coder

mirror of https://github.com/coder/coder.git synced 2026-06-07 15:08:20 +00:00

Author	SHA1	Message	Date
dependabot[bot]	e39f39ee20	ci: bump the github-actions group with 2 updates (#16593 ) Bumps the github-actions group with 2 updates: [step-security/harden-runner](https://github.com/step-security/harden-runner) and [crate-ci/typos](https://github.com/crate-ci/typos). Updates `step-security/harden-runner` from 2.10.4 to 2.11.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's releases</a>.</em></p> <blockquote> <h2>v2.11.0</h2> <h2>What's Changed</h2> <p>Release v2.11.0 in <a href="https://redirect.github.com/step-security/harden-runner/issues/498">#498</a> Harden-Runner Enterprise tier now supports the use of eBPF for DNS resolution and network call monitoring</p> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2...v2.11.0">https://github.com/step-security/harden-runner/compare/v2...v2.11.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/step-security/harden-runner/commit/4d991eb9b905ef189e4c376166672c3f2f230481"><code>4d991eb</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/498">#498</a> from step-security/rc-18</li> <li><a href="https://github.com/step-security/harden-runner/commit/4ea872f89714b83576609e6f89476dfb114a6246"><code>4ea872f</code></a> Update README.md</li> <li><a href="https://github.com/step-security/harden-runner/commit/65d6f6e4ee070283fc8739e8d8295eb6c554029a"><code>65d6f6e</code></a> Add workflows</li> <li><a href="https://github.com/step-security/harden-runner/commit/1034c9a80544b55a7706ed377ea64ded8b0c7ea4"><code>1034c9a</code></a> Update package-lock.json</li> <li><a href="https://github.com/step-security/harden-runner/commit/ab221e2d7a450f54fde8ccb211cea73c5bcf1e2a"><code>ab221e2</code></a> Update agent</li> <li><a href="https://github.com/step-security/harden-runner/commit/7cb6c2fb524eafc78ce834c51af420c289690789"><code>7cb6c2f</code></a> Update agent</li> <li>See full diff in <a href="https://github.com/step-security/harden-runner/compare/cb605e52c26070c328afc4562f0b4ada7618a84e...4d991eb9b905ef189e4c376166672c3f2f230481">compare view</a></li> </ul> </details> <br /> Updates `crate-ci/typos` from 1.29.5 to 1.29.7 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/crate-ci/typos/releases">crate-ci/typos's releases</a>.</em></p> <blockquote> <h2>v1.29.7</h2> <h2>[1.29.7] - 2025-02-13</h2> <h3>Fixes</h3> <ul> <li>Don't correct <code>implementors</code></li> </ul> <h2>v1.29.6</h2> <h2>[1.29.6] - 2025-02-13</h2> <h3>Features</h3> <ul> <li>Updated the dictionary with the <a href="https://redirect.github.com/crate-ci/typos/issues/1200">January 2025</a> changes</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/crate-ci/typos/blob/master/CHANGELOG.md">crate-ci/typos's changelog</a>.</em></p> <blockquote> <h1>Change Log</h1> <p>All notable changes to this project will be documented in this file.</p> <p>The format is based on <a href="http://keepachangelog.com/">Keep a Changelog</a> and this project adheres to <a href="http://semver.org/">Semantic Versioning</a>.</p> <!-- raw HTML omitted --> <h2>[Unreleased] - ReleaseDate</h2> <h2>[1.29.7] - 2025-02-13</h2> <h3>Fixes</h3> <ul> <li>Don't correct <code>implementors</code></li> </ul> <h2>[1.29.6] - 2025-02-13</h2> <h3>Features</h3> <ul> <li>Updated the dictionary with the <a href="https://redirect.github.com/crate-ci/typos/issues/1200">January 2025</a> changes</li> </ul> <h2>[1.29.5] - 2025-01-30</h2> <h3>Internal</h3> <ul> <li>Update a dependency</li> </ul> <h2>[1.29.4] - 2025-01-03</h2> <h2>[1.29.3] - 2025-01-02</h2> <h2>[1.29.2] - 2025-01-02</h2> <h2>[1.29.1] - 2025-01-02</h2> <h3>Fixes</h3> <ul> <li>Don't correct <code>deriver</code></li> </ul> <h2>[1.29.0] - 2024-12-31</h2> <h3>Features</h3> <ul> <li>Updated the dictionary with the <a href="https://redirect.github.com/crate-ci/typos/issues/1156">December 2024</a> changes</li> </ul> <h3>Performance</h3> <ul> <li>Sped up dictionary lookups</li> </ul> <h2>[1.28.4] - 2024-12-16</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/crate-ci/typos/commit/51f257b946f503b768e522781f56e9b7b5570d48"><code>51f257b</code></a> chore: Release</li> <li><a href="https://github.com/crate-ci/typos/commit/26abf5bab7c077003c530d632ba2d194dcb50eaf"><code>26abf5b</code></a> docs: Update changelog</li> <li><a href="https://github.com/crate-ci/typos/commit/70356ad394aed5f2198728ae716d07306284545d"><code>70356ad</code></a> Merge pull request <a href="https://redirect.github.com/crate-ci/typos/issues/1229">#1229</a> from epage/english</li> <li><a href="https://github.com/crate-ci/typos/commit/1121a62d94115d9a7196fbfd6920b2690cbb427f"><code>1121a62</code></a> fix(dict): Don't correct implementors</li> <li><a href="https://github.com/crate-ci/typos/commit/991878ee7836dc567b3478ec87191e3bd2e3db73"><code>991878e</code></a> chore: Release</li> <li><a href="https://github.com/crate-ci/typos/commit/c89d673ca19e503777d7d71b76908d4dab2b5138"><code>c89d673</code></a> chore(ci): Update builder image</li> <li><a href="https://github.com/crate-ci/typos/commit/0fad3ddc6e0fedf679217dcc61886fbeabd09346"><code>0fad3dd</code></a> chore(deps): Update compatible (<a href="https://redirect.github.com/crate-ci/typos/issues/1223">#1223</a>)</li> <li><a href="https://github.com/crate-ci/typos/commit/b65799a5c4a8931f965b1d7cbabca95913c2ab0a"><code>b65799a</code></a> chore: Release</li> <li><a href="https://github.com/crate-ci/typos/commit/2c0968908d0d79fa0acaa67f017f9b539fab24c5"><code>2c09689</code></a> docs: Update changelog</li> <li><a href="https://github.com/crate-ci/typos/commit/4af6a01f528aaca60cc5571e741ce05eb2d3f267"><code>4af6a01</code></a> Merge pull request <a href="https://redirect.github.com/crate-ci/typos/issues/1222">#1222</a> from epage/jan</li> <li>Additional commits viewable in <a href="https://github.com/crate-ci/typos/compare/11ca4583f2f3f74c7e7785c0ecb20fe2c99a4308...51f257b946f503b768e522781f56e9b7b5570d48">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-02-17 12:49:20 +00:00
dependabot[bot]	7177fa0d7c	ci: bump the github-actions group with 5 updates (#16448 ) Bumps the github-actions group with 5 updates: \| Package \| From \| To \| \| --- \| --- \| --- \| \| [actions/checkout](https://github.com/actions/checkout) \| `4.2.0` \| `4.2.2` \| \| [actions/upload-artifact](https://github.com/actions/upload-artifact) \| `4.4.1` \| `4.6.0` \| \| [tj-actions/changed-files](https://github.com/tj-actions/changed-files) \| `45.0.6` \| `45.0.7` \| \| [actions/setup-java](https://github.com/actions/setup-java) \| `4.4.0` \| `4.7.0` \| \| [actions/stale](https://github.com/actions/stale) \| `9.0.0` \| `9.1.0` \| Updates `actions/checkout` from 4.2.0 to 4.2.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p> <blockquote> <h2>v4.2.2</h2> <h2>What's Changed</h2> <ul> <li><code>url-helper.ts</code> now leverages well-known environment variables by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1941">actions/checkout#1941</a></li> <li>Expand unit test coverage for <code>isGhes</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1946">actions/checkout#1946</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v4.2.1...v4.2.2">https://github.com/actions/checkout/compare/v4.2.1...v4.2.2</a></p> <h2>v4.2.1</h2> <h2>What's Changed</h2> <ul> <li>Check out other refs/* by commit if provided, fall back to ref by <a href="https://github.com/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1924">actions/checkout#1924</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/Jcambass"><code>@Jcambass</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/1919">actions/checkout#1919</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v4.2.0...v4.2.1">https://github.com/actions/checkout/compare/v4.2.0...v4.2.1</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h2>v4.2.2</h2> <ul> <li><code>url-helper.ts</code> now leverages well-known environment variables by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1941">actions/checkout#1941</a></li> <li>Expand unit test coverage for <code>isGhes</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1946">actions/checkout#1946</a></li> </ul> <h2>v4.2.1</h2> <ul> <li>Check out other refs/* by commit if provided, fall back to ref by <a href="https://github.com/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1924">actions/checkout#1924</a></li> </ul> <h2>v4.2.0</h2> <ul> <li>Add Ref and Commit outputs by <a href="https://github.com/lucacome"><code>@lucacome</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1180">actions/checkout#1180</a></li> <li>Dependency updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>- <a href="https://redirect.github.com/actions/checkout/pull/1777">actions/checkout#1777</a>, <a href="https://redirect.github.com/actions/checkout/pull/1872">actions/checkout#1872</a></li> </ul> <h2>v4.1.7</h2> <ul> <li>Bump the minor-npm-dependencies group across 1 directory with 4 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1739">actions/checkout#1739</a></li> <li>Bump actions/checkout from 3 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1697">actions/checkout#1697</a></li> <li>Check out other refs/* by commit by <a href="https://github.com/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1774">actions/checkout#1774</a></li> <li>Pin actions/checkout's own workflows to a known, good, stable version. by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1776">actions/checkout#1776</a></li> </ul> <h2>v4.1.6</h2> <ul> <li>Check platform to set archive extension appropriately by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1732">actions/checkout#1732</a></li> </ul> <h2>v4.1.5</h2> <ul> <li>Update NPM dependencies by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1703">actions/checkout#1703</a></li> <li>Bump github/codeql-action from 2 to 3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1694">actions/checkout#1694</a></li> <li>Bump actions/setup-node from 1 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1696">actions/checkout#1696</a></li> <li>Bump actions/upload-artifact from 2 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1695">actions/checkout#1695</a></li> <li>README: Suggest <code>user.email</code> to be <code>41898282+github-actions[bot]@users.noreply.github.com</code> by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1707">actions/checkout#1707</a></li> </ul> <h2>v4.1.4</h2> <ul> <li>Disable <code>extensions.worktreeConfig</code> when disabling <code>sparse-checkout</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1692">actions/checkout#1692</a></li> <li>Add dependabot config by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1688">actions/checkout#1688</a></li> <li>Bump the minor-actions-dependencies group with 2 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1693">actions/checkout#1693</a></li> <li>Bump word-wrap from 1.2.3 to 1.2.5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1643">actions/checkout#1643</a></li> </ul> <h2>v4.1.3</h2> <ul> <li>Check git version before attempting to disable <code>sparse-checkout</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1656">actions/checkout#1656</a></li> <li>Add SSH user parameter by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1685">actions/checkout#1685</a></li> <li>Update <code>actions/checkout</code> version in <code>update-main-version.yml</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1650">actions/checkout#1650</a></li> </ul> <h2>v4.1.2</h2> <ul> <li>Fix: Disable sparse checkout whenever <code>sparse-checkout</code> option is not present <a href="https://github.com/dscho"><code>@dscho</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1598">actions/checkout#1598</a></li> </ul> <h2>v4.1.1</h2> <ul> <li>Correct link to GitHub Docs by <a href="https://github.com/peterbe"><code>@peterbe</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1511">actions/checkout#1511</a></li> <li>Link to release page from what's new section by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1514">actions/checkout#1514</a></li> </ul> <h2>v4.1.0</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/1396">Add support for partial checkout filters</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/checkout/commit/11bd71901bbe5b1630ceea73d27597364c9af683"><code>11bd719</code></a> Prepare 4.2.2 Release (<a href="https://redirect.github.com/actions/checkout/issues/1953">#1953</a>)</li> <li><a href="https://github.com/actions/checkout/commit/e3d2460bbb42d7710191569f88069044cfb9d8cf"><code>e3d2460</code></a> Expand unit test coverage (<a href="https://redirect.github.com/actions/checkout/issues/1946">#1946</a>)</li> <li><a href="https://github.com/actions/checkout/commit/163217dfcd28294438ea1c1c149cfaf66eec283e"><code>163217d</code></a> <code>url-helper.ts</code> now leverages well-known environment variables. (<a href="https://redirect.github.com/actions/checkout/issues/1941">#1941</a>)</li> <li><a href="https://github.com/actions/checkout/commit/eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871"><code>eef6144</code></a> Prepare 4.2.1 release (<a href="https://redirect.github.com/actions/checkout/issues/1925">#1925</a>)</li> <li><a href="https://github.com/actions/checkout/commit/6b42224f41ee5dfe5395e27c8b2746f1f9955030"><code>6b42224</code></a> Add workflow file for publishing releases to immutable action package (<a href="https://redirect.github.com/actions/checkout/issues/1919">#1919</a>)</li> <li><a href="https://github.com/actions/checkout/commit/de5a000abf73b6f4965bd1bcdf8f8d94a56ea815"><code>de5a000</code></a> Check out other refs/* by commit if provided, fall back to ref (<a href="https://redirect.github.com/actions/checkout/issues/1924">#1924</a>)</li> <li>See full diff in <a href="https://github.com/actions/checkout/compare/v4.2.0...11bd71901bbe5b1630ceea73d27597364c9af683">compare view</a></li> </ul> </details> <br /> Updates `actions/upload-artifact` from 4.4.1 to 4.6.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's releases</a>.</em></p> <blockquote> <h2>v4.6.0</h2> <h2>What's Changed</h2> <ul> <li>Expose env vars to control concurrency and timeout by <a href="https://github.com/yacaovsnc"><code>@yacaovsnc</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/662">actions/upload-artifact#662</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/upload-artifact/compare/v4...v4.6.0">https://github.com/actions/upload-artifact/compare/v4...v4.6.0</a></p> <h2>v4.5.0</h2> <h2>What's Changed</h2> <ul> <li>fix: deprecated <code>Node.js</code> version in action by <a href="https://github.com/hamirmahal"><code>@hamirmahal</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/578">actions/upload-artifact#578</a></li> <li>Add new <code>artifact-digest</code> output by <a href="https://github.com/bdehamer"><code>@bdehamer</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/656">actions/upload-artifact#656</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/hamirmahal"><code>@hamirmahal</code></a> made their first contribution in <a href="https://redirect.github.com/actions/upload-artifact/pull/578">actions/upload-artifact#578</a></li> <li><a href="https://github.com/bdehamer"><code>@bdehamer</code></a> made their first contribution in <a href="https://redirect.github.com/actions/upload-artifact/pull/656">actions/upload-artifact#656</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/upload-artifact/compare/v4.4.3...v4.5.0">https://github.com/actions/upload-artifact/compare/v4.4.3...v4.5.0</a></p> <h2>v4.4.3</h2> <h2>What's Changed</h2> <ul> <li>Undo indirect dependency updates from <a href="https://redirect.github.com/actions/upload-artifact/issues/627">#627</a> by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/632">actions/upload-artifact#632</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/upload-artifact/compare/v4.4.2...v4.4.3">https://github.com/actions/upload-artifact/compare/v4.4.2...v4.4.3</a></p> <h2>v4.4.2</h2> <h2>What's Changed</h2> <ul> <li>Bump <code>@actions/artifact</code> to 2.1.11 by <a href="https://github.com/robherley"><code>@robherley</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/627">actions/upload-artifact#627</a> <ul> <li>Includes fix for relative symlinks not resolving properly</li> </ul> </li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/upload-artifact/compare/v4.4.1...v4.4.2">https://github.com/actions/upload-artifact/compare/v4.4.1...v4.4.2</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/upload-artifact/commit/65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08"><code>65c4c4a</code></a> Merge pull request <a href="https://redirect.github.com/actions/upload-artifact/issues/662">#662</a> from actions/yacaovsnc/add_variable_for_concurrency_a...</li> <li><a href="https://github.com/actions/upload-artifact/commit/020761922861c5b0a0a9b98ae4adccf1f675862c"><code>0207619</code></a> move files back to satisfy licensed ci</li> <li><a href="https://github.com/actions/upload-artifact/commit/1ecca81102de35b6c140e930a09ea6144c27abf1"><code>1ecca81</code></a> licensed cache updates</li> <li><a href="https://github.com/actions/upload-artifact/commit/97422693d3a0493fc2d725fe8c0ac1c1097e9128"><code>9742269</code></a> Expose env vars to controll concurrency and timeout</li> <li><a href="https://github.com/actions/upload-artifact/commit/6f51ac03b9356f520e9adb1b1b7802705f340c2b"><code>6f51ac0</code></a> Merge pull request <a href="https://redirect.github.com/actions/upload-artifact/issues/656">#656</a> from bdehamer/bdehamer/artifact-digest</li> <li><a href="https://github.com/actions/upload-artifact/commit/c40c16d999899d3642ba1597014ba7ef8ff611e7"><code>c40c16d</code></a> add new artifact-digest output</li> <li><a href="https://github.com/actions/upload-artifact/commit/735efb4a0a50bb1a533b000483f2d0a23effbd26"><code>735efb4</code></a> bump <code>@actions/artifact</code> from 2.1.11 to 2.2.0</li> <li><a href="https://github.com/actions/upload-artifact/commit/184d73b71b93c222403b2e7f1ffebe4508014249"><code>184d73b</code></a> Merge pull request <a href="https://redirect.github.com/actions/upload-artifact/issues/578">#578</a> from hamirmahal/fix/deprecated-nodejs-usage-in-action</li> <li><a href="https://github.com/actions/upload-artifact/commit/b4a0a984a056f94abb1db07895e844b9422e1e41"><code>b4a0a98</code></a> Merge branch 'main' into fix/deprecated-nodejs-usage-in-action</li> <li><a href="https://github.com/actions/upload-artifact/commit/b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882"><code>b4b15b8</code></a> Merge pull request <a href="https://redirect.github.com/actions/upload-artifact/issues/632">#632</a> from actions/joshmgross/undo-dependency-changes</li> <li>Additional commits viewable in <a href="https://github.com/actions/upload-artifact/compare/v4.4.1...65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08">compare view</a></li> </ul> </details> <br /> Updates `tj-actions/changed-files` from 45.0.6 to 45.0.7 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tj-actions/changed-files/releases">tj-actions/changed-files's releases</a>.</em></p> <blockquote> <h2>v45.0.7</h2> <h2>What's Changed</h2> <ul> <li>Upgraded to v45.0.6 by <a href="https://github.com/tj-actions-bot"><code>@tj-actions-bot</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2389">tj-actions/changed-files#2389</a></li> <li>chore(deps): lock file maintenance by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2390">tj-actions/changed-files#2390</a></li> <li>chore(deps): update dependency eslint-plugin-github to v5.1.5 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2392">tj-actions/changed-files#2392</a></li> <li>chore(deps): update dependency typescript to v5.7.3 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2393">tj-actions/changed-files#2393</a></li> <li>fix(deps): update dependency <code>@octokit/rest</code> to v21.1.0 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2394">tj-actions/changed-files#2394</a></li> <li>chore(deps): lock file maintenance by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2395">tj-actions/changed-files#2395</a></li> <li>chore(deps): update dependency eslint-config-prettier to v10 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2396">tj-actions/changed-files#2396</a></li> <li>chore(deps): update dependency <code>@types/node</code> to v22.10.6 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2397">tj-actions/changed-files#2397</a></li> <li>chore(deps): update dependency eslint-plugin-prettier to v5.2.2 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2399">tj-actions/changed-files#2399</a></li> <li>chore(deps): update dependency eslint-plugin-jest to v28.11.0 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2400">tj-actions/changed-files#2400</a></li> <li>chore(deps): update dependency <code>@types/node</code> to v22.10.7 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2403">tj-actions/changed-files#2403</a></li> <li>chore(deps): update dependency eslint-plugin-prettier to v5.2.3 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2405">tj-actions/changed-files#2405</a></li> <li>chore(deps): lock file maintenance by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2406">tj-actions/changed-files#2406</a></li> <li>chore(deps): update dependency <code>@types/node</code> to v22.10.8 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2407">tj-actions/changed-files#2407</a></li> <li>chore(deps): update dependency <code>@types/node</code> to v22.10.9 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2408">tj-actions/changed-files#2408</a></li> <li>chore(deps): update dependency <code>@types/node</code> to v22.10.10 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2409">tj-actions/changed-files#2409</a></li> <li>chore(deps): lock file maintenance by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2410">tj-actions/changed-files#2410</a></li> <li>chore(deps): update actions/setup-node action to v4.2.0 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2411">tj-actions/changed-files#2411</a></li> <li>chore(deps): update dependency eslint-plugin-github to v5.1.6 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2413">tj-actions/changed-files#2413</a></li> <li>chore(deps): update dependency <code>@types/node</code> to v22.12.0 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2414">tj-actions/changed-files#2414</a></li> <li>chore(deps): update dependency <code>@types/lodash</code> to v4.17.15 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2415">tj-actions/changed-files#2415</a></li> <li>chore(deps): update dependency eslint-plugin-github to v5.1.7 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2417">tj-actions/changed-files#2417</a></li> <li>chore(deps): update dependency <code>@types/node</code> to v22.13.0 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2419">tj-actions/changed-files#2419</a></li> <li>chore(deps): lock file maintenance by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2420">tj-actions/changed-files#2420</a></li> <li>chore(deps): update dependency <code>@types/node</code> to v22.13.1 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2422">tj-actions/changed-files#2422</a></li> <li>chore(deps): update dependency eslint-plugin-github to v5.1.8 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2424">tj-actions/changed-files#2424</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/tj-actions/changed-files/compare/v45...v45.0.7">https://github.com/tj-actions/changed-files/compare/v45...v45.0.7</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h1><a href="https://github.com/tj-actions/changed-files/compare/v45.0.6...v45.0.7">45.0.7</a> - (2025-02-04)</h1> <h2><!-- raw HTML omitted -->🐛 Bug Fixes</h2> <ul> <li><strong>deps:</strong> Update dependency <code>@octokit/rest</code> to v21.1.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2394">#2394</a>) (<a href="https://github.com/tj-actions/changed-files/commit/7b72c97d739f955f5cadca0d59799d826ae9f6c9">7b72c97</a>) - (renovate[bot])</li> </ul> <h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2> <ul> <li><strong>deps:</strong> Update dependency eslint-plugin-github to v5.1.8 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2424">#2424</a>) (<a href="https://github.com/tj-actions/changed-files/commit/dcc7a0cba800f454d79fff4b993e8c3555bcc0a8">dcc7a0c</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Update dependency <code>@types/node</code> to v22.13.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2422">#2422</a>) (<a href="https://github.com/tj-actions/changed-files/commit/364748aaa8a1ba2cd0a06c35e27f0b736cce57d1">364748a</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Lock file maintenance (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2420">#2420</a>) (<a href="https://github.com/tj-actions/changed-files/commit/301bed650e89313e46f9582591f9a1f4839f2826">301bed6</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Update dependency <code>@types/node</code> to v22.13.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2419">#2419</a>) (<a href="https://github.com/tj-actions/changed-files/commit/be1c47003f1f9dedb4436e1e87dfdedd6f97f4c9">be1c470</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Update dependency eslint-plugin-github to v5.1.7 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2417">#2417</a>) (<a href="https://github.com/tj-actions/changed-files/commit/81785a6716d8354b3886445dd0c2f91e44a0af5a">81785a6</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Update dependency <code>@types/lodash</code> to v4.17.15 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2415">#2415</a>) (<a href="https://github.com/tj-actions/changed-files/commit/065e671731666959f9ea1bbbb7ddb8363a8ae9cd">065e671</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Update dependency <code>@types/node</code> to v22.12.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2414">#2414</a>) (<a href="https://github.com/tj-actions/changed-files/commit/45cd7f3ddd3d2ba2e885acb6245710a72c096704">45cd7f3</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Update dependency eslint-plugin-github to v5.1.6 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2413">#2413</a>) (<a href="https://github.com/tj-actions/changed-files/commit/47f21ba55840bf5f5d6ed605352ecd7f2508cbe2">47f21ba</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Update actions/setup-node action to v4.2.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2411">#2411</a>) (<a href="https://github.com/tj-actions/changed-files/commit/3b3041225bddb25fd9637f44aa4e9a5178c6792e">3b30412</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Lock file maintenance (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2410">#2410</a>) (<a href="https://github.com/tj-actions/changed-files/commit/eec6665cfdd8cb363f41d1adb498ad670105e5ea">eec6665</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Update dependency <code>@types/node</code> to v22.10.10 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2409">#2409</a>) (<a href="https://github.com/tj-actions/changed-files/commit/cefd9aa22075c8bbc7dc90a20e82a5badce77e7c">cefd9aa</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Update dependency <code>@types/node</code> to v22.10.9 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2408">#2408</a>) (<a href="https://github.com/tj-actions/changed-files/commit/6296564d94be89c91b9c9a893e3b1381b8083dfa">6296564</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Update dependency <code>@types/node</code> to v22.10.8 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2407">#2407</a>) (<a href="https://github.com/tj-actions/changed-files/commit/203f0af1aa531319a2af43d70205e12b5f73cb05">203f0af</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Lock file maintenance (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2406">#2406</a>) (<a href="https://github.com/tj-actions/changed-files/commit/8b824429a7b52d43be4884a6be2dea134870d55d">8b82442</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Update dependency eslint-plugin-prettier to v5.2.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2405">#2405</a>) (<a href="https://github.com/tj-actions/changed-files/commit/2b7a1ec20ef743b7bb78d0a5e55012dfb04a8f78">2b7a1ec</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Update dependency <code>@types/node</code> to v22.10.7 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2403">#2403</a>) (<a href="https://github.com/tj-actions/changed-files/commit/a2600ce61d4b9f7074622ca3a2f5e497524e6532">a2600ce</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Update dependency eslint-plugin-jest to v28.11.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2400">#2400</a>) (<a href="https://github.com/tj-actions/changed-files/commit/5dc51d34076557d9ab904ba22d0107a7aa9c73c6">5dc51d3</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Update dependency eslint-plugin-prettier to v5.2.2 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2399">#2399</a>) (<a href="https://github.com/tj-actions/changed-files/commit/18de9f341fddb527d74abcea6acaa9430e392a60">18de9f3</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Update dependency <code>@types/node</code> to v22.10.6 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2397">#2397</a>) (<a href="https://github.com/tj-actions/changed-files/commit/467e54813892b0cf302b0bba54d233c861b97f1a">467e548</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Update dependency eslint-config-prettier to v10 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2396">#2396</a>) (<a href="https://github.com/tj-actions/changed-files/commit/556e62ac760c4112189f816a829a2e61965d76a0">556e62a</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Lock file maintenance (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2395">#2395</a>) (<a href="https://github.com/tj-actions/changed-files/commit/4f1e6b0db0fb6a8f464793eed5c37ec4a4d76011">4f1e6b0</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Update dependency typescript to v5.7.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2393">#2393</a>) (<a href="https://github.com/tj-actions/changed-files/commit/82deec73be8984405676feff8f0a4562b60df95c">82deec7</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Update dependency eslint-plugin-github to v5.1.5 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2392">#2392</a>) (<a href="https://github.com/tj-actions/changed-files/commit/ef7202db4d23bd79d2fb79d667a7a43ddb08b783">ef7202d</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Lock file maintenance (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2390">#2390</a>) (<a href="https://github.com/tj-actions/changed-files/commit/01c978c0f8cace666c3b0102d1c2c59bf698acdf">01c978c</a>) - (renovate[bot])</li> </ul> <h2><!-- raw HTML omitted -->⬆️ Upgrades</h2> <ul> <li>Upgraded to v45.0.6 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2389">#2389</a>)</li> </ul> <p>Co-authored-by: jackton1 <a href="mailto:17484350+jackton1@users.noreply.github.com">17484350+jackton1@users.noreply.github.com</a> (<a href="https://github.com/tj-actions/changed-files/commit/ed8e9f69eea433e8fca92ad9b928ca6520d79c2a">ed8e9f6</a>) - (tj-actions[bot])</p> <h1><a href="https://github.com/tj-actions/changed-files/compare/v45.0.5...v45.0.6">45.0.6</a> - (2025-01-03)</h1> <h2><!-- raw HTML omitted -->🐛 Bug Fixes</h2> <ul> <li><strong>deps:</strong> Update dependency yaml to v2.7.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2383">#2383</a>) (<a href="https://github.com/tj-actions/changed-files/commit/5f974c28f5044c411f0c9e7becf3f172029cf9cf">5f974c2</a>) - (renovate[bot])</li> </ul> <h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2> <ul> <li><strong>deps:</strong> Update dependency <code>@types/lodash</code> to v4.17.14 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2388">#2388</a>) (<a href="https://github.com/tj-actions/changed-files/commit/d6e91a2266cdb9d62096cebf1e8546899c6aa18f">d6e91a2</a>) - (renovate[bot])</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tj-actions/changed-files/commit/dcc7a0cba800f454d79fff4b993e8c3555bcc0a8"><code>dcc7a0c</code></a> chore(deps): update dependency eslint-plugin-github to v5.1.8 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2424">#2424</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/364748aaa8a1ba2cd0a06c35e27f0b736cce57d1"><code>364748a</code></a> chore(deps): update dependency <code>@types/node</code> to v22.13.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2422">#2422</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/301bed650e89313e46f9582591f9a1f4839f2826"><code>301bed6</code></a> chore(deps): lock file maintenance (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2420">#2420</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/be1c47003f1f9dedb4436e1e87dfdedd6f97f4c9"><code>be1c470</code></a> chore(deps): update dependency <code>@types/node</code> to v22.13.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2419">#2419</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/81785a6716d8354b3886445dd0c2f91e44a0af5a"><code>81785a6</code></a> chore(deps): update dependency eslint-plugin-github to v5.1.7 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2417">#2417</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/065e671731666959f9ea1bbbb7ddb8363a8ae9cd"><code>065e671</code></a> chore(deps): update dependency <code>@types/lodash</code> to v4.17.15 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2415">#2415</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/45cd7f3ddd3d2ba2e885acb6245710a72c096704"><code>45cd7f3</code></a> chore(deps): update dependency <code>@types/node</code> to v22.12.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2414">#2414</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/47f21ba55840bf5f5d6ed605352ecd7f2508cbe2"><code>47f21ba</code></a> chore(deps): update dependency eslint-plugin-github to v5.1.6 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2413">#2413</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/3b3041225bddb25fd9637f44aa4e9a5178c6792e"><code>3b30412</code></a> chore(deps): update actions/setup-node action to v4.2.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2411">#2411</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/eec6665cfdd8cb363f41d1adb498ad670105e5ea"><code>eec6665</code></a> chore(deps): lock file maintenance (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2410">#2410</a>)</li> <li>Additional commits viewable in <a href="https://github.com/tj-actions/changed-files/compare/d6e91a2266cdb9d62096cebf1e8546899c6aa18f...dcc7a0cba800f454d79fff4b993e8c3555bcc0a8">compare view</a></li> </ul> </details> <br /> Updates `actions/setup-java` from 4.4.0 to 4.7.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/setup-java/releases">actions/setup-java's releases</a>.</em></p> <blockquote> <h2>v4.7.0</h2> <h2>What's Changed</h2> <ul> <li>Configure Dependabot settings by <a href="https://github.com/HarithaVattikuti"><code>@HarithaVattikuti</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/722">actions/setup-java#722</a></li> <li>README Update: Added a permissions section by <a href="https://github.com/benwells"><code>@benwells</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/723">actions/setup-java#723</a></li> <li>Upgrade <code>cache</code> from version 3.2.4 to 4.0.0 by <a href="https://github.com/aparnajyothi-y"><code>@aparnajyothi-y</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/724">actions/setup-java#724</a></li> <li>Upgrade <code>@actions/http-client</code> from 2.2.1 to 2.2.3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/728">actions/setup-java#728</a></li> <li>Upgrade <code>actions/publish-immutable-action</code> from 0.0.3 to 0.0.4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/727">actions/setup-java#727</a></li> <li>Upgrade <code>@types/jest</code> from 29.5.12 to 29.5.14 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/729">actions/setup-java#729</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/benwells"><code>@benwells</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-java/pull/723">actions/setup-java#723</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/setup-java/compare/v4...v4.7.0">https://github.com/actions/setup-java/compare/v4...v4.7.0</a></p> <h2>v4.6.0</h2> <h2>What's Changed</h2> <p><strong>Add-ons:</strong></p> <ul> <li>Add Support for JetBrains Runtime by <a href="https://github.com/gmitch215"><code>@gmitch215</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/637">actions/setup-java#637</a></li> </ul> <pre lang="steps:"><code> - name: Checkout uses: actions/checkout@v4 - name: Setup-java uses: actions/setup-java@v4 with: distribution: ‘jetbrains’ java-version: '21' </code></pre> <p><strong>Bug fixes:</strong></p> <ul> <li>Fix Ubuntu-latest CI failures by <a href="https://github.com/mahabaleshwars"><code>@mahabaleshwars</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/693">actions/setup-java#693</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/gmitch215"><code>@gmitch215</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-java/pull/637">actions/setup-java#637</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/setup-java/compare/v4...v4.6.0">https://github.com/actions/setup-java/compare/v4...v4.6.0</a></p> <h2>v4.5.0</h2> <h2>What's Changed</h2> <ul> <li>Upgrade IA Publish by <a href="https://github.com/Jcambass"><code>@Jcambass</code></a> in <a href="https://redirect.github.com/actions/setup-java/issues/686">#686</a></li> </ul> <h3>Bug fixes:</h3> <ul> <li>Improve archive extraction on windows runners without powershell core and Update micromatch dependency by <a href="https://github.com/priyagupta108"><code>@priyagupta108</code></a> in <a href="https://redirect.github.com/actions/setup-java/issues/689">#689</a></li> <li>Update workflows for GraalVM and Version Enhancements by <a href="https://github.com/mahabaleshwars"><code>@mahabaleshwars</code></a> in <a href="https://redirect.github.com/actions/setup-java/issues/699">#699</a></li> <li>Refine <code>isGhes</code> logic by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/setup-java/issues/697">#697</a></li> </ul> <h3>New Contributors:</h3> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/setup-java/commit/3a4f6e1af504cf6a31855fa899c6aa5355ba6c12"><code>3a4f6e1</code></a> Bump <code>@types/jest</code> from 29.5.12 to 29.5.14 (<a href="https://redirect.github.com/actions/setup-java/issues/729">#729</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/25f376e3482f0dca3da72062bdab5082495705ff"><code>25f376e</code></a> Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 (<a href="https://redirect.github.com/actions/setup-java/issues/727">#727</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/d4e4b6bbc1a6e93198eade3e6adfedd3c01f79c4"><code>d4e4b6b</code></a> Bump <code>@actions/http-client</code> from 2.2.1 to 2.2.3 (<a href="https://redirect.github.com/actions/setup-java/issues/728">#728</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/28b532bcb39ad928b00bc3cbce25c94d11654854"><code>28b532b</code></a> Create dependabot.yml (<a href="https://redirect.github.com/actions/setup-java/issues/722">#722</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/51ab6d2e3070fda1eac8cfaab8ffd90e6019d7e1"><code>51ab6d2</code></a> Update cache from 3.2.4 to 4.0.0 (<a href="https://redirect.github.com/actions/setup-java/issues/724">#724</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/99d3141d9ba96520552bfd7a9545bc1d74da9251"><code>99d3141</code></a> Update README.md (<a href="https://redirect.github.com/actions/setup-java/issues/723">#723</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/7a6d8a8234af8eb26422e24e3006232cccaa061b"><code>7a6d8a8</code></a> Add Support for JetBrains Runtime (<a href="https://redirect.github.com/actions/setup-java/issues/637">#637</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/7136edc5e8145b3c0b6bae8f4e62706c74e76538"><code>7136edc</code></a> Fix sbt and x86 CI failures on Ubuntu-24 (<a href="https://redirect.github.com/actions/setup-java/issues/693">#693</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/8df1039502a15bceb9433410b1a100fbe190c53b"><code>8df1039</code></a> Refine <code>isGhes</code> logic (<a href="https://redirect.github.com/actions/setup-java/issues/697">#697</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/870c199c48d3d764226001e5f61002b15289795e"><code>870c199</code></a> Update workflows for GraalVM and Version Enhancements (<a href="https://redirect.github.com/actions/setup-java/issues/699">#699</a>)</li> <li>Additional commits viewable in <a href="https://github.com/actions/setup-java/compare/b36c23c0d998641eff861008f374ee103c25ac73...3a4f6e1af504cf6a31855fa899c6aa5355ba6c12">compare view</a></li> </ul> </details> <br /> Updates `actions/stale` from 9.0.0 to 9.1.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/stale/releases">actions/stale's releases</a>.</em></p> <blockquote> <h2>v9.1.0</h2> <h2>What's Changed</h2> <ul> <li>Documentation update by <a href="https://github.com/Marukome0743"><code>@Marukome0743</code></a> in <a href="https://redirect.github.com/actions/stale/pull/1116">actions/stale#1116</a></li> <li>Add workflow file for publishing releases to immutable action package by <a href="https://github.com/Jcambass"><code>@Jcambass</code></a> in <a href="https://redirect.github.com/actions/stale/pull/1179">actions/stale#1179</a></li> <li>Update undici from 5.28.2 to 5.28.4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/stale/pull/1150">actions/stale#1150</a></li> <li>Update actions/checkout from 3 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/stale/pull/1091">actions/stale#1091</a></li> <li>Update actions/publish-action from 0.2.2 to 0.3.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/stale/pull/1147">actions/stale#1147</a></li> <li>Update ts-jest from 29.1.1 to 29.2.5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/stale/pull/1175">actions/stale#1175</a></li> <li>Update <code>@actions/core</code> from 1.10.1 to 1.11.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/stale/pull/1191">actions/stale#1191</a></li> <li>Update <code>@types/jest</code> from 29.5.11 to 29.5.14 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/stale/pull/1193">actions/stale#1193</a></li> <li>Update <code>@actions/cache</code> from 3.2.2 to 4.0.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/stale/pull/1194">actions/stale#1194</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/Marukome0743"><code>@Marukome0743</code></a> made their first contribution in <a href="https://redirect.github.com/actions/stale/pull/1116">actions/stale#1116</a></li> <li><a href="https://github.com/Jcambass"><code>@Jcambass</code></a> made their first contribution in <a href="https://redirect.github.com/actions/stale/pull/1179">actions/stale#1179</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/stale/compare/v9...v9.1.0">https://github.com/actions/stale/compare/v9...v9.1.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/stale/commit/5bef64f19d7facfb25b37b414482c7164d639639"><code>5bef64f</code></a> build(deps): bump <code>@actions/cache</code> from 3.2.2 to 4.0.0 (<a href="https://redirect.github.com/actions/stale/issues/1194">#1194</a>)</li> <li><a href="https://github.com/actions/stale/commit/fa77dfddd04682b7d96dbc4e016318e681fdc10e"><code>fa77dfd</code></a> build(deps-dev): bump <code>@types/jest</code> from 29.5.11 to 29.5.14 (<a href="https://redirect.github.com/actions/stale/issues/1193">#1193</a>)</li> <li><a href="https://github.com/actions/stale/commit/f04443dce335c74ba15c65f4cbb3688e6cb6a6ec"><code>f04443d</code></a> build(deps): bump <code>@actions/core</code> from 1.10.1 to 1.11.1 (<a href="https://redirect.github.com/actions/stale/issues/1191">#1191</a>)</li> <li><a href="https://github.com/actions/stale/commit/5c715b0513651880806e14d529f014b12fdd50eb"><code>5c715b0</code></a> build(deps-dev): bump ts-jest from 29.1.1 to 29.2.5 (<a href="https://redirect.github.com/actions/stale/issues/1175">#1175</a>)</li> <li><a href="https://github.com/actions/stale/commit/f69122271d990fd11f5594ccff2296f00ff59b49"><code>f691222</code></a> build(deps): bump actions/publish-action from 0.2.2 to 0.3.0 (<a href="https://redirect.github.com/actions/stale/issues/1147">#1147</a>)</li> <li><a href="https://github.com/actions/stale/commit/df990c2cf5ae92c90653c9485d6882a0a09feac7"><code>df990c2</code></a> build(deps): bump actions/checkout from 3 to 4 (<a href="https://redirect.github.com/actions/stale/issues/1091">#1091</a>)</li> <li><a href="https://github.com/actions/stale/commit/6e472ce44ab4197b0154601c59c54a75b73b340b"><code>6e472ce</code></a> Merge pull request <a href="https://redirect.github.com/actions/stale/issues/1179">#1179</a> from actions/Jcambass-patch-1</li> <li><a href="https://github.com/actions/stale/commit/d10ba64261d965f75165f74c55cd3ffbf690d442"><code>d10ba64</code></a> Merge pull request <a href="https://redirect.github.com/actions/stale/issues/1150">#1150</a> from actions/dependabot/npm_and_yarn/undici-5.28.4</li> <li><a href="https://github.com/actions/stale/commit/bbf3da5f64eebd003932d93293857400f7f7e18d"><code>bbf3da5</code></a> resolve check failures</li> <li><a href="https://github.com/actions/stale/commit/6a2e61d18b155e538f85ef1bf7bd0470775e9703"><code>6a2e61d</code></a> Add workflow file for publishing releases to immutable action package</li> <li>Additional commits viewable in <a href="https://github.com/actions/stale/compare/28ca1036281a5e5922ead5184a1bbf96e5fc984e...5bef64f19d7facfb25b37b414482c7164d639639">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-02-05 14:14:49 +00:00
dependabot[bot]	f8844cab0a	ci: bump the github-actions group with 4 updates (#16192 ) Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Muhammad Atif Ali <atif@coder.com>	2025-01-21 15:31:30 +00:00
dependabot[bot]	9e78aaeea3	ci: bump the github-actions group with 3 updates (#15649 ) Bumps the github-actions group with 3 updates: [step-security/harden-runner](https://github.com/step-security/harden-runner), [github/codeql-action](https://github.com/github/codeql-action) and [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action). Updates `step-security/harden-runner` from 2.10.1 to 2.10.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's releases</a>.</em></p> <blockquote> <h2>v2.10.2</h2> <h2>What's Changed</h2> <ol> <li> <p>Fixes low-severity command injection weaknesses The advisory is here: <a href="https://github.com/step-security/harden-runner/security/advisories/GHSA-g85v-wf27-67xc">https://github.com/step-security/harden-runner/security/advisories/GHSA-g85v-wf27-67xc</a></p> </li> <li> <p>Bug fix to improve detection of whether Harden-Runner is running in a container</p> </li> </ol> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2...v2.10.2">https://github.com/step-security/harden-runner/compare/v2...v2.10.2</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/step-security/harden-runner/commit/0080882f6c36860b6ba35c610c98ce87d4e2f26f"><code>0080882</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/476">#476</a> from step-security/rc-16</li> <li><a href="https://github.com/step-security/harden-runner/commit/4a3a88bbf8f2e304f84e1042472c02dce37eba82"><code>4a3a88b</code></a> Update dist</li> <li><a href="https://github.com/step-security/harden-runner/commit/556aae632a6c1f630efa52e90d706218618e5f2f"><code>556aae6</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/480">#480</a> from h0x0er/jatin/cleanup</li> <li><a href="https://github.com/step-security/harden-runner/commit/6c39b8466160e86ad8606033d399fe7f4052aee1"><code>6c39b84</code></a> chore: clean the code</li> <li><a href="https://github.com/step-security/harden-runner/commit/40401cf6183a0ab2dae5c7e485c1d073fe911e91"><code>40401cf</code></a> Update for isdocker</li> <li><a href="https://github.com/step-security/harden-runner/commit/806ab1cccb47a439a89d5f8f85d3ea41a7fb1e4c"><code>806ab1c</code></a> Update check for isdocker</li> <li><a href="https://github.com/step-security/harden-runner/commit/28468118cdb665b2214b64175253b83fcb4b25f6"><code>2846811</code></a> update dist</li> <li><a href="https://github.com/step-security/harden-runner/commit/df8a07c1712fac199e8d6e78d64a46092afffa44"><code>df8a07c</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/475">#475</a> from h0x0er/fix-execSync</li> <li><a href="https://github.com/step-security/harden-runner/commit/30636fb583e59a926da2f17677e5cd3b63cf1be1"><code>30636fb</code></a> bug fixes</li> <li>See full diff in <a href="https://github.com/step-security/harden-runner/compare/91182cccc01eb5e619899d80e4e971d6181294a7...0080882f6c36860b6ba35c610c98ce87d4e2f26f">compare view</a></li> </ul> </details> <br /> Updates `github/codeql-action` from 3.27.4 to 3.27.5 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action's releases</a>.</em></p> <blockquote> <h2>v3.27.5</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <p>Note that the only difference between <code>v2</code> and <code>v3</code> of the CodeQL Action is the node version they support, with <code>v3</code> running on node 20 while we continue to release <code>v2</code> to support running on node 16. For example <code>3.22.11</code> was the first <code>v3</code> release and is functionally identical to <code>2.22.11</code>. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.</p> <h2>3.27.5 - 19 Nov 2024</h2> <p>No user facing changes.</p> <p>See the full <a href="https://github.com/github/codeql-action/blob/v3.27.5/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <p>Note that the only difference between <code>v2</code> and <code>v3</code> of the CodeQL Action is the node version they support, with <code>v3</code> running on node 20 while we continue to release <code>v2</code> to support running on node 16. For example <code>3.22.11</code> was the first <code>v3</code> release and is functionally identical to <code>2.22.11</code>. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>3.27.5 - 19 Nov 2024</h2> <p>No user facing changes.</p> <h2>3.27.4 - 14 Nov 2024</h2> <p>No user facing changes.</p> <h2>3.27.3 - 12 Nov 2024</h2> <p>No user facing changes.</p> <h2>3.27.2 - 12 Nov 2024</h2> <ul> <li>Fixed an issue where setting up the CodeQL tools would sometimes fail with the message "Invalid value 'undefined' for header 'authorization'". <a href="https://redirect.github.com/github/codeql-action/pull/2590">#2590</a></li> </ul> <h2>3.27.1 - 08 Nov 2024</h2> <ul> <li>The CodeQL Action now downloads bundles compressed using Zstandard on GitHub Enterprise Server when using Linux or macOS runners. This speeds up the installation of the CodeQL tools. This feature is already available to GitHub.com users. <a href="https://redirect.github.com/github/codeql-action/pull/2573">#2573</a></li> <li>Update default CodeQL bundle version to 2.19.3. <a href="https://redirect.github.com/github/codeql-action/pull/2576">#2576</a></li> </ul> <h2>3.27.0 - 22 Oct 2024</h2> <ul> <li>Bump the minimum CodeQL bundle version to 2.14.6. <a href="https://redirect.github.com/github/codeql-action/pull/2549">#2549</a></li> <li>Fix an issue where the <code>upload-sarif</code> Action would fail with "upload-sarif post-action step failed: Input required and not supplied: token" when called in a composite Action that had a different set of inputs to the ones expected by the <code>upload-sarif</code> Action. <a href="https://redirect.github.com/github/codeql-action/pull/2557">#2557</a></li> <li>Update default CodeQL bundle version to 2.19.2. <a href="https://redirect.github.com/github/codeql-action/pull/2552">#2552</a></li> </ul> <h2>3.26.13 - 14 Oct 2024</h2> <p>No user facing changes.</p> <h2>3.26.12 - 07 Oct 2024</h2> <ul> <li> <p><em>Upcoming breaking change</em>: Add a deprecation warning for customers using CodeQL version 2.14.5 and earlier. These versions of CodeQL were discontinued on 24 September 2024 alongside GitHub Enterprise Server 3.10, and will be unsupported by CodeQL Action versions 3.27.0 and later and versions 2.27.0 and later. <a href="https://redirect.github.com/github/codeql-action/pull/2520">#2520</a></p> <ul> <li> <p>If you are using one of these versions, please update to CodeQL CLI version 2.14.6 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version.</p> </li> <li> <p>Alternatively, if you want to continue using a version of the CodeQL CLI between 2.13.5 and 2.14.5, you can replace <code>github/codeql-action/@v3</code> by <code>github/codeql-action/@v3.26.11</code> and <code>github/codeql-action/@v2</code> by <code>github/codeql-action/@v2.26.11</code> in your code scanning workflow to ensure you continue using this version of the CodeQL Action.</p> </li> </ul> </li> </ul> <h2>3.26.11 - 03 Oct 2024</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/f09c1c0a94de965c15400f5634aa42fac8fb8f88"><code>f09c1c0</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2616">#2616</a> from github/update-v3.27.5-a6c8729a5</li> <li><a href="https://github.com/github/codeql-action/commit/67b73eaba559c7e6913377065b0362ccbfc94e87"><code>67b73ea</code></a> Update changelog for v3.27.5</li> <li><a href="https://github.com/github/codeql-action/commit/a6c8729a5d7573eb8d440e52a9645ce4db61d97c"><code>a6c8729</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2614">#2614</a> from github/marcogario/per-platform-proxy</li> <li><a href="https://github.com/github/codeql-action/commit/8f3b48727ff1b076c28967a258b95fcee30a3a48"><code>8f3b487</code></a> Start-proxy: Fetch OS specific binary</li> <li><a href="https://github.com/github/codeql-action/commit/cba5fb58d4f85affaf03eb9da32f5b6c9d76838b"><code>cba5fb5</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2613">#2613</a> from github/dependabot/npm_and_yarn/npm_and_yarn-018...</li> <li><a href="https://github.com/github/codeql-action/commit/e782c3a145d9946aba8fa390e406acbe4e4c05c5"><code>e782c3a</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2612">#2612</a> from github/angelapwen/report-linux-runner-release</li> <li><a href="https://github.com/github/codeql-action/commit/db6788195b646f87b3d1c616b0c14a6d5b7fa9a6"><code>db67881</code></a> Update checked-in dependencies</li> <li><a href="https://github.com/github/codeql-action/commit/ecde4d232d18cf2dba6c1a6b76810332abff736f"><code>ecde4d2</code></a> Bump cross-spawn from 7.0.3 to 7.0.6 in the npm_and_yarn group</li> <li><a href="https://github.com/github/codeql-action/commit/e3c67a01d31d9c173ba5ffccc9d0f275540d99de"><code>e3c67a0</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2610">#2610</a> from github/dependabot/npm_and_yarn/npm-d2ca52e617</li> <li><a href="https://github.com/github/codeql-action/commit/f9ada54538b47b6db28c4d11f53848689968909e"><code>f9ada54</code></a> Telemetry: report OS release for GitHub-hosted Linux runners</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/ea9e4e37992a54ee68a9622e985e60c8e8f12d9f...f09c1c0a94de965c15400f5634aa42fac8fb8f88">compare view</a></li> </ul> </details> <br /> Updates `aquasecurity/trivy-action` from 0.28.0 to 0.29.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/aquasecurity/trivy-action/releases">aquasecurity/trivy-action's releases</a>.</em></p> <blockquote> <h2>v0.29.0</h2> <h2>What's Changed</h2> <ul> <li>feat: Allow skipping setup by <a href="https://github.com/rvesse"><code>@rvesse</code></a> in <a href="https://redirect.github.com/aquasecurity/trivy-action/pull/414">aquasecurity/trivy-action#414</a></li> <li>Fix oras command not found in "Update Trivy Cache" action by <a href="https://github.com/Tiryoh"><code>@Tiryoh</code></a> in <a href="https://redirect.github.com/aquasecurity/trivy-action/pull/413">aquasecurity/trivy-action#413</a></li> <li>Update README.md by <a href="https://github.com/simar7"><code>@simar7</code></a> in <a href="https://redirect.github.com/aquasecurity/trivy-action/pull/420">aquasecurity/trivy-action#420</a></li> <li>feat: add token for <code>setup-trivy</code> by <a href="https://github.com/DmitriyLewen"><code>@DmitriyLewen</code></a> in <a href="https://redirect.github.com/aquasecurity/trivy-action/pull/421">aquasecurity/trivy-action#421</a></li> <li>fix: bump <code>setup-trivy</code> and add new <code>contrib</code> directory path info by <a href="https://github.com/DmitriyLewen"><code>@DmitriyLewen</code></a> in <a href="https://redirect.github.com/aquasecurity/trivy-action/pull/424">aquasecurity/trivy-action#424</a></li> <li>docs: remove ignore-unfixed from IaC scan example by <a href="https://github.com/nikpivkin"><code>@nikpivkin</code></a> in <a href="https://redirect.github.com/aquasecurity/trivy-action/pull/429">aquasecurity/trivy-action#429</a></li> <li>chore(deps): Bump trivy to v0.57.1 by <a href="https://github.com/simar7"><code>@simar7</code></a> in <a href="https://redirect.github.com/aquasecurity/trivy-action/pull/434">aquasecurity/trivy-action#434</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/rvesse"><code>@rvesse</code></a> made their first contribution in <a href="https://redirect.github.com/aquasecurity/trivy-action/pull/414">aquasecurity/trivy-action#414</a></li> <li><a href="https://github.com/Tiryoh"><code>@Tiryoh</code></a> made their first contribution in <a href="https://redirect.github.com/aquasecurity/trivy-action/pull/413">aquasecurity/trivy-action#413</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/aquasecurity/trivy-action/compare/0.28.0...0.29.0">https://github.com/aquasecurity/trivy-action/compare/0.28.0...0.29.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/aquasecurity/trivy-action/commit/18f2510ee396bbf400402947b394f2dd8c87dbb0"><code>18f2510</code></a> chore(deps): Bump trivy to v0.57.1 (<a href="https://redirect.github.com/aquasecurity/trivy-action/issues/434">#434</a>)</li> <li><a href="https://github.com/aquasecurity/trivy-action/commit/93941cebba762da4c91a91883859bf1bfb221c73"><code>93941ce</code></a> docs: remove ignore-unfixed from IaC scan example (<a href="https://redirect.github.com/aquasecurity/trivy-action/issues/429">#429</a>)</li> <li><a href="https://github.com/aquasecurity/trivy-action/commit/d2a392a13760cb64cb6bbd31d4bed2a7d9a5298d"><code>d2a392a</code></a> fix: bump <code>setup-trivy</code> and add new <code>contrib</code> directory path info (<a href="https://redirect.github.com/aquasecurity/trivy-action/issues/424">#424</a>)</li> <li><a href="https://github.com/aquasecurity/trivy-action/commit/ee8934673cc18947baf4b05c01c4100ff36648da"><code>ee89346</code></a> feat: add token for <code>setup-trivy</code> (<a href="https://redirect.github.com/aquasecurity/trivy-action/issues/421">#421</a>)</li> <li><a href="https://github.com/aquasecurity/trivy-action/commit/cf990b19d84bbbe1eb8833659989a7c1029132e3"><code>cf990b1</code></a> Update README.md (<a href="https://redirect.github.com/aquasecurity/trivy-action/issues/420">#420</a>)</li> <li><a href="https://github.com/aquasecurity/trivy-action/commit/bff40be51b9207cf8f2148d628a9836cc7370247"><code>bff40be</code></a> docs: Fix oras command not found (<a href="https://redirect.github.com/aquasecurity/trivy-action/issues/413">#413</a>)</li> <li><a href="https://github.com/aquasecurity/trivy-action/commit/fc1500abdcdc9fc681e98d8912a52fa70dbc67de"><code>fc1500a</code></a> feat: Allow skipping setup (<a href="https://redirect.github.com/aquasecurity/trivy-action/issues/414">#414</a>)</li> <li>See full diff in <a href="https://github.com/aquasecurity/trivy-action/compare/915b19bbe73b92a6cf82a1bc12b087c9a19a5fe2...18f2510ee396bbf400402947b394f2dd8c87dbb0">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2024-11-26 16:24:10 +05:00
Muhammad Atif Ali	365ce67f21	chore: add provenance attestation to docker-base image (#14999 ) Enables [build attestation](https://docs.docker.com/build/metadata/attestations/slsa-provenance/) for the docker-base image. Contributes to #14879 and coder/internal#89 As an experiment, we are only doing it with the coder-base image for now.	2024-11-15 08:16:33 +05:00
Muhammad Atif Ali	afacb07140	chore: tighten GitHub workflow permissions (#15282 )	2024-10-30 16:17:42 +05:00
Muhammad Atif Ali	8e254cbb07	chore: integrate step-security/harden-runner in workflows (#15099 ) Redoing #15097 Part of #14879	2024-10-16 11:23:00 -07:00
Muhammad Atif Ali	57a65c15bf	chore: use commit sha for GitHub actions (#15019 ) Use specific commit SHAs for GitHub actions across various workflows to enhance reliability and reproducibility. This change ensures that actions run against a known version, reducing the risk of unexpected issues due to updates in the third-party action repositories. This contributes to improving the score in #14879	2024-10-14 08:49:55 -07:00
Muhammad Atif Ali	7a7bef0dab	ci: fix syntax issue in docker-base.yaml (#13412 )	2024-05-30 08:49:30 +00:00
Muhammad Atif Ali	6730c24c58	ci: build base image on PRs (#13409 )	2024-05-30 08:35:37 +00:00
dependabot[bot]	eb72866a29	ci: bump the github-actions group with 2 updates (#9722 ) Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-09-18 11:15:56 +00:00
dependabot[bot]	2c19995712	ci: bump the github-actions group with 2 updates (#9620 ) Bumps the github-actions group with 2 updates: [actions/checkout](https://github.com/actions/checkout) and [crate-ci/typos](https://github.com/crate-ci/typos). Updates `actions/checkout` from 3 to 4 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v3...v4) Updates `crate-ci/typos` from 1.16.10 to 1.16.11 - [Release notes](https://github.com/crate-ci/typos/releases) - [Changelog](https://github.com/crate-ci/typos/blob/master/CHANGELOG.md) - [Commits](https://github.com/crate-ci/typos/compare/v1.16.10...v1.16.11) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: crate-ci/typos dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-09-12 10:22:22 +03:00
Muhammad Atif Ali	be1013899f	chore: use names for all GitHub actions steps and use sqlc setup action (#8495 )	2023-07-13 22:46:18 +03:00
Dean Sheather	31a37025c4	fix: build for all platforms in depot release pt. 2 (#6407 )	2023-03-01 19:48:22 +00:00
Dean Sheather	9af03d6180	fix: build for all platforms in depot release (#6406 )	2023-03-01 18:29:02 +00:00
Dean Sheather	060eeed5c3	chore: fix depot build pt.2 (#6059 )	2023-02-07 03:26:29 +10:00
Dean Sheather	d6947aeaca	chore: fix depot build (#6057 )	2023-02-06 16:49:33 +00:00
Dean Sheather	b45c445255	feat: add git to Docker image (#6034 )	2023-02-07 02:30:35 +10:00

18 Commits