go.work</code> and <code>go.work.sum</code>
files</li>
</ul>
<h2>v1.30.2</h2>
<h2>[1.30.2] - 2025-03-10</h2>
<h3>Features</h3>
<ul>
<li>Add <code>--highlight-words</code> and
<code>--highlight-identifiers</code> for easier debugging of config</li>
</ul>
<h2>v1.30.1</h2>
<h2>[1.30.1] - 2025-03-04</h2>
<h3>Features</h3>
<ul>
<li><em>(action)</em> Create <code>v1</code> tag</li>
</ul>
<h2>v1.30.0</h2>
<h2>[1.30.0] - 2025-03-01</h2>
<h3>Features</h3>
<ul>
<li>Updated the dictionary with the <a
href="https://redirect.github.com/crate-ci/typos/issues/1221">February
2025</a> changes</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/crate-ci/typos/blob/master/CHANGELOG.md">crate-ci/typos's
changelog</a>.</em></p>
<blockquote>
<h1>Change Log</h1>
<p>All notable changes to this project will be documented in this
file.</p>
<p>The format is based on <a href="http://keepachangelog.com/">Keep a
Changelog</a>
and this project adheres to <a href="http://semver.org/">Semantic
Versioning</a>.</p>
<!-- raw HTML omitted -->
<h2>[Unreleased] - ReleaseDate</h2>
<h2>[1.31.1] - 2025-03-31</h2>
<h3>Fixes</h3>
<ul>
<li><em>(dict)</em> Also correct <code>typ</code> to
<code>type</code></li>
</ul>
<h2>[1.31.0] - 2025-03-28</h2>
<h3>Features</h3>
<ul>
<li>Updated the dictionary with the <a
href="https://redirect.github.com/crate-ci/typos/issues/1266">March
2025</a> changes</li>
</ul>
<h2>[1.30.3] - 2025-03-24</h2>
<h3>Features</h3>
<ul>
<li>Support detecting <code>go.work</code> and <code>go.work.sum</code>
files</li>
</ul>
<h2>[1.30.2] - 2025-03-10</h2>
<h3>Features</h3>
<ul>
<li>Add <code>--highlight-words</code> and
<code>--highlight-identifiers</code> for easier debugging of config</li>
</ul>
<h2>[1.30.1] - 2025-03-04</h2>
<h3>Features</h3>
<ul>
<li><em>(action)</em> Create <code>v1</code> tag</li>
</ul>
<h2>[1.30.0] - 2025-03-01</h2>
<h3>Features</h3>
<ul>
<li>Updated the dictionary with the <a
href="https://redirect.github.com/crate-ci/typos/issues/1221">February
2025</a> changes</li>
</ul>
<h2>[1.29.10] - 2025-02-25</h2>
<h3>Fixes</h3>
<ul>
<li>Also correct <code>contaminent</code> as
<code>contaminant</code></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/crate-ci/typos/commit/b1a1ef3893ff35ade0cfa71523852a49bfd05d19"><code>b1a1ef3</code></a>
chore: Release</li>
<li><a
href="https://github.com/crate-ci/typos/commit/9c8a2c384f9b92ac5e7166040a1571141e271e7a"><code>9c8a2c3</code></a>
docs: Update changelog</li>
<li><a
href="https://github.com/crate-ci/typos/commit/12195d75fea9498ad83cb8d85e357a986e90fb7e"><code>12195d7</code></a>
Merge pull request <a
href="https://redirect.github.com/crate-ci/typos/issues/1267">#1267</a>
from epage/type</li>
<li><a
href="https://github.com/crate-ci/typos/commit/d4dbe5f77bde37609ce3424df4a713a61f87ad2b"><code>d4dbe5f</code></a>
fix(dict): Also correct typ to type</li>
<li><a
href="https://github.com/crate-ci/typos/commit/718c4ff697435edabd4f1c52c3775521adbb33a3"><code>718c4ff</code></a>
chore: Release</li>
<li><a
href="https://github.com/crate-ci/typos/commit/bfbf137ed65f9abe0e9a3a92a354a787ca084240"><code>bfbf137</code></a>
chore: Release</li>
<li><a
href="https://github.com/crate-ci/typos/commit/d47e90e4ffad8924461124c3b3787e220b811956"><code>d47e90e</code></a>
docs: Update changelog</li>
<li><a
href="https://github.com/crate-ci/typos/commit/0694c2a98227bebeefdfff96f2086480295d00a5"><code>0694c2a</code></a>
Merge pull request <a
href="https://redirect.github.com/crate-ci/typos/issues/1266">#1266</a>
from epage/march</li>
<li><a
href="https://github.com/crate-ci/typos/commit/f715ca8b0824515b13e3e51ed80c8a255d8a7d07"><code>f715ca8</code></a>
feat(dict): March 2025 updates</li>
<li><a
href="https://github.com/crate-ci/typos/commit/d08e4083f112e684fb88f6babd9ae60a1f1cd84f"><code>d08e408</code></a>
chore: Release</li>
<li>Additional commits viewable in <a
href="https://github.com/crate-ci/typos/compare/db35ee91e80fbb447f33b0e5fbddb24d2a1a884f...b1a1ef3893ff35ade0cfa71523852a49bfd05d19">compare
view</a></li>
</ul>
</details>
<br />

Updates `actions/setup-java` from 4.7.0 to 4.7.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/setup-java/releases">actions/setup-java's
releases</a>.</em></p>
<blockquote>
<h2>v4.7.1</h2>
<h2>What's Changed</h2>
<h3>Documentation changes</h3>
<ul>
<li>Add Documentation to Recommend Using GraalVM JDK 17 Version to
17.0.12 to Align with GFTC License Terms by <a
href="https://github.com/aparnajyothi-y"><code>@​aparnajyothi-y</code></a>
in <a
href="https://redirect.github.com/actions/setup-java/pull/704">actions/setup-java#704</a></li>
<li>Remove duplicated GraalVM section in documentation by <a
href="https://github.com/Marcono1234"><code>@​Marcono1234</code></a> in
<a
href="https://redirect.github.com/actions/setup-java/pull/716">actions/setup-java#716</a></li>
</ul>
<h3>Dependency updates:</h3>
<ul>
<li>Upgrade <code>@​action/cache</code> from 4.0.0 to 4.0.2 by <a
href="https://github.com/aparnajyothi-y"><code>@​aparnajyothi-y</code></a>
in <a
href="https://redirect.github.com/actions/setup-java/pull/766">actions/setup-java#766</a></li>
<li>Upgrade <code>@​actions/glob</code> from 0.4.0 to 0.5.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-java/pull/744">actions/setup-java#744</a></li>
<li>Upgrade ts-jest from 29.1.2 to 29.2.5 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-java/pull/743">actions/setup-java#743</a></li>
<li>Upgrade <code>@​action/cache</code> to 4.0.3 by <a
href="https://github.com/aparnajyothi-y"><code>@​aparnajyothi-y</code></a>
in <a
href="https://redirect.github.com/actions/setup-java/pull/773">actions/setup-java#773</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/setup-java/compare/v4...v4.7.1">https://github.com/actions/setup-java/compare/v4...v4.7.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/setup-java/commit/c5195efecf7bdfc987ee8bae7a71cb8b11521c00"><code>c5195ef</code></a>
actions/cache upgrade to 4.0.3 (<a
href="https://redirect.github.com/actions/setup-java/issues/773">#773</a>)</li>
<li><a
href="https://github.com/actions/setup-java/commit/dd38875f930accc291b5816356a21f72056c0b70"><code>dd38875</code></a>
Bump ts-jest from 29.1.2 to 29.2.5 (<a
href="https://redirect.github.com/actions/setup-java/issues/743">#743</a>)</li>
<li><a
href="https://github.com/actions/setup-java/commit/148017a9b0c6af80330bcc5db11d1c670d2e7074"><code>148017a</code></a>
Bump <code>@​actions/glob</code> from 0.4.0 to 0.5.0 (<a
href="https://redirect.github.com/actions/setup-java/issues/744">#744</a>)</li>
<li><a
href="https://github.com/actions/setup-java/commit/3b6c050358614dd082e53cdbc55580431fc4e437"><code>3b6c050</code></a>
Remove duplicated GraalVM section in documentation (<a
href="https://redirect.github.com/actions/setup-java/issues/716">#716</a>)</li>
<li><a
href="https://github.com/actions/setup-java/commit/b8ebb8ba1d9655f7f159c0a8b8135606ae11b5c9"><code>b8ebb8b</code></a>
upgrade <code>@​action/cache</code> from 4.0.0 to 4.0.2 (<a
href="https://redirect.github.com/actions/setup-java/issues/766">#766</a>)</li>
<li><a
href="https://github.com/actions/setup-java/commit/799ee7c97e9721ef38d1a7e8486c39753b9d6102"><code>799ee7c</code></a>
Add Documentation to Recommend Using GraalVM JDK 17 Version to 17.0.12
to Ali...</li>
<li>See full diff in <a
href="https://github.com/actions/setup-java/compare/3a4f6e1af504cf6a31855fa899c6aa5355ba6c12...c5195efecf7bdfc987ee8bae7a71cb8b11521c00">compare
view</a></li>
</ul>
</details>
<br />

Updates `tj-actions/changed-files` from
27ae6b33eaed7bf87272fdeb9f1c54f9facc9d99 to
9934ab3fdf63239da75d9e0fbd339c48620c72c4
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h1><a
href="https://github.com/tj-actions/changed-files/compare/v46.0.4...v46.0.5">46.0.5</a>
- (2025-04-09)</h1>
<h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2>
<ul>
<li><strong>deps:</strong> Bump yaml from 2.7.0 to 2.7.1 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2520">#2520</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/ed68ef82c095e0d48ec87eccea555d944a631a4c">ed68ef8</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump typescript from 5.8.2 to 5.8.3 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2516">#2516</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/a7bc14b808f23d3b467a4079c69a81f1a4500fd5">a7bc14b</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump <code>@​types/node</code> from
22.13.11 to 22.14.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2517">#2517</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/3d751f6b6d84071a17e1b9cf4ed79a80a27dd0ab">3d751f6</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump eslint-plugin-prettier from 5.2.3 to
5.2.6 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2519">#2519</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/e2fda4ec3cb0bc2a353843cae823430b3124db8f">e2fda4e</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump ts-jest from 29.2.6 to 29.3.1 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2518">#2518</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/0bed1b1132ec4879a39a2d624cf82a00d0bcfa48">0bed1b1</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump github/codeql-action from 3.28.12 to
3.28.15 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2530">#2530</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/68024587dc36f49685c96d59d3f1081830f968bb">6802458</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump tj-actions/branch-names from 8.0.1 to
8.1.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2521">#2521</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/cf2e39e86bf842d1f9bc5bca56c0a6b207cca792">cf2e39e</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump tj-actions/verify-changed-files from
20.0.1 to 20.0.4 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2523">#2523</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/6abeaa506a419f85fa9e681260b443adbeebb3d4">6abeaa5</a>)
- (dependabot[bot])</li>
</ul>
<h2><!-- raw HTML omitted -->⬆️ Upgrades</h2>
<ul>
<li>Upgraded to v46.0.4 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2511">#2511</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a
href="https://github.com/tj-actions/changed-files/commit/6f67ee9ac810f0192ea7b3d2086406f97847bcf9">6f67ee9</a>)
- (github-actions[bot])</p>
<h1><a
href="https://github.com/tj-actions/changed-files/compare/v46.0.3...v46.0.4">46.0.4</a>
- (2025-04-03)</h1>
<h2><!-- raw HTML omitted -->🐛 Bug Fixes</h2>
<ul>
<li>Bug modified_keys and changed_key outputs not set when no changes
detected (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2509">#2509</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/6cb76d07bee4c9772c6882c06c37837bf82a04d3">6cb76d0</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted -->📚 Documentation</h2>
<ul>
<li>Update readme (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2508">#2508</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/b74df86ccb65173a8e33ba5492ac1a2ca6b216fd">b74df86</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted -->⬆️ Upgrades</h2>
<ul>
<li>Upgraded to v46.0.3 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2506">#2506</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted -->
Co-authored-by: Tonye Jack <a
href="mailto:jtonye@ymail.com">jtonye@ymail.com</a> (<a
href="https://github.com/tj-actions/changed-files/commit/27ae6b33eaed7bf87272fdeb9f1c54f9facc9d99">27ae6b3</a>)
- (github-actions[bot])</p>
<h1><a
href="https://github.com/tj-actions/changed-files/compare/v46.0.2...v46.0.3">46.0.3</a>
- (2025-03-23)</h1>
<h2><!-- raw HTML omitted -->🔄 Update</h2>
<ul>
<li>Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2501">#2501</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a
href="https://github.com/tj-actions/changed-files/commit/41e0de576a0f2b64d9f06f2773f539109e55a70a">41e0de5</a>)
- (github-actions[bot])</p>
<ul>
<li>Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2499">#2499</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a
href="https://github.com/tj-actions/changed-files/commit/945787811a795cd840a1157ac590dd7827a05c8e">9457878</a>)
- (github-actions[bot])</p>
<h2><!-- raw HTML omitted -->📚 Documentation</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/tj-actions/changed-files/commit/9934ab3fdf63239da75d9e0fbd339c48620c72c4"><code>9934ab3</code></a>
chore(deps-dev): bump eslint-config-prettier from 10.1.1 to 10.1.2 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2532">#2532</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/db731a131ccd81ed52a3d463b6d2a4b2856c7ec9"><code>db731a1</code></a>
Upgraded to v46.0.5 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2531">#2531</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/ed68ef82c095e0d48ec87eccea555d944a631a4c"><code>ed68ef8</code></a>
chore(deps): bump yaml from 2.7.0 to 2.7.1 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2520">#2520</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/a7bc14b808f23d3b467a4079c69a81f1a4500fd5"><code>a7bc14b</code></a>
chore(deps-dev): bump typescript from 5.8.2 to 5.8.3 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2516">#2516</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/3d751f6b6d84071a17e1b9cf4ed79a80a27dd0ab"><code>3d751f6</code></a>
chore(deps-dev): bump <code>@​types/node</code> from 22.13.11 to 22.14.0
(<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2517">#2517</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/e2fda4ec3cb0bc2a353843cae823430b3124db8f"><code>e2fda4e</code></a>
chore(deps-dev): bump eslint-plugin-prettier from 5.2.3 to 5.2.6 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2519">#2519</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/0bed1b1132ec4879a39a2d624cf82a00d0bcfa48"><code>0bed1b1</code></a>
chore(deps-dev): bump ts-jest from 29.2.6 to 29.3.1 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2518">#2518</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/68024587dc36f49685c96d59d3f1081830f968bb"><code>6802458</code></a>
chore(deps): bump github/codeql-action from 3.28.12 to 3.28.15 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2530">#2530</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/cf2e39e86bf842d1f9bc5bca56c0a6b207cca792"><code>cf2e39e</code></a>
chore(deps): bump tj-actions/branch-names from 8.0.1 to 8.1.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2521">#2521</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/6abeaa506a419f85fa9e681260b443adbeebb3d4"><code>6abeaa5</code></a>
chore(deps): bump tj-actions/verify-changed-files from 20.0.1 to 20.0.4
(<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2523">#2523</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/tj-actions/changed-files/compare/27ae6b33eaed7bf87272fdeb9f1c54f9facc9d99...9934ab3fdf63239da75d9e0fbd339c48620c72c4">compare
view</a></li>
</ul>
</details>
<br />

Updates `tj-actions/branch-names` from 8.1.0 to 8.2.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tj-actions/branch-names/releases">tj-actions/branch-names's
releases</a>.</em></p>
<blockquote>
<h2>v8.2.1</h2>
<h2>What's Changed</h2>
<ul>
<li>fix: update sync-release-version.yml to sign commits by <a
href="https://github.com/jackton1"><code>@​jackton1</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/416">tj-actions/branch-names#416</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/tj-actions/branch-names/compare/v8.2.0...v8.2.1">https://github.com/tj-actions/branch-names/compare/v8.2.0...v8.2.1</a></p>
<h2>v8.2.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Upgraded to v8.1.0 by <a
href="https://github.com/jackton1"><code>@​jackton1</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/410">tj-actions/branch-names#410</a></li>
<li>feat: add support for replace forward slashes with hyphens by <a
href="https://github.com/jackton1"><code>@​jackton1</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/412">tj-actions/branch-names#412</a></li>
<li>chore: update update-readme.yml by <a
href="https://github.com/jackton1"><code>@​jackton1</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/414">tj-actions/branch-names#414</a></li>
<li>Updated README.md by <a
href="https://github.com/github-actions"><code>@​github-actions</code></a>
in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/415">tj-actions/branch-names#415</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/github-actions"><code>@​github-actions</code></a>
made their first contribution in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/415">tj-actions/branch-names#415</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/tj-actions/branch-names/compare/v8...v8.2.0">https://github.com/tj-actions/branch-names/compare/v8...v8.2.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/tj-actions/branch-names/blob/main/HISTORY.md">tj-actions/branch-names's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h1><a
href="https://github.com/tj-actions/branch-names/compare/v8.2.0...v8.2.1">8.2.1</a>
- (2025-04-11)</h1>
<h2><!-- raw HTML omitted -->🐛 Bug Fixes</h2>
<ul>
<li>Update sync-release-version.yml to sign commits (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/416">#416</a>)
(<a
href="https://github.com/tj-actions/branch-names/commit/dde14ac574a8b9b1cedc59a1cf312788af43d8d8">dde14ac</a>)
- (Tonye Jack)</li>
</ul>
<h1><a
href="https://github.com/tj-actions/branch-names/compare/v8.1.0...v8.2.0">8.2.0</a>
- (2025-04-11)</h1>
<h2><!-- raw HTML omitted -->🚀 Features</h2>
<ul>
<li>Add support for replace forward slashes with hyphens (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/412">#412</a>)
(<a
href="https://github.com/tj-actions/branch-names/commit/af406356b42c0855d5d112babee4a0b76ee630df">af40635</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted --> Remove</h2>
<ul>
<li>Deleted .github/workflows/rebase.yml (<a
href="https://github.com/tj-actions/branch-names/commit/c209967c9a91450d7dced6e5adc3c61ca030c868">c209967</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted -->🔄 Update</h2>
<ul>
<li>Updated README.md (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/415">#415</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a
href="https://github.com/tj-actions/branch-names/commit/47dfecabcf7a70329c1d7fc49d56ce56739c5420">47dfeca</a>)
- (github-actions[bot])</p>
<ul>
<li>Update update-readme.yml (<a
href="https://github.com/tj-actions/branch-names/commit/c9cf6f9a0e21d41fb9acf4025894c022a1dd22db">c9cf6f9</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2>
<ul>
<li>Update update-readme.yml (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/414">#414</a>)
(<a
href="https://github.com/tj-actions/branch-names/commit/b1f61bc147718240eda9ab8a823f836416ab297c">b1f61bc</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted -->⬆️ Upgrades</h2>
<ul>
<li>Upgraded from v8.0.2 -&gt; v8.1.0 (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/410">#410</a>)</li>
</ul>
<p>(<a
href="https://github.com/tj-actions/branch-names/commit/96012203a066021edaf47a9381953d843444eacf">9601220</a>)
- (Tonye Jack)</p>
<h1><a
href="https://github.com/tj-actions/branch-names/compare/v8.0.2...v8.1.0">8.1.0</a>
- (2025-03-23)</h1>
<h2><!-- raw HTML omitted -->🚀 Features</h2>
<ul>
<li>Add support for strip_branch_prefix (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/406">#406</a>)
(<a
href="https://github.com/tj-actions/branch-names/commit/c83c87ab5379a8ff88c905ea78c391c0d53972ac">c83c87a</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted -->🔄 Update</h2>
<ul>
<li>Updated README.md (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/408">#408</a>)</li>
</ul>
<p>(<a
href="https://github.com/tj-actions/branch-names/commit/d18e657ed32f367301fdebeb9a88b7e5539f3052">d18e657</a>)
- (Tonye Jack)</p>
<h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2>
<ul>
<li>Update test.yml (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/409">#409</a>)
(<a
href="https://github.com/tj-actions/branch-names/commit/f44339b51f74753b57583fbbd124e18a81170ab1">f44339b</a>)
- (Tonye Jack)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/tj-actions/branch-names/commit/dde14ac574a8b9b1cedc59a1cf312788af43d8d8"><code>dde14ac</code></a>
fix: update sync-release-version.yml to sign commits (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/416">#416</a>)</li>
<li><a
href="https://github.com/tj-actions/branch-names/commit/47dfecabcf7a70329c1d7fc49d56ce56739c5420"><code>47dfeca</code></a>
Updated README.md (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/415">#415</a>)</li>
<li><a
href="https://github.com/tj-actions/branch-names/commit/c9cf6f9a0e21d41fb9acf4025894c022a1dd22db"><code>c9cf6f9</code></a>
Update update-readme.yml</li>
<li><a
href="https://github.com/tj-actions/branch-names/commit/b1f61bc147718240eda9ab8a823f836416ab297c"><code>b1f61bc</code></a>
chore: update update-readme.yml (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/414">#414</a>)</li>
<li><a
href="https://github.com/tj-actions/branch-names/commit/af406356b42c0855d5d112babee4a0b76ee630df"><code>af40635</code></a>
feat: add support for replace forward slashes with hyphens (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/412">#412</a>)</li>
<li><a
href="https://github.com/tj-actions/branch-names/commit/c209967c9a91450d7dced6e5adc3c61ca030c868"><code>c209967</code></a>
Deleted .github/workflows/rebase.yml</li>
<li><a
href="https://github.com/tj-actions/branch-names/commit/96012203a066021edaf47a9381953d843444eacf"><code>9601220</code></a>
Upgraded from v8.0.2 -&gt; v8.1.0 (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/410">#410</a>)</li>
<li>See full diff in <a
href="https://github.com/tj-actions/branch-names/compare/f44339b51f74753b57583fbbd124e18a81170ab1...dde14ac574a8b9b1cedc59a1cf312788af43d8d8">compare
view</a></li>
</ul>
</details>
<br />

Updates `github/codeql-action` from 3.28.12 to 3.28.15
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.28.15</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.28.15 - 07 Apr 2025</h2>
<ul>
<li>Fix bug where the action would fail if it tried to produce a debug
artifact with more than 65535 files. <a
href="https://redirect.github.com/github/codeql-action/pull/2842">#2842</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.28.15/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
<h2>v3.28.14</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.28.14 - 07 Apr 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.0. <a
href="https://redirect.github.com/github/codeql-action/pull/2838">#2838</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.28.14/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
<h2>v3.28.13</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.28.13 - 24 Mar 2025</h2>
<p>No user facing changes.</p>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.28.13/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.28.15 - 07 Apr 2025</h2>
<ul>
<li>Fix bug where the action would fail if it tried to produce a debug
artifact with more than 65535 files. <a
href="https://redirect.github.com/github/codeql-action/pull/2842">#2842</a></li>
</ul>
<h2>3.28.14 - 07 Apr 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.0. <a
href="https://redirect.github.com/github/codeql-action/pull/2838">#2838</a></li>
</ul>
<h2>3.28.13 - 24 Mar 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.12 - 19 Mar 2025</h2>
<ul>
<li>Dependency caching should now cache more dependencies for Java
<code>build-mode: none</code> extractions. This should speed up
workflows and avoid inconsistent alerts in some cases.</li>
<li>Update default CodeQL bundle version to 2.20.7. <a
href="https://redirect.github.com/github/codeql-action/pull/2810">#2810</a></li>
</ul>
<h2>3.28.11 - 07 Mar 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.6. <a
href="https://redirect.github.com/github/codeql-action/pull/2793">#2793</a></li>
</ul>
<h2>3.28.10 - 21 Feb 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.5. <a
href="https://redirect.github.com/github/codeql-action/pull/2772">#2772</a></li>
<li>Address an issue where the CodeQL Bundle would occasionally fail to
decompress on macOS. <a
href="https://redirect.github.com/github/codeql-action/pull/2768">#2768</a></li>
</ul>
<h2>3.28.9 - 07 Feb 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.4. <a
href="https://redirect.github.com/github/codeql-action/pull/2753">#2753</a></li>
</ul>
<h2>3.28.8 - 29 Jan 2025</h2>
<ul>
<li>Enable support for Kotlin 2.1.10 when running with CodeQL CLI
v2.20.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2744">#2744</a></li>
</ul>
<h2>3.28.7 - 29 Jan 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.6 - 27 Jan 2025</h2>
<ul>
<li>Re-enable debug artifact upload for CLI versions 2.20.3 or greater.
<a
href="https://redirect.github.com/github/codeql-action/pull/2726">#2726</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/45775bd8235c68ba998cffa5171334d58593da47"><code>45775bd</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2854">#2854</a>
from github/update-v3.28.15-a35ae8c38</li>
<li><a
href="https://github.com/github/codeql-action/commit/dd78aab4078b17a672a66d6a80a990beb672ede1"><code>dd78aab</code></a>
Update CHANGELOG.md with bug fix details</li>
<li><a
href="https://github.com/github/codeql-action/commit/e40af591743761de70080085b4e6ce37f7f6e657"><code>e40af59</code></a>
Update changelog for v3.28.15</li>
<li><a
href="https://github.com/github/codeql-action/commit/a35ae8c380fa35365cd546f9a397a46f60dd82cf"><code>a35ae8c</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2843">#2843</a>
from github/cklin/diff-informed-compat</li>
<li><a
href="https://github.com/github/codeql-action/commit/bb59df6c174a91d88eec1c48f2ab0ef7b5f96e99"><code>bb59df6</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2842">#2842</a>
from github/henrymercer/zip64</li>
<li><a
href="https://github.com/github/codeql-action/commit/4b508f59648bef88ef72c74f1ffff531fda55ea8"><code>4b508f5</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2845">#2845</a>
from github/mergeback/v3.28.14-to-main-fc7e4a0f</li>
<li><a
href="https://github.com/github/codeql-action/commit/ca00afb5f1457cf1c85da6cda07d73e720ff061a"><code>ca00afb</code></a>
Update checked-in dependencies</li>
<li><a
href="https://github.com/github/codeql-action/commit/2969c78ce0262bf75658058604498d2b4bdb0b9b"><code>2969c78</code></a>
Update changelog and version after v3.28.14</li>
<li><a
href="https://github.com/github/codeql-action/commit/fc7e4a0fa01c3cca5fd6a1fddec5c0740c977aa2"><code>fc7e4a0</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2844">#2844</a>
from github/update-v3.28.14-362ef4ce2</li>
<li><a
href="https://github.com/github/codeql-action/commit/be0175c800fe14dd962aaa2c97f55371f6f95b35"><code>be0175c</code></a>
Update changelog for v3.28.14</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/5f8171a638ada777af81d42b55959a643bb29017...45775bd8235c68ba998cffa5171334d58593da47">compare
view</a></li>
</ul>
</details>
<br />

Updates `coder/start-workspace-action` from
26d3600161d67901f24d8612793d3b82771cde2d to
35a4608cefc7e8cc56573cae7c3b85304575cb72
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/coder/start-workspace-action/commit/35a4608cefc7e8cc56573cae7c3b85304575cb72"><code>35a4608</code></a>
update <code>github-username</code> description to specify requirement
for Coder 2.21 or...</li>
<li><a
href="https://github.com/coder/start-workspace-action/commit/0054568c043bba479899edb91ef96a5cfca21c55"><code>0054568</code></a>
clarify requirements for the <code>github-username</code> input</li>
<li><a
href="https://github.com/coder/start-workspace-action/commit/f3cda2e65a469e6dd60478c111c745b919c0ec68"><code>f3cda2e</code></a>
fix variable names</li>
<li><a
href="https://github.com/coder/start-workspace-action/commit/a6a41dc1eb63a8e58dc43a97a2c2cb04ccc40b36"><code>a6a41dc</code></a>
update readme</li>
<li><a
href="https://github.com/coder/start-workspace-action/commit/a09e31de35a1d153448ed707d63708e2a2acef3c"><code>a09e31d</code></a>
more defaults for inputs</li>
<li><a
href="https://github.com/coder/start-workspace-action/commit/13304209b2b4449befcb6d0392693311aad1faff"><code>1330420</code></a>
Add a screenshot to the README</li>
<li><a
href="https://github.com/coder/start-workspace-action/commit/8d0b0d4118b6fa0c504b79c06dc99f4ed024c749"><code>8d0b0d4</code></a>
clarify status comment</li>
<li><a
href="https://github.com/coder/start-workspace-action/commit/747b408cb53f6e3440ba04f951c75077994ff95a"><code>747b408</code></a>
update input descriptions</li>
<li><a
href="https://github.com/coder/start-workspace-action/commit/e526e6fb8e781ffacf59c6066194286a9f3cee8a"><code>e526e6f</code></a>
update example action tag</li>
<li><a
href="https://github.com/coder/start-workspace-action/commit/212ab2f68a115ca64029be34610433cfa16a89e0"><code>212ab2f</code></a>
update readme and add a license</li>
<li>Additional commits viewable in <a
href="https://github.com/coder/start-workspace-action/compare/26d3600161d67901f24d8612793d3b82771cde2d...35a4608cefc7e8cc56573cae7c3b85304575cb72">compare
view</a></li>
</ul>
</details>
<br />

Updates `umbrelladocs/action-linkspector` from 1.3.2 to 1.3.4
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/umbrelladocs/action-linkspector/releases">umbrelladocs/action-linkspector's
releases</a>.</em></p>
<blockquote>
<h2>Release v1.3.4</h2>
<p>v1.3.4: PR <a
href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/42">#42</a>
- Update linkspector version to 0.4.4</p>
<h2>Release v1.3.3</h2>
<p>v1.3.3: PR <a
href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/41">#41</a>
- Update linkspector version to 0.4.3</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/UmbrellaDocs/action-linkspector/commit/a0567ce1c7c13de4a2358587492ed43cab5d0102"><code>a0567ce</code></a>
Merge pull request <a
href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/42">#42</a>
from UmbrellaDocs/update-linkspector-version</li>
<li><a
href="https://github.com/UmbrellaDocs/action-linkspector/commit/f5418fddbc33d4b79076fee4e41451501c6ceb0f"><code>f5418fd</code></a>
Update linkspector version to 0.4.4</li>
<li><a
href="https://github.com/UmbrellaDocs/action-linkspector/commit/3e12ade1e0b1823455dae8cf8b4f9cc92ec7dd20"><code>3e12ade</code></a>
Merge pull request <a
href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/41">#41</a>
from UmbrellaDocs/update-linkspector-version</li>
<li><a
href="https://github.com/UmbrellaDocs/action-linkspector/commit/8dfab6548de1b83b975ac3262626c2d1875f59f1"><code>8dfab65</code></a>
Update linkspector version to 0.4.3</li>
<li>See full diff in <a
href="https://github.com/umbrelladocs/action-linkspector/compare/49cf4f8da82db70e691bb8284053add5028fa244...a0567ce1c7c13de4a2358587492ed43cab5d0102">compare
view</a></li>
</ul>
</details>
<br />

<details>
<summary>Most Recent Ignore Conditions Applied to This Pull
Request</summary>

| Dependency Name | Ignore Conditions |
| --- | --- |
| crate-ci/typos | [>= 1.30.a, < 1.31] |
</details>


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Muhammad Atif Ali <atif@coder.com>
 2025-04-14 19:55:01 +00:00
Thomas Kosiewski abe3ad68f5 fix: add continue-on-error to SBOM generation and force flag to cosign clean (#17288) 
This PR makes the SBOM generation and attestation process more resilient
by:

1. Adding `continue-on-error: true` to the SBOM generation steps in both
CI and release workflows
2. Adding `--force=true` flag to all `cosign clean` commands to ensure
they don't fail if in a non-interactive shell (which is the case for CI)

Change-Id: Ide303c059b1a3d0e3fd77863310e99668325bc69
Signed-off-by: Thomas Kosiewski <tk@coder.com>

Signed-off-by: Thomas Kosiewski <tk@coder.com>
 2025-04-08 10:29:00 +02:00
Thomas Kosiewski f48a24c18e feat: add SBOM generation and attestation to GitHub workflow (#17277) 
Move SBOM generation and attestation to GitHub workflow

This PR moves the SBOM generation and attestation process from the `build_docker.sh` script to the GitHub workflow. The change:

1. Removes SBOM generation and attestation from the `build_docker.sh` script
2. Adds a new "SBOM Generation and Attestation" step in the GitHub workflow
3. Generates and attests SBOMs for both multi-arch images and latest tags when applicable

This approach ensures SBOM generation happens once for the final multi-architecture image rather than for each architecture separately.

Change-Id: I2e15d7322ddec933bbc9bd7880abba9b0842719f
Signed-off-by: Thomas Kosiewski <tk@coder.com>
 2025-04-07 17:54:05 +02:00
M Atif Ali 51cfec3261 chore: reuse syft and cosign install actions across workflows (#16981) 
This pull request adds new GitHub Actions for installing `cosign` and
`syft`, and updates the CI, release, and security workflows.

**New Actions:**  
- [`install-cosign`](.github/actions/install-cosign/action.yaml):
Installs `cosign` with a configurable version.
- [`install-syft`](.github/actions/install-syft/action.yaml): Installs
`syft` with a configurable version.

**Workflow Updates:**  
- CI, release, and security workflows now use `install-cosign` and
`install-syft`.
 2025-03-25 01:22:17 +00:00
dependabot[bot] 4e38e6de04 ci: bump the github-actions group with 8 updates (#17068) 
Bumps the github-actions group with 8 updates:

| Package | From | To |
| --- | --- | --- |
| [actions/cache](https://github.com/actions/cache) | `4.2.2` | `4.2.3`
|
| [actions/upload-artifact](https://github.com/actions/upload-artifact)
| `4.6.1` | `4.6.2` |
|
[actions/download-artifact](https://github.com/actions/download-artifact)
| `4.1.9` | `4.2.1` |
|
[tj-actions/changed-files](https://github.com/tj-actions/changed-files)
| `531f5f7d163941f0c1c04e0ff4d8bb243ac4366f` |
`27ae6b33eaed7bf87272fdeb9f1c54f9facc9d99` |
| [tj-actions/branch-names](https://github.com/tj-actions/branch-names)
| `8.0.1` | `8.1.0` |
| [github/codeql-action](https://github.com/github/codeql-action) |
`3.28.11` | `3.28.12` |
|
[beatlabs/delete-old-branches-action](https://github.com/beatlabs/delete-old-branches-action)
| `0.0.10` | `0.0.11` |
|
[umbrelladocs/action-linkspector](https://github.com/umbrelladocs/action-linkspector)
| `1.2.5` | `1.3.2` |

Updates `actions/cache` from 4.2.2 to 4.2.3
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/releases">actions/cache's
releases</a>.</em></p>
<blockquote>
<h2>v4.2.3</h2>
<h2>What's Changed</h2>
<ul>
<li>Update to use <code>@​actions/cache</code> 4.0.3 package &amp;
prepare for new release by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1577">actions/cache#1577</a>
(SAS tokens for cache entries are now masked in debug logs)</li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/cache/pull/1577">actions/cache#1577</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/cache/compare/v4.2.2...v4.2.3">https://github.com/actions/cache/compare/v4.2.2...v4.2.3</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/blob/main/RELEASES.md">actions/cache's
changelog</a>.</em></p>
<blockquote>
<h1>Releases</h1>
<h3>4.2.3</h3>
<ul>
<li>Bump <code>@actions/cache</code> to v4.0.3 (obfuscates SAS token in
debug logs for cache entries)</li>
</ul>
<h3>4.2.2</h3>
<ul>
<li>Bump <code>@actions/cache</code> to v4.0.2</li>
</ul>
<h3>4.2.1</h3>
<ul>
<li>Bump <code>@actions/cache</code> to v4.0.1</li>
</ul>
<h3>4.2.0</h3>
<p>TLDR; The cache backend service has been rewritten from the ground up
for improved performance and reliability. <a
href="https://github.com/actions/cache">actions/cache</a> now integrates
with the new cache service (v2) APIs.</p>
<p>The new service will gradually roll out as of <strong>February 1st,
2025</strong>. The legacy service will also be sunset on the same date.
Changes in these release are <strong>fully backward
compatible</strong>.</p>
<p><strong>We are deprecating some versions of this action</strong>. We
recommend upgrading to version <code>v4</code> or <code>v3</code> as
soon as possible before <strong>February 1st, 2025.</strong> (Upgrade
instructions below).</p>
<p>If you are using pinned SHAs, please use the SHAs of versions
<code>v4.2.0</code> or <code>v3.4.0</code></p>
<p>If you do not upgrade, all workflow runs using any of the deprecated
<a href="https://github.com/actions/cache">actions/cache</a> will
fail.</p>
<p>Upgrading to the recommended versions will not break your
workflows.</p>
<h3>4.1.2</h3>
<ul>
<li>Add GitHub Enterprise Cloud instances hostname filters to inform API
endpoint choices - <a
href="https://redirect.github.com/actions/cache/pull/1474">#1474</a></li>
<li>Security fix: Bump braces from 3.0.2 to 3.0.3 - <a
href="https://redirect.github.com/actions/cache/pull/1475">#1475</a></li>
</ul>
<h3>4.1.1</h3>
<ul>
<li>Restore original behavior of <code>cache-hit</code> output - <a
href="https://redirect.github.com/actions/cache/pull/1467">#1467</a></li>
</ul>
<h3>4.1.0</h3>
<ul>
<li>Ensure <code>cache-hit</code> output is set when a cache is missed -
<a
href="https://redirect.github.com/actions/cache/pull/1404">#1404</a></li>
<li>Deprecate <code>save-always</code> input - <a
href="https://redirect.github.com/actions/cache/pull/1452">#1452</a></li>
</ul>
<h3>4.0.2</h3>
<ul>
<li>Fixed restore <code>fail-on-cache-miss</code> not working.</li>
</ul>
<h3>4.0.1</h3>
<ul>
<li>Updated <code>isGhes</code> check</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/cache/commit/5a3ec84eff668545956fd18022155c47e93e2684"><code>5a3ec84</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1577">#1577</a>
from salmanmkc/salmanmkc/4-test</li>
<li><a
href="https://github.com/actions/cache/commit/7de21022a7b6824c106a9847befcbd8154b45b6a"><code>7de2102</code></a>
Update releases.md</li>
<li><a
href="https://github.com/actions/cache/commit/76d40dd347779762a1c829bbeeda5da4d81ca8c1"><code>76d40dd</code></a>
Update to use the latest version of the cache package to obfuscate the
SAS</li>
<li><a
href="https://github.com/actions/cache/commit/76dd5eb692f606c28d4b7a4ea7cfdffc926ba06a"><code>76dd5eb</code></a>
update cache with main</li>
<li><a
href="https://github.com/actions/cache/commit/8c80c27c5e4498d5675b05fb1eff96a56c593b06"><code>8c80c27</code></a>
new package</li>
<li><a
href="https://github.com/actions/cache/commit/45cfd0e7fffd1869ea4d5bfb54a464d825c1f742"><code>45cfd0e</code></a>
updates</li>
<li><a
href="https://github.com/actions/cache/commit/edd449b9cf39c2a20dc7c3d505ff6dc193c48a02"><code>edd449b</code></a>
updated cache with latest changes</li>
<li><a
href="https://github.com/actions/cache/commit/0576707e373f92196b81695442ed3f80c347f9c7"><code>0576707</code></a>
latest test before pr</li>
<li><a
href="https://github.com/actions/cache/commit/3105dc9754dd9cd935ffcf45c091ed2cadbf42b9"><code>3105dc9</code></a>
update</li>
<li><a
href="https://github.com/actions/cache/commit/9450d42d15022999ad2fa60a8b91f01fc92a0563"><code>9450d42</code></a>
mask</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/cache/compare/d4323d4df104b026a6aa633fdb11d772146be0bf...5a3ec84eff668545956fd18022155c47e93e2684">compare
view</a></li>
</ul>
</details>
<br />

Updates `actions/upload-artifact` from 4.6.1 to 4.6.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's
releases</a>.</em></p>
<blockquote>
<h2>v4.6.2</h2>
<h2>What's Changed</h2>
<ul>
<li>Update to use artifact 2.3.2 package &amp; prepare for new
upload-artifact release by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/upload-artifact/pull/685">actions/upload-artifact#685</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/upload-artifact/pull/685">actions/upload-artifact#685</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/upload-artifact/compare/v4...v4.6.2">https://github.com/actions/upload-artifact/compare/v4...v4.6.2</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/upload-artifact/commit/ea165f8d65b6e75b540449e92b4886f43607fa02"><code>ea165f8</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/upload-artifact/issues/685">#685</a>
from salmanmkc/salmanmkc/3-new-upload-artifacts-release</li>
<li><a
href="https://github.com/actions/upload-artifact/commit/08396203c179e13c71b9754ce3472ed71842eec0"><code>0839620</code></a>
Prepare for new release of actions/upload-artifact with new toolkit
cache ver...</li>
<li>See full diff in <a
href="https://github.com/actions/upload-artifact/compare/4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1...ea165f8d65b6e75b540449e92b4886f43607fa02">compare
view</a></li>
</ul>
</details>
<br />

Updates `actions/download-artifact` from 4.1.9 to 4.2.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/download-artifact/releases">actions/download-artifact's
releases</a>.</em></p>
<blockquote>
<h2>v4.2.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Add unit tests by <a
href="https://github.com/GhadimiR"><code>@​GhadimiR</code></a> in <a
href="https://redirect.github.com/actions/download-artifact/pull/392">actions/download-artifact#392</a></li>
<li>Fix bug introduced in 4.2.0 by <a
href="https://github.com/GhadimiR"><code>@​GhadimiR</code></a> in <a
href="https://redirect.github.com/actions/download-artifact/pull/391">actions/download-artifact#391</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/download-artifact/compare/v4.2.0...v4.2.1">https://github.com/actions/download-artifact/compare/v4.2.0...v4.2.1</a></p>
<h2>v4.2.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Update README.md by <a
href="https://github.com/lkfortuna"><code>@​lkfortuna</code></a> in <a
href="https://redirect.github.com/actions/download-artifact/pull/384">actions/download-artifact#384</a></li>
<li>Bump artifact version, do digest check by <a
href="https://github.com/GhadimiR"><code>@​GhadimiR</code></a> in <a
href="https://redirect.github.com/actions/download-artifact/pull/383">actions/download-artifact#383</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/lkfortuna"><code>@​lkfortuna</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/download-artifact/pull/384">actions/download-artifact#384</a></li>
<li><a href="https://github.com/GhadimiR"><code>@​GhadimiR</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/download-artifact/pull/383">actions/download-artifact#383</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/download-artifact/compare/v4.1.9...v4.2.0">https://github.com/actions/download-artifact/compare/v4.1.9...v4.2.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/download-artifact/commit/95815c38cf2ff2164869cbab79da8d1f422bc89e"><code>95815c3</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/download-artifact/issues/391">#391</a>
from GhadimiR/main</li>
<li><a
href="https://github.com/actions/download-artifact/commit/278fca438a0f334c0505181835b4796f2785949b"><code>278fca4</code></a>
Move log statements</li>
<li><a
href="https://github.com/actions/download-artifact/commit/68909842a1073010f1cf920ed7f153e2948f9c16"><code>6890984</code></a>
Merge branch 'main' into main</li>
<li><a
href="https://github.com/actions/download-artifact/commit/f9415c0ec30f02c18e075f091cafcfe4159168d0"><code>f9415c0</code></a>
Run unit tests in CI</li>
<li><a
href="https://github.com/actions/download-artifact/commit/76a6eb5cbca98dccb5e14c0116e53f5df13b220d"><code>76a6eb5</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/download-artifact/issues/392">#392</a>
from GhadimiR/add_unit_tests</li>
<li><a
href="https://github.com/actions/download-artifact/commit/a2426d7c4522072f4d5824c9508d7ea97107cb8e"><code>a2426d7</code></a>
Merge branch 'main' into add_unit_tests</li>
<li><a
href="https://github.com/actions/download-artifact/commit/3ffa694f6f7e3d53f63807f78267796f57911dd4"><code>3ffa694</code></a>
lint</li>
<li><a
href="https://github.com/actions/download-artifact/commit/53f6aa5f93b626e252398abac720a28f6eb048ed"><code>53f6aa5</code></a>
Add extra assertion to download single artifact test</li>
<li><a
href="https://github.com/actions/download-artifact/commit/b456700053c87aa7d6b31d212292755e1e6eb923"><code>b456700</code></a>
lint</li>
<li><a
href="https://github.com/actions/download-artifact/commit/9eab798a9885c1be58a1c4381da1109644016e98"><code>9eab798</code></a>
Configure tsconfig</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/download-artifact/compare/cc203385981b70ca67e1cc392babf9cc229d5806...95815c38cf2ff2164869cbab79da8d1f422bc89e">compare
view</a></li>
</ul>
</details>
<br />

Updates `tj-actions/changed-files` from
531f5f7d163941f0c1c04e0ff4d8bb243ac4366f to
27ae6b33eaed7bf87272fdeb9f1c54f9facc9d99
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h1><a
href="https://github.com/tj-actions/changed-files/compare/v46.0.2...v46.0.3">46.0.3</a>
- (2025-03-23)</h1>
<h2><!-- raw HTML omitted -->🔄 Update</h2>
<ul>
<li>Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2501">#2501</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a
href="https://github.com/tj-actions/changed-files/commit/41e0de576a0f2b64d9f06f2773f539109e55a70a">41e0de5</a>)
- (github-actions[bot])</p>
<ul>
<li>Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2499">#2499</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a
href="https://github.com/tj-actions/changed-files/commit/945787811a795cd840a1157ac590dd7827a05c8e">9457878</a>)
- (github-actions[bot])</p>
<h2><!-- raw HTML omitted -->📚 Documentation</h2>
<ul>
<li>Remove warning (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2504">#2504</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/813235684248c47a3518575ef56906084b59e7e8">8132356</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2>
<ul>
<li><strong>deps:</strong> Bump test/demo from <code>5dfac2e</code> to
<code>c6bd3b3</code> (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2505">#2505</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/823fcebdb31bb35fdf2229d9f769b400309430d0">823fceb</a>)
- (dependabot[bot])</li>
<li>Pin github actions (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2503">#2503</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/7a369a71758acce79205e5145cb728a08ae607fb">7a369a7</a>)
- (Tonye Jack)</li>
<li><strong>deps-dev:</strong> Bump <code>@​types/node</code> from
22.13.10 to 22.13.11 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2502">#2502</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/9468856c2214566e4f7d96d3a018fb3e889a4d6d">9468856</a>)
- (dependabot[bot])</li>
</ul>
<h2><!-- raw HTML omitted -->⬆️ Upgrades</h2>
<ul>
<li>Upgraded to v46.0.2 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2500">#2500</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted -->
Co-authored-by: Tonye Jack <a
href="mailto:jtonye@ymail.com">jtonye@ymail.com</a> (<a
href="https://github.com/tj-actions/changed-files/commit/401c7227d10aad0ed26ab13735f1b290c3bcc919">401c722</a>)
- (github-actions[bot])</p>
<h1><a
href="https://github.com/tj-actions/changed-files/compare/v46.0.1...v46.0.2">46.0.2</a>
- (2025-03-22)</h1>
<h2><!-- raw HTML omitted -->🐛 Bug Fixes</h2>
<ul>
<li>Update log message when attempting to locate merge base (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2493">#2493</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/a5cad85977a53287a694f9509c03feb50ac58428">a5cad85</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted --> Add</h2>
<ul>
<li>Add hint to revoke leaked token (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2475">#2475</a>)</li>
</ul>
<p>(<a
href="https://github.com/tj-actions/changed-files/commit/d52b942ee0c535798f0df9e1c05683f8e818c79b">d52b942</a>)
- (undefined)</p>
<h2><!-- raw HTML omitted -->🔄 Update</h2>
<ul>
<li>Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2496">#2496</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a
href="https://github.com/tj-actions/changed-files/commit/9cc867cd4a5df418b1538ffecaaef26144a0e51f">9cc867c</a>)
- (github-actions[bot])</p>
<ul>
<li>Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2492">#2492</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a
href="https://github.com/tj-actions/changed-files/commit/f2f439bb2f890f0ec22e3ca95985b46003688a8f">f2f439b</a>)
- (github-actions[bot])</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/tj-actions/changed-files/commit/27ae6b33eaed7bf87272fdeb9f1c54f9facc9d99"><code>27ae6b3</code></a>
Upgraded to v46.0.3 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2506">#2506</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/823fcebdb31bb35fdf2229d9f769b400309430d0"><code>823fceb</code></a>
chore(deps): bump test/demo from <code>5dfac2e</code> to
<code>c6bd3b3</code> (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2505">#2505</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/813235684248c47a3518575ef56906084b59e7e8"><code>8132356</code></a>
doc: remove warning (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2504">#2504</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/7a369a71758acce79205e5145cb728a08ae607fb"><code>7a369a7</code></a>
chore: pin github actions (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2503">#2503</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/9468856c2214566e4f7d96d3a018fb3e889a4d6d"><code>9468856</code></a>
chore(deps-dev): bump <code>@​types/node</code> from 22.13.10 to
22.13.11 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2502">#2502</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/401c7227d10aad0ed26ab13735f1b290c3bcc919"><code>401c722</code></a>
Upgraded to v46.0.2 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2500">#2500</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/41e0de576a0f2b64d9f06f2773f539109e55a70a"><code>41e0de5</code></a>
Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2501">#2501</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/945787811a795cd840a1157ac590dd7827a05c8e"><code>9457878</code></a>
Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2499">#2499</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/26a38635fc1173cc5820336ce97be6188d0de9f5"><code>26a3863</code></a>
docs: add undefined-moe as a contributor for doc (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2498">#2498</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/a530a27a793d93d428bac022c621a9ed52f75efd"><code>a530a27</code></a>
chore: update sync-release-version.yml to use commit hash for tags in
docs (#...</li>
<li>Additional commits viewable in <a
href="https://github.com/tj-actions/changed-files/compare/531f5f7d163941f0c1c04e0ff4d8bb243ac4366f...27ae6b33eaed7bf87272fdeb9f1c54f9facc9d99">compare
view</a></li>
</ul>
</details>
<br />

Updates `tj-actions/branch-names` from 8.0.1 to 8.1.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tj-actions/branch-names/releases">tj-actions/branch-names's
releases</a>.</em></p>
<blockquote>
<h2>v8.1.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Upgraded to v8.0.2 by <a
href="https://github.com/jackton1"><code>@​jackton1</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/407">tj-actions/branch-names#407</a></li>
<li>feat: add support for strip_branch_prefix by <a
href="https://github.com/jackton1"><code>@​jackton1</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/406">tj-actions/branch-names#406</a></li>
<li>Updated README.md by <a
href="https://github.com/jackton1"><code>@​jackton1</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/408">tj-actions/branch-names#408</a></li>
<li>chore: Update test.yml by <a
href="https://github.com/jackton1"><code>@​jackton1</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/409">tj-actions/branch-names#409</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/tj-actions/branch-names/compare/v8...v8.1.0">https://github.com/tj-actions/branch-names/compare/v8...v8.1.0</a></p>
<h2>v8.0.2</h2>
<h2>What's Changed</h2>
<ul>
<li>Upgraded to v8.0.1 by <a
href="https://github.com/tj-actions-bot"><code>@​tj-actions-bot</code></a>
in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/283">tj-actions/branch-names#283</a></li>
<li>chore(deps): update codacy/codacy-analysis-cli-action action to
v4.4.0 by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/284">tj-actions/branch-names#284</a></li>
<li>chore(deps): update tj-actions/verify-changed-files action to v19 by
<a href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/285">tj-actions/branch-names#285</a></li>
<li>docs: add boidolr as a contributor for doc by <a
href="https://github.com/allcontributors"><code>@​allcontributors</code></a>
in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/287">tj-actions/branch-names#287</a></li>
<li>Updated README.md by <a
href="https://github.com/tj-actions-bot"><code>@​tj-actions-bot</code></a>
in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/288">tj-actions/branch-names#288</a></li>
<li>docs: update checkout action by <a
href="https://github.com/boidolr"><code>@​boidolr</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/286">tj-actions/branch-names#286</a></li>
<li>chore(deps): update actions/checkout action to v4.1.2 by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/290">tj-actions/branch-names#290</a></li>
<li>Bump actions/checkout from 4.1.1 to 4.1.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/289">tj-actions/branch-names#289</a></li>
<li>chore(deps): update actions/checkout digest to b4ffde6 by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/291">tj-actions/branch-names#291</a></li>
<li>Bump actions/checkout from 4.1.1 to 4.1.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/292">tj-actions/branch-names#292</a></li>
<li>chore(deps): update actions/checkout digest to b4ffde6 by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/293">tj-actions/branch-names#293</a></li>
<li>Bump actions/checkout from 4.1.1 to 4.1.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/294">tj-actions/branch-names#294</a></li>
<li>chore(deps): update actions/checkout digest to b4ffde6 by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/295">tj-actions/branch-names#295</a></li>
<li>Bump actions/checkout from 4.1.1 to 4.1.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/296">tj-actions/branch-names#296</a></li>
<li>chore(deps): update actions/checkout digest to b4ffde6 by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/297">tj-actions/branch-names#297</a></li>
<li>Bump actions/checkout from 4.1.1 to 4.1.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/298">tj-actions/branch-names#298</a></li>
<li>chore(deps): update actions/checkout digest to b4ffde6 by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/299">tj-actions/branch-names#299</a></li>
<li>Bump actions/checkout from 4.1.1 to 4.1.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/300">tj-actions/branch-names#300</a></li>
<li>chore(deps): update actions/checkout digest to b4ffde6 by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/301">tj-actions/branch-names#301</a></li>
<li>Bump actions/checkout from 4.1.1 to 4.1.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/302">tj-actions/branch-names#302</a></li>
<li>chore(deps): update actions/checkout digest to b4ffde6 by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/303">tj-actions/branch-names#303</a></li>
<li>Bump actions/checkout from 4.1.1 to 4.1.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/304">tj-actions/branch-names#304</a></li>
<li>chore(deps): update actions/checkout digest to b4ffde6 by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/305">tj-actions/branch-names#305</a></li>
<li>Bump actions/checkout from 4.1.1 to 4.1.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/306">tj-actions/branch-names#306</a></li>
<li>chore(deps): update actions/checkout digest to b4ffde6 by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/307">tj-actions/branch-names#307</a></li>
<li>Bump actions/checkout from 4.1.1 to 4.1.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/308">tj-actions/branch-names#308</a></li>
<li>chore(deps): update actions/checkout digest to b4ffde6 by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/309">tj-actions/branch-names#309</a></li>
<li>Bump actions/checkout from 4.1.1 to 4.1.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/310">tj-actions/branch-names#310</a></li>
<li>chore(deps): update actions/checkout digest to b4ffde6 by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/311">tj-actions/branch-names#311</a></li>
<li>Bump actions/checkout from 4.1.1 to 4.1.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/312">tj-actions/branch-names#312</a></li>
<li>chore(deps): update actions/checkout digest to b4ffde6 by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/313">tj-actions/branch-names#313</a></li>
<li>Bump actions/checkout from 4.1.1 to 4.1.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/314">tj-actions/branch-names#314</a></li>
<li>chore(deps): update actions/checkout digest to b4ffde6 by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/315">tj-actions/branch-names#315</a></li>
<li>Bump actions/checkout from 4.1.1 to 4.1.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/316">tj-actions/branch-names#316</a></li>
<li>chore(deps): update actions/checkout digest to b4ffde6 by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/317">tj-actions/branch-names#317</a></li>
<li>Bump actions/checkout from 4.1.1 to 4.1.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/318">tj-actions/branch-names#318</a></li>
<li>chore(deps): update actions/checkout digest to b4ffde6 by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/319">tj-actions/branch-names#319</a></li>
<li>Bump actions/checkout from 4.1.1 to 4.1.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/tj-actions/branch-names/pull/320">tj-actions/branch-names#320</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/tj-actions/branch-names/blob/main/HISTORY.md">tj-actions/branch-names's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h1><a
href="https://github.com/tj-actions/branch-names/compare/v8.0.2...v8.1.0">8.1.0</a>
- (2025-03-23)</h1>
<h2><!-- raw HTML omitted -->🚀 Features</h2>
<ul>
<li>Add support for strip_branch_prefix (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/406">#406</a>)
(<a
href="https://github.com/tj-actions/branch-names/commit/c83c87ab5379a8ff88c905ea78c391c0d53972ac">c83c87a</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted -->🔄 Update</h2>
<ul>
<li>Updated README.md (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/408">#408</a>)</li>
</ul>
<p>(<a
href="https://github.com/tj-actions/branch-names/commit/d18e657ed32f367301fdebeb9a88b7e5539f3052">d18e657</a>)
- (Tonye Jack)</p>
<h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2>
<ul>
<li>Update test.yml (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/409">#409</a>)
(<a
href="https://github.com/tj-actions/branch-names/commit/f44339b51f74753b57583fbbd124e18a81170ab1">f44339b</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted -->⬆️ Upgrades</h2>
<ul>
<li>Upgraded from v8.0.1 -&gt; v8.0.2 (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/407">#407</a>)</li>
</ul>
<p>(<a
href="https://github.com/tj-actions/branch-names/commit/86aaf170e74d8cad1e7d4f566f2e9bed6cf000af">86aaf17</a>)
- (Tonye Jack)</p>
<h1><a
href="https://github.com/tj-actions/branch-names/compare/v8.0.1...v8.0.2">8.0.2</a>
- (2025-03-15)</h1>
<h2><!-- raw HTML omitted -->📦 Bumps</h2>
<ul>
<li>Bump actions/checkout from 4.1.1 to 4.1.2</li>
</ul>
<p>Bumps <a
href="https://github.com/actions/checkout">actions/checkout</a> from
4.1.1 to 4.1.2.</p>
<ul>
<li><a href="https://github.com/actions/checkout/releases">Release
notes</a></li>
<li><a
href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">Changelog</a></li>
<li><a
href="https://github.com/actions/checkout/compare/v4.1.1...9bb56186c3b09b4f86b1c65136769dd318469633">Commits</a></li>
</ul>
<hr />
<p>updated-dependencies:</p>
<ul>
<li>dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-patch
...</li>
</ul>
<p>Signed-off-by: dependabot[bot] <a
href="mailto:support@github.com">support@github.com</a> (<a
href="https://github.com/tj-actions/branch-names/commit/534653b2272678c76b23f2e681c8cfc2056d7b99">534653b</a>)
- (dependabot[bot])</p>
<ul>
<li>Bump actions/checkout from 4.1.1 to 4.1.2</li>
</ul>
<p>Bumps <a
href="https://github.com/actions/checkout">actions/checkout</a> from
4.1.1 to 4.1.2.</p>
<ul>
<li><a href="https://github.com/actions/checkout/releases">Release
notes</a></li>
<li><a
href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">Changelog</a></li>
<li><a
href="https://github.com/actions/checkout/compare/v4.1.1...9bb56186c3b09b4f86b1c65136769dd318469633">Commits</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/tj-actions/branch-names/commit/f44339b51f74753b57583fbbd124e18a81170ab1"><code>f44339b</code></a>
chore: Update test.yml (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/409">#409</a>)</li>
<li><a
href="https://github.com/tj-actions/branch-names/commit/d18e657ed32f367301fdebeb9a88b7e5539f3052"><code>d18e657</code></a>
Updated README.md (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/408">#408</a>)</li>
<li><a
href="https://github.com/tj-actions/branch-names/commit/c83c87ab5379a8ff88c905ea78c391c0d53972ac"><code>c83c87a</code></a>
feat: add support for strip_branch_prefix (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/406">#406</a>)</li>
<li><a
href="https://github.com/tj-actions/branch-names/commit/86aaf170e74d8cad1e7d4f566f2e9bed6cf000af"><code>86aaf17</code></a>
Upgraded from v8.0.1 -&gt; v8.0.2 (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/407">#407</a>)</li>
<li><a
href="https://github.com/tj-actions/branch-names/commit/394802c2335dc81582b3569322f3d7da41a9978e"><code>394802c</code></a>
Deleted renovate.json</li>
<li><a
href="https://github.com/tj-actions/branch-names/commit/32798b2266752bb2b274d694923596fdc67c399a"><code>32798b2</code></a>
chore(deps): update actions/checkout action to v4.2.2</li>
<li><a
href="https://github.com/tj-actions/branch-names/commit/9a04c058bb2ddc036c2d273df7a6a21d42f28533"><code>9a04c05</code></a>
chore(deps): update actions/checkout digest to 11bd719</li>
<li><a
href="https://github.com/tj-actions/branch-names/commit/e400ca0ec8ef23d62fca0f9492fc40093a3f1012"><code>e400ca0</code></a>
chore(deps): update actions/checkout digest to eef6144</li>
<li><a
href="https://github.com/tj-actions/branch-names/commit/5d79051f9e52a0067942d0b42e53ca411220c07b"><code>5d79051</code></a>
chore(deps): update actions/checkout action to v4.2.1</li>
<li><a
href="https://github.com/tj-actions/branch-names/commit/d353900ec68b69229ad98021a530af33c416dcb1"><code>d353900</code></a>
chore(deps): update actions/checkout digest to 692973e (<a
href="https://redirect.github.com/tj-actions/branch-names/issues/394">#394</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/tj-actions/branch-names/compare/6871f53176ad61624f978536bbf089c574dc19a2...f44339b51f74753b57583fbbd124e18a81170ab1">compare
view</a></li>
</ul>
</details>
<br />

Updates `github/codeql-action` from 3.28.11 to 3.28.12
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.28.12</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.28.12 - 19 Mar 2025</h2>
<ul>
<li>Dependency caching should now cache more dependencies for Java
<code>build-mode: none</code> extractions. This should speed up
workflows and avoid inconsistent alerts in some cases.</li>
<li>Update default CodeQL bundle version to 2.20.7. <a
href="https://redirect.github.com/github/codeql-action/pull/2810">#2810</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.28.12/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.28.12 - 19 Mar 2025</h2>
<ul>
<li>Dependency caching should now cache more dependencies for Java
<code>build-mode: none</code> extractions. This should speed up
workflows and avoid inconsistent alerts in some cases.</li>
<li>Update default CodeQL bundle version to 2.20.7. <a
href="https://redirect.github.com/github/codeql-action/pull/2810">#2810</a></li>
</ul>
<h2>3.28.11 - 07 Mar 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.6. <a
href="https://redirect.github.com/github/codeql-action/pull/2793">#2793</a></li>
</ul>
<h2>3.28.10 - 21 Feb 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.5. <a
href="https://redirect.github.com/github/codeql-action/pull/2772">#2772</a></li>
<li>Address an issue where the CodeQL Bundle would occasionally fail to
decompress on macOS. <a
href="https://redirect.github.com/github/codeql-action/pull/2768">#2768</a></li>
</ul>
<h2>3.28.9 - 07 Feb 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.4. <a
href="https://redirect.github.com/github/codeql-action/pull/2753">#2753</a></li>
</ul>
<h2>3.28.8 - 29 Jan 2025</h2>
<ul>
<li>Enable support for Kotlin 2.1.10 when running with CodeQL CLI
v2.20.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2744">#2744</a></li>
</ul>
<h2>3.28.7 - 29 Jan 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.6 - 27 Jan 2025</h2>
<ul>
<li>Re-enable debug artifact upload for CLI versions 2.20.3 or greater.
<a
href="https://redirect.github.com/github/codeql-action/pull/2726">#2726</a></li>
</ul>
<h2>3.28.5 - 24 Jan 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2717">#2717</a></li>
</ul>
<h2>3.28.4 - 23 Jan 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.3 - 22 Jan 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.2. <a
href="https://redirect.github.com/github/codeql-action/pull/2707">#2707</a></li>
<li>Fix an issue downloading the CodeQL Bundle from a GitHub Enterprise
Server instance which occurred when the CodeQL Bundle had been synced to
the instance using the <a
href="https://github.com/github/codeql-action-sync-tool">CodeQL Action
sync tool</a> and the Actions runner did not have Zstandard installed.
<a
href="https://redirect.github.com/github/codeql-action/pull/2710">#2710</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/5f8171a638ada777af81d42b55959a643bb29017"><code>5f8171a</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2814">#2814</a>
from github/update-v3.28.12-6349095d1</li>
<li><a
href="https://github.com/github/codeql-action/commit/bb59f7707d836b040802dbdf2ad1a16482d319da"><code>bb59f77</code></a>
Update changelog for v3.28.12</li>
<li><a
href="https://github.com/github/codeql-action/commit/6349095d19ec30397ffb02a63b7aa4f867deb563"><code>6349095</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2810">#2810</a>
from github/update-bundle/codeql-bundle-v2.20.7</li>
<li><a
href="https://github.com/github/codeql-action/commit/d7d03fda1241f6b0b3fae460c9f19c6e887158ad"><code>d7d03fd</code></a>
Add changelog note</li>
<li><a
href="https://github.com/github/codeql-action/commit/4e3a5342c5e8e627915b9a29b363f49da8c4a32e"><code>4e3a534</code></a>
Update default bundle to codeql-bundle-v2.20.7</li>
<li><a
href="https://github.com/github/codeql-action/commit/55f023701cfc1e7d11ef2ae0c5ec3193dae4fce4"><code>55f0237</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2802">#2802</a>
from github/mbg/dependency-caching/java-buildless</li>
<li><a
href="https://github.com/github/codeql-action/commit/6a151cd77488e58567da1dcf953e7aeeaca4950c"><code>6a151cd</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2811">#2811</a>
from github/dependabot/github_actions/actions-c2c311...</li>
<li><a
href="https://github.com/github/codeql-action/commit/7866bcdb1b15b5d5cba0021b87f36d9f6d977156"><code>7866bcd</code></a>
Manually bump workflow to match autogenerated file</li>
<li><a
href="https://github.com/github/codeql-action/commit/611289e0b0ce1f6fc14820f1b72edaed2de4ba2c"><code>611289e</code></a>
build(deps): bump ruby/setup-ruby in the actions group</li>
<li><a
href="https://github.com/github/codeql-action/commit/4c409a5b664afa7d5b12cd8487e310f286487472"><code>4c409a5</code></a>
Remove temporary dependency directory in <code>analyze</code> post
action</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/6bb031afdd8eb862ea3fc1848194185e076637e5...5f8171a638ada777af81d42b55959a643bb29017">compare
view</a></li>
</ul>
</details>
<br />

Updates `beatlabs/delete-old-branches-action` from 0.0.10 to 0.0.11
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/beatlabs/delete-old-branches-action/releases">beatlabs/delete-old-branches-action's
releases</a>.</em></p>
<blockquote>
<h2>v0.0.11</h2>
<h2>What's Changed</h2>
<ul>
<li>chore: update readme by <a
href="https://github.com/Edgaraszs"><code>@​Edgaraszs</code></a> in <a
href="https://redirect.github.com/beatlabs/delete-old-branches-action/pull/36">beatlabs/delete-old-branches-action#36</a></li>
<li>fix: retrieve all branches through pagination by <a
href="https://github.com/nikaro"><code>@​nikaro</code></a> in <a
href="https://redirect.github.com/beatlabs/delete-old-branches-action/pull/38">beatlabs/delete-old-branches-action#38</a></li>
<li>fix: apply shellcheck recommandations by <a
href="https://github.com/nikaro"><code>@​nikaro</code></a> in <a
href="https://redirect.github.com/beatlabs/delete-old-branches-action/pull/37">beatlabs/delete-old-branches-action#37</a></li>
<li>fix: bump versions by <a
href="https://github.com/Edgaraszs"><code>@​Edgaraszs</code></a> in <a
href="https://redirect.github.com/beatlabs/delete-old-branches-action/pull/40">beatlabs/delete-old-branches-action#40</a></li>
<li>Sort tags via semver to preserve newest tags by <a
href="https://github.com/ecdemis123"><code>@​ecdemis123</code></a> in <a
href="https://redirect.github.com/beatlabs/delete-old-branches-action/pull/42">beatlabs/delete-old-branches-action#42</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/Edgaraszs"><code>@​Edgaraszs</code></a>
made their first contribution in <a
href="https://redirect.github.com/beatlabs/delete-old-branches-action/pull/36">beatlabs/delete-old-branches-action#36</a></li>
<li><a href="https://github.com/nikaro"><code>@​nikaro</code></a> made
their first contribution in <a
href="https://redirect.github.com/beatlabs/delete-old-branches-action/pull/38">beatlabs/delete-old-branches-action#38</a></li>
<li><a
href="https://github.com/ecdemis123"><code>@​ecdemis123</code></a> made
their first contribution in <a
href="https://redirect.github.com/beatlabs/delete-old-branches-action/pull/42">beatlabs/delete-old-branches-action#42</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/beatlabs/delete-old-branches-action/compare/v0.0.10...v0.0.11">https://github.com/beatlabs/delete-old-branches-action/compare/v0.0.10...v0.0.11</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/beatlabs/delete-old-branches-action/commit/4eeeb8740ff8b3cb310296ddd6b43c3387734588"><code>4eeeb87</code></a>
sort tags via semver (<a
href="https://redirect.github.com/beatlabs/delete-old-branches-action/issues/42">#42</a>)</li>
<li><a
href="https://github.com/beatlabs/delete-old-branches-action/commit/1e32837fd650c9749fe7c36701f4ae6774639f40"><code>1e32837</code></a>
fix: bump versions (<a
href="https://redirect.github.com/beatlabs/delete-old-branches-action/issues/40">#40</a>)</li>
<li><a
href="https://github.com/beatlabs/delete-old-branches-action/commit/3dd382723bf794a122239bc1d6b0116662d5ec0f"><code>3dd3827</code></a>
fix: apply shellcheck recommandations (<a
href="https://redirect.github.com/beatlabs/delete-old-branches-action/issues/37">#37</a>)</li>
<li><a
href="https://github.com/beatlabs/delete-old-branches-action/commit/3a54bdf0f3658e31347dde33ff983b11fab69c7b"><code>3a54bdf</code></a>
fix: retrieve all branches through pagination (<a
href="https://redirect.github.com/beatlabs/delete-old-branches-action/issues/38">#38</a>)</li>
<li><a
href="https://github.com/beatlabs/delete-old-branches-action/commit/3aac1083bb9bf5d1111a27300a1b3891b0a68dce"><code>3aac108</code></a>
chore: update readme (<a
href="https://redirect.github.com/beatlabs/delete-old-branches-action/issues/36">#36</a>)</li>
<li>See full diff in <a
href="https://github.com/beatlabs/delete-old-branches-action/compare/6e94df089372a619c01ae2c2f666bf474f890911...4eeeb8740ff8b3cb310296ddd6b43c3387734588">compare
view</a></li>
</ul>
</details>
<br />

Updates `umbrelladocs/action-linkspector` from 1.2.5 to 1.3.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/umbrelladocs/action-linkspector/releases">umbrelladocs/action-linkspector's
releases</a>.</em></p>
<blockquote>
<h2>Release v1.3.2</h2>
<p>v1.3.2: PR <a
href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/40">#40</a>
- Update linkspector version to 0.4.2</p>
<h2>Release v1.3.1</h2>
<p>v1.3.1: PR <a
href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/38">#38</a>
- Add support for showing stats</p>
<h2>Release v1.3.0</h2>
<p>v1.3.0: PR <a
href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/37">#37</a>
- Update linkspector version to 0.4.1</p>
<h2>What's Changed</h2>
<ul>
<li>Update linkspector version to 0.4.1 by <a
href="https://github.com/github-actions"><code>@​github-actions</code></a>
in <a
href="https://redirect.github.com/UmbrellaDocs/action-linkspector/pull/37">UmbrellaDocs/action-linkspector#37</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/UmbrellaDocs/action-linkspector/compare/v1.2...v1.3.0">https://github.com/UmbrellaDocs/action-linkspector/compare/v1.2...v1.3.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/UmbrellaDocs/action-linkspector/commit/49cf4f8da82db70e691bb8284053add5028fa244"><code>49cf4f8</code></a>
Merge pull request <a
href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/40">#40</a>
from UmbrellaDocs/update-linkspector-version</li>
<li><a
href="https://github.com/UmbrellaDocs/action-linkspector/commit/fb49f30059a34b9bfab39967511559fef398f2c1"><code>fb49f30</code></a>
Update linkspector version to 0.4.2</li>
<li><a
href="https://github.com/UmbrellaDocs/action-linkspector/commit/c6d4525e9f50b27a0e78fc42b537141058d034ef"><code>c6d4525</code></a>
Merge pull request <a
href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/38">#38</a>
from UmbrellaDocs/stats</li>
<li><a
href="https://github.com/UmbrellaDocs/action-linkspector/commit/c311faff00cc2318a96e3cb41e1fc7dba4dffffd"><code>c311faf</code></a>
Add support for showing stats</li>
<li><a
href="https://github.com/UmbrellaDocs/action-linkspector/commit/808d98be382b6e1f97bd3dfa6aa85b4410769dc6"><code>808d98b</code></a>
Merge pull request <a
href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/37">#37</a>
from UmbrellaDocs/update-linkspector-version</li>
<li><a
href="https://github.com/UmbrellaDocs/action-linkspector/commit/3935e7368cfeff39766dbcd3b514cbc3ff90df4c"><code>3935e73</code></a>
Update linkspector version to 0.4.1</li>
<li>See full diff in <a
href="https://github.com/umbrelladocs/action-linkspector/compare/de84085e0f51452a470558693d7d308fbb2fa261...49cf4f8da82db70e691bb8284053add5028fa244">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-03-24 12:25:03 +00:00
dependabot[bot] 27a160d136 ci: bump the github-actions group with 4 updates (#16966) 
Bumps the github-actions group with 4 updates:
[docker/login-action](https://github.com/docker/login-action),
[tj-actions/changed-files](https://github.com/tj-actions/changed-files),
[nix-community/cache-nix-action](https://github.com/nix-community/cache-nix-action)
and
[aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action).

Updates `docker/login-action` from 3.3.0 to 3.4.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/login-action/releases">docker/login-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.4.0</h2>
<ul>
<li>Bump <code>@​actions/core</code> from 1.10.1 to 1.11.1 in <a
href="https://redirect.github.com/docker/login-action/pull/791">docker/login-action#791</a></li>
<li>Bump <code>@​aws-sdk/client-ecr</code> to 3.766.0 in <a
href="https://redirect.github.com/docker/login-action/pull/789">docker/login-action#789</a>
<a
href="https://redirect.github.com/docker/login-action/pull/856">docker/login-action#856</a></li>
<li>Bump <code>@​aws-sdk/client-ecr-public</code> to 3.758.0 in <a
href="https://redirect.github.com/docker/login-action/pull/789">docker/login-action#789</a>
<a
href="https://redirect.github.com/docker/login-action/pull/856">docker/login-action#856</a></li>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.35.0 to 0.57.0 in
<a
href="https://redirect.github.com/docker/login-action/pull/801">docker/login-action#801</a>
<a
href="https://redirect.github.com/docker/login-action/pull/806">docker/login-action#806</a>
<a
href="https://redirect.github.com/docker/login-action/pull/858">docker/login-action#858</a></li>
<li>Bump cross-spawn from 7.0.3 to 7.0.6 in <a
href="https://redirect.github.com/docker/login-action/pull/814">docker/login-action#814</a></li>
<li>Bump https-proxy-agent from 7.0.5 to 7.0.6 in <a
href="https://redirect.github.com/docker/login-action/pull/823">docker/login-action#823</a></li>
<li>Bump path-to-regexp from 6.2.2 to 6.3.0 in <a
href="https://redirect.github.com/docker/login-action/pull/777">docker/login-action#777</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/login-action/compare/v3.3.0...v3.4.0">https://github.com/docker/login-action/compare/v3.3.0...v3.4.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/docker/login-action/commit/74a5d142397b4f367a81961eba4e8cd7edddf772"><code>74a5d14</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/856">#856</a>
from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...</li>
<li><a
href="https://github.com/docker/login-action/commit/2f4f00e4c6fe8a50cdd1fd618421be2e92b2f201"><code>2f4f00e</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/login-action/commit/67c184546cf989af16f02a1b5359e4bde3cdc524"><code>67c1845</code></a>
build(deps): bump the aws-sdk-dependencies group across 1 directory with
2 up...</li>
<li><a
href="https://github.com/docker/login-action/commit/3d4cc89e85e0cac73870ab81d3b72c0b700870d1"><code>3d4cc89</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/844">#844</a>
from graysonpike/master</li>
<li><a
href="https://github.com/docker/login-action/commit/6cc823a6c4738f797f031790fa7f982b7a8dcfdc"><code>6cc823a</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/823">#823</a>
from docker/dependabot/npm_and_yarn/proxy-agent-depen...</li>
<li><a
href="https://github.com/docker/login-action/commit/d94e792124647378e94c07359922f0f821a9fab2"><code>d94e792</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/login-action/commit/033db0da3047b4d01e249d66f56ae16a2ed6af87"><code>033db0d</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/812">#812</a>
from docker/dependabot/github_actions/codecov/codecov...</li>
<li><a
href="https://github.com/docker/login-action/commit/09c2ae9716c0bacef3c03e120a61c28adfb8595b"><code>09c2ae9</code></a>
build(deps): bump https-proxy-agent</li>
<li><a
href="https://github.com/docker/login-action/commit/ba56f006fc7190f752d4e6e1312f85697984a229"><code>ba56f00</code></a>
ci: update deprecated input for codecov-action</li>
<li><a
href="https://github.com/docker/login-action/commit/75bf9a79af089e9aa009972a6ecb22190a520679"><code>75bf9a7</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/858">#858</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li>Additional commits viewable in <a
href="https://github.com/docker/login-action/compare/9780b0c442fbb1117ed29e0efdff1e18412f7567...74a5d142397b4f367a81961eba4e8cd7edddf772">compare
view</a></li>
</ul>
</details>
<br />

Updates `tj-actions/changed-files` from
dcc7a0cba800f454d79fff4b993e8c3555bcc0a8 to
531f5f7d163941f0c1c04e0ff4d8bb243ac4366f
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h1><a
href="https://github.com/tj-actions/changed-files/compare/v46.0.0...v46.0.1">46.0.1</a>
- (2025-03-16)</h1>
<h2><!-- raw HTML omitted -->🔄 Update</h2>
<ul>
<li>Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2473">#2473</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a
href="https://github.com/tj-actions/changed-files/commit/2f7c5bfce28377bc069a65ba478de0a74aa0ca32">2f7c5bf</a>)
- (github-actions[bot])</p>
<ul>
<li>Sync-release-version.yml to use signed commits (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2472">#2472</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/4189ec62c445484531e9ad97157d990be96e88ee">4189ec6</a>)
- (Tonye Jack)</li>
</ul>
<h1><a
href="https://github.com/tj-actions/changed-files/compare/v45.0.9...v46.0.0">46.0.0</a>
- (2025-03-16)</h1>
<h2><!-- raw HTML omitted -->🐛 Bug Fixes</h2>
<ul>
<li>Update update-readme.yml to sign-commits (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2468">#2468</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/0f1ffe61855cb317d5fd66122c14dc0627eab141">0f1ffe6</a>)
- (Tonye Jack)</li>
<li>Update permission in update-readme.yml workflow (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2467">#2467</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/ddef03e37c84cfb9ee89fa055b86359aaf949c86">ddef03e</a>)
- (Tonye Jack)</li>
<li>Update github workflow update-readme.yml (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2466">#2466</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/9c2df0d54a911c819d7368d7e5ed7c01c0796e0a">9c2df0d</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted --> Remove</h2>
<ul>
<li>Deleted renovate.json (<a
href="https://github.com/tj-actions/changed-files/commit/e37e952786556966c1fb6183c5937b3966bab099">e37e952</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted -->🔄 Update</h2>
<ul>
<li>Sync-release-version.yml (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2471">#2471</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/4cd184a1dd542b79cca1d4d7938e4154a6520ca7">4cd184a</a>)
- (Tonye Jack)</li>
<li>Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2469">#2469</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a
href="https://github.com/tj-actions/changed-files/commit/5cbf22026d05fbef0c027d1b1f118fe3a1b6e435">5cbf220</a>)
- (github-actions[bot])</p>
<h2><!-- raw HTML omitted -->📚 Documentation</h2>
<ul>
<li>Update docs to highlight security issues (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2465">#2465</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/65253327cf47481b4b1b4b9fea78e143a1353147">6525332</a>)
- (Tonye Jack)</li>
</ul>
<h1><a
href="https://github.com/tj-actions/changed-files/compare/v45.0.4...v45.0.9">45.0.9</a>
- (2025-03-15)</h1>
<h2><!-- raw HTML omitted -->🐛 Bug Fixes</h2>
<ul>
<li><strong>deps:</strong> Update dependency <code>@​octokit/rest</code>
to v21.1.1 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2435">#2435</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/fb8dcda5fb8954cec37773d2b275a8579c86c781">fb8dcda</a>)
- (renovate[bot])</li>
<li><strong>deps:</strong> Update dependency <code>@​octokit/rest</code>
to v21.1.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2394">#2394</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/7b72c97d739f955f5cadca0d59799d826ae9f6c9">7b72c97</a>)
- (renovate[bot])</li>
<li><strong>deps:</strong> Update dependency yaml to v2.7.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2383">#2383</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/5f974c28f5044c411f0c9e7becf3f172029cf9cf">5f974c2</a>)
- (renovate[bot])</li>
</ul>
<h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2>
<ul>
<li><strong>deps:</strong> Lock file maintenance (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2460">#2460</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/9200e69727eb73eb060652b19946b8a2fdfb654b">9200e69</a>)
- (renovate[bot])</li>
<li><strong>deps:</strong> Update dependency <code>@​types/node</code>
to v22.13.10 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2459">#2459</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/e650cfdae513481a20f538e88d98b39106523006">e650cfd</a>)
- (renovate[bot])</li>
<li><strong>deps:</strong> Update dependency eslint-config-prettier to
v10.1.1 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2458">#2458</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/82af21f4a05896ca18c950539469bee225c45a89">82af21f</a>)
- (renovate[bot])</li>
<li><strong>deps:</strong> Update dependency eslint-config-prettier to
v10.1.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2457">#2457</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/82fa4a6402582d5c8c9c0e95b7ff7cc88992bbb4">82fa4a6</a>)
- (renovate[bot])</li>
<li><strong>deps:</strong> Update peter-evans/create-pull-request action
to v7.0.8 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2455">#2455</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/315505acf41d2913b71af48080fb158cd01f79e7">315505a</a>)
- (renovate[bot])</li>
<li><strong>deps:</strong> Update dependency <code>@​types/node</code>
to v22.13.9 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2454">#2454</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/c8e1cdb9ea135ee549963c167ffaec5e7d4a71cd">c8e1cdb</a>)
- (renovate[bot])</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/tj-actions/changed-files/commit/531f5f7d163941f0c1c04e0ff4d8bb243ac4366f"><code>531f5f7</code></a>
Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2479">#2479</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/dccd1949addfa3d93d458019c5495581c620b00c"><code>dccd194</code></a>
doc: update README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2478">#2478</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/9237eb7a0f95c801719e6224d45095d4dda0f9bd"><code>9237eb7</code></a>
Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2476">#2476</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/d52b942ee0c535798f0df9e1c05683f8e818c79b"><code>d52b942</code></a>
add hint to revoke leaked token (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2475">#2475</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/45fb12d7a8bedb4da42342e52fe054c6c2c3fd73"><code>45fb12d</code></a>
Upgraded to v46.0.1 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2474">#2474</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/2f7c5bfce28377bc069a65ba478de0a74aa0ca32"><code>2f7c5bf</code></a>
Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2473">#2473</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/4189ec62c445484531e9ad97157d990be96e88ee"><code>4189ec6</code></a>
update: sync-release-version.yml to use signed commits (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2472">#2472</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/4cd184a1dd542b79cca1d4d7938e4154a6520ca7"><code>4cd184a</code></a>
update: sync-release-version.yml (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2471">#2471</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/5cbf22026d05fbef0c027d1b1f118fe3a1b6e435"><code>5cbf220</code></a>
Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2469">#2469</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/0f1ffe61855cb317d5fd66122c14dc0627eab141"><code>0f1ffe6</code></a>
fix: update update-readme.yml to sign-commits (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2468">#2468</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/tj-actions/changed-files/compare/dcc7a0cba800f454d79fff4b993e8c3555bcc0a8...531f5f7d163941f0c1c04e0ff4d8bb243ac4366f">compare
view</a></li>
</ul>
</details>
<br />

Updates `nix-community/cache-nix-action` from 6.1.1 to 6.1.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/nix-community/cache-nix-action/releases">nix-community/cache-nix-action's
releases</a>.</em></p>
<blockquote>
<h2>v6.1.2</h2>
<h2>Fixes</h2>
<ul>
<li>Fix nix store database merging logic (<a
href="https://redirect.github.com/nix-community/cache-nix-action/pull/84">nix-community/cache-nix-action#84</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/nix-community/cache-nix-action/commit/c448f065ba14308da81de769632ca67a3ce67cf5"><code>c448f06</code></a>
Merge pull request <a
href="https://redirect.github.com/nix-community/cache-nix-action/issues/84">#84</a>
from nix-community/82-bug-v610-and-v611-dont-seem-to-w...</li>
<li><a
href="https://github.com/nix-community/cache-nix-action/commit/fc908ede39799ad79a606fe33e69e88457d34ebc"><code>fc908ed</code></a>
chore: build the action</li>
<li><a
href="https://github.com/nix-community/cache-nix-action/commit/57dad844a98b1a6324aa4453a8a8dc9625b1acc9"><code>57dad84</code></a>
chore: build the action</li>
<li><a
href="https://github.com/nix-community/cache-nix-action/commit/0d5803d685b779eaef4f25299f3df35ec63d995d"><code>0d5803d</code></a>
fix(action): print a message after the check</li>
<li><a
href="https://github.com/nix-community/cache-nix-action/commit/db360de0f846626dcb5183d838d0f1436d09c3c4"><code>db360de</code></a>
chore: build the action</li>
<li><a
href="https://github.com/nix-community/cache-nix-action/commit/07c1e7f98e139e19f4042ac93d7a36b68012fde7"><code>07c1e7f</code></a>
fix(action): join on the derivation path, not the output path</li>
<li><a
href="https://github.com/nix-community/cache-nix-action/commit/1b9cbefbf818ca652a08a9d1be8f18e7e2a244f7"><code>1b9cbef</code></a>
fix(action): parse gc-max-store-size correctly</li>
<li>See full diff in <a
href="https://github.com/nix-community/cache-nix-action/compare/aee88ae5efbbeb38ac5d9862ecbebdb404a19e69...c448f065ba14308da81de769632ca67a3ce67cf5">compare
view</a></li>
</ul>
</details>
<br />

Updates `aquasecurity/trivy-action` from 0.29.0 to 0.30.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/aquasecurity/trivy-action/releases">aquasecurity/trivy-action's
releases</a>.</em></p>
<blockquote>
<h2>v0.30.0</h2>
<h2>What's Changed</h2>
<ul>
<li>fix: Update default trivy version in README by <a
href="https://github.com/derrix060"><code>@​derrix060</code></a> in <a
href="https://redirect.github.com/aquasecurity/trivy-action/pull/444">aquasecurity/trivy-action#444</a></li>
<li>fix: typo in description of an input for action.yaml by <a
href="https://github.com/yutatokoi"><code>@​yutatokoi</code></a> in <a
href="https://redirect.github.com/aquasecurity/trivy-action/pull/452">aquasecurity/trivy-action#452</a></li>
<li>Improve README/SBOM by <a
href="https://github.com/AB-xdev"><code>@​AB-xdev</code></a> in <a
href="https://redirect.github.com/aquasecurity/trivy-action/pull/439">aquasecurity/trivy-action#439</a></li>
<li>chore: bump trivy to v0.60.0 by <a
href="https://github.com/nikpivkin"><code>@​nikpivkin</code></a> in <a
href="https://redirect.github.com/aquasecurity/trivy-action/pull/453">aquasecurity/trivy-action#453</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/derrix060"><code>@​derrix060</code></a>
made their first contribution in <a
href="https://redirect.github.com/aquasecurity/trivy-action/pull/444">aquasecurity/trivy-action#444</a></li>
<li><a href="https://github.com/yutatokoi"><code>@​yutatokoi</code></a>
made their first contribution in <a
href="https://redirect.github.com/aquasecurity/trivy-action/pull/452">aquasecurity/trivy-action#452</a></li>
<li><a href="https://github.com/AB-xdev"><code>@​AB-xdev</code></a> made
their first contribution in <a
href="https://redirect.github.com/aquasecurity/trivy-action/pull/439">aquasecurity/trivy-action#439</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/aquasecurity/trivy-action/compare/0.29.0...0.30.0">https://github.com/aquasecurity/trivy-action/compare/0.29.0...0.30.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/aquasecurity/trivy-action/commit/6c175e9c4083a92bbca2f9724c8a5e33bc2d97a5"><code>6c175e9</code></a>
chore: bump trivy to v0.60.0 (<a
href="https://redirect.github.com/aquasecurity/trivy-action/issues/453">#453</a>)</li>
<li><a
href="https://github.com/aquasecurity/trivy-action/commit/53e8848d3e517db48b0e70ae4f648a12ae04fe02"><code>53e8848</code></a>
Improve README/SBOM (<a
href="https://redirect.github.com/aquasecurity/trivy-action/issues/439">#439</a>)</li>
<li><a
href="https://github.com/aquasecurity/trivy-action/commit/ef1b561207528e89045580cdc5a02032d8a544df"><code>ef1b561</code></a>
fix: typo in description of an input for action.yaml (<a
href="https://redirect.github.com/aquasecurity/trivy-action/issues/452">#452</a>)</li>
<li><a
href="https://github.com/aquasecurity/trivy-action/commit/a11da62073708815958ea6d84f5650c78a3ef85b"><code>a11da62</code></a>
fix: Update default trivy version in README (<a
href="https://redirect.github.com/aquasecurity/trivy-action/issues/444">#444</a>)</li>
<li>See full diff in <a
href="https://github.com/aquasecurity/trivy-action/compare/18f2510ee396bbf400402947b394f2dd8c87dbb0...6c175e9c4083a92bbca2f9724c8a5e33bc2d97a5">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-03-17 11:56:03 +00:00
M Atif Ali 4987de654e chore: enable SBOM attestations for docker images (#16894) 
- Enable SBOM and provenance attestations in Docker builds
- Installs `cosign` and `syft` in dogfood image
- Adds [github
attestations](https://docs.github.com/en/actions/security-for-github-actions/using-artifact-attestations/using-artifact-attestations-to-establish-provenance-for-builds)

Signed-off-by: Thomas Kosiewski <tk@coder.com>

---------

Signed-off-by: Thomas Kosiewski <tk@coder.com>
Co-authored-by: Thomas Kosiewski <tk@coder.com>
 2025-03-13 21:45:11 +05:00
M Atif Ali e817713dc0 revert: "chore: enable SBOM attestation for image builds" (#16868) 
Reverts coder/coder#16852

The CI failed to create the multi-arch manifest.

https://github.com/coder/coder/actions/runs/13773079355/job/38516182819#step:18:341

I personally think we should move to a [multi-arch
Dockerfile](https://docs.docker.com/build/building/multi-platform/#cross-compilation)
instead of creating the manifest manually.
 2025-03-10 19:55:03 +00:00
M Atif Ali 05ebece03a chore: enable SBOM attestation for image builds (#16852) 
- Added SBOM (Software Bill of Materials) generation during Docker build
to enhance traceability. Refer to Docker documentation on SBOM:
https://docs.docker.com/build/metadata/attestations/sbom/
- Updated Docker build scripts to use BuildKit for provenance and SBOM
support: https://docs.docker.com/build/metadata/attestations/
- Configured Docker daemon in dogfood image to support the Containerd
snapshotter feature to improve performance:
https://docs.docker.com/engine/storage/containerd/

> [!Important]
> We also need to enable `containerd` on depot runners.
> <img width="587" alt="image"
src="https://github.com/user-attachments/assets/1d7f87c7-fdcc-462a-babe-87ac6486ad09"
/>



## Testing

- Tested locally with ` docker buildx build --sbom=true --output
type=local,dest=out -f Dockerfile .` to verify that an SBOM file is
generated.
- Tested in
[CI](https://github.com/coder/coder/actions/runs/13731162662/job/38408790980?pr=16852#step:17:1)
to ensure the image builds without any errors.


Also closes coder/internal#88
 2025-03-11 00:24:14 +05:00
dependabot[bot] f21fcbd001 ci: bump the github-actions group across 1 directory with 5 updates (#16803) 
Bumps the github-actions group with 5 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [actions/cache](https://github.com/actions/cache) | `4.2.1` | `4.2.2`
|
| [crate-ci/typos](https://github.com/crate-ci/typos) | `1.29.9` |
`1.29.10` |
|
[actions/download-artifact](https://github.com/actions/download-artifact)
| `4.1.8` | `4.1.9` |
|
[google-github-actions/get-gke-credentials](https://github.com/google-github-actions/get-gke-credentials)
| `2.3.1` | `2.3.3` |
|
[docker/setup-buildx-action](https://github.com/docker/setup-buildx-action)
| `3.9.0` | `3.10.0` |


Updates `actions/cache` from 4.2.1 to 4.2.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/releases">actions/cache's
releases</a>.</em></p>
<blockquote>
<h2>v4.2.2</h2>
<h2>What's Changed</h2>
<blockquote>
<p>[!IMPORTANT]
As a reminder, there were important backend changes to release v4.2.0,
see <a href="https://github.com/actions/cache/releases/tag/v4.2.0">those
release notes</a> and <a
href="https://github.com/actions/cache/discussions/1510">the
announcement</a> for more details.</p>
</blockquote>
<ul>
<li>Bump <code>@​actions/cache</code> to v4.0.2 by <a
href="https://github.com/robherley"><code>@​robherley</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1560">actions/cache#1560</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/cache/compare/v4.2.1...v4.2.2">https://github.com/actions/cache/compare/v4.2.1...v4.2.2</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/blob/main/RELEASES.md">actions/cache's
changelog</a>.</em></p>
<blockquote>
<h1>Releases</h1>
<h3>4.2.2</h3>
<ul>
<li>Bump <code>@actions/cache</code> to v4.0.2</li>
</ul>
<h3>4.2.1</h3>
<ul>
<li>Bump <code>@actions/cache</code> to v4.0.1</li>
</ul>
<h3>4.2.0</h3>
<p>TLDR; The cache backend service has been rewritten from the ground up
for improved performance and reliability. <a
href="https://github.com/actions/cache">actions/cache</a> now integrates
with the new cache service (v2) APIs.</p>
<p>The new service will gradually roll out as of <strong>February 1st,
2025</strong>. The legacy service will also be sunset on the same date.
Changes in these release are <strong>fully backward
compatible</strong>.</p>
<p><strong>We are deprecating some versions of this action</strong>. We
recommend upgrading to version <code>v4</code> or <code>v3</code> as
soon as possible before <strong>February 1st, 2025.</strong> (Upgrade
instructions below).</p>
<p>If you are using pinned SHAs, please use the SHAs of versions
<code>v4.2.0</code> or <code>v3.4.0</code></p>
<p>If you do not upgrade, all workflow runs using any of the deprecated
<a href="https://github.com/actions/cache">actions/cache</a> will
fail.</p>
<p>Upgrading to the recommended versions will not break your
workflows.</p>
<h3>4.1.2</h3>
<ul>
<li>Add GitHub Enterprise Cloud instances hostname filters to inform API
endpoint choices - <a
href="https://redirect.github.com/actions/cache/pull/1474">#1474</a></li>
<li>Security fix: Bump braces from 3.0.2 to 3.0.3 - <a
href="https://redirect.github.com/actions/cache/pull/1475">#1475</a></li>
</ul>
<h3>4.1.1</h3>
<ul>
<li>Restore original behavior of <code>cache-hit</code> output - <a
href="https://redirect.github.com/actions/cache/pull/1467">#1467</a></li>
</ul>
<h3>4.1.0</h3>
<ul>
<li>Ensure <code>cache-hit</code> output is set when a cache is missed -
<a
href="https://redirect.github.com/actions/cache/pull/1404">#1404</a></li>
<li>Deprecate <code>save-always</code> input - <a
href="https://redirect.github.com/actions/cache/pull/1452">#1452</a></li>
</ul>
<h3>4.0.2</h3>
<ul>
<li>Fixed restore <code>fail-on-cache-miss</code> not working.</li>
</ul>
<h3>4.0.1</h3>
<ul>
<li>Updated <code>isGhes</code> check</li>
</ul>
<h3>4.0.0</h3>
<ul>
<li>Updated minimum runner version support from node 12 -&gt; node
20</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/cache/commit/d4323d4df104b026a6aa633fdb11d772146be0bf"><code>d4323d4</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1560">#1560</a>
from actions/robherley/v4.2.2</li>
<li><a
href="https://github.com/actions/cache/commit/da26677639ccfb4615f1acc52d1fc3dc89152490"><code>da26677</code></a>
bump <code>@​actions/cache</code> to v4.0.2, prep for v4.2.2
release</li>
<li><a
href="https://github.com/actions/cache/commit/7921ae235bdcb376cc8f22558dc5f8ddc3c3c2f9"><code>7921ae2</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1557">#1557</a>
from actions/robherley/ia-workflow-released</li>
<li><a
href="https://github.com/actions/cache/commit/393773170624981bfaa3aac1cb736e3004eac1de"><code>3937731</code></a>
Update publish-immutable-actions.yml</li>
<li>See full diff in <a
href="https://github.com/actions/cache/compare/0c907a75c2c80ebcb7f088228285e798b750cf8f...d4323d4df104b026a6aa633fdb11d772146be0bf">compare
view</a></li>
</ul>
</details>
<br />

Updates `crate-ci/typos` from 1.29.9 to 1.29.10
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/crate-ci/typos/releases">crate-ci/typos's
releases</a>.</em></p>
<blockquote>
<h2>v1.29.10</h2>
<h2>[1.29.10] - 2025-02-25</h2>
<h3>Fixes</h3>
<ul>
<li>Also correct <code>contaminent</code> as
<code>contaminant</code></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/crate-ci/typos/blob/master/CHANGELOG.md">crate-ci/typos's
changelog</a>.</em></p>
<blockquote>
<h1>Change Log</h1>
<p>All notable changes to this project will be documented in this
file.</p>
<p>The format is based on <a href="http://keepachangelog.com/">Keep a
Changelog</a>
and this project adheres to <a href="http://semver.org/">Semantic
Versioning</a>.</p>
<!-- raw HTML omitted -->
<h2>[Unreleased] - ReleaseDate</h2>
<h2>[1.30.1] - 2025-03-04</h2>
<h3>Features</h3>
<ul>
<li><em>(action)</em> Create <code>v1</code> tag</li>
</ul>
<h2>[1.30.0] - 2025-03-01</h2>
<h3>Features</h3>
<ul>
<li>Updated the dictionary with the <a
href="https://redirect.github.com/crate-ci/typos/issues/1221">February
2025</a> changes</li>
</ul>
<h2>[1.29.10] - 2025-02-25</h2>
<h3>Fixes</h3>
<ul>
<li>Also correct <code>contaminent</code> as
<code>contaminant</code></li>
</ul>
<h2>[1.29.9] - 2025-02-20</h2>
<h3>Fixes</h3>
<ul>
<li><em>(action)</em> Correctly get binary for some aarch64 systems</li>
</ul>
<h2>[1.29.8] - 2025-02-19</h2>
<h3>Features</h3>
<ul>
<li>Attempt to build Linux aarch64 binaries</li>
</ul>
<h2>[1.29.7] - 2025-02-13</h2>
<h3>Fixes</h3>
<ul>
<li>Don't correct <code>implementors</code></li>
</ul>
<h2>[1.29.6] - 2025-02-13</h2>
<h3>Features</h3>
<ul>
<li>Updated the dictionary with the <a
href="https://redirect.github.com/crate-ci/typos/issues/1200">January
2025</a> changes</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/crate-ci/typos/commit/db35ee91e80fbb447f33b0e5fbddb24d2a1a884f"><code>db35ee9</code></a>
chore: Release</li>
<li><a
href="https://github.com/crate-ci/typos/commit/9f43c4dbd2d1468320524b1bf059d6032cbc5a9e"><code>9f43c4d</code></a>
docs: Update changelog</li>
<li><a
href="https://github.com/crate-ci/typos/commit/a1da2ce137a90ed418bda5bdb706e97e958f18e7"><code>a1da2ce</code></a>
Merge pull request <a
href="https://redirect.github.com/crate-ci/typos/issues/1244">#1244</a>
from epage/containment</li>
<li><a
href="https://github.com/crate-ci/typos/commit/d74d5fd5ad85ea0d689c44b7d4013431b28423ac"><code>d74d5fd</code></a>
Merge pull request <a
href="https://redirect.github.com/crate-ci/typos/issues/1243">#1243</a>
from epage/dict</li>
<li><a
href="https://github.com/crate-ci/typos/commit/fa6122604f999e8dafb43b92eb3da3e90136a789"><code>fa61226</code></a>
refactor(dict): Drop a dict</li>
<li><a
href="https://github.com/crate-ci/typos/commit/6276d585f79214fb7db70ff1f93dbcb404e0bc9c"><code>6276d58</code></a>
fix(dict): Correct contaminents to another spelling</li>
<li><a
href="https://github.com/crate-ci/typos/commit/07c9e1f6faffe39ca3e52afe58ae8731cc4ebcf7"><code>07c9e1f</code></a>
chore(deps): Update Rust Stable to v1.85 (<a
href="https://redirect.github.com/crate-ci/typos/issues/1241">#1241</a>)</li>
<li><a
href="https://github.com/crate-ci/typos/commit/71643b1191585cd20de3b91d9c1e73d949309530"><code>71643b1</code></a>
Merge pull request <a
href="https://redirect.github.com/crate-ci/typos/issues/1240">#1240</a>
from szepeviktor/patch-1</li>
<li><a
href="https://github.com/crate-ci/typos/commit/931a5804a4dffb6343188d152e0c08c2147b5174"><code>931a580</code></a>
Fix typo in README</li>
<li><a
href="https://github.com/crate-ci/typos/commit/c5137fd6aab66cddb011a1cb93e2553f56cafc9f"><code>c5137fd</code></a>
refactor(action): Isolate unique parts</li>
<li>See full diff in <a
href="https://github.com/crate-ci/typos/compare/212923e4ff05b7fc2294a204405eec047b807138...db35ee91e80fbb447f33b0e5fbddb24d2a1a884f">compare
view</a></li>
</ul>
</details>
<br />

Updates `actions/download-artifact` from 4.1.8 to 4.1.9
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/download-artifact/releases">actions/download-artifact's
releases</a>.</em></p>
<blockquote>
<h2>v4.1.9</h2>
<h2>What's Changed</h2>
<ul>
<li>Add workflow file for publishing releases to immutable action
package by <a
href="https://github.com/Jcambass"><code>@​Jcambass</code></a> in <a
href="https://redirect.github.com/actions/download-artifact/pull/354">actions/download-artifact#354</a></li>
<li>docs: small migration fix by <a
href="https://github.com/froblesmartin"><code>@​froblesmartin</code></a>
in <a
href="https://redirect.github.com/actions/download-artifact/pull/370">actions/download-artifact#370</a></li>
<li>Update MIGRATION.md by <a
href="https://github.com/andyfeller"><code>@​andyfeller</code></a> in <a
href="https://redirect.github.com/actions/download-artifact/pull/372">actions/download-artifact#372</a></li>
<li>Update artifact package to 2.2.2 by <a
href="https://github.com/yacaovsnc"><code>@​yacaovsnc</code></a> in <a
href="https://redirect.github.com/actions/download-artifact/pull/380">actions/download-artifact#380</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/Jcambass"><code>@​Jcambass</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/download-artifact/pull/354">actions/download-artifact#354</a></li>
<li><a
href="https://github.com/froblesmartin"><code>@​froblesmartin</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/download-artifact/pull/370">actions/download-artifact#370</a></li>
<li><a
href="https://github.com/andyfeller"><code>@​andyfeller</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/download-artifact/pull/372">actions/download-artifact#372</a></li>
<li><a href="https://github.com/yacaovsnc"><code>@​yacaovsnc</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/download-artifact/pull/380">actions/download-artifact#380</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/download-artifact/compare/v4...v4.1.9">https://github.com/actions/download-artifact/compare/v4...v4.1.9</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/download-artifact/commit/cc203385981b70ca67e1cc392babf9cc229d5806"><code>cc20338</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/download-artifact/issues/380">#380</a>
from actions/yacaovsnc/release_4_1_9</li>
<li><a
href="https://github.com/actions/download-artifact/commit/1fc0fee191f40422f502da571c0f01ff460afe53"><code>1fc0fee</code></a>
Update artifact package to 2.2.2</li>
<li><a
href="https://github.com/actions/download-artifact/commit/7fba95161a0924506ed1ae69cdbae8371ee00b3f"><code>7fba951</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/download-artifact/issues/372">#372</a>
from andyfeller/patch-1</li>
<li><a
href="https://github.com/actions/download-artifact/commit/f9ceb7763ba1fdfd81b2e2f93aa1f6015ff6b35d"><code>f9ceb77</code></a>
Update MIGRATION.md</li>
<li><a
href="https://github.com/actions/download-artifact/commit/533298bc57c27f112a2c04a74a04a4d43e2866fd"><code>533298b</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/download-artifact/issues/370">#370</a>
from froblesmartin/patch-1</li>
<li><a
href="https://github.com/actions/download-artifact/commit/d06289e120b300840a833b25db66cb8c19f5d274"><code>d06289e</code></a>
docs: small migration fix</li>
<li><a
href="https://github.com/actions/download-artifact/commit/d0ce8fd1167ed839810201de977912a090ab10a7"><code>d0ce8fd</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/download-artifact/issues/354">#354</a>
from actions/Jcambass-patch-1</li>
<li><a
href="https://github.com/actions/download-artifact/commit/1ce0d91ace59dfbf6763107ee5aa8466ebbadf48"><code>1ce0d91</code></a>
Add workflow file for publishing releases to immutable action
package</li>
<li>See full diff in <a
href="https://github.com/actions/download-artifact/compare/fa0a91b85d4f404e444e00e005971372dc801d16...cc203385981b70ca67e1cc392babf9cc229d5806">compare
view</a></li>
</ul>
</details>
<br />

Updates `google-github-actions/get-gke-credentials` from 2.3.1 to 2.3.3
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/google-github-actions/get-gke-credentials/releases">google-github-actions/get-gke-credentials's
releases</a>.</em></p>
<blockquote>
<h2>v2.3.3</h2>
<h2>What's Changed</h2>
<ul>
<li>Description must be less than 125 characters by <a
href="https://github.com/sethvargo"><code>@​sethvargo</code></a> in <a
href="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/331">google-github-actions/get-gke-credentials#331</a></li>
<li>Release: v2.3.3 by <a
href="https://github.com/google-github-actions-bot"><code>@​google-github-actions-bot</code></a>
in <a
href="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/332">google-github-actions/get-gke-credentials#332</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/google-github-actions/get-gke-credentials/compare/v2.3.2...v2.3.3">https://github.com/google-github-actions/get-gke-credentials/compare/v2.3.2...v2.3.3</a></p>
<h2>v2.3.2</h2>
<h2>What's Changed</h2>
<ul>
<li>security: bump jsonpath-plus from 10.2.0 to 10.3.0 in the
npm_and_yarn group by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/327">google-github-actions/get-gke-credentials#327</a></li>
<li>Update deps by <a
href="https://github.com/sethvargo"><code>@​sethvargo</code></a> in <a
href="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/329">google-github-actions/get-gke-credentials#329</a></li>
<li>Release: v2.3.2 by <a
href="https://github.com/google-github-actions-bot"><code>@​google-github-actions-bot</code></a>
in <a
href="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/330">google-github-actions/get-gke-credentials#330</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/google-github-actions/get-gke-credentials/compare/v2.3.1...v2.3.2">https://github.com/google-github-actions/get-gke-credentials/compare/v2.3.1...v2.3.2</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/google-github-actions/get-gke-credentials/commit/d0cee45012069b163a631894b98904a9e6723729"><code>d0cee45</code></a>
Release: v2.3.3 (<a
href="https://redirect.github.com/google-github-actions/get-gke-credentials/issues/332">#332</a>)</li>
<li><a
href="https://github.com/google-github-actions/get-gke-credentials/commit/c1387e6b1efc91945c5f6150f3375ef91a6b69a0"><code>c1387e6</code></a>
Description must be less than 125 characters (<a
href="https://redirect.github.com/google-github-actions/get-gke-credentials/issues/331">#331</a>)</li>
<li><a
href="https://github.com/google-github-actions/get-gke-credentials/commit/d08c14912d6642ca79ec62782b87462236685240"><code>d08c149</code></a>
Release: v2.3.2 (<a
href="https://redirect.github.com/google-github-actions/get-gke-credentials/issues/330">#330</a>)</li>
<li><a
href="https://github.com/google-github-actions/get-gke-credentials/commit/5f781aae169bd8866ca79bbc10c402a1256d2ed1"><code>5f781aa</code></a>
Update deps (<a
href="https://redirect.github.com/google-github-actions/get-gke-credentials/issues/329">#329</a>)</li>
<li><a
href="https://github.com/google-github-actions/get-gke-credentials/commit/67b31da175b2546b2afc28460d0cafe927e6fd42"><code>67b31da</code></a>
security: bump jsonpath-plus from 10.2.0 to 10.3.0 in the npm_and_yarn
group ...</li>
<li>See full diff in <a
href="https://github.com/google-github-actions/get-gke-credentials/compare/7a108e64ed8546fe38316b4086e91da13f4785e1...d0cee45012069b163a631894b98904a9e6723729">compare
view</a></li>
</ul>
</details>
<br />

Updates `docker/setup-buildx-action` from 3.9.0 to 3.10.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.10.0</h2>
<ul>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.54.0 to 0.56.0 in
<a
href="https://redirect.github.com/docker/setup-buildx-action/pull/408">docker/setup-buildx-action#408</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-buildx-action/compare/v3.9.0...v3.10.0">https://github.com/docker/setup-buildx-action/compare/v3.9.0...v3.10.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/docker/setup-buildx-action/commit/b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2"><code>b5ca514</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/408">#408</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li><a
href="https://github.com/docker/setup-buildx-action/commit/1418a4ef330cff3d80e8707b47780be815fb20db"><code>1418a4e</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/setup-buildx-action/commit/93acf831ce48bc806b62b1e892b89fca8bf213e0"><code>93acf83</code></a>
build(deps): bump <code>@​docker/actions-toolkit</code> from 0.54.0 to
0.56.0</li>
<li>See full diff in <a
href="https://github.com/docker/setup-buildx-action/compare/f7ce87c1d6bead3e36075b2ce75da1f6cc28aaca...b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2">compare
view</a></li>
</ul>
</details>
<br />

<details>
<summary>Most Recent Ignore Conditions Applied to This Pull
Request</summary>

| Dependency Name | Ignore Conditions |
| --- | --- |
| crate-ci/typos | [>= 1.30.a, < 1.31] |
</details>


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-03-04 16:39:00 +00:00
Dean Sheather 64fec8bf0b feat: include winres metadata in Windows binaries (#16706) 
Adds information like product/file version, description, product name
and copyright to compiled Windows binaries in dogfood and release
builds. Also adds an icon to the executable.

This is necessary for Coder Desktop to be able to check the version on
binaries.

### Before:

![image](https://github.com/user-attachments/assets/82351b63-6b23-4ef8-ab89-7f9e6dafeabd)

![image](https://github.com/user-attachments/assets/d17d8098-e330-4ac0-b104-31163f84279f)

### After:

![image](https://github.com/user-attachments/assets/0ba50afa-ad53-4ad2-b5e2-557358cda037)

![image](https://github.com/user-attachments/assets/d305cc27-e3f3-41a8-9098-498b71344faa)

![image](https://github.com/user-attachments/assets/42f74ace-bda1-414f-b514-68d4d928c958)

Closes https://github.com/coder/coder/issues/16693
 2025-02-28 16:03:08 +11:00
dependabot[bot] 3a2d4a2ccc ci: bump the github-actions group with 7 updates (#16671) 
Bumps the github-actions group with 7 updates:

| Package | From | To |
| --- | --- | --- |
| [actions/cache](https://github.com/actions/cache) | `4.2.0` | `4.2.1`
|
| [crate-ci/typos](https://github.com/crate-ci/typos) | `1.29.7` |
`1.29.9` |
| [azure/setup-helm](https://github.com/azure/setup-helm) | `4.2.0` |
`4.3.0` |
| [actions/upload-artifact](https://github.com/actions/upload-artifact)
| `4.6.0` | `4.6.1` |
| [fluxcd/flux2](https://github.com/fluxcd/flux2) | `2.4.0` | `2.5.0` |
| [ossf/scorecard-action](https://github.com/ossf/scorecard-action) |
`2.4.0` | `2.4.1` |
| [github/codeql-action](https://github.com/github/codeql-action) |
`3.28.9` | `3.28.10` |

Updates `actions/cache` from 4.2.0 to 4.2.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/releases">actions/cache's
releases</a>.</em></p>
<blockquote>
<h2>v4.2.1</h2>
<h2>What's Changed</h2>
<blockquote>
<p>[!IMPORTANT]
As a reminder, there were important backend changes to release v4.2.0,
see <a href="https://github.com/actions/cache/releases/tag/v4.2.0">those
release notes</a> and <a
href="https://github.com/actions/cache/discussions/1510">the
announcement</a> for more details.</p>
</blockquote>
<ul>
<li>docs: GitHub is spelled incorrectly in caching-strategies.md by <a
href="https://github.com/janco-absa"><code>@​janco-absa</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1526">actions/cache#1526</a></li>
<li>docs: Make the &quot;always save prime numbers&quot; example more
clear by <a href="https://github.com/Tobbe"><code>@​Tobbe</code></a> in
<a
href="https://redirect.github.com/actions/cache/pull/1525">actions/cache#1525</a></li>
<li>Update force deletion docs due a recent deprecation by <a
href="https://github.com/sebbalex"><code>@​sebbalex</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1500">actions/cache#1500</a></li>
<li>Bump <code>@​actions/cache</code> to v4.0.1 by <a
href="https://github.com/robherley"><code>@​robherley</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1554">actions/cache#1554</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/janco-absa"><code>@​janco-absa</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/cache/pull/1526">actions/cache#1526</a></li>
<li><a href="https://github.com/Tobbe"><code>@​Tobbe</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/cache/pull/1525">actions/cache#1525</a></li>
<li><a href="https://github.com/sebbalex"><code>@​sebbalex</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/cache/pull/1500">actions/cache#1500</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/cache/compare/v4.2.0...v4.2.1">https://github.com/actions/cache/compare/v4.2.0...v4.2.1</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/blob/main/RELEASES.md">actions/cache's
changelog</a>.</em></p>
<blockquote>
<h1>Releases</h1>
<h3>4.2.1</h3>
<ul>
<li>Bump <code>@actions/cache</code> to v4.0.1</li>
</ul>
<h3>4.2.0</h3>
<p>TLDR; The cache backend service has been rewritten from the ground up
for improved performance and reliability. <a
href="https://github.com/actions/cache">actions/cache</a> now integrates
with the new cache service (v2) APIs.</p>
<p>The new service will gradually roll out as of <strong>February 1st,
2025</strong>. The legacy service will also be sunset on the same date.
Changes in these release are <strong>fully backward
compatible</strong>.</p>
<p><strong>We are deprecating some versions of this action</strong>. We
recommend upgrading to version <code>v4</code> or <code>v3</code> as
soon as possible before <strong>February 1st, 2025.</strong> (Upgrade
instructions below).</p>
<p>If you are using pinned SHAs, please use the SHAs of versions
<code>v4.2.0</code> or <code>v3.4.0</code></p>
<p>If you do not upgrade, all workflow runs using any of the deprecated
<a href="https://github.com/actions/cache">actions/cache</a> will
fail.</p>
<p>Upgrading to the recommended versions will not break your
workflows.</p>
<h3>4.1.2</h3>
<ul>
<li>Add GitHub Enterprise Cloud instances hostname filters to inform API
endpoint choices - <a
href="https://redirect.github.com/actions/cache/pull/1474">#1474</a></li>
<li>Security fix: Bump braces from 3.0.2 to 3.0.3 - <a
href="https://redirect.github.com/actions/cache/pull/1475">#1475</a></li>
</ul>
<h3>4.1.1</h3>
<ul>
<li>Restore original behavior of <code>cache-hit</code> output - <a
href="https://redirect.github.com/actions/cache/pull/1467">#1467</a></li>
</ul>
<h3>4.1.0</h3>
<ul>
<li>Ensure <code>cache-hit</code> output is set when a cache is missed -
<a
href="https://redirect.github.com/actions/cache/pull/1404">#1404</a></li>
<li>Deprecate <code>save-always</code> input - <a
href="https://redirect.github.com/actions/cache/pull/1452">#1452</a></li>
</ul>
<h3>4.0.2</h3>
<ul>
<li>Fixed restore <code>fail-on-cache-miss</code> not working.</li>
</ul>
<h3>4.0.1</h3>
<ul>
<li>Updated <code>isGhes</code> check</li>
</ul>
<h3>4.0.0</h3>
<ul>
<li>Updated minimum runner version support from node 12 -&gt; node
20</li>
</ul>
<h3>3.4.0</h3>
<ul>
<li>Integrated with the new cache service (v2) APIs</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/cache/commit/0c907a75c2c80ebcb7f088228285e798b750cf8f"><code>0c907a7</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1554">#1554</a>
from actions/robherley/v4.2.1</li>
<li><a
href="https://github.com/actions/cache/commit/710893c2369beb60748049b671f18c43a3656fce"><code>710893c</code></a>
bump <code>@​actions/cache</code> to v4.0.1</li>
<li><a
href="https://github.com/actions/cache/commit/9fa7e61ec7e1f44ac75218e7aaea81da8856fd11"><code>9fa7e61</code></a>
Update force deletion docs due a recent deprecation (<a
href="https://redirect.github.com/actions/cache/issues/1500">#1500</a>)</li>
<li><a
href="https://github.com/actions/cache/commit/36f1e144e1c8edb0a652766b484448563d8baf46"><code>36f1e14</code></a>
docs: Make the &quot;always save prime numbers&quot; example more clear
(<a
href="https://redirect.github.com/actions/cache/issues/1525">#1525</a>)</li>
<li><a
href="https://github.com/actions/cache/commit/53aa38c736a561b9c17b62df3fe885a17b78ee6d"><code>53aa38c</code></a>
Correct GitHub Spelling in caching-strategies.md (<a
href="https://redirect.github.com/actions/cache/issues/1526">#1526</a>)</li>
<li>See full diff in <a
href="https://github.com/actions/cache/compare/1bd1e32a3bdc45362d1e726936510720a7c30a57...0c907a75c2c80ebcb7f088228285e798b750cf8f">compare
view</a></li>
</ul>
</details>
<br />

Updates `crate-ci/typos` from 1.29.7 to 1.29.9
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/crate-ci/typos/releases">crate-ci/typos's
releases</a>.</em></p>
<blockquote>
<h2>v1.29.9</h2>
<h2>[1.29.9] - 2025-02-20</h2>
<h3>Fixes</h3>
<ul>
<li><em>(action)</em> Correctly get binary for some aarch64 systems</li>
</ul>
<h2>v1.29.8</h2>
<h2>[1.29.8] - 2025-02-19</h2>
<h3>Features</h3>
<ul>
<li>Attempt to build Linux aarch64 binaries</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/crate-ci/typos/blob/master/CHANGELOG.md">crate-ci/typos's
changelog</a>.</em></p>
<blockquote>
<h1>Change Log</h1>
<p>All notable changes to this project will be documented in this
file.</p>
<p>The format is based on <a href="http://keepachangelog.com/">Keep a
Changelog</a>
and this project adheres to <a href="http://semver.org/">Semantic
Versioning</a>.</p>
<!-- raw HTML omitted -->
<h2>[Unreleased] - ReleaseDate</h2>
<h2>[1.29.9] - 2025-02-20</h2>
<h3>Fixes</h3>
<ul>
<li><em>(action)</em> Correctly get binary for some aarch64 systems</li>
</ul>
<h2>[1.29.8] - 2025-02-19</h2>
<h3>Features</h3>
<ul>
<li>Attempt to build Linux aarch64 binaries</li>
</ul>
<h2>[1.29.7] - 2025-02-13</h2>
<h3>Fixes</h3>
<ul>
<li>Don't correct <code>implementors</code></li>
</ul>
<h2>[1.29.6] - 2025-02-13</h2>
<h3>Features</h3>
<ul>
<li>Updated the dictionary with the <a
href="https://redirect.github.com/crate-ci/typos/issues/1200">January
2025</a> changes</li>
</ul>
<h2>[1.29.5] - 2025-01-30</h2>
<h3>Internal</h3>
<ul>
<li>Update a dependency</li>
</ul>
<h2>[1.29.4] - 2025-01-03</h2>
<h2>[1.29.3] - 2025-01-02</h2>
<h2>[1.29.2] - 2025-01-02</h2>
<h2>[1.29.1] - 2025-01-02</h2>
<h3>Fixes</h3>
<ul>
<li>Don't correct <code>deriver</code></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/crate-ci/typos/commit/212923e4ff05b7fc2294a204405eec047b807138"><code>212923e</code></a>
chore: Release</li>
<li><a
href="https://github.com/crate-ci/typos/commit/659bf5525349fd206cd1678999f83d18de56aff1"><code>659bf55</code></a>
docs: Update changelog</li>
<li><a
href="https://github.com/crate-ci/typos/commit/092b7056bbee0592fb00c370409b891f458a6e08"><code>092b705</code></a>
Merge pull request <a
href="https://redirect.github.com/crate-ci/typos/issues/1239">#1239</a>
from codingskynet/fix/support-aarch64</li>
<li><a
href="https://github.com/crate-ci/typos/commit/298a143ed0001bf83403a9ac2acd9d97bf90fb8c"><code>298a143</code></a>
chore(gh): Fix links</li>
<li><a
href="https://github.com/crate-ci/typos/commit/d7059d7796bd95ed84d7371925404ada3ef367b2"><code>d7059d7</code></a>
chore(gh): Fix links</li>
<li><a
href="https://github.com/crate-ci/typos/commit/636d59beef47e4c8c75497423a853bc830349dcf"><code>636d59b</code></a>
chore(gh): Encourage people to check for dupes</li>
<li><a
href="https://github.com/crate-ci/typos/commit/51cd88f328acb0b208a232c5cbccb83de6ac8188"><code>51cd88f</code></a>
chore(gh): Add a data template</li>
<li><a
href="https://github.com/crate-ci/typos/commit/c11cf6c0e1b424b62965a1370ec9926a0266dfb1"><code>c11cf6c</code></a>
chore(gh): Try to clarify template</li>
<li><a
href="https://github.com/crate-ci/typos/commit/3bcb9191487d04efb8260b9753e6f62262199265"><code>3bcb919</code></a>
fix: add aarch64 on arm64 cond</li>
<li><a
href="https://github.com/crate-ci/typos/commit/1ea66fdf4d62b5a980bff2c47e0be131365bfcf2"><code>1ea66fd</code></a>
docs(readme): Call out that the readme is not exhaustive</li>
<li>Additional commits viewable in <a
href="https://github.com/crate-ci/typos/compare/51f257b946f503b768e522781f56e9b7b5570d48...212923e4ff05b7fc2294a204405eec047b807138">compare
view</a></li>
</ul>
</details>
<br />

Updates `azure/setup-helm` from 4.2.0 to 4.3.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/azure/setup-helm/releases">azure/setup-helm's
releases</a>.</em></p>
<blockquote>
<h2>v4.3.0</h2>
<ul>
<li><a
href="https://redirect.github.com/azure/setup-helm/issues/152">#152</a>
feat: log when restoring from cache</li>
<li><a
href="https://redirect.github.com/azure/setup-helm/issues/157">#157</a>
Dependencies Update</li>
<li><a
href="https://redirect.github.com/azure/setup-helm/issues/137">#137</a>
Add dependabot</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/Azure/setup-helm/blob/main/CHANGELOG.md">azure/setup-helm's
changelog</a>.</em></p>
<blockquote>
<h1>Change Log</h1>
<h2>[4.3.0] - 2025-02-15</h2>
<ul>
<li><a
href="https://redirect.github.com/azure/setup-helm/issues/152">#152</a>
feat: log when restoring from cache</li>
<li><a
href="https://redirect.github.com/azure/setup-helm/issues/157">#157</a>
Dependencies Update</li>
<li><a
href="https://redirect.github.com/azure/setup-helm/issues/137">#137</a>
Add dependabot</li>
</ul>
<h2>[4.2.0] - 2024-04-15</h2>
<ul>
<li><a
href="https://redirect.github.com/azure/setup-helm/issues/124">#124</a>
Fix OS detection and download OS-native archive extension</li>
</ul>
<h2>[4.1.0] - 2024-03-01</h2>
<ul>
<li><a
href="https://redirect.github.com/azure/setup-helm/issues/130">#130</a>
switches to use Helm published file to read latest version instead of
using GitHub releases</li>
</ul>
<h2>[4.0.0] - 2024-02-12</h2>
<ul>
<li><a
href="https://redirect.github.com/azure/setup-helm/issues/121">#121</a>
update to node20 as node16 is deprecated</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/Azure/setup-helm/commit/b9e51907a09c216f16ebe8536097933489208112"><code>b9e5190</code></a>
build</li>
<li><a
href="https://github.com/Azure/setup-helm/commit/0e8654bb94582592935dc70ca0438926cea61865"><code>0e8654b</code></a>
Release setup-helm version 4.3.0 (<a
href="https://redirect.github.com/azure/setup-helm/issues/162">#162</a>)</li>
<li><a
href="https://github.com/Azure/setup-helm/commit/b48e1dfac1cac293240bf5ea8d7054a228769739"><code>b48e1df</code></a>
feat: log when restoring from cache (<a
href="https://redirect.github.com/azure/setup-helm/issues/152">#152</a>)</li>
<li><a
href="https://github.com/Azure/setup-helm/commit/855ae7a03c297d33ee0f6e0959cfc87f4ba7ee0c"><code>855ae7a</code></a>
Bump the actions group across 1 directory with 3 updates (<a
href="https://redirect.github.com/azure/setup-helm/issues/159">#159</a>)</li>
<li><a
href="https://github.com/Azure/setup-helm/commit/124c6d88e7a75334a4fad6d0905089d6d714d088"><code>124c6d8</code></a>
Dependencies Update (<a
href="https://redirect.github.com/azure/setup-helm/issues/157">#157</a>)</li>
<li><a
href="https://github.com/Azure/setup-helm/commit/048f4e7eae1192e88a86787d033f837a2aa27d4c"><code>048f4e7</code></a>
Bump the actions group across 1 directory with 2 updates (<a
href="https://redirect.github.com/azure/setup-helm/issues/151">#151</a>)</li>
<li><a
href="https://github.com/Azure/setup-helm/commit/8618769467d74e09809f09197c6fb7ca9f50d5ae"><code>8618769</code></a>
Bump the actions group across 1 directory with 4 updates (<a
href="https://redirect.github.com/azure/setup-helm/issues/149">#149</a>)</li>
<li><a
href="https://github.com/Azure/setup-helm/commit/4eb898eef0f80e48f43929d83a1db3b30e766a1f"><code>4eb898e</code></a>
Bump the actions group across 1 directory with 2 updates (<a
href="https://redirect.github.com/azure/setup-helm/issues/145">#145</a>)</li>
<li><a
href="https://github.com/Azure/setup-helm/commit/7a2001c0f6ca6db9afce16d84b88c7307ed9a707"><code>7a2001c</code></a>
Bump the actions group across 1 directory with 2 updates (<a
href="https://redirect.github.com/azure/setup-helm/issues/143">#143</a>)</li>
<li><a
href="https://github.com/Azure/setup-helm/commit/e90c86ceeaceb8a9de7d8225d29b43fa620e3709"><code>e90c86c</code></a>
Bump the actions group across 1 directory with 9 updates (<a
href="https://redirect.github.com/azure/setup-helm/issues/141">#141</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/azure/setup-helm/compare/fe7b79cd5ee1e45176fcad797de68ecaf3ca4814...b9e51907a09c216f16ebe8536097933489208112">compare
view</a></li>
</ul>
</details>
<br />

Updates `actions/upload-artifact` from 4.6.0 to 4.6.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's
releases</a>.</em></p>
<blockquote>
<h2>v4.6.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Update to use artifact 2.2.2 package by <a
href="https://github.com/yacaovsnc"><code>@​yacaovsnc</code></a> in <a
href="https://redirect.github.com/actions/upload-artifact/pull/673">actions/upload-artifact#673</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/upload-artifact/compare/v4...v4.6.1">https://github.com/actions/upload-artifact/compare/v4...v4.6.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/upload-artifact/commit/4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1"><code>4cec3d8</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/upload-artifact/issues/673">#673</a>
from actions/yacaovsnc/artifact_2.2.2</li>
<li><a
href="https://github.com/actions/upload-artifact/commit/e9fad966ccdffceea5de0445882c9455934bcf8e"><code>e9fad96</code></a>
license cache update for artifact</li>
<li><a
href="https://github.com/actions/upload-artifact/commit/b26fd06e9da88a61ada55f23d7863325b1f115d3"><code>b26fd06</code></a>
Update to use artifact 2.2.2 package</li>
<li>See full diff in <a
href="https://github.com/actions/upload-artifact/compare/65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08...4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1">compare
view</a></li>
</ul>
</details>
<br />

Updates `fluxcd/flux2` from 2.4.0 to 2.5.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/fluxcd/flux2/releases">fluxcd/flux2's
releases</a>.</em></p>
<blockquote>
<h2>v2.5.0</h2>
<h2>Highlights</h2>
<p>Flux v2.5.0 is a feature release. Users are encouraged to upgrade for
the best experience.</p>
<p>For a compressive overview of new features and API changes included
in this release,
please refer to the <a
href="https://fluxcd.io/blog/2025/02/flux-v2.5.0/">Announcing Flux 2.5
GA blog post</a>.</p>
<p>Overview of the new features:</p>
<ul>
<li>Support for GitHub App authentication (<code>GitRepository</code>
and <code>ImageUpdateAutomation</code> API)</li>
<li>Custom Health Checks using CEL (<code>Kustomization</code> API)</li>
<li>Fine-grained control of garbage collection
(<code>Kustomization</code> API)</li>
<li>Enable decryption of secrets generated by Kustomize components
(<code>Kustomization</code> API)</li>
<li>Support for custom event metadata from annotations
(<code>Alert</code> API)</li>
<li>Git commit status updates for Flux Kustomizations with OCIRepository
sources (<code>Alert</code> API)</li>
<li>Resource filtering using CEL for webhook receivers
(<code>Receiver</code> API)</li>
<li>Debug commands for Flux Kustomizations and HelmReleases (Flux
CLI)</li>
</ul>
<p>❤️ Big thanks to all the Flux contributors that helped us with this
release!</p>
<h3>Kubernetes compatibility</h3>
<p>This release is compatible with the following Kubernetes
versions:</p>
<table>
<thead>
<tr>
<th>Kubernetes version</th>
<th>Minimum required</th>
</tr>
</thead>
<tbody>
<tr>
<td><code>v1.30</code></td>
<td><code>&gt;= 1.30.0</code></td>
</tr>
<tr>
<td><code>v1.31</code></td>
<td><code>&gt;= 1.31.0</code></td>
</tr>
<tr>
<td><code>v1.32</code></td>
<td><code>&gt;= 1.32.0</code></td>
</tr>
</tbody>
</table>
<blockquote>
<p>[!NOTE]
Note that the Flux project offers support only for the latest three
minor versions of Kubernetes.
Backwards compatibility with older versions of Kubernetes and OpenShift
is offered by vendors such as
<a
href="https://control-plane.io/enterprise-for-flux-cd/">ControlPlane</a>
that provide enterprise support for Flux.</p>
</blockquote>
<h3>OpenShift compatibility</h3>
<p>Flux can be installed on Red Hat OpenShift cluster directly from
OperatorHub using
<a href="https://operatorhub.io/operator/flux-operator">Flux
Operator</a>.
The operator allows the configuration of Flux multi-tenancy lockdown,
network policies,
persistent storage, sharding, vertical scaling and the synchronization
of the cluster state from Git repositories, OCI artifacts and
S3-compatible storage.</p>
<h2>Upgrade procedure</h2>
<p>Upgrade Flux from <code>v2.4.0</code> to <code>v2.5.0</code> by
following the <a
href="https://fluxcd.io/flux/installation/upgrade/">upgrade
guide</a>.</p>
<p>There are no new API versions in this release, so no changes are
required in the YAML manifests containing Flux resources.</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/fluxcd/flux2/commit/af67405ee43a6cd66e0b73f4b3802e8583f9d961"><code>af67405</code></a>
Merge pull request <a
href="https://redirect.github.com/fluxcd/flux2/issues/5204">#5204</a>
from fluxcd/kubectl-1.32.2</li>
<li><a
href="https://github.com/fluxcd/flux2/commit/6f65c92fe7f335ba965d743ffb6d53c0b3470779"><code>6f65c92</code></a>
Update kubectl in flux-cli image</li>
<li><a
href="https://github.com/fluxcd/flux2/commit/c84d3122890a05491ce9ef6215e5b1dfb741cc99"><code>c84d312</code></a>
Merge pull request <a
href="https://redirect.github.com/fluxcd/flux2/issues/5203">#5203</a>
from fluxcd/fix-cli-build</li>
<li><a
href="https://github.com/fluxcd/flux2/commit/d37473ff4469cb62f2b5c8fe142209be624c9afc"><code>d37473f</code></a>
Update flux-cli image</li>
<li><a
href="https://github.com/fluxcd/flux2/commit/712b03727ae48f9366b80af783f334b2f5d7d919"><code>712b037</code></a>
Merge pull request <a
href="https://redirect.github.com/fluxcd/flux2/issues/5200">#5200</a>
from fluxcd/update-k8s-check</li>
<li><a
href="https://github.com/fluxcd/flux2/commit/14da7d58be2f61eac70e206bfa040707676354e6"><code>14da7d5</code></a>
Update Kubernetes min supported version to 1.30</li>
<li><a
href="https://github.com/fluxcd/flux2/commit/45da6a86f84e1a6839afbbf723c11c8548911764"><code>45da6a8</code></a>
Merge pull request <a
href="https://redirect.github.com/fluxcd/flux2/issues/5199">#5199</a>
from fluxcd/tests-2.5</li>
<li><a
href="https://github.com/fluxcd/flux2/commit/3053a0b8405545b406bab8b27d3aac252c92374c"><code>3053a0b</code></a>
Update integration tests dependencies for Flux 2.5</li>
<li><a
href="https://github.com/fluxcd/flux2/commit/96f95b6b4c9c9dc3b9e02f1045f756093f36630c"><code>96f95b6</code></a>
Merge pull request <a
href="https://redirect.github.com/fluxcd/flux2/issues/5195">#5195</a>
from fluxcd/update-components</li>
<li><a
href="https://github.com/fluxcd/flux2/commit/cf92e02f531dede408ba81add5adcaf7ae8d7e70"><code>cf92e02</code></a>
Update toolkit components</li>
<li>Additional commits viewable in <a
href="https://github.com/fluxcd/flux2/compare/5350425cdcd5fa015337e09fa502153c0275bd4b...af67405ee43a6cd66e0b73f4b3802e8583f9d961">compare
view</a></li>
</ul>
</details>
<br />

Updates `ossf/scorecard-action` from 2.4.0 to 2.4.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/ossf/scorecard-action/releases">ossf/scorecard-action's
releases</a>.</em></p>
<blockquote>
<h2>v2.4.1</h2>
<h2>What's Changed</h2>
<ul>
<li>This update bumps the Scorecard version to the v5.1.1 release. For a
complete list of changes, please refer to the <a
href="https://github.com/ossf/scorecard/releases/tag/v5.1.0">v5.1.0</a>
and <a
href="https://github.com/ossf/scorecard/releases/tag/v5.1.1">v5.1.1</a>
release notes.</li>
<li>Publishing results now uses half the API quota as before. The exact
savings depends on the repository in question.
<ul>
<li>use Scorecard library entrypoint instead of Cobra hooking by <a
href="https://github.com/spencerschrock"><code>@​spencerschrock</code></a>
in <a
href="https://redirect.github.com/ossf/scorecard-action/pull/1423">ossf/scorecard-action#1423</a></li>
</ul>
</li>
<li>Some errors were made into annotations to make them more visible
<ul>
<li>Make default branch error more prominent by <a
href="https://github.com/jsoref"><code>@​jsoref</code></a> in <a
href="https://redirect.github.com/ossf/scorecard-action/pull/1459">ossf/scorecard-action#1459</a></li>
</ul>
</li>
<li>There is now an optional <code>file_mode</code> input which controls
how repository files are fetched from GitHub. The default is
<code>archive</code>, but <code>git</code> produces the most accurate
results for repositories with <code>.gitattributes</code> files at the
cost of analysis speed.
<ul>
<li>add input for specifying <code>--file-mode</code> by <a
href="https://github.com/spencerschrock"><code>@​spencerschrock</code></a>
in <a
href="https://redirect.github.com/ossf/scorecard-action/pull/1509">ossf/scorecard-action#1509</a></li>
</ul>
</li>
<li>The underlying container for the action is now <a
href="https://github.com/ossf/scorecard-action/pkgs/container/scorecard-action">hosted
on GitHub Container Registry</a>. There should be no functional changes.
<ul>
<li>🌱 publish docker images to GitHub Container Registry by <a
href="https://github.com/spencerschrock"><code>@​spencerschrock</code></a>
in <a
href="https://redirect.github.com/ossf/scorecard-action/pull/1453">ossf/scorecard-action#1453</a></li>
</ul>
</li>
</ul>
<h3>Docs</h3>
<ul>
<li>Installation docs update by <a
href="https://github.com/JeremiahAHoward"><code>@​JeremiahAHoward</code></a>
in <a
href="https://redirect.github.com/ossf/scorecard-action/pull/1416">ossf/scorecard-action#1416</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/JeremiahAHoward"><code>@​JeremiahAHoward</code></a>
made their first contribution in <a
href="https://redirect.github.com/ossf/scorecard-action/pull/1416">ossf/scorecard-action#1416</a></li>
<li><a href="https://github.com/jsoref"><code>@​jsoref</code></a> made
their first contribution in <a
href="https://redirect.github.com/ossf/scorecard-action/pull/1459">ossf/scorecard-action#1459</a>
<strong>Full Changelog</strong>: <a
href="https://github.com/ossf/scorecard-action/compare/v2.4.0...v2.4.1">https://github.com/ossf/scorecard-action/compare/v2.4.0...v2.4.1</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/ossf/scorecard-action/commit/f49aabe0b5af0936a0987cfb85d86b75731b0186"><code>f49aabe</code></a>
bump docker to ghcr v2.4.1 (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1478">#1478</a>)</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/30a595ba8670f7bd5e2d33119dfeeb6ab2f64991"><code>30a595b</code></a>
🌱 Bump github.com/sigstore/cosign/v2 from 2.4.2 to 2.4.3 (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1515">#1515</a>)</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/69ae593b7addfd5241b46c43c7ed6abbd7203d55"><code>69ae593</code></a>
omit vcs info from build (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1514">#1514</a>)</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/6a62a1cbf28018bd61197d0c2852b94b046fe1a4"><code>6a62a1c</code></a>
add input for specifying <code>--file-mode</code> (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1509">#1509</a>)</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/2722664778d49161a69d42f8e82e15ed38fea8d1"><code>2722664</code></a>
🌱 Bump the github-actions group with 2 updates (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1510">#1510</a>)</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/ae0ef3171a81cb48c3fdaaf34cba323d0c51fefb"><code>ae0ef31</code></a>
🌱 Bump github.com/spf13/cobra from 1.8.1 to 1.9.1 (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1512">#1512</a>)</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/3676bbc29082184ac34a84d1573c0419f81c4a68"><code>3676bbc</code></a>
🌱 Bump golang from 1.23.6 to 1.24.0 in the docker-images group
(<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1513">#1513</a>)</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/ae7548a0ff1b94dda3a89eeda8f59c031874f035"><code>ae7548a</code></a>
Limit codeQL push trigger to main branch (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1507">#1507</a>)</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/9165624e75f0c73d13a9db2d4d920bcc5fc3a801"><code>9165624</code></a>
upgrade scorecard to v5.1.0 (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1508">#1508</a>)</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/620fd28d6b2ba01c1d70cf63dfb4bdf868e19d6f"><code>620fd28</code></a>
🌱 Bump the github-actions group with 2 updates (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1505">#1505</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/ossf/scorecard-action/compare/62b2cac7ed8198b15735ed49ab1e5cf35480ba46...f49aabe0b5af0936a0987cfb85d86b75731b0186">compare
view</a></li>
</ul>
</details>
<br />

Updates `github/codeql-action` from 3.28.9 to 3.28.10
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.28.10</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.28.10 - 21 Feb 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.5. <a
href="https://redirect.github.com/github/codeql-action/pull/2772">#2772</a></li>
<li>Address an issue where the CodeQL Bundle would occasionally fail to
decompress on macOS. <a
href="https://redirect.github.com/github/codeql-action/pull/2768">#2768</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.28.10/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.28.10 - 21 Feb 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.5. <a
href="https://redirect.github.com/github/codeql-action/pull/2772">#2772</a></li>
<li>Address an issue where the CodeQL Bundle would occasionally fail to
decompress on macOS. <a
href="https://redirect.github.com/github/codeql-action/pull/2768">#2768</a></li>
</ul>
<h2>3.28.9 - 07 Feb 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.4. <a
href="https://redirect.github.com/github/codeql-action/pull/2753">#2753</a></li>
</ul>
<h2>3.28.8 - 29 Jan 2025</h2>
<ul>
<li>Enable support for Kotlin 2.1.10 when running with CodeQL CLI
v2.20.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2744">#2744</a></li>
</ul>
<h2>3.28.7 - 29 Jan 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.6 - 27 Jan 2025</h2>
<ul>
<li>Re-enable debug artifact upload for CLI versions 2.20.3 or greater.
<a
href="https://redirect.github.com/github/codeql-action/pull/2726">#2726</a></li>
</ul>
<h2>3.28.5 - 24 Jan 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2717">#2717</a></li>
</ul>
<h2>3.28.4 - 23 Jan 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.3 - 22 Jan 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.2. <a
href="https://redirect.github.com/github/codeql-action/pull/2707">#2707</a></li>
<li>Fix an issue downloading the CodeQL Bundle from a GitHub Enterprise
Server instance which occurred when the CodeQL Bundle had been synced to
the instance using the <a
href="https://github.com/github/codeql-action-sync-tool">CodeQL Action
sync tool</a> and the Actions runner did not have Zstandard installed.
<a
href="https://redirect.github.com/github/codeql-action/pull/2710">#2710</a></li>
<li>Uploading debug artifacts for CodeQL analysis is temporarily
disabled. <a
href="https://redirect.github.com/github/codeql-action/pull/2712">#2712</a></li>
</ul>
<h2>3.28.2 - 21 Jan 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.1 - 10 Jan 2025</h2>
<ul>
<li>CodeQL Action v2 is now deprecated, and is no longer updated or
supported. For better performance, improved security, and new features,
upgrade to v3. For more information, see <a
href="https://github.blog/changelog/2025-01-10-code-scanning-codeql-action-v2-is-now-deprecated/">this
changelog post</a>. <a
href="https://redirect.github.com/github/codeql-action/pull/2677">#2677</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d"><code>b56ba49</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2778">#2778</a>
from github/update-v3.28.10-9856c48b1</li>
<li><a
href="https://github.com/github/codeql-action/commit/60c9c77c33f2cd66390a3778d54de88b735b2526"><code>60c9c77</code></a>
Update changelog for v3.28.10</li>
<li><a
href="https://github.com/github/codeql-action/commit/9856c48b1a54789454314b4c32ef2354fe213208"><code>9856c48</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2773">#2773</a>
from github/redsun82/rust</li>
<li><a
href="https://github.com/github/codeql-action/commit/9572e09da430b4c71f7488e4195b4ca6ce1c6ef0"><code>9572e09</code></a>
Rust: fix log string</li>
<li><a
href="https://github.com/github/codeql-action/commit/1a529366ac3620317d953e2d4018eafa7459cb1c"><code>1a52936</code></a>
Rust: special case default setup</li>
<li><a
href="https://github.com/github/codeql-action/commit/cf7e90952bcceaebd4a548c2809ea6a5d461a1bc"><code>cf7e909</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2772">#2772</a>
from github/update-bundle/codeql-bundle-v2.20.5</li>
<li><a
href="https://github.com/github/codeql-action/commit/b7006aab6d38638d18e38a27c18f67138529c2f8"><code>b7006aa</code></a>
Merge branch 'main' into update-bundle/codeql-bundle-v2.20.5</li>
<li><a
href="https://github.com/github/codeql-action/commit/cfedae723eaced5e13052b529375e7b00d49a9cd"><code>cfedae7</code></a>
Rust: throw configuration errors if requested and not correctly
enabled</li>
<li><a
href="https://github.com/github/codeql-action/commit/3971ed2a74ede0669fa7f4f5af4292030280dbfd"><code>3971ed2</code></a>
Merge branch 'main' into redsun82/rust</li>
<li><a
href="https://github.com/github/codeql-action/commit/d38c6e60dfb0232f85e388dd416559ed07da5f3a"><code>d38c6e6</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2775">#2775</a>
from github/angelapwen/bump-octokit</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0...b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-02-24 13:10:51 +00:00
dependabot[bot] e39f39ee20 ci: bump the github-actions group with 2 updates (#16593) 
Bumps the github-actions group with 2 updates:
[step-security/harden-runner](https://github.com/step-security/harden-runner)
and [crate-ci/typos](https://github.com/crate-ci/typos).

Updates `step-security/harden-runner` from 2.10.4 to 2.11.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's
releases</a>.</em></p>
<blockquote>
<h2>v2.11.0</h2>
<h2>What's Changed</h2>
<p>Release v2.11.0 in <a
href="https://redirect.github.com/step-security/harden-runner/issues/498">#498</a>
Harden-Runner Enterprise tier now supports the use of eBPF for DNS
resolution and network call monitoring</p>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/step-security/harden-runner/compare/v2...v2.11.0">https://github.com/step-security/harden-runner/compare/v2...v2.11.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/step-security/harden-runner/commit/4d991eb9b905ef189e4c376166672c3f2f230481"><code>4d991eb</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/498">#498</a>
from step-security/rc-18</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/4ea872f89714b83576609e6f89476dfb114a6246"><code>4ea872f</code></a>
Update README.md</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/65d6f6e4ee070283fc8739e8d8295eb6c554029a"><code>65d6f6e</code></a>
Add workflows</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/1034c9a80544b55a7706ed377ea64ded8b0c7ea4"><code>1034c9a</code></a>
Update package-lock.json</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/ab221e2d7a450f54fde8ccb211cea73c5bcf1e2a"><code>ab221e2</code></a>
Update agent</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/7cb6c2fb524eafc78ce834c51af420c289690789"><code>7cb6c2f</code></a>
Update agent</li>
<li>See full diff in <a
href="https://github.com/step-security/harden-runner/compare/cb605e52c26070c328afc4562f0b4ada7618a84e...4d991eb9b905ef189e4c376166672c3f2f230481">compare
view</a></li>
</ul>
</details>
<br />

Updates `crate-ci/typos` from 1.29.5 to 1.29.7
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/crate-ci/typos/releases">crate-ci/typos's
releases</a>.</em></p>
<blockquote>
<h2>v1.29.7</h2>
<h2>[1.29.7] - 2025-02-13</h2>
<h3>Fixes</h3>
<ul>
<li>Don't correct <code>implementors</code></li>
</ul>
<h2>v1.29.6</h2>
<h2>[1.29.6] - 2025-02-13</h2>
<h3>Features</h3>
<ul>
<li>Updated the dictionary with the <a
href="https://redirect.github.com/crate-ci/typos/issues/1200">January
2025</a> changes</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/crate-ci/typos/blob/master/CHANGELOG.md">crate-ci/typos's
changelog</a>.</em></p>
<blockquote>
<h1>Change Log</h1>
<p>All notable changes to this project will be documented in this
file.</p>
<p>The format is based on <a href="http://keepachangelog.com/">Keep a
Changelog</a>
and this project adheres to <a href="http://semver.org/">Semantic
Versioning</a>.</p>
<!-- raw HTML omitted -->
<h2>[Unreleased] - ReleaseDate</h2>
<h2>[1.29.7] - 2025-02-13</h2>
<h3>Fixes</h3>
<ul>
<li>Don't correct <code>implementors</code></li>
</ul>
<h2>[1.29.6] - 2025-02-13</h2>
<h3>Features</h3>
<ul>
<li>Updated the dictionary with the <a
href="https://redirect.github.com/crate-ci/typos/issues/1200">January
2025</a> changes</li>
</ul>
<h2>[1.29.5] - 2025-01-30</h2>
<h3>Internal</h3>
<ul>
<li>Update a dependency</li>
</ul>
<h2>[1.29.4] - 2025-01-03</h2>
<h2>[1.29.3] - 2025-01-02</h2>
<h2>[1.29.2] - 2025-01-02</h2>
<h2>[1.29.1] - 2025-01-02</h2>
<h3>Fixes</h3>
<ul>
<li>Don't correct <code>deriver</code></li>
</ul>
<h2>[1.29.0] - 2024-12-31</h2>
<h3>Features</h3>
<ul>
<li>Updated the dictionary with the <a
href="https://redirect.github.com/crate-ci/typos/issues/1156">December
2024</a> changes</li>
</ul>
<h3>Performance</h3>
<ul>
<li>Sped up dictionary lookups</li>
</ul>
<h2>[1.28.4] - 2024-12-16</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/crate-ci/typos/commit/51f257b946f503b768e522781f56e9b7b5570d48"><code>51f257b</code></a>
chore: Release</li>
<li><a
href="https://github.com/crate-ci/typos/commit/26abf5bab7c077003c530d632ba2d194dcb50eaf"><code>26abf5b</code></a>
docs: Update changelog</li>
<li><a
href="https://github.com/crate-ci/typos/commit/70356ad394aed5f2198728ae716d07306284545d"><code>70356ad</code></a>
Merge pull request <a
href="https://redirect.github.com/crate-ci/typos/issues/1229">#1229</a>
from epage/english</li>
<li><a
href="https://github.com/crate-ci/typos/commit/1121a62d94115d9a7196fbfd6920b2690cbb427f"><code>1121a62</code></a>
fix(dict): Don't correct implementors</li>
<li><a
href="https://github.com/crate-ci/typos/commit/991878ee7836dc567b3478ec87191e3bd2e3db73"><code>991878e</code></a>
chore: Release</li>
<li><a
href="https://github.com/crate-ci/typos/commit/c89d673ca19e503777d7d71b76908d4dab2b5138"><code>c89d673</code></a>
chore(ci): Update builder image</li>
<li><a
href="https://github.com/crate-ci/typos/commit/0fad3ddc6e0fedf679217dcc61886fbeabd09346"><code>0fad3dd</code></a>
chore(deps): Update compatible (<a
href="https://redirect.github.com/crate-ci/typos/issues/1223">#1223</a>)</li>
<li><a
href="https://github.com/crate-ci/typos/commit/b65799a5c4a8931f965b1d7cbabca95913c2ab0a"><code>b65799a</code></a>
chore: Release</li>
<li><a
href="https://github.com/crate-ci/typos/commit/2c0968908d0d79fa0acaa67f017f9b539fab24c5"><code>2c09689</code></a>
docs: Update changelog</li>
<li><a
href="https://github.com/crate-ci/typos/commit/4af6a01f528aaca60cc5571e741ce05eb2d3f267"><code>4af6a01</code></a>
Merge pull request <a
href="https://redirect.github.com/crate-ci/typos/issues/1222">#1222</a>
from epage/jan</li>
<li>Additional commits viewable in <a
href="https://github.com/crate-ci/typos/compare/11ca4583f2f3f74c7e7785c0ecb20fe2c99a4308...51f257b946f503b768e522781f56e9b7b5570d48">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-02-17 12:49:20 +00:00
Ethan 3a884df39e ci: set xcode sdk version when building dylib (#16466) 
The Coder Desktop app might not be able to load the dylib because the
hardened runtime version is different. Right now, without manually
selecting an XCode version, the dylib is built with hardened runtime
version `14.5`. The macOS app is built with XCode 16 SDK, which uses
version `15.0`.

Even if this isn't an issue, I think it's preferable to select a
specific xcode version here to avoid things breaking from under us.
 2025-02-06 06:05:34 +00:00
dependabot[bot] 7177fa0d7c ci: bump the github-actions group with 5 updates (#16448) 
Bumps the github-actions group with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [actions/checkout](https://github.com/actions/checkout) | `4.2.0` |
`4.2.2` |
| [actions/upload-artifact](https://github.com/actions/upload-artifact)
| `4.4.1` | `4.6.0` |
|
[tj-actions/changed-files](https://github.com/tj-actions/changed-files)
| `45.0.6` | `45.0.7` |
| [actions/setup-java](https://github.com/actions/setup-java) | `4.4.0`
| `4.7.0` |
| [actions/stale](https://github.com/actions/stale) | `9.0.0` | `9.1.0`
|

Updates `actions/checkout` from 4.2.0 to 4.2.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/releases">actions/checkout's
releases</a>.</em></p>
<blockquote>
<h2>v4.2.2</h2>
<h2>What's Changed</h2>
<ul>
<li><code>url-helper.ts</code> now leverages well-known environment
variables by <a href="https://github.com/jww3"><code>@​jww3</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/1941">actions/checkout#1941</a></li>
<li>Expand unit test coverage for <code>isGhes</code> by <a
href="https://github.com/jww3"><code>@​jww3</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1946">actions/checkout#1946</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v4.2.1...v4.2.2">https://github.com/actions/checkout/compare/v4.2.1...v4.2.2</a></p>
<h2>v4.2.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Check out other refs/* by commit if provided, fall back to ref by <a
href="https://github.com/orhantoy"><code>@​orhantoy</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1924">actions/checkout#1924</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/Jcambass"><code>@​Jcambass</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/checkout/pull/1919">actions/checkout#1919</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v4.2.0...v4.2.1">https://github.com/actions/checkout/compare/v4.2.0...v4.2.1</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h2>v4.2.2</h2>
<ul>
<li><code>url-helper.ts</code> now leverages well-known environment
variables by <a href="https://github.com/jww3"><code>@​jww3</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/1941">actions/checkout#1941</a></li>
<li>Expand unit test coverage for <code>isGhes</code> by <a
href="https://github.com/jww3"><code>@​jww3</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1946">actions/checkout#1946</a></li>
</ul>
<h2>v4.2.1</h2>
<ul>
<li>Check out other refs/* by commit if provided, fall back to ref by <a
href="https://github.com/orhantoy"><code>@​orhantoy</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1924">actions/checkout#1924</a></li>
</ul>
<h2>v4.2.0</h2>
<ul>
<li>Add Ref and Commit outputs by <a
href="https://github.com/lucacome"><code>@​lucacome</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1180">actions/checkout#1180</a></li>
<li>Dependency updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>- <a
href="https://redirect.github.com/actions/checkout/pull/1777">actions/checkout#1777</a>,
<a
href="https://redirect.github.com/actions/checkout/pull/1872">actions/checkout#1872</a></li>
</ul>
<h2>v4.1.7</h2>
<ul>
<li>Bump the minor-npm-dependencies group across 1 directory with 4
updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1739">actions/checkout#1739</a></li>
<li>Bump actions/checkout from 3 to 4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1697">actions/checkout#1697</a></li>
<li>Check out other refs/* by commit by <a
href="https://github.com/orhantoy"><code>@​orhantoy</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1774">actions/checkout#1774</a></li>
<li>Pin actions/checkout's own workflows to a known, good, stable
version. by <a href="https://github.com/jww3"><code>@​jww3</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1776">actions/checkout#1776</a></li>
</ul>
<h2>v4.1.6</h2>
<ul>
<li>Check platform to set archive extension appropriately by <a
href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1732">actions/checkout#1732</a></li>
</ul>
<h2>v4.1.5</h2>
<ul>
<li>Update NPM dependencies by <a
href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1703">actions/checkout#1703</a></li>
<li>Bump github/codeql-action from 2 to 3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1694">actions/checkout#1694</a></li>
<li>Bump actions/setup-node from 1 to 4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1696">actions/checkout#1696</a></li>
<li>Bump actions/upload-artifact from 2 to 4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1695">actions/checkout#1695</a></li>
<li>README: Suggest <code>user.email</code> to be
<code>41898282+github-actions[bot]@users.noreply.github.com</code> by <a
href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1707">actions/checkout#1707</a></li>
</ul>
<h2>v4.1.4</h2>
<ul>
<li>Disable <code>extensions.worktreeConfig</code> when disabling
<code>sparse-checkout</code> by <a
href="https://github.com/jww3"><code>@​jww3</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1692">actions/checkout#1692</a></li>
<li>Add dependabot config by <a
href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1688">actions/checkout#1688</a></li>
<li>Bump the minor-actions-dependencies group with 2 updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1693">actions/checkout#1693</a></li>
<li>Bump word-wrap from 1.2.3 to 1.2.5 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1643">actions/checkout#1643</a></li>
</ul>
<h2>v4.1.3</h2>
<ul>
<li>Check git version before attempting to disable
<code>sparse-checkout</code> by <a
href="https://github.com/jww3"><code>@​jww3</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1656">actions/checkout#1656</a></li>
<li>Add SSH user parameter by <a
href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1685">actions/checkout#1685</a></li>
<li>Update <code>actions/checkout</code> version in
<code>update-main-version.yml</code> by <a
href="https://github.com/jww3"><code>@​jww3</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1650">actions/checkout#1650</a></li>
</ul>
<h2>v4.1.2</h2>
<ul>
<li>Fix: Disable sparse checkout whenever <code>sparse-checkout</code>
option is not present <a
href="https://github.com/dscho"><code>@​dscho</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1598">actions/checkout#1598</a></li>
</ul>
<h2>v4.1.1</h2>
<ul>
<li>Correct link to GitHub Docs by <a
href="https://github.com/peterbe"><code>@​peterbe</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1511">actions/checkout#1511</a></li>
<li>Link to release page from what's new section by <a
href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1514">actions/checkout#1514</a></li>
</ul>
<h2>v4.1.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1396">Add
support for partial checkout filters</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/checkout/commit/11bd71901bbe5b1630ceea73d27597364c9af683"><code>11bd719</code></a>
Prepare 4.2.2 Release (<a
href="https://redirect.github.com/actions/checkout/issues/1953">#1953</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/e3d2460bbb42d7710191569f88069044cfb9d8cf"><code>e3d2460</code></a>
Expand unit test coverage (<a
href="https://redirect.github.com/actions/checkout/issues/1946">#1946</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/163217dfcd28294438ea1c1c149cfaf66eec283e"><code>163217d</code></a>
<code>url-helper.ts</code> now leverages well-known environment
variables. (<a
href="https://redirect.github.com/actions/checkout/issues/1941">#1941</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871"><code>eef6144</code></a>
Prepare 4.2.1 release (<a
href="https://redirect.github.com/actions/checkout/issues/1925">#1925</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/6b42224f41ee5dfe5395e27c8b2746f1f9955030"><code>6b42224</code></a>
Add workflow file for publishing releases to immutable action package
(<a
href="https://redirect.github.com/actions/checkout/issues/1919">#1919</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/de5a000abf73b6f4965bd1bcdf8f8d94a56ea815"><code>de5a000</code></a>
Check out other refs/* by commit if provided, fall back to ref (<a
href="https://redirect.github.com/actions/checkout/issues/1924">#1924</a>)</li>
<li>See full diff in <a
href="https://github.com/actions/checkout/compare/v4.2.0...11bd71901bbe5b1630ceea73d27597364c9af683">compare
view</a></li>
</ul>
</details>
<br />

Updates `actions/upload-artifact` from 4.4.1 to 4.6.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's
releases</a>.</em></p>
<blockquote>
<h2>v4.6.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Expose env vars to control concurrency and timeout by <a
href="https://github.com/yacaovsnc"><code>@​yacaovsnc</code></a> in <a
href="https://redirect.github.com/actions/upload-artifact/pull/662">actions/upload-artifact#662</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/upload-artifact/compare/v4...v4.6.0">https://github.com/actions/upload-artifact/compare/v4...v4.6.0</a></p>
<h2>v4.5.0</h2>
<h2>What's Changed</h2>
<ul>
<li>fix: deprecated <code>Node.js</code> version in action by <a
href="https://github.com/hamirmahal"><code>@​hamirmahal</code></a> in <a
href="https://redirect.github.com/actions/upload-artifact/pull/578">actions/upload-artifact#578</a></li>
<li>Add new <code>artifact-digest</code> output by <a
href="https://github.com/bdehamer"><code>@​bdehamer</code></a> in <a
href="https://redirect.github.com/actions/upload-artifact/pull/656">actions/upload-artifact#656</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/hamirmahal"><code>@​hamirmahal</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/upload-artifact/pull/578">actions/upload-artifact#578</a></li>
<li><a href="https://github.com/bdehamer"><code>@​bdehamer</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/upload-artifact/pull/656">actions/upload-artifact#656</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/upload-artifact/compare/v4.4.3...v4.5.0">https://github.com/actions/upload-artifact/compare/v4.4.3...v4.5.0</a></p>
<h2>v4.4.3</h2>
<h2>What's Changed</h2>
<ul>
<li>Undo indirect dependency updates from <a
href="https://redirect.github.com/actions/upload-artifact/issues/627">#627</a>
by <a href="https://github.com/joshmgross"><code>@​joshmgross</code></a>
in <a
href="https://redirect.github.com/actions/upload-artifact/pull/632">actions/upload-artifact#632</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/upload-artifact/compare/v4.4.2...v4.4.3">https://github.com/actions/upload-artifact/compare/v4.4.2...v4.4.3</a></p>
<h2>v4.4.2</h2>
<h2>What's Changed</h2>
<ul>
<li>Bump <code>@actions/artifact</code> to 2.1.11 by <a
href="https://github.com/robherley"><code>@​robherley</code></a> in <a
href="https://redirect.github.com/actions/upload-artifact/pull/627">actions/upload-artifact#627</a>
<ul>
<li>Includes fix for relative symlinks not resolving properly</li>
</ul>
</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/upload-artifact/compare/v4.4.1...v4.4.2">https://github.com/actions/upload-artifact/compare/v4.4.1...v4.4.2</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/upload-artifact/commit/65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08"><code>65c4c4a</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/upload-artifact/issues/662">#662</a>
from actions/yacaovsnc/add_variable_for_concurrency_a...</li>
<li><a
href="https://github.com/actions/upload-artifact/commit/020761922861c5b0a0a9b98ae4adccf1f675862c"><code>0207619</code></a>
move files back to satisfy licensed ci</li>
<li><a
href="https://github.com/actions/upload-artifact/commit/1ecca81102de35b6c140e930a09ea6144c27abf1"><code>1ecca81</code></a>
licensed cache updates</li>
<li><a
href="https://github.com/actions/upload-artifact/commit/97422693d3a0493fc2d725fe8c0ac1c1097e9128"><code>9742269</code></a>
Expose env vars to controll concurrency and timeout</li>
<li><a
href="https://github.com/actions/upload-artifact/commit/6f51ac03b9356f520e9adb1b1b7802705f340c2b"><code>6f51ac0</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/upload-artifact/issues/656">#656</a>
from bdehamer/bdehamer/artifact-digest</li>
<li><a
href="https://github.com/actions/upload-artifact/commit/c40c16d999899d3642ba1597014ba7ef8ff611e7"><code>c40c16d</code></a>
add new artifact-digest output</li>
<li><a
href="https://github.com/actions/upload-artifact/commit/735efb4a0a50bb1a533b000483f2d0a23effbd26"><code>735efb4</code></a>
bump <code>@​actions/artifact</code> from 2.1.11 to 2.2.0</li>
<li><a
href="https://github.com/actions/upload-artifact/commit/184d73b71b93c222403b2e7f1ffebe4508014249"><code>184d73b</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/upload-artifact/issues/578">#578</a>
from hamirmahal/fix/deprecated-nodejs-usage-in-action</li>
<li><a
href="https://github.com/actions/upload-artifact/commit/b4a0a984a056f94abb1db07895e844b9422e1e41"><code>b4a0a98</code></a>
Merge branch 'main' into fix/deprecated-nodejs-usage-in-action</li>
<li><a
href="https://github.com/actions/upload-artifact/commit/b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882"><code>b4b15b8</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/upload-artifact/issues/632">#632</a>
from actions/joshmgross/undo-dependency-changes</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/upload-artifact/compare/v4.4.1...65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08">compare
view</a></li>
</ul>
</details>
<br />

Updates `tj-actions/changed-files` from 45.0.6 to 45.0.7
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tj-actions/changed-files/releases">tj-actions/changed-files's
releases</a>.</em></p>
<blockquote>
<h2>v45.0.7</h2>
<h2>What's Changed</h2>
<ul>
<li>Upgraded to v45.0.6 by <a
href="https://github.com/tj-actions-bot"><code>@​tj-actions-bot</code></a>
in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2389">tj-actions/changed-files#2389</a></li>
<li>chore(deps): lock file maintenance by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2390">tj-actions/changed-files#2390</a></li>
<li>chore(deps): update dependency eslint-plugin-github to v5.1.5 by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2392">tj-actions/changed-files#2392</a></li>
<li>chore(deps): update dependency typescript to v5.7.3 by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2393">tj-actions/changed-files#2393</a></li>
<li>fix(deps): update dependency <code>@​octokit/rest</code> to v21.1.0
by <a href="https://github.com/renovate"><code>@​renovate</code></a> in
<a
href="https://redirect.github.com/tj-actions/changed-files/pull/2394">tj-actions/changed-files#2394</a></li>
<li>chore(deps): lock file maintenance by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2395">tj-actions/changed-files#2395</a></li>
<li>chore(deps): update dependency eslint-config-prettier to v10 by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2396">tj-actions/changed-files#2396</a></li>
<li>chore(deps): update dependency <code>@​types/node</code> to v22.10.6
by <a href="https://github.com/renovate"><code>@​renovate</code></a> in
<a
href="https://redirect.github.com/tj-actions/changed-files/pull/2397">tj-actions/changed-files#2397</a></li>
<li>chore(deps): update dependency eslint-plugin-prettier to v5.2.2 by
<a href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2399">tj-actions/changed-files#2399</a></li>
<li>chore(deps): update dependency eslint-plugin-jest to v28.11.0 by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2400">tj-actions/changed-files#2400</a></li>
<li>chore(deps): update dependency <code>@​types/node</code> to v22.10.7
by <a href="https://github.com/renovate"><code>@​renovate</code></a> in
<a
href="https://redirect.github.com/tj-actions/changed-files/pull/2403">tj-actions/changed-files#2403</a></li>
<li>chore(deps): update dependency eslint-plugin-prettier to v5.2.3 by
<a href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2405">tj-actions/changed-files#2405</a></li>
<li>chore(deps): lock file maintenance by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2406">tj-actions/changed-files#2406</a></li>
<li>chore(deps): update dependency <code>@​types/node</code> to v22.10.8
by <a href="https://github.com/renovate"><code>@​renovate</code></a> in
<a
href="https://redirect.github.com/tj-actions/changed-files/pull/2407">tj-actions/changed-files#2407</a></li>
<li>chore(deps): update dependency <code>@​types/node</code> to v22.10.9
by <a href="https://github.com/renovate"><code>@​renovate</code></a> in
<a
href="https://redirect.github.com/tj-actions/changed-files/pull/2408">tj-actions/changed-files#2408</a></li>
<li>chore(deps): update dependency <code>@​types/node</code> to
v22.10.10 by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2409">tj-actions/changed-files#2409</a></li>
<li>chore(deps): lock file maintenance by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2410">tj-actions/changed-files#2410</a></li>
<li>chore(deps): update actions/setup-node action to v4.2.0 by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2411">tj-actions/changed-files#2411</a></li>
<li>chore(deps): update dependency eslint-plugin-github to v5.1.6 by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2413">tj-actions/changed-files#2413</a></li>
<li>chore(deps): update dependency <code>@​types/node</code> to v22.12.0
by <a href="https://github.com/renovate"><code>@​renovate</code></a> in
<a
href="https://redirect.github.com/tj-actions/changed-files/pull/2414">tj-actions/changed-files#2414</a></li>
<li>chore(deps): update dependency <code>@​types/lodash</code> to
v4.17.15 by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2415">tj-actions/changed-files#2415</a></li>
<li>chore(deps): update dependency eslint-plugin-github to v5.1.7 by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2417">tj-actions/changed-files#2417</a></li>
<li>chore(deps): update dependency <code>@​types/node</code> to v22.13.0
by <a href="https://github.com/renovate"><code>@​renovate</code></a> in
<a
href="https://redirect.github.com/tj-actions/changed-files/pull/2419">tj-actions/changed-files#2419</a></li>
<li>chore(deps): lock file maintenance by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2420">tj-actions/changed-files#2420</a></li>
<li>chore(deps): update dependency <code>@​types/node</code> to v22.13.1
by <a href="https://github.com/renovate"><code>@​renovate</code></a> in
<a
href="https://redirect.github.com/tj-actions/changed-files/pull/2422">tj-actions/changed-files#2422</a></li>
<li>chore(deps): update dependency eslint-plugin-github to v5.1.8 by <a
href="https://github.com/renovate"><code>@​renovate</code></a> in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2424">tj-actions/changed-files#2424</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/tj-actions/changed-files/compare/v45...v45.0.7">https://github.com/tj-actions/changed-files/compare/v45...v45.0.7</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h1><a
href="https://github.com/tj-actions/changed-files/compare/v45.0.6...v45.0.7">45.0.7</a>
- (2025-02-04)</h1>
<h2><!-- raw HTML omitted -->🐛 Bug Fixes</h2>
<ul>
<li><strong>deps:</strong> Update dependency <code>@​octokit/rest</code>
to v21.1.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2394">#2394</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/7b72c97d739f955f5cadca0d59799d826ae9f6c9">7b72c97</a>)
- (renovate[bot])</li>
</ul>
<h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2>
<ul>
<li><strong>deps:</strong> Update dependency eslint-plugin-github to
v5.1.8 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2424">#2424</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/dcc7a0cba800f454d79fff4b993e8c3555bcc0a8">dcc7a0c</a>)
- (renovate[bot])</li>
<li><strong>deps:</strong> Update dependency <code>@​types/node</code>
to v22.13.1 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2422">#2422</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/364748aaa8a1ba2cd0a06c35e27f0b736cce57d1">364748a</a>)
- (renovate[bot])</li>
<li><strong>deps:</strong> Lock file maintenance (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2420">#2420</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/301bed650e89313e46f9582591f9a1f4839f2826">301bed6</a>)
- (renovate[bot])</li>
<li><strong>deps:</strong> Update dependency <code>@​types/node</code>
to v22.13.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2419">#2419</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/be1c47003f1f9dedb4436e1e87dfdedd6f97f4c9">be1c470</a>)
- (renovate[bot])</li>
<li><strong>deps:</strong> Update dependency eslint-plugin-github to
v5.1.7 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2417">#2417</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/81785a6716d8354b3886445dd0c2f91e44a0af5a">81785a6</a>)
- (renovate[bot])</li>
<li><strong>deps:</strong> Update dependency <code>@​types/lodash</code>
to v4.17.15 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2415">#2415</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/065e671731666959f9ea1bbbb7ddb8363a8ae9cd">065e671</a>)
- (renovate[bot])</li>
<li><strong>deps:</strong> Update dependency <code>@​types/node</code>
to v22.12.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2414">#2414</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/45cd7f3ddd3d2ba2e885acb6245710a72c096704">45cd7f3</a>)
- (renovate[bot])</li>
<li><strong>deps:</strong> Update dependency eslint-plugin-github to
v5.1.6 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2413">#2413</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/47f21ba55840bf5f5d6ed605352ecd7f2508cbe2">47f21ba</a>)
- (renovate[bot])</li>
<li><strong>deps:</strong> Update actions/setup-node action to v4.2.0
(<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2411">#2411</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/3b3041225bddb25fd9637f44aa4e9a5178c6792e">3b30412</a>)
- (renovate[bot])</li>
<li><strong>deps:</strong> Lock file maintenance (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2410">#2410</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/eec6665cfdd8cb363f41d1adb498ad670105e5ea">eec6665</a>)
- (renovate[bot])</li>
<li><strong>deps:</strong> Update dependency <code>@​types/node</code>
to v22.10.10 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2409">#2409</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/cefd9aa22075c8bbc7dc90a20e82a5badce77e7c">cefd9aa</a>)
- (renovate[bot])</li>
<li><strong>deps:</strong> Update dependency <code>@​types/node</code>
to v22.10.9 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2408">#2408</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/6296564d94be89c91b9c9a893e3b1381b8083dfa">6296564</a>)
- (renovate[bot])</li>
<li><strong>deps:</strong> Update dependency <code>@​types/node</code>
to v22.10.8 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2407">#2407</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/203f0af1aa531319a2af43d70205e12b5f73cb05">203f0af</a>)
- (renovate[bot])</li>
<li><strong>deps:</strong> Lock file maintenance (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2406">#2406</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/8b824429a7b52d43be4884a6be2dea134870d55d">8b82442</a>)
- (renovate[bot])</li>
<li><strong>deps:</strong> Update dependency eslint-plugin-prettier to
v5.2.3 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2405">#2405</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/2b7a1ec20ef743b7bb78d0a5e55012dfb04a8f78">2b7a1ec</a>)
- (renovate[bot])</li>
<li><strong>deps:</strong> Update dependency <code>@​types/node</code>
to v22.10.7 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2403">#2403</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/a2600ce61d4b9f7074622ca3a2f5e497524e6532">a2600ce</a>)
- (renovate[bot])</li>
<li><strong>deps:</strong> Update dependency eslint-plugin-jest to
v28.11.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2400">#2400</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/5dc51d34076557d9ab904ba22d0107a7aa9c73c6">5dc51d3</a>)
- (renovate[bot])</li>
<li><strong>deps:</strong> Update dependency eslint-plugin-prettier to
v5.2.2 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2399">#2399</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/18de9f341fddb527d74abcea6acaa9430e392a60">18de9f3</a>)
- (renovate[bot])</li>
<li><strong>deps:</strong> Update dependency <code>@​types/node</code>
to v22.10.6 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2397">#2397</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/467e54813892b0cf302b0bba54d233c861b97f1a">467e548</a>)
- (renovate[bot])</li>
<li><strong>deps:</strong> Update dependency eslint-config-prettier to
v10 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2396">#2396</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/556e62ac760c4112189f816a829a2e61965d76a0">556e62a</a>)
- (renovate[bot])</li>
<li><strong>deps:</strong> Lock file maintenance (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2395">#2395</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/4f1e6b0db0fb6a8f464793eed5c37ec4a4d76011">4f1e6b0</a>)
- (renovate[bot])</li>
<li><strong>deps:</strong> Update dependency typescript to v5.7.3 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2393">#2393</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/82deec73be8984405676feff8f0a4562b60df95c">82deec7</a>)
- (renovate[bot])</li>
<li><strong>deps:</strong> Update dependency eslint-plugin-github to
v5.1.5 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2392">#2392</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/ef7202db4d23bd79d2fb79d667a7a43ddb08b783">ef7202d</a>)
- (renovate[bot])</li>
<li><strong>deps:</strong> Lock file maintenance (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2390">#2390</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/01c978c0f8cace666c3b0102d1c2c59bf698acdf">01c978c</a>)
- (renovate[bot])</li>
</ul>
<h2><!-- raw HTML omitted -->⬆️ Upgrades</h2>
<ul>
<li>Upgraded to v45.0.6 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2389">#2389</a>)</li>
</ul>
<p>Co-authored-by: jackton1 <a
href="mailto:17484350+jackton1@users.noreply.github.com">17484350+jackton1@users.noreply.github.com</a>
(<a
href="https://github.com/tj-actions/changed-files/commit/ed8e9f69eea433e8fca92ad9b928ca6520d79c2a">ed8e9f6</a>)
- (tj-actions[bot])</p>
<h1><a
href="https://github.com/tj-actions/changed-files/compare/v45.0.5...v45.0.6">45.0.6</a>
- (2025-01-03)</h1>
<h2><!-- raw HTML omitted -->🐛 Bug Fixes</h2>
<ul>
<li><strong>deps:</strong> Update dependency yaml to v2.7.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2383">#2383</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/5f974c28f5044c411f0c9e7becf3f172029cf9cf">5f974c2</a>)
- (renovate[bot])</li>
</ul>
<h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2>
<ul>
<li><strong>deps:</strong> Update dependency <code>@​types/lodash</code>
to v4.17.14 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2388">#2388</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/d6e91a2266cdb9d62096cebf1e8546899c6aa18f">d6e91a2</a>)
- (renovate[bot])</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/tj-actions/changed-files/commit/dcc7a0cba800f454d79fff4b993e8c3555bcc0a8"><code>dcc7a0c</code></a>
chore(deps): update dependency eslint-plugin-github to v5.1.8 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2424">#2424</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/364748aaa8a1ba2cd0a06c35e27f0b736cce57d1"><code>364748a</code></a>
chore(deps): update dependency <code>@​types/node</code> to v22.13.1 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2422">#2422</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/301bed650e89313e46f9582591f9a1f4839f2826"><code>301bed6</code></a>
chore(deps): lock file maintenance (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2420">#2420</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/be1c47003f1f9dedb4436e1e87dfdedd6f97f4c9"><code>be1c470</code></a>
chore(deps): update dependency <code>@​types/node</code> to v22.13.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2419">#2419</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/81785a6716d8354b3886445dd0c2f91e44a0af5a"><code>81785a6</code></a>
chore(deps): update dependency eslint-plugin-github to v5.1.7 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2417">#2417</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/065e671731666959f9ea1bbbb7ddb8363a8ae9cd"><code>065e671</code></a>
chore(deps): update dependency <code>@​types/lodash</code> to v4.17.15
(<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2415">#2415</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/45cd7f3ddd3d2ba2e885acb6245710a72c096704"><code>45cd7f3</code></a>
chore(deps): update dependency <code>@​types/node</code> to v22.12.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2414">#2414</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/47f21ba55840bf5f5d6ed605352ecd7f2508cbe2"><code>47f21ba</code></a>
chore(deps): update dependency eslint-plugin-github to v5.1.6 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2413">#2413</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/3b3041225bddb25fd9637f44aa4e9a5178c6792e"><code>3b30412</code></a>
chore(deps): update actions/setup-node action to v4.2.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2411">#2411</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/eec6665cfdd8cb363f41d1adb498ad670105e5ea"><code>eec6665</code></a>
chore(deps): lock file maintenance (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2410">#2410</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/tj-actions/changed-files/compare/d6e91a2266cdb9d62096cebf1e8546899c6aa18f...dcc7a0cba800f454d79fff4b993e8c3555bcc0a8">compare
view</a></li>
</ul>
</details>
<br />

Updates `actions/setup-java` from 4.4.0 to 4.7.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/setup-java/releases">actions/setup-java's
releases</a>.</em></p>
<blockquote>
<h2>v4.7.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Configure Dependabot settings by <a
href="https://github.com/HarithaVattikuti"><code>@​HarithaVattikuti</code></a>
in <a
href="https://redirect.github.com/actions/setup-java/pull/722">actions/setup-java#722</a></li>
<li>README Update: Added a permissions section by <a
href="https://github.com/benwells"><code>@​benwells</code></a> in <a
href="https://redirect.github.com/actions/setup-java/pull/723">actions/setup-java#723</a></li>
<li>Upgrade <code>cache</code> from version 3.2.4 to 4.0.0 by <a
href="https://github.com/aparnajyothi-y"><code>@​aparnajyothi-y</code></a>
in <a
href="https://redirect.github.com/actions/setup-java/pull/724">actions/setup-java#724</a></li>
<li>Upgrade <code>@actions/http-client</code> from 2.2.1 to 2.2.3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-java/pull/728">actions/setup-java#728</a></li>
<li>Upgrade <code>actions/publish-immutable-action</code> from 0.0.3 to
0.0.4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-java/pull/727">actions/setup-java#727</a></li>
<li>Upgrade <code>@types/jest</code> from 29.5.12 to 29.5.14 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-java/pull/729">actions/setup-java#729</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/benwells"><code>@​benwells</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/setup-java/pull/723">actions/setup-java#723</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/setup-java/compare/v4...v4.7.0">https://github.com/actions/setup-java/compare/v4...v4.7.0</a></p>
<h2>v4.6.0</h2>
<h2>What's Changed</h2>
<p><strong>Add-ons:</strong></p>
<ul>
<li>Add Support for JetBrains Runtime by <a
href="https://github.com/gmitch215"><code>@​gmitch215</code></a> in <a
href="https://redirect.github.com/actions/setup-java/pull/637">actions/setup-java#637</a></li>
</ul>
<pre lang="steps:"><code> - name: Checkout
   uses: actions/checkout@v4
 - name: Setup-java
   uses: actions/setup-java@v4
   with:
     distribution: ‘jetbrains’
     java-version: '21'
</code></pre>
<p><strong>Bug fixes:</strong></p>
<ul>
<li>Fix Ubuntu-latest CI failures by <a
href="https://github.com/mahabaleshwars"><code>@​mahabaleshwars</code></a>
in <a
href="https://redirect.github.com/actions/setup-java/pull/693">actions/setup-java#693</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/gmitch215"><code>@​gmitch215</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/setup-java/pull/637">actions/setup-java#637</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/setup-java/compare/v4...v4.6.0">https://github.com/actions/setup-java/compare/v4...v4.6.0</a></p>
<h2>v4.5.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Upgrade IA Publish by <a
href="https://github.com/Jcambass"><code>@​Jcambass</code></a> in <a
href="https://redirect.github.com/actions/setup-java/issues/686">#686</a></li>
</ul>
<h3>Bug fixes:</h3>
<ul>
<li>Improve archive extraction on windows runners without powershell
core and Update micromatch dependency by <a
href="https://github.com/priyagupta108"><code>@​priyagupta108</code></a>
in <a
href="https://redirect.github.com/actions/setup-java/issues/689">#689</a></li>
<li>Update workflows for GraalVM and Version Enhancements by <a
href="https://github.com/mahabaleshwars"><code>@​mahabaleshwars</code></a>
in <a
href="https://redirect.github.com/actions/setup-java/issues/699">#699</a></li>
<li>Refine <code>isGhes</code> logic by <a
href="https://github.com/jww3"><code>@​jww3</code></a> in <a
href="https://redirect.github.com/actions/setup-java/issues/697">#697</a></li>
</ul>
<h3>New Contributors:</h3>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/setup-java/commit/3a4f6e1af504cf6a31855fa899c6aa5355ba6c12"><code>3a4f6e1</code></a>
Bump <code>@​types/jest</code> from 29.5.12 to 29.5.14 (<a
href="https://redirect.github.com/actions/setup-java/issues/729">#729</a>)</li>
<li><a
href="https://github.com/actions/setup-java/commit/25f376e3482f0dca3da72062bdab5082495705ff"><code>25f376e</code></a>
Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 (<a
href="https://redirect.github.com/actions/setup-java/issues/727">#727</a>)</li>
<li><a
href="https://github.com/actions/setup-java/commit/d4e4b6bbc1a6e93198eade3e6adfedd3c01f79c4"><code>d4e4b6b</code></a>
Bump <code>@​actions/http-client</code> from 2.2.1 to 2.2.3 (<a
href="https://redirect.github.com/actions/setup-java/issues/728">#728</a>)</li>
<li><a
href="https://github.com/actions/setup-java/commit/28b532bcb39ad928b00bc3cbce25c94d11654854"><code>28b532b</code></a>
Create dependabot.yml (<a
href="https://redirect.github.com/actions/setup-java/issues/722">#722</a>)</li>
<li><a
href="https://github.com/actions/setup-java/commit/51ab6d2e3070fda1eac8cfaab8ffd90e6019d7e1"><code>51ab6d2</code></a>
Update cache from 3.2.4 to 4.0.0 (<a
href="https://redirect.github.com/actions/setup-java/issues/724">#724</a>)</li>
<li><a
href="https://github.com/actions/setup-java/commit/99d3141d9ba96520552bfd7a9545bc1d74da9251"><code>99d3141</code></a>
Update README.md (<a
href="https://redirect.github.com/actions/setup-java/issues/723">#723</a>)</li>
<li><a
href="https://github.com/actions/setup-java/commit/7a6d8a8234af8eb26422e24e3006232cccaa061b"><code>7a6d8a8</code></a>
Add Support for JetBrains Runtime (<a
href="https://redirect.github.com/actions/setup-java/issues/637">#637</a>)</li>
<li><a
href="https://github.com/actions/setup-java/commit/7136edc5e8145b3c0b6bae8f4e62706c74e76538"><code>7136edc</code></a>
Fix sbt and x86 CI failures on Ubuntu-24 (<a
href="https://redirect.github.com/actions/setup-java/issues/693">#693</a>)</li>
<li><a
href="https://github.com/actions/setup-java/commit/8df1039502a15bceb9433410b1a100fbe190c53b"><code>8df1039</code></a>
Refine <code>isGhes</code> logic (<a
href="https://redirect.github.com/actions/setup-java/issues/697">#697</a>)</li>
<li><a
href="https://github.com/actions/setup-java/commit/870c199c48d3d764226001e5f61002b15289795e"><code>870c199</code></a>
Update workflows for GraalVM and Version Enhancements (<a
href="https://redirect.github.com/actions/setup-java/issues/699">#699</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/setup-java/compare/b36c23c0d998641eff861008f374ee103c25ac73...3a4f6e1af504cf6a31855fa899c6aa5355ba6c12">compare
view</a></li>
</ul>
</details>
<br />

Updates `actions/stale` from 9.0.0 to 9.1.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/stale/releases">actions/stale's
releases</a>.</em></p>
<blockquote>
<h2>v9.1.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Documentation update by <a
href="https://github.com/Marukome0743"><code>@​Marukome0743</code></a>
in <a
href="https://redirect.github.com/actions/stale/pull/1116">actions/stale#1116</a></li>
<li>Add workflow file for publishing releases to immutable action
package by <a
href="https://github.com/Jcambass"><code>@​Jcambass</code></a> in <a
href="https://redirect.github.com/actions/stale/pull/1179">actions/stale#1179</a></li>
<li>Update undici from 5.28.2 to 5.28.4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/stale/pull/1150">actions/stale#1150</a></li>
<li>Update actions/checkout from 3 to 4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/stale/pull/1091">actions/stale#1091</a></li>
<li>Update actions/publish-action from 0.2.2 to 0.3.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/stale/pull/1147">actions/stale#1147</a></li>
<li>Update ts-jest from 29.1.1 to 29.2.5 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/stale/pull/1175">actions/stale#1175</a></li>
<li>Update <code>@​actions/core</code> from 1.10.1 to 1.11.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/stale/pull/1191">actions/stale#1191</a></li>
<li>Update <code>@​types/jest</code> from 29.5.11 to 29.5.14 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/stale/pull/1193">actions/stale#1193</a></li>
<li>Update <code>@​actions/cache</code> from 3.2.2 to 4.0.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/stale/pull/1194">actions/stale#1194</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/Marukome0743"><code>@​Marukome0743</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/stale/pull/1116">actions/stale#1116</a></li>
<li><a href="https://github.com/Jcambass"><code>@​Jcambass</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/stale/pull/1179">actions/stale#1179</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/stale/compare/v9...v9.1.0">https://github.com/actions/stale/compare/v9...v9.1.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/stale/commit/5bef64f19d7facfb25b37b414482c7164d639639"><code>5bef64f</code></a>
build(deps): bump <code>@​actions/cache</code> from 3.2.2 to 4.0.0 (<a
href="https://redirect.github.com/actions/stale/issues/1194">#1194</a>)</li>
<li><a
href="https://github.com/actions/stale/commit/fa77dfddd04682b7d96dbc4e016318e681fdc10e"><code>fa77dfd</code></a>
build(deps-dev): bump <code>@​types/jest</code> from 29.5.11 to 29.5.14
(<a
href="https://redirect.github.com/actions/stale/issues/1193">#1193</a>)</li>
<li><a
href="https://github.com/actions/stale/commit/f04443dce335c74ba15c65f4cbb3688e6cb6a6ec"><code>f04443d</code></a>
build(deps): bump <code>@​actions/core</code> from 1.10.1 to 1.11.1 (<a
href="https://redirect.github.com/actions/stale/issues/1191">#1191</a>)</li>
<li><a
href="https://github.com/actions/stale/commit/5c715b0513651880806e14d529f014b12fdd50eb"><code>5c715b0</code></a>
build(deps-dev): bump ts-jest from 29.1.1 to 29.2.5 (<a
href="https://redirect.github.com/actions/stale/issues/1175">#1175</a>)</li>
<li><a
href="https://github.com/actions/stale/commit/f69122271d990fd11f5594ccff2296f00ff59b49"><code>f691222</code></a>
build(deps): bump actions/publish-action from 0.2.2 to 0.3.0 (<a
href="https://redirect.github.com/actions/stale/issues/1147">#1147</a>)</li>
<li><a
href="https://github.com/actions/stale/commit/df990c2cf5ae92c90653c9485d6882a0a09feac7"><code>df990c2</code></a>
build(deps): bump actions/checkout from 3 to 4 (<a
href="https://redirect.github.com/actions/stale/issues/1091">#1091</a>)</li>
<li><a
href="https://github.com/actions/stale/commit/6e472ce44ab4197b0154601c59c54a75b73b340b"><code>6e472ce</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/stale/issues/1179">#1179</a>
from actions/Jcambass-patch-1</li>
<li><a
href="https://github.com/actions/stale/commit/d10ba64261d965f75165f74c55cd3ffbf690d442"><code>d10ba64</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/stale/issues/1150">#1150</a>
from actions/dependabot/npm_and_yarn/undici-5.28.4</li>
<li><a
href="https://github.com/actions/stale/commit/bbf3da5f64eebd003932d93293857400f7f7e18d"><code>bbf3da5</code></a>
resolve check failures</li>
<li><a
href="https://github.com/actions/stale/commit/6a2e61d18b155e538f85ef1bf7bd0470775e9703"><code>6a2e61d</code></a>
Add workflow file for publishing releases to immutable action
package</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/stale/compare/28ca1036281a5e5922ead5184a1bbf96e5fc984e...5bef64f19d7facfb25b37b414482c7164d639639">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-02-05 14:14:49 +00:00
dependabot[bot] cf370d6d1f ci: bump the github-actions group with 5 updates (#16382) 
Bumps the github-actions group with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [crate-ci/typos](https://github.com/crate-ci/typos) | `1.29.4` |
`1.29.5` |
|
[google-github-actions/auth](https://github.com/google-github-actions/auth)
| `2.1.7` | `2.1.8` |
|
[google-github-actions/setup-gcloud](https://github.com/google-github-actions/setup-gcloud)
| `2.1.2` | `2.1.4` |
|
[google-github-actions/get-gke-credentials](https://github.com/google-github-actions/get-gke-credentials)
| `2.3.0` | `2.3.1` |
| [github/codeql-action](https://github.com/github/codeql-action) |
`3.28.5` | `3.28.8` |

Updates `crate-ci/typos` from 1.29.4 to 1.29.5
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/crate-ci/typos/releases">crate-ci/typos's
releases</a>.</em></p>
<blockquote>
<h2>v1.29.5</h2>
<h2>[1.29.5] - 2025-01-30</h2>
<h3>Internal</h3>
<ul>
<li>Update a dependency</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/crate-ci/typos/blob/master/CHANGELOG.md">crate-ci/typos's
changelog</a>.</em></p>
<blockquote>
<h1>Change Log</h1>
<p>All notable changes to this project will be documented in this
file.</p>
<p>The format is based on <a href="http://keepachangelog.com/">Keep a
Changelog</a>
and this project adheres to <a href="http://semver.org/">Semantic
Versioning</a>.</p>
<!-- raw HTML omitted -->
<h2>[Unreleased] - ReleaseDate</h2>
<h3>Features</h3>
<ul>
<li>Updated the dictionary with the <a
href="https://redirect.github.com/crate-ci/typos/issues/1200">January
2025</a> changes</li>
</ul>
<h2>[1.29.5] - 2025-01-30</h2>
<h3>Internal</h3>
<ul>
<li>Update a dependency</li>
</ul>
<h2>[1.29.4] - 2025-01-03</h2>
<h2>[1.29.3] - 2025-01-02</h2>
<h2>[1.29.2] - 2025-01-02</h2>
<h2>[1.29.1] - 2025-01-02</h2>
<h3>Fixes</h3>
<ul>
<li>Don't correct <code>deriver</code></li>
</ul>
<h2>[1.29.0] - 2024-12-31</h2>
<h3>Features</h3>
<ul>
<li>Updated the dictionary with the <a
href="https://redirect.github.com/crate-ci/typos/issues/1156">December
2024</a> changes</li>
</ul>
<h3>Performance</h3>
<ul>
<li>Sped up dictionary lookups</li>
</ul>
<h2>[1.28.4] - 2024-12-16</h2>
<h3>Features</h3>
<ul>
<li><code>--format sarif</code> support</li>
</ul>
<h2>[1.28.3] - 2024-12-12</h2>
<h3>Fixes</h3>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/crate-ci/typos/commit/11ca4583f2f3f74c7e7785c0ecb20fe2c99a4308"><code>11ca458</code></a>
chore: Release</li>
<li><a
href="https://github.com/crate-ci/typos/commit/99fd37f157f55c0565a0574a86eb3949dbd38165"><code>99fd37f</code></a>
docs: Update changelog</li>
<li><a
href="https://github.com/crate-ci/typos/commit/4f604f6effffe7f41833b65ee75da75d416821ef"><code>4f604f6</code></a>
Merge pull request <a
href="https://redirect.github.com/crate-ci/typos/issues/1220">#1220</a>
from epage/w7</li>
<li><a
href="https://github.com/crate-ci/typos/commit/ba04a1a0fd67a0e00ad36c5c5655b9740ee5e68a"><code>ba04a1a</code></a>
perf: Remove ErrMode overhead</li>
<li><a
href="https://github.com/crate-ci/typos/commit/60452b5a81caa4f70c81282f2cdd2116fc045f52"><code>60452b5</code></a>
chore: Update to Winnow 0.7</li>
<li><a
href="https://github.com/crate-ci/typos/commit/4c22f194b5c24cf2b7d0524df0857f0f8bbc32a5"><code>4c22f19</code></a>
refactor: Migrate from Parser to ModalParser</li>
<li><a
href="https://github.com/crate-ci/typos/commit/7830eb8730de84bf14bc14cadb996c0e52f9fe93"><code>7830eb8</code></a>
refactor: Resolve deprecations</li>
<li><a
href="https://github.com/crate-ci/typos/commit/07f1292e290f35153fb91dad3324e7bdb9cd827a"><code>07f1292</code></a>
chore: Upgrade to Winnow 0.6.26</li>
<li><a
href="https://github.com/crate-ci/typos/commit/3683264986a72f63f13e9e8fc132a13af2a322b8"><code>3683264</code></a>
chore(deps): Update Rust Stable to v1.84 (<a
href="https://redirect.github.com/crate-ci/typos/issues/1216">#1216</a>)</li>
<li><a
href="https://github.com/crate-ci/typos/commit/2ed38e07fc83ec249f9736b81008690c2c88ec98"><code>2ed38e0</code></a>
chore(deps): Update Rust crate bstr to v1.11.3 (<a
href="https://redirect.github.com/crate-ci/typos/issues/1202">#1202</a>)</li>
<li>See full diff in <a
href="https://github.com/crate-ci/typos/compare/685eb3d55be2f85191e8c84acb9f44d7756f84ab...11ca4583f2f3f74c7e7785c0ecb20fe2c99a4308">compare
view</a></li>
</ul>
</details>
<br />

Updates `google-github-actions/auth` from 2.1.7 to 2.1.8
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/google-github-actions/auth/releases">google-github-actions/auth's
releases</a>.</em></p>
<blockquote>
<h2>v2.1.8</h2>
<h2>What's Changed</h2>
<ul>
<li>Update TROUBLESHOOTING.md by <a
href="https://github.com/sethvargo"><code>@​sethvargo</code></a> in <a
href="https://redirect.github.com/google-github-actions/auth/pull/457">google-github-actions/auth#457</a></li>
<li>fix: add runs-on to README.md example by <a
href="https://github.com/lbarthon"><code>@​lbarthon</code></a> in <a
href="https://redirect.github.com/google-github-actions/auth/pull/460">google-github-actions/auth#460</a></li>
<li>security: bump undici from 5.28.4 to 5.28.5 in the npm_and_yarn
group by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/google-github-actions/auth/pull/463">google-github-actions/auth#463</a></li>
<li>Update deps by <a
href="https://github.com/sethvargo"><code>@​sethvargo</code></a> in <a
href="https://redirect.github.com/google-github-actions/auth/pull/466">google-github-actions/auth#466</a></li>
<li>Release: v2.1.8 by <a
href="https://github.com/google-github-actions-bot"><code>@​google-github-actions-bot</code></a>
in <a
href="https://redirect.github.com/google-github-actions/auth/pull/467">google-github-actions/auth#467</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/lbarthon"><code>@​lbarthon</code></a>
made their first contribution in <a
href="https://redirect.github.com/google-github-actions/auth/pull/460">google-github-actions/auth#460</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/google-github-actions/auth/compare/v2...v2.1.8">https://github.com/google-github-actions/auth/compare/v2...v2.1.8</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/google-github-actions/auth/commit/71f986410dfbc7added4569d411d040a91dc6935"><code>71f9864</code></a>
Release: v2.1.8 (<a
href="https://redirect.github.com/google-github-actions/auth/issues/467">#467</a>)</li>
<li><a
href="https://github.com/google-github-actions/auth/commit/0cd8f2e4e26e94673a192056e2a7f0af77f84889"><code>0cd8f2e</code></a>
Update deps (<a
href="https://redirect.github.com/google-github-actions/auth/issues/466">#466</a>)</li>
<li><a
href="https://github.com/google-github-actions/auth/commit/332e0ba72f0d93d01c6f79eff1bd404dc3abddd3"><code>332e0ba</code></a>
security: bump undici from 5.28.4 to 5.28.5 in the npm_and_yarn group
(<a
href="https://redirect.github.com/google-github-actions/auth/issues/463">#463</a>)</li>
<li><a
href="https://github.com/google-github-actions/auth/commit/28d44ba25933bc5bc7f2d69931f8001632c46611"><code>28d44ba</code></a>
fix: add runs-on to README.md example (<a
href="https://redirect.github.com/google-github-actions/auth/issues/460">#460</a>)</li>
<li><a
href="https://github.com/google-github-actions/auth/commit/83354cacbb08bb6ced8aa3959623167f377b302e"><code>83354ca</code></a>
Update TROUBLESHOOTING.md (<a
href="https://redirect.github.com/google-github-actions/auth/issues/457">#457</a>)</li>
<li>See full diff in <a
href="https://github.com/google-github-actions/auth/compare/6fc4af4b145ae7821d527454aa9bd537d1f2dc5f...71f986410dfbc7added4569d411d040a91dc6935">compare
view</a></li>
</ul>
</details>
<br />

Updates `google-github-actions/setup-gcloud` from 2.1.2 to 2.1.4
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/google-github-actions/setup-gcloud/releases">google-github-actions/setup-gcloud's
releases</a>.</em></p>
<blockquote>
<h2>v2.1.4</h2>
<h2>What's Changed</h2>
<ul>
<li>Revert to pinned release workflows by <a
href="https://github.com/sethvargo"><code>@​sethvargo</code></a> in <a
href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/706">google-github-actions/setup-gcloud#706</a></li>
<li>Release: v2.1.4 by <a
href="https://github.com/google-github-actions-bot"><code>@​google-github-actions-bot</code></a>
in <a
href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/707">google-github-actions/setup-gcloud#707</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/google-github-actions/setup-gcloud/compare/v2.1.3...v2.1.4">https://github.com/google-github-actions/setup-gcloud/compare/v2.1.3...v2.1.4</a></p>
<h2>v2.1.3</h2>
<h2>What's Changed</h2>
<ul>
<li>Allow manually running integration tests with workflow_dispatch by
<a href="https://github.com/sethvargo"><code>@​sethvargo</code></a> in
<a
href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/702">google-github-actions/setup-gcloud#702</a></li>
<li>security: bump undici from 5.28.4 to 5.28.5 in the npm_and_yarn
group by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/703">google-github-actions/setup-gcloud#703</a></li>
<li>Update deps by <a
href="https://github.com/sethvargo"><code>@​sethvargo</code></a> in <a
href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/704">google-github-actions/setup-gcloud#704</a></li>
<li>Release: v2.1.3 by <a
href="https://github.com/google-github-actions-bot"><code>@​google-github-actions-bot</code></a>
in <a
href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/705">google-github-actions/setup-gcloud#705</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/google-github-actions/setup-gcloud/compare/v2...v2.1.3">https://github.com/google-github-actions/setup-gcloud/compare/v2...v2.1.3</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/google-github-actions/setup-gcloud/commit/77e7a554d41e2ee56fc945c52dfd3f33d12def9a"><code>77e7a55</code></a>
Release: v2.1.4 (<a
href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/707">#707</a>)</li>
<li><a
href="https://github.com/google-github-actions/setup-gcloud/commit/334c6905f38b9e030504ad8d87fbbaa43cdd3586"><code>334c690</code></a>
Revert to pinned release workflows (<a
href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/706">#706</a>)</li>
<li><a
href="https://github.com/google-github-actions/setup-gcloud/commit/4111bea454dcfe1b4c2db3753685db043571e112"><code>4111bea</code></a>
Release: v2.1.3 (<a
href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/705">#705</a>)</li>
<li><a
href="https://github.com/google-github-actions/setup-gcloud/commit/0c0751a334df96bd97a58506905a494041dfdec0"><code>0c0751a</code></a>
Update deps (<a
href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/704">#704</a>)</li>
<li><a
href="https://github.com/google-github-actions/setup-gcloud/commit/ae61ebc56fc846462d0e35972f86f9fb1d30f2e2"><code>ae61ebc</code></a>
security: bump undici from 5.28.4 to 5.28.5 in the npm_and_yarn group
(<a
href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/703">#703</a>)</li>
<li><a
href="https://github.com/google-github-actions/setup-gcloud/commit/25043b08d04e573bd8f468495feb10e6a5715267"><code>25043b0</code></a>
Allow manually running integration tests with workflow_dispatch (<a
href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/702">#702</a>)</li>
<li>See full diff in <a
href="https://github.com/google-github-actions/setup-gcloud/compare/6189d56e4096ee891640bb02ac264be376592d6a...77e7a554d41e2ee56fc945c52dfd3f33d12def9a">compare
view</a></li>
</ul>
</details>
<br />

Updates `google-github-actions/get-gke-credentials` from 2.3.0 to 2.3.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/google-github-actions/get-gke-credentials/releases">google-github-actions/get-gke-credentials's
releases</a>.</em></p>
<blockquote>
<h2>v2.3.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Centralize request logic, turn on retries, and add debug logging by
<a href="https://github.com/sethvargo"><code>@​sethvargo</code></a> in
<a
href="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/323">google-github-actions/get-gke-credentials#323</a></li>
<li>security: bump undici from 5.28.4 to 5.28.5 in the npm_and_yarn
group by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/324">google-github-actions/get-gke-credentials#324</a></li>
<li>Update deps by <a
href="https://github.com/sethvargo"><code>@​sethvargo</code></a> in <a
href="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/325">google-github-actions/get-gke-credentials#325</a></li>
<li>Release: v2.3.1 by <a
href="https://github.com/google-github-actions-bot"><code>@​google-github-actions-bot</code></a>
in <a
href="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/326">google-github-actions/get-gke-credentials#326</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/google-github-actions/get-gke-credentials/compare/v2...v2.3.1">https://github.com/google-github-actions/get-gke-credentials/compare/v2...v2.3.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/google-github-actions/get-gke-credentials/commit/7a108e64ed8546fe38316b4086e91da13f4785e1"><code>7a108e6</code></a>
Release: v2.3.1 (<a
href="https://redirect.github.com/google-github-actions/get-gke-credentials/issues/326">#326</a>)</li>
<li><a
href="https://github.com/google-github-actions/get-gke-credentials/commit/c5976979eef9961ac6e47fb2f06b958375d5ff33"><code>c597697</code></a>
Update deps (<a
href="https://redirect.github.com/google-github-actions/get-gke-credentials/issues/325">#325</a>)</li>
<li><a
href="https://github.com/google-github-actions/get-gke-credentials/commit/cb57a88edb5f546e72abe31af937bfcc9b0820b2"><code>cb57a88</code></a>
security: bump undici from 5.28.4 to 5.28.5 in the npm_and_yarn group
(<a
href="https://redirect.github.com/google-github-actions/get-gke-credentials/issues/324">#324</a>)</li>
<li><a
href="https://github.com/google-github-actions/get-gke-credentials/commit/b7a282cc9785583100aba279cbe3ab147a4f2cf6"><code>b7a282c</code></a>
Centralize request logic, turn on retries, and add debug logging (<a
href="https://redirect.github.com/google-github-actions/get-gke-credentials/issues/323">#323</a>)</li>
<li>See full diff in <a
href="https://github.com/google-github-actions/get-gke-credentials/compare/9025e8f90f2d8e0c3dafc3128cc705a26d992a6a...7a108e64ed8546fe38316b4086e91da13f4785e1">compare
view</a></li>
</ul>
</details>
<br />

Updates `github/codeql-action` from 3.28.5 to 3.28.8
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.28.8</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.28.8 - 29 Jan 2025</h2>
<ul>
<li>Enable support for Kotlin 2.1.10 when running with CodeQL CLI
v2.20.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2744">#2744</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.28.8/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
<h2>v3.28.7</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.28.7 - 29 Jan 2025</h2>
<p>No user facing changes.</p>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.28.7/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
<h2>v3.28.6</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.28.6 - 27 Jan 2025</h2>
<ul>
<li>Re-enable debug artifact upload for CLI versions 2.20.3 or greater.
<a
href="https://redirect.github.com/github/codeql-action/pull/2726">#2726</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.28.6/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.28.8 - 29 Jan 2025</h2>
<ul>
<li>Enable support for Kotlin 2.1.10 when running with CodeQL CLI
v2.20.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2744">#2744</a></li>
</ul>
<h2>3.28.7 - 29 Jan 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.6 - 27 Jan 2025</h2>
<ul>
<li>Re-enable debug artifact upload for CLI versions 2.20.3 or greater.
<a
href="https://redirect.github.com/github/codeql-action/pull/2726">#2726</a></li>
</ul>
<h2>3.28.5 - 24 Jan 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2717">#2717</a></li>
</ul>
<h2>3.28.4 - 23 Jan 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.3 - 22 Jan 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.2. <a
href="https://redirect.github.com/github/codeql-action/pull/2707">#2707</a></li>
<li>Fix an issue downloading the CodeQL Bundle from a GitHub Enterprise
Server instance which occurred when the CodeQL Bundle had been synced to
the instance using the <a
href="https://github.com/github/codeql-action-sync-tool">CodeQL Action
sync tool</a> and the Actions runner did not have Zstandard installed.
<a
href="https://redirect.github.com/github/codeql-action/pull/2710">#2710</a></li>
<li>Uploading debug artifacts for CodeQL analysis is temporarily
disabled. <a
href="https://redirect.github.com/github/codeql-action/pull/2712">#2712</a></li>
</ul>
<h2>3.28.2 - 21 Jan 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.1 - 10 Jan 2025</h2>
<ul>
<li>CodeQL Action v2 is now deprecated, and is no longer updated or
supported. For better performance, improved security, and new features,
upgrade to v3. For more information, see <a
href="https://github.blog/changelog/2025-01-10-code-scanning-codeql-action-v2-is-now-deprecated/">this
changelog post</a>. <a
href="https://redirect.github.com/github/codeql-action/pull/2677">#2677</a></li>
<li>Update default CodeQL bundle version to 2.20.1. <a
href="https://redirect.github.com/github/codeql-action/pull/2678">#2678</a></li>
</ul>
<h2>3.28.0 - 20 Dec 2024</h2>
<ul>
<li>Bump the minimum CodeQL bundle version to 2.15.5. <a
href="https://redirect.github.com/github/codeql-action/pull/2655">#2655</a></li>
<li>Don't fail in the unusual case that a file is on the search path. <a
href="https://redirect.github.com/github/codeql-action/pull/2660">#2660</a>.</li>
</ul>
<h2>3.27.9 - 12 Dec 2024</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/dd746615b3b9d728a6a37ca2045b68ca76d4841a"><code>dd74661</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2746">#2746</a>
from github/update-v3.28.8-a91a3f767</li>
<li><a
href="https://github.com/github/codeql-action/commit/3210a3cda6446234a897a079af1b684aa4c73326"><code>3210a3c</code></a>
Fix Kotlin version in changelog</li>
<li><a
href="https://github.com/github/codeql-action/commit/72f9d0296b7b9c91564f67ddf9def81c815ce0c6"><code>72f9d02</code></a>
Update changelog for v3.28.8</li>
<li><a
href="https://github.com/github/codeql-action/commit/a91a3f76789881261b540fb7aa8a527214f8ac01"><code>a91a3f7</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2744">#2744</a>
from github/igfoo/kot2.1.10</li>
<li><a
href="https://github.com/github/codeql-action/commit/c520fb59d4c28e13147ed378b4c12599df187412"><code>c520fb5</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2745">#2745</a>
from github/mergeback/v3.28.7-to-main-6e545590</li>
<li><a
href="https://github.com/github/codeql-action/commit/3879c5766041d8b2b7504c5c4b2d6dbd289f7634"><code>3879c57</code></a>
Add changelog entry</li>
<li><a
href="https://github.com/github/codeql-action/commit/0c2193725f360a9b0adcad3a71ce0d9cd4acb219"><code>0c21937</code></a>
Run &quot;npm run build&quot;</li>
<li><a
href="https://github.com/github/codeql-action/commit/5a61bf07fab8324ecda8ebb1d817463b17b717d9"><code>5a61bf0</code></a>
Kotlin: The 2.20.3 release supports Kotlin 2.1.10.</li>
<li><a
href="https://github.com/github/codeql-action/commit/163d1195df65a0e49551cd9b4fa0383e68d64a39"><code>163d119</code></a>
Update checked-in dependencies</li>
<li><a
href="https://github.com/github/codeql-action/commit/bcf5cecbc6b147de017e1841778fa8d8644bf8a2"><code>bcf5cec</code></a>
Update changelog and version after v3.28.7</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/f6091c0113d1dcf9b98e269ee48e8a7e51b7bdd4...dd746615b3b9d728a6a37ca2045b68ca76d4841a">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-02-03 12:23:21 +00:00
dependabot[bot] f8844cab0a ci: bump the github-actions group with 4 updates (#16192) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Muhammad Atif Ali <atif@coder.com>
 2025-01-21 15:31:30 +00:00
Ethan 887ea14b6a ci: fetch annotated tags during release/build-dylib (#15738) 
The release action [ran into an
issue](https://github.com/coder/coder/actions/runs/12147281426) building
the dylib today, as the version script that's run during the build job
was unable to find an annotated tag. This is a step it skips during
dry-runs.

```
ERROR: version.sh: the current commit is not tagged with an annotated tag
```

This was almost certainly caused by omitting the `git fetch --tags
--force` that's present on each other release action job, as the
workflow passes on a release dry-run when run against a regular branch,
that's not an annotated tag.

From an existing comment:
> If the event that triggered the build was an annotated tag (which our
tags are supposed to be), actions/checkout has a bug where the tag in
      question is only a lightweight tag and not a full annotated tag.
 2024-12-04 19:09:40 +11:00
dependabot[bot] 9e78aaeea3 ci: bump the github-actions group with 3 updates (#15649) 
Bumps the github-actions group with 3 updates:
[step-security/harden-runner](https://github.com/step-security/harden-runner),
[github/codeql-action](https://github.com/github/codeql-action) and
[aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action).

Updates `step-security/harden-runner` from 2.10.1 to 2.10.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's
releases</a>.</em></p>
<blockquote>
<h2>v2.10.2</h2>
<h2>What's Changed</h2>
<ol>
<li>
<p>Fixes low-severity command injection weaknesses
The advisory is here: <a
href="https://github.com/step-security/harden-runner/security/advisories/GHSA-g85v-wf27-67xc">https://github.com/step-security/harden-runner/security/advisories/GHSA-g85v-wf27-67xc</a></p>
</li>
<li>
<p>Bug fix to improve detection of whether Harden-Runner is running in a
container</p>
</li>
</ol>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/step-security/harden-runner/compare/v2...v2.10.2">https://github.com/step-security/harden-runner/compare/v2...v2.10.2</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/step-security/harden-runner/commit/0080882f6c36860b6ba35c610c98ce87d4e2f26f"><code>0080882</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/476">#476</a>
from step-security/rc-16</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/4a3a88bbf8f2e304f84e1042472c02dce37eba82"><code>4a3a88b</code></a>
Update dist</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/556aae632a6c1f630efa52e90d706218618e5f2f"><code>556aae6</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/480">#480</a>
from h0x0er/jatin/cleanup</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/6c39b8466160e86ad8606033d399fe7f4052aee1"><code>6c39b84</code></a>
chore: clean the code</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/40401cf6183a0ab2dae5c7e485c1d073fe911e91"><code>40401cf</code></a>
Update for isdocker</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/806ab1cccb47a439a89d5f8f85d3ea41a7fb1e4c"><code>806ab1c</code></a>
Update check for isdocker</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/28468118cdb665b2214b64175253b83fcb4b25f6"><code>2846811</code></a>
update dist</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/df8a07c1712fac199e8d6e78d64a46092afffa44"><code>df8a07c</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/475">#475</a>
from h0x0er/fix-execSync</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/30636fb583e59a926da2f17677e5cd3b63cf1be1"><code>30636fb</code></a>
bug fixes</li>
<li>See full diff in <a
href="https://github.com/step-security/harden-runner/compare/91182cccc01eb5e619899d80e4e971d6181294a7...0080882f6c36860b6ba35c610c98ce87d4e2f26f">compare
view</a></li>
</ul>
</details>
<br />

Updates `github/codeql-action` from 3.27.4 to 3.27.5
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.27.5</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<p>Note that the only difference between <code>v2</code> and
<code>v3</code> of the CodeQL Action is the node version they support,
with <code>v3</code> running on node 20 while we continue to release
<code>v2</code> to support running on node 16. For example
<code>3.22.11</code> was the first <code>v3</code> release and is
functionally identical to <code>2.22.11</code>. This approach ensures an
easy way to track exactly which features are included in different
versions, indicated by the minor and patch version numbers.</p>
<h2>3.27.5 - 19 Nov 2024</h2>
<p>No user facing changes.</p>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.27.5/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<p>Note that the only difference between <code>v2</code> and
<code>v3</code> of the CodeQL Action is the node version they support,
with <code>v3</code> running on node 20 while we continue to release
<code>v2</code> to support running on node 16. For example
<code>3.22.11</code> was the first <code>v3</code> release and is
functionally identical to <code>2.22.11</code>. This approach ensures an
easy way to track exactly which features are included in different
versions, indicated by the minor and patch version numbers.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.27.5 - 19 Nov 2024</h2>
<p>No user facing changes.</p>
<h2>3.27.4 - 14 Nov 2024</h2>
<p>No user facing changes.</p>
<h2>3.27.3 - 12 Nov 2024</h2>
<p>No user facing changes.</p>
<h2>3.27.2 - 12 Nov 2024</h2>
<ul>
<li>Fixed an issue where setting up the CodeQL tools would sometimes
fail with the message &quot;Invalid value 'undefined' for header
'authorization'&quot;. <a
href="https://redirect.github.com/github/codeql-action/pull/2590">#2590</a></li>
</ul>
<h2>3.27.1 - 08 Nov 2024</h2>
<ul>
<li>The CodeQL Action now downloads bundles compressed using Zstandard
on GitHub Enterprise Server when using Linux or macOS runners. This
speeds up the installation of the CodeQL tools. This feature is already
available to GitHub.com users. <a
href="https://redirect.github.com/github/codeql-action/pull/2573">#2573</a></li>
<li>Update default CodeQL bundle version to 2.19.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2576">#2576</a></li>
</ul>
<h2>3.27.0 - 22 Oct 2024</h2>
<ul>
<li>Bump the minimum CodeQL bundle version to 2.14.6. <a
href="https://redirect.github.com/github/codeql-action/pull/2549">#2549</a></li>
<li>Fix an issue where the <code>upload-sarif</code> Action would fail
with &quot;upload-sarif post-action step failed: Input required and not
supplied: token&quot; when called in a composite Action that had a
different set of inputs to the ones expected by the
<code>upload-sarif</code> Action. <a
href="https://redirect.github.com/github/codeql-action/pull/2557">#2557</a></li>
<li>Update default CodeQL bundle version to 2.19.2. <a
href="https://redirect.github.com/github/codeql-action/pull/2552">#2552</a></li>
</ul>
<h2>3.26.13 - 14 Oct 2024</h2>
<p>No user facing changes.</p>
<h2>3.26.12 - 07 Oct 2024</h2>
<ul>
<li>
<p><em>Upcoming breaking change</em>: Add a deprecation warning for
customers using CodeQL version 2.14.5 and earlier. These versions of
CodeQL were discontinued on 24 September 2024 alongside GitHub
Enterprise Server 3.10, and will be unsupported by CodeQL Action
versions 3.27.0 and later and versions 2.27.0 and later. <a
href="https://redirect.github.com/github/codeql-action/pull/2520">#2520</a></p>
<ul>
<li>
<p>If you are using one of these versions, please update to CodeQL CLI
version 2.14.6 or later. For instance, if you have specified a custom
version of the CLI using the 'tools' input to the 'init' Action, you can
remove this input to use the default version.</p>
</li>
<li>
<p>Alternatively, if you want to continue using a version of the CodeQL
CLI between 2.13.5 and 2.14.5, you can replace
<code>github/codeql-action/*@v3</code> by
<code>github/codeql-action/*@v3.26.11</code> and
<code>github/codeql-action/*@v2</code> by
<code>github/codeql-action/*@v2.26.11</code> in your code scanning
workflow to ensure you continue using this version of the CodeQL
Action.</p>
</li>
</ul>
</li>
</ul>
<h2>3.26.11 - 03 Oct 2024</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/f09c1c0a94de965c15400f5634aa42fac8fb8f88"><code>f09c1c0</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2616">#2616</a>
from github/update-v3.27.5-a6c8729a5</li>
<li><a
href="https://github.com/github/codeql-action/commit/67b73eaba559c7e6913377065b0362ccbfc94e87"><code>67b73ea</code></a>
Update changelog for v3.27.5</li>
<li><a
href="https://github.com/github/codeql-action/commit/a6c8729a5d7573eb8d440e52a9645ce4db61d97c"><code>a6c8729</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2614">#2614</a>
from github/marcogario/per-platform-proxy</li>
<li><a
href="https://github.com/github/codeql-action/commit/8f3b48727ff1b076c28967a258b95fcee30a3a48"><code>8f3b487</code></a>
Start-proxy: Fetch OS specific binary</li>
<li><a
href="https://github.com/github/codeql-action/commit/cba5fb58d4f85affaf03eb9da32f5b6c9d76838b"><code>cba5fb5</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2613">#2613</a>
from github/dependabot/npm_and_yarn/npm_and_yarn-018...</li>
<li><a
href="https://github.com/github/codeql-action/commit/e782c3a145d9946aba8fa390e406acbe4e4c05c5"><code>e782c3a</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2612">#2612</a>
from github/angelapwen/report-linux-runner-release</li>
<li><a
href="https://github.com/github/codeql-action/commit/db6788195b646f87b3d1c616b0c14a6d5b7fa9a6"><code>db67881</code></a>
Update checked-in dependencies</li>
<li><a
href="https://github.com/github/codeql-action/commit/ecde4d232d18cf2dba6c1a6b76810332abff736f"><code>ecde4d2</code></a>
Bump cross-spawn from 7.0.3 to 7.0.6 in the npm_and_yarn group</li>
<li><a
href="https://github.com/github/codeql-action/commit/e3c67a01d31d9c173ba5ffccc9d0f275540d99de"><code>e3c67a0</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2610">#2610</a>
from github/dependabot/npm_and_yarn/npm-d2ca52e617</li>
<li><a
href="https://github.com/github/codeql-action/commit/f9ada54538b47b6db28c4d11f53848689968909e"><code>f9ada54</code></a>
Telemetry: report OS release for GitHub-hosted Linux runners</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/ea9e4e37992a54ee68a9622e985e60c8e8f12d9f...f09c1c0a94de965c15400f5634aa42fac8fb8f88">compare
view</a></li>
</ul>
</details>
<br />

Updates `aquasecurity/trivy-action` from 0.28.0 to 0.29.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/aquasecurity/trivy-action/releases">aquasecurity/trivy-action's
releases</a>.</em></p>
<blockquote>
<h2>v0.29.0</h2>
<h2>What's Changed</h2>
<ul>
<li>feat: Allow skipping setup by <a
href="https://github.com/rvesse"><code>@​rvesse</code></a> in <a
href="https://redirect.github.com/aquasecurity/trivy-action/pull/414">aquasecurity/trivy-action#414</a></li>
<li>Fix oras command not found in &quot;Update Trivy Cache&quot; action
by <a href="https://github.com/Tiryoh"><code>@​Tiryoh</code></a> in <a
href="https://redirect.github.com/aquasecurity/trivy-action/pull/413">aquasecurity/trivy-action#413</a></li>
<li>Update README.md by <a
href="https://github.com/simar7"><code>@​simar7</code></a> in <a
href="https://redirect.github.com/aquasecurity/trivy-action/pull/420">aquasecurity/trivy-action#420</a></li>
<li>feat: add token for <code>setup-trivy</code> by <a
href="https://github.com/DmitriyLewen"><code>@​DmitriyLewen</code></a>
in <a
href="https://redirect.github.com/aquasecurity/trivy-action/pull/421">aquasecurity/trivy-action#421</a></li>
<li>fix: bump <code>setup-trivy</code> and add new <code>contrib</code>
directory path info by <a
href="https://github.com/DmitriyLewen"><code>@​DmitriyLewen</code></a>
in <a
href="https://redirect.github.com/aquasecurity/trivy-action/pull/424">aquasecurity/trivy-action#424</a></li>
<li>docs: remove ignore-unfixed from IaC scan example by <a
href="https://github.com/nikpivkin"><code>@​nikpivkin</code></a> in <a
href="https://redirect.github.com/aquasecurity/trivy-action/pull/429">aquasecurity/trivy-action#429</a></li>
<li>chore(deps): Bump trivy to v0.57.1 by <a
href="https://github.com/simar7"><code>@​simar7</code></a> in <a
href="https://redirect.github.com/aquasecurity/trivy-action/pull/434">aquasecurity/trivy-action#434</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/rvesse"><code>@​rvesse</code></a> made
their first contribution in <a
href="https://redirect.github.com/aquasecurity/trivy-action/pull/414">aquasecurity/trivy-action#414</a></li>
<li><a href="https://github.com/Tiryoh"><code>@​Tiryoh</code></a> made
their first contribution in <a
href="https://redirect.github.com/aquasecurity/trivy-action/pull/413">aquasecurity/trivy-action#413</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/aquasecurity/trivy-action/compare/0.28.0...0.29.0">https://github.com/aquasecurity/trivy-action/compare/0.28.0...0.29.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/aquasecurity/trivy-action/commit/18f2510ee396bbf400402947b394f2dd8c87dbb0"><code>18f2510</code></a>
chore(deps): Bump trivy to v0.57.1 (<a
href="https://redirect.github.com/aquasecurity/trivy-action/issues/434">#434</a>)</li>
<li><a
href="https://github.com/aquasecurity/trivy-action/commit/93941cebba762da4c91a91883859bf1bfb221c73"><code>93941ce</code></a>
docs: remove ignore-unfixed from IaC scan example (<a
href="https://redirect.github.com/aquasecurity/trivy-action/issues/429">#429</a>)</li>
<li><a
href="https://github.com/aquasecurity/trivy-action/commit/d2a392a13760cb64cb6bbd31d4bed2a7d9a5298d"><code>d2a392a</code></a>
fix: bump <code>setup-trivy</code> and add new <code>contrib</code>
directory path info (<a
href="https://redirect.github.com/aquasecurity/trivy-action/issues/424">#424</a>)</li>
<li><a
href="https://github.com/aquasecurity/trivy-action/commit/ee8934673cc18947baf4b05c01c4100ff36648da"><code>ee89346</code></a>
feat: add token for <code>setup-trivy</code> (<a
href="https://redirect.github.com/aquasecurity/trivy-action/issues/421">#421</a>)</li>
<li><a
href="https://github.com/aquasecurity/trivy-action/commit/cf990b19d84bbbe1eb8833659989a7c1029132e3"><code>cf990b1</code></a>
Update README.md (<a
href="https://redirect.github.com/aquasecurity/trivy-action/issues/420">#420</a>)</li>
<li><a
href="https://github.com/aquasecurity/trivy-action/commit/bff40be51b9207cf8f2148d628a9836cc7370247"><code>bff40be</code></a>
docs: Fix oras command not found (<a
href="https://redirect.github.com/aquasecurity/trivy-action/issues/413">#413</a>)</li>
<li><a
href="https://github.com/aquasecurity/trivy-action/commit/fc1500abdcdc9fc681e98d8912a52fa70dbc67de"><code>fc1500a</code></a>
feat: Allow skipping setup (<a
href="https://redirect.github.com/aquasecurity/trivy-action/issues/414">#414</a>)</li>
<li>See full diff in <a
href="https://github.com/aquasecurity/trivy-action/compare/915b19bbe73b92a6cf82a1bc12b087c9a19a5fe2...18f2510ee396bbf400402947b394f2dd8c87dbb0">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-11-26 16:24:10 +05:00
Ethan 32fc844b47 chore: support building Coder Desktop .dylib (#15512) 
Relates to #14734.
 2024-11-20 14:13:03 +11:00
Muhammad Atif Ali 365ce67f21 chore: add provenance attestation to docker-base image (#14999) 
Enables [build
attestation](https://docs.docker.com/build/metadata/attestations/slsa-provenance/)
for the docker-base image.
Contributes to #14879 and coder/internal#89

As an experiment, we are only doing it with the coder-base image for
now.
 2024-11-15 08:16:33 +05:00
dependabot[bot] 765314ce18 ci: bump the github-actions group with 4 updates (#15359) 
Bumps the github-actions group with 4 updates:
[crate-ci/typos](https://github.com/crate-ci/typos),
[google-github-actions/auth](https://github.com/google-github-actions/auth),
[google-github-actions/setup-gcloud](https://github.com/google-github-actions/setup-gcloud)
and
[google-github-actions/get-gke-credentials](https://github.com/google-github-actions/get-gke-credentials).

Updates `crate-ci/typos` from 1.26.8 to 1.27.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/crate-ci/typos/releases">crate-ci/typos's
releases</a>.</em></p>
<blockquote>
<h2>v1.27.0</h2>
<h2>[1.27.0] - 2024-11-01</h2>
<h3>Features</h3>
<ul>
<li>Updated the dictionary with the <a
href="https://redirect.github.com/crate-ci/typos/issues/1106">October
2024</a> changes</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/crate-ci/typos/blob/master/CHANGELOG.md">crate-ci/typos's
changelog</a>.</em></p>
<blockquote>
<h1>Change Log</h1>
<p>All notable changes to this project will be documented in this
file.</p>
<p>The format is based on <a href="http://keepachangelog.com/">Keep a
Changelog</a>
and this project adheres to <a href="http://semver.org/">Semantic
Versioning</a>.</p>
<!-- raw HTML omitted -->
<h2>[Unreleased] - ReleaseDate</h2>
<h2>[1.27.0] - 2024-11-01</h2>
<h3>Features</h3>
<ul>
<li>Updated the dictionary with the <a
href="https://redirect.github.com/crate-ci/typos/issues/1106">October
2024</a> changes</li>
</ul>
<h2>[1.26.8] - 2024-10-24</h2>
<h2>[1.26.7] - 2024-10-24</h2>
<h2>[1.26.6] - 2024-10-24</h2>
<h2>[1.26.5] - 2024-10-24</h2>
<h2>[1.26.4] - 2024-10-24</h2>
<h2>[1.26.3] - 2024-10-24</h2>
<h3>Fixes</h3>
<ul>
<li>Accept <code>additionals</code></li>
</ul>
<h2>[1.26.2] - 2024-10-24</h2>
<h3>Fixes</h3>
<ul>
<li>Accept <code>tesselate</code> variants</li>
</ul>
<h2>[1.26.1] - 2024-10-23</h2>
<h3>Fixes</h3>
<ul>
<li>Respect <code>--force-exclude</code> for binary files</li>
</ul>
<h2>[1.26.0] - 2024-10-07</h2>
<h3>Compatibility</h3>
<ul>
<li><em>(pre-commit)</em> Requires 3.2+</li>
</ul>
<h3>Fixes</h3>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/crate-ci/typos/commit/d01f29c66d1bf1a08730750f61d86c210b0d039d"><code>d01f29c</code></a>
chore: Release</li>
<li><a
href="https://github.com/crate-ci/typos/commit/52e950bb130b2bdee93bba2b1973c8f7d8ac5c46"><code>52e950b</code></a>
chore: Release</li>
<li><a
href="https://github.com/crate-ci/typos/commit/19cfc03ea4e6fd581972b77eb3761351a4db7ee6"><code>19cfc03</code></a>
docs: Update changelog</li>
<li><a
href="https://github.com/crate-ci/typos/commit/f80b1564bd618fb5325b8c0d52849ac7da0bbaea"><code>f80b156</code></a>
Merge pull request <a
href="https://redirect.github.com/crate-ci/typos/issues/1140">#1140</a>
from epage/oct</li>
<li><a
href="https://github.com/crate-ci/typos/commit/6b5c8079a9416f5aba90f4cc1348921aa72d9538"><code>6b5c807</code></a>
feat(dict): Oct updates</li>
<li><a
href="https://github.com/crate-ci/typos/commit/d64f202a88f87f2e3fbbd1f5a45ab2ec3ef9b832"><code>d64f202</code></a>
chore(deps): Update compatible (<a
href="https://redirect.github.com/crate-ci/typos/issues/1137">#1137</a>)</li>
<li><a
href="https://github.com/crate-ci/typos/commit/e903c4628799da0b9fc51e03d200e4fa62ba2c0a"><code>e903c46</code></a>
Merge pull request <a
href="https://redirect.github.com/crate-ci/typos/issues/1136">#1136</a>
from PigeonF/PigeonF/push-mlqnlvmswwmp</li>
<li><a
href="https://github.com/crate-ci/typos/commit/b994765ef920d85d7a7115db2e9afce611cdcf93"><code>b994765</code></a>
chore: Fix typo &quot;potemtial&quot; -&gt; &quot;potential&quot;</li>
<li>See full diff in <a
href="https://github.com/crate-ci/typos/compare/0d9e0c2c1bd7f770f6eb90f87780848ca02fc12c...d01f29c66d1bf1a08730750f61d86c210b0d039d">compare
view</a></li>
</ul>
</details>
<br />

Updates `google-github-actions/auth` from 2.1.6 to 2.1.7
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/google-github-actions/auth/releases">google-github-actions/auth's
releases</a>.</em></p>
<blockquote>
<h2>v2.1.7</h2>
<h2>What's Changed</h2>
<ul>
<li>fix: update relase workflows by <a
href="https://github.com/verbanicm"><code>@​verbanicm</code></a> in <a
href="https://redirect.github.com/google-github-actions/auth/pull/452">google-github-actions/auth#452</a></li>
<li>Release: v2.1.7 by <a
href="https://github.com/google-github-actions-bot"><code>@​google-github-actions-bot</code></a>
in <a
href="https://redirect.github.com/google-github-actions/auth/pull/453">google-github-actions/auth#453</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/google-github-actions/auth/compare/v2.1.6...v2.1.7">https://github.com/google-github-actions/auth/compare/v2.1.6...v2.1.7</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/google-github-actions/auth/commit/6fc4af4b145ae7821d527454aa9bd537d1f2dc5f"><code>6fc4af4</code></a>
Release: v2.1.7 (<a
href="https://redirect.github.com/google-github-actions/auth/issues/453">#453</a>)</li>
<li><a
href="https://github.com/google-github-actions/auth/commit/212f83afe868cc88aa354e1efbf778eff05d970a"><code>212f83a</code></a>
fix: update relase workflows (<a
href="https://redirect.github.com/google-github-actions/auth/issues/452">#452</a>)</li>
<li>See full diff in <a
href="https://github.com/google-github-actions/auth/compare/8254fb75a33b976a221574d287e93919e6a36f70...6fc4af4b145ae7821d527454aa9bd537d1f2dc5f">compare
view</a></li>
</ul>
</details>
<br />

Updates `google-github-actions/setup-gcloud` from 2.1.1 to 2.1.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/google-github-actions/setup-gcloud/releases">google-github-actions/setup-gcloud's
releases</a>.</em></p>
<blockquote>
<h2>v2.1.2</h2>
<h2>What's Changed</h2>
<ul>
<li>fix: update release workflows by <a
href="https://github.com/verbanicm"><code>@​verbanicm</code></a> in <a
href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/698">google-github-actions/setup-gcloud#698</a></li>
<li>Release: v2.1.2 by <a
href="https://github.com/google-github-actions-bot"><code>@​google-github-actions-bot</code></a>
in <a
href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/699">google-github-actions/setup-gcloud#699</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/google-github-actions/setup-gcloud/compare/v2.1.1...v2.1.2">https://github.com/google-github-actions/setup-gcloud/compare/v2.1.1...v2.1.2</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/google-github-actions/setup-gcloud/commit/6189d56e4096ee891640bb02ac264be376592d6a"><code>6189d56</code></a>
Release: v2.1.2 (<a
href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/699">#699</a>)</li>
<li><a
href="https://github.com/google-github-actions/setup-gcloud/commit/413dc083dd5818edda432148520965d8255c729a"><code>413dc08</code></a>
fix: update release workflows (<a
href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/698">#698</a>)</li>
<li>See full diff in <a
href="https://github.com/google-github-actions/setup-gcloud/compare/f0990588f1e5b5af6827153b93673613abdc6ec7...6189d56e4096ee891640bb02ac264be376592d6a">compare
view</a></li>
</ul>
</details>
<br />

Updates `google-github-actions/get-gke-credentials` from 2.2.1 to 2.2.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/google-github-actions/get-gke-credentials/releases">google-github-actions/get-gke-credentials's
releases</a>.</em></p>
<blockquote>
<h2>v2.2.2</h2>
<h2>What's Changed</h2>
<ul>
<li>Fix package name by <a
href="https://github.com/sethvargo"><code>@​sethvargo</code></a> in <a
href="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/312">google-github-actions/get-gke-credentials#312</a></li>
<li>fix: update release workflows by <a
href="https://github.com/verbanicm"><code>@​verbanicm</code></a> in <a
href="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/313">google-github-actions/get-gke-credentials#313</a></li>
<li>Release: v2.2.2 by <a
href="https://github.com/google-github-actions-bot"><code>@​google-github-actions-bot</code></a>
in <a
href="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/315">google-github-actions/get-gke-credentials#315</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/google-github-actions/get-gke-credentials/compare/v2.2.1...v2.2.2">https://github.com/google-github-actions/get-gke-credentials/compare/v2.2.1...v2.2.2</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/google-github-actions/get-gke-credentials/commit/206d64b64b0eba0a6e2f25113d044c31776ca8d6"><code>206d64b</code></a>
Release: v2.2.2 (<a
href="https://redirect.github.com/google-github-actions/get-gke-credentials/issues/315">#315</a>)</li>
<li><a
href="https://github.com/google-github-actions/get-gke-credentials/commit/0fead37d80f46cbcae8eb09300bd8186eb3b2d31"><code>0fead37</code></a>
fix: update release workflows (<a
href="https://redirect.github.com/google-github-actions/get-gke-credentials/issues/313">#313</a>)</li>
<li><a
href="https://github.com/google-github-actions/get-gke-credentials/commit/d7d8311fd5e889897561404341b15a5c01310725"><code>d7d8311</code></a>
Fix package name (<a
href="https://redirect.github.com/google-github-actions/get-gke-credentials/issues/312">#312</a>)</li>
<li>See full diff in <a
href="https://github.com/google-github-actions/get-gke-credentials/compare/6051de21ad50fbb1767bc93c11357a49082ad116...206d64b64b0eba0a6e2f25113d044c31776ca8d6">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Muhammad Atif Ali <me@matifali.dev>
 2024-11-05 19:43:41 +11:00
Muhammad Atif Ali afacb07140 chore: tighten GitHub workflow permissions (#15282) 2024-10-30 16:17:42 +05:00
Muhammad Atif Ali 8e254cbb07 chore: integrate step-security/harden-runner in workflows (#15099) 
Redoing #15097
Part of #14879
 2024-10-16 11:23:00 -07:00
Muhammad Atif Ali 57a65c15bf chore: use commit sha for GitHub actions (#15019) 
Use specific commit SHAs for GitHub actions across various workflows to
enhance reliability and reproducibility. This change ensures that
actions run against a known version, reducing the risk of unexpected
issues due to updates in the third-party action repositories.

This contributes to improving the score in #14879
 2024-10-14 08:49:55 -07:00
Muhammad Atif Ali 88bc491778 chore: add stable version info to repository-dispatch event (#13997) 
Co-authored-by: Mathias Fredriksson <mafredri@gmail.com>
 2024-07-25 11:03:01 +03:00
Mathias Fredriksson a114288ef2 ci: remove release make concurrency to fix docker image race (#13769) 2024-07-02 17:49:18 +00:00
Cian Johnston 5ea5db29e9 ci: use postgres version 13 to test migrations (#13767) 2024-07-02 17:03:21 +00:00
Muhammad Atif Ali 136900268e ci: migrate to depot.dev runners (#13467) 2024-06-25 09:36:33 +03:00
Cian Johnston 45b45f1107 ci: re-enable test migrations in release workflow (#13307) 2024-05-20 10:35:06 +01:00
Mathias Fredriksson 06dd656e08 ci: disable make test-migrations in release.yaml (#13201) 2024-05-07 17:15:12 +00:00
Jon Ayers 8269124ab7 feat: sign windows binaries (#13086) 2024-04-29 10:43:27 -05:00
Mathias Fredriksson b82a782619 chore(scripts): implement mainline and stable release channels (#13048) 
Fixes #12458
 2024-04-24 19:43:11 +00:00
Cian Johnston a04c76ce40 ci: release: test migrations before building (#13051) 2024-04-24 08:31:01 +01:00
Muhammad Danish 3c536aa880 ci: use repo secret for syncing winget-pkgs fork (#12108) 2024-02-13 18:25:13 +03:00
Muhammad Atif Ali 70ad833b02 ci: fix GH_TOKEN in release.yaml (#12044) 2024-02-07 13:37:11 +03:00
dependabot[bot] 46d92dac57 ci: bump the github-actions group with 5 updates (#11890) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-30 00:38:59 +03:00