shishantbiswas/coder
1
0
Fork 0
mirror of https://github.com/coder/coder.git synced 2026-06-03 13:08:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
8,967 Commits 1,141 Branches 344 Tags
6b3e14f3fa77458bd7e556d72ae3343100b8b4df
Commit Graph

832 Commits

Author SHA1 Message Date
Cian Johnston 6b3e14f3fa fix(dogfood/contents): fix resource metadata under nix (#16349) 
Co-authored-by: Thomas Kosiewski <tk@coder.com>
 2025-02-04 16:10:10 +01:00
M Atif Ali cab1f375ec ci: merge approval and notify jobs (#16403) 2025-02-03 20:35:06 +05:00
dependabot[bot] cf370d6d1f ci: bump the github-actions group with 5 updates (#16382) 
Bumps the github-actions group with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [crate-ci/typos](https://github.com/crate-ci/typos) | `1.29.4` |
`1.29.5` |
|
[google-github-actions/auth](https://github.com/google-github-actions/auth)
| `2.1.7` | `2.1.8` |
|
[google-github-actions/setup-gcloud](https://github.com/google-github-actions/setup-gcloud)
| `2.1.2` | `2.1.4` |
|
[google-github-actions/get-gke-credentials](https://github.com/google-github-actions/get-gke-credentials)
| `2.3.0` | `2.3.1` |
| [github/codeql-action](https://github.com/github/codeql-action) |
`3.28.5` | `3.28.8` |

Updates `crate-ci/typos` from 1.29.4 to 1.29.5
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/crate-ci/typos/releases">crate-ci/typos's
releases</a>.</em></p>
<blockquote>
<h2>v1.29.5</h2>
<h2>[1.29.5] - 2025-01-30</h2>
<h3>Internal</h3>
<ul>
<li>Update a dependency</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/crate-ci/typos/blob/master/CHANGELOG.md">crate-ci/typos's
changelog</a>.</em></p>
<blockquote>
<h1>Change Log</h1>
<p>All notable changes to this project will be documented in this
file.</p>
<p>The format is based on <a href="http://keepachangelog.com/">Keep a
Changelog</a>
and this project adheres to <a href="http://semver.org/">Semantic
Versioning</a>.</p>
<!-- raw HTML omitted -->
<h2>[Unreleased] - ReleaseDate</h2>
<h3>Features</h3>
<ul>
<li>Updated the dictionary with the <a
href="https://redirect.github.com/crate-ci/typos/issues/1200">January
2025</a> changes</li>
</ul>
<h2>[1.29.5] - 2025-01-30</h2>
<h3>Internal</h3>
<ul>
<li>Update a dependency</li>
</ul>
<h2>[1.29.4] - 2025-01-03</h2>
<h2>[1.29.3] - 2025-01-02</h2>
<h2>[1.29.2] - 2025-01-02</h2>
<h2>[1.29.1] - 2025-01-02</h2>
<h3>Fixes</h3>
<ul>
<li>Don't correct <code>deriver</code></li>
</ul>
<h2>[1.29.0] - 2024-12-31</h2>
<h3>Features</h3>
<ul>
<li>Updated the dictionary with the <a
href="https://redirect.github.com/crate-ci/typos/issues/1156">December
2024</a> changes</li>
</ul>
<h3>Performance</h3>
<ul>
<li>Sped up dictionary lookups</li>
</ul>
<h2>[1.28.4] - 2024-12-16</h2>
<h3>Features</h3>
<ul>
<li><code>--format sarif</code> support</li>
</ul>
<h2>[1.28.3] - 2024-12-12</h2>
<h3>Fixes</h3>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/crate-ci/typos/commit/11ca4583f2f3f74c7e7785c0ecb20fe2c99a4308"><code>11ca458</code></a>
chore: Release</li>
<li><a
href="https://github.com/crate-ci/typos/commit/99fd37f157f55c0565a0574a86eb3949dbd38165"><code>99fd37f</code></a>
docs: Update changelog</li>
<li><a
href="https://github.com/crate-ci/typos/commit/4f604f6effffe7f41833b65ee75da75d416821ef"><code>4f604f6</code></a>
Merge pull request <a
href="https://redirect.github.com/crate-ci/typos/issues/1220">#1220</a>
from epage/w7</li>
<li><a
href="https://github.com/crate-ci/typos/commit/ba04a1a0fd67a0e00ad36c5c5655b9740ee5e68a"><code>ba04a1a</code></a>
perf: Remove ErrMode overhead</li>
<li><a
href="https://github.com/crate-ci/typos/commit/60452b5a81caa4f70c81282f2cdd2116fc045f52"><code>60452b5</code></a>
chore: Update to Winnow 0.7</li>
<li><a
href="https://github.com/crate-ci/typos/commit/4c22f194b5c24cf2b7d0524df0857f0f8bbc32a5"><code>4c22f19</code></a>
refactor: Migrate from Parser to ModalParser</li>
<li><a
href="https://github.com/crate-ci/typos/commit/7830eb8730de84bf14bc14cadb996c0e52f9fe93"><code>7830eb8</code></a>
refactor: Resolve deprecations</li>
<li><a
href="https://github.com/crate-ci/typos/commit/07f1292e290f35153fb91dad3324e7bdb9cd827a"><code>07f1292</code></a>
chore: Upgrade to Winnow 0.6.26</li>
<li><a
href="https://github.com/crate-ci/typos/commit/3683264986a72f63f13e9e8fc132a13af2a322b8"><code>3683264</code></a>
chore(deps): Update Rust Stable to v1.84 (<a
href="https://redirect.github.com/crate-ci/typos/issues/1216">#1216</a>)</li>
<li><a
href="https://github.com/crate-ci/typos/commit/2ed38e07fc83ec249f9736b81008690c2c88ec98"><code>2ed38e0</code></a>
chore(deps): Update Rust crate bstr to v1.11.3 (<a
href="https://redirect.github.com/crate-ci/typos/issues/1202">#1202</a>)</li>
<li>See full diff in <a
href="https://github.com/crate-ci/typos/compare/685eb3d55be2f85191e8c84acb9f44d7756f84ab...11ca4583f2f3f74c7e7785c0ecb20fe2c99a4308">compare
view</a></li>
</ul>
</details>
<br />

Updates `google-github-actions/auth` from 2.1.7 to 2.1.8
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/google-github-actions/auth/releases">google-github-actions/auth's
releases</a>.</em></p>
<blockquote>
<h2>v2.1.8</h2>
<h2>What's Changed</h2>
<ul>
<li>Update TROUBLESHOOTING.md by <a
href="https://github.com/sethvargo"><code>@​sethvargo</code></a> in <a
href="https://redirect.github.com/google-github-actions/auth/pull/457">google-github-actions/auth#457</a></li>
<li>fix: add runs-on to README.md example by <a
href="https://github.com/lbarthon"><code>@​lbarthon</code></a> in <a
href="https://redirect.github.com/google-github-actions/auth/pull/460">google-github-actions/auth#460</a></li>
<li>security: bump undici from 5.28.4 to 5.28.5 in the npm_and_yarn
group by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/google-github-actions/auth/pull/463">google-github-actions/auth#463</a></li>
<li>Update deps by <a
href="https://github.com/sethvargo"><code>@​sethvargo</code></a> in <a
href="https://redirect.github.com/google-github-actions/auth/pull/466">google-github-actions/auth#466</a></li>
<li>Release: v2.1.8 by <a
href="https://github.com/google-github-actions-bot"><code>@​google-github-actions-bot</code></a>
in <a
href="https://redirect.github.com/google-github-actions/auth/pull/467">google-github-actions/auth#467</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/lbarthon"><code>@​lbarthon</code></a>
made their first contribution in <a
href="https://redirect.github.com/google-github-actions/auth/pull/460">google-github-actions/auth#460</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/google-github-actions/auth/compare/v2...v2.1.8">https://github.com/google-github-actions/auth/compare/v2...v2.1.8</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/google-github-actions/auth/commit/71f986410dfbc7added4569d411d040a91dc6935"><code>71f9864</code></a>
Release: v2.1.8 (<a
href="https://redirect.github.com/google-github-actions/auth/issues/467">#467</a>)</li>
<li><a
href="https://github.com/google-github-actions/auth/commit/0cd8f2e4e26e94673a192056e2a7f0af77f84889"><code>0cd8f2e</code></a>
Update deps (<a
href="https://redirect.github.com/google-github-actions/auth/issues/466">#466</a>)</li>
<li><a
href="https://github.com/google-github-actions/auth/commit/332e0ba72f0d93d01c6f79eff1bd404dc3abddd3"><code>332e0ba</code></a>
security: bump undici from 5.28.4 to 5.28.5 in the npm_and_yarn group
(<a
href="https://redirect.github.com/google-github-actions/auth/issues/463">#463</a>)</li>
<li><a
href="https://github.com/google-github-actions/auth/commit/28d44ba25933bc5bc7f2d69931f8001632c46611"><code>28d44ba</code></a>
fix: add runs-on to README.md example (<a
href="https://redirect.github.com/google-github-actions/auth/issues/460">#460</a>)</li>
<li><a
href="https://github.com/google-github-actions/auth/commit/83354cacbb08bb6ced8aa3959623167f377b302e"><code>83354ca</code></a>
Update TROUBLESHOOTING.md (<a
href="https://redirect.github.com/google-github-actions/auth/issues/457">#457</a>)</li>
<li>See full diff in <a
href="https://github.com/google-github-actions/auth/compare/6fc4af4b145ae7821d527454aa9bd537d1f2dc5f...71f986410dfbc7added4569d411d040a91dc6935">compare
view</a></li>
</ul>
</details>
<br />

Updates `google-github-actions/setup-gcloud` from 2.1.2 to 2.1.4
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/google-github-actions/setup-gcloud/releases">google-github-actions/setup-gcloud's
releases</a>.</em></p>
<blockquote>
<h2>v2.1.4</h2>
<h2>What's Changed</h2>
<ul>
<li>Revert to pinned release workflows by <a
href="https://github.com/sethvargo"><code>@​sethvargo</code></a> in <a
href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/706">google-github-actions/setup-gcloud#706</a></li>
<li>Release: v2.1.4 by <a
href="https://github.com/google-github-actions-bot"><code>@​google-github-actions-bot</code></a>
in <a
href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/707">google-github-actions/setup-gcloud#707</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/google-github-actions/setup-gcloud/compare/v2.1.3...v2.1.4">https://github.com/google-github-actions/setup-gcloud/compare/v2.1.3...v2.1.4</a></p>
<h2>v2.1.3</h2>
<h2>What's Changed</h2>
<ul>
<li>Allow manually running integration tests with workflow_dispatch by
<a href="https://github.com/sethvargo"><code>@​sethvargo</code></a> in
<a
href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/702">google-github-actions/setup-gcloud#702</a></li>
<li>security: bump undici from 5.28.4 to 5.28.5 in the npm_and_yarn
group by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/703">google-github-actions/setup-gcloud#703</a></li>
<li>Update deps by <a
href="https://github.com/sethvargo"><code>@​sethvargo</code></a> in <a
href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/704">google-github-actions/setup-gcloud#704</a></li>
<li>Release: v2.1.3 by <a
href="https://github.com/google-github-actions-bot"><code>@​google-github-actions-bot</code></a>
in <a
href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/705">google-github-actions/setup-gcloud#705</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/google-github-actions/setup-gcloud/compare/v2...v2.1.3">https://github.com/google-github-actions/setup-gcloud/compare/v2...v2.1.3</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/google-github-actions/setup-gcloud/commit/77e7a554d41e2ee56fc945c52dfd3f33d12def9a"><code>77e7a55</code></a>
Release: v2.1.4 (<a
href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/707">#707</a>)</li>
<li><a
href="https://github.com/google-github-actions/setup-gcloud/commit/334c6905f38b9e030504ad8d87fbbaa43cdd3586"><code>334c690</code></a>
Revert to pinned release workflows (<a
href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/706">#706</a>)</li>
<li><a
href="https://github.com/google-github-actions/setup-gcloud/commit/4111bea454dcfe1b4c2db3753685db043571e112"><code>4111bea</code></a>
Release: v2.1.3 (<a
href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/705">#705</a>)</li>
<li><a
href="https://github.com/google-github-actions/setup-gcloud/commit/0c0751a334df96bd97a58506905a494041dfdec0"><code>0c0751a</code></a>
Update deps (<a
href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/704">#704</a>)</li>
<li><a
href="https://github.com/google-github-actions/setup-gcloud/commit/ae61ebc56fc846462d0e35972f86f9fb1d30f2e2"><code>ae61ebc</code></a>
security: bump undici from 5.28.4 to 5.28.5 in the npm_and_yarn group
(<a
href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/703">#703</a>)</li>
<li><a
href="https://github.com/google-github-actions/setup-gcloud/commit/25043b08d04e573bd8f468495feb10e6a5715267"><code>25043b0</code></a>
Allow manually running integration tests with workflow_dispatch (<a
href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/702">#702</a>)</li>
<li>See full diff in <a
href="https://github.com/google-github-actions/setup-gcloud/compare/6189d56e4096ee891640bb02ac264be376592d6a...77e7a554d41e2ee56fc945c52dfd3f33d12def9a">compare
view</a></li>
</ul>
</details>
<br />

Updates `google-github-actions/get-gke-credentials` from 2.3.0 to 2.3.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/google-github-actions/get-gke-credentials/releases">google-github-actions/get-gke-credentials's
releases</a>.</em></p>
<blockquote>
<h2>v2.3.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Centralize request logic, turn on retries, and add debug logging by
<a href="https://github.com/sethvargo"><code>@​sethvargo</code></a> in
<a
href="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/323">google-github-actions/get-gke-credentials#323</a></li>
<li>security: bump undici from 5.28.4 to 5.28.5 in the npm_and_yarn
group by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/324">google-github-actions/get-gke-credentials#324</a></li>
<li>Update deps by <a
href="https://github.com/sethvargo"><code>@​sethvargo</code></a> in <a
href="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/325">google-github-actions/get-gke-credentials#325</a></li>
<li>Release: v2.3.1 by <a
href="https://github.com/google-github-actions-bot"><code>@​google-github-actions-bot</code></a>
in <a
href="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/326">google-github-actions/get-gke-credentials#326</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/google-github-actions/get-gke-credentials/compare/v2...v2.3.1">https://github.com/google-github-actions/get-gke-credentials/compare/v2...v2.3.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/google-github-actions/get-gke-credentials/commit/7a108e64ed8546fe38316b4086e91da13f4785e1"><code>7a108e6</code></a>
Release: v2.3.1 (<a
href="https://redirect.github.com/google-github-actions/get-gke-credentials/issues/326">#326</a>)</li>
<li><a
href="https://github.com/google-github-actions/get-gke-credentials/commit/c5976979eef9961ac6e47fb2f06b958375d5ff33"><code>c597697</code></a>
Update deps (<a
href="https://redirect.github.com/google-github-actions/get-gke-credentials/issues/325">#325</a>)</li>
<li><a
href="https://github.com/google-github-actions/get-gke-credentials/commit/cb57a88edb5f546e72abe31af937bfcc9b0820b2"><code>cb57a88</code></a>
security: bump undici from 5.28.4 to 5.28.5 in the npm_and_yarn group
(<a
href="https://redirect.github.com/google-github-actions/get-gke-credentials/issues/324">#324</a>)</li>
<li><a
href="https://github.com/google-github-actions/get-gke-credentials/commit/b7a282cc9785583100aba279cbe3ab147a4f2cf6"><code>b7a282c</code></a>
Centralize request logic, turn on retries, and add debug logging (<a
href="https://redirect.github.com/google-github-actions/get-gke-credentials/issues/323">#323</a>)</li>
<li>See full diff in <a
href="https://github.com/google-github-actions/get-gke-credentials/compare/9025e8f90f2d8e0c3dafc3128cc705a26d992a6a...7a108e64ed8546fe38316b4086e91da13f4785e1">compare
view</a></li>
</ul>
</details>
<br />

Updates `github/codeql-action` from 3.28.5 to 3.28.8
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.28.8</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.28.8 - 29 Jan 2025</h2>
<ul>
<li>Enable support for Kotlin 2.1.10 when running with CodeQL CLI
v2.20.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2744">#2744</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.28.8/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
<h2>v3.28.7</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.28.7 - 29 Jan 2025</h2>
<p>No user facing changes.</p>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.28.7/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
<h2>v3.28.6</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.28.6 - 27 Jan 2025</h2>
<ul>
<li>Re-enable debug artifact upload for CLI versions 2.20.3 or greater.
<a
href="https://redirect.github.com/github/codeql-action/pull/2726">#2726</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.28.6/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.28.8 - 29 Jan 2025</h2>
<ul>
<li>Enable support for Kotlin 2.1.10 when running with CodeQL CLI
v2.20.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2744">#2744</a></li>
</ul>
<h2>3.28.7 - 29 Jan 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.6 - 27 Jan 2025</h2>
<ul>
<li>Re-enable debug artifact upload for CLI versions 2.20.3 or greater.
<a
href="https://redirect.github.com/github/codeql-action/pull/2726">#2726</a></li>
</ul>
<h2>3.28.5 - 24 Jan 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2717">#2717</a></li>
</ul>
<h2>3.28.4 - 23 Jan 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.3 - 22 Jan 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.2. <a
href="https://redirect.github.com/github/codeql-action/pull/2707">#2707</a></li>
<li>Fix an issue downloading the CodeQL Bundle from a GitHub Enterprise
Server instance which occurred when the CodeQL Bundle had been synced to
the instance using the <a
href="https://github.com/github/codeql-action-sync-tool">CodeQL Action
sync tool</a> and the Actions runner did not have Zstandard installed.
<a
href="https://redirect.github.com/github/codeql-action/pull/2710">#2710</a></li>
<li>Uploading debug artifacts for CodeQL analysis is temporarily
disabled. <a
href="https://redirect.github.com/github/codeql-action/pull/2712">#2712</a></li>
</ul>
<h2>3.28.2 - 21 Jan 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.1 - 10 Jan 2025</h2>
<ul>
<li>CodeQL Action v2 is now deprecated, and is no longer updated or
supported. For better performance, improved security, and new features,
upgrade to v3. For more information, see <a
href="https://github.blog/changelog/2025-01-10-code-scanning-codeql-action-v2-is-now-deprecated/">this
changelog post</a>. <a
href="https://redirect.github.com/github/codeql-action/pull/2677">#2677</a></li>
<li>Update default CodeQL bundle version to 2.20.1. <a
href="https://redirect.github.com/github/codeql-action/pull/2678">#2678</a></li>
</ul>
<h2>3.28.0 - 20 Dec 2024</h2>
<ul>
<li>Bump the minimum CodeQL bundle version to 2.15.5. <a
href="https://redirect.github.com/github/codeql-action/pull/2655">#2655</a></li>
<li>Don't fail in the unusual case that a file is on the search path. <a
href="https://redirect.github.com/github/codeql-action/pull/2660">#2660</a>.</li>
</ul>
<h2>3.27.9 - 12 Dec 2024</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/dd746615b3b9d728a6a37ca2045b68ca76d4841a"><code>dd74661</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2746">#2746</a>
from github/update-v3.28.8-a91a3f767</li>
<li><a
href="https://github.com/github/codeql-action/commit/3210a3cda6446234a897a079af1b684aa4c73326"><code>3210a3c</code></a>
Fix Kotlin version in changelog</li>
<li><a
href="https://github.com/github/codeql-action/commit/72f9d0296b7b9c91564f67ddf9def81c815ce0c6"><code>72f9d02</code></a>
Update changelog for v3.28.8</li>
<li><a
href="https://github.com/github/codeql-action/commit/a91a3f76789881261b540fb7aa8a527214f8ac01"><code>a91a3f7</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2744">#2744</a>
from github/igfoo/kot2.1.10</li>
<li><a
href="https://github.com/github/codeql-action/commit/c520fb59d4c28e13147ed378b4c12599df187412"><code>c520fb5</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2745">#2745</a>
from github/mergeback/v3.28.7-to-main-6e545590</li>
<li><a
href="https://github.com/github/codeql-action/commit/3879c5766041d8b2b7504c5c4b2d6dbd289f7634"><code>3879c57</code></a>
Add changelog entry</li>
<li><a
href="https://github.com/github/codeql-action/commit/0c2193725f360a9b0adcad3a71ce0d9cd4acb219"><code>0c21937</code></a>
Run &quot;npm run build&quot;</li>
<li><a
href="https://github.com/github/codeql-action/commit/5a61bf07fab8324ecda8ebb1d817463b17b717d9"><code>5a61bf0</code></a>
Kotlin: The 2.20.3 release supports Kotlin 2.1.10.</li>
<li><a
href="https://github.com/github/codeql-action/commit/163d1195df65a0e49551cd9b4fa0383e68d64a39"><code>163d119</code></a>
Update checked-in dependencies</li>
<li><a
href="https://github.com/github/codeql-action/commit/bcf5cecbc6b147de017e1841778fa8d8644bf8a2"><code>bcf5cec</code></a>
Update changelog and version after v3.28.7</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/f6091c0113d1dcf9b98e269ee48e8a7e51b7bdd4...dd746615b3b9d728a6a37ca2045b68ca76d4841a">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-02-03 12:23:21 +00:00
M Atif Ali efc9af4341 ci: notify dependabot PR merges on pull_request closed events (#16381) 2025-02-03 17:04:22 +05:00
Ethan 8815b38c88 ci!: set pr write perms on release-labels (#16380) 
I'm pretty sure this is the fix, but I can't test it without merging it,
as `pull_request_target` causes the workflow to run using the workflow
on `main` (where the permissions aren't set).

This comment would seem to indicate that `pull_request_target` with PR
write perms does the trick:
https://github.com/actions/labeler/issues/136#issuecomment-1357839196

From what I can tell this job has been broken since ~nov '24, which
leads me to believe it was the permissions change made that month:
https://github.com/coder/coder/actions/runs/11915659159/job/33206435274
 2025-02-03 20:49:37 +11:00
M Atif Ali e37b7fc481 ci: fix cla and dependabot notifications jobs (#16343) 2025-01-31 14:17:47 +00:00
M Atif Ali f6e990ed87 chore: rename config.yaml to config.yml for issue template (#16354) 2025-01-31 03:35:42 +00:00
M Atif Ali 6c90aefcb7 chore: add GitHub issue template (#16342) 
Adds a GitHub issue template to make it easy to file bug reports.

You can test it here:
https://github.com/matifali/test-github-issue-template/issues/new/choose
 2025-01-30 18:44:05 +00:00
Thomas Kosiewski 1336925c9f feat(flake.nix): switch dogfood dev image to buildNixShellImage from dockerTools (#16223) 
Replace Depot build action with Nix for Nix dogfood image builds

The dogfood Nix image is now built using Nix's native container tooling instead of Depot. This change:

- Adds Nix setup steps to the GitHub Actions workflow
- Removes the Dockerfile.nix in favor of a Nix-native container build
- Updates the flake.nix to support building Docker images
- Introduces a hash file to track Nix-related changes
- Updates the vendorHash for Go dependencies

Change-Id: I4e011fe3a19d9a1375fbfd5223c910e59d66a5d9
Signed-off-by: Thomas Kosiewski <tk@coder.com>
 2025-01-28 16:38:37 +01:00
dependabot[bot] 84a54c1d7b ci: bump the github-actions group with 3 updates (#16299) 
Bumps the github-actions group with 3 updates:
[dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata),
[github/codeql-action](https://github.com/github/codeql-action) and
[umbrelladocs/action-linkspector](https://github.com/umbrelladocs/action-linkspector).

Updates `dependabot/fetch-metadata` from 2.2.0 to 2.3.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/dependabot/fetch-metadata/releases">dependabot/fetch-metadata's
releases</a>.</em></p>
<blockquote>
<h2>v2.3.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Bump actions/create-github-app-token from 1.10.2 to 1.10.3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/537">dependabot/fetch-metadata#537</a></li>
<li>Update readme to include an if conditional by <a
href="https://github.com/Nishnha"><code>@​Nishnha</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/548">dependabot/fetch-metadata#548</a></li>
<li>Silence audit and funding messages from <code>npm</code> by <a
href="https://github.com/jeffwidman"><code>@​jeffwidman</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/550">dependabot/fetch-metadata#550</a></li>
<li>Bump actions/create-github-app-token from 1.10.3 to 1.11.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/554">dependabot/fetch-metadata#554</a></li>
<li>fix readme action example by <a
href="https://github.com/CloudNStoyan"><code>@​CloudNStoyan</code></a>
in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/563">dependabot/fetch-metadata#563</a></li>
<li>Fixed missing outputs in action.yml by <a
href="https://github.com/CatChen"><code>@​CatChen</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/564">dependabot/fetch-metadata#564</a></li>
<li>Handle branch names containing dependency group by <a
href="https://github.com/CloudNStoyan"><code>@​CloudNStoyan</code></a>
in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/565">dependabot/fetch-metadata#565</a></li>
<li>v2.3.0 by <a
href="https://github.com/fetch-metadata-action-automation"><code>@​fetch-metadata-action-automation</code></a>
in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/543">dependabot/fetch-metadata#543</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/CloudNStoyan"><code>@​CloudNStoyan</code></a>
made their first contribution in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/563">dependabot/fetch-metadata#563</a></li>
<li><a href="https://github.com/CatChen"><code>@​CatChen</code></a> made
their first contribution in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/564">dependabot/fetch-metadata#564</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/dependabot/fetch-metadata/compare/v2...v2.3.0">https://github.com/dependabot/fetch-metadata/compare/v2...v2.3.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/dependabot/fetch-metadata/commit/d7267f607e9d3fb96fc2fbe83e0af444713e90b7"><code>d7267f6</code></a>
Merge pull request <a
href="https://redirect.github.com/dependabot/fetch-metadata/issues/543">#543</a>
from dependabot/bump-to-v2.3.0</li>
<li><a
href="https://github.com/dependabot/fetch-metadata/commit/e3dd295a04f6eccc15a116fc5cde058f1735c05d"><code>e3dd295</code></a>
v2.3.0</li>
<li><a
href="https://github.com/dependabot/fetch-metadata/commit/3da9521b8c62beab87c4d18ad1e9bd7fd7b9d3bf"><code>3da9521</code></a>
Merge pull request <a
href="https://redirect.github.com/dependabot/fetch-metadata/issues/565">#565</a>
from CloudNStoyan/main</li>
<li><a
href="https://github.com/dependabot/fetch-metadata/commit/de52f600152fa3f48a82e88e06e864cba8421436"><code>de52f60</code></a>
update build</li>
<li><a
href="https://github.com/dependabot/fetch-metadata/commit/59d2b1fb73ac123a1953e2ddc99ea8f1b869463a"><code>59d2b1f</code></a>
fix incorrect parsing of directory when using dependency-group</li>
<li><a
href="https://github.com/dependabot/fetch-metadata/commit/0d270694949cee4e6c179fc89629d95e0b9fb763"><code>0d27069</code></a>
Merge pull request <a
href="https://redirect.github.com/dependabot/fetch-metadata/issues/564">#564</a>
from CatChen/fixed-missing-outputs-in-action-yml</li>
<li><a
href="https://github.com/dependabot/fetch-metadata/commit/5a7546a6e709997b54d62d4e673a23eaa8621a26"><code>5a7546a</code></a>
Fixed missing outputs in action.yml</li>
<li><a
href="https://github.com/dependabot/fetch-metadata/commit/06ea45a2e4582d87b11f03c7ce596ae3261f39f6"><code>06ea45a</code></a>
Merge pull request <a
href="https://redirect.github.com/dependabot/fetch-metadata/issues/563">#563</a>
from CloudNStoyan/main</li>
<li><a
href="https://github.com/dependabot/fetch-metadata/commit/bbfca7ec1c0b06b16cc955f242ebc9f1c8daa4f4"><code>bbfca7e</code></a>
fix readme action example</li>
<li><a
href="https://github.com/dependabot/fetch-metadata/commit/b0d0393a82702c1819b5ae7ad6ea780cd8c18aae"><code>b0d0393</code></a>
Merge pull request <a
href="https://redirect.github.com/dependabot/fetch-metadata/issues/554">#554</a>
from dependabot/dependabot/github_actions/actions/cre...</li>
<li>Additional commits viewable in <a
href="https://github.com/dependabot/fetch-metadata/compare/dbb049abf0d677abbd7f7eee0375145b417fdd34...d7267f607e9d3fb96fc2fbe83e0af444713e90b7">compare
view</a></li>
</ul>
</details>
<br />

Updates `github/codeql-action` from 3.28.1 to 3.28.5
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.28.5</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.28.5 - 24 Jan 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2717">#2717</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.28.5/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
<h2>v3.28.4</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.28.4 - 23 Jan 2025</h2>
<p>No user facing changes.</p>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.28.4/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
<h2>v3.28.3</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.28.3 - 22 Jan 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.2. <a
href="https://redirect.github.com/github/codeql-action/pull/2707">#2707</a></li>
<li>Fix an issue downloading the CodeQL Bundle from a GitHub Enterprise
Server instance which occurred when the CodeQL Bundle had been synced to
the instance using the <a
href="https://github.com/github/codeql-action-sync-tool">CodeQL Action
sync tool</a> and the Actions runner did not have Zstandard installed.
<a
href="https://redirect.github.com/github/codeql-action/pull/2710">#2710</a></li>
<li>Uploading debug artifacts for CodeQL analysis is temporarily
disabled. <a
href="https://redirect.github.com/github/codeql-action/pull/2712">#2712</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.28.3/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
<h2>v3.28.2</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.28.2 - 21 Jan 2025</h2>
<p>No user facing changes.</p>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.28.2/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.28.5 - 24 Jan 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2717">#2717</a></li>
</ul>
<h2>3.28.4 - 23 Jan 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.3 - 22 Jan 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.2. <a
href="https://redirect.github.com/github/codeql-action/pull/2707">#2707</a></li>
<li>Fix an issue downloading the CodeQL Bundle from a GitHub Enterprise
Server instance which occurred when the CodeQL Bundle had been synced to
the instance using the <a
href="https://github.com/github/codeql-action-sync-tool">CodeQL Action
sync tool</a> and the Actions runner did not have Zstandard installed.
<a
href="https://redirect.github.com/github/codeql-action/pull/2710">#2710</a></li>
<li>Uploading debug artifacts for CodeQL analysis is temporarily
disabled. <a
href="https://redirect.github.com/github/codeql-action/pull/2712">#2712</a></li>
</ul>
<h2>3.28.2 - 21 Jan 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.1 - 10 Jan 2025</h2>
<ul>
<li>CodeQL Action v2 is now deprecated, and is no longer updated or
supported. For better performance, improved security, and new features,
upgrade to v3. For more information, see <a
href="https://github.blog/changelog/2025-01-10-code-scanning-codeql-action-v2-is-now-deprecated/">this
changelog post</a>. <a
href="https://redirect.github.com/github/codeql-action/pull/2677">#2677</a></li>
<li>Update default CodeQL bundle version to 2.20.1. <a
href="https://redirect.github.com/github/codeql-action/pull/2678">#2678</a></li>
</ul>
<h2>3.28.0 - 20 Dec 2024</h2>
<ul>
<li>Bump the minimum CodeQL bundle version to 2.15.5. <a
href="https://redirect.github.com/github/codeql-action/pull/2655">#2655</a></li>
<li>Don't fail in the unusual case that a file is on the search path. <a
href="https://redirect.github.com/github/codeql-action/pull/2660">#2660</a>.</li>
</ul>
<h2>3.27.9 - 12 Dec 2024</h2>
<p>No user facing changes.</p>
<h2>3.27.8 - 12 Dec 2024</h2>
<ul>
<li>Fixed an issue where streaming the download and extraction of the
CodeQL bundle did not respect proxy settings. <a
href="https://redirect.github.com/github/codeql-action/pull/2624">#2624</a></li>
</ul>
<h2>3.27.7 - 10 Dec 2024</h2>
<ul>
<li>We are rolling out a change in December 2024 that will extract the
CodeQL bundle directly to the toolcache to improve performance. <a
href="https://redirect.github.com/github/codeql-action/pull/2631">#2631</a></li>
<li>Update default CodeQL bundle version to 2.20.0. <a
href="https://redirect.github.com/github/codeql-action/pull/2636">#2636</a></li>
</ul>
<h2>3.27.6 - 03 Dec 2024</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/f6091c0113d1dcf9b98e269ee48e8a7e51b7bdd4"><code>f6091c0</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2721">#2721</a>
from github/update-v3.28.5-01f001931</li>
<li><a
href="https://github.com/github/codeql-action/commit/064af10f0de41995b41632364b4bfb00a34df047"><code>064af10</code></a>
Update changelog for v3.28.5</li>
<li><a
href="https://github.com/github/codeql-action/commit/01f0019310ce544d1cf748667a69f8fd6e26e48a"><code>01f0019</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2717">#2717</a>
from github/update-bundle/codeql-bundle-v2.20.3</li>
<li><a
href="https://github.com/github/codeql-action/commit/573ad887cd5b527e9baef02653bd455e1ff5181c"><code>573ad88</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2718">#2718</a>
from github/kaeluka/4779-1</li>
<li><a
href="https://github.com/github/codeql-action/commit/d7f39764f685cbe3764f763469a0d72383d7b9c8"><code>d7f3976</code></a>
permissions block in query-filters.yml</li>
<li><a
href="https://github.com/github/codeql-action/commit/428975ce2cf327a0e919004c63e734eddd0e6255"><code>428975c</code></a>
Add changelog note</li>
<li><a
href="https://github.com/github/codeql-action/commit/208091da0a1069394981cdf5e7a91a8ee3f10709"><code>208091d</code></a>
Update default bundle to codeql-bundle-v2.20.3</li>
<li><a
href="https://github.com/github/codeql-action/commit/7e3036b9cd87fc26dd06747b7aa4b96c27aaef3a"><code>7e3036b</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2716">#2716</a>
from github/mergeback/v3.28.4-to-main-ee117c90</li>
<li><a
href="https://github.com/github/codeql-action/commit/e32a0d62d44ac06377953bfaf3ffd43618be076a"><code>e32a0d6</code></a>
Update checked-in dependencies</li>
<li><a
href="https://github.com/github/codeql-action/commit/67c21e4084d5e020fbc969b839d42911b87fb8b5"><code>67c21e4</code></a>
Update changelog and version after v3.28.4</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/b6a472f63d85b9c78a3ac5e89422239fc15e9b3c...f6091c0113d1dcf9b98e269ee48e8a7e51b7bdd4">compare
view</a></li>
</ul>
</details>
<br />

Updates `umbrelladocs/action-linkspector` from 1.2.4 to 1.2.5
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/umbrelladocs/action-linkspector/releases">umbrelladocs/action-linkspector's
releases</a>.</em></p>
<blockquote>
<h2>Release v1.2.5</h2>
<h2>What's Changed</h2>
<ul>
<li>fix: disable AppArmor user namespace restrictions on the runner by
<a href="https://github.com/Realiserad"><code>@​Realiserad</code></a> in
<a
href="https://redirect.github.com/UmbrellaDocs/action-linkspector/pull/34">UmbrellaDocs/action-linkspector#34</a></li>
<li>chore(deps): update reviewdog/reviewdog to 0.20.3 by <a
href="https://github.com/github-actions"><code>@​github-actions</code></a>
in <a
href="https://redirect.github.com/UmbrellaDocs/action-linkspector/pull/31">UmbrellaDocs/action-linkspector#31</a></li>
<li>Add fail_level argument and deprecate fail_on_error by <a
href="https://github.com/bitcoin-tools"><code>@​bitcoin-tools</code></a>
in <a
href="https://redirect.github.com/UmbrellaDocs/action-linkspector/pull/23">UmbrellaDocs/action-linkspector#23</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/Realiserad"><code>@​Realiserad</code></a> made
their first contribution in <a
href="https://redirect.github.com/UmbrellaDocs/action-linkspector/pull/34">UmbrellaDocs/action-linkspector#34</a></li>
<li><a
href="https://github.com/bitcoin-tools"><code>@​bitcoin-tools</code></a>
made their first contribution in <a
href="https://redirect.github.com/UmbrellaDocs/action-linkspector/pull/23">UmbrellaDocs/action-linkspector#23</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/UmbrellaDocs/action-linkspector/compare/v1.2.4...UmbrellaDocs:release-1.2.5">https://github.com/UmbrellaDocs/action-linkspector/compare/v1.2.4...UmbrellaDocs:release-1.2.5</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/UmbrellaDocs/action-linkspector/commit/de84085e0f51452a470558693d7d308fbb2fa261"><code>de84085</code></a>
Merge pull request <a
href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/35">#35</a>
from UmbrellaDocs/release-1.2.5</li>
<li><a
href="https://github.com/UmbrellaDocs/action-linkspector/commit/c6a59a6bf98fa2b8a152acaeff16921a3e39bc7b"><code>c6a59a6</code></a>
Added sample usage</li>
<li><a
href="https://github.com/UmbrellaDocs/action-linkspector/commit/21ce8cd6fc4d2812628c7d6a353ea86bf085eb59"><code>21ce8cd</code></a>
Merge pull request <a
href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/23">#23</a>
from bitcoin-tools/deprecate-fail-on-error</li>
<li><a
href="https://github.com/UmbrellaDocs/action-linkspector/commit/e62bb2d5a68b84dfc5c0d1f61b133585a16ade13"><code>e62bb2d</code></a>
Fix YAML issues</li>
<li><a
href="https://github.com/UmbrellaDocs/action-linkspector/commit/64e2b9bf4f671dd0c213d87f40148216b4a0882a"><code>64e2b9b</code></a>
mitigate risk of untrusted inputs and define shell</li>
<li><a
href="https://github.com/UmbrellaDocs/action-linkspector/commit/e376d76f51c09def617e6cff4a49d04956213a15"><code>e376d76</code></a>
add backwards-compatability for <code>fail_on_error</code></li>
<li><a
href="https://github.com/UmbrellaDocs/action-linkspector/commit/c6a531461dff91607a44a0221d82d3c087d5aeb1"><code>c6a5314</code></a>
replace deprecated option with fail_level</li>
<li><a
href="https://github.com/UmbrellaDocs/action-linkspector/commit/b8d796f06117f0151d00b6131c5c6ae9884c8ddf"><code>b8d796f</code></a>
Merge pull request <a
href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/31">#31</a>
from UmbrellaDocs/depup/reviewdog/reviewdog</li>
<li><a
href="https://github.com/UmbrellaDocs/action-linkspector/commit/cde5159538b1a07765b494a136968cb9833df246"><code>cde5159</code></a>
Merge pull request <a
href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/34">#34</a>
from Realiserad/main</li>
<li><a
href="https://github.com/UmbrellaDocs/action-linkspector/commit/d32de29fc2dd0fcdcf3da8f8a95e0a0c15f30e26"><code>d32de29</code></a>
fix: disable AppArmor user namespace restrictions on the runner</li>
<li>Additional commits viewable in <a
href="https://github.com/umbrelladocs/action-linkspector/compare/fc382e19892aca958e189954912fe379a8df270c...de84085e0f51452a470558693d7d308fbb2fa261">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-01-27 13:10:49 +00:00
M Atif Ali 8b5d22fdd2 ci: change PR merge strategy to squash in contrib workflow (#16297) 2025-01-27 12:25:42 +00:00
M Atif Ali 4e1c0eb743 ci: grant 'contents' write permission to auto-merge dependabot PRs (#16293) 2025-01-27 17:08:03 +05:00
M Atif Ali 7d6b73552a chore: remove patch condition for dependabot PRs (#16279) 2025-01-27 11:51:37 +00:00
ケイラ 5f4ff58f84 fix: use pre-built binary instead of go run in e2e tests (#16236) 
Using `go run` inside of a test is fragile, because it means we have to
wait for `go` to compile the binary while also constrained on resources
by the fact that Playwright and coderd are already running. We should
instead compile a coder binary for the current platform before the tests
and use it directly.
 2025-01-23 09:45:50 -07:00
Muhammad Atif Ali 84081e90eb chore: notify on auto merged dependabot PRs (#16234) 2025-01-23 15:38:54 +05:00
Muhammad Atif Ali f495ff07b7 chore: auto merge dependabot PRs for patch updates (#16222) 2025-01-22 21:24:07 +05:00
dependabot[bot] f8844cab0a ci: bump the github-actions group with 4 updates (#16192) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Muhammad Atif Ali <atif@coder.com>
 2025-01-21 15:31:30 +00:00
Danny Kopping 5b72a4376d chore: improve CI reliability (#16169) 
We have an effort underway to replace `dbmem` (#15109), and consequently
we've begun running our full test-suite (with Postgres) on all supported
OSs - Windows, MacOS, and Linux, since #15520.

Since this change, we've seen a marked decrease in the success rate of
our builds on `main` (note how the Windows/MacOS failures account for
the vast majority of failed builds):


![image](https://github.com/user-attachments/assets/a02c15b7-037d-428a-a600-2aed60553ac0)

We're still investigating why these OSs are a lot less reliable. It's
likely that the VMs on which the builds are run have different
characteristics from our Ubuntu runners such as disk I/O, network
latency, or something else.

**In the meantime, we need to start trusting CI failures in `main`
again, as the current failures are too noisy / vague for us to
correct.**

We've also considered hosting our own runners where possible so we can
get OS-level observability to rule out some possibilities.

See the [meeting
notes](https://www.notion.so/coderhq/CI-Investigation-Call-Notes-17dd579be59280d8897cc9fe4bb46695?pvs=6&utm_content=17dd579b-e592-80d8-897c-c9fe4bb46695&utm_campaign=T1ZPT2FL0&n=slack&n=slack_link_unfurl)
where we linked into this for more detail.

This PR introduces several changes:

1. Moves the full test-suite with Postgres on Windows/MacOS to the
`nightly-gauntlet` workflow
tradeoff: this means that any regressions may be more difficult to
discover since we merge to main several times a day
2. Run only the CLI test-suite on each PR / merge to `main` on
Windows/MacOS
3. `test-go` is still running the full test-suite against all OSs
(including the CLI ones), but will soon be removed once #15109 is
completed since it uses `dbmem`
4. Changes `nightly-gauntlet` to run at 4AM: we've seen several
instances of the runner being stopped externally, and we're _guessing_
this may have something to do with the midnight UTC execution time, when
other cron jobs may run
5. Removes the existing `nightly-gauntlet` jobs since they haven't
passed in a long time, indicating that nobody cares enough to fix them
and they don't provide diagnostic value; we can restore them later if
necessary

I've manually run both these new workflows successfully:

- `ci`:
https://github.com/coder/coder/actions/runs/12825874176/job/35764724907
- `nightly-gauntlet`:
https://github.com/coder/coder/actions/runs/12825539092

---------

Signed-off-by: Danny Kopping <danny@coder.com>
Co-authored-by: Muhammad Atif Ali <atif@coder.com>
 2025-01-20 07:06:33 +00:00
Edward Angert 4f438e71cf docs: fix broken links (#16179) 
Co-authored-by: EdwardAngert <17991901+EdwardAngert@users.noreply.github.com>
Co-authored-by: Cian Johnston <cian@coder.com>
 2025-01-17 13:18:48 -05:00
Muhammad Atif Ali b3ba0f96f1 chore: use better PR titles for cherry-pick-bot PRs (#16165) 2025-01-16 15:54:03 +00:00
Hugo Dutka dd29997b9c chore: reduce parallelism for test-go-pg on macOS (#16116) 
We're seeing test-go-pg flakes on macOS in CI. We've had the same
problem on Windows, and reducing test parallelism in
https://github.com/coder/coder/pull/16090 seemed to help. This PR makes
the same change on macOS.
 2025-01-13 16:57:48 +01:00
Danny Kopping 22236f2988 chore: only notify about CI failure on main if required job fails (#16114) 
This should be the last PR to get this working

Looks like the `nightly-gauntlet` is working as expected, and this is a
clone of that.

---------

Signed-off-by: Danny Kopping <danny@coder.com>
 2025-01-13 14:06:43 +00:00
Ethan 24dd8a17d3 ci: switch test-go-pg on macOS to depot runners (#16101) 
Since I missed this in #16100 :(
 2025-01-13 23:07:10 +11:00
Danny Kopping f9f72de1d6 chore: predicate slack notification job on other jobs (#16106) 
`always()` does not seem to work

Extending https://github.com/coder/coder/pull/16105

Signed-off-by: Danny Kopping <danny@coder.com>
 2025-01-13 13:42:37 +02:00
Danny Kopping 73d8dde6ed chore: notify #dev of nightly gauntlet failures (#16105) 
Expands on https://github.com/coder/coder/pull/16102

This workflow is currently failing every night, so this will not only
raise immediate awareness but will also be easy to validate this job.

Signed-off-by: Danny Kopping <danny@coder.com>
 2025-01-13 10:15:15 +00:00
Danny Kopping 859abcde4e chore: send notification to #dev on any CI failure on main (#16102) 
We've had a [few failures in
main](https://github.com/coder/coder/actions?query=branch%3Amain+is%3Afailure)
of late, and unless the committer of the change has CI notifications
enabled we may not be aware of the failure.

This PR sends a Slack notification to the #dev channel so everyone has
visibility.

Signed-off-by: Danny Kopping <danny@coder.com>
 2025-01-13 11:28:45 +02:00
Ethan 88a9c4bb59 ci: switch test-go on macOS to depot runners (#16100) 
We use depot runners where possible everywhere else. As a bonus, the
depot runners for Mac would appear to be slightly beefier than the
GitHub ones (8 vs 6 cores).

We've already been using the depot macOS runners to build the VPN dylib
for the past month or so.
 2025-01-13 16:53:51 +11:00
Hugo Dutka 899836d47a chore: reduce Windows PG tests flakiness (#16090) 
This PR:

- Reduces test parallelism on Windows in CI
- Unifies wait intervals on Windows with Linux and macOS. Previously we
had custom intervals for Windows to reduce test flakiness on smaller CI
workers, but we don't run tests on small CI workers anymore. Due to how
our CI file is defined, forks run tests on small CI machines, but I'm
not sure if the different intervals actually help or whether that's a
heuristic that happened to fix issues on a particular day and was it
ever reevaluated. I propose we make the change and if someone complains,
revert it.

In particular, reduced test parallelism seems to actually help: I was
able to run Windows tests 5 times in a row without flakes. Not sure if
that's going to fix the problem long term, but it seems worth trying.
 2025-01-10 15:21:03 +01:00
Muhammad Atif Ali 95d769da41 chore: ignore cherry-pick-bot created branches for Deploy PR (#16037) 2025-01-04 16:55:43 +05:00
Muhammad Atif Ali 8f570d6f01 ci: integrate cherry-pick-bot (#15973) 
Integrates
[`cherry-pick-bot`](https://github.com/googleapis/repo-automation-bots/tree/main/packages/cherry-pick-bot)
to automate cheery picks to release branches.

This works by commenting 

```
/cherry-pick release/2.XX
```
On any **Merged** or **Open** PR and this will automatically open the
cheery-pick PR.

- [x] [Install](https://github.com/apps/gcp-cherry-pick-bot) the bot to
`coder/coder` repo.

cc: @kylecarbs , @ammario and @sreya for installing the bot.


Some popular repos making use of this:

1. https://github.com/zed-industries/zed
2. https://github.com/flutter/flutter
3. https://github.com/argoproj/argo-cd
4. https://github.com/runatlantis/atlantis
5. https://github.com/flutter/engine
 2025-01-04 09:13:48 +05:00
Muhammad Atif Ali 94f5d52fdc chore: adopt markdownlint and markdown-table-formatter for *.md (#15831) 
Co-authored-by: Edward Angert <EdwardAngert@users.noreply.github.com>
 2025-01-03 13:12:59 +00:00
Mathias Fredriksson 7152f4a740 ci: make sure golden files are actually up to date (#15989) 2025-01-02 11:05:11 +02:00
Mathias Fredriksson cc98bab30f chore(scripts): remove unused ci-report (#15988) 2024-12-31 14:05:36 +00:00
dependabot[bot] 4c939a6461 ci: bump the github-actions group with 3 updates (#15874) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-12-16 18:14:32 +05:00
Ethan 8b51fdc6b5 ci: pin weekly-docs runner ubuntu version to 22.04 (#15873) 
The action is currently failing due to the runner using `ubuntu-latest`
See [the ubuntu
blog](https://ubuntu.com/blog/whats-new-in-security-for-ubuntu-24-04-lts#:~:text=22.04%20LTS.-,Unprivileged%20user%20namespace%20restrictions,-Unprivileged%20user%20namespaces)
for more.
 2024-12-16 10:23:11 +00:00
Cian Johnston 34a2ec8ad9 ci: build images on depot again (#15860) 2024-12-13 13:59:24 +00:00
Cian Johnston d35de45d94 ci: try building images on GitHub-hosted runner again (#15854) 2024-12-12 23:33:22 +00:00
Ethan 04032f2a97 ci: only build dylib on PRs with Go changes (#15839) 
For some reason we were building the dylib on any code changes, now it's
just Go (and CI) changes - using the same condition that `go-test` uses.

`if: needs.changes.outputs.go == 'true' || needs.changes.outputs.ci ==
'true' || github.ref == 'refs/heads/main'`

The main check ensures that it's always run before `build` is run.
 2024-12-12 06:22:51 +00:00
Edward Angert 29c9bbf2bb docs: add new organizations docs to best practices section (#15732) 
Co-authored-by: EdwardAngert <2408959-EdwardAngert@users.noreply.gitlab.com>
Co-authored-by: Steven Masley <Emyrk@users.noreply.github.com>
Co-authored-by: EdwardAngert <17991901+EdwardAngert@users.noreply.github.com>
 2024-12-11 16:32:21 -05:00
Ethan ea9e39d87c fix: give cla workflow pull request write permissions (#15820) 
When https://github.com/coder/coder/pull/15349 was added, it implicitly
set all the other permissions to none.

From
https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/controlling-permissions-for-github_token
> If you specify the access for any of these permissions, all of those
that are not specified are set to none.
 2024-12-11 15:53:08 +11:00
Dean Sheather 018723c6b0 chore: use cdrci2 account for CLA (#15783) 2024-12-09 22:30:41 +10:00
Muhammad Atif Ali 901ad3f0e4 ci: skip running test-e2e on PRs from forks (#15784) 
Co-authored-by: Dean Sheather <dean@deansheather.com>
 2024-12-09 09:50:57 +00:00
dependabot[bot] 0109c9fe6f ci: bump the github-actions group across 1 directory with 4 updates (#15762) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-12-05 13:12:07 +00:00
Ethan ca810975e7 fix: increase node max heap allocation during e2e builds (#15759) 
We're already using a 16GB runner, so this should fix flakes like:
https://github.com/coder/coder/actions/runs/12172097355/job/33950290293
https://github.com/coder/coder/actions/runs/11653425091/job/32445787079

This is the same `NODE_OPTION` we already set in the dogfood dockerfile.
 2024-12-05 06:03:50 +00:00
Ethan 887ea14b6a ci: fetch annotated tags during release/build-dylib (#15738) 
The release action [ran into an
issue](https://github.com/coder/coder/actions/runs/12147281426) building
the dylib today, as the version script that's run during the build job
was unable to find an annotated tag. This is a step it skips during
dry-runs.

```
ERROR: version.sh: the current commit is not tagged with an annotated tag
```

This was almost certainly caused by omitting the `git fetch --tags
--force` that's present on each other release action job, as the
workflow passes on a release dry-run when run against a regular branch,
that's not an annotated tag.

From an existing comment:
> If the event that triggered the build was an annotated tag (which our
tags are supposed to be), actions/checkout has a bug where the tag in
      question is only a lightweight tag and not a full annotated tag.
 2024-12-04 19:09:40 +11:00
Hugo Dutka c7c35ef4d7 chore: run macOS, windows, and race tests with Postgres in CI (#15520) 
This PR is the second in a series aimed at closing
https://github.com/coder/coder/issues/15109.

## Changes

- adds `scripts/embedded-pg/main.go`, which can start a native Postgres
database. This is used to set up PG on Windows and macOS, as these
platforms don't support Docker in Github Actions.
- runs the `test-go-pg` job on macOS and Windows too
- adds the `test-go-race-go` job, which runs race tests with Postgres on
Linux
 2024-12-03 13:33:17 +01:00
Jon Ayers 45d9274aca chore: disable parallelization when running security action (#15666) 
- `make -j` appears to be broken for clean builds
 2024-11-26 23:35:51 +02:00
dependabot[bot] 9e78aaeea3 ci: bump the github-actions group with 3 updates (#15649) 
Bumps the github-actions group with 3 updates:
[step-security/harden-runner](https://github.com/step-security/harden-runner),
[github/codeql-action](https://github.com/github/codeql-action) and
[aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action).

Updates `step-security/harden-runner` from 2.10.1 to 2.10.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's
releases</a>.</em></p>
<blockquote>
<h2>v2.10.2</h2>
<h2>What's Changed</h2>
<ol>
<li>
<p>Fixes low-severity command injection weaknesses
The advisory is here: <a
href="https://github.com/step-security/harden-runner/security/advisories/GHSA-g85v-wf27-67xc">https://github.com/step-security/harden-runner/security/advisories/GHSA-g85v-wf27-67xc</a></p>
</li>
<li>
<p>Bug fix to improve detection of whether Harden-Runner is running in a
container</p>
</li>
</ol>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/step-security/harden-runner/compare/v2...v2.10.2">https://github.com/step-security/harden-runner/compare/v2...v2.10.2</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/step-security/harden-runner/commit/0080882f6c36860b6ba35c610c98ce87d4e2f26f"><code>0080882</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/476">#476</a>
from step-security/rc-16</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/4a3a88bbf8f2e304f84e1042472c02dce37eba82"><code>4a3a88b</code></a>
Update dist</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/556aae632a6c1f630efa52e90d706218618e5f2f"><code>556aae6</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/480">#480</a>
from h0x0er/jatin/cleanup</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/6c39b8466160e86ad8606033d399fe7f4052aee1"><code>6c39b84</code></a>
chore: clean the code</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/40401cf6183a0ab2dae5c7e485c1d073fe911e91"><code>40401cf</code></a>
Update for isdocker</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/806ab1cccb47a439a89d5f8f85d3ea41a7fb1e4c"><code>806ab1c</code></a>
Update check for isdocker</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/28468118cdb665b2214b64175253b83fcb4b25f6"><code>2846811</code></a>
update dist</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/df8a07c1712fac199e8d6e78d64a46092afffa44"><code>df8a07c</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/475">#475</a>
from h0x0er/fix-execSync</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/30636fb583e59a926da2f17677e5cd3b63cf1be1"><code>30636fb</code></a>
bug fixes</li>
<li>See full diff in <a
href="https://github.com/step-security/harden-runner/compare/91182cccc01eb5e619899d80e4e971d6181294a7...0080882f6c36860b6ba35c610c98ce87d4e2f26f">compare
view</a></li>
</ul>
</details>
<br />

Updates `github/codeql-action` from 3.27.4 to 3.27.5
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.27.5</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<p>Note that the only difference between <code>v2</code> and
<code>v3</code> of the CodeQL Action is the node version they support,
with <code>v3</code> running on node 20 while we continue to release
<code>v2</code> to support running on node 16. For example
<code>3.22.11</code> was the first <code>v3</code> release and is
functionally identical to <code>2.22.11</code>. This approach ensures an
easy way to track exactly which features are included in different
versions, indicated by the minor and patch version numbers.</p>
<h2>3.27.5 - 19 Nov 2024</h2>
<p>No user facing changes.</p>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.27.5/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<p>Note that the only difference between <code>v2</code> and
<code>v3</code> of the CodeQL Action is the node version they support,
with <code>v3</code> running on node 20 while we continue to release
<code>v2</code> to support running on node 16. For example
<code>3.22.11</code> was the first <code>v3</code> release and is
functionally identical to <code>2.22.11</code>. This approach ensures an
easy way to track exactly which features are included in different
versions, indicated by the minor and patch version numbers.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.27.5 - 19 Nov 2024</h2>
<p>No user facing changes.</p>
<h2>3.27.4 - 14 Nov 2024</h2>
<p>No user facing changes.</p>
<h2>3.27.3 - 12 Nov 2024</h2>
<p>No user facing changes.</p>
<h2>3.27.2 - 12 Nov 2024</h2>
<ul>
<li>Fixed an issue where setting up the CodeQL tools would sometimes
fail with the message &quot;Invalid value 'undefined' for header
'authorization'&quot;. <a
href="https://redirect.github.com/github/codeql-action/pull/2590">#2590</a></li>
</ul>
<h2>3.27.1 - 08 Nov 2024</h2>
<ul>
<li>The CodeQL Action now downloads bundles compressed using Zstandard
on GitHub Enterprise Server when using Linux or macOS runners. This
speeds up the installation of the CodeQL tools. This feature is already
available to GitHub.com users. <a
href="https://redirect.github.com/github/codeql-action/pull/2573">#2573</a></li>
<li>Update default CodeQL bundle version to 2.19.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2576">#2576</a></li>
</ul>
<h2>3.27.0 - 22 Oct 2024</h2>
<ul>
<li>Bump the minimum CodeQL bundle version to 2.14.6. <a
href="https://redirect.github.com/github/codeql-action/pull/2549">#2549</a></li>
<li>Fix an issue where the <code>upload-sarif</code> Action would fail
with &quot;upload-sarif post-action step failed: Input required and not
supplied: token&quot; when called in a composite Action that had a
different set of inputs to the ones expected by the
<code>upload-sarif</code> Action. <a
href="https://redirect.github.com/github/codeql-action/pull/2557">#2557</a></li>
<li>Update default CodeQL bundle version to 2.19.2. <a
href="https://redirect.github.com/github/codeql-action/pull/2552">#2552</a></li>
</ul>
<h2>3.26.13 - 14 Oct 2024</h2>
<p>No user facing changes.</p>
<h2>3.26.12 - 07 Oct 2024</h2>
<ul>
<li>
<p><em>Upcoming breaking change</em>: Add a deprecation warning for
customers using CodeQL version 2.14.5 and earlier. These versions of
CodeQL were discontinued on 24 September 2024 alongside GitHub
Enterprise Server 3.10, and will be unsupported by CodeQL Action
versions 3.27.0 and later and versions 2.27.0 and later. <a
href="https://redirect.github.com/github/codeql-action/pull/2520">#2520</a></p>
<ul>
<li>
<p>If you are using one of these versions, please update to CodeQL CLI
version 2.14.6 or later. For instance, if you have specified a custom
version of the CLI using the 'tools' input to the 'init' Action, you can
remove this input to use the default version.</p>
</li>
<li>
<p>Alternatively, if you want to continue using a version of the CodeQL
CLI between 2.13.5 and 2.14.5, you can replace
<code>github/codeql-action/*@v3</code> by
<code>github/codeql-action/*@v3.26.11</code> and
<code>github/codeql-action/*@v2</code> by
<code>github/codeql-action/*@v2.26.11</code> in your code scanning
workflow to ensure you continue using this version of the CodeQL
Action.</p>
</li>
</ul>
</li>
</ul>
<h2>3.26.11 - 03 Oct 2024</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/f09c1c0a94de965c15400f5634aa42fac8fb8f88"><code>f09c1c0</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2616">#2616</a>
from github/update-v3.27.5-a6c8729a5</li>
<li><a
href="https://github.com/github/codeql-action/commit/67b73eaba559c7e6913377065b0362ccbfc94e87"><code>67b73ea</code></a>
Update changelog for v3.27.5</li>
<li><a
href="https://github.com/github/codeql-action/commit/a6c8729a5d7573eb8d440e52a9645ce4db61d97c"><code>a6c8729</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2614">#2614</a>
from github/marcogario/per-platform-proxy</li>
<li><a
href="https://github.com/github/codeql-action/commit/8f3b48727ff1b076c28967a258b95fcee30a3a48"><code>8f3b487</code></a>
Start-proxy: Fetch OS specific binary</li>
<li><a
href="https://github.com/github/codeql-action/commit/cba5fb58d4f85affaf03eb9da32f5b6c9d76838b"><code>cba5fb5</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2613">#2613</a>
from github/dependabot/npm_and_yarn/npm_and_yarn-018...</li>
<li><a
href="https://github.com/github/codeql-action/commit/e782c3a145d9946aba8fa390e406acbe4e4c05c5"><code>e782c3a</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2612">#2612</a>
from github/angelapwen/report-linux-runner-release</li>
<li><a
href="https://github.com/github/codeql-action/commit/db6788195b646f87b3d1c616b0c14a6d5b7fa9a6"><code>db67881</code></a>
Update checked-in dependencies</li>
<li><a
href="https://github.com/github/codeql-action/commit/ecde4d232d18cf2dba6c1a6b76810332abff736f"><code>ecde4d2</code></a>
Bump cross-spawn from 7.0.3 to 7.0.6 in the npm_and_yarn group</li>
<li><a
href="https://github.com/github/codeql-action/commit/e3c67a01d31d9c173ba5ffccc9d0f275540d99de"><code>e3c67a0</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2610">#2610</a>
from github/dependabot/npm_and_yarn/npm-d2ca52e617</li>
<li><a
href="https://github.com/github/codeql-action/commit/f9ada54538b47b6db28c4d11f53848689968909e"><code>f9ada54</code></a>
Telemetry: report OS release for GitHub-hosted Linux runners</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/ea9e4e37992a54ee68a9622e985e60c8e8f12d9f...f09c1c0a94de965c15400f5634aa42fac8fb8f88">compare
view</a></li>
</ul>
</details>
<br />

Updates `aquasecurity/trivy-action` from 0.28.0 to 0.29.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/aquasecurity/trivy-action/releases">aquasecurity/trivy-action's
releases</a>.</em></p>
<blockquote>
<h2>v0.29.0</h2>
<h2>What's Changed</h2>
<ul>
<li>feat: Allow skipping setup by <a
href="https://github.com/rvesse"><code>@​rvesse</code></a> in <a
href="https://redirect.github.com/aquasecurity/trivy-action/pull/414">aquasecurity/trivy-action#414</a></li>
<li>Fix oras command not found in &quot;Update Trivy Cache&quot; action
by <a href="https://github.com/Tiryoh"><code>@​Tiryoh</code></a> in <a
href="https://redirect.github.com/aquasecurity/trivy-action/pull/413">aquasecurity/trivy-action#413</a></li>
<li>Update README.md by <a
href="https://github.com/simar7"><code>@​simar7</code></a> in <a
href="https://redirect.github.com/aquasecurity/trivy-action/pull/420">aquasecurity/trivy-action#420</a></li>
<li>feat: add token for <code>setup-trivy</code> by <a
href="https://github.com/DmitriyLewen"><code>@​DmitriyLewen</code></a>
in <a
href="https://redirect.github.com/aquasecurity/trivy-action/pull/421">aquasecurity/trivy-action#421</a></li>
<li>fix: bump <code>setup-trivy</code> and add new <code>contrib</code>
directory path info by <a
href="https://github.com/DmitriyLewen"><code>@​DmitriyLewen</code></a>
in <a
href="https://redirect.github.com/aquasecurity/trivy-action/pull/424">aquasecurity/trivy-action#424</a></li>
<li>docs: remove ignore-unfixed from IaC scan example by <a
href="https://github.com/nikpivkin"><code>@​nikpivkin</code></a> in <a
href="https://redirect.github.com/aquasecurity/trivy-action/pull/429">aquasecurity/trivy-action#429</a></li>
<li>chore(deps): Bump trivy to v0.57.1 by <a
href="https://github.com/simar7"><code>@​simar7</code></a> in <a
href="https://redirect.github.com/aquasecurity/trivy-action/pull/434">aquasecurity/trivy-action#434</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/rvesse"><code>@​rvesse</code></a> made
their first contribution in <a
href="https://redirect.github.com/aquasecurity/trivy-action/pull/414">aquasecurity/trivy-action#414</a></li>
<li><a href="https://github.com/Tiryoh"><code>@​Tiryoh</code></a> made
their first contribution in <a
href="https://redirect.github.com/aquasecurity/trivy-action/pull/413">aquasecurity/trivy-action#413</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/aquasecurity/trivy-action/compare/0.28.0...0.29.0">https://github.com/aquasecurity/trivy-action/compare/0.28.0...0.29.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/aquasecurity/trivy-action/commit/18f2510ee396bbf400402947b394f2dd8c87dbb0"><code>18f2510</code></a>
chore(deps): Bump trivy to v0.57.1 (<a
href="https://redirect.github.com/aquasecurity/trivy-action/issues/434">#434</a>)</li>
<li><a
href="https://github.com/aquasecurity/trivy-action/commit/93941cebba762da4c91a91883859bf1bfb221c73"><code>93941ce</code></a>
docs: remove ignore-unfixed from IaC scan example (<a
href="https://redirect.github.com/aquasecurity/trivy-action/issues/429">#429</a>)</li>
<li><a
href="https://github.com/aquasecurity/trivy-action/commit/d2a392a13760cb64cb6bbd31d4bed2a7d9a5298d"><code>d2a392a</code></a>
fix: bump <code>setup-trivy</code> and add new <code>contrib</code>
directory path info (<a
href="https://redirect.github.com/aquasecurity/trivy-action/issues/424">#424</a>)</li>
<li><a
href="https://github.com/aquasecurity/trivy-action/commit/ee8934673cc18947baf4b05c01c4100ff36648da"><code>ee89346</code></a>
feat: add token for <code>setup-trivy</code> (<a
href="https://redirect.github.com/aquasecurity/trivy-action/issues/421">#421</a>)</li>
<li><a
href="https://github.com/aquasecurity/trivy-action/commit/cf990b19d84bbbe1eb8833659989a7c1029132e3"><code>cf990b1</code></a>
Update README.md (<a
href="https://redirect.github.com/aquasecurity/trivy-action/issues/420">#420</a>)</li>
<li><a
href="https://github.com/aquasecurity/trivy-action/commit/bff40be51b9207cf8f2148d628a9836cc7370247"><code>bff40be</code></a>
docs: Fix oras command not found (<a
href="https://redirect.github.com/aquasecurity/trivy-action/issues/413">#413</a>)</li>
<li><a
href="https://github.com/aquasecurity/trivy-action/commit/fc1500abdcdc9fc681e98d8912a52fa70dbc67de"><code>fc1500a</code></a>
feat: Allow skipping setup (<a
href="https://redirect.github.com/aquasecurity/trivy-action/issues/414">#414</a>)</li>
<li>See full diff in <a
href="https://github.com/aquasecurity/trivy-action/compare/915b19bbe73b92a6cf82a1bc12b087c9a19a5fe2...18f2510ee396bbf400402947b394f2dd8c87dbb0">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-11-26 16:24:10 +05:00
Ethan 32fc844b47 chore: support building Coder Desktop .dylib (#15512) 
Relates to #14734.
 2024-11-20 14:13:03 +11:00
dependabot[bot] 1c6cec3c43 ci: bump github/codeql-action from 3.27.1 to 3.27.4 in the github-actions group (#15563) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-11-18 19:38:29 +05:00