coder

mirror of https://github.com/coder/coder.git synced 2026-06-04 05:28:20 +00:00

Author	SHA1	Message	Date
Ethan	e738ff5299	ci: remove dylib build pipeline (#22592 ) ## Summary The macOS `.dylib` is only used by Coder Desktop macOS v0.7.2 or older. v0.7.2 was released in August 2025. v0.8.0 of Coder Desktop macOS, also released in August 2025, uses a signed Coder slim binary from the deployment instead. It's unlikely customers will be using Coder Desktop macOS v0.7.2 and the next release of Coder simultaneously, so I think we can safely remove this process, given it slows down CI & release processes. ## Changes - Makefile: Remove `DYLIB_ARCHES`, `CODER_DYLIBS` variables and `build/coder-dylib` target - scripts/build_go.sh: Remove `--dylib` flag and all dylib-specific logic (c-shared buildmode, CGO, plist embedding, vpn/dylib entrypoint) - scripts/sign_darwin.sh: Remove dylib-specific comment - CI (ci.yaml): Remove `build-dylib` job, artifact download/insert steps, and `build-dylib` dependency from `build` job - Release (release.yaml): Remove `build-dylib` job, artifact download/insert steps, and `build-dylib` dependency from `release` job - vpn/dylib/: Delete entire directory (`lib.go` + `info.plist.tmpl`) - vpn/router.go, vpn/dns.go: Clean up comments referencing dylib The slim and fat binary builds are completely unaffected — the dylib was an independent build target with its own CI job. _Generated by mux but reviewed by a human_	2026-03-05 01:50:50 +11:00
Steven Masley	f6b4b7edab	ci: remove sqlc push to cloud (#22574 ) I left a vestigial piece, whooops	2026-03-03 14:49:00 -06:00
Steven Masley	8ea0c2f3bc	ci: remove ci action to push schema to sqlc cloud (#22572 ) SQLc cloud no longer exists	2026-03-03 14:21:07 -06:00
dependabot[bot]	06cfe2705a	ci: bump the github-actions group with 3 updates (#22125 ) Bumps the github-actions group with 3 updates: [step-security/harden-runner](https://github.com/step-security/harden-runner), [depot/setup-action](https://github.com/depot/setup-action) and [depot/build-push-action](https://github.com/depot/build-push-action). Updates `step-security/harden-runner` from 2.14.1 to 2.14.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's releases</a>.</em></p> <blockquote> <h2>v2.14.2</h2> <h2>What's Changed</h2> <p>Security fix: Fixed a medium severity vulnerability where outbound network connections using sendto, sendmsg, and sendmmsg socket system calls could bypass audit logging when using egress-policy: audit. This issue only affects the Community Tier in audit mode; block mode and Enterprise Tier were not affected. See <a href="https://github.com/step-security/harden-runner/security/advisories/GHSA-cpmj-h4f6-r6pq">GHSA-cpmj-h4f6-r6pq</a> for details.</p> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2.14.1...v2.14.2">https://github.com/step-security/harden-runner/compare/v2.14.1...v2.14.2</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/step-security/harden-runner/commit/5ef0c079ce82195b2a36a210272d6b661572d83e"><code>5ef0c07</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/635">#635</a> from step-security/rc-34</li> <li><a href="https://github.com/step-security/harden-runner/commit/eb43c7b3fd5a30c42ff1ab84b494f1cc6c7cc3b6"><code>eb43c7b</code></a> update agent</li> <li>See full diff in <a href="https://github.com/step-security/harden-runner/compare/e3f713f2d8f53843e71c69a996d56f51aa9adfb9...5ef0c079ce82195b2a36a210272d6b661572d83e">compare view</a></li> </ul> </details> <br /> Updates `depot/setup-action` from 1.6.0 to 1.7.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/depot/setup-action/releases">depot/setup-action's releases</a>.</em></p> <blockquote> <h2>v1.7.1</h2> <h2>What's Changed</h2> <ul> <li>Update release workflow to ubuntu-latest (<a href="https://redirect.github.com/depot/setup-action/issues/19">#19</a>) <a href="https://github.com/jacobwgillespie"><code>@jacobwgillespie</code></a></li> </ul> <h2>v1.7.0</h2> <h2>What's Changed</h2> <ul> <li>chore: update node to v24 (<a href="https://redirect.github.com/depot/setup-action/issues/18">#18</a>) <a href="https://github.com/WitoDelnat"><code>@WitoDelnat</code></a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/depot/setup-action/commit/15c09a5f77a0840ad4bce955686522a257853461"><code>15c09a5</code></a> Merge pull request <a href="https://redirect.github.com/depot/setup-action/issues/19">#19</a> from depot/jacobwgillespie-patch-1</li> <li><a href="https://github.com/depot/setup-action/commit/3194a53ed0aa42e00bc88f2411ab49d3f60219ba"><code>3194a53</code></a> Update release workflow to ubuntu-latest</li> <li><a href="https://github.com/depot/setup-action/commit/c0b08c3ba30137f89e75961508b587484558ff0f"><code>c0b08c3</code></a> Merge pull request <a href="https://redirect.github.com/depot/setup-action/issues/18">#18</a> from depot/wito/dep-2955-update-our-actions-to-use-nod...</li> <li><a href="https://github.com/depot/setup-action/commit/23e67ebf8b5a313459580616cd34c7787607ac86"><code>23e67eb</code></a> chore: update action dependencies</li> <li><a href="https://github.com/depot/setup-action/commit/0886069e678860faf0d22c46e9f154d35beaa529"><code>0886069</code></a> chore: update node to v24</li> <li>See full diff in <a href="https://github.com/depot/setup-action/compare/b0b1ea4f69e92ebf5dea3f8713a1b0c37b2126a5...15c09a5f77a0840ad4bce955686522a257853461">compare view</a></li> </ul> </details> <br /> Updates `depot/build-push-action` from 1.16.2 to 1.17.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/depot/build-push-action/releases">depot/build-push-action's releases</a>.</em></p> <blockquote> <h2>v1.17.0</h2> <h2>What's Changed</h2> <ul> <li>chore: update node to v24 (<a href="https://redirect.github.com/depot/build-push-action/issues/46">#46</a>) <a href="https://github.com/WitoDelnat"><code>@WitoDelnat</code></a></li> <li>Fix typo (<a href="https://redirect.github.com/depot/build-push-action/issues/45">#45</a>) <a href="https://github.com/gavrie"><code>@gavrie</code></a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/depot/build-push-action/commit/5f3b3c2e5a00f0093de47f657aeaefcedff27d18"><code>5f3b3c2</code></a> Merge pull request <a href="https://redirect.github.com/depot/build-push-action/issues/46">#46</a> from depot/wito/dep-2955-update-our-actions-to-use-nod...</li> <li><a href="https://github.com/depot/build-push-action/commit/1c8a5de5bf842e36234a9f65b76b66173541193f"><code>1c8a5de</code></a> chore: update actions dependency</li> <li><a href="https://github.com/depot/build-push-action/commit/88deb2d202089ac6bada8368187086a1d5cb6daa"><code>88deb2d</code></a> chore: update node to v24</li> <li><a href="https://github.com/depot/build-push-action/commit/eb4edcff909a80720d31732b633e4691b0c7cf02"><code>eb4edcf</code></a> Merge pull request <a href="https://redirect.github.com/depot/build-push-action/issues/45">#45</a> from gavrie/fix-typo</li> <li><a href="https://github.com/depot/build-push-action/commit/b7a09de6c74816aaa562b09c2d4082c63c68629a"><code>b7a09de</code></a> Fix typo</li> <li>See full diff in <a href="https://github.com/depot/build-push-action/compare/9785b135c3c76c33db102e45be96a25ab55cd507...5f3b3c2e5a00f0093de47f657aeaefcedff27d18">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-02-16 13:24:16 +00:00
dependabot[bot]	19d24075da	ci: bump the github-actions group with 4 updates (#22010 ) Bumps the github-actions group with 4 updates: [actions/cache](https://github.com/actions/cache), [docker/login-action](https://github.com/docker/login-action), [actions/attest](https://github.com/actions/attest) and [nix-community/cache-nix-action](https://github.com/nix-community/cache-nix-action). Updates `actions/cache` from 5.0.2 to 5.0.3 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/cache/releases">actions/cache's releases</a>.</em></p> <blockquote> <h2>v5.0.3</h2> <h2>What's Changed</h2> <ul> <li>Bump <code>@actions/cache</code> to v5.0.5 (Resolves: <a href="https://github.com/actions/cache/security/dependabot/33">https://github.com/actions/cache/security/dependabot/33</a>)</li> <li>Bump <code>@actions/core</code> to v2.0.3</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/cache/compare/v5...v5.0.3">https://github.com/actions/cache/compare/v5...v5.0.3</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/cache/blob/main/RELEASES.md">actions/cache's changelog</a>.</em></p> <blockquote> <h1>Releases</h1> <h2>How to prepare a release</h2> <blockquote> <p>[!NOTE]<br /> Relevant for maintainers with write access only.</p> </blockquote> <ol> <li>Switch to a new branch from <code>main</code>.</li> <li>Run <code>npm test</code> to ensure all tests are passing.</li> <li>Update the version in <a href="https://github.com/actions/cache/blob/main/package.json"><code>https://github.com/actions/cache/blob/main/package.json</code></a>.</li> <li>Run <code>npm run build</code> to update the compiled files.</li> <li>Update this <a href="https://github.com/actions/cache/blob/main/RELEASES.md"><code>https://github.com/actions/cache/blob/main/RELEASES.md</code></a> with the new version and changes in the <code>## Changelog</code> section.</li> <li>Run <code>licensed cache</code> to update the license report.</li> <li>Run <code>licensed status</code> and resolve any warnings by updating the <a href="https://github.com/actions/cache/blob/main/.licensed.yml"><code>https://github.com/actions/cache/blob/main/.licensed.yml</code></a> file with the exceptions.</li> <li>Commit your changes and push your branch upstream.</li> <li>Open a pull request against <code>main</code> and get it reviewed and merged.</li> <li>Draft a new release <a href="https://github.com/actions/cache/releases">https://github.com/actions/cache/releases</a> use the same version number used in <code>package.json</code> <ol> <li>Create a new tag with the version number.</li> <li>Auto generate release notes and update them to match the changes you made in <code>RELEASES.md</code>.</li> <li>Toggle the set as the latest release option.</li> <li>Publish the release.</li> </ol> </li> <li>Navigate to <a href="https://github.com/actions/cache/actions/workflows/release-new-action-version.yml">https://github.com/actions/cache/actions/workflows/release-new-action-version.yml</a> <ol> <li>There should be a workflow run queued with the same version number.</li> <li>Approve the run to publish the new version and update the major tags for this action.</li> </ol> </li> </ol> <h2>Changelog</h2> <h3>5.0.3</h3> <ul> <li>Bump <code>@actions/cache</code> to v5.0.5 (Resolves: <a href="https://github.com/actions/cache/security/dependabot/33">https://github.com/actions/cache/security/dependabot/33</a>)</li> <li>Bump <code>@actions/core</code> to v2.0.3</li> </ul> <h3>5.0.2</h3> <ul> <li>Bump <code>@actions/cache</code> to v5.0.3 <a href="https://redirect.github.com/actions/cache/pull/1692">#1692</a></li> </ul> <h3>5.0.1</h3> <ul> <li>Update <code>@azure/storage-blob</code> to <code>^12.29.1</code> via <code>@actions/cache@5.0.1</code> <a href="https://redirect.github.com/actions/cache/pull/1685">#1685</a></li> </ul> <h3>5.0.0</h3> <blockquote> <p>[!IMPORTANT] <code>actions/cache@v5</code> runs on the Node.js 24 runtime and requires a minimum Actions Runner version of <code>2.327.1</code>. If you are using self-hosted runners, ensure they are updated before upgrading.</p> </blockquote> <h3>4.3.0</h3> <ul> <li>Bump <code>@actions/cache</code> to <a href="https://redirect.github.com/actions/toolkit/pull/2132">v4.1.0</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/cache/commit/cdf6c1fa76f9f475f3d7449005a359c84ca0f306"><code>cdf6c1f</code></a> Merge pull request <a href="https://redirect.github.com/actions/cache/issues/1695">#1695</a> from actions/Link-/prepare-5.0.3</li> <li><a href="https://github.com/actions/cache/commit/a1bee22673bee4afb9ce4e0a1dc3da1c44060b7d"><code>a1bee22</code></a> Add review for the <code>@actions/http-client</code> license</li> <li><a href="https://github.com/actions/cache/commit/46957638dc5c5ff0c34c0143f443c07d3a7c769f"><code>4695763</code></a> Add licensed output</li> <li><a href="https://github.com/actions/cache/commit/dc73bb9f7bf74a733c05ccd2edfd1f2ac9e5f502"><code>dc73bb9</code></a> Upgrade dependencies and address security warnings</li> <li><a href="https://github.com/actions/cache/commit/345d5c2f761565bace4b6da356737147e9041e3a"><code>345d5c2</code></a> Add 5.0.3 builds</li> <li>See full diff in <a href="https://github.com/actions/cache/compare/8b402f58fbc84540c8b491a91e594a4576fec3d7...cdf6c1fa76f9f475f3d7449005a359c84ca0f306">compare view</a></li> </ul> </details> <br /> Updates `docker/login-action` from 3.6.0 to 3.7.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/login-action/releases">docker/login-action's releases</a>.</em></p> <blockquote> <h2>v3.7.0</h2> <ul> <li>Add <code>scope</code> input to set scopes for the authentication token by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/login-action/pull/912">docker/login-action#912</a></li> <li>Add support for AWS European Sovereign Cloud ECR by <a href="https://github.com/dphi"><code>@dphi</code></a> in <a href="https://redirect.github.com/docker/login-action/pull/914">docker/login-action#914</a></li> <li>Ensure passwords are redacted with <code>registry-auth</code> input by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/login-action/pull/911">docker/login-action#911</a></li> <li>build(deps): bump lodash from 4.17.21 to 4.17.23 in <a href="https://redirect.github.com/docker/login-action/pull/915">docker/login-action#915</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/login-action/compare/v3.6.0...v3.7.0">https://github.com/docker/login-action/compare/v3.6.0...v3.7.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/docker/login-action/commit/c94ce9fb468520275223c153574b00df6fe4bcc9"><code>c94ce9f</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/915">#915</a> from docker/dependabot/npm_and_yarn/lodash-4.17.23</li> <li><a href="https://github.com/docker/login-action/commit/8339c958ce8511f38d0c474c1886a87c802bf1ef"><code>8339c95</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/912">#912</a> from docker/scope</li> <li><a href="https://github.com/docker/login-action/commit/c83e9320c8beb50b77dd007c46d5c8161f0cac4a"><code>c83e932</code></a> build(deps): bump lodash from 4.17.21 to 4.17.23</li> <li><a href="https://github.com/docker/login-action/commit/b268aa57e39ff0a5386d2fd1eded4e2e1d60d705"><code>b268aa5</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/login-action/commit/a60322927812ddc99316dd6252b4fba6d8f09ac1"><code>a603229</code></a> documentation for scope input</li> <li><a href="https://github.com/docker/login-action/commit/7567f92a74b2639be1bd8bc932a112a0d81283da"><code>7567f92</code></a> Add scope input to set scopes for the authentication token</li> <li><a href="https://github.com/docker/login-action/commit/0567fa5ae8c9a197cb207537dc5cbb43ca3d803f"><code>0567fa5</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/914">#914</a> from dphi/add-support-for-amazonaws.eu</li> <li><a href="https://github.com/docker/login-action/commit/f6ef57754547a85003a0e18f789be661346d4a6e"><code>f6ef577</code></a> feat: add support for AWS European Sovereign Cloud ECR registries</li> <li><a href="https://github.com/docker/login-action/commit/916386b00027d425839f8da46d302dab33f5875b"><code>916386b</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/911">#911</a> from crazy-max/ensure-redact</li> <li><a href="https://github.com/docker/login-action/commit/5b3f94a294ea5478af3af437baa6ad0d3dcd04fd"><code>5b3f94a</code></a> chore: update generated content</li> <li>Additional commits viewable in <a href="https://github.com/docker/login-action/compare/5e57cd118135c172c3672efd75eb46360885c0ef...c94ce9fb468520275223c153574b00df6fe4bcc9">compare view</a></li> </ul> </details> <br /> Updates `actions/attest` from 3.1.0 to 3.2.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/attest/releases">actions/attest's releases</a>.</em></p> <blockquote> <h2>v3.2.0</h2> <h2>What's Changed</h2> <ul> <li>Bump the npm-development group with 3 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/attest/pull/320">actions/attest#320</a></li> <li>Validate repository org-ownership before storage record creation by <a href="https://github.com/malancas"><code>@malancas</code></a> in <a href="https://redirect.github.com/actions/attest/pull/328">actions/attest#328</a></li> <li>Update version to 3.2.0 by <a href="https://github.com/malancas"><code>@malancas</code></a> in <a href="https://redirect.github.com/actions/attest/pull/334">actions/attest#334</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/attest/compare/v3.1.0...v3.2.0">https://github.com/actions/attest/compare/v3.1.0...v3.2.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/attest/commit/e59cbc1ad1ac2d59339667419eb8cdde6eb61e3d"><code>e59cbc1</code></a> Update version to 3.2.0 (<a href="https://redirect.github.com/actions/attest/issues/334">#334</a>)</li> <li><a href="https://github.com/actions/attest/commit/20eb46ce7aac0a8d0fb0ba74463460bff36cc0bd"><code>20eb46c</code></a> Validate repository org-ownership before storage record creation (<a href="https://redirect.github.com/actions/attest/issues/328">#328</a>)</li> <li><a href="https://github.com/actions/attest/commit/7433fa7e7a4d4084bbd71358379fa9b45ce9d4d7"><code>7433fa7</code></a> Update <code>undici</code> development dependency to the latest version (<a href="https://redirect.github.com/actions/attest/issues/332">#332</a>)</li> <li><a href="https://github.com/actions/attest/commit/c03bf4160d4018cb293f5dcbf204e47c1b2808e1"><code>c03bf41</code></a> Bump the npm-development group with 3 updates (<a href="https://redirect.github.com/actions/attest/issues/320">#320</a>)</li> <li>See full diff in <a href="https://github.com/actions/attest/compare/7667f588f2f73a90cea6c7ac70e78266c4f76616...e59cbc1ad1ac2d59339667419eb8cdde6eb61e3d">compare view</a></li> </ul> </details> <br /> Updates `nix-community/cache-nix-action` from 7.0.1 to 7.0.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/nix-community/cache-nix-action/releases">nix-community/cache-nix-action's releases</a>.</em></p> <blockquote> <h2>v7.0.2</h2> <h2>What's Changed</h2> <h2>Fixed</h2> <ul> <li>Fix: Nix versions under <code>v2.33</code> not supported by <a href="https://github.com/deemp"><code>@deemp</code></a> in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/295">nix-community/cache-nix-action#295</a></li> <li>Use a more precise check by <a href="https://github.com/deemp"><code>@deemp</code></a> in 47869c4cbb023c803424e7311f07a744a2d66296</li> </ul> <h2>Changed (deps)</h2> <!-- raw HTML omitted --> <ul> <li>chore(deps-dev): bump <code>@typescript-eslint/eslint-plugin</code> from 8.53.0 to 8.53.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/284">nix-community/cache-nix-action#284</a></li> <li>chore(deps): bump DeterminateSystems/determinate-nix-action from 3.15.1 to 3.15.2 in the minor-actions-dependencies group by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/288">nix-community/cache-nix-action#288</a></li> <li>chore(deps-dev): bump eslint-config-love from 144.0.0 to 147.0.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/287">nix-community/cache-nix-action#287</a></li> <li>chore(deps-dev): bump prettier from 3.8.0 to 3.8.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/286">nix-community/cache-nix-action#286</a></li> <li>chore(deps-dev): bump <code>@typescript-eslint/parser</code> from 8.53.1 to 8.54.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/290">nix-community/cache-nix-action#290</a></li> <li>chore(deps): bump <code>@actions/github</code> from 7.0.0 to 8.0.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/291">nix-community/cache-nix-action#291</a></li> <li>chore(deps-dev): bump <code>@typescript-eslint/eslint-plugin</code> from 8.53.1 to 8.54.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/289">nix-community/cache-nix-action#289</a></li> <li>chore(deps-dev): bump eslint-config-love from 147.0.0 to 149.0.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/294">nix-community/cache-nix-action#294</a></li> </ul> <!-- raw HTML omitted --> <p><strong>Full Changelog</strong>: <a href="https://github.com/nix-community/cache-nix-action/compare/v7...v7.0.2">https://github.com/nix-community/cache-nix-action/compare/v7...v7.0.2</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/nix-community/cache-nix-action/commit/7df957e333c1e5da7721f60227dbba6d06080569"><code>7df957e</code></a> chore: build the action</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/47869c4cbb023c803424e7311f07a744a2d66296"><code>47869c4</code></a> fix(action): use a more precise check</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/eca69c462eda8455304862773d53bfe08a7c1fad"><code>eca69c4</code></a> Merge pull request <a href="https://redirect.github.com/nix-community/cache-nix-action/issues/295">#295</a> from nix-community/nix-versions-under-v233-not-supported</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/b6fd2e3f7b9992c952409248b26c3806976ca922"><code>b6fd2e3</code></a> feat(ci): add test with Nix version <2.33</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/ddd9cbc8ee25d0dbd64bc7bf380398d810fedcc0"><code>ddd9cbc</code></a> fix(ci): bump action version</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/922e9060c19ec2c406a055d4255ec1760e0af798"><code>922e906</code></a> chore: build the action</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/4038f94ae961f71f156295e34fc27af3846cb555"><code>4038f94</code></a> refactor(action): rename constants for command results</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/dfde4d35b86aa2875e5829cfc8b6c2d4c203ab9b"><code>dfde4d3</code></a> fix(action): choose command based on the Nix version</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/4b2dd9ec99b6d72fad66eeff381bc94d20d7207d"><code>4b2dd9e</code></a> Merge pull request <a href="https://redirect.github.com/nix-community/cache-nix-action/issues/294">#294</a> from nix-community/dependabot/npm_and_yarn/eslint-con...</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/273d1a77100543feec627c2bdd09b6c7060b88ab"><code>273d1a7</code></a> chore(deps-dev): bump eslint-config-love from 147.0.0 to 149.0.0</li> <li>Additional commits viewable in <a href="https://github.com/nix-community/cache-nix-action/compare/106bba72ed8e29c8357661199511ef07790175e9...7df957e333c1e5da7721f60227dbba6d06080569">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-02-09 13:35:13 +00:00
Ethan	dc633e22a3	ci: add setup-gnu-tools action for macOS runners (#21938 ) macOS runners lack GNU toolchain dependencies (bash 4+, GNU getopt, make 4+) required by `scripts/lib.sh`. When any script sources `lib.sh`, it checks for these dependencies and fails if they're missing. This caused consistent failures in the `test-go-pg (macos-latest)` job in `nightly-gauntlet.yaml`, which didn't have the GNU tools setup that `ci.yaml` had. Commit `9a417df` ("ci: add retry logic for Go module operations") added a macOS GNU tools step to `ci.yaml`, but `nightly-gauntlet.yaml` was not updated. This PR adds a reusable `setup-gnu-tools` action and uses it consistently across all workflows with macOS jobs, replacing the inline brew install steps. Closes https://github.com/coder/internal/issues/1133	2026-02-05 05:06:10 +00:00
dependabot[bot]	1276b9d9b7	ci: bump the github-actions group with 2 updates (#21846 ) [//]: # (dependabot-start) ⚠️ Dependabot is rebasing this PR ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps the github-actions group with 2 updates: [step-security/harden-runner](https://github.com/step-security/harden-runner) and [actions/setup-java](https://github.com/actions/setup-java). Updates `step-security/harden-runner` from 2.14.0 to 2.14.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's releases</a>.</em></p> <blockquote> <h2>v2.14.1</h2> <h2>What's Changed</h2> <ol> <li> <p>In some self-hosted environments, the agent could briefly fall back to public DNS resolvers during startup if the system DNS was not yet available. This behavior was unintended for GitHub-hosted runners and has now been fixed to prevent any use of public DNS resolvers.</p> </li> <li> <p>Fixed npm audit vulnerabilities</p> </li> </ol> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2.14.0...v2.14.1">https://github.com/step-security/harden-runner/compare/v2.14.0...v2.14.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/step-security/harden-runner/commit/e3f713f2d8f53843e71c69a996d56f51aa9adfb9"><code>e3f713f</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/631">#631</a> from step-security/rc-31</li> <li><a href="https://github.com/step-security/harden-runner/commit/423acdda6fd4f75f197b7c305a3f2e3d700dc00b"><code>423acdd</code></a> chore: fix npm audit vulnerabilities</li> <li><a href="https://github.com/step-security/harden-runner/commit/0ddb86cf0353b79dbed5bb8cef4103700cea70a7"><code>0ddb86c</code></a> update agent</li> <li>See full diff in <a href="https://github.com/step-security/harden-runner/compare/20cf305ff2072d973412fa9b1e3a4f227bda3c76...e3f713f2d8f53843e71c69a996d56f51aa9adfb9">compare view</a></li> </ul> </details> <br /> Updates `actions/setup-java` from 5.1.0 to 5.2.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/setup-java/releases">actions/setup-java's releases</a>.</em></p> <blockquote> <h2>v5.2.0</h2> <h2>What's Changed</h2> <h3>Enhancement</h3> <ul> <li>Retry on HTTP 522 Connection timed out by <a href="https://github.com/findepi"><code>@findepi</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/964">actions/setup-java#964</a></li> </ul> <h3>Documentation Changes</h3> <ul> <li>Update gradle caching by <a href="https://github.com/priya-kinthali"><code>@priya-kinthali</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/972">actions/setup-java#972</a></li> <li>Update checkout to v6 by <a href="https://github.com/mahabaleshwars"><code>@mahabaleshwars</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/973">actions/setup-java#973</a></li> </ul> <h3>Dependency Updates</h3> <ul> <li>Upgrade <code>@actions/cache</code> to v5 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/968">actions/setup-java#968</a></li> <li>Upgrade actions/checkout from 5 to 6 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/961">actions/setup-java#961</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/findepi"><code>@findepi</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-java/pull/964">actions/setup-java#964</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/setup-java/compare/v5...v5.2.0">https://github.com/actions/setup-java/compare/v5...v5.2.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/setup-java/commit/be666c2fcd27ec809703dec50e508c2fdc7f6654"><code>be666c2</code></a> Chore: Version Update and Checkout Update to v6 (<a href="https://redirect.github.com/actions/setup-java/issues/973">#973</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/f7a6fefba97e80156950e16f2a9dafc8579b7d05"><code>f7a6fef</code></a> Bump actions/checkout from 5 to 6 (<a href="https://redirect.github.com/actions/setup-java/issues/961">#961</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/d81c4e45f3ac973cc936d79104023e20054ba578"><code>d81c4e4</code></a> Upgrade <code>@actions/cache</code> to v5 (<a href="https://redirect.github.com/actions/setup-java/issues/968">#968</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/1b1bbe1085cb6ab21b5b19b7bebc091a9430026a"><code>1b1bbe1</code></a> readme update (<a href="https://redirect.github.com/actions/setup-java/issues/972">#972</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/5d7b2146334bacf88728daaa70414a99f5164e0f"><code>5d7b214</code></a> Retry on HTTP 522 Connection timed out (<a href="https://redirect.github.com/actions/setup-java/issues/964">#964</a>)</li> <li>See full diff in <a href="https://github.com/actions/setup-java/compare/f2beeb24e141e01a676f977032f5a29d81c9e27e...be666c2fcd27ec809703dec50e508c2fdc7f6654">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-02-02 13:53:07 +00:00
Kacper Sawicki	9a417df940	ci: add retry logic for Go module operations (#21609 ) ## Description Add exponential backoff retries to all `go install` and `go mod download` commands across CI workflows and actions. ## Why Fixes [coder/internal#1276](https://github.com/coder/internal/issues/1276) - CI fails when `sum.golang.org` returns 500 errors during Go module verification. This is an infrastructure-level flake that can't be controlled. ## Changes - Created `.github/scripts/retry.sh` - reusable retry helper with exponential backoff (2s, 4s, 8s delays, max 3 attempts), using `scripts/lib.sh` helpers - Wrapped all `go install` and `go mod download` commands with retry in: - `.github/actions/setup-go/action.yaml` - `.github/actions/setup-sqlc/action.yaml` - `.github/actions/setup-go-tools/action.yaml` - `.github/workflows/ci.yaml` - `.github/workflows/release.yaml` - `.github/workflows/security.yaml` - Added GNU tools setup (bash 4+, GNU getopt, make 4+) for macOS in `test-go-pg` job, since `retry.sh` uses `lib.sh` which requires these tools	2026-01-29 16:05:49 +01:00
dependabot[bot]	bb186b8699	ci: bump the github-actions group across 1 directory with 4 updates (#21683 ) Bumps the github-actions group with 4 updates in the / directory: [actions/checkout](https://github.com/actions/checkout), [actions/cache](https://github.com/actions/cache), [chromaui/action](https://github.com/chromaui/action) and [nix-community/cache-nix-action](https://github.com/nix-community/cache-nix-action). Updates `actions/checkout` from 6.0.1 to 6.0.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p> <blockquote> <h2>v6.0.2</h2> <h2>What's Changed</h2> <ul> <li>Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set by <a href="https://github.com/TingluoHuang"><code>@TingluoHuang</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2355">actions/checkout#2355</a></li> <li>Fix tag handling: preserve annotations and explicit fetch-tags by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2356">actions/checkout#2356</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v6.0.1...v6.0.2">https://github.com/actions/checkout/compare/v6.0.1...v6.0.2</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h2>v6.0.2</h2> <ul> <li>Fix tag handling: preserve annotations and explicit fetch-tags by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2356">actions/checkout#2356</a></li> </ul> <h2>v6.0.1</h2> <ul> <li>Add worktree support for persist-credentials includeIf by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2327">actions/checkout#2327</a></li> </ul> <h2>v6.0.0</h2> <ul> <li>Persist creds to a separate file by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2286">actions/checkout#2286</a></li> <li>Update README to include Node.js 24 support details and requirements by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2248">actions/checkout#2248</a></li> </ul> <h2>v5.0.1</h2> <ul> <li>Port v6 cleanup to v5 by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2301">actions/checkout#2301</a></li> </ul> <h2>v5.0.0</h2> <ul> <li>Update actions checkout to use node 24 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2226">actions/checkout#2226</a></li> </ul> <h2>v4.3.1</h2> <ul> <li>Port v6 cleanup to v4 by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2305">actions/checkout#2305</a></li> </ul> <h2>v4.3.0</h2> <ul> <li>docs: update README.md by <a href="https://github.com/motss"><code>@motss</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li> <li>Add internal repos for checking out multiple repositories by <a href="https://github.com/mouismail"><code>@mouismail</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li> <li>Documentation update - add recommended permissions to Readme by <a href="https://github.com/benwells"><code>@benwells</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li> <li>Adjust positioning of user email note and permissions heading by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2044">actions/checkout#2044</a></li> <li>Update README.md by <a href="https://github.com/nebuk89"><code>@nebuk89</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li> <li>Update CODEOWNERS for actions by <a href="https://github.com/TingluoHuang"><code>@TingluoHuang</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2224">actions/checkout#2224</a></li> <li>Update package dependencies by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li> </ul> <h2>v4.2.2</h2> <ul> <li><code>url-helper.ts</code> now leverages well-known environment variables by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1941">actions/checkout#1941</a></li> <li>Expand unit test coverage for <code>isGhes</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1946">actions/checkout#1946</a></li> </ul> <h2>v4.2.1</h2> <ul> <li>Check out other refs/* by commit if provided, fall back to ref by <a href="https://github.com/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1924">actions/checkout#1924</a></li> </ul> <h2>v4.2.0</h2> <ul> <li>Add Ref and Commit outputs by <a href="https://github.com/lucacome"><code>@lucacome</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1180">actions/checkout#1180</a></li> <li>Dependency updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>- <a href="https://redirect.github.com/actions/checkout/pull/1777">actions/checkout#1777</a>, <a href="https://redirect.github.com/actions/checkout/pull/1872">actions/checkout#1872</a></li> </ul> <h2>v4.1.7</h2> <ul> <li>Bump the minor-npm-dependencies group across 1 directory with 4 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1739">actions/checkout#1739</a></li> <li>Bump actions/checkout from 3 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1697">actions/checkout#1697</a></li> <li>Check out other refs/* by commit by <a href="https://github.com/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1774">actions/checkout#1774</a></li> <li>Pin actions/checkout's own workflows to a known, good, stable version. by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1776">actions/checkout#1776</a></li> </ul> <h2>v4.1.6</h2> <ul> <li>Check platform to set archive extension appropriately by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1732">actions/checkout#1732</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/checkout/commit/de0fac2e4500dabe0009e67214ff5f5447ce83dd"><code>de0fac2</code></a> Fix tag handling: preserve annotations and explicit fetch-tags (<a href="https://redirect.github.com/actions/checkout/issues/2356">#2356</a>)</li> <li><a href="https://github.com/actions/checkout/commit/064fe7f3312418007dea2b49a19844a9ee378f49"><code>064fe7f</code></a> Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set (...</li> <li>See full diff in <a href="https://github.com/actions/checkout/compare/8e8c483db84b4bee98b60c0593521ed34d9990e8...de0fac2e4500dabe0009e67214ff5f5447ce83dd">compare view</a></li> </ul> </details> <br /> Updates `actions/cache` from 5.0.1 to 5.0.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/cache/releases">actions/cache's releases</a>.</em></p> <blockquote> <h2>v.5.0.2</h2> <h1>v5.0.2</h1> <h2>What's Changed</h2> <p>When creating cache entries, 429s returned from the cache service will not be retried.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/cache/blob/main/RELEASES.md">actions/cache's changelog</a>.</em></p> <blockquote> <h1>Releases</h1> <h2>Changelog</h2> <h3>5.0.2</h3> <ul> <li>Bump <code>@actions/cache</code> to v5.0.3 <a href="https://redirect.github.com/actions/cache/pull/1692">#1692</a></li> </ul> <h3>5.0.1</h3> <ul> <li>Update <code>@azure/storage-blob</code> to <code>^12.29.1</code> via <code>@actions/cache@5.0.1</code> <a href="https://redirect.github.com/actions/cache/pull/1685">#1685</a></li> </ul> <h3>5.0.0</h3> <blockquote> <p>[!IMPORTANT] <code>actions/cache@v5</code> runs on the Node.js 24 runtime and requires a minimum Actions Runner version of <code>2.327.1</code>. If you are using self-hosted runners, ensure they are updated before upgrading.</p> </blockquote> <h3>4.3.0</h3> <ul> <li>Bump <code>@actions/cache</code> to <a href="https://redirect.github.com/actions/toolkit/pull/2132">v4.1.0</a></li> </ul> <h3>4.2.4</h3> <ul> <li>Bump <code>@actions/cache</code> to v4.0.5</li> </ul> <h3>4.2.3</h3> <ul> <li>Bump <code>@actions/cache</code> to v4.0.3 (obfuscates SAS token in debug logs for cache entries)</li> </ul> <h3>4.2.2</h3> <ul> <li>Bump <code>@actions/cache</code> to v4.0.2</li> </ul> <h3>4.2.1</h3> <ul> <li>Bump <code>@actions/cache</code> to v4.0.1</li> </ul> <h3>4.2.0</h3> <p>TLDR; The cache backend service has been rewritten from the ground up for improved performance and reliability. <a href="https://github.com/actions/cache">actions/cache</a> now integrates with the new cache service (v2) APIs.</p> <p>The new service will gradually roll out as of <strong>February 1st, 2025</strong>. The legacy service will also be sunset on the same date. Changes in these release are <strong>fully backward compatible</strong>.</p> <p><strong>We are deprecating some versions of this action</strong>. We recommend upgrading to version <code>v4</code> or <code>v3</code> as soon as possible before <strong>February 1st, 2025.</strong> (Upgrade instructions below).</p> <p>If you are using pinned SHAs, please use the SHAs of versions <code>v4.2.0</code> or <code>v3.4.0</code></p> <p>If you do not upgrade, all workflow runs using any of the deprecated <a href="https://github.com/actions/cache">actions/cache</a> will fail.</p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/cache/commit/8b402f58fbc84540c8b491a91e594a4576fec3d7"><code>8b402f5</code></a> Merge pull request <a href="https://redirect.github.com/actions/cache/issues/1692">#1692</a> from GhadimiR/main</li> <li><a href="https://github.com/actions/cache/commit/304ab5a0701ee61908ccb4b5822347949a2e2002"><code>304ab5a</code></a> license for httpclient</li> <li><a href="https://github.com/actions/cache/commit/609fc19e67cd310e97eb36af42355843ffcb35be"><code>609fc19</code></a> Update licensed record for cache</li> <li><a href="https://github.com/actions/cache/commit/b22231e43df11a67538c05e88835f1fa097599c5"><code>b22231e</code></a> Build</li> <li><a href="https://github.com/actions/cache/commit/93150cdfb36a9d84d4e8628c8870bec84aedcf8a"><code>93150cd</code></a> Add PR link to releases</li> <li><a href="https://github.com/actions/cache/commit/9b8ca9f07e012351dafbf1c878e8fe2ee9a01c84"><code>9b8ca9f</code></a> Bump actions/cache to 5.0.3</li> <li>See full diff in <a href="https://github.com/actions/cache/compare/9255dc7a253b0ccc959486e2bca901246202afeb...8b402f58fbc84540c8b491a91e594a4576fec3d7">compare view</a></li> </ul> </details> <br /> Updates `chromaui/action` from 13.3.4 to 13.3.5 <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/chromaui/action/commit/07791f8243f4cb2698bf4d00426baf4b2d1cb7e0"><code>07791f8</code></a> v13.3.5</li> <li>See full diff in <a href="https://github.com/chromaui/action/compare/4c20b95e9d3209ecfdf9cd6aace6bbde71ba1694...07791f8243f4cb2698bf4d00426baf4b2d1cb7e0">compare view</a></li> </ul> </details> <br /> Updates `nix-community/cache-nix-action` from 7.0.0 to 7.0.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/nix-community/cache-nix-action/releases">nix-community/cache-nix-action's releases</a>.</em></p> <blockquote> <h2>v7.0.1</h2> <h2>What's Changed</h2> <h2>Fixed</h2> <ul> <li>Checkpoint Nix store database before saving cache by <a href="https://github.com/CathalMullan"><code>@CathalMullan</code></a> in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/278">nix-community/cache-nix-action#278</a></li> <li>Checkpoint Nix store database before copying it by <a href="https://github.com/deemp"><code>@deemp</code></a> in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/279">nix-community/cache-nix-action#279</a></li> </ul> <h2>Fixed (CI)</h2> <ul> <li>Fix formatting in CI by <a href="https://github.com/deemp"><code>@deemp</code></a> in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/280">nix-community/cache-nix-action#280</a></li> <li>Fix workflows for PRs in CI by <a href="https://github.com/deemp"><code>@deemp</code></a> in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/281">nix-community/cache-nix-action#281</a></li> </ul> <h2>Changed (deps)</h2> <!-- raw HTML omitted --> <ul> <li>chore(deps): bump <code>@actions/github</code> from 6.0.1 to 7.0.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/272">nix-community/cache-nix-action#272</a></li> <li>chore(deps-dev): bump eslint-config-love from 140.0.0 to 144.0.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/271">nix-community/cache-nix-action#271</a></li> <li>chore(deps-dev): bump <code>@typescript-eslint/parser</code> from 8.51.0 to 8.52.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/269">nix-community/cache-nix-action#269</a></li> <li>chore(deps-dev): bump eslint-plugin-jest from 29.12.0 to 29.12.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/266">nix-community/cache-nix-action#266</a></li> <li>chore(deps-dev): bump <code>@typescript-eslint/eslint-plugin</code> from 8.51.0 to 8.52.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/268">nix-community/cache-nix-action#268</a></li> <li>chore(deps-dev): bump <code>@typescript-eslint/parser</code> from 8.52.0 to 8.53.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/273">nix-community/cache-nix-action#273</a></li> <li>chore(deps-dev): bump prettier from 3.7.4 to 3.8.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/277">nix-community/cache-nix-action#277</a></li> <li>chore(deps-dev): bump <code>@typescript-eslint/eslint-plugin</code> from 8.52.0 to 8.53.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/274">nix-community/cache-nix-action#274</a></li> </ul> <!-- raw HTML omitted --> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/CathalMullan"><code>@CathalMullan</code></a> made their first contribution in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/278">nix-community/cache-nix-action#278</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/nix-community/cache-nix-action/compare/v7...v7.0.1">https://github.com/nix-community/cache-nix-action/compare/v7...v7.0.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/nix-community/cache-nix-action/commit/106bba72ed8e29c8357661199511ef07790175e9"><code>106bba7</code></a> fix(ci): use a modern command</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/b244431fab1b7abe5a59cdf0a5333321adfc040f"><code>b244431</code></a> chore: update src</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/052bf75174c2526e286675ef224b3ed819ca069b"><code>052bf75</code></a> chore: update docs</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/c19319ee78cf2c8fdae7caec6d618d8d2f103a63"><code>c19319e</code></a> chore: build the action</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/e3b90182d2cfa77237ff1a124c0017402fe96732"><code>e3b9018</code></a> feat(action): add comment about checkpointing after database merging</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/05419d3e13bd8048ce71089f751a60193e8b2520"><code>05419d3</code></a> feat(readme): mention that the action may affect the workflow speed</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/0c043090a02147aa5edf074d1b0b7ccae887fd53"><code>0c04309</code></a> refactor(readme): group limitations and list them in separate sections</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/084a7ec7cc80327648e51c57b90e12b596675f40"><code>084a7ec</code></a> fix(github): adress linter comments and format templates</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/b23f7c961d5d57e86f703e0526f2b35fc9223c12"><code>b23f7c9</code></a> fix(ci): don't fail-fast</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/6b5a012f6e29cda21881bcb0432a5350d18b44ad"><code>6b5a012</code></a> Merge pull request <a href="https://redirect.github.com/nix-community/cache-nix-action/issues/281">#281</a> from nix-community/fix-prs</li> <li>Additional commits viewable in <a href="https://github.com/nix-community/cache-nix-action/compare/b426b118b6dc86d6952988d396aa7c6b09776d08...106bba72ed8e29c8357661199511ef07790175e9">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-01-26 13:20:40 +00:00
dependabot[bot]	61c379dba6	ci: bump the github-actions group with 3 updates (#21394 ) Bumps the github-actions group with 3 updates: [actions/attest](https://github.com/actions/attest), [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) and [github/codeql-action](https://github.com/github/codeql-action). Updates `actions/attest` from 3.0.0 to 3.1.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/attest/releases">actions/attest's releases</a>.</em></p> <blockquote> <h2>v3.1.0</h2> <h2>What's Changed</h2> <ul> <li>Bump <code>@actions/attest</code> from 1.6.0 to 2.0.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/attest/pull/299">actions/attest#299</a></li> <li>Bump <code>@actions/core</code> from 1.11.1 to 2.0.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/attest/pull/318">actions/attest#318</a></li> <li>Create Artifact Metadata Storage Record on registry push by <a href="https://github.com/malancas"><code>@malancas</code></a> in <a href="https://redirect.github.com/actions/attest/pull/313">actions/attest#313</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/malancas"><code>@malancas</code></a> made their first contribution in <a href="https://redirect.github.com/actions/attest/pull/313">actions/attest#313</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/attest/compare/v3...v3.1.0">https://github.com/actions/attest/compare/v3...v3.1.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/attest/commit/7667f588f2f73a90cea6c7ac70e78266c4f76616"><code>7667f58</code></a> Create Artifact Metadata Storage Record on registry push (<a href="https://redirect.github.com/actions/attest/issues/313">#313</a>)</li> <li><a href="https://github.com/actions/attest/commit/0512723b049f456232eb06b040bc579727752a6a"><code>0512723</code></a> Bump <code>@actions/core</code> from 1.11.1 to 2.0.1 (<a href="https://redirect.github.com/actions/attest/issues/318">#318</a>)</li> <li><a href="https://github.com/actions/attest/commit/c16e6655b77834c757beac502b8f2013705f92f4"><code>c16e665</code></a> Bump the npm-development group with 5 updates (<a href="https://redirect.github.com/actions/attest/issues/315">#315</a>)</li> <li><a href="https://github.com/actions/attest/commit/3374a04c9f423bc0e4e5560f82ebe38956064fd0"><code>3374a04</code></a> Bump <code>@types/node</code> from 24.10.1 to 25.0.2 (<a href="https://redirect.github.com/actions/attest/issues/317">#317</a>)</li> <li><a href="https://github.com/actions/attest/commit/8ed7eda47c4480c843fdfd8850cbc514a728d335"><code>8ed7eda</code></a> Bump actions/upload-artifact from 5 to 6 (<a href="https://redirect.github.com/actions/attest/issues/314">#314</a>)</li> <li><a href="https://github.com/actions/attest/commit/6440a037b10d2a829cc9882a533f3d9138424c0d"><code>6440a03</code></a> Bump the npm-development group with 2 updates (<a href="https://redirect.github.com/actions/attest/issues/312">#312</a>)</li> <li><a href="https://github.com/actions/attest/commit/70b5d87a50d4136d848a73c7cf376b97b7a70223"><code>70b5d87</code></a> Bump the actions-minor group with 2 updates (<a href="https://redirect.github.com/actions/attest/issues/311">#311</a>)</li> <li><a href="https://github.com/actions/attest/commit/9902fb2594e0b5bbab9995737abd2547cde67f22"><code>9902fb2</code></a> Bump the npm-development group with 2 updates (<a href="https://redirect.github.com/actions/attest/issues/310">#310</a>)</li> <li><a href="https://github.com/actions/attest/commit/32938749009952fa9f8278fe546fd1f7ed2c5eeb"><code>3293874</code></a> Bump actions/checkout from 5.0.1 to 6.0.0 (<a href="https://redirect.github.com/actions/attest/issues/308">#308</a>)</li> <li><a href="https://github.com/actions/attest/commit/88adb8653690c030561da54074f99d467b74741b"><code>88adb86</code></a> Bump the npm-development group with 2 updates (<a href="https://redirect.github.com/actions/attest/issues/307">#307</a>)</li> <li>Additional commits viewable in <a href="https://github.com/actions/attest/compare/daf44fb950173508f38bd2406030372c1d1162b1...7667f588f2f73a90cea6c7ac70e78266c4f76616">compare view</a></li> </ul> </details> <br /> Updates `docker/setup-buildx-action` from 3.11.1 to 3.12.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's releases</a>.</em></p> <blockquote> <h2>v3.12.0</h2> <ul> <li>Deprecate <code>install</code> input by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/455">docker/setup-buildx-action#455</a></li> <li>Bump <code>@docker/actions-toolkit</code> from 0.62.1 to 0.63.0 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/434">docker/setup-buildx-action#434</a></li> <li>Bump brace-expansion from 1.1.11 to 1.1.12 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/436">docker/setup-buildx-action#436</a></li> <li>Bump form-data from 2.5.1 to 2.5.5 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/432">docker/setup-buildx-action#432</a></li> <li>Bump undici from 5.28.4 to 5.29.0 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/435">docker/setup-buildx-action#435</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/setup-buildx-action/compare/v3.11.1...v3.12.0">https://github.com/docker/setup-buildx-action/compare/v3.11.1...v3.12.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/docker/setup-buildx-action/commit/8d2750c68a42422c14e847fe6c8ac0403b4cbd6f"><code>8d2750c</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-buildx-action/issues/455">#455</a> from crazy-max/install-deprecated</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/e81846bcc4416a0bf18b8389e4f6fce279619ddc"><code>e81846b</code></a> deprecate install input</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/65d18f8f8a05aab1b2d761032bec9cd5578caadb"><code>65d18f8</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-buildx-action/issues/454">#454</a> from docker/dependabot/github_actions/actions/checkout-6</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/000d75d273dec231f74115df50b6ee04c9b25e55"><code>000d75d</code></a> build(deps): bump actions/checkout from 5 to 6</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/1583c0f09d26c58c59d25b0eef29792b7ce99d9a"><code>1583c0f</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-buildx-action/issues/443">#443</a> from nicolasleger/patch-1</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/ed158e796328af702db08c75bebb92f2fb10be88"><code>ed158e7</code></a> doc: bump actions/checkout from 4 to 5</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/4cc794f83e4b7488282e879f4469e86246e52ddd"><code>4cc794f</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-buildx-action/issues/441">#441</a> from docker/dependabot/github_actions/actions/checkout-5</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/4dfc3d6c5d9e9534040f8d8b55bd4a98459b62b7"><code>4dfc3d6</code></a> build(deps): bump actions/checkout from 4 to 5</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/af1b253b8dc984466d22633f04ef341c1520ed2f"><code>af1b253</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-buildx-action/issues/440">#440</a> from crazy-max/k3s-build</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/3c6ab92b04d9f3e63233e0e0168ba114c6b448bc"><code>3c6ab92</code></a> ci: k3s test with latest buildx</li> <li>Additional commits viewable in <a href="https://github.com/docker/setup-buildx-action/compare/e468171a9de216ec08956ac3ada2f0791b6bd435...8d2750c68a42422c14e847fe6c8ac0403b4cbd6f">compare view</a></li> </ul> </details> <br /> Updates `github/codeql-action` from 4.31.6 to 4.31.9 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action's releases</a>.</em></p> <blockquote> <h2>v4.31.9</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>4.31.9 - 16 Dec 2025</h2> <p>No user facing changes.</p> <p>See the full <a href="https://github.com/github/codeql-action/blob/v4.31.9/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> <h2>v4.31.8</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>4.31.8 - 11 Dec 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.23.8. <a href="https://redirect.github.com/github/codeql-action/pull/3354">#3354</a></li> </ul> <p>See the full <a href="https://github.com/github/codeql-action/blob/v4.31.8/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> <h2>v4.31.7</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>4.31.7 - 05 Dec 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.23.7. <a href="https://redirect.github.com/github/codeql-action/pull/3343">#3343</a></li> </ul> <p>See the full <a href="https://github.com/github/codeql-action/blob/v4.31.7/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>4.31.9 - 16 Dec 2025</h2> <p>No user facing changes.</p> <h2>4.31.8 - 11 Dec 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.23.8. <a href="https://redirect.github.com/github/codeql-action/pull/3354">#3354</a></li> </ul> <h2>4.31.7 - 05 Dec 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.23.7. <a href="https://redirect.github.com/github/codeql-action/pull/3343">#3343</a></li> </ul> <h2>4.31.6 - 01 Dec 2025</h2> <p>No user facing changes.</p> <h2>4.31.5 - 24 Nov 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.23.6. <a href="https://redirect.github.com/github/codeql-action/pull/3321">#3321</a></li> </ul> <h2>4.31.4 - 18 Nov 2025</h2> <p>No user facing changes.</p> <h2>4.31.3 - 13 Nov 2025</h2> <ul> <li>CodeQL Action v3 will be deprecated in December 2026. The Action now logs a warning for customers who are running v3 but could be running v4. For more information, see <a href="https://github.blog/changelog/2025-10-28-upcoming-deprecation-of-codeql-action-v3/">Upcoming deprecation of CodeQL Action v3</a>.</li> <li>Update default CodeQL bundle version to 2.23.5. <a href="https://redirect.github.com/github/codeql-action/pull/3288">#3288</a></li> </ul> <h2>4.31.2 - 30 Oct 2025</h2> <p>No user facing changes.</p> <h2>4.31.1 - 30 Oct 2025</h2> <ul> <li>The <code>add-snippets</code> input has been removed from the <code>analyze</code> action. This input has been deprecated since CodeQL Action 3.26.4 in August 2024 when this removal was announced.</li> </ul> <h2>4.31.0 - 24 Oct 2025</h2> <ul> <li>Bump minimum CodeQL bundle version to 2.17.6. <a href="https://redirect.github.com/github/codeql-action/pull/3223">#3223</a></li> <li>When SARIF files are uploaded by the <code>analyze</code> or <code>upload-sarif</code> actions, the CodeQL Action automatically performs post-processing steps to prepare the data for the upload. Previously, these post-processing steps were only performed before an upload took place. We are now changing this so that the post-processing steps will always be performed, even when the SARIF files are not uploaded. This does not change anything for the <code>upload-sarif</code> action. For <code>analyze</code>, this may affect Advanced Setup for CodeQL users who specify a value other than <code>always</code> for the <code>upload</code> input. <a href="https://redirect.github.com/github/codeql-action/pull/3222">#3222</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/5d4e8d1aca955e8d8589aabd499c5cae939e33c7"><code>5d4e8d1</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3371">#3371</a> from github/update-v4.31.9-998798e34</li> <li><a href="https://github.com/github/codeql-action/commit/1dc115f17a8c6966e94a6477313dd3df6319bc83"><code>1dc115f</code></a> Update changelog for v4.31.9</li> <li><a href="https://github.com/github/codeql-action/commit/998798e34d79baddb1566c60bbb8f68a901c04e6"><code>998798e</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3352">#3352</a> from github/nickrolfe/jar-min-ff-cleanup</li> <li><a href="https://github.com/github/codeql-action/commit/5eb751966fe18977cdefa4e41e0f90e92801ce90"><code>5eb7519</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3358">#3358</a> from github/henrymercer/database-upload-telemetry</li> <li><a href="https://github.com/github/codeql-action/commit/d29eddb39b7c33171bb0250114b1c9e3ff8fe2bc"><code>d29eddb</code></a> Extract version number to constant</li> <li><a href="https://github.com/github/codeql-action/commit/e9626872ef3347a9c18091d60da647084c2451a6"><code>e962687</code></a> Merge branch 'main' into henrymercer/database-upload-telemetry</li> <li><a href="https://github.com/github/codeql-action/commit/19c7f96922a6269458f2cadcc23faf0ebaa1368b"><code>19c7f96</code></a> Rename <code>isOverlayBase</code></li> <li><a href="https://github.com/github/codeql-action/commit/ae5de9a20d0468cc3818a0dc5c99e456f996d9cf"><code>ae5de9a</code></a> Use <code>getErrorMessage</code> in log too</li> <li><a href="https://github.com/github/codeql-action/commit/0cb86337c5111af4ff3dc7e8f9b98c479c9ea954"><code>0cb8633</code></a> Prefer <code>performance.now()</code></li> <li><a href="https://github.com/github/codeql-action/commit/c07cc0d3a95a282fc5a54477464931c776d124ec"><code>c07cc0d</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3351">#3351</a> from github/henrymercer/ghec-dr-determine-tools-vers...</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/fe4161a26a8629af62121b670040955b330f9af2...5d4e8d1aca955e8d8589aabd499c5cae939e33c7">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-12-29 12:21:08 +00:00
dependabot[bot]	3f13859ade	ci: bump the github-actions group with 4 updates (#21370 ) Bumps the github-actions group with 4 updates: [step-security/harden-runner](https://github.com/step-security/harden-runner), [actions/cache](https://github.com/actions/cache), [actions/upload-artifact](https://github.com/actions/upload-artifact) and [actions/download-artifact](https://github.com/actions/download-artifact). Updates `step-security/harden-runner` from 2.13.2 to 2.14.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's releases</a>.</em></p> <blockquote> <h2>v2.14.0</h2> <h2>What's Changed</h2> <ul> <li>Selective installation: Harden-Runner now skips installation on GitHub-hosted runners when the repository has a custom property skip_harden_runner, allowing organizations to opt out specific repos.</li> <li>Avoid double install: The action no longer installs Harden-Runner if it’s already present on a GitHub-hosted runner, which could happen when a composite action also installs it.</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2.13.3...v2.14.0">https://github.com/step-security/harden-runner/compare/v2.13.3...v2.14.0</a></p> <h2>v2.13.3</h2> <h2>What's Changed</h2> <ul> <li>Fixed an issue where process events were not uploaded in certain edge cases.</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2.13.2...v2.13.3">https://github.com/step-security/harden-runner/compare/v2.13.2...v2.13.3</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/step-security/harden-runner/commit/20cf305ff2072d973412fa9b1e3a4f227bda3c76"><code>20cf305</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/622">#622</a> from step-security/feature/custom-property-skip</li> <li><a href="https://github.com/step-security/harden-runner/commit/c51e8eeb6c4fdcd08f65e43a051dacdbfaa69702"><code>c51e8ee</code></a> feat: skip agent install and post step on subsequent runs for GitHub-hosted r...</li> <li><a href="https://github.com/step-security/harden-runner/commit/e152b90204c3d85cefa1441b701a47a13ed28bd7"><code>e152b90</code></a> feat: skip harden-runner based on repository custom property</li> <li><a href="https://github.com/step-security/harden-runner/commit/ee1faec052d1000061fa79a13e030db11b3f86bd"><code>ee1faec</code></a> feat: replace skip-harden-runner with skip-on-custom-property input</li> <li><a href="https://github.com/step-security/harden-runner/commit/1dc7c1764659d537dab2a854b8e165a801103eb1"><code>1dc7c17</code></a> feat: add skip-harden-runner input to conditionally skip execution</li> <li><a href="https://github.com/step-security/harden-runner/commit/df199fb7be9f65074067a9eb93f12bb4c5547cf2"><code>df199fb</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/620">#620</a> from step-security/rc-29</li> <li><a href="https://github.com/step-security/harden-runner/commit/03d096a772368b1f0222005a6899d3e35a7f62df"><code>03d096a</code></a> update agent</li> <li><a href="https://github.com/step-security/harden-runner/commit/40901073af04afd40408833437092a7467798f33"><code>4090107</code></a> fix: update agent</li> <li>See full diff in <a href="https://github.com/step-security/harden-runner/compare/95d9a5deda9de15063e7595e9719c11c38c90ae2...20cf305ff2072d973412fa9b1e3a4f227bda3c76">compare view</a></li> </ul> </details> <br /> Updates `actions/cache` from 4.3.0 to 5.0.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/cache/releases">actions/cache's releases</a>.</em></p> <blockquote> <h2>v5.0.1</h2> <blockquote> <p>[!IMPORTANT] <strong><code>actions/cache@v5</code> runs on the Node.js 24 runtime and requires a minimum Actions Runner version of <code>2.327.1</code>.</strong></p> <p>If you are using self-hosted runners, ensure they are updated before upgrading.</p> </blockquote> <hr /> <h1>v5.0.1</h1> <h2>What's Changed</h2> <ul> <li>fix: update <code>@actions/cache</code> for Node.js 24 punycode deprecation by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1685">actions/cache#1685</a></li> <li>prepare release v5.0.1 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1686">actions/cache#1686</a></li> </ul> <h1>v5.0.0</h1> <h2>What's Changed</h2> <ul> <li>Upgrade to use node24 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1630">actions/cache#1630</a></li> <li>Prepare v5.0.0 release by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1684">actions/cache#1684</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/cache/compare/v5...v5.0.1">https://github.com/actions/cache/compare/v5...v5.0.1</a></p> <h2>v5.0.0</h2> <blockquote> <p>[!IMPORTANT] <strong><code>actions/cache@v5</code> runs on the Node.js 24 runtime and requires a minimum Actions Runner version of <code>2.327.1</code>.</strong></p> <p>If you are using self-hosted runners, ensure they are updated before upgrading.</p> </blockquote> <hr /> <h2>What's Changed</h2> <ul> <li>Upgrade to use node24 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1630">actions/cache#1630</a></li> <li>Prepare v5.0.0 release by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1684">actions/cache#1684</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/cache/compare/v4.3.0...v5.0.0">https://github.com/actions/cache/compare/v4.3.0...v5.0.0</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/cache/blob/main/RELEASES.md">actions/cache's changelog</a>.</em></p> <blockquote> <h1>Releases</h1> <h2>Changelog</h2> <h3>5.0.1</h3> <ul> <li>Update <code>@azure/storage-blob</code> to <code>^12.29.1</code> via <code>@actions/cache@5.0.1</code> <a href="https://redirect.github.com/actions/cache/pull/1685">#1685</a></li> </ul> <h3>5.0.0</h3> <blockquote> <p>[!IMPORTANT] <code>actions/cache@v5</code> runs on the Node.js 24 runtime and requires a minimum Actions Runner version of <code>2.327.1</code>. If you are using self-hosted runners, ensure they are updated before upgrading.</p> </blockquote> <h3>4.3.0</h3> <ul> <li>Bump <code>@actions/cache</code> to <a href="https://redirect.github.com/actions/toolkit/pull/2132">v4.1.0</a></li> </ul> <h3>4.2.4</h3> <ul> <li>Bump <code>@actions/cache</code> to v4.0.5</li> </ul> <h3>4.2.3</h3> <ul> <li>Bump <code>@actions/cache</code> to v4.0.3 (obfuscates SAS token in debug logs for cache entries)</li> </ul> <h3>4.2.2</h3> <ul> <li>Bump <code>@actions/cache</code> to v4.0.2</li> </ul> <h3>4.2.1</h3> <ul> <li>Bump <code>@actions/cache</code> to v4.0.1</li> </ul> <h3>4.2.0</h3> <p>TLDR; The cache backend service has been rewritten from the ground up for improved performance and reliability. <a href="https://github.com/actions/cache">actions/cache</a> now integrates with the new cache service (v2) APIs.</p> <p>The new service will gradually roll out as of <strong>February 1st, 2025</strong>. The legacy service will also be sunset on the same date. Changes in these release are <strong>fully backward compatible</strong>.</p> <p><strong>We are deprecating some versions of this action</strong>. We recommend upgrading to version <code>v4</code> or <code>v3</code> as soon as possible before <strong>February 1st, 2025.</strong> (Upgrade instructions below).</p> <p>If you are using pinned SHAs, please use the SHAs of versions <code>v4.2.0</code> or <code>v3.4.0</code></p> <p>If you do not upgrade, all workflow runs using any of the deprecated <a href="https://github.com/actions/cache">actions/cache</a> will fail.</p> <p>Upgrading to the recommended versions will not break your workflows.</p> <h3>4.1.2</h3> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/cache/commit/9255dc7a253b0ccc959486e2bca901246202afeb"><code>9255dc7</code></a> Merge pull request <a href="https://redirect.github.com/actions/cache/issues/1686">#1686</a> from actions/cache-v5.0.1-release</li> <li><a href="https://github.com/actions/cache/commit/8ff5423e8b66eacab4e638ee52abbd2cb831366a"><code>8ff5423</code></a> chore: release v5.0.1</li> <li><a href="https://github.com/actions/cache/commit/9233019a152bc768059ac1768b8e4403b5da16c1"><code>9233019</code></a> Merge pull request <a href="https://redirect.github.com/actions/cache/issues/1685">#1685</a> from salmanmkc/node24-storage-blob-fix</li> <li><a href="https://github.com/actions/cache/commit/b975f2bb844529e1063ad882c609b224bcd66eb6"><code>b975f2b</code></a> fix: add peer property to package-lock.json for dependencies</li> <li><a href="https://github.com/actions/cache/commit/d0a0e1813491d01d574c95f8d189f62622bbb2ae"><code>d0a0e18</code></a> fix: update license files for <code>@actions/cache</code>, fast-xml-parser, and strnum</li> <li><a href="https://github.com/actions/cache/commit/74de208dcfcbe85c0e7154e7b17e4105fe2554ff"><code>74de208</code></a> fix: update <code>@actions/cache</code> to ^5.0.1 for Node.js 24 punycode fix</li> <li><a href="https://github.com/actions/cache/commit/ac7f1152ead02e89c14b5456d14ab17591e74cfb"><code>ac7f115</code></a> peer</li> <li><a href="https://github.com/actions/cache/commit/b0f846b50b6061d7a2ca6f1a2fea61d4a65d1a16"><code>b0f846b</code></a> fix: update <code>@actions/cache</code> with storage-blob fix for Node.js 24 punycode depr...</li> <li><a href="https://github.com/actions/cache/commit/a7833574556fa59680c1b7cb190c1735db73ebf0"><code>a783357</code></a> Merge pull request <a href="https://redirect.github.com/actions/cache/issues/1684">#1684</a> from actions/prepare-cache-v5-release</li> <li><a href="https://github.com/actions/cache/commit/3bb0d78750a39cefce0c2b5a0a9801052b4359ad"><code>3bb0d78</code></a> docs: highlight v5 runner requirement in releases</li> <li>Additional commits viewable in <a href="https://github.com/actions/cache/compare/0057852bfaa89a56745cba8c7296529d2fc39830...9255dc7a253b0ccc959486e2bca901246202afeb">compare view</a></li> </ul> </details> <br /> Updates `actions/upload-artifact` from 5.0.0 to 6.0.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's releases</a>.</em></p> <blockquote> <h2>v6.0.0</h2> <h2>v6 - What's new</h2> <blockquote> <p>[!IMPORTANT] actions/upload-artifact@v6 now runs on Node.js 24 (<code>runs.using: node24</code>) and requires a minimum Actions Runner version of 2.327.1. If you are using self-hosted runners, ensure they are updated before upgrading.</p> </blockquote> <h3>Node.js 24</h3> <p>This release updates the runtime to Node.js 24. v5 had preliminary support for Node.js 24, however this action was by default still running on Node.js 20. Now this action by default will run on Node.js 24.</p> <h2>What's Changed</h2> <ul> <li>Upload Artifact Node 24 support by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/719">actions/upload-artifact#719</a></li> <li>fix: update <code>@actions/artifact</code> for Node.js 24 punycode deprecation by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/744">actions/upload-artifact#744</a></li> <li>prepare release v6.0.0 for Node.js 24 support by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/745">actions/upload-artifact#745</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/upload-artifact/compare/v5.0.0...v6.0.0">https://github.com/actions/upload-artifact/compare/v5.0.0...v6.0.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/upload-artifact/commit/b7c566a772e6b6bfb58ed0dc250532a479d7789f"><code>b7c566a</code></a> Merge pull request <a href="https://redirect.github.com/actions/upload-artifact/issues/745">#745</a> from actions/upload-artifact-v6-release</li> <li><a href="https://github.com/actions/upload-artifact/commit/e516bc8500aaf3d07d591fcd4ae6ab5f9c391d5b"><code>e516bc8</code></a> docs: correct description of Node.js 24 support in README</li> <li><a href="https://github.com/actions/upload-artifact/commit/ddc45ed9bca9b38dbd643978d88e3981cdc91415"><code>ddc45ed</code></a> docs: update README to correct action name for Node.js 24 support</li> <li><a href="https://github.com/actions/upload-artifact/commit/615b319bd27bb32c3d64dca6b6ed6974d5fbe653"><code>615b319</code></a> chore: release v6.0.0 for Node.js 24 support</li> <li><a href="https://github.com/actions/upload-artifact/commit/017748b48f8610ca8e6af1222f4a618e84a9c703"><code>017748b</code></a> Merge pull request <a href="https://redirect.github.com/actions/upload-artifact/issues/744">#744</a> from actions/fix-storage-blob</li> <li><a href="https://github.com/actions/upload-artifact/commit/38d4c7997f5510fcc41fc4aae2a6b97becdbe7fc"><code>38d4c79</code></a> chore: rebuild dist</li> <li><a href="https://github.com/actions/upload-artifact/commit/7d27270e0cfd253e666c44abac0711308d2d042f"><code>7d27270</code></a> chore: add missing license cache files for <code>@actions/core</code>, <code>@actions/io</code>, and mi...</li> <li><a href="https://github.com/actions/upload-artifact/commit/5f643d3c9475505ccaf26d686ffbfb71a8387261"><code>5f643d3</code></a> chore: update license files for <code>@actions/artifact</code><a href="https://github.com/5"><code>@5</code></a>.0.1 dependencies</li> <li><a href="https://github.com/actions/upload-artifact/commit/1df1684032c88614064493e1a0478fcb3583e1d0"><code>1df1684</code></a> chore: update package-lock.json with <code>@actions/artifact</code><a href="https://github.com/5"><code>@5</code></a>.0.1</li> <li><a href="https://github.com/actions/upload-artifact/commit/b5b1a918401ee270935b6b1d857ae66c85f3be6f"><code>b5b1a91</code></a> fix: update <code>@actions/artifact</code> to ^5.0.0 for Node.js 24 punycode fix</li> <li>Additional commits viewable in <a href="https://github.com/actions/upload-artifact/compare/330a01c490aca151604b8cf639adc76d48f6c5d4...b7c566a772e6b6bfb58ed0dc250532a479d7789f">compare view</a></li> </ul> </details> <br /> Updates `actions/download-artifact` from 6.0.0 to 7.0.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/download-artifact/releases">actions/download-artifact's releases</a>.</em></p> <blockquote> <h2>v7.0.0</h2> <h2>v7 - What's new</h2> <blockquote> <p>[!IMPORTANT] actions/download-artifact@v7 now runs on Node.js 24 (<code>runs.using: node24</code>) and requires a minimum Actions Runner version of 2.327.1. If you are using self-hosted runners, ensure they are updated before upgrading.</p> </blockquote> <h3>Node.js 24</h3> <p>This release updates the runtime to Node.js 24. v6 had preliminary support for Node 24, however this action was by default still running on Node.js 20. Now this action by default will run on Node.js 24.</p> <h2>What's Changed</h2> <ul> <li>Update GHES guidance to include reference to Node 20 version by <a href="https://github.com/patrikpolyak"><code>@patrikpolyak</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/440">actions/download-artifact#440</a></li> <li>Download Artifact Node24 support by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/415">actions/download-artifact#415</a></li> <li>fix: update <code>@actions/artifact</code> to fix Node.js 24 punycode deprecation by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/451">actions/download-artifact#451</a></li> <li>prepare release v7.0.0 for Node.js 24 support by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/452">actions/download-artifact#452</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/patrikpolyak"><code>@patrikpolyak</code></a> made their first contribution in <a href="https://redirect.github.com/actions/download-artifact/pull/440">actions/download-artifact#440</a></li> <li><a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> made their first contribution in <a href="https://redirect.github.com/actions/download-artifact/pull/415">actions/download-artifact#415</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/download-artifact/compare/v6.0.0...v7.0.0">https://github.com/actions/download-artifact/compare/v6.0.0...v7.0.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/download-artifact/commit/37930b1c2abaa49bbe596cd826c3c89aef350131"><code>37930b1</code></a> Merge pull request <a href="https://redirect.github.com/actions/download-artifact/issues/452">#452</a> from actions/download-artifact-v7-release</li> <li><a href="https://github.com/actions/download-artifact/commit/72582b9e0acd370909e83fa4a1fd0fca3ad452d8"><code>72582b9</code></a> doc: update readme</li> <li><a href="https://github.com/actions/download-artifact/commit/0d2ec9d4cbcefe257d822f108de2a1f15f8da9f6"><code>0d2ec9d</code></a> chore: release v7.0.0 for Node.js 24 support</li> <li><a href="https://github.com/actions/download-artifact/commit/fd7ae8fda6dc16277a9ffbc91cdb0eedf156e912"><code>fd7ae8f</code></a> Merge pull request <a href="https://redirect.github.com/actions/download-artifact/issues/451">#451</a> from actions/fix-storage-blob</li> <li><a href="https://github.com/actions/download-artifact/commit/d484700543354b15886d6a52910cf61b7f1d2b27"><code>d484700</code></a> chore: restore minimatch.dep.yml license file</li> <li><a href="https://github.com/actions/download-artifact/commit/03a808050efe42bb6ad85281890afd4e4546672c"><code>03a8080</code></a> chore: remove obsolete dependency license files</li> <li><a href="https://github.com/actions/download-artifact/commit/56fe6d904b0968950f8b68ea17774c54973ed5e2"><code>56fe6d9</code></a> chore: update <code>@actions/artifact</code> license file to 5.0.1</li> <li><a href="https://github.com/actions/download-artifact/commit/8e3ebc4ab4d2e095e5eb44ba1a4a53b6b03976ad"><code>8e3ebc4</code></a> chore: update package-lock.json with <code>@actions/artifact</code><a href="https://github.com/5"><code>@5</code></a>.0.1</li> <li><a href="https://github.com/actions/download-artifact/commit/1e3c4b4d4906c98ab57453c24efefdf16c078044"><code>1e3c4b4</code></a> fix: update <code>@actions/artifact</code> to ^5.0.0 for Node.js 24 punycode fix</li> <li><a href="https://github.com/actions/download-artifact/commit/458627d354794c71bc386c8d5839d20b5885fe2a"><code>458627d</code></a> chore: use local <code>@actions/artifact</code> package for Node.js 24 testing</li> <li>Additional commits viewable in <a href="https://github.com/actions/download-artifact/compare/018cc2cf5baa6db3ef3c5f8a56943fffe632ef53...37930b1c2abaa49bbe596cd826c3c89aef350131">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-12-22 12:32:48 +00:00
dependabot[bot]	ed810a04f1	ci: bump the github-actions group with 4 updates (#21273 ) Bumps the github-actions group with 4 updates: [actions/checkout](https://github.com/actions/checkout), [actions/setup-java](https://github.com/actions/setup-java), [tj-actions/changed-files](https://github.com/tj-actions/changed-files) and [actions/stale](https://github.com/actions/stale). Updates `actions/checkout` from 6.0.0 to 6.0.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p> <blockquote> <h2>v6.0.1</h2> <h2>What's Changed</h2> <ul> <li>Update all references from v5 and v4 to v6 by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2314">actions/checkout#2314</a></li> <li>Add worktree support for persist-credentials includeIf by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2327">actions/checkout#2327</a></li> <li>Clarify v6 README by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2328">actions/checkout#2328</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v6...v6.0.1">https://github.com/actions/checkout/compare/v6...v6.0.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/checkout/commit/8e8c483db84b4bee98b60c0593521ed34d9990e8"><code>8e8c483</code></a> Clarify v6 README (<a href="https://redirect.github.com/actions/checkout/issues/2328">#2328</a>)</li> <li><a href="https://github.com/actions/checkout/commit/033fa0dc0b82693d8986f1016a0ec2c5e7d9cbb1"><code>033fa0d</code></a> Add worktree support for persist-credentials includeIf (<a href="https://redirect.github.com/actions/checkout/issues/2327">#2327</a>)</li> <li><a href="https://github.com/actions/checkout/commit/c2d88d3ecc89a9ef08eebf45d9637801dcee7eb5"><code>c2d88d3</code></a> Update all references from v5 and v4 to v6 (<a href="https://redirect.github.com/actions/checkout/issues/2314">#2314</a>)</li> <li>See full diff in <a href="https://github.com/actions/checkout/compare/1af3b93b6815bc44a9784bd300feb67ff0d1eeb3...8e8c483db84b4bee98b60c0593521ed34d9990e8">compare view</a></li> </ul> </details> <br /> Updates `actions/setup-java` from 5.0.0 to 5.1.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/setup-java/releases">actions/setup-java's releases</a>.</em></p> <blockquote> <h2>v5.1.0</h2> <h2>What's Changed</h2> <h3>New Features</h3> <ul> <li>Add support for <code>.sdkmanrc</code> file in <code>java-version-file</code> parameter by <a href="https://github.com/guicamest"><code>@guicamest</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/736">actions/setup-java#736</a></li> <li>Add support for Microsoft OpenJDK 25 builds by <a href="https://github.com/the-mod"><code>@the-mod</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/927">actions/setup-java#927</a></li> </ul> <h3>Bug Fixes & Improvements</h3> <ul> <li>Update Regex to Support All ASDF Versions for the supported distributions in tool-versions File by <a href="https://github.com/aparnajyothi-y"><code>@aparnajyothi-y</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/767">actions/setup-java#767</a></li> <li>Enhance error logging for network failures to include endpoint/IP details, add retry mechanism and update workflows to use macos-15-intel by <a href="https://github.com/priya-kinthali"><code>@priya-kinthali</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/946">actions/setup-java#946</a></li> <li>Update SapMachine URLs by <a href="https://github.com/RealCLanger"><code>@RealCLanger</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/955">actions/setup-java#955</a></li> <li>Add GitHub Token Support for GraalVM and Refactor Code by <a href="https://github.com/mahabaleshwars"><code>@mahabaleshwars</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/849">actions/setup-java#849</a></li> </ul> <h3>Documentation changes</h3> <ul> <li>Update documentation to use checkout and Java v5 by <a href="https://github.com/lmvysakh"><code>@lmvysakh</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/903">actions/setup-java#903</a></li> <li>Clarify JAVA_HOME and PATH setup in README by <a href="https://github.com/chiranjib-swain"><code>@chiranjib-swain</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/841">actions/setup-java#841</a></li> </ul> <h3>Dependency updates</h3> <ul> <li>Upgrade prettier from 2.8.8 to 3.6.2 and document breaking changes in v5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/873">actions/setup-java#873</a></li> <li>Upgrade actions/publish-action from 0.3.0 to 0.4.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/912">actions/setup-java#912</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/lmvysakh"><code>@lmvysakh</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-java/pull/903">actions/setup-java#903</a></li> <li><a href="https://github.com/chiranjib-swain"><code>@chiranjib-swain</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-java/pull/841">actions/setup-java#841</a></li> <li><a href="https://github.com/the-mod"><code>@the-mod</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-java/pull/927">actions/setup-java#927</a></li> <li><a href="https://github.com/priya-kinthali"><code>@priya-kinthali</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-java/pull/946">actions/setup-java#946</a></li> <li><a href="https://github.com/guicamest"><code>@guicamest</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-java/pull/736">actions/setup-java#736</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/setup-java/compare/v5...v5.1.0">https://github.com/actions/setup-java/compare/v5...v5.1.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/setup-java/commit/f2beeb24e141e01a676f977032f5a29d81c9e27e"><code>f2beeb2</code></a> Bump actions/publish-action from 0.3.0 to 0.4.0 (<a href="https://redirect.github.com/actions/setup-java/issues/912">#912</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/4e7e684fbb6e33f88ecb2cf1e6b3797739cf499b"><code>4e7e684</code></a> feat: Add support for <code>.sdkmanrc</code> file in <code>java-version-file</code> parameter (<a href="https://redirect.github.com/actions/setup-java/issues/736">#736</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/46c56d6f92c88cf540acf95a12a4a41197499222"><code>46c56d6</code></a> Add GitHub Token Support for GraalVM and Refactor Code (<a href="https://redirect.github.com/actions/setup-java/issues/849">#849</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/66b945764b75604b3cfd644c3ada5232cf6c90c6"><code>66b9457</code></a> Update SapMachine URLs (<a href="https://redirect.github.com/actions/setup-java/issues/955">#955</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/6ba5449b7dcda52941806a19f0cf626b6420191e"><code>6ba5449</code></a> Enhance error logging for network failures to include endpoint/IP details, ad...</li> <li><a href="https://github.com/actions/setup-java/commit/de5a937a1dc73fbc1a67d7d1aa4bebc1082f3190"><code>de5a937</code></a> adds microsoft openjdk25 builds (<a href="https://redirect.github.com/actions/setup-java/issues/927">#927</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/ead9eaa3cfe0b0fc2fa749519ae09c3d4f4080b0"><code>ead9eaa</code></a> Update Regex to Support All ASDF Versions for the supported distributions in ...</li> <li><a href="https://github.com/actions/setup-java/commit/8c57fa36276f209f7c545338dc17a4cc89842dec"><code>8c57fa3</code></a> Clarify JAVA_HOME and PATH setup in README (<a href="https://redirect.github.com/actions/setup-java/issues/841">#841</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/a7ab372554b6eb1a8eb25e7d9aec1cc9f3ea1a76"><code>a7ab372</code></a> Bump prettier from 2.8.8 to 3.6.2 (<a href="https://redirect.github.com/actions/setup-java/issues/873">#873</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/d0351b4837dd42a4a838ef25daec3bf530e20aaf"><code>d0351b4</code></a> Update documentation to use checkout and Java v5 (<a href="https://redirect.github.com/actions/setup-java/issues/903">#903</a>)</li> <li>See full diff in <a href="https://github.com/actions/setup-java/compare/dded0888837ed1f317902acf8a20df0ad188d165...f2beeb24e141e01a676f977032f5a29d81c9e27e">compare view</a></li> </ul> </details> <br /> Updates `tj-actions/changed-files` from abdd2f68ea150cee8f236d4a9fb4e0f2491abf1b to e0021407031f5be11a464abee9a0776171c79891 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.5...v47.0.0">47.0.0</a> - (2025-09-13)</h1> <h2><!-- raw HTML omitted -->🚀 Features</h2> <ul> <li>Add any_added to outputs (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2567">#2567</a>) (<a href="https://github.com/tj-actions/changed-files/commit/c260d49a827b5eb266673bed7871c5d3ee9b5aef">c260d49</a>) - (Jellyfrog)</li> </ul> <h2><!-- raw HTML omitted -->➖ Remove</h2> <ul> <li>Commit and push step from build job (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2538">#2538</a>) (<a href="https://github.com/tj-actions/changed-files/commit/be393a90381e27c9fec2c8c2e02b00f005710145">be393a9</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->🔄 Update</h2> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2592">#2592</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/3dbc1e181273d808ccff822a6e00cf18b6628ef0">3dbc1e1</a>) - (github-actions[bot])</p> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2591">#2591</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/b1ccff8c0892ad141d7d2de6f31e526a9dad931f">b1ccff8</a>) - (github-actions[bot])</p> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2574">#2574</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/050a3d3360d29711ee9d8210fc639d902d23ad07">050a3d3</a>) - (github-actions[bot])</p> <h2><!-- raw HTML omitted -->📚 Documentation</h2> <ul> <li>Update link to glob patterns (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2590">#2590</a>) (<a href="https://github.com/tj-actions/changed-files/commit/a892f50f7a7187bc288633c09230b09ce7ad8fd0">a892f50</a>) - (Tonye Jack)</li> <li>Add Jellyfrog as a contributor for code, and doc (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2573">#2573</a>) (<a href="https://github.com/tj-actions/changed-files/commit/f000a9b97f254f9590ff26f651cccde827ad36da">f000a9b</a>) - (allcontributors[bot])</li> </ul> <h2><!-- raw HTML omitted -->🧪 Testing</h2> <ul> <li>Manual triggered workflows (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2637">#2637</a>) (<a href="https://github.com/tj-actions/changed-files/commit/c2ca2493190021783138cb8aac49bcee14b4bb89">c2ca249</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2> <ul> <li><strong>deps-dev:</strong> Bump jest from 30.0.5 to 30.1.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2655">#2655</a>) (<a href="https://github.com/tj-actions/changed-files/commit/9a6755550a331fdcc8ec45443738933f8fa22eea">9a67555</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump tj-actions/git-cliff from 2.1.0 to 2.2.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2660">#2660</a>) (<a href="https://github.com/tj-actions/changed-files/commit/b67e30df88f43e244f4e83775e5ad8335114fb95">b67e30d</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.30.2 to 3.30.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2661">#2661</a>) (<a href="https://github.com/tj-actions/changed-files/commit/62aef422ffa195474d80d73387535cf4622b2824">62aef42</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.29.11 to 3.30.2 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2659">#2659</a>) (<a href="https://github.com/tj-actions/changed-files/commit/e874f3cddd0f54ae776e6995ae6dae4cf40fd3d3">e874f3c</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump actions/setup-node from 4.4.0 to 5.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2656">#2656</a>) (<a href="https://github.com/tj-actions/changed-files/commit/8c14441336bb3d84fd6b7fa83b6d7201c740baf5">8c14441</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 24.3.0 to 24.3.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2657">#2657</a>) (<a href="https://github.com/tj-actions/changed-files/commit/e995ac4be5be2bcb6e29556edc51fb63aca6b49b">e995ac4</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 24.2.1 to 24.3.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2649">#2649</a>) (<a href="https://github.com/tj-actions/changed-files/commit/3b04099b21072562f07469c10deb182b24236ca9">3b04099</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.29.9 to 3.29.11 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2651">#2651</a>) (<a href="https://github.com/tj-actions/changed-files/commit/e7b6c977e51984988e3cc1d6b18abe2a3ba8daaa">e7b6c97</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump tj-actions/git-cliff from 2.0.2 to 2.1.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2648">#2648</a>) (<a href="https://github.com/tj-actions/changed-files/commit/765d62bc041415a5b494ef13d02d566128b25973">765d62b</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.29.8 to 3.29.9 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2647">#2647</a>) (<a href="https://github.com/tj-actions/changed-files/commit/2036da178f85576f1940fedb74bb93a36cd89ab7">2036da1</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.29.7 to 3.29.8 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2644">#2644</a>) (<a href="https://github.com/tj-actions/changed-files/commit/239aef84a5502c79a1cea96e495d17588c66c659">239aef8</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 24.2.0 to 24.2.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2645">#2645</a>) (<a href="https://github.com/tj-actions/changed-files/commit/a7d5f5f4919b6dbc6d3a3689887964361e8dd88f">a7d5f5f</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump actions/checkout from 4.2.2 to 5.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2646">#2646</a>) (<a href="https://github.com/tj-actions/changed-files/commit/5107f3abcc0c3737db51e2949f181e2c197d4d5b">5107f3a</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 24.1.0 to 24.2.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2640">#2640</a>) (<a href="https://github.com/tj-actions/changed-files/commit/f963b3f3562b00b6d2dd25efc390eb04e51ef6c6">f963b3f</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump actions/download-artifact from 4.3.0 to 5.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2641">#2641</a>) (<a href="https://github.com/tj-actions/changed-files/commit/f956744105e18d78bba3844a1199ce43d6503017">f956744</a>) - (dependabot[bot])</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/tj-actions/changed-files/compare/abdd2f68ea150cee8f236d4a9fb4e0f2491abf1b...abdd2f68ea150cee8f236d4a9fb4e0f2491abf1b">compare view</a></li> </ul> </details> <br /> Updates `actions/stale` from 10.1.0 to 10.1.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/stale/releases">actions/stale's releases</a>.</em></p> <blockquote> <h2>v10.1.1</h2> <h2>What's Changed</h2> <h3>Bug Fix</h3> <ul> <li>Add Missing Input Reading for <code>only-issue-types</code> by <a href="https://github.com/Bibo-Joshi"><code>@Bibo-Joshi</code></a> in <a href="https://redirect.github.com/actions/stale/pull/1298">actions/stale#1298</a></li> </ul> <h3>Improvement</h3> <ul> <li>Improves error handling when rate limiting is disabled on GHES. by <a href="https://github.com/chiranjib-swain"><code>@chiranjib-swain</code></a> in <a href="https://redirect.github.com/actions/stale/pull/1300">actions/stale#1300</a></li> </ul> <h3>Dependency Upgrades</h3> <ul> <li>Upgrade eslint-config-prettier from 8.10.0 to 10.1.8 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/stale/pull/1276">actions/stale#1276</a></li> <li>Upgrade <code>@types/node</code> from 20.10.3 to 24.2.0 and document breaking changes in v10 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/stale/pull/1280">actions/stale#1280</a></li> <li>Upgrade actions/publish-action from 0.3.0 to 0.4.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/stale/pull/1291">actions/stale#1291</a></li> <li>Upgrade actions/checkout from 4 to 6 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/stale/pull/1306">actions/stale#1306</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/chiranjib-swain"><code>@chiranjib-swain</code></a> made their first contribution in <a href="https://redirect.github.com/actions/stale/pull/1300">actions/stale#1300</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/stale/compare/v10...v10.1.1">https://github.com/actions/stale/compare/v10...v10.1.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/stale/commit/997185467fa4f803885201cee163a9f38240193d"><code>9971854</code></a> build(deps): bump actions/checkout from 4 to 6 (<a href="https://redirect.github.com/actions/stale/issues/1306">#1306</a>)</li> <li><a href="https://github.com/actions/stale/commit/5611b9defa6b7799a950489b00163db69f7a3ece"><code>5611b9d</code></a> build(deps): bump actions/publish-action from 0.3.0 to 0.4.0 (<a href="https://redirect.github.com/actions/stale/issues/1291">#1291</a>)</li> <li><a href="https://github.com/actions/stale/commit/fad0de84e50d1aba7b0236cdaf0ea98a43286849"><code>fad0de8</code></a> Improves error handling when rate limiting is disabled on GHES. (<a href="https://redirect.github.com/actions/stale/issues/1300">#1300</a>)</li> <li><a href="https://github.com/actions/stale/commit/39bea7de61dd70ce4705a976f904f33d5e1e0f49"><code>39bea7d</code></a> Add Missing Input Reading for <code>only-issue-types</code> (<a href="https://redirect.github.com/actions/stale/issues/1298">#1298</a>)</li> <li><a href="https://github.com/actions/stale/commit/e46bbabb3ede15841d25946157759558dd16306e"><code>e46bbab</code></a> build(deps-dev): bump <code>@types/node</code> from 20.10.3 to 24.2.0 and document breakin...</li> <li><a href="https://github.com/actions/stale/commit/65d1d4804d3060875fff9f9fa8a49e27f71ce7f0"><code>65d1d48</code></a> build(deps-dev): bump eslint-config-prettier from 8.10.0 to 10.1.8 (<a href="https://redirect.github.com/actions/stale/issues/1276">#1276</a>)</li> <li>See full diff in <a href="https://github.com/actions/stale/compare/5f858e3efba33a5ca4407a664cc011ad407f2008...997185467fa4f803885201cee163a9f38240193d">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-12-15 12:23:24 +00:00
dependabot[bot]	fad8b54ab8	ci: bump the github-actions group across 1 directory with 6 updates (#21017 ) Bumps the github-actions group with 6 updates in the / directory: \| Package \| From \| To \| \| --- \| --- \| --- \| \| [actions/checkout](https://github.com/actions/checkout) \| `5.0.0` \| `6.0.0` \| \| [crate-ci/typos](https://github.com/crate-ci/typos) \| `1.39.2` \| `1.40.0` \| \| [chromaui/action](https://github.com/chromaui/action) \| `13.3.3` \| `13.3.4` \| \| [fluxcd/flux2](https://github.com/fluxcd/flux2) \| `2.7.3` \| `2.7.5` \| \| [tj-actions/changed-files](https://github.com/tj-actions/changed-files) \| `70069877f29101175ed2b055d210fe8b1d54d7d7` \| `abdd2f68ea150cee8f236d4a9fb4e0f2491abf1b` \| \| [github/codeql-action](https://github.com/github/codeql-action) \| `4.31.3` \| `4.31.6` \| Updates `actions/checkout` from 5.0.0 to 6.0.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p> <blockquote> <h2>v6.0.0</h2> <h2>What's Changed</h2> <ul> <li>Update README to include Node.js 24 support details and requirements by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2248">actions/checkout#2248</a></li> <li>Persist creds to a separate file by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2286">actions/checkout#2286</a></li> <li>v6-beta by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2298">actions/checkout#2298</a></li> <li>update readme/changelog for v6 by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2311">actions/checkout#2311</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v5.0.0...v6.0.0">https://github.com/actions/checkout/compare/v5.0.0...v6.0.0</a></p> <h2>v6-beta</h2> <h2>What's Changed</h2> <p>Updated persist-credentials to store the credentials under <code>$RUNNER_TEMP</code> instead of directly in the local git config.</p> <p>This requires a minimum Actions Runner version of <a href="https://github.com/actions/runner/releases/tag/v2.329.0">v2.329.0</a> to access the persisted credentials for <a href="https://docs.github.com/en/actions/tutorials/use-containerized-services/create-a-docker-container-action">Docker container action</a> scenarios.</p> <h2>v5.0.1</h2> <h2>What's Changed</h2> <ul> <li>Port v6 cleanup to v5 by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2301">actions/checkout#2301</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v5...v5.0.1">https://github.com/actions/checkout/compare/v5...v5.0.1</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h2>V6.0.0</h2> <ul> <li>Persist creds to a separate file by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2286">actions/checkout#2286</a></li> <li>Update README to include Node.js 24 support details and requirements by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2248">actions/checkout#2248</a></li> </ul> <h2>V5.0.1</h2> <ul> <li>Port v6 cleanup to v5 by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2301">actions/checkout#2301</a></li> </ul> <h2>V5.0.0</h2> <ul> <li>Update actions checkout to use node 24 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2226">actions/checkout#2226</a></li> </ul> <h2>V4.3.1</h2> <ul> <li>Port v6 cleanup to v4 by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2305">actions/checkout#2305</a></li> </ul> <h2>V4.3.0</h2> <ul> <li>docs: update README.md by <a href="https://github.com/motss"><code>@motss</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li> <li>Add internal repos for checking out multiple repositories by <a href="https://github.com/mouismail"><code>@mouismail</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li> <li>Documentation update - add recommended permissions to Readme by <a href="https://github.com/benwells"><code>@benwells</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li> <li>Adjust positioning of user email note and permissions heading by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2044">actions/checkout#2044</a></li> <li>Update README.md by <a href="https://github.com/nebuk89"><code>@nebuk89</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li> <li>Update CODEOWNERS for actions by <a href="https://github.com/TingluoHuang"><code>@TingluoHuang</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2224">actions/checkout#2224</a></li> <li>Update package dependencies by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li> </ul> <h2>v4.2.2</h2> <ul> <li><code>url-helper.ts</code> now leverages well-known environment variables by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1941">actions/checkout#1941</a></li> <li>Expand unit test coverage for <code>isGhes</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1946">actions/checkout#1946</a></li> </ul> <h2>v4.2.1</h2> <ul> <li>Check out other refs/* by commit if provided, fall back to ref by <a href="https://github.com/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1924">actions/checkout#1924</a></li> </ul> <h2>v4.2.0</h2> <ul> <li>Add Ref and Commit outputs by <a href="https://github.com/lucacome"><code>@lucacome</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1180">actions/checkout#1180</a></li> <li>Dependency updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>- <a href="https://redirect.github.com/actions/checkout/pull/1777">actions/checkout#1777</a>, <a href="https://redirect.github.com/actions/checkout/pull/1872">actions/checkout#1872</a></li> </ul> <h2>v4.1.7</h2> <ul> <li>Bump the minor-npm-dependencies group across 1 directory with 4 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1739">actions/checkout#1739</a></li> <li>Bump actions/checkout from 3 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1697">actions/checkout#1697</a></li> <li>Check out other refs/* by commit by <a href="https://github.com/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1774">actions/checkout#1774</a></li> <li>Pin actions/checkout's own workflows to a known, good, stable version. by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1776">actions/checkout#1776</a></li> </ul> <h2>v4.1.6</h2> <ul> <li>Check platform to set archive extension appropriately by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1732">actions/checkout#1732</a></li> </ul> <h2>v4.1.5</h2> <ul> <li>Update NPM dependencies by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1703">actions/checkout#1703</a></li> <li>Bump github/codeql-action from 2 to 3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1694">actions/checkout#1694</a></li> <li>Bump actions/setup-node from 1 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1696">actions/checkout#1696</a></li> <li>Bump actions/upload-artifact from 2 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1695">actions/checkout#1695</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/checkout/commit/1af3b93b6815bc44a9784bd300feb67ff0d1eeb3"><code>1af3b93</code></a> update readme/changelog for v6 (<a href="https://redirect.github.com/actions/checkout/issues/2311">#2311</a>)</li> <li><a href="https://github.com/actions/checkout/commit/71cf2267d89c5cb81562390fa70a37fa40b1305e"><code>71cf226</code></a> v6-beta (<a href="https://redirect.github.com/actions/checkout/issues/2298">#2298</a>)</li> <li><a href="https://github.com/actions/checkout/commit/069c6959146423d11cd0184e6accf28f9d45f06e"><code>069c695</code></a> Persist creds to a separate file (<a href="https://redirect.github.com/actions/checkout/issues/2286">#2286</a>)</li> <li><a href="https://github.com/actions/checkout/commit/ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493"><code>ff7abcd</code></a> Update README to include Node.js 24 support details and requirements (<a href="https://redirect.github.com/actions/checkout/issues/2248">#2248</a>)</li> <li>See full diff in <a href="https://github.com/actions/checkout/compare/08c6903cd8c0fde910a37f88322edcfb5dd907a8...1af3b93b6815bc44a9784bd300feb67ff0d1eeb3">compare view</a></li> </ul> </details> <br /> Updates `crate-ci/typos` from 1.39.2 to 1.40.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/crate-ci/typos/releases">crate-ci/typos's releases</a>.</em></p> <blockquote> <h2>v1.40.0</h2> <h2>[1.40.0] - 2025-11-26</h2> <h3>Features</h3> <ul> <li>Updated the dictionary with the <a href="https://redirect.github.com/crate-ci/typos/issues/1405">November 2025</a> changes</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/crate-ci/typos/blob/master/CHANGELOG.md">crate-ci/typos's changelog</a>.</em></p> <blockquote> <h1>Change Log</h1> <p>All notable changes to this project will be documented in this file.</p> <p>The format is based on <a href="https://keepachangelog.com/">Keep a Changelog</a> and this project adheres to <a href="https://semver.org/">Semantic Versioning</a>.</p> <!-- raw HTML omitted --> <h2>[Unreleased] - ReleaseDate</h2> <h2>[1.40.0] - 2025-11-26</h2> <h3>Features</h3> <ul> <li>Updated the dictionary with the <a href="https://redirect.github.com/crate-ci/typos/issues/1405">November 2025</a> changes</li> </ul> <h2>[1.39.2] - 2025-11-13</h2> <h3>Fixes</h3> <ul> <li>Don't offer <code>entry</code> as a correction for <code>entrys</code></li> </ul> <h2>[1.39.1] - 2025-11-12</h2> <h3>Features</h3> <ul> <li>Make <code>--help</code> more vibrant</li> </ul> <h2>[1.39.0] - 2025-10-31</h2> <h3>Features</h3> <ul> <li>Updated the dictionary with the <a href="https://redirect.github.com/crate-ci/typos/issues/1383">October 2025</a> changes</li> </ul> <h3>Fixes</h3> <ul> <li>When a typo is pluralized, prefer pluralized corrections</li> </ul> <h2>[1.38.1] - 2025-10-07</h2> <h3>Fixes</h3> <ul> <li>Ignore common golang identifiers</li> </ul> <h2>[1.38.0] - 2025-10-06</h2> <h3>Features</h3> <ul> <li>Update type list</li> </ul> <h3>Fixes</h3> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/crate-ci/typos/commit/2d0ce569feab1f8752f1dde43cc2f2aa53236e06"><code>2d0ce56</code></a> chore: Release</li> <li><a href="https://github.com/crate-ci/typos/commit/efbd900f8db9952781b6bd1ad83baa38ebd153e3"><code>efbd900</code></a> chore: Release</li> <li><a href="https://github.com/crate-ci/typos/commit/863fd15db8bf16bfe9117ec1a83ea7b6e802e9f3"><code>863fd15</code></a> docs: Update changelog</li> <li><a href="https://github.com/crate-ci/typos/commit/9a27b16791dd73549457a07f247bc4920f787919"><code>9a27b16</code></a> Merge pull request <a href="https://redirect.github.com/crate-ci/typos/issues/1432">#1432</a> from epage/nov</li> <li><a href="https://github.com/crate-ci/typos/commit/3dbd9d4eacab7f22586ea581e4d403c3ca9dbbb7"><code>3dbd9d4</code></a> feat(dict): November additions</li> <li><a href="https://github.com/crate-ci/typos/commit/a1a16c7b7c25d1c27cc750525aada8b9ae68b716"><code>a1a16c7</code></a> Merge pull request <a href="https://redirect.github.com/crate-ci/typos/issues/1427">#1427</a> from deining/bump-github-action</li> <li><a href="https://github.com/crate-ci/typos/commit/cb8d2e78ff23c82fca05340ed256b04513d022b9"><code>cb8d2e7</code></a> docs: Bump GitHub checkout action in 'github-action.md'</li> <li><a href="https://github.com/crate-ci/typos/commit/9f99fb8dfe87b8a3441863fb2e5d5da88a2aa9a2"><code>9f99fb8</code></a> docs(ref): Clarify extend-words / extend-identifiers</li> <li>See full diff in <a href="https://github.com/crate-ci/typos/compare/626c4bedb751ce0b7f03262ca97ddda9a076ae1c...2d0ce569feab1f8752f1dde43cc2f2aa53236e06">compare view</a></li> </ul> </details> <br /> Updates `chromaui/action` from 13.3.3 to 13.3.4 <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/chromaui/action/commit/4c20b95e9d3209ecfdf9cd6aace6bbde71ba1694"><code>4c20b95</code></a> v13.3.4</li> <li>See full diff in <a href="https://github.com/chromaui/action/compare/ac86f2ff0a458ffbce7b40698abd44c0fa34d4b6...4c20b95e9d3209ecfdf9cd6aace6bbde71ba1694">compare view</a></li> </ul> </details> <br /> Updates `fluxcd/flux2` from 2.7.3 to 2.7.5 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/fluxcd/flux2/releases">fluxcd/flux2's releases</a>.</em></p> <blockquote> <h2>v2.7.5</h2> <h2>Highlights</h2> <p>Flux v2.7.5 is a patch release that comes with fixes to helm-controller. Users are encouraged to upgrade for the best experience.</p> <p>ℹ️ Please follow the <a href="https://github.com/fluxcd/flux2/discussions/5572">Upgrade Procedure for Flux v2.7+</a> for a smooth upgrade from Flux v2.6 to the latest version.</p> <p>Fixes:</p> <ul> <li>Fix HelmRelease history truncation when using the <code>RetryOnFailure</code> strategy.</li> </ul> <p>⚠️ Note that signature verification for OCI artifacts in source-controller is not compatible with Cosign v3. Flux users are advised to use <a href="https://fluxcd.io/flux/flux-gh-action/#push-and-sign-kubernetes-manifests-to-container-registries">Cosign v2.6</a> for signing Flux OCI artifacts and Helm charts, until support for Cosign v3 is added in Flux v2.8.</p> <h2>Components changelog</h2> <ul> <li>helm-controller <a href="https://github.com/fluxcd/helm-controller/blob/v1.4.5/CHANGELOG.md">v1.4.5</a></li> </ul> <h2>CLI changelog</h2> <ul> <li>[release/v2.7.x] Update toolkit components by <a href="https://github.com/fluxcdbot"><code>@fluxcdbot</code></a> in <a href="https://redirect.github.com/fluxcd/flux2/pull/5649">fluxcd/flux2#5649</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/fluxcd/flux2/compare/v2.7.4...v2.7.5">https://github.com/fluxcd/flux2/compare/v2.7.4...v2.7.5</a></p> <h2>v2.7.4</h2> <h2>Highlights</h2> <p>Flux v2.7.4 is a patch release that comes with various fixes. Users are encouraged to upgrade for the best experience.</p> <p>ℹ️ Please follow the <a href="https://github.com/fluxcd/flux2/discussions/5572">Upgrade Procedure for Flux v2.7+</a> for a smooth upgrade from Flux v2.6 to the latest version.</p> <p>Fixes:</p> <ul> <li>Add <code>DisableConfigWatchers</code> feature gate to all controllers for disabling the Secrets/ConfigMaps watchers</li> <li>Fix Workload Identity for Azure China Cloud in all controllers</li> <li>Update Helm Go SDK to v3.19.2 fixing schema validation issues in helm-controller</li> <li>Skip secret decryption for remote kustomize patches in kustomize-controller</li> <li>Improve post-build error reporting in kustomize-controller</li> <li>Add <code>ArtifactGenerator</code> to aggregated RBAC roles</li> </ul> <p>⚠️ Note that signature verification for OCI artifacts in source-controller is not compatible with Cosign v3. Flux users are advised to use <a href="https://fluxcd.io/flux/flux-gh-action/#push-and-sign-kubernetes-manifests-to-container-registries">Cosign v2.6</a> for signing Flux OCI artifacts and Helm charts, until support for Cosign v3 is added in Flux v2.8.</p> <h2>Components changelog</h2> <ul> <li>source-controller <a href="https://github.com/fluxcd/source-controller/blob/v1.7.4/CHANGELOG.md">v1.7.4</a></li> <li>kustomize-controller <a href="https://github.com/fluxcd/kustomize-controller/blob/v1.7.3/CHANGELOG.md">v1.7.3</a></li> <li>notification-controller <a href="https://github.com/fluxcd/notification-controller/blob/v1.7.5/CHANGELOG.md">v1.7.5</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/fluxcd/flux2/commit/8454b02a32e48d775b9f563cb51fdcb1787b5b93"><code>8454b02</code></a> Merge pull request <a href="https://redirect.github.com/fluxcd/flux2/issues/5649">#5649</a> from fluxcd/backport-5648-to-release/v2.7.x</li> <li><a href="https://github.com/fluxcd/flux2/commit/931f101cb1cba9f7af4efa44ac0a5c7f634d9b06"><code>931f101</code></a> Update toolkit components</li> <li><a href="https://github.com/fluxcd/flux2/commit/06ed49dcd3f3ce2fc8d1988848245873a91550bc"><code>06ed49d</code></a> Merge pull request <a href="https://redirect.github.com/fluxcd/flux2/issues/5642">#5642</a> from fluxcd/backport-5597-to-release/v2.7.x</li> <li><a href="https://github.com/fluxcd/flux2/commit/6021981de38a416f214a97dd090a1346a20d9ad4"><code>6021981</code></a> Allow option to skip tenant namespace creation</li> <li><a href="https://github.com/fluxcd/flux2/commit/4b7d46e511ca0efbea80e19fca675b18191a7508"><code>4b7d46e</code></a> Merge pull request <a href="https://redirect.github.com/fluxcd/flux2/issues/5640">#5640</a> from fluxcd/backport-5639-to-release/v2.7.x</li> <li><a href="https://github.com/fluxcd/flux2/commit/e8c87047ba81d4bdacc3a33c443e93a35efedda0"><code>e8c8704</code></a> Update toolkit components</li> <li><a href="https://github.com/fluxcd/flux2/commit/abd603eca72aac25d6a7b2da88e902ff798fbf61"><code>abd603e</code></a> Merge pull request <a href="https://redirect.github.com/fluxcd/flux2/issues/5635">#5635</a> from fluxcd/backport-5625-to-release/v2.7.x</li> <li><a href="https://github.com/fluxcd/flux2/commit/83d426c3c04baba957c4aa7774990563e125f5d4"><code>83d426c</code></a> diff: report if object is skipped</li> <li><a href="https://github.com/fluxcd/flux2/commit/48e77c820ecea23bb34fe51b1914bc41fd0830ac"><code>48e77c8</code></a> Merge pull request <a href="https://redirect.github.com/fluxcd/flux2/issues/5634">#5634</a> from fluxcd/backport-5633-to-release/v2.7.x</li> <li><a href="https://github.com/fluxcd/flux2/commit/01fbe3763997a09e67ec30779aa9280cb74e8885"><code>01fbe37</code></a> Upgrade k8s to 1.34.2, c-r to 0.22.4 and helm to 3.19.2</li> <li>Additional commits viewable in <a href="https://github.com/fluxcd/flux2/compare/b6e76ca2534f76dcb8dd94fb057cdfa923c3b641...8454b02a32e48d775b9f563cb51fdcb1787b5b93">compare view</a></li> </ul> </details> <br /> Updates `tj-actions/changed-files` from 70069877f29101175ed2b055d210fe8b1d54d7d7 to abdd2f68ea150cee8f236d4a9fb4e0f2491abf1b <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.5...v47.0.0">47.0.0</a> - (2025-09-13)</h1> <h2><!-- raw HTML omitted -->🚀 Features</h2> <ul> <li>Add any_added to outputs (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2567">#2567</a>) (<a href="https://github.com/tj-actions/changed-files/commit/c260d49a827b5eb266673bed7871c5d3ee9b5aef">c260d49</a>) - (Jellyfrog)</li> </ul> <h2><!-- raw HTML omitted -->➖ Remove</h2> <ul> <li>Commit and push step from build job (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2538">#2538</a>) (<a href="https://github.com/tj-actions/changed-files/commit/be393a90381e27c9fec2c8c2e02b00f005710145">be393a9</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->🔄 Update</h2> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2592">#2592</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/3dbc1e181273d808ccff822a6e00cf18b6628ef0">3dbc1e1</a>) - (github-actions[bot])</p> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2591">#2591</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/b1ccff8c0892ad141d7d2de6f31e526a9dad931f">b1ccff8</a>) - (github-actions[bot])</p> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2574">#2574</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/050a3d3360d29711ee9d8210fc639d902d23ad07">050a3d3</a>) - (github-actions[bot])</p> <h2><!-- raw HTML omitted -->📚 Documentation</h2> <ul> <li>Update link to glob patterns (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2590">#2590</a>) (<a href="https://github.com/tj-actions/changed-files/commit/a892f50f7a7187bc288633c09230b09ce7ad8fd0">a892f50</a>) - (Tonye Jack)</li> <li>Add Jellyfrog as a contributor for code, and doc (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2573">#2573</a>) (<a href="https://github.com/tj-actions/changed-files/commit/f000a9b97f254f9590ff26f651cccde827ad36da">f000a9b</a>) - (allcontributors[bot])</li> </ul> <h2><!-- raw HTML omitted -->🧪 Testing</h2> <ul> <li>Manual triggered workflows (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2637">#2637</a>) (<a href="https://github.com/tj-actions/changed-files/commit/c2ca2493190021783138cb8aac49bcee14b4bb89">c2ca249</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2> <ul> <li><strong>deps-dev:</strong> Bump jest from 30.0.5 to 30.1.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2655">#2655</a>) (<a href="https://github.com/tj-actions/changed-files/commit/9a6755550a331fdcc8ec45443738933f8fa22eea">9a67555</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump tj-actions/git-cliff from 2.1.0 to 2.2.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2660">#2660</a>) (<a href="https://github.com/tj-actions/changed-files/commit/b67e30df88f43e244f4e83775e5ad8335114fb95">b67e30d</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.30.2 to 3.30.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2661">#2661</a>) (<a href="https://github.com/tj-actions/changed-files/commit/62aef422ffa195474d80d73387535cf4622b2824">62aef42</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.29.11 to 3.30.2 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2659">#2659</a>) (<a href="https://github.com/tj-actions/changed-files/commit/e874f3cddd0f54ae776e6995ae6dae4cf40fd3d3">e874f3c</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump actions/setup-node from 4.4.0 to 5.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2656">#2656</a>) (<a href="https://github.com/tj-actions/changed-files/commit/8c14441336bb3d84fd6b7fa83b6d7201c740baf5">8c14441</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 24.3.0 to 24.3.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2657">#2657</a>) (<a href="https://github.com/tj-actions/changed-files/commit/e995ac4be5be2bcb6e29556edc51fb63aca6b49b">e995ac4</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 24.2.1 to 24.3.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2649">#2649</a>) (<a href="https://github.com/tj-actions/changed-files/commit/3b04099b21072562f07469c10deb182b24236ca9">3b04099</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.29.9 to 3.29.11 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2651">#2651</a>) (<a href="https://github.com/tj-actions/changed-files/commit/e7b6c977e51984988e3cc1d6b18abe2a3ba8daaa">e7b6c97</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump tj-actions/git-cliff from 2.0.2 to 2.1.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2648">#2648</a>) (<a href="https://github.com/tj-actions/changed-files/commit/765d62bc041415a5b494ef13d02d566128b25973">765d62b</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.29.8 to 3.29.9 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2647">#2647</a>) (<a href="https://github.com/tj-actions/changed-files/commit/2036da178f85576f1940fedb74bb93a36cd89ab7">2036da1</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.29.7 to 3.29.8 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2644">#2644</a>) (<a href="https://github.com/tj-actions/changed-files/commit/239aef84a5502c79a1cea96e495d17588c66c659">239aef8</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 24.2.0 to 24.2.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2645">#2645</a>) (<a href="https://github.com/tj-actions/changed-files/commit/a7d5f5f4919b6dbc6d3a3689887964361e8dd88f">a7d5f5f</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump actions/checkout from 4.2.2 to 5.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2646">#2646</a>) (<a href="https://github.com/tj-actions/changed-files/commit/5107f3abcc0c3737db51e2949f181e2c197d4d5b">5107f3a</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 24.1.0 to 24.2.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2640">#2640</a>) (<a href="https://github.com/tj-actions/changed-files/commit/f963b3f3562b00b6d2dd25efc390eb04e51ef6c6">f963b3f</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump actions/download-artifact from 4.3.0 to 5.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2641">#2641</a>) (<a href="https://github.com/tj-actions/changed-files/commit/f956744105e18d78bba3844a1199ce43d6503017">f956744</a>) - (dependabot[bot])</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tj-actions/changed-files/commit/abdd2f68ea150cee8f236d4a9fb4e0f2491abf1b"><code>abdd2f6</code></a> chore(deps): bump peter-evans/create-pull-request from 7.0.8 to 7.0.9 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2717">#2717</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/1d08ab228c06cfdb5c92a6be6fb2e03654e2410c"><code>1d08ab2</code></a> chore(deps-dev): bump <code>@types/lodash</code> from 4.17.20 to 4.17.21 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2718">#2718</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/085eb10d7ef84ec5ab690becdd4072966e781924"><code>085eb10</code></a> chore(deps-dev): bump eslint-plugin-jest from 29.1.0 to 29.2.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2719">#2719</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/72321d1f003ac6191c4d5c7781eed4241a728447"><code>72321d1</code></a> chore(deps): bump github/codeql-action from 4.31.4 to 4.31.5 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2720">#2720</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/8c66df4f78c44069a58c4517f775d02211a2b06b"><code>8c66df4</code></a> chore(deps-dev): bump prettier from 3.6.2 to 3.7.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2722">#2722</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/6da3c88b60ebf09464ada9b06fba5b6f2d34bb94"><code>6da3c88</code></a> chore(deps): bump nrwl/nx-set-shas from 4.3.3 to 4.4.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2712">#2712</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/48b6e9756da9107e9b08fcb676b292caaac1140b"><code>48b6e97</code></a> chore(deps): bump actions/checkout from 5.0.0 to 5.0.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2714">#2714</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/4206138f174379c379efaa0f5c1d1f82a96eac0a"><code>4206138</code></a> Update README.md</li> <li><a href="https://github.com/tj-actions/changed-files/commit/31e663cd71ad1f011b9f9e87f3a710e5ebb9a658"><code>31e663c</code></a> chore(deps): bump github/codeql-action from 4.31.2 to 4.31.4 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2715">#2715</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/46fd332157a59040c95f13a55162240a4b789b6c"><code>46fd332</code></a> chore(deps-dev): bump <code>@types/node</code> from 24.10.0 to 24.10.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2711">#2711</a>)</li> <li>Additional commits viewable in <a href="https://github.com/tj-actions/changed-files/compare/70069877f29101175ed2b055d210fe8b1d54d7d7...abdd2f68ea150cee8f236d4a9fb4e0f2491abf1b">compare view</a></li> </ul> </details> <br /> Updates `github/codeql-action` from 4.31.3 to 4.31.6 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action's releases</a>.</em></p> <blockquote> <h2>v4.31.6</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>4.31.6 - 01 Dec 2025</h2> <p>No user facing changes.</p> <p>See the full <a href="https://github.com/github/codeql-action/blob/v4.31.6/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> <h2>v4.31.5</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>4.31.5 - 24 Nov 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.23.6. <a href="https://redirect.github.com/github/codeql-action/pull/3321">#3321</a></li> </ul> <p>See the full <a href="https://github.com/github/codeql-action/blob/v4.31.5/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> <h2>v4.31.4</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>4.31.4 - 18 Nov 2025</h2> <p>No user facing changes.</p> <p>See the full <a href="https://github.com/github/codeql-action/blob/v4.31.4/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>4.31.6 - 01 Dec 2025</h2> <p>No user facing changes.</p> <h2>4.31.5 - 24 Nov 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.23.6. <a href="https://redirect.github.com/github/codeql-action/pull/3321">#3321</a></li> </ul> <h2>4.31.4 - 18 Nov 2025</h2> <p>No user facing changes.</p> <h2>4.31.3 - 13 Nov 2025</h2> <ul> <li>CodeQL Action v3 will be deprecated in December 2026. The Action now logs a warning for customers who are running v3 but could be running v4. For more information, see <a href="https://github.blog/changelog/2025-10-28-upcoming-deprecation-of-codeql-action-v3/">Upcoming deprecation of CodeQL Action v3</a>.</li> <li>Update default CodeQL bundle version to 2.23.5. <a href="https://redirect.github.com/github/codeql-action/pull/3288">#3288</a></li> </ul> <h2>4.31.2 - 30 Oct 2025</h2> <p>No user facing changes.</p> <h2>4.31.1 - 30 Oct 2025</h2> <ul> <li>The <code>add-snippets</code> input has been removed from the <code>analyze</code> action. This input has been deprecated since CodeQL Action 3.26.4 in August 2024 when this removal was announced.</li> </ul> <h2>4.31.0 - 24 Oct 2025</h2> <ul> <li>Bump minimum CodeQL bundle version to 2.17.6. <a href="https://redirect.github.com/github/codeql-action/pull/3223">#3223</a></li> <li>When SARIF files are uploaded by the <code>analyze</code> or <code>upload-sarif</code> actions, the CodeQL Action automatically performs post-processing steps to prepare the data for the upload. Previously, these post-processing steps were only performed before an upload took place. We are now changing this so that the post-processing steps will always be performed, even when the SARIF files are not uploaded. This does not change anything for the <code>upload-sarif</code> action. For <code>analyze</code>, this may affect Advanced Setup for CodeQL users who specify a value other than <code>always</code> for the <code>upload</code> input. <a href="https://redirect.github.com/github/codeql-action/pull/3222">#3222</a></li> </ul> <h2>4.30.9 - 17 Oct 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.23.3. <a href="https://redirect.github.com/github/codeql-action/pull/3205">#3205</a></li> <li>Experimental: A new <code>setup-codeql</code> action has been added which is similar to <code>init</code>, except it only installs the CodeQL CLI and does not initialize a database. Do not use this in production as it is part of an internal experiment and subject to change at any time. <a href="https://redirect.github.com/github/codeql-action/pull/3204">#3204</a></li> </ul> <h2>4.30.8 - 10 Oct 2025</h2> <p>No user facing changes.</p> <h2>4.30.7 - 06 Oct 2025</h2> <ul> <li>[v4+ only] The CodeQL Action now runs on Node.js v24. <a href="https://redirect.github.com/github/codeql-action/pull/3169">#3169</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/fe4161a26a8629af62121b670040955b330f9af2"><code>fe4161a</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3336">#3336</a> from github/update-v4.31.6-ecec1f887</li> <li><a href="https://github.com/github/codeql-action/commit/88c2ab5eee3b475eef2f7aabf89bd9f052153d91"><code>88c2ab5</code></a> Update changelog for v4.31.6</li> <li><a href="https://github.com/github/codeql-action/commit/ecec1f88769052ebc45aa0affc53ea30d474cffa"><code>ecec1f8</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3335">#3335</a> from github/mbg/ci/run-codeql-on-all-prs</li> <li><a href="https://github.com/github/codeql-action/commit/23da73277866951560f258278028b48f68958a0a"><code>23da732</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3334">#3334</a> from github/kaspersv/overlay-minor-comments</li> <li><a href="https://github.com/github/codeql-action/commit/f7abc748a3da068e17cfd0e1086e8d72e51f17b6"><code>f7abc74</code></a> Remove branch filter for PR event in CodeQL workflow</li> <li><a href="https://github.com/github/codeql-action/commit/32ada5e061c0433b9e40f11632c2412a55b745f9"><code>32ada5e</code></a> Merge branch 'main' into kaspersv/overlay-minor-comments</li> <li><a href="https://github.com/github/codeql-action/commit/75b2f49aeaf4e8a9eab338ddc5d628eea7366eeb"><code>75b2f49</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3333">#3333</a> from github/kaspersv/overlay-no-resource-checks-option</li> <li><a href="https://github.com/github/codeql-action/commit/f036b1cb781fa664100fee1f7c56a0088663dd26"><code>f036b1c</code></a> Merge branch 'main' into kaspersv/overlay-no-resource-checks-option</li> <li><a href="https://github.com/github/codeql-action/commit/58c5954801c246a3975b658372285b37c45de271"><code>58c5954</code></a> Add comment to runnerSupportsOverlayAnalysis</li> <li><a href="https://github.com/github/codeql-action/commit/b02fa13292ce189c02cbb1ba5488f7dbbc8c6b14"><code>b02fa13</code></a> Order feature flags alphabetically</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/014f16e7ab1402f30e7c3329d33797e7948572db...fe4161a26a8629af62121b670040955b330f9af2">compare view</a></li> </ul> </details> <br /> <details> <summary>Most Recent Ignore Conditions Applied to This Pull Request</summary> \| Dependency Name \| Ignore Conditions \| \| --- \| --- \| \| crate-ci/typos \| [>= 1.30.a, < 1.31] \| </details> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-12-01 10:32:29 +00:00
dependabot[bot]	0b0813e30c	ci: bump the github-actions group with 3 updates (#20796 ) Bumps the github-actions group with 3 updates: [crate-ci/typos](https://github.com/crate-ci/typos), [peter-evans/repository-dispatch](https://github.com/peter-evans/repository-dispatch) and [github/codeql-action](https://github.com/github/codeql-action). Updates `crate-ci/typos` from 1.39.0 to 1.39.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/crate-ci/typos/releases">crate-ci/typos's releases</a>.</em></p> <blockquote> <h2>v1.39.2</h2> <h2>[1.39.2] - 2025-11-13</h2> <h3>Fixes</h3> <ul> <li>Don't offer <code>entry</code> as a correction for <code>entrys</code></li> </ul> <h2>v1.39.1</h2> <h2>[1.39.1] - 2025-11-12</h2> <h3>Features</h3> <ul> <li>Make <code>--help</code> more vibrant</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/crate-ci/typos/blob/master/CHANGELOG.md">crate-ci/typos's changelog</a>.</em></p> <blockquote> <h1>Change Log</h1> <p>All notable changes to this project will be documented in this file.</p> <p>The format is based on <a href="https://keepachangelog.com/">Keep a Changelog</a> and this project adheres to <a href="https://semver.org/">Semantic Versioning</a>.</p> <!-- raw HTML omitted --> <h2>[Unreleased] - ReleaseDate</h2> <h2>[1.39.2] - 2025-11-13</h2> <h3>Fixes</h3> <ul> <li>Don't offer <code>entry</code> as a correction for <code>entrys</code></li> </ul> <h2>[1.39.1] - 2025-11-12</h2> <h3>Features</h3> <ul> <li>Make <code>--help</code> more vibrant</li> </ul> <h2>[1.39.0] - 2025-10-31</h2> <h3>Features</h3> <ul> <li>Updated the dictionary with the <a href="https://redirect.github.com/crate-ci/typos/issues/1383">October 2025</a> changes</li> </ul> <h3>Fixes</h3> <ul> <li>When a typo is pluralized, prefer pluralized corrections</li> </ul> <h2>[1.38.1] - 2025-10-07</h2> <h3>Fixes</h3> <ul> <li>Ignore common golang identifiers</li> </ul> <h2>[1.38.0] - 2025-10-06</h2> <h3>Features</h3> <ul> <li>Update type list</li> </ul> <h3>Fixes</h3> <ul> <li>Don't correct <code>typ</code></li> <li>Consistently error on unused config fields</li> </ul> <h2>[1.37.3] - 2025-10-06</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/crate-ci/typos/commit/626c4bedb751ce0b7f03262ca97ddda9a076ae1c"><code>626c4be</code></a> chore: Release</li> <li><a href="https://github.com/crate-ci/typos/commit/c6b458db05d00c3037bc9a1102b84febc9fff2f4"><code>c6b458d</code></a> docs: Update changelog</li> <li><a href="https://github.com/crate-ci/typos/commit/eed04198a67af7f32b16141261aa8f911cba1f5f"><code>eed0419</code></a> Merge pull request <a href="https://redirect.github.com/crate-ci/typos/issues/1423">#1423</a> from epage/entrys</li> <li><a href="https://github.com/crate-ci/typos/commit/40383f41a2f90743ef28b8c8b1c2d5a42b7651a0"><code>40383f4</code></a> fix(dict): Don't offer 'entry' as a correction for 'entrys'</li> <li><a href="https://github.com/crate-ci/typos/commit/1af53e3774f068183ffd0c7193eb061a2b65a531"><code>1af53e3</code></a> chore: Release</li> <li><a href="https://github.com/crate-ci/typos/commit/e5d291b81a9bd645c218da268c94df78b6e5e605"><code>e5d291b</code></a> docs: Update changelog</li> <li><a href="https://github.com/crate-ci/typos/commit/55474f5ff9f9a923f4e1a218c9b39271517d847e"><code>55474f5</code></a> Merge pull request <a href="https://redirect.github.com/crate-ci/typos/issues/1417">#1417</a> from starsep/colorful_help</li> <li><a href="https://github.com/crate-ci/typos/commit/78b93759507833a789853c44a1d9a767fcd15024"><code>78b9375</code></a> feat: Enable colors for typos --help</li> <li><a href="https://github.com/crate-ci/typos/commit/308f8f5788c91e7d099279f046cdbc3662956dcd"><code>308f8f5</code></a> Merge pull request <a href="https://redirect.github.com/crate-ci/typos/issues/1409">#1409</a> from crate-ci/renovate/actions-download-artifact-6.x</li> <li><a href="https://github.com/crate-ci/typos/commit/cf03418f507191943e33099ce6ba74c4c79b0257"><code>cf03418</code></a> Merge pull request <a href="https://redirect.github.com/crate-ci/typos/issues/1410">#1410</a> from crate-ci/renovate/actions-setup-python-6.x</li> <li>Additional commits viewable in <a href="https://github.com/crate-ci/typos/compare/07d900b8fa1097806b8adb6391b0d3e0ac2fdea7...626c4bedb751ce0b7f03262ca97ddda9a076ae1c">compare view</a></li> </ul> </details> <br /> Updates `peter-evans/repository-dispatch` from 4.0.0 to 4.0.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/peter-evans/repository-dispatch/releases">peter-evans/repository-dispatch's releases</a>.</em></p> <blockquote> <h2>v4.0.1</h2> <h2>What's Changed</h2> <ul> <li>build(deps): bump peter-evans/repository-dispatch from 3 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/428">peter-evans/repository-dispatch#428</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.127 to 18.19.129 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/429">peter-evans/repository-dispatch#429</a></li> <li>build(deps): bump the github-actions group with 3 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/431">peter-evans/repository-dispatch#431</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.129 to 18.19.130 in the npm group by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/432">peter-evans/repository-dispatch#432</a></li> <li>Fix node version in actions.yml by <a href="https://github.com/peter-evans"><code>@peter-evans</code></a> in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/433">peter-evans/repository-dispatch#433</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/peter-evans/repository-dispatch/compare/v4.0.0...v4.0.1">https://github.com/peter-evans/repository-dispatch/compare/v4.0.0...v4.0.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/peter-evans/repository-dispatch/commit/28959ce8df70de7be546dd1250a005dd32156697"><code>28959ce</code></a> Fix node version in actions.yml (<a href="https://redirect.github.com/peter-evans/repository-dispatch/issues/433">#433</a>)</li> <li><a href="https://github.com/peter-evans/repository-dispatch/commit/25d29c2bbf9b1fd1e3e924e485d754498fdc84fd"><code>25d29c2</code></a> build(deps-dev): bump <code>@types/node</code> in the npm group (<a href="https://redirect.github.com/peter-evans/repository-dispatch/issues/432">#432</a>)</li> <li><a href="https://github.com/peter-evans/repository-dispatch/commit/830136c66487b256600fec7788578990092647bc"><code>830136c</code></a> build(deps): bump the github-actions group with 3 updates (<a href="https://redirect.github.com/peter-evans/repository-dispatch/issues/431">#431</a>)</li> <li><a href="https://github.com/peter-evans/repository-dispatch/commit/2c856c63feddee6147cab2f38801935b6a59a765"><code>2c856c6</code></a> ci: update dependabot config</li> <li><a href="https://github.com/peter-evans/repository-dispatch/commit/66739071c2122a05106fc2a2c306fdaf33bb9cda"><code>6673907</code></a> build(deps-dev): bump <code>@types/node</code> from 18.19.127 to 18.19.129 (<a href="https://redirect.github.com/peter-evans/repository-dispatch/issues/429">#429</a>)</li> <li><a href="https://github.com/peter-evans/repository-dispatch/commit/952a211c1efd1abc91cf289f80655b4692ba8cff"><code>952a211</code></a> build(deps): bump peter-evans/repository-dispatch from 3 to 4 (<a href="https://redirect.github.com/peter-evans/repository-dispatch/issues/428">#428</a>)</li> <li>See full diff in <a href="https://github.com/peter-evans/repository-dispatch/compare/5fc4efd1a4797ddb68ffd0714a238564e4cc0e6f...28959ce8df70de7be546dd1250a005dd32156697">compare view</a></li> </ul> </details> <br /> Updates `github/codeql-action` from 4.31.2 to 4.31.3 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action's releases</a>.</em></p> <blockquote> <h2>v4.31.3</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>4.31.3 - 13 Nov 2025</h2> <ul> <li>CodeQL Action v3 will be deprecated in December 2026. The Action now logs a warning for customers who are running v3 but could be running v4. For more information, see <a href="https://github.blog/changelog/2025-10-28-upcoming-deprecation-of-codeql-action-v3/">Upcoming deprecation of CodeQL Action v3</a>.</li> <li>Update default CodeQL bundle version to 2.23.5. <a href="https://redirect.github.com/github/codeql-action/pull/3288">#3288</a></li> </ul> <p>See the full <a href="https://github.com/github/codeql-action/blob/v4.31.3/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>4.31.3 - 13 Nov 2025</h2> <ul> <li>CodeQL Action v3 will be deprecated in December 2026. The Action now logs a warning for customers who are running v3 but could be running v4. For more information, see <a href="https://github.blog/changelog/2025-10-28-upcoming-deprecation-of-codeql-action-v3/">Upcoming deprecation of CodeQL Action v3</a>.</li> <li>Update default CodeQL bundle version to 2.23.5. <a href="https://redirect.github.com/github/codeql-action/pull/3288">#3288</a></li> </ul> <h2>4.31.2 - 30 Oct 2025</h2> <p>No user facing changes.</p> <h2>4.31.1 - 30 Oct 2025</h2> <ul> <li>The <code>add-snippets</code> input has been removed from the <code>analyze</code> action. This input has been deprecated since CodeQL Action 3.26.4 in August 2024 when this removal was announced.</li> </ul> <h2>4.31.0 - 24 Oct 2025</h2> <ul> <li>Bump minimum CodeQL bundle version to 2.17.6. <a href="https://redirect.github.com/github/codeql-action/pull/3223">#3223</a></li> <li>When SARIF files are uploaded by the <code>analyze</code> or <code>upload-sarif</code> actions, the CodeQL Action automatically performs post-processing steps to prepare the data for the upload. Previously, these post-processing steps were only performed before an upload took place. We are now changing this so that the post-processing steps will always be performed, even when the SARIF files are not uploaded. This does not change anything for the <code>upload-sarif</code> action. For <code>analyze</code>, this may affect Advanced Setup for CodeQL users who specify a value other than <code>always</code> for the <code>upload</code> input. <a href="https://redirect.github.com/github/codeql-action/pull/3222">#3222</a></li> </ul> <h2>4.30.9 - 17 Oct 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.23.3. <a href="https://redirect.github.com/github/codeql-action/pull/3205">#3205</a></li> <li>Experimental: A new <code>setup-codeql</code> action has been added which is similar to <code>init</code>, except it only installs the CodeQL CLI and does not initialize a database. Do not use this in production as it is part of an internal experiment and subject to change at any time. <a href="https://redirect.github.com/github/codeql-action/pull/3204">#3204</a></li> </ul> <h2>4.30.8 - 10 Oct 2025</h2> <p>No user facing changes.</p> <h2>4.30.7 - 06 Oct 2025</h2> <ul> <li>[v4+ only] The CodeQL Action now runs on Node.js v24. <a href="https://redirect.github.com/github/codeql-action/pull/3169">#3169</a></li> </ul> <h2>3.30.6 - 02 Oct 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.23.2. <a href="https://redirect.github.com/github/codeql-action/pull/3168">#3168</a></li> </ul> <h2>3.30.5 - 26 Sep 2025</h2> <ul> <li>We fixed a bug that was introduced in <code>3.30.4</code> with <code>upload-sarif</code> which resulted in files without a <code>.sarif</code> extension not getting uploaded. <a href="https://redirect.github.com/github/codeql-action/pull/3160">#3160</a></li> </ul> <h2>3.30.4 - 25 Sep 2025</h2> <ul> <li>We have improved the CodeQL Action's ability to validate that the workflow it is used in does not use different versions of the CodeQL Action for different workflow steps. Mixing different versions of the CodeQL Action in the same workflow is unsupported and can lead to unpredictable results. A warning will now be emitted from the <code>codeql-action/init</code> step if different versions of the CodeQL Action are detected in the workflow file. Additionally, an error will now be thrown by the other CodeQL Action steps if they load a configuration file that was generated by a different version of the <code>codeql-action/init</code> step. <a href="https://redirect.github.com/github/codeql-action/pull/3099">#3099</a> and <a href="https://redirect.github.com/github/codeql-action/pull/3100">#3100</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/014f16e7ab1402f30e7c3329d33797e7948572db"><code>014f16e</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3293">#3293</a> from github/update-v4.31.3-8c10e89c7</li> <li><a href="https://github.com/github/codeql-action/commit/14d898ef09787f3258d7542ed62ad3da38295b68"><code>14d898e</code></a> Update changelog for v4.31.3</li> <li><a href="https://github.com/github/codeql-action/commit/8c10e89c78c754f211c440ce6999ed8668811c3b"><code>8c10e89</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3288">#3288</a> from github/update-bundle/codeql-bundle-v2.23.5</li> <li><a href="https://github.com/github/codeql-action/commit/9777b01a4952c6266ad795197c2dd702065a6d19"><code>9777b01</code></a> Merge branch 'main' into update-bundle/codeql-bundle-v2.23.5</li> <li><a href="https://github.com/github/codeql-action/commit/456a74a6faf33b08baa780e0bf31b41fabd1ca35"><code>456a74a</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3289">#3289</a> from github/mbg/ci/setup-dotnet</li> <li><a href="https://github.com/github/codeql-action/commit/3fac49c14012959fab197865a1813bffe8a04dd1"><code>3fac49c</code></a> Update remaining workflows</li> <li><a href="https://github.com/github/codeql-action/commit/38a3a7258f252b705a070bd91df7a72a50d61318"><code>38a3a72</code></a> Enable <code>installDotNet</code> in all workflows that analyse C#</li> <li><a href="https://github.com/github/codeql-action/commit/58c9eb6c034b7054387301aa21926d94da049b69"><code>58c9eb6</code></a> Add <code>global.json</code></li> <li><a href="https://github.com/github/codeql-action/commit/f20e02164a8bd2f32913932752d67ee2bbf22246"><code>f20e021</code></a> Add support for adding <code>setup-dotnet</code> steps to <code>sync.sh</code></li> <li><a href="https://github.com/github/codeql-action/commit/8d3d4001e38901ebbee39c134163b67198c956f7"><code>8d3d400</code></a> Add changelog note</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/0499de31b99561a6d14a36a5f662c2a54f91beee...014f16e7ab1402f30e7c3329d33797e7948572db">compare view</a></li> </ul> </details> <br /> <details> <summary>Most Recent Ignore Conditions Applied to This Pull Request</summary> \| Dependency Name \| Ignore Conditions \| \| --- \| --- \| \| crate-ci/typos \| [>= 1.30.a, < 1.31] \| </details> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-11-17 12:19:23 +00:00
dependabot[bot]	4cbba17f10	ci: bump the github-actions group with 3 updates (#20703 ) Bumps the github-actions group with 3 updates: [step-security/harden-runner](https://github.com/step-security/harden-runner), [tj-actions/changed-files](https://github.com/tj-actions/changed-files) and [Mattraks/delete-workflow-runs](https://github.com/mattraks/delete-workflow-runs). Updates `step-security/harden-runner` from 2.13.1 to 2.13.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's releases</a>.</em></p> <blockquote> <h2>v2.13.2</h2> <h2>What's Changed</h2> <ul> <li>Fixed an issue where there was a limit of 512 allowed endpoints when using block egress policy. This restriction has been removed, allowing for an unlimited number of endpoints to be configured.</li> <li>Harden Runner now automatically detects if the agent is already pre-installed on a custom VM image used by a GitHub-hosted runner. When detected, the action will skip reinstallation and use the existing agent.</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2.13.1...v2.13.2">https://github.com/step-security/harden-runner/compare/v2.13.1...v2.13.2</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/step-security/harden-runner/commit/95d9a5deda9de15063e7595e9719c11c38c90ae2"><code>95d9a5d</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/606">#606</a> from step-security/rc-28</li> <li><a href="https://github.com/step-security/harden-runner/commit/87e429d3fb470bcc827f338e5cce1155ff99c6eb"><code>87e429d</code></a> Update limitations.md</li> <li><a href="https://github.com/step-security/harden-runner/commit/ef891c3a30c3c15c2287ce04b33ec28b6d90a447"><code>ef891c3</code></a> feat: add support for custom vm image</li> <li><a href="https://github.com/step-security/harden-runner/commit/1fa8c8a8b1b523829fe596bfc665d2bc4c0ef835"><code>1fa8c8a</code></a> update agent</li> <li><a href="https://github.com/step-security/harden-runner/commit/92c522aaa6f53af082553dedc1596c80b71aba33"><code>92c522a</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/593">#593</a> from step-security/ak-readme-updates</li> <li><a href="https://github.com/step-security/harden-runner/commit/4719ad5578c61961f4f70f833580278dea5544de"><code>4719ad5</code></a> README updates</li> <li><a href="https://github.com/step-security/harden-runner/commit/4fde639ab437b75bf4ecb52bbddb23ab0ac00259"><code>4fde639</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/591">#591</a> from eromosele-stepsecurity/Upd</li> <li><a href="https://github.com/step-security/harden-runner/commit/f682f2f2d06275b6ab30c2a973c1de2fa120e134"><code>f682f2f</code></a> Update README.md</li> <li>See full diff in <a href="https://github.com/step-security/harden-runner/compare/f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a...95d9a5deda9de15063e7595e9719c11c38c90ae2">compare view</a></li> </ul> </details> <br /> Updates `tj-actions/changed-files` from 0ff001de0805038ff3f118de4875002200057732 to 70069877f29101175ed2b055d210fe8b1d54d7d7 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.5...v47.0.0">47.0.0</a> - (2025-09-13)</h1> <h2><!-- raw HTML omitted -->🚀 Features</h2> <ul> <li>Add any_added to outputs (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2567">#2567</a>) (<a href="https://github.com/tj-actions/changed-files/commit/c260d49a827b5eb266673bed7871c5d3ee9b5aef">c260d49</a>) - (Jellyfrog)</li> </ul> <h2><!-- raw HTML omitted -->➖ Remove</h2> <ul> <li>Commit and push step from build job (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2538">#2538</a>) (<a href="https://github.com/tj-actions/changed-files/commit/be393a90381e27c9fec2c8c2e02b00f005710145">be393a9</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->🔄 Update</h2> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2592">#2592</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/3dbc1e181273d808ccff822a6e00cf18b6628ef0">3dbc1e1</a>) - (github-actions[bot])</p> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2591">#2591</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/b1ccff8c0892ad141d7d2de6f31e526a9dad931f">b1ccff8</a>) - (github-actions[bot])</p> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2574">#2574</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/050a3d3360d29711ee9d8210fc639d902d23ad07">050a3d3</a>) - (github-actions[bot])</p> <h2><!-- raw HTML omitted -->📚 Documentation</h2> <ul> <li>Update link to glob patterns (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2590">#2590</a>) (<a href="https://github.com/tj-actions/changed-files/commit/a892f50f7a7187bc288633c09230b09ce7ad8fd0">a892f50</a>) - (Tonye Jack)</li> <li>Add Jellyfrog as a contributor for code, and doc (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2573">#2573</a>) (<a href="https://github.com/tj-actions/changed-files/commit/f000a9b97f254f9590ff26f651cccde827ad36da">f000a9b</a>) - (allcontributors[bot])</li> </ul> <h2><!-- raw HTML omitted -->🧪 Testing</h2> <ul> <li>Manual triggered workflows (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2637">#2637</a>) (<a href="https://github.com/tj-actions/changed-files/commit/c2ca2493190021783138cb8aac49bcee14b4bb89">c2ca249</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2> <ul> <li><strong>deps-dev:</strong> Bump jest from 30.0.5 to 30.1.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2655">#2655</a>) (<a href="https://github.com/tj-actions/changed-files/commit/9a6755550a331fdcc8ec45443738933f8fa22eea">9a67555</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump tj-actions/git-cliff from 2.1.0 to 2.2.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2660">#2660</a>) (<a href="https://github.com/tj-actions/changed-files/commit/b67e30df88f43e244f4e83775e5ad8335114fb95">b67e30d</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.30.2 to 3.30.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2661">#2661</a>) (<a href="https://github.com/tj-actions/changed-files/commit/62aef422ffa195474d80d73387535cf4622b2824">62aef42</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.29.11 to 3.30.2 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2659">#2659</a>) (<a href="https://github.com/tj-actions/changed-files/commit/e874f3cddd0f54ae776e6995ae6dae4cf40fd3d3">e874f3c</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump actions/setup-node from 4.4.0 to 5.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2656">#2656</a>) (<a href="https://github.com/tj-actions/changed-files/commit/8c14441336bb3d84fd6b7fa83b6d7201c740baf5">8c14441</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 24.3.0 to 24.3.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2657">#2657</a>) (<a href="https://github.com/tj-actions/changed-files/commit/e995ac4be5be2bcb6e29556edc51fb63aca6b49b">e995ac4</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 24.2.1 to 24.3.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2649">#2649</a>) (<a href="https://github.com/tj-actions/changed-files/commit/3b04099b21072562f07469c10deb182b24236ca9">3b04099</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.29.9 to 3.29.11 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2651">#2651</a>) (<a href="https://github.com/tj-actions/changed-files/commit/e7b6c977e51984988e3cc1d6b18abe2a3ba8daaa">e7b6c97</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump tj-actions/git-cliff from 2.0.2 to 2.1.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2648">#2648</a>) (<a href="https://github.com/tj-actions/changed-files/commit/765d62bc041415a5b494ef13d02d566128b25973">765d62b</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.29.8 to 3.29.9 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2647">#2647</a>) (<a href="https://github.com/tj-actions/changed-files/commit/2036da178f85576f1940fedb74bb93a36cd89ab7">2036da1</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.29.7 to 3.29.8 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2644">#2644</a>) (<a href="https://github.com/tj-actions/changed-files/commit/239aef84a5502c79a1cea96e495d17588c66c659">239aef8</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 24.2.0 to 24.2.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2645">#2645</a>) (<a href="https://github.com/tj-actions/changed-files/commit/a7d5f5f4919b6dbc6d3a3689887964361e8dd88f">a7d5f5f</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump actions/checkout from 4.2.2 to 5.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2646">#2646</a>) (<a href="https://github.com/tj-actions/changed-files/commit/5107f3abcc0c3737db51e2949f181e2c197d4d5b">5107f3a</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 24.1.0 to 24.2.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2640">#2640</a>) (<a href="https://github.com/tj-actions/changed-files/commit/f963b3f3562b00b6d2dd25efc390eb04e51ef6c6">f963b3f</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump actions/download-artifact from 4.3.0 to 5.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2641">#2641</a>) (<a href="https://github.com/tj-actions/changed-files/commit/f956744105e18d78bba3844a1199ce43d6503017">f956744</a>) - (dependabot[bot])</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tj-actions/changed-files/commit/70069877f29101175ed2b055d210fe8b1d54d7d7"><code>7006987</code></a> chore(deps): bump <code>@octokit/rest</code> from 22.0.0 to 22.0.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2705">#2705</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/5df1bad3a527ede089326306d1296297ab0d58d2"><code>5df1bad</code></a> chore(deps-dev): bump <code>@types/node</code> from 24.9.2 to 24.10.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2707">#2707</a>)</li> <li>See full diff in <a href="https://github.com/tj-actions/changed-files/compare/0ff001de0805038ff3f118de4875002200057732...70069877f29101175ed2b055d210fe8b1d54d7d7">compare view</a></li> </ul> </details> <br /> Updates `Mattraks/delete-workflow-runs` from 86d29a75093353c4c509a876c176234037c2025b to 5bf9a1dac5c4d041c029f0a8370ddf0c5cb5aeb7 <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/Mattraks/delete-workflow-runs/commit/5bf9a1dac5c4d041c029f0a8370ddf0c5cb5aeb7"><code>5bf9a1d</code></a> Bug Fixes</li> <li><a href="https://github.com/Mattraks/delete-workflow-runs/commit/63b223f231f2f5bbea217100ec6d29ab24faa7a1"><code>63b223f</code></a> Supports daily retention keep a minimum number of runs per day</li> <li>See full diff in <a href="https://github.com/mattraks/delete-workflow-runs/compare/86d29a75093353c4c509a876c176234037c2025b...5bf9a1dac5c4d041c029f0a8370ddf0c5cb5aeb7">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-11-10 14:05:16 +00:00
dependabot[bot]	a1161b79a7	ci: bump the github-actions group with 7 updates (#20498 ) Bumps the github-actions group with 7 updates: \| Package \| From \| To \| \| --- \| --- \| --- \| \| [actions/upload-artifact](https://github.com/actions/upload-artifact) \| `4.6.2` \| `5.0.0` \| \| [chromaui/action](https://github.com/chromaui/action) \| `13.3.0` \| `13.3.2` \| \| [actions/download-artifact](https://github.com/actions/download-artifact) \| `5.0.0` \| `6.0.0` \| \| [tj-actions/changed-files](https://github.com/tj-actions/changed-files) \| `d03a93c0dbfac6d6dd6a0d8a5e7daff992b07449` \| `dbf178ceecb9304128c8e0648591d71208c6e2c9` \| \| [nixbuild/nix-quick-install-action](https://github.com/nixbuild/nix-quick-install-action) \| `33` \| `34` \| \| [github/codeql-action](https://github.com/github/codeql-action) \| `4.30.9` \| `4.31.0` \| \| [Mattraks/delete-workflow-runs](https://github.com/mattraks/delete-workflow-runs) \| `2.0.6` \| `2.1.0` \| Updates `actions/upload-artifact` from 4.6.2 to 5.0.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's releases</a>.</em></p> <blockquote> <h2>v5.0.0</h2> <h2>What's Changed</h2> <p><strong>BREAKING CHANGE:</strong> this update supports Node <code>v24.x</code>. This is not a breaking change per-se but we're treating it as such.</p> <ul> <li>Update README.md by <a href="https://github.com/GhadimiR"><code>@GhadimiR</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/681">actions/upload-artifact#681</a></li> <li>Update README.md by <a href="https://github.com/nebuk89"><code>@nebuk89</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/712">actions/upload-artifact#712</a></li> <li>Readme: spell out the first use of GHES by <a href="https://github.com/danwkennedy"><code>@danwkennedy</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/727">actions/upload-artifact#727</a></li> <li>Update GHES guidance to include reference to Node 20 version by <a href="https://github.com/patrikpolyak"><code>@patrikpolyak</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/725">actions/upload-artifact#725</a></li> <li>Bump <code>@actions/artifact</code> to <code>v4.0.0</code></li> <li>Prepare <code>v5.0.0</code> by <a href="https://github.com/danwkennedy"><code>@danwkennedy</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/734">actions/upload-artifact#734</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/GhadimiR"><code>@GhadimiR</code></a> made their first contribution in <a href="https://redirect.github.com/actions/upload-artifact/pull/681">actions/upload-artifact#681</a></li> <li><a href="https://github.com/nebuk89"><code>@nebuk89</code></a> made their first contribution in <a href="https://redirect.github.com/actions/upload-artifact/pull/712">actions/upload-artifact#712</a></li> <li><a href="https://github.com/danwkennedy"><code>@danwkennedy</code></a> made their first contribution in <a href="https://redirect.github.com/actions/upload-artifact/pull/727">actions/upload-artifact#727</a></li> <li><a href="https://github.com/patrikpolyak"><code>@patrikpolyak</code></a> made their first contribution in <a href="https://redirect.github.com/actions/upload-artifact/pull/725">actions/upload-artifact#725</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/upload-artifact/compare/v4...v5.0.0">https://github.com/actions/upload-artifact/compare/v4...v5.0.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/upload-artifact/commit/330a01c490aca151604b8cf639adc76d48f6c5d4"><code>330a01c</code></a> Merge pull request <a href="https://redirect.github.com/actions/upload-artifact/issues/734">#734</a> from actions/danwkennedy/prepare-5.0.0</li> <li><a href="https://github.com/actions/upload-artifact/commit/03f282445299bbefc96171af272a984663b63a26"><code>03f2824</code></a> Update <code>github.dep.yml</code></li> <li><a href="https://github.com/actions/upload-artifact/commit/905a1ecb5915b264cbc519e4eb415b5d82916018"><code>905a1ec</code></a> Prepare <code>v5.0.0</code></li> <li><a href="https://github.com/actions/upload-artifact/commit/2d9f9cdfa99fedaddba68e9b5b5c281eca26cc63"><code>2d9f9cd</code></a> Merge pull request <a href="https://redirect.github.com/actions/upload-artifact/issues/725">#725</a> from patrikpolyak/patch-1</li> <li><a href="https://github.com/actions/upload-artifact/commit/9687587dec67f2a8bc69104e183d311c42af6d6f"><code>9687587</code></a> Merge branch 'main' into patch-1</li> <li><a href="https://github.com/actions/upload-artifact/commit/2848b2cda0e5190984587ec6bb1f36730ca78d50"><code>2848b2c</code></a> Merge pull request <a href="https://redirect.github.com/actions/upload-artifact/issues/727">#727</a> from danwkennedy/patch-1</li> <li><a href="https://github.com/actions/upload-artifact/commit/9b511775fd9ce8c5710b38eea671f856de0e70a7"><code>9b51177</code></a> Spell out the first use of GHES</li> <li><a href="https://github.com/actions/upload-artifact/commit/cd231ca1eda77976a84805c4194a1954f56b0727"><code>cd231ca</code></a> Update GHES guidance to include reference to Node 20 version</li> <li><a href="https://github.com/actions/upload-artifact/commit/de65e23aa2b7e23d713bb51fbfcb6d502f8667d8"><code>de65e23</code></a> Merge pull request <a href="https://redirect.github.com/actions/upload-artifact/issues/712">#712</a> from actions/nebuk89-patch-1</li> <li><a href="https://github.com/actions/upload-artifact/commit/8747d8cd7632611ad6060b528f3e0f654c98869c"><code>8747d8c</code></a> Update README.md</li> <li>Additional commits viewable in <a href="https://github.com/actions/upload-artifact/compare/ea165f8d65b6e75b540449e92b4886f43607fa02...330a01c490aca151604b8cf639adc76d48f6c5d4">compare view</a></li> </ul> </details> <br /> Updates `chromaui/action` from 13.3.0 to 13.3.2 <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/chromaui/action/commit/bc2d84ad2b60813a67d995c5582d696104a19383"><code>bc2d84a</code></a> v13.3.2</li> <li><a href="https://github.com/chromaui/action/commit/1c807fb41f4db007b022d0806c09a94dce7b5ff6"><code>1c807fb</code></a> v13.3.1</li> <li>See full diff in <a href="https://github.com/chromaui/action/compare/4ffe736a2a8262ea28067ff05a13b635ba31ec05...bc2d84ad2b60813a67d995c5582d696104a19383">compare view</a></li> </ul> </details> <br /> Updates `actions/download-artifact` from 5.0.0 to 6.0.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/download-artifact/releases">actions/download-artifact's releases</a>.</em></p> <blockquote> <h2>v6.0.0</h2> <h2>What's Changed</h2> <p><strong>BREAKING CHANGE:</strong> this update supports Node <code>v24.x</code>. This is not a breaking change per-se but we're treating it as such.</p> <ul> <li>Update README for download-artifact v5 changes by <a href="https://github.com/yacaovsnc"><code>@yacaovsnc</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/417">actions/download-artifact#417</a></li> <li>Update README with artifact extraction details by <a href="https://github.com/yacaovsnc"><code>@yacaovsnc</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/424">actions/download-artifact#424</a></li> <li>Readme: spell out the first use of GHES by <a href="https://github.com/danwkennedy"><code>@danwkennedy</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/431">actions/download-artifact#431</a></li> <li>Bump <code>@actions/artifact</code> to <code>v4.0.0</code></li> <li>Prepare <code>v6.0.0</code> by <a href="https://github.com/danwkennedy"><code>@danwkennedy</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/438">actions/download-artifact#438</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/danwkennedy"><code>@danwkennedy</code></a> made their first contribution in <a href="https://redirect.github.com/actions/download-artifact/pull/431">actions/download-artifact#431</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/download-artifact/compare/v5...v6.0.0">https://github.com/actions/download-artifact/compare/v5...v6.0.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/download-artifact/commit/018cc2cf5baa6db3ef3c5f8a56943fffe632ef53"><code>018cc2c</code></a> Merge pull request <a href="https://redirect.github.com/actions/download-artifact/issues/438">#438</a> from actions/danwkennedy/prepare-6.0.0</li> <li><a href="https://github.com/actions/download-artifact/commit/815651c680ffe1c95719d0ed08aba1a2f9d5c177"><code>815651c</code></a> Revert "Remove <code>github.dep.yml</code>"</li> <li><a href="https://github.com/actions/download-artifact/commit/bb3a066a8babc8ed7b3e4218896c548fe34e7115"><code>bb3a066</code></a> Remove <code>github.dep.yml</code></li> <li><a href="https://github.com/actions/download-artifact/commit/fa1ce46bbd11b8387539af12741055a76dfdf804"><code>fa1ce46</code></a> Prepare <code>v6.0.0</code></li> <li><a href="https://github.com/actions/download-artifact/commit/4a24838f3d5601fd639834081e118c2995d51e1c"><code>4a24838</code></a> Merge pull request <a href="https://redirect.github.com/actions/download-artifact/issues/431">#431</a> from danwkennedy/patch-1</li> <li><a href="https://github.com/actions/download-artifact/commit/5e3251c4ff5a32e4cf8dd4adaee0e692365237ae"><code>5e3251c</code></a> Readme: spell out the first use of GHES</li> <li><a href="https://github.com/actions/download-artifact/commit/abefc31eafcfbdf6c5336127c1346fdae79ff41c"><code>abefc31</code></a> Merge pull request <a href="https://redirect.github.com/actions/download-artifact/issues/424">#424</a> from actions/yacaovsnc/update_readme</li> <li><a href="https://github.com/actions/download-artifact/commit/ac43a6070aa7db8a41e756e7a2846221edca7027"><code>ac43a60</code></a> Update README with artifact extraction details</li> <li><a href="https://github.com/actions/download-artifact/commit/de96f4613b77ec03b5cf633e7c350c32bd3c5660"><code>de96f46</code></a> Merge pull request <a href="https://redirect.github.com/actions/download-artifact/issues/417">#417</a> from actions/yacaovsnc/update_readme</li> <li><a href="https://github.com/actions/download-artifact/commit/7993cb44e9052f2f08f9b828ae5ef3ecca7d2ac7"><code>7993cb4</code></a> Remove migration guide for artifact download changes</li> <li>Additional commits viewable in <a href="https://github.com/actions/download-artifact/compare/634f93cb2916e3fdff6788551b99b062d0335ce0...018cc2cf5baa6db3ef3c5f8a56943fffe632ef53">compare view</a></li> </ul> </details> <br /> Updates `tj-actions/changed-files` from d03a93c0dbfac6d6dd6a0d8a5e7daff992b07449 to dbf178ceecb9304128c8e0648591d71208c6e2c9 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.5...v47.0.0">47.0.0</a> - (2025-09-13)</h1> <h2><!-- raw HTML omitted -->🚀 Features</h2> <ul> <li>Add any_added to outputs (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2567">#2567</a>) (<a href="https://github.com/tj-actions/changed-files/commit/c260d49a827b5eb266673bed7871c5d3ee9b5aef">c260d49</a>) - (Jellyfrog)</li> </ul> <h2><!-- raw HTML omitted -->➖ Remove</h2> <ul> <li>Commit and push step from build job (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2538">#2538</a>) (<a href="https://github.com/tj-actions/changed-files/commit/be393a90381e27c9fec2c8c2e02b00f005710145">be393a9</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->🔄 Update</h2> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2592">#2592</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/3dbc1e181273d808ccff822a6e00cf18b6628ef0">3dbc1e1</a>) - (github-actions[bot])</p> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2591">#2591</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/b1ccff8c0892ad141d7d2de6f31e526a9dad931f">b1ccff8</a>) - (github-actions[bot])</p> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2574">#2574</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/050a3d3360d29711ee9d8210fc639d902d23ad07">050a3d3</a>) - (github-actions[bot])</p> <h2><!-- raw HTML omitted -->📚 Documentation</h2> <ul> <li>Update link to glob patterns (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2590">#2590</a>) (<a href="https://github.com/tj-actions/changed-files/commit/a892f50f7a7187bc288633c09230b09ce7ad8fd0">a892f50</a>) - (Tonye Jack)</li> <li>Add Jellyfrog as a contributor for code, and doc (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2573">#2573</a>) (<a href="https://github.com/tj-actions/changed-files/commit/f000a9b97f254f9590ff26f651cccde827ad36da">f000a9b</a>) - (allcontributors[bot])</li> </ul> <h2><!-- raw HTML omitted -->🧪 Testing</h2> <ul> <li>Manual triggered workflows (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2637">#2637</a>) (<a href="https://github.com/tj-actions/changed-files/commit/c2ca2493190021783138cb8aac49bcee14b4bb89">c2ca249</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2> <ul> <li><strong>deps-dev:</strong> Bump jest from 30.0.5 to 30.1.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2655">#2655</a>) (<a href="https://github.com/tj-actions/changed-files/commit/9a6755550a331fdcc8ec45443738933f8fa22eea">9a67555</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump tj-actions/git-cliff from 2.1.0 to 2.2.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2660">#2660</a>) (<a href="https://github.com/tj-actions/changed-files/commit/b67e30df88f43e244f4e83775e5ad8335114fb95">b67e30d</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.30.2 to 3.30.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2661">#2661</a>) (<a href="https://github.com/tj-actions/changed-files/commit/62aef422ffa195474d80d73387535cf4622b2824">62aef42</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.29.11 to 3.30.2 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2659">#2659</a>) (<a href="https://github.com/tj-actions/changed-files/commit/e874f3cddd0f54ae776e6995ae6dae4cf40fd3d3">e874f3c</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump actions/setup-node from 4.4.0 to 5.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2656">#2656</a>) (<a href="https://github.com/tj-actions/changed-files/commit/8c14441336bb3d84fd6b7fa83b6d7201c740baf5">8c14441</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 24.3.0 to 24.3.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2657">#2657</a>) (<a href="https://github.com/tj-actions/changed-files/commit/e995ac4be5be2bcb6e29556edc51fb63aca6b49b">e995ac4</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 24.2.1 to 24.3.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2649">#2649</a>) (<a href="https://github.com/tj-actions/changed-files/commit/3b04099b21072562f07469c10deb182b24236ca9">3b04099</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.29.9 to 3.29.11 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2651">#2651</a>) (<a href="https://github.com/tj-actions/changed-files/commit/e7b6c977e51984988e3cc1d6b18abe2a3ba8daaa">e7b6c97</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump tj-actions/git-cliff from 2.0.2 to 2.1.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2648">#2648</a>) (<a href="https://github.com/tj-actions/changed-files/commit/765d62bc041415a5b494ef13d02d566128b25973">765d62b</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.29.8 to 3.29.9 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2647">#2647</a>) (<a href="https://github.com/tj-actions/changed-files/commit/2036da178f85576f1940fedb74bb93a36cd89ab7">2036da1</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.29.7 to 3.29.8 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2644">#2644</a>) (<a href="https://github.com/tj-actions/changed-files/commit/239aef84a5502c79a1cea96e495d17588c66c659">239aef8</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 24.2.0 to 24.2.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2645">#2645</a>) (<a href="https://github.com/tj-actions/changed-files/commit/a7d5f5f4919b6dbc6d3a3689887964361e8dd88f">a7d5f5f</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump actions/checkout from 4.2.2 to 5.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2646">#2646</a>) (<a href="https://github.com/tj-actions/changed-files/commit/5107f3abcc0c3737db51e2949f181e2c197d4d5b">5107f3a</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 24.1.0 to 24.2.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2640">#2640</a>) (<a href="https://github.com/tj-actions/changed-files/commit/f963b3f3562b00b6d2dd25efc390eb04e51ef6c6">f963b3f</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump actions/download-artifact from 4.3.0 to 5.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2641">#2641</a>) (<a href="https://github.com/tj-actions/changed-files/commit/f956744105e18d78bba3844a1199ce43d6503017">f956744</a>) - (dependabot[bot])</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tj-actions/changed-files/commit/dbf178ceecb9304128c8e0648591d71208c6e2c9"><code>dbf178c</code></a> chore(deps): bump actions/setup-node from 5.0.0 to 6.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2690">#2690</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/19002623031eba72900680c5deed5ee6333dbc12"><code>1900262</code></a> chore(deps): bump github/codeql-action from 3.30.6 to 4.30.9 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2693">#2693</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/27e5d78f9b6a61e3160a2fe263cca91675c08fa0"><code>27e5d78</code></a> chore(deps-dev): bump <code>@types/node</code> from 24.6.2 to 24.9.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2695">#2695</a>)</li> <li>See full diff in <a href="https://github.com/tj-actions/changed-files/compare/d03a93c0dbfac6d6dd6a0d8a5e7daff992b07449...dbf178ceecb9304128c8e0648591d71208c6e2c9">compare view</a></li> </ul> </details> <br /> Updates `nixbuild/nix-quick-install-action` from 33 to 34 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/nixbuild/nix-quick-install-action/releases">nixbuild/nix-quick-install-action's releases</a>.</em></p> <blockquote> <h2>nixbuild/nix-quick-install-action@v34</h2> <h2>Changes</h2> <ul> <li> <p>Update Nix versions: 2.31.0 -> 2.31.2, 2.30.0 -> 2.30.3, 2.29.1 -> 2.29.2, 2.28.4 -> 2.28.5.</p> </li> <li> <p>Bump default Nix version: 2.29.1 -> 2.29.2</p> </li> </ul> <h2>Supported Nix Versions on x86_64-linux runners</h2> <ul> <li>2.31.2</li> <li>2.30.3</li> <li>2.29.2</li> <li>2.28.5</li> <li>2.26.4</li> <li>2.24.15</li> <li>2.3.18</li> </ul> <h2>Supported Nix Versions on aarch64-linux runners</h2> <ul> <li>2.31.2</li> <li>2.30.3</li> <li>2.29.2</li> <li>2.28.5</li> <li>2.26.4</li> <li>2.24.15</li> </ul> <h2>Supported Nix Versions on x86_64-darwin runners</h2> <ul> <li>2.31.2</li> <li>2.30.3</li> <li>2.29.2</li> <li>2.28.5</li> <li>2.26.4</li> <li>2.24.15</li> <li>2.3.18</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/nixbuild/nix-quick-install-action/blob/master/RELEASE">nixbuild/nix-quick-install-action's changelog</a>.</em></p> <blockquote> <p>v34</p> <h2>Changes</h2> <ul> <li> <p>Update Nix versions: 2.31.0 -> 2.31.2, 2.30.0 -> 2.30.3, 2.29.1 -> 2.29.2, 2.28.4 -> 2.28.5.</p> </li> <li> <p>Bump default Nix version: 2.29.1 -> 2.29.2</p> </li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/nixbuild/nix-quick-install-action/commit/2c9db80fb984ceb1bcaa77cdda3fdf8cfba92035"><code>2c9db80</code></a> Release v34</li> <li><a href="https://github.com/nixbuild/nix-quick-install-action/commit/6dd8039259767bef94d598f79b506a92ee991ff8"><code>6dd8039</code></a> ci: Fix versions</li> <li><a href="https://github.com/nixbuild/nix-quick-install-action/commit/a7214c23df4e59da80e6e71503e1f766444fb1e2"><code>a7214c2</code></a> Fix default version</li> <li><a href="https://github.com/nixbuild/nix-quick-install-action/commit/efda085bcade238a03bdbd41f224f08d4ef362e9"><code>efda085</code></a> Bump Nix versions</li> <li><a href="https://github.com/nixbuild/nix-quick-install-action/commit/b644e5e09df2afc194ad86b2a8467b701d15c606"><code>b644e5e</code></a> Update README and workflows for v33</li> <li>See full diff in <a href="https://github.com/nixbuild/nix-quick-install-action/compare/1f095fee853b33114486cfdeae62fa099cda35a9...2c9db80fb984ceb1bcaa77cdda3fdf8cfba92035">compare view</a></li> </ul> </details> <br /> Updates `github/codeql-action` from 4.30.9 to 4.31.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action's releases</a>.</em></p> <blockquote> <h2>v4.31.0</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>4.31.0 - 24 Oct 2025</h2> <ul> <li>Bump minimum CodeQL bundle version to 2.17.6. <a href="https://redirect.github.com/github/codeql-action/pull/3223">#3223</a></li> <li>When SARIF files are uploaded by the <code>analyze</code> or <code>upload-sarif</code> actions, the CodeQL Action automatically performs post-processing steps to prepare the data for the upload. Previously, these post-processing steps were only performed before an upload took place. We are now changing this so that the post-processing steps will always be performed, even when the SARIF files are not uploaded. This does not change anything for the <code>upload-sarif</code> action. For <code>analyze</code>, this may affect Advanced Setup for CodeQL users who specify a value other than <code>always</code> for the <code>upload</code> input. <a href="https://redirect.github.com/github/codeql-action/pull/3222">#3222</a></li> </ul> <p>See the full <a href="https://github.com/github/codeql-action/blob/v4.31.0/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>4.31.0 - 24 Oct 2025</h2> <ul> <li>Bump minimum CodeQL bundle version to 2.17.6. <a href="https://redirect.github.com/github/codeql-action/pull/3223">#3223</a></li> <li>When SARIF files are uploaded by the <code>analyze</code> or <code>upload-sarif</code> actions, the CodeQL Action automatically performs post-processing steps to prepare the data for the upload. Previously, these post-processing steps were only performed before an upload took place. We are now changing this so that the post-processing steps will always be performed, even when the SARIF files are not uploaded. This does not change anything for the <code>upload-sarif</code> action. For <code>analyze</code>, this may affect Advanced Setup for CodeQL users who specify a value other than <code>always</code> for the <code>upload</code> input. <a href="https://redirect.github.com/github/codeql-action/pull/3222">#3222</a></li> </ul> <h2>4.30.9 - 17 Oct 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.23.3. <a href="https://redirect.github.com/github/codeql-action/pull/3205">#3205</a></li> <li>Experimental: A new <code>setup-codeql</code> action has been added which is similar to <code>init</code>, except it only installs the CodeQL CLI and does not initialize a database. Do not use this in production as it is part of an internal experiment and subject to change at any time. <a href="https://redirect.github.com/github/codeql-action/pull/3204">#3204</a></li> </ul> <h2>4.30.8 - 10 Oct 2025</h2> <p>No user facing changes.</p> <h2>4.30.7 - 06 Oct 2025</h2> <ul> <li>[v4+ only] The CodeQL Action now runs on Node.js v24. <a href="https://redirect.github.com/github/codeql-action/pull/3169">#3169</a></li> </ul> <h2>3.30.6 - 02 Oct 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.23.2. <a href="https://redirect.github.com/github/codeql-action/pull/3168">#3168</a></li> </ul> <h2>3.30.5 - 26 Sep 2025</h2> <ul> <li>We fixed a bug that was introduced in <code>3.30.4</code> with <code>upload-sarif</code> which resulted in files without a <code>.sarif</code> extension not getting uploaded. <a href="https://redirect.github.com/github/codeql-action/pull/3160">#3160</a></li> </ul> <h2>3.30.4 - 25 Sep 2025</h2> <ul> <li>We have improved the CodeQL Action's ability to validate that the workflow it is used in does not use different versions of the CodeQL Action for different workflow steps. Mixing different versions of the CodeQL Action in the same workflow is unsupported and can lead to unpredictable results. A warning will now be emitted from the <code>codeql-action/init</code> step if different versions of the CodeQL Action are detected in the workflow file. Additionally, an error will now be thrown by the other CodeQL Action steps if they load a configuration file that was generated by a different version of the <code>codeql-action/init</code> step. <a href="https://redirect.github.com/github/codeql-action/pull/3099">#3099</a> and <a href="https://redirect.github.com/github/codeql-action/pull/3100">#3100</a></li> <li>We added support for reducing the size of dependency caches for Java analyses, which will reduce cache usage and speed up workflows. This will be enabled automatically at a later time. <a href="https://redirect.github.com/github/codeql-action/pull/3107">#3107</a></li> <li>You can now run the latest CodeQL nightly bundle by passing <code>tools: nightly</code> to the <code>init</code> action. In general, the nightly bundle is unstable and we only recommend running it when directed by GitHub staff. <a href="https://redirect.github.com/github/codeql-action/pull/3130">#3130</a></li> <li>Update default CodeQL bundle version to 2.23.1. <a href="https://redirect.github.com/github/codeql-action/pull/3118">#3118</a></li> </ul> <h2>3.30.3 - 10 Sep 2025</h2> <p>No user facing changes.</p> <h2>3.30.2 - 09 Sep 2025</h2> <ul> <li>Fixed a bug which could cause language autodetection to fail. <a href="https://redirect.github.com/github/codeql-action/pull/3084">#3084</a></li> <li>Experimental: The <code>quality-queries</code> input that was added in <code>3.29.2</code> as part of an internal experiment is now deprecated and will be removed in an upcoming version of the CodeQL Action. It has been superseded by a new <code>analysis-kinds</code> input, which is part of the same internal experiment. Do not use this in production as it is subject to change at any time. <a href="https://redirect.github.com/github/codeql-action/pull/3064">#3064</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/4e94bd11f71e507f7f87df81788dff88d1dacbfb"><code>4e94bd1</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3235">#3235</a> from github/update-v4.31.0-1d36546c1</li> <li><a href="https://github.com/github/codeql-action/commit/8f11182164f2181cc5608a575e3c7ef3bc4a9cd1"><code>8f11182</code></a> Update changelog for v4.31.0</li> <li><a href="https://github.com/github/codeql-action/commit/1d36546c1419dc613cdb4b7fde46b1c81643ccbe"><code>1d36546</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3234">#3234</a> from github/mbg/changelog/post-processing</li> <li><a href="https://github.com/github/codeql-action/commit/08ada26e6a4768939d6da6a5e23ae69052948fd7"><code>08ada26</code></a> Add changelog entry for post-processing change</li> <li><a href="https://github.com/github/codeql-action/commit/b843cbeed03550ed4937992fa96258262e955178"><code>b843cbe</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3233">#3233</a> from github/mbg/getOptionalEnvVar</li> <li><a href="https://github.com/github/codeql-action/commit/1ecd56391940567d00fd07e34b4ca7b75dadd92a"><code>1ecd563</code></a> Use <code>getOptionalEnvVar</code> in <code>writePostProcessedFiles</code></li> <li><a href="https://github.com/github/codeql-action/commit/e57680792076a32e6f147ccf58374517ea645a31"><code>e576807</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3223">#3223</a> from github/henrymercer/bump-minimum</li> <li><a href="https://github.com/github/codeql-action/commit/ad3567666919ea4249d02a26c230ea8e0daef410"><code>ad35676</code></a> Add <code>getOptionalEnvVar</code> function</li> <li><a href="https://github.com/github/codeql-action/commit/d75645b13f453e29a7f3c3f316babb725e644d0a"><code>d75645b</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3222">#3222</a> from github/mbg/upload-lib/post-process</li> <li><a href="https://github.com/github/codeql-action/commit/710606cc35e2444ba84bdf7702dcb481f7380ae7"><code>710606c</code></a> Check that <code>outputPath</code> is non-empty</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/16140ae1a102900babc80a33c44059580f687047...4e94bd11f71e507f7f87df81788dff88d1dacbfb">compare view</a></li> </ul> </details> <br /> Updates `Mattraks/delete-workflow-runs` from 2.0.6 to 2.1.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/mattraks/delete-workflow-runs/releases">Mattraks/delete-workflow-runs's releases</a>.</em></p> <blockquote> <h2>v2.1.0</h2> <h2>What's Changed</h2> <ul> <li>Update README.md with contents: read permission by <a href="https://github.com/jonaslindstr"><code>@jonaslindstr</code></a> in <a href="https://redirect.github.com/Mattraks/delete-workflow-runs/pull/19">Mattraks/delete-workflow-runs#19</a></li> <li>Deletes workflow runs that do not have an existing workflow by <a href="https://github.com/watercable76"><code>@watercable76</code></a> in <a href="https://redirect.github.com/Mattraks/delete-workflow-runs/pull/20">Mattraks/delete-workflow-runs#20</a></li> <li>Quick note about GHE <code>baseUrl</code> config by <a href="https://github.com/kquinsland"><code>@kquinsland</code></a> in <a href="https://redirect.github.com/Mattraks/delete-workflow-runs/pull/32">Mattraks/delete-workflow-runs#32</a></li> <li>Added try/catch blocks to catch each error individually by <a href="https://github.com/marcelovani"><code>@marcelovani</code></a> in <a href="https://redirect.github.com/Mattraks/delete-workflow-runs/pull/35">Mattraks/delete-workflow-runs#35</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/jonaslindstr"><code>@jonaslindstr</code></a> made their first contribution in <a href="https://redirect.github.com/Mattraks/delete-workflow-runs/pull/19">Mattraks/delete-workflow-runs#19</a></li> <li><a href="https://github.com/watercable76"><code>@watercable76</code></a> made their first contribution in <a href="https://redirect.github.com/Mattraks/delete-workflow-runs/pull/20">Mattraks/delete-workflow-runs#20</a></li> <li><a href="https://github.com/kquinsland"><code>@kquinsland</code></a> made their first contribution in <a href="https://redirect.github.com/Mattraks/delete-workflow-runs/pull/32">Mattraks/delete-workflow-runs#32</a></li> <li><a href="https://github.com/marcelovani"><code>@marcelovani</code></a> made their first contribution in <a href="https://redirect.github.com/Mattraks/delete-workflow-runs/pull/35">Mattraks/delete-workflow-runs#35</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/Mattraks/delete-workflow-runs/compare/v2.0.6...v2.1.0">https://github.com/Mattraks/delete-workflow-runs/compare/v2.0.6...v2.1.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/Mattraks/delete-workflow-runs/commit/ab482449ba468316e9a8801e092d0405715c5e6d"><code>ab48244</code></a> version v2.1.0</li> <li><a href="https://github.com/Mattraks/delete-workflow-runs/commit/feeb82053ea847a97fe4ee2aa314c94eac0eff04"><code>feeb820</code></a> Undo previous changes.</li> <li><a href="https://github.com/Mattraks/delete-workflow-runs/commit/c61e04ec70740b989bdb168af9c948f2172856d8"><code>c61e04e</code></a> Added another try/catch block</li> <li><a href="https://github.com/Mattraks/delete-workflow-runs/commit/f93a693640fbced9f6b9026397406572c0dddcec"><code>f93a693</code></a> Added another try/catch block</li> <li><a href="https://github.com/Mattraks/delete-workflow-runs/commit/f40e9cd01093f8470cb92e70a971329a1c6b5ca1"><code>f40e9cd</code></a> Removed condition that is limiting deletion</li> <li><a href="https://github.com/Mattraks/delete-workflow-runs/commit/0a28a6b9d4f62e5b211056ceead85cc6776403eb"><code>0a28a6b</code></a> Display debug messages</li> <li><a href="https://github.com/Mattraks/delete-workflow-runs/commit/cb572387c439bdadffcac5fdba1f5fae3374309f"><code>cb57238</code></a> Display all workflows</li> <li><a href="https://github.com/Mattraks/delete-workflow-runs/commit/8859caa93697386bdb136521cca778eb9427e800"><code>8859caa</code></a> Quick note about GHE <code>baseUrl</code> config</li> <li><a href="https://github.com/Mattraks/delete-workflow-runs/commit/4c9f24749b7996562658e3d6e10662489e22caca"><code>4c9f247</code></a> Added better check to verify runs to be deleted, and some logging</li> <li><a href="https://github.com/Mattraks/delete-workflow-runs/commit/20682956720600a468c346b81c1965bfc2312d70"><code>2068295</code></a> Deletes workflow runs that do not have an existing workflow</li> <li>Additional commits viewable in <a href="https://github.com/mattraks/delete-workflow-runs/compare/39f0bbed25d76b34de5594dceab824811479e5de...ab482449ba468316e9a8801e092d0405715c5e6d">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-10-27 12:25:24 +00:00
dependabot[bot]	f947a34103	ci: bump the github-actions group across 1 directory with 15 updates (#20384 ) Co-authored-by: github-actions[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: M Atif Ali <atif@coder.com> Co-authored-by: Ethan Dickson <ethan@coder.com>	2025-10-24 16:06:44 +05:00
dependabot[bot]	32b72bf571	ci: bump the github-actions group with 3 updates (#19824 ) Bumps the github-actions group with 3 updates: [step-security/harden-runner](https://github.com/step-security/harden-runner), [tj-actions/changed-files](https://github.com/tj-actions/changed-files) and [github/codeql-action](https://github.com/github/codeql-action). Updates `step-security/harden-runner` from 2.13.0 to 2.13.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's releases</a>.</em></p> <blockquote> <h2>v2.13.1</h2> <h2>What's Changed</h2> <ul> <li> <p>Graceful handling of HTTP errors: Improved error handling when fetching Harden Runner policies from the StepSecurity Policy Store API, ensuring more reliable execution even in case of temporary network/API issues.</p> </li> <li> <p>Security updates for npm dependencies: Updated vulnerable npm package dependencies to the latest secure versions.</p> </li> <li> <p>Faster enterprise agent downloads: The enterprise agent is now downloaded from GitHub Releases instead of packages.stepsecurity.io, improving download speed and reliability.</p> </li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2.13.0...v2.13.1">https://github.com/step-security/harden-runner/compare/v2.13.0...v2.13.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/step-security/harden-runner/commit/f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a"><code>f4a75cf</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/588">#588</a> from step-security/rc-26</li> <li><a href="https://github.com/step-security/harden-runner/commit/95503d076c107b91d03775aee93f4cb86a134dda"><code>95503d0</code></a> ci: remove code-review workflow</li> <li><a href="https://github.com/step-security/harden-runner/commit/4b250a07397b4cabc038948e3d832967764db6b4"><code>4b250a0</code></a> ci: add job to confirm dist is as expected</li> <li><a href="https://github.com/step-security/harden-runner/commit/5b0ab6abcf4c643b4ddf49d19fdb13c5821d124b"><code>5b0ab6a</code></a> update dependencies</li> <li><a href="https://github.com/step-security/harden-runner/commit/d11f2c1d65a99d8b0f20925c425d4d932e6d3366"><code>d11f2c1</code></a> fix bug where status code was not being preserved</li> <li><a href="https://github.com/step-security/harden-runner/commit/b3fc98e4dfca39273624a95b9c5fd70d759997e5"><code>b3fc98e</code></a> improve error handling for policy store sceanrio</li> <li><a href="https://github.com/step-security/harden-runner/commit/92fc5d4bf78f09f5494523f3d8f2f85786fe757f"><code>92fc5d4</code></a> update error message</li> <li><a href="https://github.com/step-security/harden-runner/commit/b61b0a4938ef1a80f368fbb9a0abcf78846e15a4"><code>b61b0a4</code></a> policy store improvements</li> <li><a href="https://github.com/step-security/harden-runner/commit/e3d3f2baeacadcbf3b2ad500171dd444855d4577"><code>e3d3f2b</code></a> use GitHub release instead of packages</li> <li><a href="https://github.com/step-security/harden-runner/commit/646ac01e72c16075733090f55857fc2f2d9a7e7a"><code>646ac01</code></a> update agent</li> <li>Additional commits viewable in <a href="https://github.com/step-security/harden-runner/compare/ec9f2d5744a09debf3a187a3f4f675c53b671911...f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a">compare view</a></li> </ul> </details> <br /> Updates `tj-actions/changed-files` from 8c14441336bb3d84fd6b7fa83b6d7201c740baf5 to 1ac60965030588f3b867cdd4a3900f37ec99970c <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.5...v47.0.0">47.0.0</a> - (2025-09-13)</h1> <h2><!-- raw HTML omitted -->🚀 Features</h2> <ul> <li>Add any_added to outputs (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2567">#2567</a>) (<a href="https://github.com/tj-actions/changed-files/commit/c260d49a827b5eb266673bed7871c5d3ee9b5aef">c260d49</a>) - (Jellyfrog)</li> </ul> <h2><!-- raw HTML omitted -->➖ Remove</h2> <ul> <li>Commit and push step from build job (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2538">#2538</a>) (<a href="https://github.com/tj-actions/changed-files/commit/be393a90381e27c9fec2c8c2e02b00f005710145">be393a9</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->🔄 Update</h2> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2592">#2592</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/3dbc1e181273d808ccff822a6e00cf18b6628ef0">3dbc1e1</a>) - (github-actions[bot])</p> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2591">#2591</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/b1ccff8c0892ad141d7d2de6f31e526a9dad931f">b1ccff8</a>) - (github-actions[bot])</p> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2574">#2574</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/050a3d3360d29711ee9d8210fc639d902d23ad07">050a3d3</a>) - (github-actions[bot])</p> <h2><!-- raw HTML omitted -->📚 Documentation</h2> <ul> <li>Update link to glob patterns (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2590">#2590</a>) (<a href="https://github.com/tj-actions/changed-files/commit/a892f50f7a7187bc288633c09230b09ce7ad8fd0">a892f50</a>) - (Tonye Jack)</li> <li>Add Jellyfrog as a contributor for code, and doc (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2573">#2573</a>) (<a href="https://github.com/tj-actions/changed-files/commit/f000a9b97f254f9590ff26f651cccde827ad36da">f000a9b</a>) - (allcontributors[bot])</li> </ul> <h2><!-- raw HTML omitted -->🧪 Testing</h2> <ul> <li>Manual triggered workflows (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2637">#2637</a>) (<a href="https://github.com/tj-actions/changed-files/commit/c2ca2493190021783138cb8aac49bcee14b4bb89">c2ca249</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2> <ul> <li><strong>deps-dev:</strong> Bump jest from 30.0.5 to 30.1.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2655">#2655</a>) (<a href="https://github.com/tj-actions/changed-files/commit/9a6755550a331fdcc8ec45443738933f8fa22eea">9a67555</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump tj-actions/git-cliff from 2.1.0 to 2.2.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2660">#2660</a>) (<a href="https://github.com/tj-actions/changed-files/commit/b67e30df88f43e244f4e83775e5ad8335114fb95">b67e30d</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.30.2 to 3.30.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2661">#2661</a>) (<a href="https://github.com/tj-actions/changed-files/commit/62aef422ffa195474d80d73387535cf4622b2824">62aef42</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.29.11 to 3.30.2 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2659">#2659</a>) (<a href="https://github.com/tj-actions/changed-files/commit/e874f3cddd0f54ae776e6995ae6dae4cf40fd3d3">e874f3c</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump actions/setup-node from 4.4.0 to 5.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2656">#2656</a>) (<a href="https://github.com/tj-actions/changed-files/commit/8c14441336bb3d84fd6b7fa83b6d7201c740baf5">8c14441</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 24.3.0 to 24.3.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2657">#2657</a>) (<a href="https://github.com/tj-actions/changed-files/commit/e995ac4be5be2bcb6e29556edc51fb63aca6b49b">e995ac4</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 24.2.1 to 24.3.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2649">#2649</a>) (<a href="https://github.com/tj-actions/changed-files/commit/3b04099b21072562f07469c10deb182b24236ca9">3b04099</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.29.9 to 3.29.11 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2651">#2651</a>) (<a href="https://github.com/tj-actions/changed-files/commit/e7b6c977e51984988e3cc1d6b18abe2a3ba8daaa">e7b6c97</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump tj-actions/git-cliff from 2.0.2 to 2.1.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2648">#2648</a>) (<a href="https://github.com/tj-actions/changed-files/commit/765d62bc041415a5b494ef13d02d566128b25973">765d62b</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.29.8 to 3.29.9 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2647">#2647</a>) (<a href="https://github.com/tj-actions/changed-files/commit/2036da178f85576f1940fedb74bb93a36cd89ab7">2036da1</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.29.7 to 3.29.8 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2644">#2644</a>) (<a href="https://github.com/tj-actions/changed-files/commit/239aef84a5502c79a1cea96e495d17588c66c659">239aef8</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 24.2.0 to 24.2.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2645">#2645</a>) (<a href="https://github.com/tj-actions/changed-files/commit/a7d5f5f4919b6dbc6d3a3689887964361e8dd88f">a7d5f5f</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump actions/checkout from 4.2.2 to 5.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2646">#2646</a>) (<a href="https://github.com/tj-actions/changed-files/commit/5107f3abcc0c3737db51e2949f181e2c197d4d5b">5107f3a</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 24.1.0 to 24.2.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2640">#2640</a>) (<a href="https://github.com/tj-actions/changed-files/commit/f963b3f3562b00b6d2dd25efc390eb04e51ef6c6">f963b3f</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump actions/download-artifact from 4.3.0 to 5.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2641">#2641</a>) (<a href="https://github.com/tj-actions/changed-files/commit/f956744105e18d78bba3844a1199ce43d6503017">f956744</a>) - (dependabot[bot])</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tj-actions/changed-files/commit/1ac60965030588f3b867cdd4a3900f37ec99970c"><code>1ac6096</code></a> Upgraded to v47 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2663">#2663</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/24d32ffd492484c1d75e0c0b894501ddb9d30d62"><code>24d32ff</code></a> upgrade: to node24 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2662">#2662</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/9a6755550a331fdcc8ec45443738933f8fa22eea"><code>9a67555</code></a> chore(deps-dev): bump jest from 30.0.5 to 30.1.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2655">#2655</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/b67e30df88f43e244f4e83775e5ad8335114fb95"><code>b67e30d</code></a> chore(deps): bump tj-actions/git-cliff from 2.1.0 to 2.2.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2660">#2660</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/62aef422ffa195474d80d73387535cf4622b2824"><code>62aef42</code></a> chore(deps): bump github/codeql-action from 3.30.2 to 3.30.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2661">#2661</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/e874f3cddd0f54ae776e6995ae6dae4cf40fd3d3"><code>e874f3c</code></a> chore(deps): bump github/codeql-action from 3.29.11 to 3.30.2 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2659">#2659</a>)</li> <li>See full diff in <a href="https://github.com/tj-actions/changed-files/compare/8c14441336bb3d84fd6b7fa83b6d7201c740baf5...1ac60965030588f3b867cdd4a3900f37ec99970c">compare view</a></li> </ul> </details> <br /> Updates `github/codeql-action` from 3.30.1 to 3.30.3 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action's releases</a>.</em></p> <blockquote> <h2>v3.30.3</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>3.30.3 - 10 Sep 2025</h2> <p>No user facing changes.</p> <p>See the full <a href="https://github.com/github/codeql-action/blob/v3.30.3/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> <h2>v3.30.2</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>3.30.2 - 09 Sep 2025</h2> <ul> <li>Fixed a bug which could cause language autodetection to fail. <a href="https://redirect.github.com/github/codeql-action/pull/3084">#3084</a></li> <li>Experimental: The <code>quality-queries</code> input that was added in <code>3.29.2</code> as part of an internal experiment is now deprecated and will be removed in an upcoming version of the CodeQL Action. It has been superseded by a new <code>analysis-kinds</code> input, which is part of the same internal experiment. Do not use this in production as it is subject to change at any time. <a href="https://redirect.github.com/github/codeql-action/pull/3064">#3064</a></li> </ul> <p>See the full <a href="https://github.com/github/codeql-action/blob/v3.30.2/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>[UNRELEASED]</h2> <ul> <li>We have improved the CodeQL Action's ability to validate that the workflow it is used in does not use different versions of the CodeQL Action for different workflow steps. Mixing different versions of the CodeQL Action in the same workflow is unsupported and can lead to unpredictable results. A warning will now be emitted from the <code>codeql-action/init</code> step if different versions of the CodeQL Action are detected in the workflow file. Additionally, an error will now be thrown by the other CodeQL Action steps if they load a configuration file that was generated by a different version of the <code>codeql-action/init</code> step. <a href="https://redirect.github.com/github/codeql-action/pull/3099">#3099</a> and <a href="https://redirect.github.com/github/codeql-action/pull/3100">#3100</a></li> <li>We added support for reducing the size of dependency caches for Java analyses, which will reduce cache usage and speed up workflows. This will be enabled automatically at a later time. <a href="https://redirect.github.com/github/codeql-action/pull/3107">#3107</a></li> </ul> <h2>3.30.3 - 10 Sep 2025</h2> <p>No user facing changes.</p> <h2>3.30.2 - 09 Sep 2025</h2> <ul> <li>Fixed a bug which could cause language autodetection to fail. <a href="https://redirect.github.com/github/codeql-action/pull/3084">#3084</a></li> <li>Experimental: The <code>quality-queries</code> input that was added in <code>3.29.2</code> as part of an internal experiment is now deprecated and will be removed in an upcoming version of the CodeQL Action. It has been superseded by a new <code>analysis-kinds</code> input, which is part of the same internal experiment. Do not use this in production as it is subject to change at any time. <a href="https://redirect.github.com/github/codeql-action/pull/3064">#3064</a></li> </ul> <h2>3.30.1 - 05 Sep 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.23.0. <a href="https://redirect.github.com/github/codeql-action/pull/3077">#3077</a></li> </ul> <h2>3.30.0 - 01 Sep 2025</h2> <ul> <li>Reduce the size of the CodeQL Action, speeding up workflows by approximately 4 seconds. <a href="https://redirect.github.com/github/codeql-action/pull/3054">#3054</a></li> </ul> <h2>3.29.11 - 21 Aug 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.22.4. <a href="https://redirect.github.com/github/codeql-action/pull/3044">#3044</a></li> </ul> <h2>3.29.10 - 18 Aug 2025</h2> <p>No user facing changes.</p> <h2>3.29.9 - 12 Aug 2025</h2> <p>No user facing changes.</p> <h2>3.29.8 - 08 Aug 2025</h2> <ul> <li>Fix an issue where the Action would autodetect unsupported languages such as HTML. <a href="https://redirect.github.com/github/codeql-action/pull/3015">#3015</a></li> </ul> <h2>3.29.7 - 07 Aug 2025</h2> <p>This release rolls back 3.29.6 to address issues with language autodetection. It is identical to 3.29.5.</p> <h2>3.29.6 - 07 Aug 2025</h2> <ul> <li>The <code>cleanup-level</code> input to the <code>analyze</code> Action is now deprecated. The CodeQL Action has written a limited amount of intermediate results to the database since version 2.2.5, and now automatically manages cleanup. <a href="https://redirect.github.com/github/codeql-action/pull/2999">#2999</a></li> <li>Update default CodeQL bundle version to 2.22.3. <a href="https://redirect.github.com/github/codeql-action/pull/3000">#3000</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/192325c86100d080feab897ff886c34abd4c83a3"><code>192325c</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3104">#3104</a> from github/update-v3.30.3-b660efdcf</li> <li><a href="https://github.com/github/codeql-action/commit/e68956d90b7fe2260904652cd8de5d73563e4944"><code>e68956d</code></a> Update changelog for v3.30.3</li> <li><a href="https://github.com/github/codeql-action/commit/b660efdcfdfa893d74568cd884067ed18e8d6f88"><code>b660efd</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3103">#3103</a> from github/mbg/fix/category-check</li> <li><a href="https://github.com/github/codeql-action/commit/e49458befe579c5a1088aacda9f2ae384da104ff"><code>e49458b</code></a> Fix <code>runInterpretResultsFor</code> using the wrong <code>AnalysisConfig</code> for <code>category</code> fix</li> <li><a href="https://github.com/github/codeql-action/commit/f374a62c8bedef779582aeb425a68f7798f2078c"><code>f374a62</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3098">#3098</a> from github/kaspersv/increase-overlay-base-size-limit</li> <li><a href="https://github.com/github/codeql-action/commit/5efa438e92992578d794ae4ceed960bf81011677"><code>5efa438</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3101">#3101</a> from github/mbg/public-repo-notice-in-pr-template</li> <li><a href="https://github.com/github/codeql-action/commit/8a84a62542ea24fd569eb5afdfb2507c25328ab9"><code>8a84a62</code></a> Overlay: Increase size limit for cached overlay base database</li> <li><a href="https://github.com/github/codeql-action/commit/eb50a881d87eb8488328fefe024ae2f6add8384f"><code>eb50a88</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3097">#3097</a> from github/redsun82/only-dump-sarif</li> <li><a href="https://github.com/github/codeql-action/commit/4c534612bf77788909753a5602e96710156f5758"><code>4c53461</code></a> Tweak sarif dump log</li> <li><a href="https://github.com/github/codeql-action/commit/dae3742b0a3b9e08acc580e15ef74bdc454d650a"><code>dae3742</code></a> Dump soon to be uploaded SARIF on request</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/f1f6e5f6af878fb37288ce1c627459e94dbf7d01...192325c86100d080feab897ff886c34abd4c83a3">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-09-15 12:40:44 +00:00
dependabot[bot]	0b460b8d95	ci: bump the github-actions group across 1 directory with 16 updates (#19736 ) Bumps the github-actions group with 16 updates in the / directory: \| Package \| From \| To \| \| --- \| --- \| --- \| \| [actions/checkout](https://github.com/actions/checkout) \| `4.3.0` \| `5.0.0` \| \| [crate-ci/typos](https://github.com/crate-ci/typos) \| `1.35.3` \| `1.36.2` \| \| [azure/setup-helm](https://github.com/azure/setup-helm) \| `4.3.0` \| `4.3.1` \| \| [chromaui/action](https://github.com/chromaui/action) \| `13.1.3` \| `13.1.4` \| \| [actions/setup-java](https://github.com/actions/setup-java) \| `4.7.1` \| `5.0.0` \| \| [google-github-actions/auth](https://github.com/google-github-actions/auth) \| `2.1.12` \| `3.0.0` \| \| [google-github-actions/setup-gcloud](https://github.com/google-github-actions/setup-gcloud) \| `2.2.0` \| `3.0.1` \| \| [actions/attest](https://github.com/actions/attest) \| `2.4.0` \| `3.0.0` \| \| [google-github-actions/get-gke-credentials](https://github.com/google-github-actions/get-gke-credentials) \| `2.3.4` \| `3.0.0` \| \| [actions/github-script](https://github.com/actions/github-script) \| `7.0.1` \| `8.0.0` \| \| [depot/build-push-action](https://github.com/depot/build-push-action) \| `1.15.0` \| `1.16.2` \| \| [tj-actions/changed-files](https://github.com/tj-actions/changed-files) \| `f963b3f3562b00b6d2dd25efc390eb04e51ef6c6` \| `8c14441336bb3d84fd6b7fa83b6d7201c740baf5` \| \| [nixbuild/nix-quick-install-action](https://github.com/nixbuild/nix-quick-install-action) \| `32` \| `33` \| \| [github/codeql-action](https://github.com/github/codeql-action) \| `3.29.8` \| `3.30.1` \| \| [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) \| `0.32.0` \| `0.33.1` \| \| [actions/stale](https://github.com/actions/stale) \| `9.1.0` \| `10.0.0` \| Updates `actions/checkout` from 4.3.0 to 5.0.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p> <blockquote> <h2>v5.0.0</h2> <h2>What's Changed</h2> <ul> <li>Update actions checkout to use node 24 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2226">actions/checkout#2226</a></li> <li>Prepare v5.0.0 release by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2238">actions/checkout#2238</a></li> </ul> <h2>⚠️ Minimum Compatible Runner Version</h2> <p><strong>v2.327.1</strong><br /> <a href="https://github.com/actions/runner/releases/tag/v2.327.1">Release Notes</a></p> <p>Make sure your runner is updated to this version or newer to use this release.</p> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v4...v5.0.0">https://github.com/actions/checkout/compare/v4...v5.0.0</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h2>V5.0.0</h2> <ul> <li>Update actions checkout to use node 24 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2226">actions/checkout#2226</a></li> </ul> <h2>V4.3.0</h2> <ul> <li>docs: update README.md by <a href="https://github.com/motss"><code>@motss</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li> <li>Add internal repos for checking out multiple repositories by <a href="https://github.com/mouismail"><code>@mouismail</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li> <li>Documentation update - add recommended permissions to Readme by <a href="https://github.com/benwells"><code>@benwells</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li> <li>Adjust positioning of user email note and permissions heading by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2044">actions/checkout#2044</a></li> <li>Update README.md by <a href="https://github.com/nebuk89"><code>@nebuk89</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li> <li>Update CODEOWNERS for actions by <a href="https://github.com/TingluoHuang"><code>@TingluoHuang</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2224">actions/checkout#2224</a></li> <li>Update package dependencies by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li> </ul> <h2>v4.2.2</h2> <ul> <li><code>url-helper.ts</code> now leverages well-known environment variables by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1941">actions/checkout#1941</a></li> <li>Expand unit test coverage for <code>isGhes</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1946">actions/checkout#1946</a></li> </ul> <h2>v4.2.1</h2> <ul> <li>Check out other refs/* by commit if provided, fall back to ref by <a href="https://github.com/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1924">actions/checkout#1924</a></li> </ul> <h2>v4.2.0</h2> <ul> <li>Add Ref and Commit outputs by <a href="https://github.com/lucacome"><code>@lucacome</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1180">actions/checkout#1180</a></li> <li>Dependency updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>- <a href="https://redirect.github.com/actions/checkout/pull/1777">actions/checkout#1777</a>, <a href="https://redirect.github.com/actions/checkout/pull/1872">actions/checkout#1872</a></li> </ul> <h2>v4.1.7</h2> <ul> <li>Bump the minor-npm-dependencies group across 1 directory with 4 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1739">actions/checkout#1739</a></li> <li>Bump actions/checkout from 3 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1697">actions/checkout#1697</a></li> <li>Check out other refs/* by commit by <a href="https://github.com/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1774">actions/checkout#1774</a></li> <li>Pin actions/checkout's own workflows to a known, good, stable version. by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1776">actions/checkout#1776</a></li> </ul> <h2>v4.1.6</h2> <ul> <li>Check platform to set archive extension appropriately by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1732">actions/checkout#1732</a></li> </ul> <h2>v4.1.5</h2> <ul> <li>Update NPM dependencies by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1703">actions/checkout#1703</a></li> <li>Bump github/codeql-action from 2 to 3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1694">actions/checkout#1694</a></li> <li>Bump actions/setup-node from 1 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1696">actions/checkout#1696</a></li> <li>Bump actions/upload-artifact from 2 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1695">actions/checkout#1695</a></li> <li>README: Suggest <code>user.email</code> to be <code>41898282+github-actions[bot]@users.noreply.github.com</code> by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1707">actions/checkout#1707</a></li> </ul> <h2>v4.1.4</h2> <ul> <li>Disable <code>extensions.worktreeConfig</code> when disabling <code>sparse-checkout</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1692">actions/checkout#1692</a></li> <li>Add dependabot config by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1688">actions/checkout#1688</a></li> <li>Bump the minor-actions-dependencies group with 2 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1693">actions/checkout#1693</a></li> <li>Bump word-wrap from 1.2.3 to 1.2.5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1643">actions/checkout#1643</a></li> </ul> <h2>v4.1.3</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/checkout/commit/08c6903cd8c0fde910a37f88322edcfb5dd907a8"><code>08c6903</code></a> Prepare v5.0.0 release (<a href="https://redirect.github.com/actions/checkout/issues/2238">#2238</a>)</li> <li><a href="https://github.com/actions/checkout/commit/9f265659d3bb64ab1440b03b12f4d47a24320917"><code>9f26565</code></a> Update actions checkout to use node 24 (<a href="https://redirect.github.com/actions/checkout/issues/2226">#2226</a>)</li> <li>See full diff in <a href="https://github.com/actions/checkout/compare/08eba0b27e820071cde6df949e0beb9ba4906955...08c6903cd8c0fde910a37f88322edcfb5dd907a8">compare view</a></li> </ul> </details> <br /> Updates `crate-ci/typos` from 1.35.3 to 1.36.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/crate-ci/typos/releases">crate-ci/typos's releases</a>.</em></p> <blockquote> <h2>v1.36.2</h2> <h2>[1.36.2] - 2025-09-04</h2> <h3>Fixes</h3> <ul> <li>Fix regression from 1.36.1 when rendering an error for a line with invalid UTF-8</li> </ul> <h2>v1.36.1</h2> <h2>[1.36.1] - 2025-09-03</h2> <h3>Fixes</h3> <ul> <li>Replaced the error rendering for various quality of life improvements</li> </ul> <h2>v1.36.0</h2> <h2>[1.36.0] - 2025-09-02</h2> <h3>Features</h3> <ul> <li>Updated the dictionary with the <a href="https://redirect.github.com/crate-ci/typos/issues/1345">August 2025</a> changes</li> </ul> <h2>v1.35.8</h2> <h2>[1.35.8] - 2025-09-02</h2> <h2>v1.35.7</h2> <h2>[1.35.7] - 2025-08-29</h2> <h3>Documentation</h3> <ul> <li>Expand PyPI metadata</li> </ul> <h2>v1.35.6</h2> <h2>[1.35.6] - 2025-08-28</h2> <h3>Fixes</h3> <ul> <li>Track <code>go.mod</code> as a golang file (regression from 1.13.21)</li> </ul> <h2>v1.35.5</h2> <h2>[1.35.5] - 2025-08-18</h2> <h3>Fixes</h3> <ul> <li>Fix typo in correction to <code>accidently</code></li> <li>Fix typo in correction to <code>dynamincally</code></li> <li>Fix typo in correction to <code>interruptability</code></li> <li>Fix typo in correction to <code>interruptability</code></li> <li>Fix typo in correction to <code>messager</code></li> <li>Fix typo in correction to <code>preferables</code></li> <li>Fix typo in correction to <code>producibles</code></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/crate-ci/typos/blob/master/CHANGELOG.md">crate-ci/typos's changelog</a>.</em></p> <blockquote> <h1>Change Log</h1> <p>All notable changes to this project will be documented in this file.</p> <p>The format is based on <a href="http://keepachangelog.com/">Keep a Changelog</a> and this project adheres to <a href="http://semver.org/">Semantic Versioning</a>.</p> <!-- raw HTML omitted --> <h2>[Unreleased] - ReleaseDate</h2> <h2>[1.36.2] - 2025-09-04</h2> <h3>Fixes</h3> <ul> <li>Fix regression from 1.36.1 when rendering an error for a line with invalid UTF-8</li> </ul> <h2>[1.36.1] - 2025-09-03</h2> <h3>Fixes</h3> <ul> <li>Replaced the error rendering for various quality of life improvements</li> </ul> <h2>[1.36.0] - 2025-09-02</h2> <h3>Features</h3> <ul> <li>Updated the dictionary with the <a href="https://redirect.github.com/crate-ci/typos/issues/1345">August 2025</a> changes</li> </ul> <h2>[1.35.8] - 2025-09-02</h2> <h2>[1.35.7] - 2025-08-29</h2> <h3>Documentation</h3> <ul> <li>Expand PyPI metadata</li> </ul> <h2>[1.35.6] - 2025-08-28</h2> <h3>Fixes</h3> <ul> <li>Track <code>go.mod</code> as a golang file (regression from 1.13.21)</li> </ul> <h2>[1.35.5] - 2025-08-18</h2> <h3>Fixes</h3> <ul> <li>Fix typo in correction to <code>accidently</code></li> <li>Fix typo in correction to <code>dynamincally</code></li> <li>Fix typo in correction to <code>interruptability</code></li> <li>Fix typo in correction to <code>interruptability</code></li> <li>Fix typo in correction to <code>messager</code></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/crate-ci/typos/commit/85f62a8a84f939ae994ab3763f01a0296d61a7ee"><code>85f62a8</code></a> chore: Release</li> <li><a href="https://github.com/crate-ci/typos/commit/6f26306a9140281f8f46294118abc2b5cf88a04d"><code>6f26306</code></a> docs: Update changelog</li> <li><a href="https://github.com/crate-ci/typos/commit/6bd8b39b57af405b681ed2d7d563f5cdf788388f"><code>6bd8b39</code></a> Merge pull request <a href="https://redirect.github.com/crate-ci/typos/issues/1374">#1374</a> from epage/invalid</li> <li><a href="https://github.com/crate-ci/typos/commit/f5e19d303814c9192cf68dba44e25b470ef29461"><code>f5e19d3</code></a> fix(cli): Don't panic with invalid utf-8</li> <li><a href="https://github.com/crate-ci/typos/commit/5062775d92cab861376d135b425089eba7bb719d"><code>5062775</code></a> test(cli): Generalize utf16 tests</li> <li><a href="https://github.com/crate-ci/typos/commit/b6297a6a5072df106aa9d94197f5d0533a9730bc"><code>b6297a6</code></a> chore: Release</li> <li><a href="https://github.com/crate-ci/typos/commit/e6d718928a2978481771e814abdc731cb904c980"><code>e6d7189</code></a> docs: Update changelog</li> <li><a href="https://github.com/crate-ci/typos/commit/1bf1ed2584d38a3d8f47e0715013e092bdda3cec"><code>1bf1ed2</code></a> Merge pull request <a href="https://redirect.github.com/crate-ci/typos/issues/1372">#1372</a> from epage/render</li> <li><a href="https://github.com/crate-ci/typos/commit/9e79b8d2c636476c043d040ddaa0413ad065f28b"><code>9e79b8d</code></a> refactor(cli): Give control over the whole group</li> <li><a href="https://github.com/crate-ci/typos/commit/a5fa6034532da62881f747a74e2bbc1f58886265"><code>a5fa603</code></a> refactor(cli): Extract snippet creation</li> <li>Additional commits viewable in <a href="https://github.com/crate-ci/typos/compare/52bd719c2c91f9d676e2aa359fc8e0db8925e6d8...85f62a8a84f939ae994ab3763f01a0296d61a7ee">compare view</a></li> </ul> </details> <br /> Updates `azure/setup-helm` from 4.3.0 to 4.3.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/azure/setup-helm/releases">azure/setup-helm's releases</a>.</em></p> <blockquote> <h2>v4.3.1</h2> <h3>Changed</h3> <ul> <li><a href="https://redirect.github.com/azure/setup-helm/issues/167">#167</a> <a href="https://redirect.github.com/Azure/setup-helm/pull/167">Pinning Action Dependencies for Security and Reliability</a></li> <li><a href="https://redirect.github.com/azure/setup-helm/issues/181">#181</a> <a href="https://redirect.github.com/Azure/setup-helm/pull/181">Fix types, and update node version.</a></li> <li><a href="https://redirect.github.com/azure/setup-helm/issues/191">#191</a> <a href="https://redirect.github.com/Azure/setup-helm/pull/191">chore(tests): Mock arch to make tests pass on arm host</a></li> <li><a href="https://redirect.github.com/azure/setup-helm/issues/192">#192</a> <a href="https://redirect.github.com/Azure/setup-helm/pull/192">chore: remove unnecessary prebuild script</a></li> <li><a href="https://redirect.github.com/azure/setup-helm/issues/203">#203</a> <a href="https://redirect.github.com/Azure/setup-helm/pull/203">Update helm version retrieval to use JSON output for latest version</a></li> <li><a href="https://redirect.github.com/azure/setup-helm/issues/207">#207</a> <a href="https://redirect.github.com/Azure/setup-helm/pull/207">ci(workflows): update helm version to v3.18.4 and add matrix for tests</a></li> </ul> <h3>Added</h3> <ul> <li><a href="https://redirect.github.com/azure/setup-helm/issues/197">#197</a> <a href="https://redirect.github.com/Azure/setup-helm/pull/197">Add pre-commit hook</a></li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/Azure/setup-helm/blob/main/CHANGELOG.md">azure/setup-helm's changelog</a>.</em></p> <blockquote> <h1>Change Log</h1> <h2>[4.3.1] - 2025-08-12</h2> <h3>Changed</h3> <ul> <li><a href="https://redirect.github.com/azure/setup-helm/issues/167">#167</a> <a href="https://redirect.github.com/Azure/setup-helm/pull/167">Pinning Action Dependencies for Security and Reliability</a></li> <li><a href="https://redirect.github.com/azure/setup-helm/issues/181">#181</a> <a href="https://redirect.github.com/Azure/setup-helm/pull/181">Fix types, and update node version.</a></li> <li><a href="https://redirect.github.com/azure/setup-helm/issues/191">#191</a> <a href="https://redirect.github.com/Azure/setup-helm/pull/191">chore(tests): Mock arch to make tests pass on arm host</a></li> <li><a href="https://redirect.github.com/azure/setup-helm/issues/192">#192</a> <a href="https://redirect.github.com/Azure/setup-helm/pull/192">chore: remove unnecessary prebuild script</a></li> <li><a href="https://redirect.github.com/azure/setup-helm/issues/203">#203</a> <a href="https://redirect.github.com/Azure/setup-helm/pull/203">Update helm version retrieval to use JSON output for latest version</a></li> <li><a href="https://redirect.github.com/azure/setup-helm/issues/207">#207</a> <a href="https://redirect.github.com/Azure/setup-helm/pull/207">ci(workflows): update helm version to v3.18.4 and add matrix for tests</a></li> </ul> <h3>Added</h3> <ul> <li><a href="https://redirect.github.com/azure/setup-helm/issues/197">#197</a> <a href="https://redirect.github.com/Azure/setup-helm/pull/197">Add pre-commit hook</a></li> </ul> <h2>[4.3.0] - 2025-02-15</h2> <ul> <li><a href="https://redirect.github.com/azure/setup-helm/issues/152">#152</a> feat: log when restoring from cache</li> <li><a href="https://redirect.github.com/azure/setup-helm/issues/157">#157</a> Dependencies Update</li> <li><a href="https://redirect.github.com/azure/setup-helm/issues/137">#137</a> Add dependabot</li> </ul> <h2>[4.2.0] - 2024-04-15</h2> <ul> <li><a href="https://redirect.github.com/azure/setup-helm/issues/124">#124</a> Fix OS detection and download OS-native archive extension</li> </ul> <h2>[4.1.0] - 2024-03-01</h2> <ul> <li><a href="https://redirect.github.com/azure/setup-helm/issues/130">#130</a> switches to use Helm published file to read latest version instead of using GitHub releases</li> </ul> <h2>[4.0.0] - 2024-02-12</h2> <ul> <li><a href="https://redirect.github.com/azure/setup-helm/issues/121">#121</a> update to node20 as node16 is deprecated</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/Azure/setup-helm/commit/1a275c3b69536ee54be43f2070a358922e12c8d4"><code>1a275c3</code></a> build</li> <li><a href="https://github.com/Azure/setup-helm/commit/9e7f762d6f65c7a11db6cd4eadcf3c602b273f47"><code>9e7f762</code></a> chore(release): v4.3.1 (<a href="https://redirect.github.com/azure/setup-helm/issues/208">#208</a>)</li> <li><a href="https://github.com/Azure/setup-helm/commit/c096176d63fc5e293d360dd405e4b9ab2ddadccd"><code>c096176</code></a> Bump <code>@types/node</code> from 24.1.0 to 24.2.1 in the actions group (<a href="https://redirect.github.com/azure/setup-helm/issues/206">#206</a>)</li> <li><a href="https://github.com/Azure/setup-helm/commit/5e7287287e0a62377e90be8d80c4e9520ad5676b"><code>5e72872</code></a> ci(workflows): update helm version to v3.18.4 and add matrix for tests (<a href="https://redirect.github.com/azure/setup-helm/issues/207">#207</a>)</li> <li><a href="https://github.com/Azure/setup-helm/commit/fb8fa4070642059a5ed2b5d02e2992422ebb5f09"><code>fb8fa40</code></a> Update default helm version to 3.18.3 (<a href="https://redirect.github.com/azure/setup-helm/issues/194">#194</a>)</li> <li><a href="https://github.com/Azure/setup-helm/commit/0d097290a8b8242b9d9c3aae2628122e860fea32"><code>0d09729</code></a> chore: remove unnecessary prebuild script (<a href="https://redirect.github.com/azure/setup-helm/issues/192">#192</a>)</li> <li><a href="https://github.com/Azure/setup-helm/commit/32bc12022d790ee9f7033b2b57cd5c7c309e5333"><code>32bc120</code></a> chore(tests): Mock arch to make tests pass on arm host (<a href="https://redirect.github.com/azure/setup-helm/issues/191">#191</a>)</li> <li><a href="https://github.com/Azure/setup-helm/commit/51463d68e891cc6fcd306c1f61fce342582ac53b"><code>51463d6</code></a> Bump the actions group with 2 updates (<a href="https://redirect.github.com/azure/setup-helm/issues/205">#205</a>)</li> <li><a href="https://github.com/Azure/setup-helm/commit/aff10941b250308c1eea3c6dd4a2e8602246ba0f"><code>aff1094</code></a> Bump the actions group across 1 directory with 2 updates (<a href="https://redirect.github.com/azure/setup-helm/issues/204">#204</a>)</li> <li><a href="https://github.com/Azure/setup-helm/commit/a10a5247d8e840d5e622e4e00cfc8b6103a9cafa"><code>a10a524</code></a> Update helm version retrieval to use JSON output for latest version (<a href="https://redirect.github.com/azure/setup-helm/issues/203">#203</a>)</li> <li>Additional commits viewable in <a href="https://github.com/azure/setup-helm/compare/b9e51907a09c216f16ebe8536097933489208112...1a275c3b69536ee54be43f2070a358922e12c8d4">compare view</a></li> </ul> </details> <br /> Updates `chromaui/action` from 13.1.3 to 13.1.4 <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/chromaui/action/commit/d0795df816d05c4a89c80295303970fddd247cce"><code>d0795df</code></a> v13.1.4</li> <li>See full diff in <a href="https://github.com/chromaui/action/compare/58d9ffb36c90c97a02d061544ecc849cc4a242a9...d0795df816d05c4a89c80295303970fddd247cce">compare view</a></li> </ul> </details> <br /> Updates `actions/setup-java` from 4.7.1 to 5.0.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/setup-java/releases">actions/setup-java's releases</a>.</em></p> <blockquote> <h2>v5.0.0</h2> <h2>What's Changed</h2> <h3>Breaking Changes</h3> <ul> <li>Upgrade to node 24 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/888">actions/setup-java#888</a></li> </ul> <p>Make sure your runner is updated to this version or newer to use this release. v2.327.1 <a href="https://github.com/actions/runner/releases/tag/v2.327.1">Release Notes</a></p> <h3>Dependency Upgrades</h3> <ul> <li>Upgrade Publish Immutable Action by <a href="https://github.com/HarithaVattikuti"><code>@HarithaVattikuti</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/798">actions/setup-java#798</a></li> <li>Upgrade eslint-plugin-jest from 27.9.0 to 28.11.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/setup-java/pull/730">actions/setup-java#730</a></li> <li>Upgrade undici from 5.28.5 to 5.29.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/setup-java/pull/833">actions/setup-java#833</a></li> <li>Upgrade form-data to bring in fix for critical vulnerability by <a href="https://github.com/gowridurgad"><code>@gowridurgad</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/887">actions/setup-java#887</a></li> <li>Upgrade actions/checkout from 4 to 5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/setup-java/pull/896">actions/setup-java#896</a></li> </ul> <h3>Bug Fixes</h3> <ul> <li>Prevent default installation of JetBrains pre-releases by <a href="https://github.com/priyagupta108"><code>@priyagupta108</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/859">actions/setup-java#859</a></li> <li>Improve Error Handling for Setup-Java Action to Help Debug Intermittent Failures by <a href="https://github.com/gowridurgad"><code>@gowridurgad</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/848">actions/setup-java#848</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/gowridurgad"><code>@gowridurgad</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-java/pull/848">actions/setup-java#848</a></li> <li><a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-java/pull/888">actions/setup-java#888</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/setup-java/compare/v4...v5.0.0">https://github.com/actions/setup-java/compare/v4...v5.0.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/setup-java/commit/dded0888837ed1f317902acf8a20df0ad188d165"><code>dded088</code></a> Bump actions/checkout from 4 to 5 (<a href="https://redirect.github.com/actions/setup-java/issues/896">#896</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/0913e9a06eb8b69c62db76aa61f580c2b3a5b4e0"><code>0913e9a</code></a> Upgrade to node 24 (<a href="https://redirect.github.com/actions/setup-java/issues/888">#888</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/e9343db97e09d87a3c50e544105d99fe912c204b"><code>e9343db</code></a> Bumps form-data (<a href="https://redirect.github.com/actions/setup-java/issues/887">#887</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/ae2b61dbc685e60e4427b2e8ed4f0135c6ea8597"><code>ae2b61d</code></a> Bump undici from 5.28.5 to 5.29.0 (<a href="https://redirect.github.com/actions/setup-java/issues/833">#833</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/c190c18febcf6c040d80b10ea201a05a2c320263"><code>c190c18</code></a> Bump eslint-plugin-jest from 27.9.0 to 29.0.1 (<a href="https://redirect.github.com/actions/setup-java/issues/730">#730</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/67aec007b3fcabe15ca665bfccc1e255dd52e30d"><code>67aec00</code></a> Fix: prevent default installation of JetBrains pre-releases (<a href="https://redirect.github.com/actions/setup-java/issues/859">#859</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/ebb356cc4e59bcf94f518203228485f5d40e4b58"><code>ebb356c</code></a> Improve Error Handling for Setup-Java Action to Help Debug Intermittent Failu...</li> <li><a href="https://github.com/actions/setup-java/commit/f4f1212c880fdec8162ea9a6493f4495191887b4"><code>f4f1212</code></a> Update publish-immutable-actions.yml (<a href="https://redirect.github.com/actions/setup-java/issues/798">#798</a>)</li> <li>See full diff in <a href="https://github.com/actions/setup-java/compare/c5195efecf7bdfc987ee8bae7a71cb8b11521c00...dded0888837ed1f317902acf8a20df0ad188d165">compare view</a></li> </ul> </details> <br /> Updates `google-github-actions/auth` from 2.1.12 to 3.0.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/google-github-actions/auth/releases">google-github-actions/auth's releases</a>.</em></p> <blockquote> <h2>v3.0.0</h2> <h2>What's Changed</h2> <ul> <li>Bump to Node 24 and remove old parameters by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/auth/pull/508">google-github-actions/auth#508</a></li> <li>Remove hacky script by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/auth/pull/509">google-github-actions/auth#509</a></li> <li>Release: v3.0.0 by <a href="https://github.com/google-github-actions-bot"><code>@google-github-actions-bot</code></a> in <a href="https://redirect.github.com/google-github-actions/auth/pull/510">google-github-actions/auth#510</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/google-github-actions/auth/compare/v2...v3.0.0">https://github.com/google-github-actions/auth/compare/v2...v3.0.0</a></p> <h2>v2.1.13</h2> <h2>What's Changed</h2> <ul> <li>Update deps by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/auth/pull/506">google-github-actions/auth#506</a></li> <li>Release: v2.1.13 by <a href="https://github.com/google-github-actions-bot"><code>@google-github-actions-bot</code></a> in <a href="https://redirect.github.com/google-github-actions/auth/pull/507">google-github-actions/auth#507</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/google-github-actions/auth/compare/v2.1.12...v2.1.13">https://github.com/google-github-actions/auth/compare/v2.1.12...v2.1.13</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/google-github-actions/auth/commit/7c6bc770dae815cd3e89ee6cdf493a5fab2cc093"><code>7c6bc77</code></a> Release: v3.0.0 (<a href="https://redirect.github.com/google-github-actions/auth/issues/510">#510</a>)</li> <li><a href="https://github.com/google-github-actions/auth/commit/42e4997ee345eebb9d114030d0f9e9b47829ee80"><code>42e4997</code></a> Remove hacky script (<a href="https://redirect.github.com/google-github-actions/auth/issues/509">#509</a>)</li> <li><a href="https://github.com/google-github-actions/auth/commit/5ea4dc11472eebb0a541812f1063c7d318adf57e"><code>5ea4dc1</code></a> Bump to Node 24 and remove old parameters (<a href="https://redirect.github.com/google-github-actions/auth/issues/508">#508</a>)</li> <li><a href="https://github.com/google-github-actions/auth/commit/c200f3691d83b41bf9bbd8638997a462592937ed"><code>c200f36</code></a> Release: v2.1.13 (<a href="https://redirect.github.com/google-github-actions/auth/issues/507">#507</a>)</li> <li><a href="https://github.com/google-github-actions/auth/commit/3a53be7e7cedfadb446e102fa59e97734b2ad238"><code>3a53be7</code></a> Update deps (<a href="https://redirect.github.com/google-github-actions/auth/issues/506">#506</a>)</li> <li>See full diff in <a href="https://github.com/google-github-actions/auth/compare/b7593ed2efd1c1617e1b0254da33b86225adb2a5...7c6bc770dae815cd3e89ee6cdf493a5fab2cc093">compare view</a></li> </ul> </details> <br /> Updates `google-github-actions/setup-gcloud` from 2.2.0 to 3.0.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/google-github-actions/setup-gcloud/releases">google-github-actions/setup-gcloud's releases</a>.</em></p> <blockquote> <h2>v3.0.1</h2> <h2>What's Changed</h2> <ul> <li>Release: v3.0.1 by <a href="https://github.com/google-github-actions-bot"><code>@google-github-actions-bot</code></a> in <a href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/729">google-github-actions/setup-gcloud#729</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/google-github-actions/setup-gcloud/compare/v3.0.0...v3.0.1">https://github.com/google-github-actions/setup-gcloud/compare/v3.0.0...v3.0.1</a></p> <h2>v3.0.0</h2> <h2>What's Changed</h2> <ul> <li><strong>‼️ This release requires Node 24+!</strong></li> <li><strong>‼️ The <code>skip_tool_cache</code> option has been removed!</strong> Skipping the tool cache is now the default behavior. To restore the previous behavior of using the tool cache (which is unnecessary on GitHub managed runners, but may provide performance increases on self-hosted runners), set <code>cache: true</code>.</li> </ul> <hr /> <ul> <li>Bump to node24 by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/723">google-github-actions/setup-gcloud#723</a></li> <li>Do not use the tool-cache by default by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/724">google-github-actions/setup-gcloud#724</a></li> <li>Update to use v3 references by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/725">google-github-actions/setup-gcloud#725</a></li> <li>Release: v3.0.0 by <a href="https://github.com/google-github-actions-bot"><code>@google-github-actions-bot</code></a> in <a href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/726">google-github-actions/setup-gcloud#726</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/google-github-actions/setup-gcloud/compare/v2.2.1...v3.0.0">https://github.com/google-github-actions/setup-gcloud/compare/v2.2.1...v3.0.0</a></p> <h2>v3</h2> <p>Floating v3 tag</p> <h2>v2.2.1</h2> <h2>What's Changed</h2> <ul> <li>Update deps by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/720">google-github-actions/setup-gcloud#720</a></li> <li>Bump to the latest actions-utils to fix the gen-readme bug by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/721">google-github-actions/setup-gcloud#721</a></li> <li>Release: v2.2.1 by <a href="https://github.com/google-github-actions-bot"><code>@google-github-actions-bot</code></a> in <a href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/722">google-github-actions/setup-gcloud#722</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/google-github-actions/setup-gcloud/compare/v2...v2.2.1">https://github.com/google-github-actions/setup-gcloud/compare/v2...v2.2.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/google-github-actions/setup-gcloud/commit/aa5489c8933f4cc7a4f7d45035b3b1440c9c10db"><code>aa5489c</code></a> Release: v3.0.1 (<a href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/729">#729</a>)</li> <li><a href="https://github.com/google-github-actions/setup-gcloud/commit/26f734c2779b00b7dda794207734c511110a4368"><code>26f734c</code></a> Release: v3.0.0 (<a href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/726">#726</a>)</li> <li><a href="https://github.com/google-github-actions/setup-gcloud/commit/d26df95ce13fba88a7c3f942b50bab0a6e17dc95"><code>d26df95</code></a> Update to use v3 references (<a href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/725">#725</a>)</li> <li><a href="https://github.com/google-github-actions/setup-gcloud/commit/f7c29183d6310acc4d89a82a2e4a06374e259082"><code>f7c2918</code></a> Do not use the tool-cache by default (<a href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/724">#724</a>)</li> <li><a href="https://github.com/google-github-actions/setup-gcloud/commit/6387e6954450355c9cd00e752f0b5e6a07078e1a"><code>6387e69</code></a> Bump to node24 (<a href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/723">#723</a>)</li> <li><a href="https://github.com/google-github-actions/setup-gcloud/commit/e427ad8a34f8676edf47cf7d7925499adf3eb74f"><code>e427ad8</code></a> Release: v2.2.1 (<a href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/722">#722</a>)</li> <li><a href="https://github.com/google-github-actions/setup-gcloud/commit/d71efb74bd86be0c5c0035758f8b5b9069ef835f"><code>d71efb7</code></a> Bump to the latest actions-utils to fix the gen-readme bug (<a href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/721">#721</a>)</li> <li><a href="https://github.com/google-github-actions/setup-gcloud/commit/ed8ba68de5f95fc08e400796581a06a4acab88ae"><code>ed8ba68</code></a> Update deps (<a href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/720">#720</a>)</li> <li>See full diff in <a href="https://github.com/google-github-actions/setup-gcloud/compare/cb1e50a9932213ecece00a606661ae9ca44f3397...aa5489c8933f4cc7a4f7d45035b3b1440c9c10db">compare view</a></li> </ul> </details> <br /> Updates `actions/attest` from 2.4.0 to 3.0.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/attest/releases">actions/attest's releases</a>.</em></p> <blockquote> <h2>v3.0.0</h2> <h2>What's Changed</h2> <ul> <li>Bump form-data from 4.0.0 to 4.0.4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/attest/pull/266">actions/attest#266</a></li> <li>Bump <code>@sigstore/oci</code> from 0.5.0 to 0.6.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/attest/pull/271">actions/attest#271</a></li> <li>Upgrade to Node 24 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> / <a href="https://github.com/bdehamer"><code>@bdehamer</code></a> in <a href="https://redirect.github.com/actions/attest/pull/276">actions/attest#276</a></li> <li>Improved checksum parsing by <a href="https://github.com/bdehamer"><code>@bdehamer</code></a> in <a href="https://redirect.github.com/actions/attest/pull/280">actions/attest#280</a></li> </ul> <h2>⚠️ Minimum Compatible Runner Version</h2> <p>v2.327.1 <a href="https://github.com/actions/runner/releases/tag/v2.327.1">Release Notes</a></p> <p>Make sure your runner is updated to this version or newer to use this release.</p> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/attest/compare/v2.4.0...v3.0.0">https://github.com/actions/attest/compare/v2.4.0...v3.0.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/attest/commit/daf44fb950173508f38bd2406030372c1d1162b1"><code>daf44fb</code></a> improved checksum parsing (<a href="https://redirect.github.com/actions/attest/issues/280">#280</a>)</li> <li><a href="https://github.com/actions/attest/commit/eda10f897a7c40837fe73266c10a25e1046b87ff"><code>eda10f8</code></a> Upgrade to Node 24 (<a href="https://redirect.github.com/actions/attest/issues/276">#276</a>)</li> <li><a href="https://github.com/actions/attest/commit/1e2321d2815b6c07c5479f3309d67a7698b091a1"><code>1e2321d</code></a> remove super-linter (<a href="https://redirect.github.com/actions/attest/issues/283">#283</a>)</li> <li><a href="https://github.com/actions/attest/commit/aecfe99586992ebf9c025e2fb6ebb78f4f445055"><code>aecfe99</code></a> Bump the npm-development group across 1 directory with 4 updates (<a href="https://redirect.github.com/actions/attest/issues/282">#282</a>)</li> <li><a href="https://github.com/actions/attest/commit/03f25d860248eee1946e81e6ad8d2420e4de03f3"><code>03f25d8</code></a> Bump the npm-development group with 4 updates (<a href="https://redirect.github.com/actions/attest/issues/273">#273</a>)</li> <li><a href="https://github.com/actions/attest/commit/0fca5a6fa3c943b77f214acb62a366c247a8469e"><code>0fca5a6</code></a> use absolute path in linter config (<a href="https://redirect.github.com/actions/attest/issues/275">#275</a>)</li> <li><a href="https://github.com/actions/attest/commit/238c03f77f9c851e5129d01004ff41fa0c755c35"><code>238c03f</code></a> Bump actions/checkout from 4 to 5 (<a href="https://redirect.github.com/actions/attest/issues/272">#272</a>)</li> <li><a href="https://github.com/actions/attest/commit/9c3e2717a6a9e8eafa4f389f0874b682bcb6f052"><code>9c3e271</code></a> Bump <code>@sigstore/oci</code> from 0.5.0 to 0.6.0 (<a href="https://redirect.github.com/actions/attest/issues/271">#271</a>)</li> <li><a href="https://github.com/actions/attest/commit/b40d9fa17a9e7bc51fb727ac9b6dae3ea1da6fa3"><code>b40d9fa</code></a> Bump the npm-development group with 8 updates (<a href="https://redirect.github.com/actions/attest/issues/270">#270</a>)</li> <li><a href="https://github.com/actions/attest/commit/e831e0e28dfaff51bc0c846aef5bb4195609318f"><code>e831e0e</code></a> Bump form-data from 4.0.0 to 4.0.4 (<a href="https://redirect.github.com/actions/attest/issues/266">#266</a>)</li> <li>Additional commits viewable in <a href="https://github.com/actions/attest/compare/ce27ba3b4a9a139d9a20a4a07d69fabb52f1e5bc...daf44fb950173508f38bd2406030372c1d1162b1">compare view</a></li> </ul> </details> <br /> Updates `google-github-actions/get-gke-credentials` from 2.3.4 to 3.0.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/google-github-actions/get-gke-credentials/releases">google-github-actions/get-gke-credentials's releases</a>.</em></p> <blockquote> <h2>v3.0.0</h2> <h2>What's Changed</h2> <ul> <li>Bump to Node 24 by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/339">google-github-actions/get-gke-credentials#339</a></li> <li>Release: v3.0.0 by <a href="https://github.com/google-github-actions-bot"><code>@google-github-actions-bot</code></a> in <a href="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/340">google-github-actions/get-gke-credentials#340</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/google-github-actions/get-gke-credentials/compare/v2...v3.0.0">https://github.com/google-github-actions/get-gke-credentials/compare/v2...v3.0.0</a></p> <h2>v2.3.5</h2> <h2>What's Changed</h2> <ul> <li>Update deps by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/337">google-github-actions/get-gke-credentials#337</a></li> <li>Release: v2.3.5 by <a href="https://github.com/google-github-actions-bot"><code>@google-github-actions-bot</code></a> in <a href="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/338">google-github-actions/get-gke-credentials#338</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/google-github-actions/get-gke-credentials/compare/v2.3.4...v2.3.5">https://github.com/google-github-actions/get-gke-credentials/compare/v2.3.4...v2.3.5</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/google-github-actions/get-gke-credentials/commit/3da1e46a907576cefaa90c484278bb5b259dd395"><code>3da1e46</code></a> Release: v3.0.0 (<a href="https://redirect.github.com/google-github-actions/get-gke-credentials/issues/340">#340</a>)</li> <li><a href="https://github.com/google-github-actions/get-gke-credentials/commit/a1565805d2a41ba5f23190da0a27b6c53ae74250"><code>a156580</code></a> Bump to Node 24 (<a href="https://redirect.github.com/google-github-actions/get-gke-credentials/issues/339">#339</a>)</li> <li><a href="https://github.com/google-github-actions/get-gke-credentials/commit/64bc7249bbcf78056bb92f14d3cedc2da193946c"><code>64bc724</code></a> Release: v2.3.5 (<a href="https://redirect.github.com/google-github-actions/get-gke-credentials/issues/338">#338</a>)</li> <li><a href="https://github.com/google-github-actions/get-gke-credentials/commit/9de2e29024e4aeff8cf37aaa326508267ea011fc"><code>9de2e29</code></a> Update deps (<a href="https://redirect.github.com/google-github-actions/get-gke-credentials/issues/337">#337</a>)</li> <li>See full diff in <a href="https://github.com/google-github-actions/get-gke-credentials/compare/8e574c49425fa7efed1e74650a449bfa6a23308a...3da1e46a907576cefaa90c484278bb5b259dd395">compare view</a></li> </ul> </details> <br /> Updates `actions/github-script` from 7.0.1 to 8.0.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/github-script/releases">actions/github-script's releases</a>.</em></p> <blockquote> <h2>v8.0.0</h2> <h2>What's Changed</h2> <ul> <li>Update Node.js version support to 24.x by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/637">actions/github-script#637</a></li> <li>README for updating actions/github-script from v7 to v8 by <a href="https://github.com/sneha-krip"><code>@sneha-krip</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/653">actions/github-script#653</a></li> </ul> <h2>⚠️ Minimum Compatible Runner Version</h2> <p><strong>v2.327.1</strong><br /> <a href="https://github.com/actions/runner/releases/tag/v2.327.1">Release Notes</a></p> <p>Make sure your runner is updated to this version or newer to use this release.</p> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> made their first contribution in <a href="https://redirect.github.com/actions/github-script/pull/637">actions/github-script#637</a></li> <li><a href="https://github.com/sneha-krip"><code>@sneha-krip</code></a> made their first contribution in <a href="https://redirect.github.com/actions/github-script/pull/653">actions/github-script#653</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/github-script/compare/v7.1.0...v8.0.0">https://github.com/actions/github-script/compare/v7.1.0...v8.0.0</a></p> <h2>v7.1.0</h2> <h2>What's Changed</h2> <ul> <li>Upgrade husky to v9 by <a href="https://github.com/benelan"><code>@benelan</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/482">actions/github-script#482</a></li> <li>Add workflow file for publishing releases to immutable action package by <a href="https://github.com/Jcambass"><code>@Jcambass</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/485">actions/github-script#485</a></li> <li>Upgrade IA Publish by <a href="https://github.com/Jcambass"><code>@Jcambass</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/486">actions/github-script#486</a></li> <li>Fix workflow status badges by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/497">actions/github-script#497</a></li> <li>Update usage of <code>actions/upload-artifact</code> by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/512">actions/github-script#512</a></li> <li>Clear up package name confusion by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/514">actions/github-script#514</a></li> <li>Update dependencies with <code>npm audit fix</code> by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/515">actions/github-script#515</a></li> <li>Specify that the used script is JavaScript by <a href="https://github.com/timotk"><code>@timotk</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/478">actions/github-script#478</a></li> <li>chore: Add Dependabot for NPM and Actions by <a href="https://github.com/nschonni"><code>@nschonni</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/472">actions/github-script#472</a></li> <li>Define <code>permissions</code> in workflows and update actions by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/531">actions/github-script#531</a></li> <li>chore: Add Dependabot for .github/actions/install-dependencies by <a href="https://github.com/nschonni"><code>@nschonni</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/532">actions/github-script#532</a></li> <li>chore: Remove .vscode settings by <a href="https://github.com/nschonni"><code>@nschonni</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/533">actions/github-script#533</a></li> <li>ci: Use github/setup-licensed by <a href="https://github.com/nschonni"><code>@nschonni</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/473">actions/github-script#473</a></li> <li>make octokit instance available as octokit on top of github, to make it easier to seamlessly copy examples from GitHub rest api or octokit documentations by <a href="https://github.com/iamstarkov"><code>@iamstarkov</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/508">actions/github-script#508</a></li> <li>Remove <code>octokit</code> README updates for v7 by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/557">actions/github-script#557</a></li> <li>docs: add "exec" usage examples by <a href="https://github.com/neilime"><code>@neilime</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/546">actions/github-script#546</a></li> <li>Bump ruby/setup-ruby from 1.213.0 to 1.222.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/github-script/pull/563">actions/github-script#563</a></li> <li>Bump ruby/setup-ruby from 1.222.0 to 1.229.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/github-script/pull/575">actions/github-script#575</a></li> <li>Clearly document passing inputs to the <code>script</code> by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/603">actions/github-script#603</a></li> <li>Update README.md by <a href="https://github.com/nebuk89"><code>@nebuk89</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/610">actions/github-script#610</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/benelan"><code>@benelan</code></a> made their first contribution in <a href="https://redirect.github.com/actions/github-script/pull/482">actions/github-script#482</a></li> <li><a href="https://github.com/Jcambass"><code>@Jcambass</code></a> made their first contribution in <a href="https://redirect.github.com/actions/github-script/pull/485">actions/github-script#485</a></li> <li><a href="https://github.com/timotk"><code>@timotk</code></a> made their first contribution in <a href="https://redirect.github.com/actions/github-script/pull/478">actions/github-script#478</a></li> <li><a href="https://github.com/iamstarkov"><code>@iamstarkov</code></a> made their first contribution in <a href="https://redirect.github.com/actions/github-script/pull/508">actions/github-script#508</a></li> <li><a href="https://github.com/neilime"><code>@neilime</code></a> made their first contribution in <a href="https://redirect.github.com/actions/github-script/pull/546">actions/github-script#546</a></li> <li><a href="https://github.com/nebuk89"><code>@nebuk89</code></a> made their first contribution in <a href="https://redirect.github.com/actions/github-script/pull/610">actions/github-script#610</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/github-script/compare/v7...v7.1.0">https://github.com/actions/github-script/compare/v7...v7.1.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/github-script/commit/ed597411d8f924073f98dfc5c65a23a2325f34cd"><code>ed59741</code></a> Merge pull request <a href="https://redirect.github.com/actions/github-script/issues/653">#653</a> from actions/sneha-krip/readme-for-v8</li> <li><a href="https://github.com/actions/github-script/commit/2dc352e4baefd91bec0d06f6ae2f1045d1687ca3"><code>2dc352e</code></a> Bold minimum Actions Runner version in README</li> <li><a href="https://github.com/actions/github-script/commit/01e118c8d0d22115597e46514b5794e7bc3d56f1"><code>01e118c</code></a> Update README for Node 24 runtime requirements</li> <li><a href="https://github.com/actions/github-script/commit/8b222ac82eda86dcad7795c9d49b839f7bf5b18b"><code>8b222ac</code></a> Apply suggestion from <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a></li> <li><a href="https://github.com/actions/github-script/commit/adc0eeac992408a7b276994ca87edde1c8ce4d25"><code>adc0eea</code></a> README for updating actions/github-script from v7 to v8</li> <li><a href="https://github.com/actions/github-script/commit/20fe497b3fe0c7be8aae5c9df711ac716dc9c425"><code>20fe497</code></a> Merge pull request <a href="https://redirect.github.com/actions/github-script/issues/637">#637</a> from actions/node24</li> <li><a href="https://github.com/actions/github-script/commit/e7b7f222b11a03e8b695c4c7afba89a02ea20164"><code>e7b7f22</code></a> update licenses</li> <li><a href="https://github.com/actions/github-script/commit/2c81ba05f308415d095291e6eeffe983d822345b"><code>2c81ba0</code></a> Update Node.js version support to 24.x</li> <li><a href="https://github.com/actions/github-script/commit/f28e40c7f34bde8b3046d885e986cb6290c5673b"><code>f28e40c</code></a> Merge pull request <a href="https://redirect.github.com/actions/github-script/issues/610">#610</a> from actions/nebuk89-patch-1</li> <li><a href="https://github.com/actions/github-script/commit/1ae9958572fde544457e4d51aed5ea044e8936f3"><code>1ae9958</code></a> Update README.md</li> <li>Additional commits viewable in <a href="https://github.com/actions/github-script/compare/60a0d83039c74a4aee543508d2ffcb1c3799cdea...ed597411d8f924073f98dfc5c65a23a2325f34cd">compare view</a></li> </ul> </details> <br /> Updates `depot/build-push-action` from 1.15.0 to 1.16.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/depot/build-push-action/releases">depot/build-push-action's releases</a>.</em></p> <blockquote> <h2>v1.16.2</h2> <h2>What's Changed</h2> <ul> <li>Use ubuntu-latest for release workflow (<a href="https://redirect.github.com/depot/build-push-action/issues/42">#42</a>) <a href="https://github.com/jacobwgillespie"><code>@jacobwgillespie</code></a></li> </ul> <h2>v1.16.1</h2> <h2>What's Changed</h2> <ul> <li>Update <code>@depot/actions-public-oidc-client</code> to v1.1.0 (<a href="https://redirect.github.com/depot/build-push-action/issues/41">#41</a>) <a href="https://github.com/jacobwgillespie"><code>@jacobwgillespie</code></a></li> </ul> <h2>v1.16.0</h2> <h2>What's Changed</h2> <ul> <li>Add support for annotations (<a href="https://redirect.github.com/depot/build-push-action/issues/38">#38</a>) <a href="https://github.com/zanieb"><code>@zanieb</code></a></li> <li>feat: add <code>save-tags</code> for multiple depot registry tags (<a href="https://redirect.github.com/depot/build-push-action/issues/40">#40</a>) <a href="https://github.com/goller"><code>@goller</code></a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/depot/build-push-action/commit/9785b135c3c76c33db102e45be96a25ab55cd507"><code>9785b13</code></a> Merge pull request <a href="https://redirect.github.com/depot/build-push-action/issues/42">#42</a> from depot/latest</li> <li><a href="https://github.com/depot/build-push-action/commit/7a65e80415392c68bece25b0881703a9ff3e55c5"><code>7a65e80</code></a> Use ubuntu-latest for release workflow</li> <li><a href="https://github.com/depot/build-push-action/commit/0781b3393f28b17fe7982ea3fabe715825b35fad"><code>0781b33</code></a> Merge pull request <a href="https://redirect.github.com/depot/build-push-action/issues/41">#41</a> from depot/updates</li> <li><a href="https://github.com/depot/build-push-action/commit/d5d8e086fdcca080fa6279ece582eee909994026"><code>d5d8e08</code></a> Deduplicate dependencies</li> <li><a href="https://github.com/depot/build-push-action/commit/801feb102f76406603cd2a12b4146a7e5af86a34"><code>801feb1</code></a> Update <code>@depot/actions-public-oidc-client</code> to v1.1.0</li> <li><a href="https://github.com/depot/build-push-action/commit/0b7423b11016b0349604e22d7ea01b078bed6c70"><code>0b7423b</code></a> Merge pull request <a href="https://redirect.github.com/depot/build-push-action/issues/38">#38</a> from zanieb/zb/annotations</li> <li><a href="https://github.com/depot/build-push-action/commit/57a5fb2c1acdc2d3fa72bcd36b20f1ea326890de"><code>57a5fb2</code></a> Merge branch 'main' into zb/annotations</li> <li><a href="https://github.com/depot/build-push-action/commit/3ebc0d44eced926ba1bb3f8d1e29794031973ca1"><code>3ebc0d4</code></a> Merge pull request <a href="https://redirect.github.com/depot/build-push-action/issues/40">#40</a> from depot/feat/save-tags</li> <li><a href="https://github.com/depot/build-push-action/commit/d662c5a48fd5747bf4dce16d8484eb3ebf98ad2c"><code>d662c5a</code></a> feat: add <code>save-tags</code> for multiple depot registry tags</li> <li><a href="https://github.com/depot/build-push-action/commit/06fcbb73efc9fb42f4df83c43e283a2170c8f9cf"><code>06fcbb7</code></a> Add support for annotations</li> <li>See full diff in <a href="https://github.com/depot/build-push-action/compare/2583627a84956d07561420dcc1d0eb1f2af3fac0...9785b135c3c76c33db102e45be96a25ab55cd507">compare view</a></li> </ul> </details> <br /> Updates `tj-actions/changed-files` from f963b3f3562b00b6d2dd25efc390eb04e51ef6c6 to 8c14441336bb3d84fd6b7fa83b6d7201c740baf5 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.4...v46.0.5">46.0.5</a> - (2025-04-09)</h1> <h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2> <ul> <li><strong>deps:</strong> Bump yaml from 2.7.0 to 2.7.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2520">#2520</a>) (<a href="https://github.com/tj-actions/changed-files/commit/ed68ef82c095e0d48ec87eccea555d944a631a4c">ed68ef8</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump typescript from 5.8.2 to 5.8.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2516">#2516</a>) (<a href="https://github.com/tj-actions/changed-files/commit/a7bc14b808f23d3b467a4079c69a81f1a4500fd5">a7bc14b</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 22.13.11 to 22.14.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2517">#2517</a>) (<a href="https://github.com/tj-actions/changed-files/commit/3d751f6b6d84071a17e1b9cf4ed79a80a27dd0ab">3d751f6</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump eslint-plugin-prettier from 5.2.3 to 5.2.6 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2519">#2519</a>) (<a href="https://github.com/tj-actions/changed-files/commit/e2fda4ec3cb0bc2a353843cae823430b3124db8f">e2fda4e</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump ts-jest from 29.2.6 to 29.3.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2518">#2518</a>) (<a href="https://github.com/tj-actions/changed-files/commit/0bed1b1132ec4879a39a2d624cf82a00d0bcfa48">0bed1b1</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.28.12 to 3.28.15 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2530">#2530</a>) (<a href="https://github.com/tj-actions/changed-files/commit/68024587dc36f49685c96d59d3f1081830f968bb">6802458</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump tj-actions/branch-names from 8.0.1 to 8.1.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2521">#2521</a>) (<a href="https://github.com/tj-actions/changed-files/commit/cf2e39e86bf842d1f9bc5bca56c0a6b207cca792">cf2e39e</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump tj-actions/verify-changed-files from 20.0.1 to 20.0.4 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2523">#2523</a>) (<a href="https://github.com/tj-actions/changed-files/commit/6abeaa506a419f85fa9e681260b443adbeebb3d4">6abeaa5</a>) - (dependabot[bot])</li> </ul> <h2><!-- raw HTML omitted -->⬆️ Upgrades</h2> <ul> <li>Upgraded to v46.0.4 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2511">#2511</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/6f67ee9ac810f0192ea7b3d2086406f97847bcf9">6f67ee9</a>) - (github-actions[bot])</p> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.3...v46.0.4">46.0.4</a> - (2025-04-03)</h1> <h2><!-- raw HTML omitted -->🐛 Bug Fixes</h2> <ul> <li>Bug modified_keys and changed_key outputs not set when no changes detected (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2509">#2509</a>) (<a href="https://github.com/tj-actions/changed-files/commit/6cb76d07bee4c9772c6882c06c37837bf82a04d3">6cb76d0</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->📚 Documentation</h2> <ul> <li>Update readme (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2508">#2508</a>) (<a href="https://github.com/tj-actions/changed-files/commit/b74df86ccb65173a8e33ba5492ac1a2ca6b216fd">b74df86</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->⬆️ Upgrades</h2> <ul> <li>Upgraded to v46.0.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2506">#2506</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> Co-authored-by: Tonye Jack <a href="mailto:jtonye@ymail.com">jtonye@ymail.com</a> (<a href="https://github.com/tj-actions/changed-files/commit/27ae6b33eaed7bf87272fdeb9f1c54f9facc9d99">27ae6b3</a>) - (github-actions[bot])</p> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.2...v46.0.3">46.0.3</a> - (2025-03-23)</h1> <h2><!-- raw HTML omitted -->🔄 Update</h2> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2501">#2501</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/41e0de576a0f2b64d9f06f2773f539109e55a70a">41e0de5</a>) - (github-actions[bot])</p> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2499">#2499</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/945787811a795cd840a1157ac590dd7827a05c8e">9457878</a>) - (github-actions[bot])</p> <h2><!-- raw HTML omitted -->📚 Documentation</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tj-actions/changed-files/commit/8c14441336bb3d84fd6b7fa83b6d7201c740baf5"><code>8c14441</code></a> chore(deps): bump actions/setup-node from 4.4.0 to 5.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2656">#2656</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/e995ac4be5be2bcb6e29556edc51fb63aca6b49b"><code>e995ac4</code></a> chore(deps-dev): bump <code>@types/node</code> from 24.3.0 to 24.3.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2657">#2657</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/3b04099b21072562f07469c10deb182b24236ca9"><code>3b04099</code></a> chore(deps-dev): bump <code>@types/node</code> from 24.2.1 to 24.3.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2649">#2649</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/e7b6c977e51984988e3cc1d6b18abe2a3ba8daaa"><code>e7b6c97</code></a> chore(deps): bump github/codeql-action from 3.29.9 to 3.29.11 (<a href="h... _Description has been truncated_ Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-09-08 11:55:07 +00:00
Jon Ayers	252f7d461e	chore: pin dependencies in Dockerfiles (#19587 ) Fixes up some security issues related to lack of pinned dependencies	2025-08-27 18:41:28 -04:00
Dean Sheather	8d0bc485df	chore: add actionlint and zizmor linters (#19459 )	2025-08-21 22:14:43 +10:00
Jon Ayers	e99c33e0d1	chore: restrict who can make releases (#19326 ) This PR confines who can run the `Release` action to members with `maintain` or above	2025-08-12 23:43:28 -04:00
Ethan	fb8036a154	ci: fix gcp service accounts (#19312 ) Service accounts got deleted, oops	2025-08-12 22:02:56 +10:00
dependabot[bot]	cbcdda25dc	ci: bump the github-actions group with 8 updates (#19293 ) Bumps the github-actions group with 8 updates: \| Package \| From \| To \| \| --- \| --- \| --- \| \| [actions/checkout](https://github.com/actions/checkout) \| `4.2.2` \| `4.3.0` \| \| [actions/cache](https://github.com/actions/cache) \| `4.2.3` \| `4.2.4` \| \| [crate-ci/typos](https://github.com/crate-ci/typos) \| `1.34.0` \| `1.35.3` \| \| [docker/login-action](https://github.com/docker/login-action) \| `3.4.0` \| `3.5.0` \| \| [google-github-actions/setup-gcloud](https://github.com/google-github-actions/setup-gcloud) \| `2.1.5` \| `2.2.0` \| \| [actions/download-artifact](https://github.com/actions/download-artifact) \| `4.3.0` \| `5.0.0` \| \| [tj-actions/changed-files](https://github.com/tj-actions/changed-files) \| `c2ca2493190021783138cb8aac49bcee14b4bb89` \| `f963b3f3562b00b6d2dd25efc390eb04e51ef6c6` \| \| [github/codeql-action](https://github.com/github/codeql-action) \| `3.29.7` \| `3.29.8` \| Updates `actions/checkout` from 4.2.2 to 4.3.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p> <blockquote> <h2>v4.3.0</h2> <h2>What's Changed</h2> <ul> <li>docs: update README.md by <a href="https://github.com/motss"><code>@motss</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li> <li>Add internal repos for checking out multiple repositories by <a href="https://github.com/mouismail"><code>@mouismail</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li> <li>Documentation update - add recommended permissions to Readme by <a href="https://github.com/benwells"><code>@benwells</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li> <li>Adjust positioning of user email note and permissions heading by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2044">actions/checkout#2044</a></li> <li>Update README.md by <a href="https://github.com/nebuk89"><code>@nebuk89</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li> <li>Update CODEOWNERS for actions by <a href="https://github.com/TingluoHuang"><code>@TingluoHuang</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2224">actions/checkout#2224</a></li> <li>Update package dependencies by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li> <li>Prepare release v4.3.0 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2237">actions/checkout#2237</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/motss"><code>@motss</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li> <li><a href="https://github.com/mouismail"><code>@mouismail</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li> <li><a href="https://github.com/benwells"><code>@benwells</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li> <li><a href="https://github.com/nebuk89"><code>@nebuk89</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li> <li><a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v4...v4.3.0">https://github.com/actions/checkout/compare/v4...v4.3.0</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h2>V4.3.0</h2> <ul> <li>docs: update README.md by <a href="https://github.com/motss"><code>@motss</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li> <li>Add internal repos for checking out multiple repositories by <a href="https://github.com/mouismail"><code>@mouismail</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li> <li>Documentation update - add recommended permissions to Readme by <a href="https://github.com/benwells"><code>@benwells</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li> <li>Adjust positioning of user email note and permissions heading by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2044">actions/checkout#2044</a></li> <li>Update README.md by <a href="https://github.com/nebuk89"><code>@nebuk89</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li> <li>Update CODEOWNERS for actions by <a href="https://github.com/TingluoHuang"><code>@TingluoHuang</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2224">actions/checkout#2224</a></li> <li>Update package dependencies by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li> </ul> <h2>v4.2.2</h2> <ul> <li><code>url-helper.ts</code> now leverages well-known environment variables by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1941">actions/checkout#1941</a></li> <li>Expand unit test coverage for <code>isGhes</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1946">actions/checkout#1946</a></li> </ul> <h2>v4.2.1</h2> <ul> <li>Check out other refs/* by commit if provided, fall back to ref by <a href="https://github.com/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1924">actions/checkout#1924</a></li> </ul> <h2>v4.2.0</h2> <ul> <li>Add Ref and Commit outputs by <a href="https://github.com/lucacome"><code>@lucacome</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1180">actions/checkout#1180</a></li> <li>Dependency updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>- <a href="https://redirect.github.com/actions/checkout/pull/1777">actions/checkout#1777</a>, <a href="https://redirect.github.com/actions/checkout/pull/1872">actions/checkout#1872</a></li> </ul> <h2>v4.1.7</h2> <ul> <li>Bump the minor-npm-dependencies group across 1 directory with 4 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1739">actions/checkout#1739</a></li> <li>Bump actions/checkout from 3 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1697">actions/checkout#1697</a></li> <li>Check out other refs/* by commit by <a href="https://github.com/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1774">actions/checkout#1774</a></li> <li>Pin actions/checkout's own workflows to a known, good, stable version. by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1776">actions/checkout#1776</a></li> </ul> <h2>v4.1.6</h2> <ul> <li>Check platform to set archive extension appropriately by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1732">actions/checkout#1732</a></li> </ul> <h2>v4.1.5</h2> <ul> <li>Update NPM dependencies by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1703">actions/checkout#1703</a></li> <li>Bump github/codeql-action from 2 to 3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1694">actions/checkout#1694</a></li> <li>Bump actions/setup-node from 1 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1696">actions/checkout#1696</a></li> <li>Bump actions/upload-artifact from 2 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1695">actions/checkout#1695</a></li> <li>README: Suggest <code>user.email</code> to be <code>41898282+github-actions[bot]@users.noreply.github.com</code> by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1707">actions/checkout#1707</a></li> </ul> <h2>v4.1.4</h2> <ul> <li>Disable <code>extensions.worktreeConfig</code> when disabling <code>sparse-checkout</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1692">actions/checkout#1692</a></li> <li>Add dependabot config by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1688">actions/checkout#1688</a></li> <li>Bump the minor-actions-dependencies group with 2 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1693">actions/checkout#1693</a></li> <li>Bump word-wrap from 1.2.3 to 1.2.5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1643">actions/checkout#1643</a></li> </ul> <h2>v4.1.3</h2> <ul> <li>Check git version before attempting to disable <code>sparse-checkout</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1656">actions/checkout#1656</a></li> <li>Add SSH user parameter by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1685">actions/checkout#1685</a></li> <li>Update <code>actions/checkout</code> version in <code>update-main-version.yml</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1650">actions/checkout#1650</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/checkout/commit/08eba0b27e820071cde6df949e0beb9ba4906955"><code>08eba0b</code></a> Prepare release v4.3.0 (<a href="https://redirect.github.com/actions/checkout/issues/2237">#2237</a>)</li> <li><a href="https://github.com/actions/checkout/commit/631c7dc4f80f88219c5ee78fee08c6b62fac8da1"><code>631c7dc</code></a> Update package dependencies (<a href="https://redirect.github.com/actions/checkout/issues/2236">#2236</a>)</li> <li><a href="https://github.com/actions/checkout/commit/8edcb1bdb4e267140fa742c62e395cd74f332709"><code>8edcb1b</code></a> Update CODEOWNERS for actions (<a href="https://redirect.github.com/actions/checkout/issues/2224">#2224</a>)</li> <li><a href="https://github.com/actions/checkout/commit/09d2acae674a48949e3602304ab46fd20ae0c42f"><code>09d2aca</code></a> Update README.md (<a href="https://redirect.github.com/actions/checkout/issues/2194">#2194</a>)</li> <li><a href="https://github.com/actions/checkout/commit/85e6279cec87321a52edac9c87bce653a07cf6c2"><code>85e6279</code></a> Adjust positioning of user email note and permissions heading (<a href="https://redirect.github.com/actions/checkout/issues/2044">#2044</a>)</li> <li><a href="https://github.com/actions/checkout/commit/009b9ae9e446ad8d9b8c809870b0fbcc5e03573e"><code>009b9ae</code></a> Documentation update - add recommended permissions to Readme (<a href="https://redirect.github.com/actions/checkout/issues/2043">#2043</a>)</li> <li><a href="https://github.com/actions/checkout/commit/cbb722410c2e876e24abbe8de2cc27693e501dcb"><code>cbb7224</code></a> Update README.md (<a href="https://redirect.github.com/actions/checkout/issues/1977">#1977</a>)</li> <li><a href="https://github.com/actions/checkout/commit/3b9b8c884f6b4bb4d5be2779c26374abadae0871"><code>3b9b8c8</code></a> docs: update README.md (<a href="https://redirect.github.com/actions/checkout/issues/1971">#1971</a>)</li> <li>See full diff in <a href="https://github.com/actions/checkout/compare/11bd71901bbe5b1630ceea73d27597364c9af683...08eba0b27e820071cde6df949e0beb9ba4906955">compare view</a></li> </ul> </details> <br /> Updates `actions/cache` from 4.2.3 to 4.2.4 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/cache/releases">actions/cache's releases</a>.</em></p> <blockquote> <h2>v4.2.4</h2> <h2>What's Changed</h2> <ul> <li>Update README.md by <a href="https://github.com/nebuk89"><code>@nebuk89</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1620">actions/cache#1620</a></li> <li>Upgrade <code>@actions/cache</code> to <code>4.0.5</code> and move <code>@protobuf-ts/plugin</code> to dev depdencies by <a href="https://github.com/Link"><code>@Link</code></a>- in <a href="https://redirect.github.com/actions/cache/pull/1634">actions/cache#1634</a></li> <li>Prepare release <code>4.2.4</code> by <a href="https://github.com/Link"><code>@Link</code></a>- in <a href="https://redirect.github.com/actions/cache/pull/1636">actions/cache#1636</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/nebuk89"><code>@nebuk89</code></a> made their first contribution in <a href="https://redirect.github.com/actions/cache/pull/1620">actions/cache#1620</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/cache/compare/v4...v4.2.4">https://github.com/actions/cache/compare/v4...v4.2.4</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/cache/blob/main/RELEASES.md">actions/cache's changelog</a>.</em></p> <blockquote> <h1>Releases</h1> <h3>4.2.4</h3> <ul> <li>Bump <code>@actions/cache</code> to v4.0.5</li> </ul> <h3>4.2.3</h3> <ul> <li>Bump <code>@actions/cache</code> to v4.0.3 (obfuscates SAS token in debug logs for cache entries)</li> </ul> <h3>4.2.2</h3> <ul> <li>Bump <code>@actions/cache</code> to v4.0.2</li> </ul> <h3>4.2.1</h3> <ul> <li>Bump <code>@actions/cache</code> to v4.0.1</li> </ul> <h3>4.2.0</h3> <p>TLDR; The cache backend service has been rewritten from the ground up for improved performance and reliability. <a href="https://github.com/actions/cache">actions/cache</a> now integrates with the new cache service (v2) APIs.</p> <p>The new service will gradually roll out as of <strong>February 1st, 2025</strong>. The legacy service will also be sunset on the same date. Changes in these release are <strong>fully backward compatible</strong>.</p> <p><strong>We are deprecating some versions of this action</strong>. We recommend upgrading to version <code>v4</code> or <code>v3</code> as soon as possible before <strong>February 1st, 2025.</strong> (Upgrade instructions below).</p> <p>If you are using pinned SHAs, please use the SHAs of versions <code>v4.2.0</code> or <code>v3.4.0</code></p> <p>If you do not upgrade, all workflow runs using any of the deprecated <a href="https://github.com/actions/cache">actions/cache</a> will fail.</p> <p>Upgrading to the recommended versions will not break your workflows.</p> <h3>4.1.2</h3> <ul> <li>Add GitHub Enterprise Cloud instances hostname filters to inform API endpoint choices - <a href="https://redirect.github.com/actions/cache/pull/1474">#1474</a></li> <li>Security fix: Bump braces from 3.0.2 to 3.0.3 - <a href="https://redirect.github.com/actions/cache/pull/1475">#1475</a></li> </ul> <h3>4.1.1</h3> <ul> <li>Restore original behavior of <code>cache-hit</code> output - <a href="https://redirect.github.com/actions/cache/pull/1467">#1467</a></li> </ul> <h3>4.1.0</h3> <ul> <li>Ensure <code>cache-hit</code> output is set when a cache is missed - <a href="https://redirect.github.com/actions/cache/pull/1404">#1404</a></li> <li>Deprecate <code>save-always</code> input - <a href="https://redirect.github.com/actions/cache/pull/1452">#1452</a></li> </ul> <h3>4.0.2</h3> <ul> <li>Fixed restore <code>fail-on-cache-miss</code> not working.</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/cache/commit/0400d5f644dc74513175e3cd8d07132dd4860809"><code>0400d5f</code></a> Merge pull request <a href="https://redirect.github.com/actions/cache/issues/1636">#1636</a> from actions/Link-/release-4.2.4</li> <li><a href="https://github.com/actions/cache/commit/374a27f26986edd8c430f386d152a856e179c0ae"><code>374a27f</code></a> Prepare release 4.2.4</li> <li><a href="https://github.com/actions/cache/commit/358a7306cd9d78ceffc19271e69cd8528462fccf"><code>358a730</code></a> Merge pull request <a href="https://redirect.github.com/actions/cache/issues/1634">#1634</a> from actions/Link-/optimise-deps</li> <li><a href="https://github.com/actions/cache/commit/2ee706ef74683b68fd97d45e549070fc28642768"><code>2ee706e</code></a> Fix with another approach</li> <li><a href="https://github.com/actions/cache/commit/94f7b5d9135a3af2d928e87120da293c9a920f90"><code>94f7b5d</code></a> Fix bundle exec</li> <li><a href="https://github.com/actions/cache/commit/c36116c3f4852e9868973e98be949d101f296afa"><code>c36116c</code></a> Fix the workflow to use licensed from source</li> <li><a href="https://github.com/actions/cache/commit/320fe7d56bfd8d9e7b7694dce399643f5b61d580"><code>320fe7d</code></a> Update the licensed workflow to use the latest version</li> <li><a href="https://github.com/actions/cache/commit/d81cc477d92d48462edee5b1e53b15613993e818"><code>d81cc47</code></a> Add licensed output</li> <li><a href="https://github.com/actions/cache/commit/de243982c557f21f36de55f0c01cd6a8e7a6aa71"><code>de24398</code></a> Add licensed output</li> <li><a href="https://github.com/actions/cache/commit/e7b6a9cc9d34d03fd2bf2834b35a8b9e82faa8e5"><code>e7b6a9c</code></a> <code>@protobuf-ts/plugin</code> to dev dependencies</li> <li>Additional commits viewable in <a href="https://github.com/actions/cache/compare/5a3ec84eff668545956fd18022155c47e93e2684...0400d5f644dc74513175e3cd8d07132dd4860809">compare view</a></li> </ul> </details> <br /> Updates `crate-ci/typos` from 1.34.0 to 1.35.3 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/crate-ci/typos/releases">crate-ci/typos's releases</a>.</em></p> <blockquote> <h2>v1.35.3</h2> <h2>[1.35.3] - 2025-08-08</h2> <h3>Fixes</h3> <ul> <li>Don't correct <code>ratatui</code> in Rust files</li> </ul> <h2>v1.35.2</h2> <h2>[1.35.2] - 2025-08-07</h2> <h3>Fixes</h3> <ul> <li>Don't correct <code>unmarshaling</code></li> </ul> <h2>v1.35.1</h2> <h2>[1.35.1] - 2025-08-04</h2> <h3>Fixes</h3> <ul> <li>Fix typo in correction to <code>apostroph</code></li> <li>Fix typo in correction to <code>cordinate</code></li> <li>Fix typo in correction to <code>reproduceability</code></li> <li>Fix typo in correction to <code>revolutionss</code></li> <li>Fix typo in correction to <code>transivity</code></li> </ul> <h2>v1.35.0</h2> <h2>[1.35.0] - 2025-08-04</h2> <h3>Features</h3> <ul> <li>Updated the dictionary with the <a href="https://redirect.github.com/crate-ci/typos/issues/1331">July 2025</a> changes</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/crate-ci/typos/blob/master/CHANGELOG.md">crate-ci/typos's changelog</a>.</em></p> <blockquote> <h1>Change Log</h1> <p>All notable changes to this project will be documented in this file.</p> <p>The format is based on <a href="http://keepachangelog.com/">Keep a Changelog</a> and this project adheres to <a href="http://semver.org/">Semantic Versioning</a>.</p> <!-- raw HTML omitted --> <h2>[Unreleased] - ReleaseDate</h2> <h2>[1.35.3] - 2025-08-08</h2> <h3>Fixes</h3> <ul> <li>Don't correct <code>ratatui</code> in Rust files</li> </ul> <h2>[1.35.2] - 2025-08-07</h2> <h3>Fixes</h3> <ul> <li>Don't correct <code>unmarshaling</code></li> </ul> <h2>[1.35.1] - 2025-08-04</h2> <h3>Fixes</h3> <ul> <li>Fix typo in correction to <code>apostroph</code></li> <li>Fix typo in correction to <code>cordinate</code></li> <li>Fix typo in correction to <code>reproduceability</code></li> <li>Fix typo in correction to <code>revolutionss</code></li> <li>Fix typo in correction to <code>transivity</code></li> </ul> <h2>[1.35.0] - 2025-08-04</h2> <h3>Features</h3> <ul> <li>Updated the dictionary with the <a href="https://redirect.github.com/crate-ci/typos/issues/1331">July 2025</a> changes</li> </ul> <h2>[1.34.0] - 2025-06-30</h2> <h3>Features</h3> <ul> <li>Updated the dictionary with the <a href="https://redirect.github.com/crate-ci/typos/issues/1309">June 2025</a> changes</li> </ul> <h2>[1.33.1] - 2025-06-02</h2> <h3>Fixes</h3> <ul> <li><em>(dict)</em> Don't correct <code>wasn't</code> to <code>wasm't</code></li> </ul> <h2>[1.33.0] - 2025-06-02</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/crate-ci/typos/commit/52bd719c2c91f9d676e2aa359fc8e0db8925e6d8"><code>52bd719</code></a> chore: Release</li> <li><a href="https://github.com/crate-ci/typos/commit/c6f77dda9e9bf82551f03a500347eb06ce8a90b1"><code>c6f77dd</code></a> docs: Update changelog</li> <li><a href="https://github.com/crate-ci/typos/commit/e35d08c453d5ac2a4630b633dbb63e819b129193"><code>e35d08c</code></a> Merge pull request <a href="https://redirect.github.com/crate-ci/typos/issues/1353">#1353</a> from Rolv-Apneseth/ratatui</li> <li><a href="https://github.com/crate-ci/typos/commit/9d6691bc8cf087436d192d03414b9c2420570343"><code>9d6691b</code></a> fix: Ignore <code>ratatui</code> in Rust files</li> <li><a href="https://github.com/crate-ci/typos/commit/f1231bc2bcc92b2b18da70a877cf89afce08dd42"><code>f1231bc</code></a> chore: Release</li> <li><a href="https://github.com/crate-ci/typos/commit/66def6387b9bb7954423333521eed23e75651f6e"><code>66def63</code></a> docs: Update changelog</li> <li><a href="https://github.com/crate-ci/typos/commit/623f09b5bc658227e7e051fc494f3af24030d1cf"><code>623f09b</code></a> chore: Release</li> <li><a href="https://github.com/crate-ci/typos/commit/1080316783320230c1f65e1c374e44dfc13829c6"><code>1080316</code></a> chore: Release</li> <li><a href="https://github.com/crate-ci/typos/commit/442605b52920ac6faab2e457d3bafc0a6d05a5d1"><code>442605b</code></a> Merge pull request <a href="https://redirect.github.com/crate-ci/typos/issues/1352">#1352</a> from epage/marshaling</li> <li><a href="https://github.com/crate-ci/typos/commit/983f866bac2164c77fc4ad8a06cdb0738c38ddba"><code>983f866</code></a> fix(dict): Don't correct marshaling</li> <li>Additional commits viewable in <a href="https://github.com/crate-ci/typos/compare/392b78fe18a52790c53f42456e46124f77346842...52bd719c2c91f9d676e2aa359fc8e0db8925e6d8">compare view</a></li> </ul> </details> <br /> Updates `docker/login-action` from 3.4.0 to 3.5.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/login-action/releases">docker/login-action's releases</a>.</em></p> <blockquote> <h2>v3.5.0</h2> <ul> <li>Support dual-stack endpoints for AWS ECR by <a href="https://github.com/Spacefish"><code>@Spacefish</code></a> <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/login-action/pull/874">docker/login-action#874</a> <a href="https://redirect.github.com/docker/login-action/pull/876">docker/login-action#876</a></li> <li>Bump <code>@aws-sdk/client-ecr</code> to 3.859.0 in <a href="https://redirect.github.com/docker/login-action/pull/860">docker/login-action#860</a> <a href="https://redirect.github.com/docker/login-action/pull/878">docker/login-action#878</a></li> <li>Bump <code>@aws-sdk/client-ecr-public</code> to 3.859.0 in <a href="https://redirect.github.com/docker/login-action/pull/860">docker/login-action#860</a> <a href="https://redirect.github.com/docker/login-action/pull/878">docker/login-action#878</a></li> <li>Bump <code>@docker/actions-toolkit</code> from 0.57.0 to 0.62.1 in <a href="https://redirect.github.com/docker/login-action/pull/870">docker/login-action#870</a></li> <li>Bump form-data from 2.5.1 to 2.5.5 in <a href="https://redirect.github.com/docker/login-action/pull/875">docker/login-action#875</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/login-action/compare/v3.4.0...v3.5.0">https://github.com/docker/login-action/compare/v3.4.0...v3.5.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/docker/login-action/commit/184bdaa0721073962dff0199f1fb9940f07167d1"><code>184bdaa</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/878">#878</a> from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...</li> <li><a href="https://github.com/docker/login-action/commit/5c6bc94683baa064818f51e7417087c2ac58b32c"><code>5c6bc94</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/login-action/commit/caf405864315c6006c5581b540e5047cf728b4e7"><code>caf4058</code></a> build(deps): bump the aws-sdk-dependencies group with 2 updates</li> <li><a href="https://github.com/docker/login-action/commit/ef38ec311a7df3f01475313e7c5bb584b74b112a"><code>ef38ec3</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/860">#860</a> from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...</li> <li><a href="https://github.com/docker/login-action/commit/d52e8ef81c0de894e9c95bed8de0ee5955ec7eb7"><code>d52e8ef</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/login-action/commit/9644ab7025be3206ff4b12f1531a1b6919022b00"><code>9644ab7</code></a> build(deps): bump the aws-sdk-dependencies group with 2 updates</li> <li><a href="https://github.com/docker/login-action/commit/7abd1d512621d8896b31f4ea992d207f15915ad6"><code>7abd1d5</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/875">#875</a> from docker/dependabot/npm_and_yarn/form-data-2.5.5</li> <li><a href="https://github.com/docker/login-action/commit/1a81202c4fda440f3b33eca3381d5d39c7efe85e"><code>1a81202</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/876">#876</a> from crazy-max/aws-public-dual-stack</li> <li><a href="https://github.com/docker/login-action/commit/d1ab30dc54161cbfd704562857677edf4dd7837a"><code>d1ab30d</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/login-action/commit/f25ff28d1c8cd9a7c35896711238fed682755e1c"><code>f25ff28</code></a> support dual-stack for aws public ecr</li> <li>Additional commits viewable in <a href="https://github.com/docker/login-action/compare/74a5d142397b4f367a81961eba4e8cd7edddf772...184bdaa0721073962dff0199f1fb9940f07167d1">compare view</a></li> </ul> </details> <br /> Updates `google-github-actions/setup-gcloud` from 2.1.5 to 2.2.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/google-github-actions/setup-gcloud/releases">google-github-actions/setup-gcloud's releases</a>.</em></p> <blockquote> <h2>v2.2.0</h2> <h2>What's Changed</h2> <ul> <li>Introduce an option to skip the tool cache by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/718">google-github-actions/setup-gcloud#718</a></li> <li>Release: v2.2.0 by <a href="https://github.com/google-github-actions-bot"><code>@google-github-actions-bot</code></a> in <a href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/719">google-github-actions/setup-gcloud#719</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/google-github-actions/setup-gcloud/compare/v2.1.5...v2.2.0">https://github.com/google-github-actions/setup-gcloud/compare/v2.1.5...v2.2.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/google-github-actions/setup-gcloud/commit/cb1e50a9932213ecece00a606661ae9ca44f3397"><code>cb1e50a</code></a> Release: v2.2.0 (<a href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/719">#719</a>)</li> <li><a href="https://github.com/google-github-actions/setup-gcloud/commit/ef52f8c087fe78d43262625448b746144fe6448c"><code>ef52f8c</code></a> Introduce an option to skip the tool cache (<a href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/718">#718</a>)</li> <li>See full diff in <a href="https://github.com/google-github-actions/setup-gcloud/compare/6a7c903a70c8625ed6700fa299f5ddb4ca6022e9...cb1e50a9932213ecece00a606661ae9ca44f3397">compare view</a></li> </ul> </details> <br /> Updates `actions/download-artifact` from 4.3.0 to 5.0.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/download-artifact/releases">actions/download-artifact's releases</a>.</em></p> <blockquote> <h2>v5.0.0</h2> <h2>What's Changed</h2> <ul> <li>Update README.md by <a href="https://github.com/nebuk89"><code>@nebuk89</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/407">actions/download-artifact#407</a></li> <li>BREAKING fix: inconsistent path behavior for single artifact downloads by ID by <a href="https://github.com/GrantBirki"><code>@GrantBirki</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/416">actions/download-artifact#416</a></li> </ul> <h2>v5.0.0</h2> <h3>🚨 Breaking Change</h3> <p>This release fixes an inconsistency in path behavior for single artifact downloads by ID. <strong>If you're downloading single artifacts by ID, the output path may change.</strong></p> <h4>What Changed</h4> <p>Previously, <strong>single artifact downloads</strong> behaved differently depending on how you specified the artifact:</p> <ul> <li><strong>By name</strong>: <code>name: my-artifact</code> → extracted to <code>path/</code> (direct)</li> <li><strong>By ID</strong>: <code>artifact-ids: 12345</code> → extracted to <code>path/my-artifact/</code> (nested)</li> </ul> <p>Now both methods are consistent:</p> <ul> <li><strong>By name</strong>: <code>name: my-artifact</code> → extracted to <code>path/</code> (unchanged)</li> <li><strong>By ID</strong>: <code>artifact-ids: 12345</code> → extracted to <code>path/</code> (fixed - now direct)</li> </ul> <h4>Migration Guide</h4> <h5>✅ No Action Needed If:</h5> <ul> <li>You download artifacts by <strong>name</strong></li> <li>You download <strong>multiple</strong> artifacts by ID</li> <li>You already use <code>merge-multiple: true</code> as a workaround</li> </ul> <h5>⚠️ Action Required If:</h5> <p>You download <strong>single artifacts by ID</strong> and your workflows expect the nested directory structure.</p> <p><strong>Before v5 (nested structure):</strong></p> <pre lang="yaml"><code>- uses: actions/download-artifact@v4 with: artifact-ids: 12345 path: dist # Files were in: dist/my-artifact/ </code></pre> <blockquote> <p>Where <code>my-artifact</code> is the name of the artifact you previously uploaded</p> </blockquote> <p><strong>To maintain old behavior (if needed):</strong></p> <pre lang="yaml"><code></tr></table> </code></pre> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/download-artifact/commit/634f93cb2916e3fdff6788551b99b062d0335ce0"><code>634f93c</code></a> Merge pull request <a href="https://redirect.github.com/actions/download-artifact/issues/416">#416</a> from actions/single-artifact-id-download-path</li> <li><a href="https://github.com/actions/download-artifact/commit/b19ff4302770b82aa4694b63703b547756dacce6"><code>b19ff43</code></a> refactor: resolve download path correctly in artifact download tests (mainly ...</li> <li><a href="https://github.com/actions/download-artifact/commit/e262cbee4ab8c473c61c59a81ad8e9dc760e90db"><code>e262cbe</code></a> bundle dist</li> <li><a href="https://github.com/actions/download-artifact/commit/bff23f9308ceb2f06d673043ea6311519be6a87b"><code>bff23f9</code></a> update docs</li> <li><a href="https://github.com/actions/download-artifact/commit/fff8c148a8fdd56aa81fcb019f0b5f6c65700c4d"><code>fff8c14</code></a> fix download path logic when downloading a single artifact by id</li> <li><a href="https://github.com/actions/download-artifact/commit/448e3f862ab3ef47aa50ff917776823c9946035b"><code>448e3f8</code></a> Merge pull request <a href="https://redirect.github.com/actions/download-artifact/issues/407">#407</a> from actions/nebuk89-patch-1</li> <li><a href="https://github.com/actions/download-artifact/commit/47225c44b359a5155efdbbbc352041b3e249fb1b"><code>47225c4</code></a> Update README.md</li> <li>See full diff in <a href="https://github.com/actions/download-artifact/compare/d3f86a106a0bac45b974a628896c90dbdf5c8093...634f93cb2916e3fdff6788551b99b062d0335ce0">compare view</a></li> </ul> </details> <br /> Updates `tj-actions/changed-files` from c2ca2493190021783138cb8aac49bcee14b4bb89 to f963b3f3562b00b6d2dd25efc390eb04e51ef6c6 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.4...v46.0.5">46.0.5</a> - (2025-04-09)</h1> <h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2> <ul> <li><strong>deps:</strong> Bump yaml from 2.7.0 to 2.7.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2520">#2520</a>) (<a href="https://github.com/tj-actions/changed-files/commit/ed68ef82c095e0d48ec87eccea555d944a631a4c">ed68ef8</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump typescript from 5.8.2 to 5.8.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2516">#2516</a>) (<a href="https://github.com/tj-actions/changed-files/commit/a7bc14b808f23d3b467a4079c69a81f1a4500fd5">a7bc14b</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 22.13.11 to 22.14.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2517">#2517</a>) (<a href="https://github.com/tj-actions/changed-files/commit/3d751f6b6d84071a17e1b9cf4ed79a80a27dd0ab">3d751f6</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump eslint-plugin-prettier from 5.2.3 to 5.2.6 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2519">#2519</a>) (<a href="https://github.com/tj-actions/changed-files/commit/e2fda4ec3cb0bc2a353843cae823430b3124db8f">e2fda4e</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump ts-jest from 29.2.6 to 29.3.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2518">#2518</a>) (<a href="https://github.com/tj-actions/changed-files/commit/0bed1b1132ec4879a39a2d624cf82a00d0bcfa48">0bed1b1</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.28.12 to 3.28.15 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2530">#2530</a>) (<a href="https://github.com/tj-actions/changed-files/commit/68024587dc36f49685c96d59d3f1081830f968bb">6802458</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump tj-actions/branch-names from 8.0.1 to 8.1.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2521">#2521</a>) (<a href="https://github.com/tj-actions/changed-files/commit/cf2e39e86bf842d1f9bc5bca56c0a6b207cca792">cf2e39e</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump tj-actions/verify-changed-files from 20.0.1 to 20.0.4 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2523">#2523</a>) (<a href="https://github.com/tj-actions/changed-files/commit/6abeaa506a419f85fa9e681260b443adbeebb3d4">6abeaa5</a>) - (dependabot[bot])</li> </ul> <h2><!-- raw HTML omitted -->⬆️ Upgrades</h2> <ul> <li>Upgraded to v46.0.4 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2511">#2511</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/6f67ee9ac810f0192ea7b3d2086406f97847bcf9">6f67ee9</a>) - (github-actions[bot])</p> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.3...v46.0.4">46.0.4</a> - (2025-04-03)</h1> <h2><!-- raw HTML omitted -->🐛 Bug Fixes</h2> <ul> <li>Bug modified_keys and changed_key outputs not set when no changes detected (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2509">#2509</a>) (<a href="https://github.com/tj-actions/changed-files/commit/6cb76d07bee4c9772c6882c06c37837bf82a04d3">6cb76d0</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->📚 Documentation</h2> <ul> <li>Update readme (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2508">#2508</a>) (<a href="https://github.com/tj-actions/changed-files/commit/b74df86ccb65173a8e33ba5492ac1a2ca6b216fd">b74df86</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->⬆️ Upgrades</h2> <ul> <li>Upgraded to v46.0.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2506">#2506</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> Co-authored-by: Tonye Jack <a href="mailto:jtonye@ymail.com">jtonye@ymail.com</a> (<a href="https://github.com/tj-actions/changed-files/commit/27ae6b33eaed7bf87272fdeb9f1c54f9facc9d99">27ae6b3</a>) - (github-actions[bot])</p> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.2...v46.0.3">46.0.3</a> - (2025-03-23)</h1> <h2><!-- raw HTML omitted -->🔄 Update</h2> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2501">#2501</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/41e0de576a0f2b64d9f06f2773f539109e55a70a">41e0de5</a>) - (github-actions[bot])</p> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2499">#2499</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/945787811a795cd840a1157ac590dd7827a05c8e">9457878</a>) - (github-actions[bot])</p> <h2><!-- raw HTML omitted -->📚 Documentation</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tj-actions/changed-files/commit/f963b3f3562b00b6d2dd25efc390eb04e51ef6c6"><code>f963b3f</code></a> chore(deps-dev): bump <code>@types/node</code> from 24.1.0 to 24.2.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2640">#2640</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/f956744105e18d78bba3844a1199ce43d6503017"><code>f956744</code></a> chore(deps): bump actions/download-artifact from 4.3.0 to 5.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2641">#2641</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/9009babdfafec9874564eacad3fb7006205ba31a"><code>9009bab</code></a> chore(deps): bump yaml from 2.8.0 to 2.8.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2642">#2642</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/2ecafed8a9a7bcf95ff103a3753b27e044af2736"><code>2ecafed</code></a> chore(deps-dev): bump eslint-plugin-prettier from 5.5.3 to 5.5.4 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2643">#2643</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/8cdfb7636d150253dee416a80f11c67f5ba7e9be"><code>8cdfb76</code></a> chore(deps): bump tj-actions/eslint-changed-files from 25.3.1 to 25.3.2 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2638">#2638</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/087c158d0f1269d7ac8571378b39f3130f96a736"><code>087c158</code></a> chore(deps-dev): bump ts-jest from 29.4.0 to 29.4.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2639">#2639</a>)</li> <li>See full diff in <a href="https://github.com/tj-actions/changed-files/compare/c2ca2493190021783138cb8aac49bcee14b4bb89...f963b3f3562b00b6d2dd25efc390eb04e51ef6c6">compare view</a></li> </ul> </details> <br /> Updates `github/codeql-action` from 3.29.7 to 3.29.8 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action's releases</a>.</em></p> <blockquote> <h2>v3.29.8</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>3.29.8 - 08 Aug 2025</h2> <ul> <li>Fix an issue where the Action would autodetect unsupported languages such as HTML. <a href="https://redirect.github.com/github/codeql-action/pull/3015">#3015</a></li> </ul> <p>See the full <a href="https://github.com/github/codeql-action/blob/v3.29.8/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>3.29.8 - 08 Aug 2025</h2> <ul> <li>Fix an issue where the Action would autodetect unsupported languages such as HTML. <a href="https://redirect.github.com/github/codeql-action/pull/3015">#3015</a></li> </ul> <h2>3.29.7 - 07 Aug 2025</h2> <p>This release rolls back 3.29.6 to address issues with language autodetection. It is identical to 3.29.5.</p> <h2>3.29.6 - 07 Aug 2025</h2> <ul> <li>The <code>cleanup-level</code> input to the <code>analyze</code> Action is now deprecated. The CodeQL Action has written a limited amount of intermediate results to the database since version 2.2.5, and now automatically manages cleanup. <a href="https://redirect.github.com/github/codeql-action/pull/2999">#2999</a></li> <li>Update default CodeQL bundle version to 2.22.3. <a href="https://redirect.github.com/github/codeql-action/pull/3000">#3000</a></li> </ul> <h2>3.29.5 - 29 Jul 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.22.2. <a href="https://redirect.github.com/github/codeql-action/pull/2986">#2986</a></li> </ul> <h2>3.29.4 - 23 Jul 2025</h2> <p>No user facing changes.</p> <h2>3.29.3 - 21 Jul 2025</h2> <p>No user facing changes.</p> <h2>3.29.2 - 30 Jun 2025</h2> <ul> <li>Experimental: When the <code>quality-queries</code> input for the <code>init</code> action is provided with an argument, separate <code>.quality.sarif</code> files are produced and uploaded for each language with the results of the specified queries. Do not use this in production as it is part of an internal experiment and subject to change at any time. <a href="https://redirect.github.com/github/codeql-action/pull/2935">#2935</a></li> </ul> <h2>3.29.1 - 27 Jun 2025</h2> <ul> <li>Fix bug in PR analysis where user-provided <code>include</code> query filter fails to exclude non-included queries. <a href="https://redirect.github.com/github/codeql-action/pull/2938">#2938</a></li> <li>Update default CodeQL bundle version to 2.22.1. <a href="https://redirect.github.com/github/codeql-action/pull/2950">#2950</a></li> </ul> <h2>3.29.0 - 11 Jun 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.22.0. <a href="https://redirect.github.com/github/codeql-action/pull/2925">#2925</a></li> <li>Bump minimum CodeQL bundle version to 2.16.6. <a href="https://redirect.github.com/github/codeql-action/pull/2912">#2912</a></li> </ul> <h2>3.28.21 - 28 July 2025</h2> <p>No user facing changes.</p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/76621b61decf072c1cee8dd1ce2d2a82d33c17ed"><code>76621b6</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3019">#3019</a> from github/update-v3.29.8-679a40d33</li> <li><a href="https://github.com/github/codeql-action/commit/29ac3cefbb645d41622f6f9baa1415e06d73cf06"><code>29ac3ce</code></a> Add release notes for 3.29.7</li> <li><a href="https://github.com/github/codeql-action/commit/737cfdebe687c6e720fb99761f23d89751c3b93a"><code>737cfde</code></a> Update changelog for v3.29.8</li> <li><a href="https://github.com/github/codeql-action/commit/679a40d337fedd9b7318253dd72bfe7dc6d1886c"><code>679a40d</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3014">#3014</a> from github/henrymercer/rebuild-dispatch</li> <li><a href="https://github.com/github/codeql-action/commit/6fe50b283a3d2e5533299f72d99216cd8815500f"><code>6fe50b2</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3015">#3015</a> from github/henrymercer/language-autodetection-worka...</li> <li><a href="https://github.com/github/codeql-action/commit/6bc91d64f66d435200c8ba85c64878c3cbfad33b"><code>6bc91d6</code></a> Add changelog note</li> <li><a href="https://github.com/github/codeql-action/commit/6b4fedca4f3428195d7ba1ca7c7404f9ea472911"><code>6b4fedc</code></a> Bump Action patch version</li> <li><a href="https://github.com/github/codeql-action/commit/5794ffcb4ab0e87e4b8a8446ef048488303db295"><code>5794ffc</code></a> Fix auto-detection of extractors that aren't languages</li> <li><a href="https://github.com/github/codeql-action/commit/bd62bf449cd8695f818546752cc8157693e1716c"><code>bd62bf4</code></a> Finish in-progress merges</li> <li><a href="https://github.com/github/codeql-action/commit/2afb4e6f3c84ec0534284f2b47ae8206dcb401bf"><code>2afb4e6</code></a> Avoid specifying branch unnecessarily</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/51f77329afa6477de8c49fc9c7046c15b9a4e79d...76621b61decf072c1cee8dd1ce2d2a82d33c17ed">compare view</a></li> </ul> </details> <br /> <details> <summary>Most Recent Ignore Conditions Applied to This Pull Request</summary> \| Dependency Name \| Ignore Conditions \| \| --- \| --- \| \| crate-ci/typos \| [>= 1.30.a, < 1.31] \| </details> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-08-11 16:10:46 +00:00
Jakub Domeracki	5d42b1861e	fix: upload the slim binaries from the build directory to the GCS bucket (#19281 ) Updated the upload script to copy the slim binaries from the ./build directory to the GCS bucket (instead of the ./site/out/bin directory)	2025-08-11 12:54:44 +02:00
Jakub Domeracki	408e19fd98	fix: adjust the condition to actually run this step from release branches (#19187 ) fix: adjust the condition to actually run this step from release branches	2025-08-06 10:06:23 +02:00
dependabot[bot]	5df3bf713c	ci: bump the github-actions group with 6 updates (#19149 ) Bumps the github-actions group with 6 updates: \| Package \| From \| To \| \| --- \| --- \| --- \| \| [step-security/harden-runner](https://github.com/step-security/harden-runner) \| `2.12.2` \| `2.13.0` \| \| [chromaui/action](https://github.com/chromaui/action) \| `13.1.2` \| `13.1.3` \| \| [google-github-actions/auth](https://github.com/google-github-actions/auth) \| `2.1.11` \| `2.1.12` \| \| [tj-actions/changed-files](https://github.com/tj-actions/changed-files) \| `055970845dd036d7345da7399b7e89f2e10f2b04` \| `c2ca2493190021783138cb8aac49bcee14b4bb89` \| \| [tj-actions/branch-names](https://github.com/tj-actions/branch-names) \| `8.2.1` \| `9.0.2` \| \| [github/codeql-action](https://github.com/github/codeql-action) \| `3.29.3` \| `3.29.5` \| Updates `step-security/harden-runner` from 2.12.2 to 2.13.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's releases</a>.</em></p> <blockquote> <h2>v2.13.0</h2> <h2>What's Changed</h2> <ul> <li>Improved job markdown summary</li> <li>Https monitoring for all domains (included with the enterprise tier)</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2...v2.13.0">https://github.com/step-security/harden-runner/compare/v2...v2.13.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/step-security/harden-runner/commit/ec9f2d5744a09debf3a187a3f4f675c53b671911"><code>ec9f2d5</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/565">#565</a> from step-security/rc-24</li> <li><a href="https://github.com/step-security/harden-runner/commit/04bcbc31cfcefe0cf4720832008735021cec5ec4"><code>04bcbc3</code></a> update agent</li> <li><a href="https://github.com/step-security/harden-runner/commit/7c7a56fcaa124ab72fff1cc3e81257f264fd7317"><code>7c7a56f</code></a> feat: get job summary from API</li> <li>See full diff in <a href="https://github.com/step-security/harden-runner/compare/v2.12.2...ec9f2d5744a09debf3a187a3f4f675c53b671911">compare view</a></li> </ul> </details> <br /> Updates `chromaui/action` from 13.1.2 to 13.1.3 <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/chromaui/action/commit/58d9ffb36c90c97a02d061544ecc849cc4a242a9"><code>58d9ffb</code></a> v13.1.3</li> <li>See full diff in <a href="https://github.com/chromaui/action/compare/4d8ebd13658d795114f8051e25c28d66f14886c6...58d9ffb36c90c97a02d061544ecc849cc4a242a9">compare view</a></li> </ul> </details> <br /> Updates `google-github-actions/auth` from 2.1.11 to 2.1.12 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/google-github-actions/auth/releases">google-github-actions/auth's releases</a>.</em></p> <blockquote> <h2>v2.1.12</h2> <h2>What's Changed</h2> <ul> <li>Add retries for getIDToken by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/auth/pull/502">google-github-actions/auth#502</a></li> <li>Release: v2.1.12 by <a href="https://github.com/google-github-actions-bot"><code>@google-github-actions-bot</code></a> in <a href="https://redirect.github.com/google-github-actions/auth/pull/503">google-github-actions/auth#503</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/google-github-actions/auth/compare/v2.1.11...v2.1.12">https://github.com/google-github-actions/auth/compare/v2.1.11...v2.1.12</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/google-github-actions/auth/commit/b7593ed2efd1c1617e1b0254da33b86225adb2a5"><code>b7593ed</code></a> Release: v2.1.12 (<a href="https://redirect.github.com/google-github-actions/auth/issues/503">#503</a>)</li> <li><a href="https://github.com/google-github-actions/auth/commit/c1ee334b4fb145a02e9d8343bb2e9f0dd06e586b"><code>c1ee334</code></a> Add retries for getIDToken (<a href="https://redirect.github.com/google-github-actions/auth/issues/502">#502</a>)</li> <li>See full diff in <a href="https://github.com/google-github-actions/auth/compare/140bb5113ffb6b65a7e9b937a81fa96cf5064462...b7593ed2efd1c1617e1b0254da33b86225adb2a5">compare view</a></li> </ul> </details> <br /> Updates `tj-actions/changed-files` from 055970845dd036d7345da7399b7e89f2e10f2b04 to c2ca2493190021783138cb8aac49bcee14b4bb89 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.4...v46.0.5">46.0.5</a> - (2025-04-09)</h1> <h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2> <ul> <li><strong>deps:</strong> Bump yaml from 2.7.0 to 2.7.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2520">#2520</a>) (<a href="https://github.com/tj-actions/changed-files/commit/ed68ef82c095e0d48ec87eccea555d944a631a4c">ed68ef8</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump typescript from 5.8.2 to 5.8.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2516">#2516</a>) (<a href="https://github.com/tj-actions/changed-files/commit/a7bc14b808f23d3b467a4079c69a81f1a4500fd5">a7bc14b</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 22.13.11 to 22.14.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2517">#2517</a>) (<a href="https://github.com/tj-actions/changed-files/commit/3d751f6b6d84071a17e1b9cf4ed79a80a27dd0ab">3d751f6</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump eslint-plugin-prettier from 5.2.3 to 5.2.6 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2519">#2519</a>) (<a href="https://github.com/tj-actions/changed-files/commit/e2fda4ec3cb0bc2a353843cae823430b3124db8f">e2fda4e</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump ts-jest from 29.2.6 to 29.3.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2518">#2518</a>) (<a href="https://github.com/tj-actions/changed-files/commit/0bed1b1132ec4879a39a2d624cf82a00d0bcfa48">0bed1b1</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.28.12 to 3.28.15 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2530">#2530</a>) (<a href="https://github.com/tj-actions/changed-files/commit/68024587dc36f49685c96d59d3f1081830f968bb">6802458</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump tj-actions/branch-names from 8.0.1 to 8.1.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2521">#2521</a>) (<a href="https://github.com/tj-actions/changed-files/commit/cf2e39e86bf842d1f9bc5bca56c0a6b207cca792">cf2e39e</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump tj-actions/verify-changed-files from 20.0.1 to 20.0.4 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2523">#2523</a>) (<a href="https://github.com/tj-actions/changed-files/commit/6abeaa506a419f85fa9e681260b443adbeebb3d4">6abeaa5</a>) - (dependabot[bot])</li> </ul> <h2><!-- raw HTML omitted -->⬆️ Upgrades</h2> <ul> <li>Upgraded to v46.0.4 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2511">#2511</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/6f67ee9ac810f0192ea7b3d2086406f97847bcf9">6f67ee9</a>) - (github-actions[bot])</p> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.3...v46.0.4">46.0.4</a> - (2025-04-03)</h1> <h2><!-- raw HTML omitted -->🐛 Bug Fixes</h2> <ul> <li>Bug modified_keys and changed_key outputs not set when no changes detected (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2509">#2509</a>) (<a href="https://github.com/tj-actions/changed-files/commit/6cb76d07bee4c9772c6882c06c37837bf82a04d3">6cb76d0</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->📚 Documentation</h2> <ul> <li>Update readme (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2508">#2508</a>) (<a href="https://github.com/tj-actions/changed-files/commit/b74df86ccb65173a8e33ba5492ac1a2ca6b216fd">b74df86</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->⬆️ Upgrades</h2> <ul> <li>Upgraded to v46.0.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2506">#2506</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> Co-authored-by: Tonye Jack <a href="mailto:jtonye@ymail.com">jtonye@ymail.com</a> (<a href="https://github.com/tj-actions/changed-files/commit/27ae6b33eaed7bf87272fdeb9f1c54f9facc9d99">27ae6b3</a>) - (github-actions[bot])</p> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.2...v46.0.3">46.0.3</a> - (2025-03-23)</h1> <h2><!-- raw HTML omitted -->🔄 Update</h2> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2501">#2501</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/41e0de576a0f2b64d9f06f2773f539109e55a70a">41e0de5</a>) - (github-actions[bot])</p> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2499">#2499</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/945787811a795cd840a1157ac590dd7827a05c8e">9457878</a>) - (github-actions[bot])</p> <h2><!-- raw HTML omitted -->📚 Documentation</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tj-actions/changed-files/commit/c2ca2493190021783138cb8aac49bcee14b4bb89"><code>c2ca249</code></a> test: manual triggered workflows (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2637">#2637</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/94d97fe3f88298bf8b2f2db6fa2ab150f3c1ab77"><code>94d97fe</code></a> chore(deps): bump tj-actions/branch-names from 9.0.1 to 9.0.2 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2636">#2636</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/18b05b98fcd9dc0bd3870d7a6571535999ba0c3f"><code>18b05b9</code></a> chore(deps): bump github/codeql-action from 3.29.4 to 3.29.5 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2635">#2635</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/db8d0bfea5a44e51abd5dc1454386c668ae901f9"><code>db8d0bf</code></a> chore(deps): bump tj-actions/git-cliff from 1.5.0 to 2.0.2 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2632">#2632</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/0e2e8f70c5c6854ee9ff9f94bc2f1b9e7fcead78"><code>0e2e8f7</code></a> chore(deps): bump tj-actions/branch-names from 8.2.1 to 9.0.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2633">#2633</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/5f2e971c1fcf53fda99e27a542f5e79cff0e7059"><code>5f2e971</code></a> chore(deps-dev): bump <code>@types/node</code> from 24.0.15 to 24.1.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2626">#2626</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/498cf3f89140b3c7b8353c5ae1354765717026ad"><code>498cf3f</code></a> chore(deps-dev): bump jest from 30.0.4 to 30.0.5 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2627">#2627</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/8378ac87b7b199cd230495c133c4f6b19215e757"><code>8378ac8</code></a> chore(deps): bump github/codeql-action from 3.29.3 to 3.29.4 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2628">#2628</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/4bfe3cb5bd6f0db4dc8668c4d6bef45ccf2b8ab5"><code>4bfe3cb</code></a> chore(deps): bump nrwl/nx-set-shas from 4.3.0 to 4.3.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2630">#2630</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/a0370f61698fcac830a08949da9fdf96ea0f3ab7"><code>a0370f6</code></a> chore(deps): bump github/codeql-action from 3.29.2 to 3.29.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2625">#2625</a>)</li> <li>Additional commits viewable in <a href="https://github.com/tj-actions/changed-files/compare/055970845dd036d7345da7399b7e89f2e10f2b04...c2ca2493190021783138cb8aac49bcee14b4bb89">compare view</a></li> </ul> </details> <br /> Updates `tj-actions/branch-names` from 8.2.1 to 9.0.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tj-actions/branch-names/releases">tj-actions/branch-names's releases</a>.</em></p> <blockquote> <h2>v9.0.2</h2> <h2>What's Changed</h2> <ul> <li>Upgraded to v9.0.1 by <a href="https://github.com/github-actions"><code>@github-actions</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/branch-names/pull/424">tj-actions/branch-names#424</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/tj-actions/branch-names/compare/v9...v9.0.2">https://github.com/tj-actions/branch-names/compare/v9...v9.0.2</a></p> <h2>v9.0.1</h2> <h2>What's Changed</h2> <ul> <li>build(deps): bump tj-actions/git-cliff from 1.5.0 to 2.0.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/branch-names/pull/422">tj-actions/branch-names#422</a></li> <li>build(deps): bump codacy/codacy-analysis-cli-action from 4.4.5 to 4.4.7 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/branch-names/pull/421">tj-actions/branch-names#421</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/tj-actions/branch-names/compare/v9.0.0...v9.0.1">https://github.com/tj-actions/branch-names/compare/v9.0.0...v9.0.1</a></p> <h2>v9.0.0</h2> <h2>What's Changed</h2> <ul> <li>Upgraded to v8.2.1 by <a href="https://github.com/github-actions"><code>@github-actions</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/branch-names/pull/417">tj-actions/branch-names#417</a></li> <li>chore: update action.yml by <a href="https://github.com/jackton1"><code>@jackton1</code></a> in <a href="https://redirect.github.com/tj-actions/branch-names/pull/418">tj-actions/branch-names#418</a></li> <li>Updated README.md by <a href="https://github.com/github-actions"><code>@github-actions</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/branch-names/pull/419">tj-actions/branch-names#419</a></li> <li>security: fix unsafe outputs by <a href="https://github.com/jackton1"><code>@jackton1</code></a> in <a href="https://redirect.github.com/tj-actions/branch-names/pull/420">tj-actions/branch-names#420</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/tj-actions/branch-names/compare/v8...v9.0.0">https://github.com/tj-actions/branch-names/compare/v8...v9.0.0</a></p> <h2>v9</h2> <h1>Changes in v9.0.2</h1> <h2>What's Changed</h2> <ul> <li>Upgraded to v9.0.1 by <a href="https://github.com/github-actions"><code>@github-actions</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/branch-names/pull/424">tj-actions/branch-names#424</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/tj-actions/branch-names/compare/v9...v9.0.2">https://github.com/tj-actions/branch-names/compare/v9...v9.0.2</a></p> <hr /> <h1>Changes in v9.0.1</h1> <h2>What's Changed</h2> <ul> <li>build(deps): bump tj-actions/git-cliff from 1.5.0 to 2.0.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/branch-names/pull/422">tj-actions/branch-names#422</a></li> <li>build(deps): bump codacy/codacy-analysis-cli-action from 4.4.5 to 4.4.7 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/branch-names/pull/421">tj-actions/branch-names#421</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/tj-actions/branch-names/compare/v9.0.0...v9.0.1">https://github.com/tj-actions/branch-names/compare/v9.0.0...v9.0.1</a></p> <hr /> <h1>Changes in v9.0.0</h1> <h2>What's Changed</h2> <ul> <li>Upgraded to v8.2.1 by <a href="https://github.com/github-actions"><code>@github-actions</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/branch-names/pull/417">tj-actions/branch-names#417</a></li> <li>chore: update action.yml by <a href="https://github.com/jackton1"><code>@jackton1</code></a> in <a href="https://redirect.github.com/tj-actions/branch-names/pull/418">tj-actions/branch-names#418</a></li> <li>Updated README.md by <a href="https://github.com/github-actions"><code>@github-actions</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/branch-names/pull/419">tj-actions/branch-names#419</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tj-actions/branch-names/blob/main/HISTORY.md">tj-actions/branch-names's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h1><a href="https://github.com/tj-actions/branch-names/compare/v9.0.1...v9.0.2">9.0.2</a> - (2025-07-31)</h1> <h2><!-- raw HTML omitted -->🔄 Update</h2> <ul> <li>Update update-readme.yml (<a href="https://github.com/tj-actions/branch-names/commit/5250492686b253f06fa55861556d1027b067aeb5">5250492</a>) - (Tonye Jack)</li> <li>Update update-readme.yml (<a href="https://github.com/tj-actions/branch-names/commit/a2bc4958de72a5590a03c317bcb11581ae7866e7">a2bc495</a>) - (Tonye Jack)</li> <li>Update README.md (<a href="https://github.com/tj-actions/branch-names/commit/169ddc10b28b8cbc75996ee56c1dbf4448ca6f06">169ddc1</a>) - (Tonye Jack)</li> <li>Update README.md (<a href="https://github.com/tj-actions/branch-names/commit/4d35052be347a49c829b8a8e9855f40f14a00be6">4d35052</a>) - (Tonye Jack)</li> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/branch-names/issues/423">#423</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/branch-names/commit/6be34a848cdd6067dda01ded8bd9b0853bbe3b23">6be34a8</a>) - (github-actions[bot])</p> <h2><!-- raw HTML omitted -->⬆️ Upgrades</h2> <ul> <li>Upgraded from v9.0.0 -> v9.0.1 (<a href="https://redirect.github.com/tj-actions/branch-names/issues/424">#424</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/branch-names/commit/c0714e7ecc0a7baec34a69b87df070fa6a823e7f">c0714e7</a>) - (github-actions[bot])</p> <h1><a href="https://github.com/tj-actions/branch-names/compare/v9.0.0...v9.0.1">9.0.1</a> - (2025-07-26)</h1> <h2><!-- raw HTML omitted -->👷 CI/CD</h2> <ul> <li><strong>deps:</strong> Bump codacy/codacy-analysis-cli-action from 4.4.5 to 4.4.7 (<a href="https://redirect.github.com/tj-actions/branch-names/issues/421">#421</a>) (<a href="https://github.com/tj-actions/branch-names/commit/386e117ea34339627a40843704a60a3bc9359234">386e117</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump tj-actions/git-cliff from 1.5.0 to 2.0.2 (<a href="https://redirect.github.com/tj-actions/branch-names/issues/422">#422</a>) (<a href="https://github.com/tj-actions/branch-names/commit/2114174008e541048c2313bfc2c296a484785f14">2114174</a>) - (dependabot[bot])</li> </ul> <h1><a href="https://github.com/tj-actions/branch-names/compare/v8.2.1...v9.0.0">9.0.0</a> - (2025-07-25)</h1> <h2><!-- raw HTML omitted -->🔄 Update</h2> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/branch-names/issues/419">#419</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/branch-names/commit/f904073f20285d3ff38d2dedb647c7e81ab9ccc6">f904073</a>) - (github-actions[bot])</p> <h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2> <ul> <li>Update action.yml (<a href="https://redirect.github.com/tj-actions/branch-names/issues/418">#418</a>) (<a href="https://github.com/tj-actions/branch-names/commit/c81796132291bcac45a405bba3ff42c5c0c2a3e2">c817961</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->🛡️ Security</h2> <ul> <li>Fix unsafe outputs (<a href="https://redirect.github.com/tj-actions/branch-names/issues/420">#420</a>) (<a href="https://github.com/tj-actions/branch-names/commit/e497ceb8ccd43fd9573cf2e375216625bc411d1f">e497ceb</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->⬆️ Upgrades</h2> <ul> <li>Upgraded from v8.2.0 -> v8.2.1 (<a href="https://redirect.github.com/tj-actions/branch-names/issues/417">#417</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/branch-names/commit/46ae71df6d27dd78ff96d2aaf0a59411f9c19e4e">46ae71d</a>) - (github-actions[bot])</p> <h1><a href="https://github.com/tj-actions/branch-names/compare/v8.2.0...v8.2.1">8.2.1</a> - (2025-04-11)</h1> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tj-actions/branch-names/commit/5250492686b253f06fa55861556d1027b067aeb5"><code>5250492</code></a> Update update-readme.yml</li> <li><a href="https://github.com/tj-actions/branch-names/commit/a2bc4958de72a5590a03c317bcb11581ae7866e7"><code>a2bc495</code></a> Update update-readme.yml</li> <li><a href="https://github.com/tj-actions/branch-names/commit/169ddc10b28b8cbc75996ee56c1dbf4448ca6f06"><code>169ddc1</code></a> Update README.md</li> <li><a href="https://github.com/tj-actions/branch-names/commit/4d35052be347a49c829b8a8e9855f40f14a00be6"><code>4d35052</code></a> Update README.md</li> <li><a href="https://github.com/tj-actions/branch-names/commit/c0714e7ecc0a7baec34a69b87df070fa6a823e7f"><code>c0714e7</code></a> Upgraded from v9.0.0 -> v9.0.1 (<a href="https://redirect.github.com/tj-actions/branch-names/issues/424">#424</a>)</li> <li><a href="https://github.com/tj-actions/branch-names/commit/6be34a848cdd6067dda01ded8bd9b0853bbe3b23"><code>6be34a8</code></a> Updated README.md (<a href="https://redirect.github.com/tj-actions/branch-names/issues/423">#423</a>)</li> <li><a href="https://github.com/tj-actions/branch-names/commit/386e117ea34339627a40843704a60a3bc9359234"><code>386e117</code></a> build(deps): bump codacy/codacy-analysis-cli-action from 4.4.5 to 4.4.7 (<a href="https://redirect.github.com/tj-actions/branch-names/issues/421">#421</a>)</li> <li><a href="https://github.com/tj-actions/branch-names/commit/2114174008e541048c2313bfc2c296a484785f14"><code>2114174</code></a> build(deps): bump tj-actions/git-cliff from 1.5.0 to 2.0.2 (<a href="https://redirect.github.com/tj-actions/branch-names/issues/422">#422</a>)</li> <li><a href="https://github.com/tj-actions/branch-names/commit/e497ceb8ccd43fd9573cf2e375216625bc411d1f"><code>e497ceb</code></a> security: fix unsafe outputs (<a href="https://redirect.github.com/tj-actions/branch-names/issues/420">#420</a>)</li> <li><a href="https://github.com/tj-actions/branch-names/commit/f904073f20285d3ff38d2dedb647c7e81ab9ccc6"><code>f904073</code></a> Updated README.md (<a href="https://redirect.github.com/tj-actions/branch-names/issues/419">#419</a>)</li> <li>Additional commits viewable in <a href="https://github.com/tj-actions/branch-names/compare/dde14ac574a8b9b1cedc59a1cf312788af43d8d8...5250492686b253f06fa55861556d1027b067aeb5">compare view</a></li> </ul> </details> <br /> Updates `github/codeql-action` from 3.29.3 to 3.29.5 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action's releases</a>.</em></p> <blockquote> <h2>v3.29.5</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>3.29.5 - 29 Jul 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.22.2. <a href="https://redirect.github.com/github/codeql-action/pull/2986">#2986</a></li> </ul> <p>See the full <a href="https://github.com/github/codeql-action/blob/v3.29.5/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> <h2>v3.29.4</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>3.29.4 - 23 Jul 2025</h2> <p>No user facing changes.</p> <p>See the full <a href="https://github.com/github/codeql-action/blob/v3.29.4/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>3.29.5 - 29 Jul 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.22.2. <a href="https://redirect.github.com/github/codeql-action/pull/2986">#2986</a></li> </ul> <h2>3.29.4 - 23 Jul 2025</h2> <p>No user facing changes.</p> <h2>3.29.3 - 21 Jul 2025</h2> <p>No user facing changes.</p> <h2>3.29.2 - 30 Jun 2025</h2> <ul> <li>Experimental: When the <code>quality-queries</code> input for the <code>init</code> action is provided with an argument, separate <code>.quality.sarif</code> files are produced and uploaded for each language with the results of the specified queries. Do not use this in production as it is part of an internal experiment and subject to change at any time. <a href="https://redirect.github.com/github/codeql-action/pull/2935">#2935</a></li> </ul> <h2>3.29.1 - 27 Jun 2025</h2> <ul> <li>Fix bug in PR analysis where user-provided <code>include</code> query filter fails to exclude non-included queries. <a href="https://redirect.github.com/github/codeql-action/pull/2938">#2938</a></li> <li>Update default CodeQL bundle version to 2.22.1. <a href="https://redirect.github.com/github/codeql-action/pull/2950">#2950</a></li> </ul> <h2>3.29.0 - 11 Jun 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.22.0. <a href="https://redirect.github.com/github/codeql-action/pull/2925">#2925</a></li> <li>Bump minimum CodeQL bundle version to 2.16.6. <a href="https://redirect.github.com/github/codeql-action/pull/2912">#2912</a></li> </ul> <h2>3.28.21 - 28 July 2025</h2> <p>No user facing changes.</p> <h2>3.28.20 - 21 July 2025</h2> <ul> <li>Remove support for combining SARIF files from a single upload for GHES 3.18, see <a href="https://github.blog/changelog/2024-05-06-code-scanning-will-stop-combining-runs-from-a-single-upload/">the changelog post</a>. <a href="https://redirect.github.com/github/codeql-action/pull/2959">#2959</a></li> </ul> <h2>3.28.19 - 03 Jun 2025</h2> <ul> <li>The CodeQL Action no longer includes its own copy of the extractor for the <code>actions</code> language, which is currently in public preview. The <code>actions</code> extractor has been included in the CodeQL CLI since v2.20.6. If your workflow has enabled the <code>actions</code> language <em>and</em> you have pinned your <code>tools:</code> property to a specific version of the CodeQL CLI earlier than v2.20.6, you will need to update to at least CodeQL v2.20.6 or disable <code>actions</code> analysis.</li> <li>Update default CodeQL bundle version to 2.21.4. <a href="https://redirect.github.com/github/codeql-action/pull/2910">#2910</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/51f77329afa6477de8c49fc9c7046c15b9a4e79d"><code>51f7732</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2997">#2997</a> from github/update-v3.29.5-80a09d7b0</li> <li><a href="https://github.com/github/codeql-action/commit/8e90243ddbe0de3f12f4fa361675387b7f94c48d"><code>8e90243</code></a> Update changelog for v3.29.5</li> <li><a href="https://github.com/github/codeql-action/commit/80a09d7b0b5468297f127c81b43cb7335eed0f30"><code>80a09d7</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2996">#2996</a> from github/dependabot/npm_and_yarn/npm-240ab9fad0</li> <li><a href="https://github.com/github/codeql-action/commit/8388115dc8d6af25bf915cc8455a7d6a77253970"><code>8388115</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2994">#2994</a> from github/mergeback/changelog/v3.28.21</li> <li><a href="https://github.com/github/codeql-action/commit/401ecaf503b1a19fc0fbd253cc5afe7759870068"><code>401ecaf</code></a> Merge branch 'main' into mergeback/changelog/v3.28.21</li> <li><a href="https://github.com/github/codeql-action/commit/ab5c0c5fa56442a68c2d51b194ccc93faaaaa639"><code>ab5c0c5</code></a> Merge branch 'main' into dependabot/npm_and_yarn/npm-240ab9fad0</li> <li><a href="https://github.com/github/codeql-action/commit/cd264d4dcdc5ee89d8590821e29c66a1bdcaa968"><code>cd264d4</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2986">#2986</a> from github/update-bundle/codeql-bundle-v2.22.2</li> <li><a href="https://github.com/github/codeql-action/commit/4599055b1e273f63344615ade2c46c852c6d5c63"><code>4599055</code></a> Merge branch 'main' into update-bundle/codeql-bundle-v2.22.2</li> <li><a href="https://github.com/github/codeql-action/commit/fd7ad511e6bd5985ebbc84944e0e173d39a968b8"><code>fd7ad51</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2971">#2971</a> from github/update-supported-enterprise-server-versions</li> <li><a href="https://github.com/github/codeql-action/commit/ac0c9bfe1e34d6a76860325c1b4abe8208ce98a6"><code>ac0c9bf</code></a> Merge branch 'main' into update-supported-enterprise-server-versions</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/d6bbdef45e766d081b84a2def353b0055f728d3e...51f77329afa6477de8c49fc9c7046c15b9a4e79d">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-08-04 14:57:47 +00:00
Ethan	b95cf47f99	ci: set valid xcode version in release script (#19143 ) 16.0.0 was yanked from the macOS runners, so this will likely need cherry picking into the upcoming release branch. We've already checked everything builds fine on #19125. In a few releases we'll stop building the dylib and also therefore remove xcode as a dependency on coder/coder altogether.	2025-08-04 15:01:24 +10:00
dependabot[bot]	6b141d76de	ci: bump the github-actions group with 6 updates (#18938 ) Bumps the github-actions group with 6 updates: \| Package \| From \| To \| \| --- \| --- \| --- \| \| [step-security/harden-runner](https://github.com/step-security/harden-runner) \| `2.12.2` \| `2.13.0` \| \| [google-github-actions/auth](https://github.com/google-github-actions/auth) \| `2.1.10` \| `2.1.11` \| \| [google-github-actions/setup-gcloud](https://github.com/google-github-actions/setup-gcloud) \| `2.1.4` \| `2.1.5` \| \| [google-github-actions/get-gke-credentials](https://github.com/google-github-actions/get-gke-credentials) \| `2.3.3` \| `2.3.4` \| \| [github/codeql-action](https://github.com/github/codeql-action) \| `3.29.2` \| `3.29.3` \| \| [umbrelladocs/action-linkspector](https://github.com/umbrelladocs/action-linkspector) \| `1.3.6` \| `1.3.7` \| Updates `step-security/harden-runner` from 2.12.2 to 2.13.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's releases</a>.</em></p> <blockquote> <h2>v2.13.0</h2> <h2>What's Changed</h2> <ul> <li>Improved job markdown summary</li> <li>Https monitoring for all domains (included with the enterprise tier)</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2...v2.13.0">https://github.com/step-security/harden-runner/compare/v2...v2.13.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/step-security/harden-runner/commit/ec9f2d5744a09debf3a187a3f4f675c53b671911"><code>ec9f2d5</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/565">#565</a> from step-security/rc-24</li> <li><a href="https://github.com/step-security/harden-runner/commit/04bcbc31cfcefe0cf4720832008735021cec5ec4"><code>04bcbc3</code></a> update agent</li> <li><a href="https://github.com/step-security/harden-runner/commit/7c7a56fcaa124ab72fff1cc3e81257f264fd7317"><code>7c7a56f</code></a> feat: get job summary from API</li> <li>See full diff in <a href="https://github.com/step-security/harden-runner/compare/6c439dc8bdf85cadbbce9ed30d1c7b959517bc49...ec9f2d5744a09debf3a187a3f4f675c53b671911">compare view</a></li> </ul> </details> <br /> Updates `google-github-actions/auth` from 2.1.10 to 2.1.11 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/google-github-actions/auth/releases">google-github-actions/auth's releases</a>.</em></p> <blockquote> <h2>v2.1.11</h2> <h2>What's Changed</h2> <ul> <li>Update troubleshooting docs for Python by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/auth/pull/488">google-github-actions/auth#488</a></li> <li>Add linters by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/auth/pull/499">google-github-actions/auth#499</a></li> <li>Update deps by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/auth/pull/500">google-github-actions/auth#500</a></li> <li>Release: v2.1.11 by <a href="https://github.com/google-github-actions-bot"><code>@google-github-actions-bot</code></a> in <a href="https://redirect.github.com/google-github-actions/auth/pull/501">google-github-actions/auth#501</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/google-github-actions/auth/compare/v2.1.10...v2.1.11">https://github.com/google-github-actions/auth/compare/v2.1.10...v2.1.11</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/google-github-actions/auth/commit/140bb5113ffb6b65a7e9b937a81fa96cf5064462"><code>140bb51</code></a> Release: v2.1.11 (<a href="https://redirect.github.com/google-github-actions/auth/issues/501">#501</a>)</li> <li><a href="https://github.com/google-github-actions/auth/commit/ab3132e2ad698521ee1355566103fa838732e48c"><code>ab3132e</code></a> Update deps (<a href="https://redirect.github.com/google-github-actions/auth/issues/500">#500</a>)</li> <li><a href="https://github.com/google-github-actions/auth/commit/25b96bac992fdf64486c6fd3fd3d9c4cddb3a812"><code>25b96ba</code></a> Add linters (<a href="https://redirect.github.com/google-github-actions/auth/issues/499">#499</a>)</li> <li><a href="https://github.com/google-github-actions/auth/commit/0920706a19e9d22c3d0da43d1db5939c6ad837a8"><code>0920706</code></a> Update troubleshooting docs for Python (<a href="https://redirect.github.com/google-github-actions/auth/issues/488">#488</a>)</li> <li>See full diff in <a href="https://github.com/google-github-actions/auth/compare/ba79af03959ebeac9769e648f473a284504d9193...140bb5113ffb6b65a7e9b937a81fa96cf5064462">compare view</a></li> </ul> </details> <br /> Updates `google-github-actions/setup-gcloud` from 2.1.4 to 2.1.5 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/google-github-actions/setup-gcloud/releases">google-github-actions/setup-gcloud's releases</a>.</em></p> <blockquote> <h2>v2.1.5</h2> <h2>What's Changed</h2> <ul> <li>security: bump undici from 5.28.5 to 5.29.0 in the npm_and_yarn group by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/711">google-github-actions/setup-gcloud#711</a></li> <li>Update linters by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/715">google-github-actions/setup-gcloud#715</a></li> <li>Update deps by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/716">google-github-actions/setup-gcloud#716</a></li> <li>Release: v2.1.5 by <a href="https://github.com/google-github-actions-bot"><code>@google-github-actions-bot</code></a> in <a href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/717">google-github-actions/setup-gcloud#717</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/google-github-actions/setup-gcloud/compare/v2.1.4...v2.1.5">https://github.com/google-github-actions/setup-gcloud/compare/v2.1.4...v2.1.5</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/google-github-actions/setup-gcloud/commit/6a7c903a70c8625ed6700fa299f5ddb4ca6022e9"><code>6a7c903</code></a> Release: v2.1.5 (<a href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/717">#717</a>)</li> <li><a href="https://github.com/google-github-actions/setup-gcloud/commit/e838bc6edfe3907980c74d5aad506fd6e173b0d6"><code>e838bc6</code></a> Update deps (<a href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/716">#716</a>)</li> <li><a href="https://github.com/google-github-actions/setup-gcloud/commit/98d8f78fcc2354c736499a506ad9e7be3f4c2640"><code>98d8f78</code></a> Update linters (<a href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/715">#715</a>)</li> <li><a href="https://github.com/google-github-actions/setup-gcloud/commit/a8b58010a5b2a061afd605f50e88629c9ec7536b"><code>a8b5801</code></a> security: bump undici from 5.28.5 to 5.29.0 in the npm_and_yarn group (<a href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/711">#711</a>)</li> <li>See full diff in <a href="https://github.com/google-github-actions/setup-gcloud/compare/77e7a554d41e2ee56fc945c52dfd3f33d12def9a...6a7c903a70c8625ed6700fa299f5ddb4ca6022e9">compare view</a></li> </ul> </details> <br /> Updates `google-github-actions/get-gke-credentials` from 2.3.3 to 2.3.4 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/google-github-actions/get-gke-credentials/releases">google-github-actions/get-gke-credentials's releases</a>.</em></p> <blockquote> <h2>v2.3.4</h2> <h2>What's Changed</h2> <ul> <li>security: bump undici from 5.28.5 to 5.29.0 in the npm_and_yarn group by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/333">google-github-actions/get-gke-credentials#333</a></li> <li>Update linters by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/334">google-github-actions/get-gke-credentials#334</a></li> <li>Update deps by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/335">google-github-actions/get-gke-credentials#335</a></li> <li>Release: v2.3.4 by <a href="https://github.com/google-github-actions-bot"><code>@google-github-actions-bot</code></a> in <a href="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/336">google-github-actions/get-gke-credentials#336</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/google-github-actions/get-gke-credentials/compare/v2.3.3...v2.3.4">https://github.com/google-github-actions/get-gke-credentials/compare/v2.3.3...v2.3.4</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/google-github-actions/get-gke-credentials/commit/8e574c49425fa7efed1e74650a449bfa6a23308a"><code>8e574c4</code></a> Release: v2.3.4 (<a href="https://redirect.github.com/google-github-actions/get-gke-credentials/issues/336">#336</a>)</li> <li><a href="https://github.com/google-github-actions/get-gke-credentials/commit/820551c1d9b3734a98590d5020e3a479a3600019"><code>820551c</code></a> Update deps (<a href="https://redirect.github.com/google-github-actions/get-gke-credentials/issues/335">#335</a>)</li> <li><a href="https://github.com/google-github-actions/get-gke-credentials/commit/503071673e50fd4fe5973d69174dc780288d61e9"><code>5030716</code></a> Update linters (<a href="https://redirect.github.com/google-github-actions/get-gke-credentials/issues/334">#334</a>)</li> <li><a href="https://github.com/google-github-actions/get-gke-credentials/commit/36f99de330d5a168c801b87721b96719a0a9ada0"><code>36f99de</code></a> security: bump undici from 5.28.5 to 5.29.0 in the npm_and_yarn group (<a href="https://redirect.github.com/google-github-actions/get-gke-credentials/issues/333">#333</a>)</li> <li>See full diff in <a href="https://github.com/google-github-actions/get-gke-credentials/compare/d0cee45012069b163a631894b98904a9e6723729...8e574c49425fa7efed1e74650a449bfa6a23308a">compare view</a></li> </ul> </details> <br /> Updates `github/codeql-action` from 3.29.2 to 3.29.3 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action's releases</a>.</em></p> <blockquote> <h2>v3.29.3</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>3.29.3 - 21 Jul 2025</h2> <p>No user facing changes.</p> <p>See the full <a href="https://github.com/github/codeql-action/blob/v3.29.3/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>3.29.3 - 21 Jul 2025</h2> <p>No user facing changes.</p> <h2>3.29.2 - 30 Jun 2025</h2> <ul> <li>Experimental: When the <code>quality-queries</code> input for the <code>init</code> action is provided with an argument, separate <code>.quality.sarif</code> files are produced and uploaded for each language with the results of the specified queries. Do not use this in production as it is part of an internal experiment and subject to change at any time. <a href="https://redirect.github.com/github/codeql-action/pull/2935">#2935</a></li> </ul> <h2>3.29.1 - 27 Jun 2025</h2> <ul> <li>Fix bug in PR analysis where user-provided <code>include</code> query filter fails to exclude non-included queries. <a href="https://redirect.github.com/github/codeql-action/pull/2938">#2938</a></li> <li>Update default CodeQL bundle version to 2.22.1. <a href="https://redirect.github.com/github/codeql-action/pull/2950">#2950</a></li> </ul> <h2>3.29.0 - 11 Jun 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.22.0. <a href="https://redirect.github.com/github/codeql-action/pull/2925">#2925</a></li> <li>Bump minimum CodeQL bundle version to 2.16.6. <a href="https://redirect.github.com/github/codeql-action/pull/2912">#2912</a></li> </ul> <h2>3.28.20 - 21 July 2025</h2> <ul> <li>Remove support for combining SARIF files from a single upload for GHES 3.18, see <a href="https://github.blog/changelog/2024-05-06-code-scanning-will-stop-combining-runs-from-a-single-upload/">the changelog post</a>. <a href="https://redirect.github.com/github/codeql-action/pull/2959">#2959</a></li> </ul> <h2>3.28.19 - 03 Jun 2025</h2> <ul> <li>The CodeQL Action no longer includes its own copy of the extractor for the <code>actions</code> language, which is currently in public preview. The <code>actions</code> extractor has been included in the CodeQL CLI since v2.20.6. If your workflow has enabled the <code>actions</code> language <em>and</em> you have pinned your <code>tools:</code> property to a specific version of the CodeQL CLI earlier than v2.20.6, you will need to update to at least CodeQL v2.20.6 or disable <code>actions</code> analysis.</li> <li>Update default CodeQL bundle version to 2.21.4. <a href="https://redirect.github.com/github/codeql-action/pull/2910">#2910</a></li> </ul> <h2>3.28.18 - 16 May 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.21.3. <a href="https://redirect.github.com/github/codeql-action/pull/2893">#2893</a></li> <li>Skip validating SARIF produced by CodeQL for improved performance. <a href="https://redirect.github.com/github/codeql-action/pull/2894">#2894</a></li> <li>The number of threads and amount of RAM used by CodeQL can now be set via the <code>CODEQL_THREADS</code> and <code>CODEQL_RAM</code> runner environment variables. If set, these environment variables override the <code>threads</code> and <code>ram</code> inputs respectively. <a href="https://redirect.github.com/github/codeql-action/pull/2891">#2891</a></li> </ul> <h2>3.28.17 - 02 May 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.21.2. <a href="https://redirect.github.com/github/codeql-action/pull/2872">#2872</a></li> </ul> <h2>3.28.16 - 23 Apr 2025</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/d6bbdef45e766d081b84a2def353b0055f728d3e"><code>d6bbdef</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2977">#2977</a> from github/update-v3.29.3-7710ed11e</li> <li><a href="https://github.com/github/codeql-action/commit/210cc9bfa2103f4b7c4701ee383183b944c62578"><code>210cc9b</code></a> Update changelog for v3.29.3</li> <li><a href="https://github.com/github/codeql-action/commit/7710ed11e398ea99c7f7004c2b2e0f580458db42"><code>7710ed1</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2970">#2970</a> from github/cklin/diff-informed-feature-enable</li> <li><a href="https://github.com/github/codeql-action/commit/6a49a8cbce6ecbd74ea251a48dbc84e64ce3be4d"><code>6a49a8c</code></a> build: refresh js files</li> <li><a href="https://github.com/github/codeql-action/commit/3aef4108d1730e17b6fd24f8b9c49d8fcc87d46d"><code>3aef410</code></a> Add diff-informed-analysis-utils.test.ts</li> <li><a href="https://github.com/github/codeql-action/commit/614b64c6ec97a4ad54f7c99c5becbf593144dbfb"><code>614b64c</code></a> Diff-informed analysis: disable for GHES below 3.19</li> <li><a href="https://github.com/github/codeql-action/commit/aefb854fe5563f4650638224c839c6e9b33c25b5"><code>aefb854</code></a> Feature.DiffInformedQueries: default to true</li> <li><a href="https://github.com/github/codeql-action/commit/03a2a17e75d20e4ff461b43f161fb2b52165f632"><code>03a2a17</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2967">#2967</a> from github/cklin/overlay-feature-flags</li> <li><a href="https://github.com/github/codeql-action/commit/07455ed3c36f739ad76d1c4e55f8b49550f74344"><code>07455ed</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2972">#2972</a> from github/koesie10/ghes-satisfies</li> <li><a href="https://github.com/github/codeql-action/commit/3fb562ddcce3ca92b83ea1bb7abaa579a1ab882d"><code>3fb562d</code></a> build: refresh js files</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/181d5eefc20863364f96762470ba6f862bdef56b...d6bbdef45e766d081b84a2def353b0055f728d3e">compare view</a></li> </ul> </details> <br /> Updates `umbrelladocs/action-linkspector` from 1.3.6 to 1.3.7 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/umbrelladocs/action-linkspector/releases">umbrelladocs/action-linkspector's releases</a>.</em></p> <blockquote> <h2>Release v1.3.7</h2> <p>v1.3.7: PR <a href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/47">#47</a> - Update linkspector version to 0.4.7</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/UmbrellaDocs/action-linkspector/commit/874d01cae9fd488e3077b08952093235bd626977"><code>874d01c</code></a> Merge pull request <a href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/47">#47</a> from UmbrellaDocs/update-linkspector-version</li> <li><a href="https://github.com/UmbrellaDocs/action-linkspector/commit/bfc5bc55f5a8fc268165639b78b3ce6ae64915ad"><code>bfc5bc5</code></a> Update linkspector version to 0.4.7</li> <li>See full diff in <a href="https://github.com/umbrelladocs/action-linkspector/compare/3a951c1f0dca72300c2320d0eb39c2bafe429ab1...874d01cae9fd488e3077b08952093235bd626977">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-07-21 13:21:37 +00:00
Jakub Domeracki	e4d3453e2b	feat: publish CLI binaries and detached signatures to releases.coder.com (#18874 ) Starting with version `2.24.X `, Coder CLI binaries & corresponding detached signatures will get published to the GCS bucket releases.coder.com.	2025-07-15 13:15:58 +02:00
Jakub Domeracki	dc0919da33	feat: sign coder binaries with the release key using GPG (#18774 ) ### Description This PR introduces GPG signing for all Coder slim-binaries. Detached signatures will allow users to verify the integrity and authenticity of the binaries they download. ### Changes * `scripts/sign_with_gpg.sh`: New script to sign a given binary using GPG. It imports the release key, signs the binary, and verifies the signature. * `scripts/build_go.sh`: Updated to call `sign_with_gpg.sh` when the `CODER_SIGN_GPG` environment variable is set to 1. * `.github/workflows/release.yaml`: The` CODER_SIGN_GPG` environment variable is now set to 1 during the release build, enabling GPG signing for all release binaries. * `.github/workflows/ci.yaml`: The `CODER_SIGN_GPG` environment variable is now set to 1 during the CI build, enabling GPG signing for all CI binaries. * `Makefile`: Detached signatures are moved to the `/site/out/bin/ `directory	2025-07-09 11:53:27 +02:00
Allen Conlon	10c1e36fff	feat: add publishing of helm charts to ghcr registry (#18316 )	2025-07-08 22:19:12 +05:00
dependabot[bot]	851cda55d6	ci: bump the github-actions group with 3 updates (#18665 ) Bumps the github-actions group with 3 updates: [step-security/harden-runner](https://github.com/step-security/harden-runner), [fluxcd/flux2](https://github.com/fluxcd/flux2) and [github/codeql-action](https://github.com/github/codeql-action). Updates `step-security/harden-runner` from 2.12.1 to 2.12.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's releases</a>.</em></p> <blockquote> <h2>v2.12.2</h2> <h2>What's Changed</h2> <p>Added HTTPS Monitoring for additional destinations - *.githubusercontent.com Bug fixes:</p> <ul> <li>Implicitly allow local multicast, local unicast and broadcast IP addresses in block mode</li> <li>Increased policy map size for block mode</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2...v2.12.2">https://github.com/step-security/harden-runner/compare/v2...v2.12.2</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/step-security/harden-runner/commit/6c439dc8bdf85cadbbce9ed30d1c7b959517bc49"><code>6c439dc</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/562">#562</a> from step-security/rc-22</li> <li><a href="https://github.com/step-security/harden-runner/commit/bf5688696d0b2cf8221eadb38e4232386015763a"><code>bf56886</code></a> update agent</li> <li><a href="https://github.com/step-security/harden-runner/commit/5436dac7b5fa76a1a179168f5f4de86c00e22c84"><code>5436dac</code></a> update agent</li> <li><a href="https://github.com/step-security/harden-runner/commit/88d305a3530acfa6d1939000baaa571e520df9c8"><code>88d305a</code></a> update agent</li> <li><a href="https://github.com/step-security/harden-runner/commit/b976878278dbe3bc16039f7165b8faf809c50297"><code>b976878</code></a> update agent</li> <li><a href="https://github.com/step-security/harden-runner/commit/875cc92db280a03598e7492a3e6c165c689f7af6"><code>875cc92</code></a> Update agent</li> <li>See full diff in <a href="https://github.com/step-security/harden-runner/compare/002fdce3c6a235733a90a27c80493a3241e56863...6c439dc8bdf85cadbbce9ed30d1c7b959517bc49">compare view</a></li> </ul> </details> <br /> Updates `fluxcd/flux2` from 2.6.2 to 2.6.3 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/fluxcd/flux2/releases">fluxcd/flux2's releases</a>.</em></p> <blockquote> <h2>v2.6.3</h2> <h2>Highlights</h2> <p>Flux v2.6.3 is a patch release that comes with various fixes. Users are encouraged to upgrade for the best experience.</p> <p>Fixes:</p> <ul> <li>Fix for <code>rsa-sha2-512</code> and <code>rsa-sha2-256</code> algorithms not being prioritized for <code>ssh-rsa</code> host keys in source-controller, image-automation-controller and Flux CLI bootstrap.</li> </ul> <h2>Components changelog</h2> <ul> <li>source-controller <a href="https://github.com/fluxcd/source-controller/blob/v1.6.2/CHANGELOG.md">v1.6.2</a></li> <li>image-automation-controller <a href="https://github.com/fluxcd/image-automation-controller/blob/v0.41.2/CHANGELOG.md">v0.41.2</a></li> </ul> <h2>CLI changed</h2> <ul> <li>[release/v2.6.x] Update toolkit components by <a href="https://github.com/fluxcdbot"><code>@fluxcdbot</code></a> in <a href="https://redirect.github.com/fluxcd/flux2/pull/5427">fluxcd/flux2#5427</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/fluxcd/flux2/compare/v2.6.2...v2.6.3">https://github.com/fluxcd/flux2/compare/v2.6.2...v2.6.3</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/fluxcd/flux2/commit/bda4c8187e436462be0d072e728b67afa215c593"><code>bda4c81</code></a> Merge pull request <a href="https://redirect.github.com/fluxcd/flux2/issues/5427">#5427</a> from fluxcd/backport-5426-to-release/v2.6.x</li> <li><a href="https://github.com/fluxcd/flux2/commit/3f281da7381e3984913244d78b9768e4fa5fbb65"><code>3f281da</code></a> Fix: Prioritize sha2-512 and sha2-256 for ssh-rsa host keys</li> <li><a href="https://github.com/fluxcd/flux2/commit/963e99188cb0a77dfbe70a3db7a34c0f6e159dd3"><code>963e991</code></a> Update toolkit components</li> <li>See full diff in <a href="https://github.com/fluxcd/flux2/compare/a48f81a66c4ca9fbd993233ab99dd03a7cfbe09a...bda4c8187e436462be0d072e728b67afa215c593">compare view</a></li> </ul> </details> <br /> Updates `github/codeql-action` from 3.29.0 to 3.29.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action's releases</a>.</em></p> <blockquote> <h2>v3.29.1</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>3.29.1 - 27 Jun 2025</h2> <ul> <li>Fix bug in PR analysis where user-provided <code>include</code> query filter fails to exclude non-included queries. <a href="https://redirect.github.com/github/codeql-action/pull/2938">#2938</a></li> <li>Update default CodeQL bundle version to 2.22.1. <a href="https://redirect.github.com/github/codeql-action/pull/2950">#2950</a></li> </ul> <p>See the full <a href="https://github.com/github/codeql-action/blob/v3.29.1/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>[UNRELEASED]</h2> <ul> <li>Experimental: When the <code>quality-queries</code> input for the <code>init</code> action is provided with an argument, separate <code>.quality.sarif</code> files are produced and uploaded for each language with the results of the specified queries. Do not use this in production as it is part of an internal experiment and subject to change at any time. <a href="https://redirect.github.com/github/codeql-action/pull/2935">#2376</a></li> </ul> <h2>3.29.1 - 27 Jun 2025</h2> <ul> <li>Fix bug in PR analysis where user-provided <code>include</code> query filter fails to exclude non-included queries. <a href="https://redirect.github.com/github/codeql-action/pull/2938">#2938</a></li> <li>Update default CodeQL bundle version to 2.22.1. <a href="https://redirect.github.com/github/codeql-action/pull/2950">#2950</a></li> </ul> <h2>3.29.0 - 11 Jun 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.22.0. <a href="https://redirect.github.com/github/codeql-action/pull/2925">#2925</a></li> <li>Bump minimum CodeQL bundle version to 2.16.6. <a href="https://redirect.github.com/github/codeql-action/pull/2912">#2912</a></li> </ul> <h2>3.28.19 - 03 Jun 2025</h2> <ul> <li>The CodeQL Action no longer includes its own copy of the extractor for the <code>actions</code> language, which is currently in public preview. The <code>actions</code> extractor has been included in the CodeQL CLI since v2.20.6. If your workflow has enabled the <code>actions</code> language <em>and</em> you have pinned your <code>tools:</code> property to a specific version of the CodeQL CLI earlier than v2.20.6, you will need to update to at least CodeQL v2.20.6 or disable <code>actions</code> analysis.</li> <li>Update default CodeQL bundle version to 2.21.4. <a href="https://redirect.github.com/github/codeql-action/pull/2910">#2910</a></li> </ul> <h2>3.28.18 - 16 May 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.21.3. <a href="https://redirect.github.com/github/codeql-action/pull/2893">#2893</a></li> <li>Skip validating SARIF produced by CodeQL for improved performance. <a href="https://redirect.github.com/github/codeql-action/pull/2894">#2894</a></li> <li>The number of threads and amount of RAM used by CodeQL can now be set via the <code>CODEQL_THREADS</code> and <code>CODEQL_RAM</code> runner environment variables. If set, these environment variables override the <code>threads</code> and <code>ram</code> inputs respectively. <a href="https://redirect.github.com/github/codeql-action/pull/2891">#2891</a></li> </ul> <h2>3.28.17 - 02 May 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.21.2. <a href="https://redirect.github.com/github/codeql-action/pull/2872">#2872</a></li> </ul> <h2>3.28.16 - 23 Apr 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.21.1. <a href="https://redirect.github.com/github/codeql-action/pull/2863">#2863</a></li> </ul> <h2>3.28.15 - 07 Apr 2025</h2> <ul> <li>Fix bug where the action would fail if it tried to produce a debug artifact with more than 65535 files. <a href="https://redirect.github.com/github/codeql-action/pull/2842">#2842</a></li> </ul> <h2>3.28.14 - 07 Apr 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.21.0. <a href="https://redirect.github.com/github/codeql-action/pull/2838">#2838</a></li> </ul> <h2>3.28.13 - 24 Mar 2025</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/39edc492dbe16b1465b0cafca41432d857bdb31a"><code>39edc49</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2953">#2953</a> from github/update-v3.29.1-428aea55f</li> <li><a href="https://github.com/github/codeql-action/commit/27c4fb1eef772029c0bbeed96d8538a2af79e541"><code>27c4fb1</code></a> Update changelog for v3.29.1</li> <li><a href="https://github.com/github/codeql-action/commit/428aea55f52aac0db14530fe4e5c97462c533f7d"><code>428aea5</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2952">#2952</a> from github/redsun82/fix-swift-test</li> <li><a href="https://github.com/github/codeql-action/commit/973250f3d233f50890a597fef853ae3b2a538a31"><code>973250f</code></a> Swift: recreate a default Swift package to fix test</li> <li><a href="https://github.com/github/codeql-action/commit/8ef17824cfb2a3f40cbc7f41bac7e055e53b8164"><code>8ef1782</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2950">#2950</a> from github/update-bundle/codeql-bundle-v2.22.1</li> <li><a href="https://github.com/github/codeql-action/commit/f3bfb9860305f6e80e048f4785d6bee33bf77356"><code>f3bfb98</code></a> Add changelog note</li> <li><a href="https://github.com/github/codeql-action/commit/2b4afc20b636de8884609ee2a501a68a67766f26"><code>2b4afc2</code></a> Update default bundle to codeql-bundle-v2.22.1</li> <li><a href="https://github.com/github/codeql-action/commit/9b02dc2f60288b463e7a66e39c78829b62780db7"><code>9b02dc2</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2928">#2928</a> from github/update-supported-enterprise-server-versions</li> <li><a href="https://github.com/github/codeql-action/commit/7ab92d0295a9b09eb653169acdb2c24f7c43614a"><code>7ab92d0</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2948">#2948</a> from github/mbg/copilot-instructions</li> <li><a href="https://github.com/github/codeql-action/commit/2cae828745579fc9309404e09440d23bba2f7b79"><code>2cae828</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2947">#2947</a> from github/dependency-proxy/codeql-bundle-v2.22.0</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/ce28f5bb42b7a9f2c824e633a3f6ee835bab6858...39edc492dbe16b1465b0cafca41432d857bdb31a">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-06-30 15:37:51 +00:00
dependabot[bot]	183eaa21dc	ci: bump the github-actions group with 5 updates (#18497 ) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-06-23 13:46:08 +00:00
dependabot[bot]	cba99a13e7	ci: bump the github-actions group with 6 updates (#18386 ) Bumps the github-actions group with 6 updates: \| Package \| From \| To \| \| --- \| --- \| --- \| \| [step-security/harden-runner](https://github.com/step-security/harden-runner) \| `2.12.0` \| `2.12.1` \| \| [chromaui/action](https://github.com/chromaui/action) \| `12.1.1` \| `12.2.0` \| \| [actions/attest](https://github.com/actions/attest) \| `2.3.0` \| `2.4.0` \| \| [tj-actions/changed-files](https://github.com/tj-actions/changed-files) \| `115870536a85eaf050e369291c7895748ff12aea` \| `d52d20fa3f981cb852b861fd8f55308b5fe29637` \| \| [github/codeql-action](https://github.com/github/codeql-action) \| `3.28.19` \| `3.29.0` \| \| [umbrelladocs/action-linkspector](https://github.com/umbrelladocs/action-linkspector) \| `1.3.4` \| `1.3.5` \| Updates `step-security/harden-runner` from 2.12.0 to 2.12.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's releases</a>.</em></p> <blockquote> <h2>v2.12.1</h2> <h2>What's Changed</h2> <ul> <li>Detection capabilities have been upgraded to better recognize attempts at runner tampering. These improvements are informed by real-world incident learnings, including analysis of anomalous behaviors observed in the tj-actions and reviewdog supply chain attack.</li> <li>Resolved an issue where the block policy was not enforced correctly when the GitHub Actions job was running inside a container on a self-hosted VM runner.</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2...v2.12.1">https://github.com/step-security/harden-runner/compare/v2...v2.12.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/step-security/harden-runner/commit/002fdce3c6a235733a90a27c80493a3241e56863"><code>002fdce</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/544">#544</a> from step-security/rc-21</li> <li><a href="https://github.com/step-security/harden-runner/commit/2489e3fcb3d00eac3cb27c9b490431a4d26eac58"><code>2489e3f</code></a> Merge branch 'main' into rc-21</li> <li><a href="https://github.com/step-security/harden-runner/commit/75dd441a816c3c7ea21313ec8ff21d9f7b69f534"><code>75dd441</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/555">#555</a> from step-security/dependabot/github_actions/step-sec...</li> <li><a href="https://github.com/step-security/harden-runner/commit/4381ace9c4db180c9cc8ff9a6dd4220f17a95690"><code>4381ace</code></a> Bump step-security/publish-unit-test-result-action from 2.19.0 to 2.20.0</li> <li><a href="https://github.com/step-security/harden-runner/commit/a9da90b635b492e68edb2a24949fcab1e313e9eb"><code>a9da90b</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/553">#553</a> from h0x0er/feat/container-workflows</li> <li><a href="https://github.com/step-security/harden-runner/commit/a60ef21c0c1f49c7ac6c8d65b6f4d16d419789c1"><code>a60ef21</code></a> update</li> <li><a href="https://github.com/step-security/harden-runner/commit/4ad512f16553ff1c022684cc96be0329a7618db8"><code>4ad512f</code></a> Merge branch 'rc-21' into feat/container-workflows</li> <li><a href="https://github.com/step-security/harden-runner/commit/6b41a3923518db2abe77790e47793760b5c47c28"><code>6b41a39</code></a> fixed test case</li> <li><a href="https://github.com/step-security/harden-runner/commit/fa70c45ca9a73bcef023a3e6afac49ffa3007480"><code>fa70c45</code></a> update agent</li> <li><a href="https://github.com/step-security/harden-runner/commit/eb47845632e48a7532e7e363ba78b9bc48c09264"><code>eb47845</code></a> self-hosted: refactored block-policy apply logic</li> <li>Additional commits viewable in <a href="https://github.com/step-security/harden-runner/compare/0634a2670c59f64b4a01f0f96f84700a4088b9f0...002fdce3c6a235733a90a27c80493a3241e56863">compare view</a></li> </ul> </details> <br /> Updates `chromaui/action` from 12.1.1 to 12.2.0 <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/chromaui/action/commit/c50adf8eaa8c2878af3263499a73077854de39d4"><code>c50adf8</code></a> v12.2.0</li> <li>See full diff in <a href="https://github.com/chromaui/action/compare/8536229ee904071f8edce292596f6dbe0da96b9b...c50adf8eaa8c2878af3263499a73077854de39d4">compare view</a></li> </ul> </details> <br /> Updates `actions/attest` from 2.3.0 to 2.4.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/attest/releases">actions/attest's releases</a>.</em></p> <blockquote> <h2>v2.4.0</h2> <h2>What's Changed</h2> <ul> <li>Bump <code>@actions/github</code> from 6.0.0 to 6.0.1 in the npm-production group by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/attest/pull/242">actions/attest#242</a></li> <li>Bump undici from 5.28.5 to 5.29.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/attest/pull/246">actions/attest#246</a></li> <li>Add path to created attestation in a well-known summary file by <a href="https://github.com/kommendorkapten"><code>@kommendorkapten</code></a> in <a href="https://redirect.github.com/actions/attest/pull/252">actions/attest#252</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/kommendorkapten"><code>@kommendorkapten</code></a> made their first contribution in <a href="https://redirect.github.com/actions/attest/pull/252">actions/attest#252</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/attest/compare/v2...v2.4.0">https://github.com/actions/attest/compare/v2...v2.4.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/attest/commit/ce27ba3b4a9a139d9a20a4a07d69fabb52f1e5bc"><code>ce27ba3</code></a> bump package version to 2.4.0 (<a href="https://redirect.github.com/actions/attest/issues/253">#253</a>)</li> <li><a href="https://github.com/actions/attest/commit/6a89e1286443a80c6d1e0cebb7b24d8299c16774"><code>6a89e12</code></a> Add path to created attestation in a well-known summary file (<a href="https://redirect.github.com/actions/attest/issues/252">#252</a>)</li> <li><a href="https://github.com/actions/attest/commit/cbc14bbf255d1e79ad201d4308009aabd79cafdc"><code>cbc14bb</code></a> Bump the npm-development group with 3 updates (<a href="https://redirect.github.com/actions/attest/issues/250">#250</a>)</li> <li><a href="https://github.com/actions/attest/commit/b87aa13652d8ee3c0c86d3582b965c842f7f388f"><code>b87aa13</code></a> Bump the npm-development group across 1 directory with 5 updates (<a href="https://redirect.github.com/actions/attest/issues/249">#249</a>)</li> <li><a href="https://github.com/actions/attest/commit/5ae9aa28e10f70b771c67101892b7ffc141ef958"><code>5ae9aa2</code></a> Bump undici from 5.28.5 to 5.29.0 (<a href="https://redirect.github.com/actions/attest/issues/246">#246</a>)</li> <li><a href="https://github.com/actions/attest/commit/4119d34e49ca6230f84a5e799710eae4f2428d02"><code>4119d34</code></a> Bump the npm-development group across 1 directory with 6 updates (<a href="https://redirect.github.com/actions/attest/issues/245">#245</a>)</li> <li><a href="https://github.com/actions/attest/commit/7e777b150d7bec9c2cfe2c0993b186c15e97e81c"><code>7e777b1</code></a> Bump <code>@actions/github</code> from 6.0.0 to 6.0.1 in the npm-production group (<a href="https://redirect.github.com/actions/attest/issues/242">#242</a>)</li> <li><a href="https://github.com/actions/attest/commit/4d8a13a13f8c2075b78844846f6d7e38b6a920bf"><code>4d8a13a</code></a> Bump super-linter/super-linter in the actions-minor group (<a href="https://redirect.github.com/actions/attest/issues/244">#244</a>)</li> <li><a href="https://github.com/actions/attest/commit/647f15244eb261577c4910e1356026e9c1d9cda9"><code>647f152</code></a> Bump the npm-development group with 4 updates (<a href="https://redirect.github.com/actions/attest/issues/240">#240</a>)</li> <li><a href="https://github.com/actions/attest/commit/20551343079b1bce85b235f46add92bbbddb8a7a"><code>2055134</code></a> Bump the npm-development group with 4 updates (<a href="https://redirect.github.com/actions/attest/issues/239">#239</a>)</li> <li>Additional commits viewable in <a href="https://github.com/actions/attest/compare/afd638254319277bb3d7f0a234478733e2e46a73...ce27ba3b4a9a139d9a20a4a07d69fabb52f1e5bc">compare view</a></li> </ul> </details> <br /> Updates `tj-actions/changed-files` from 115870536a85eaf050e369291c7895748ff12aea to d52d20fa3f981cb852b861fd8f55308b5fe29637 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.4...v46.0.5">46.0.5</a> - (2025-04-09)</h1> <h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2> <ul> <li><strong>deps:</strong> Bump yaml from 2.7.0 to 2.7.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2520">#2520</a>) (<a href="https://github.com/tj-actions/changed-files/commit/ed68ef82c095e0d48ec87eccea555d944a631a4c">ed68ef8</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump typescript from 5.8.2 to 5.8.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2516">#2516</a>) (<a href="https://github.com/tj-actions/changed-files/commit/a7bc14b808f23d3b467a4079c69a81f1a4500fd5">a7bc14b</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 22.13.11 to 22.14.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2517">#2517</a>) (<a href="https://github.com/tj-actions/changed-files/commit/3d751f6b6d84071a17e1b9cf4ed79a80a27dd0ab">3d751f6</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump eslint-plugin-prettier from 5.2.3 to 5.2.6 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2519">#2519</a>) (<a href="https://github.com/tj-actions/changed-files/commit/e2fda4ec3cb0bc2a353843cae823430b3124db8f">e2fda4e</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump ts-jest from 29.2.6 to 29.3.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2518">#2518</a>) (<a href="https://github.com/tj-actions/changed-files/commit/0bed1b1132ec4879a39a2d624cf82a00d0bcfa48">0bed1b1</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.28.12 to 3.28.15 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2530">#2530</a>) (<a href="https://github.com/tj-actions/changed-files/commit/68024587dc36f49685c96d59d3f1081830f968bb">6802458</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump tj-actions/branch-names from 8.0.1 to 8.1.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2521">#2521</a>) (<a href="https://github.com/tj-actions/changed-files/commit/cf2e39e86bf842d1f9bc5bca56c0a6b207cca792">cf2e39e</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump tj-actions/verify-changed-files from 20.0.1 to 20.0.4 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2523">#2523</a>) (<a href="https://github.com/tj-actions/changed-files/commit/6abeaa506a419f85fa9e681260b443adbeebb3d4">6abeaa5</a>) - (dependabot[bot])</li> </ul> <h2><!-- raw HTML omitted -->⬆️ Upgrades</h2> <ul> <li>Upgraded to v46.0.4 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2511">#2511</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a href="https://github.com/tj-actions/changed-files/commit/6f67ee9ac810f0192ea7b3d2086406f97847bcf9">6f67ee9</a>) - (github-actions[bot])</p> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.3...v46.0.4">46.0.4</a> - (2025-04-03)</h1> <h2><!-- raw HTML omitted -->🐛 Bug Fixes</h2> <ul> <li>Bug modified_keys and changed_key outputs not set when no changes detected (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2509">#2509</a>) (<a href="https://github.com/tj-actions/changed-files/commit/6cb76d07bee4c9772c6882c06c37837bf82a04d3">6cb76d0</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->📚 Documentation</h2> <ul> <li>Update readme (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2508">#2508</a>) (<a href="https://github.com/tj-actions/changed-files/commit/b74df86ccb65173a8e33ba5492ac1a2ca6b216fd">b74df86</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->⬆️ Upgrades</h2> <ul> <li>Upgraded to v46.0.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2506">#2506</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> Co-authored-by: Tonye Jack <a href="mailto:jtonye@ymail.com">jtonye@ymail.com</a> (<a href="https://github.com/tj-actions/changed-files/commit/27ae6b33eaed7bf87272fdeb9f1c54f9facc9d99">27ae6b3</a>) - (github-actions[bot])</p> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.2...v46.0.3">46.0.3</a> - (2025-03-23)</h1> <h2><!-- raw HTML omitted -->🔄 Update</h2> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2501">#2501</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a href="https://github.com/tj-actions/changed-files/commit/41e0de576a0f2b64d9f06f2773f539109e55a70a">41e0de5</a>) - (github-actions[bot])</p> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2499">#2499</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a href="https://github.com/tj-actions/changed-files/commit/945787811a795cd840a1157ac590dd7827a05c8e">9457878</a>) - (github-actions[bot])</p> <h2><!-- raw HTML omitted -->📚 Documentation</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tj-actions/changed-files/commit/d52d20fa3f981cb852b861fd8f55308b5fe29637"><code>d52d20f</code></a> chore(deps-dev): bump <code>@types/node</code> from 22.15.26 to 24.0.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2587">#2587</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/f1c0eb959957d4094cf86adeb8bb4852f373e197"><code>f1c0eb9</code></a> chore(deps-dev): bump eslint-plugin-prettier from 5.4.0 to 5.4.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2578">#2578</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/944a0f723952a370222de3178b25805235c65933"><code>944a0f7</code></a> chore(deps-dev): bump eslint-plugin-jest from 28.13.0 to 28.13.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2585">#2585</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/3dbc1e181273d808ccff822a6e00cf18b6628ef0"><code>3dbc1e1</code></a> Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2592">#2592</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/7a7221b7baecf19ec83f6a411a2670a43174c883"><code>7a7221b</code></a> chore(deps): bump github/codeql-action from 3.28.18 to 3.29.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2588">#2588</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/c260d49a827b5eb266673bed7871c5d3ee9b5aef"><code>c260d49</code></a> feat: add any_added to outputs (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2567">#2567</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/b1ccff8c0892ad141d7d2de6f31e526a9dad931f"><code>b1ccff8</code></a> Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2591">#2591</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/a892f50f7a7187bc288633c09230b09ce7ad8fd0"><code>a892f50</code></a> docs: update link to glob patterns (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2590">#2590</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/5ca5422070674a4bb487ecebf3c33251f3723c9b"><code>5ca5422</code></a> chore(deps-dev): bump ts-jest from 29.3.4 to 29.4.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2589">#2589</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/4140eb99d2cced9bfd78375c2088371853262f79"><code>4140eb9</code></a> chore(deps-dev): bump eslint-plugin-jest from 28.12.0 to 28.13.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2583">#2583</a>)</li> <li>See full diff in <a href="https://github.com/tj-actions/changed-files/compare/115870536a85eaf050e369291c7895748ff12aea...d52d20fa3f981cb852b861fd8f55308b5fe29637">compare view</a></li> </ul> </details> <br /> Updates `github/codeql-action` from 3.28.19 to 3.29.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action's releases</a>.</em></p> <blockquote> <h2>v3.29.0</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>3.29.0 - 11 Jun 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.22.0. <a href="https://redirect.github.com/github/codeql-action/pull/2925">#2925</a></li> <li>Bump minimum CodeQL bundle version to 2.16.6. <a href="https://redirect.github.com/github/codeql-action/pull/2912">#2912</a></li> </ul> <p>See the full <a href="https://github.com/github/codeql-action/blob/v3.29.0/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>3.29.0 - 11 Jun 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.22.0. <a href="https://redirect.github.com/github/codeql-action/pull/2925">#2925</a></li> <li>Bump minimum CodeQL bundle version to 2.16.6. <a href="https://redirect.github.com/github/codeql-action/pull/2912">#2912</a></li> </ul> <h2>3.28.19 - 03 Jun 2025</h2> <ul> <li>The CodeQL Action no longer includes its own copy of the extractor for the <code>actions</code> language, which is currently in public preview. The <code>actions</code> extractor has been included in the CodeQL CLI since v2.20.6. If your workflow has enabled the <code>actions</code> language <em>and</em> you have pinned your <code>tools:</code> property to a specific version of the CodeQL CLI earlier than v2.20.6, you will need to update to at least CodeQL v2.20.6 or disable <code>actions</code> analysis.</li> <li>Update default CodeQL bundle version to 2.21.4. <a href="https://redirect.github.com/github/codeql-action/pull/2910">#2910</a></li> </ul> <h2>3.28.18 - 16 May 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.21.3. <a href="https://redirect.github.com/github/codeql-action/pull/2893">#2893</a></li> <li>Skip validating SARIF produced by CodeQL for improved performance. <a href="https://redirect.github.com/github/codeql-action/pull/2894">#2894</a></li> <li>The number of threads and amount of RAM used by CodeQL can now be set via the <code>CODEQL_THREADS</code> and <code>CODEQL_RAM</code> runner environment variables. If set, these environment variables override the <code>threads</code> and <code>ram</code> inputs respectively. <a href="https://redirect.github.com/github/codeql-action/pull/2891">#2891</a></li> </ul> <h2>3.28.17 - 02 May 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.21.2. <a href="https://redirect.github.com/github/codeql-action/pull/2872">#2872</a></li> </ul> <h2>3.28.16 - 23 Apr 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.21.1. <a href="https://redirect.github.com/github/codeql-action/pull/2863">#2863</a></li> </ul> <h2>3.28.15 - 07 Apr 2025</h2> <ul> <li>Fix bug where the action would fail if it tried to produce a debug artifact with more than 65535 files. <a href="https://redirect.github.com/github/codeql-action/pull/2842">#2842</a></li> </ul> <h2>3.28.14 - 07 Apr 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.21.0. <a href="https://redirect.github.com/github/codeql-action/pull/2838">#2838</a></li> </ul> <h2>3.28.13 - 24 Mar 2025</h2> <p>No user facing changes.</p> <h2>3.28.12 - 19 Mar 2025</h2> <ul> <li>Dependency caching should now cache more dependencies for Java <code>build-mode: none</code> extractions. This should speed up workflows and avoid inconsistent alerts in some cases.</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/ce28f5bb42b7a9f2c824e633a3f6ee835bab6858"><code>ce28f5b</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2926">#2926</a> from github/update-v3.29.0-e8799281c</li> <li><a href="https://github.com/github/codeql-action/commit/bc251b7932638a7881a8db15d1aaf0151642af99"><code>bc251b7</code></a> Update changelog for v3.29.0</li> <li><a href="https://github.com/github/codeql-action/commit/e8799281c8dee3b2e1aaed2c059e530fcfdc2d6d"><code>e879928</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2925">#2925</a> from github/update-bundle/codeql-bundle-v2.22.0</li> <li><a href="https://github.com/github/codeql-action/commit/efd43b3097c094d883d91934155f0a32af09dff7"><code>efd43b3</code></a> Merge branch 'main' into update-bundle/codeql-bundle-v2.22.0</li> <li><a href="https://github.com/github/codeql-action/commit/7cb9b16051842e6c23c8b9fbcf92481f92d0644a"><code>7cb9b16</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2912">#2912</a> from github/henrymercer/bump-minimum-codeql-2.16.6</li> <li><a href="https://github.com/github/codeql-action/commit/3855117ba18b27e082b12e3e92e00d1b52aaa605"><code>3855117</code></a> Add changelog note</li> <li><a href="https://github.com/github/codeql-action/commit/f5d4e2a7ca2a5826357748bb8743390a4775946f"><code>f5d4e2a</code></a> Update default bundle to codeql-bundle-v2.22.0</li> <li><a href="https://github.com/github/codeql-action/commit/22deae890c55a1dc3ffba1aa20ad4148284e72d1"><code>22deae8</code></a> Update package-lock.json</li> <li><a href="https://github.com/github/codeql-action/commit/df2a830ca4348a013f4804b56f41795f408f1e4e"><code>df2a830</code></a> Merge branch 'main' into henrymercer/bump-minimum-codeql-2.16.6</li> <li><a href="https://github.com/github/codeql-action/commit/b1e4dc3db58c9601794e22a9f6d28d45461b9dbf"><code>b1e4dc3</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2916">#2916</a> from github/dependabot/npm_and_yarn/npm-5cdccdc43f</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/fca7ace96b7d713c7035871441bd52efbe39e27e...ce28f5bb42b7a9f2c824e633a3f6ee835bab6858">compare view</a></li> </ul> </details> <br /> Updates `umbrelladocs/action-linkspector` from 1.3.4 to 1.3.5 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/umbrelladocs/action-linkspector/releases">umbrelladocs/action-linkspector's releases</a>.</em></p> <blockquote> <h2>Release v1.3.5</h2> <p>v1.3.5: PR <a href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/45">#45</a> - Update linkspector version to 0.4.5</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/UmbrellaDocs/action-linkspector/commit/e2ccef58c4b9eb89cd71ee23a8629744bba75aa6"><code>e2ccef5</code></a> Merge pull request <a href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/45">#45</a> from UmbrellaDocs/update-linkspector-version</li> <li><a href="https://github.com/UmbrellaDocs/action-linkspector/commit/6cc23b20f1b7de3860f639255ccebc2b6428c62e"><code>6cc23b2</code></a> Update linkspector version to 0.4.5</li> <li>See full diff in <a href="https://github.com/umbrelladocs/action-linkspector/compare/a0567ce1c7c13de4a2358587492ed43cab5d0102...e2ccef58c4b9eb89cd71ee23a8629744bba75aa6">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-06-16 12:39:39 +00:00
M Atif Ali	fb0e3d64db	chore: remove update release calendar job (#17884 )	2025-05-16 20:06:00 +05:00
dependabot[bot]	0a26eeec0c	ci: bump the github-actions group with 7 updates (#17581 ) Bumps the github-actions group with 7 updates: \| Package \| From \| To \| \| --- \| --- \| --- \| \| [step-security/harden-runner](https://github.com/step-security/harden-runner) \| `2.11.1` \| `2.12.0` \| \| [google-github-actions/auth](https://github.com/google-github-actions/auth) \| `2.1.8` \| `2.1.10` \| \| [actions/download-artifact](https://github.com/actions/download-artifact) \| `4.2.1` \| `4.3.0` \| \| [actions/attest](https://github.com/actions/attest) \| `2.2.1` \| `2.3.0` \| \| [tj-actions/changed-files](https://github.com/tj-actions/changed-files) \| `9934ab3fdf63239da75d9e0fbd339c48620c72c4` \| `5426ecc3f5c2b10effaefbd374f0abdc6a571b2f` \| \| [nix-community/cache-nix-action](https://github.com/nix-community/cache-nix-action) \| `6.1.2` \| `6.1.3` \| \| [github/codeql-action](https://github.com/github/codeql-action) \| `3.28.15` \| `3.28.16` \| Updates `step-security/harden-runner` from 2.11.1 to 2.12.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's releases</a>.</em></p> <blockquote> <h2>v2.12.0</h2> <h2>What's Changed</h2> <ol> <li> <p>A new option, <code>disable-sudo-and-containers</code>, is now available to replace the <code>disable-sudo policy</code>, addressing Docker-based privilege escalation (<a href="https://github.com/step-security/harden-runner/security/advisories/GHSA-mxr3-8whj-j74r">CVE-2025-32955</a>). More details can be found in this <a href="https://www.stepsecurity.io/blog/evolving-harden-runners-disable-sudo-policy-for-improved-runner-security">blog post</a>.</p> </li> <li> <p>New detections have been added based on insights from the tj-actions and reviewdog actions incidents.</p> </li> </ol> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2...v2.12.0">https://github.com/step-security/harden-runner/compare/v2...v2.12.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/step-security/harden-runner/commit/0634a2670c59f64b4a01f0f96f84700a4088b9f0"><code>0634a26</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/541">#541</a> from step-security/rc-20</li> <li><a href="https://github.com/step-security/harden-runner/commit/2e3c5113419044c10e6826351ff7cf7d56cbebe4"><code>2e3c511</code></a> Update action.yml</li> <li><a href="https://github.com/step-security/harden-runner/commit/40873e6a41e9ae4f46268f8ee038b3561bb88504"><code>40873e6</code></a> Update README.md</li> <li><a href="https://github.com/step-security/harden-runner/commit/484c2799ec63f20b4acc41bcf649dd4003718616"><code>484c279</code></a> Update README.md</li> <li><a href="https://github.com/step-security/harden-runner/commit/4c8582f45544ce2dafb2cfae82cfbebf0f41bde2"><code>4c8582f</code></a> Update agent versions</li> <li><a href="https://github.com/step-security/harden-runner/commit/e8d595cd66544d43aca8ac7e42a212a5a83b41f8"><code>e8d595c</code></a> fix disable_sudo_and_containers bug</li> <li><a href="https://github.com/step-security/harden-runner/commit/5d277fc8734baba8746d0c18cb0a2594d4692c66"><code>5d277fc</code></a> fix journalctl related bug</li> <li><a href="https://github.com/step-security/harden-runner/commit/ff2ab228bdb9f0c9129169d47dbb2bdf4b8f9b0e"><code>ff2ab22</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/536">#536</a> from rohan-stepsecurity/feat/flag/disable-sudo-and-co...</li> <li><a href="https://github.com/step-security/harden-runner/commit/b81d650d0e627a80d0d73d192b33d729507e0ef5"><code>b81d650</code></a> fix: run sudo command only when both disable-sudo and disable-sudo-and-docker...</li> <li><a href="https://github.com/step-security/harden-runner/commit/769df4ef5d6336b33b11e5b0d43934309cf439f6"><code>769df4e</code></a> Update agent</li> <li>Additional commits viewable in <a href="https://github.com/step-security/harden-runner/compare/c6295a65d1254861815972266d5933fd6e532bdf...0634a2670c59f64b4a01f0f96f84700a4088b9f0">compare view</a></li> </ul> </details> <br /> Updates `google-github-actions/auth` from 2.1.8 to 2.1.10 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/google-github-actions/auth/releases">google-github-actions/auth's releases</a>.</em></p> <blockquote> <h2>v2.1.10</h2> <h2>What's Changed</h2> <ul> <li>Declare workflow permissions by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/auth/pull/482">google-github-actions/auth#482</a></li> <li>Document that the OIDC token expires in 5min by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/auth/pull/483">google-github-actions/auth#483</a></li> <li>Release: v2.1.10 by <a href="https://github.com/google-github-actions-bot"><code>@google-github-actions-bot</code></a> in <a href="https://redirect.github.com/google-github-actions/auth/pull/484">google-github-actions/auth#484</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/google-github-actions/auth/compare/v2.1.9...v2.1.10">https://github.com/google-github-actions/auth/compare/v2.1.9...v2.1.10</a></p> <h2>v2.1.9</h2> <h2>What's Changed</h2> <ul> <li>Use our custom boolean parsing by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/auth/pull/478">google-github-actions/auth#478</a></li> <li>Update deps by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/auth/pull/479">google-github-actions/auth#479</a></li> <li>Release: v2.1.9 by <a href="https://github.com/google-github-actions-bot"><code>@google-github-actions-bot</code></a> in <a href="https://redirect.github.com/google-github-actions/auth/pull/480">google-github-actions/auth#480</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/google-github-actions/auth/compare/v2.1.8...v2.1.9">https://github.com/google-github-actions/auth/compare/v2.1.8...v2.1.9</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/google-github-actions/auth/commit/ba79af03959ebeac9769e648f473a284504d9193"><code>ba79af0</code></a> Release: v2.1.10 (<a href="https://redirect.github.com/google-github-actions/auth/issues/484">#484</a>)</li> <li><a href="https://github.com/google-github-actions/auth/commit/bfaa66bd663615688155de119a676d67396f6bb7"><code>bfaa66b</code></a> Document that the OIDC token expires in 5min (<a href="https://redirect.github.com/google-github-actions/auth/issues/483">#483</a>)</li> <li><a href="https://github.com/google-github-actions/auth/commit/d0822ad9bf77d35dee590e455d9ef5b96ccb243c"><code>d0822ad</code></a> Declare workflow permissions (<a href="https://redirect.github.com/google-github-actions/auth/issues/482">#482</a>)</li> <li><a href="https://github.com/google-github-actions/auth/commit/7b53cdc2a387814ed14eec026287aac689ae8c9b"><code>7b53cdc</code></a> Release: v2.1.9 (<a href="https://redirect.github.com/google-github-actions/auth/issues/480">#480</a>)</li> <li><a href="https://github.com/google-github-actions/auth/commit/a9cfddf5d2f27aa426027a399f75d209953ade8e"><code>a9cfddf</code></a> Update deps (<a href="https://redirect.github.com/google-github-actions/auth/issues/479">#479</a>)</li> <li><a href="https://github.com/google-github-actions/auth/commit/b011f3988e66cb193db0f34974b1d7cde74e4f95"><code>b011f39</code></a> Use our custom boolean parsing (<a href="https://redirect.github.com/google-github-actions/auth/issues/478">#478</a>)</li> <li>See full diff in <a href="https://github.com/google-github-actions/auth/compare/71f986410dfbc7added4569d411d040a91dc6935...ba79af03959ebeac9769e648f473a284504d9193">compare view</a></li> </ul> </details> <br /> Updates `actions/download-artifact` from 4.2.1 to 4.3.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/download-artifact/releases">actions/download-artifact's releases</a>.</em></p> <blockquote> <h2>v4.3.0</h2> <h2>What's Changed</h2> <ul> <li>feat: implement new <code>artifact-ids</code> input by <a href="https://github.com/GrantBirki"><code>@GrantBirki</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/401">actions/download-artifact#401</a></li> <li>Fix workflow example for downloading by artifact ID by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/402">actions/download-artifact#402</a></li> <li>Prep for v4.3.0 release by <a href="https://github.com/robherley"><code>@robherley</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/404">actions/download-artifact#404</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/GrantBirki"><code>@GrantBirki</code></a> made their first contribution in <a href="https://redirect.github.com/actions/download-artifact/pull/401">actions/download-artifact#401</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/download-artifact/compare/v4.2.1...v4.3.0">https://github.com/actions/download-artifact/compare/v4.2.1...v4.3.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/download-artifact/commit/d3f86a106a0bac45b974a628896c90dbdf5c8093"><code>d3f86a1</code></a> Merge pull request <a href="https://redirect.github.com/actions/download-artifact/issues/404">#404</a> from actions/robherley/v4.3.0</li> <li><a href="https://github.com/actions/download-artifact/commit/fc02353415da80201a0da48ab47022efd7725d11"><code>fc02353</code></a> prep for v4.3.0 release</li> <li><a href="https://github.com/actions/download-artifact/commit/77454371a433f370a16d329ef7db197f700a7a8f"><code>7745437</code></a> Merge pull request <a href="https://redirect.github.com/actions/download-artifact/issues/402">#402</a> from actions/joshmgross/download-by-id-example</li> <li><a href="https://github.com/actions/download-artifact/commit/84fc7a0a358aabc7f97f7f590cbfc25f57e26c6a"><code>84fc7a0</code></a> Remove path filters from Check dist workflow</li> <li><a href="https://github.com/actions/download-artifact/commit/67f2bc382f6ba5ba75812a05909e8c25a366b5fb"><code>67f2bc3</code></a> Fix workflow example for downloading by artifact ID</li> <li><a href="https://github.com/actions/download-artifact/commit/8ea3c2c174f79a56792e9fdd9baad75d27c5d369"><code>8ea3c2c</code></a> Merge pull request <a href="https://redirect.github.com/actions/download-artifact/issues/401">#401</a> from actions/download-by-id</li> <li><a href="https://github.com/actions/download-artifact/commit/d219c630f65d8bd14366a9e2f731cbf854f62258"><code>d219c63</code></a> add supporting unit tests for artifact downloads with ids</li> <li><a href="https://github.com/actions/download-artifact/commit/54124fbd881f8ce794405a06896c93c49c17463e"><code>54124fb</code></a> revert <code>getArtifact()</code> changes - for now we have to list and filter by artifa...</li> <li><a href="https://github.com/actions/download-artifact/commit/b83057b90d3e218abf5c7b1906579eb6c598ae85"><code>b83057b</code></a> bundle</li> <li><a href="https://github.com/actions/download-artifact/commit/171183c7dce98c3cf8a1fc842429d0a38ed21d33"><code>171183c</code></a> use the same <code>artifactClient.getArtifact</code> structure as seen above in `isSingl...</li> <li>Additional commits viewable in <a href="https://github.com/actions/download-artifact/compare/95815c38cf2ff2164869cbab79da8d1f422bc89e...d3f86a106a0bac45b974a628896c90dbdf5c8093">compare view</a></li> </ul> </details> <br /> Updates `actions/attest` from 2.2.1 to 2.3.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/attest/releases">actions/attest's releases</a>.</em></p> <blockquote> <h2>v2.3.0</h2> <h2>What's Changed</h2> <ul> <li>Bump <code>@octokit/request</code> from 8.2.0 to 8.4.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/attest/pull/229">actions/attest#229</a></li> <li>Bump <code>@sigstore/oci</code> from 0.4.0 to 0.5.0 by <a href="https://github.com/bdehamer"><code>@bdehamer</code></a> in <a href="https://redirect.github.com/actions/attest/pull/235">actions/attest#235</a> <ul> <li>Adds support for reading the <code>HttpHeaders</code> value from the Docker config file</li> </ul> </li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/attest/compare/v2...v2.3.0">https://github.com/actions/attest/compare/v2...v2.3.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/attest/commit/afd638254319277bb3d7f0a234478733e2e46a73"><code>afd6382</code></a> Bump <code>@sigstore/oci</code> from 0.4.0 to 0.5.0 (<a href="https://redirect.github.com/actions/attest/issues/235">#235</a>)</li> <li><a href="https://github.com/actions/attest/commit/d73111199c05526c91684e5e845606249f88accc"><code>d731111</code></a> Bump the npm-development group across 1 directory with 6 updates (<a href="https://redirect.github.com/actions/attest/issues/234">#234</a>)</li> <li><a href="https://github.com/actions/attest/commit/13aa4f6a9ce09dcf318f1ac18a48388699d96a62"><code>13aa4f6</code></a> Bump <code>@octokit/request</code> from 8.2.0 to 8.4.1 (<a href="https://redirect.github.com/actions/attest/issues/229">#229</a>)</li> <li><a href="https://github.com/actions/attest/commit/129b656e44fad75bb154cc2953cf07ba1da8a419"><code>129b656</code></a> Bump the npm-development group with 3 updates (<a href="https://redirect.github.com/actions/attest/issues/227">#227</a>)</li> <li><a href="https://github.com/actions/attest/commit/f3c169c8df83481993e3075060fc687e87747125"><code>f3c169c</code></a> Bump the npm-development group with 5 updates (<a href="https://redirect.github.com/actions/attest/issues/225">#225</a>)</li> <li><a href="https://github.com/actions/attest/commit/48e991bfda5b806f66f0a2ad8ae4e17f14cdfd33"><code>48e991b</code></a> Bump the npm-development group across 1 directory with 6 updates (<a href="https://redirect.github.com/actions/attest/issues/223">#223</a>)</li> <li>See full diff in <a href="https://github.com/actions/attest/compare/a63cfcc7d1aab266ee064c58250cfc2c7d07bc31...afd638254319277bb3d7f0a234478733e2e46a73">compare view</a></li> </ul> </details> <br /> Updates `tj-actions/changed-files` from 9934ab3fdf63239da75d9e0fbd339c48620c72c4 to 5426ecc3f5c2b10effaefbd374f0abdc6a571b2f <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.4...v46.0.5">46.0.5</a> - (2025-04-09)</h1> <h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2> <ul> <li><strong>deps:</strong> Bump yaml from 2.7.0 to 2.7.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2520">#2520</a>) (<a href="https://github.com/tj-actions/changed-files/commit/ed68ef82c095e0d48ec87eccea555d944a631a4c">ed68ef8</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump typescript from 5.8.2 to 5.8.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2516">#2516</a>) (<a href="https://github.com/tj-actions/changed-files/commit/a7bc14b808f23d3b467a4079c69a81f1a4500fd5">a7bc14b</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 22.13.11 to 22.14.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2517">#2517</a>) (<a href="https://github.com/tj-actions/changed-files/commit/3d751f6b6d84071a17e1b9cf4ed79a80a27dd0ab">3d751f6</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump eslint-plugin-prettier from 5.2.3 to 5.2.6 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2519">#2519</a>) (<a href="https://github.com/tj-actions/changed-files/commit/e2fda4ec3cb0bc2a353843cae823430b3124db8f">e2fda4e</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump ts-jest from 29.2.6 to 29.3.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2518">#2518</a>) (<a href="https://github.com/tj-actions/changed-files/commit/0bed1b1132ec4879a39a2d624cf82a00d0bcfa48">0bed1b1</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.28.12 to 3.28.15 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2530">#2530</a>) (<a href="https://github.com/tj-actions/changed-files/commit/68024587dc36f49685c96d59d3f1081830f968bb">6802458</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump tj-actions/branch-names from 8.0.1 to 8.1.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2521">#2521</a>) (<a href="https://github.com/tj-actions/changed-files/commit/cf2e39e86bf842d1f9bc5bca56c0a6b207cca792">cf2e39e</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump tj-actions/verify-changed-files from 20.0.1 to 20.0.4 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2523">#2523</a>) (<a href="https://github.com/tj-actions/changed-files/commit/6abeaa506a419f85fa9e681260b443adbeebb3d4">6abeaa5</a>) - (dependabot[bot])</li> </ul> <h2><!-- raw HTML omitted -->⬆️ Upgrades</h2> <ul> <li>Upgraded to v46.0.4 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2511">#2511</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a href="https://github.com/tj-actions/changed-files/commit/6f67ee9ac810f0192ea7b3d2086406f97847bcf9">6f67ee9</a>) - (github-actions[bot])</p> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.3...v46.0.4">46.0.4</a> - (2025-04-03)</h1> <h2><!-- raw HTML omitted -->🐛 Bug Fixes</h2> <ul> <li>Bug modified_keys and changed_key outputs not set when no changes detected (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2509">#2509</a>) (<a href="https://github.com/tj-actions/changed-files/commit/6cb76d07bee4c9772c6882c06c37837bf82a04d3">6cb76d0</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->📚 Documentation</h2> <ul> <li>Update readme (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2508">#2508</a>) (<a href="https://github.com/tj-actions/changed-files/commit/b74df86ccb65173a8e33ba5492ac1a2ca6b216fd">b74df86</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->⬆️ Upgrades</h2> <ul> <li>Upgraded to v46.0.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2506">#2506</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> Co-authored-by: Tonye Jack <a href="mailto:jtonye@ymail.com">jtonye@ymail.com</a> (<a href="https://github.com/tj-actions/changed-files/commit/27ae6b33eaed7bf87272fdeb9f1c54f9facc9d99">27ae6b3</a>) - (github-actions[bot])</p> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.2...v46.0.3">46.0.3</a> - (2025-03-23)</h1> <h2><!-- raw HTML omitted -->🔄 Update</h2> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2501">#2501</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a href="https://github.com/tj-actions/changed-files/commit/41e0de576a0f2b64d9f06f2773f539109e55a70a">41e0de5</a>) - (github-actions[bot])</p> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2499">#2499</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a href="https://github.com/tj-actions/changed-files/commit/945787811a795cd840a1157ac590dd7827a05c8e">9457878</a>) - (github-actions[bot])</p> <h2><!-- raw HTML omitted -->📚 Documentation</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tj-actions/changed-files/commit/5426ecc3f5c2b10effaefbd374f0abdc6a571b2f"><code>5426ecc</code></a> chore(deps): bump actions/download-artifact from 4.2.1 to 4.3.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2545">#2545</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/513a44e6095ccea82c33927169db11eb75f72791"><code>513a44e</code></a> chore(deps-dev): bump <code>@types/node</code> from 22.14.1 to 22.15.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2544">#2544</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/46e217dc3e3b2601594036314ca9212588075592"><code>46e217d</code></a> chore(deps): bump github/codeql-action from 3.28.15 to 3.28.16 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2542">#2542</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/c34c1c13a740b06851baff92ab9a653d93ad6ce7"><code>c34c1c1</code></a> chore(deps): bump actions/setup-node from 4.3.0 to 4.4.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2539">#2539</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/52c3beb9971d42006b24e86bf3ea3fff18dde67f"><code>52c3beb</code></a> chore(deps-dev): bump ts-jest from 29.3.1 to 29.3.2 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2536">#2536</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/ea3010bc88ae93076e154efd9eb64d1f5e6993f9"><code>ea3010b</code></a> chore(deps-dev): bump <code>@types/node</code> from 22.14.0 to 22.14.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2537">#2537</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/be393a90381e27c9fec2c8c2e02b00f005710145"><code>be393a9</code></a> remove: commit and push step from build job (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2538">#2538</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/9b4bb2bedb217d3ede225b6b07ebde713177cd8f"><code>9b4bb2b</code></a> chore(deps): bump tj-actions/branch-names from 8.1.0 to 8.2.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2535">#2535</a>)</li> <li>See full diff in <a href="https://github.com/tj-actions/changed-files/compare/9934ab3fdf63239da75d9e0fbd339c48620c72c4...5426ecc3f5c2b10effaefbd374f0abdc6a571b2f">compare view</a></li> </ul> </details> <br /> Updates `nix-community/cache-nix-action` from 6.1.2 to 6.1.3 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/nix-community/cache-nix-action/releases">nix-community/cache-nix-action's releases</a>.</em></p> <blockquote> <h2>v6.1.3</h2> <h2>Fixes</h2> <ul> <li>Use <code>bigint</code> instead of <code>number</code> for the store size (<a href="https://redirect.github.com/nix-community/cache-nix-action/issues/117">#117</a>)</li> <li>Fix saving a cache (<a href="https://redirect.github.com/nix-community/cache-nix-action/issues/122">#122</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/nix-community/cache-nix-action/commit/135667ec418502fa5a3598af6fb9eb733888ce6a"><code>135667e</code></a> Merge pull request <a href="https://redirect.github.com/nix-community/cache-nix-action/issues/122">#122</a> from nix-community/118-bug-cant-save-a-cache</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/e29de90a039b410e88cd97a0029c3cbdad611ad5"><code>e29de90</code></a> chore: build the action</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/6bd39b8caa31871d2bc38356ab8b94621ca1e116"><code>6bd39b8</code></a> fix(action): use TarCommandModifiers</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/1b6f6754d3c59414aad4ab660cd611b1e35c0232"><code>1b6f675</code></a> chore(deps): update buildjet/toolkit</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/2b45b8cabe18b0f3db2eb2cf4e195238eee4a325"><code>2b45b8c</code></a> chore(deps): update actions/toolkit</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/f68581e27a06c8c9115dec37e42325d562d9664b"><code>f68581e</code></a> chore: build the action</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/b6406dc6e7f9c6ad6b399ed561f29f7e406544d5"><code>b6406dc</code></a> Merge pull request <a href="https://redirect.github.com/nix-community/cache-nix-action/issues/117">#117</a> from nix-community/116-bug-inputsgcmaxstoresizevalue-...</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/a91821953137cbb5f2a2d45fa174d69fea427ef4"><code>a918219</code></a> chore: build the action</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/c6081efc5157c972934491630ade96e53259023c"><code>c6081ef</code></a> feat(ci): add example of large gc-max-store-size</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/cf6af9e3e9fb402a3b92286b7c8b48afa94de5a6"><code>cf6af9e</code></a> fix(action): use bigint for the store size</li> <li>Additional commits viewable in <a href="https://github.com/nix-community/cache-nix-action/compare/c448f065ba14308da81de769632ca67a3ce67cf5...135667ec418502fa5a3598af6fb9eb733888ce6a">compare view</a></li> </ul> </details> <br /> Updates `github/codeql-action` from 3.28.15 to 3.28.16 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action's releases</a>.</em></p> <blockquote> <h2>v3.28.16</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>3.28.16 - 23 Apr 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.21.1. <a href="https://redirect.github.com/github/codeql-action/pull/2863">#2863</a></li> </ul> <p>See the full <a href="https://github.com/github/codeql-action/blob/v3.28.16/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>3.28.16 - 23 Apr 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.21.1. <a href="https://redirect.github.com/github/codeql-action/pull/2863">#2863</a></li> </ul> <h2>3.28.15 - 07 Apr 2025</h2> <ul> <li>Fix bug where the action would fail if it tried to produce a debug artifact with more than 65535 files. <a href="https://redirect.github.com/github/codeql-action/pull/2842">#2842</a></li> </ul> <h2>3.28.14 - 07 Apr 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.21.0. <a href="https://redirect.github.com/github/codeql-action/pull/2838">#2838</a></li> </ul> <h2>3.28.13 - 24 Mar 2025</h2> <p>No user facing changes.</p> <h2>3.28.12 - 19 Mar 2025</h2> <ul> <li>Dependency caching should now cache more dependencies for Java <code>build-mode: none</code> extractions. This should speed up workflows and avoid inconsistent alerts in some cases.</li> <li>Update default CodeQL bundle version to 2.20.7. <a href="https://redirect.github.com/github/codeql-action/pull/2810">#2810</a></li> </ul> <h2>3.28.11 - 07 Mar 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.6. <a href="https://redirect.github.com/github/codeql-action/pull/2793">#2793</a></li> </ul> <h2>3.28.10 - 21 Feb 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.5. <a href="https://redirect.github.com/github/codeql-action/pull/2772">#2772</a></li> <li>Address an issue where the CodeQL Bundle would occasionally fail to decompress on macOS. <a href="https://redirect.github.com/github/codeql-action/pull/2768">#2768</a></li> </ul> <h2>3.28.9 - 07 Feb 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.4. <a href="https://redirect.github.com/github/codeql-action/pull/2753">#2753</a></li> </ul> <h2>3.28.8 - 29 Jan 2025</h2> <ul> <li>Enable support for Kotlin 2.1.10 when running with CodeQL CLI v2.20.3. <a href="https://redirect.github.com/github/codeql-action/pull/2744">#2744</a></li> </ul> <h2>3.28.7 - 29 Jan 2025</h2> <p>No user facing changes.</p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/28deaeda66b76a05916b6923827895f2b14ab387"><code>28deaed</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2865">#2865</a> from github/update-v3.28.16-2a8cbadc0</li> <li><a href="https://github.com/github/codeql-action/commit/03c5d71c11f6cb2c5ba7eef371219a862be30193"><code>03c5d71</code></a> Update changelog for v3.28.16</li> <li><a href="https://github.com/github/codeql-action/commit/2a8cbadc02bb64a7fd15d37c977acbad02496c80"><code>2a8cbad</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2863">#2863</a> from github/update-bundle/codeql-bundle-v2.21.1</li> <li><a href="https://github.com/github/codeql-action/commit/f76eaf51a636a5c1d927998267d92d6475363ace"><code>f76eaf5</code></a> Add changelog note</li> <li><a href="https://github.com/github/codeql-action/commit/e63b3f5166c15fda4eb17886f01abe9445dd13f5"><code>e63b3f5</code></a> Update default bundle to codeql-bundle-v2.21.1</li> <li><a href="https://github.com/github/codeql-action/commit/4c3e5362829f0b0bb62ff5f6c938d7f95574c306"><code>4c3e536</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2853">#2853</a> from github/dependabot/npm_and_yarn/npm-7d84c66b66</li> <li><a href="https://github.com/github/codeql-action/commit/56dd02f26d99811d607284494ff84b7d862fe837"><code>56dd02f</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2852">#2852</a> from github/dependabot/github_actions/actions-457587...</li> <li><a href="https://github.com/github/codeql-action/commit/192406dd845fb2228fcea74898b98df2a6cdcef6"><code>192406d</code></a> Merge branch 'main' into dependabot/github_actions/actions-4575878e06</li> <li><a href="https://github.com/github/codeql-action/commit/c7dbb2084ed1bb623fbbb3976cd6dbae6daaf1fe"><code>c7dbb20</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2857">#2857</a> from github/nickfyson/address-vulns</li> <li><a href="https://github.com/github/codeql-action/commit/9a45cd8c5025281c30bbb652197ace083c291e49"><code>9a45cd8</code></a> move use of input variables into env vars</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/45775bd8235c68ba998cffa5171334d58593da47...28deaeda66b76a05916b6923827895f2b14ab387">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-04-28 13:22:26 +00:00
M Atif Ali	166d88e279	docs: add automatic release calendar updates in docs (#17531 )	2025-04-24 13:52:34 +05:00
dependabot[bot]	fa594f4f6a	ci: bump the github-actions group across 1 directory with 8 updates (#17377 ) Bumps the github-actions group with 8 updates in the / directory: \| Package \| From \| To \| \| --- \| --- \| --- \| \| [step-security/harden-runner](https://github.com/step-security/harden-runner) \| `2.11.0` \| `2.11.1` \| \| [crate-ci/typos](https://github.com/crate-ci/typos) \| `1.29.10` \| `1.31.1` \| \| [actions/setup-java](https://github.com/actions/setup-java) \| `4.7.0` \| `4.7.1` \| \| [tj-actions/changed-files](https://github.com/tj-actions/changed-files) \| `27ae6b33eaed7bf87272fdeb9f1c54f9facc9d99` \| `9934ab3fdf63239da75d9e0fbd339c48620c72c4` \| \| [tj-actions/branch-names](https://github.com/tj-actions/branch-names) \| `8.1.0` \| `8.2.1` \| \| [github/codeql-action](https://github.com/github/codeql-action) \| `3.28.12` \| `3.28.15` \| \| [coder/start-workspace-action](https://github.com/coder/start-workspace-action) \| `26d3600161d67901f24d8612793d3b82771cde2d` \| `35a4608cefc7e8cc56573cae7c3b85304575cb72` \| \| [umbrelladocs/action-linkspector](https://github.com/umbrelladocs/action-linkspector) \| `1.3.2` \| `1.3.4` \| Updates `step-security/harden-runner` from 2.11.0 to 2.11.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's releases</a>.</em></p> <blockquote> <h2>v2.11.1</h2> <h2>What's Changed</h2> <ul> <li>cache: add support for GitHub Actions cache v2 by <a href="https://github.com/h0x0er"><code>@h0x0er</code></a> in <a href="https://redirect.github.com/step-security/harden-runner/pull/529">step-security/harden-runner#529</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2...v2.11.1">https://github.com/step-security/harden-runner/compare/v2...v2.11.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/step-security/harden-runner/commit/c6295a65d1254861815972266d5933fd6e532bdf"><code>c6295a6</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/530">#530</a> from step-security/rc-19</li> <li><a href="https://github.com/step-security/harden-runner/commit/3e118b145bd13a08b2e465cf3a216df0f6c7746e"><code>3e118b1</code></a> Improve error handling</li> <li><a href="https://github.com/step-security/harden-runner/commit/b38e918ba8cf8d08113e53089af0d89429dcc51a"><code>b38e918</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/529">#529</a> from h0x0er/jatin/cache-fix</li> <li><a href="https://github.com/step-security/harden-runner/commit/0664d30cda4109be234d326b54ac1cc6385597a2"><code>0664d30</code></a> cache: added support for cache v2</li> <li><a href="https://github.com/step-security/harden-runner/commit/b131ca5ebfca4930fe6d4a3e82d1e386b4873c94"><code>b131ca5</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/524">#524</a> from step-security/fix/security/GHSA-968p-4wvh-cqc8</li> <li><a href="https://github.com/step-security/harden-runner/commit/2dc9579753e01c4033425fcc7b74e652b583ca50"><code>2dc9579</code></a> Address vulnerabilities</li> <li><a href="https://github.com/step-security/harden-runner/commit/f054d811b5b89fde2f954d54dc8622ec3aaab9ab"><code>f054d81</code></a> Update README (<a href="https://redirect.github.com/step-security/harden-runner/issues/522">#522</a>)</li> <li><a href="https://github.com/step-security/harden-runner/commit/8a09271fed8277ab7fb02dbb5917c8d0e78323b4"><code>8a09271</code></a> Update Readme (<a href="https://redirect.github.com/step-security/harden-runner/issues/520">#520</a>)</li> <li><a href="https://github.com/step-security/harden-runner/commit/6ec6af7d622602bd852df48848f3cae95c760a48"><code>6ec6af7</code></a> Update readme (<a href="https://redirect.github.com/step-security/harden-runner/issues/518">#518</a>)</li> <li><a href="https://github.com/step-security/harden-runner/commit/539365ba33fd040cf8c4db243b6f0ed3b32c3283"><code>539365b</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/516">#516</a> from vorburger/patch-1</li> <li>Additional commits viewable in <a href="https://github.com/step-security/harden-runner/compare/4d991eb9b905ef189e4c376166672c3f2f230481...c6295a65d1254861815972266d5933fd6e532bdf">compare view</a></li> </ul> </details> <br /> Updates `crate-ci/typos` from 1.29.10 to 1.31.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/crate-ci/typos/releases">crate-ci/typos's releases</a>.</em></p> <blockquote> <h2>v1.31.1</h2> <h2>[1.31.1] - 2025-03-31</h2> <h3>Fixes</h3> <ul> <li><em>(dict)</em> Also correct <code>typ</code> to <code>type</code></li> </ul> <h2>v1.31.0</h2> <h2>[1.31.0] - 2025-03-28</h2> <h3>Features</h3> <ul> <li>Updated the dictionary with the <a href="https://redirect.github.com/crate-ci/typos/issues/1266">March 2025</a> changes</li> </ul> <h2>v1.30.3</h2> <h2>[1.30.3] - 2025-03-24</h2> <h3>Features</h3> <ul> <li>Support detecting <code>go.work</code> and <code>go.work.sum</code> files</li> </ul> <h2>v1.30.2</h2> <h2>[1.30.2] - 2025-03-10</h2> <h3>Features</h3> <ul> <li>Add <code>--highlight-words</code> and <code>--highlight-identifiers</code> for easier debugging of config</li> </ul> <h2>v1.30.1</h2> <h2>[1.30.1] - 2025-03-04</h2> <h3>Features</h3> <ul> <li><em>(action)</em> Create <code>v1</code> tag</li> </ul> <h2>v1.30.0</h2> <h2>[1.30.0] - 2025-03-01</h2> <h3>Features</h3> <ul> <li>Updated the dictionary with the <a href="https://redirect.github.com/crate-ci/typos/issues/1221">February 2025</a> changes</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/crate-ci/typos/blob/master/CHANGELOG.md">crate-ci/typos's changelog</a>.</em></p> <blockquote> <h1>Change Log</h1> <p>All notable changes to this project will be documented in this file.</p> <p>The format is based on <a href="http://keepachangelog.com/">Keep a Changelog</a> and this project adheres to <a href="http://semver.org/">Semantic Versioning</a>.</p> <!-- raw HTML omitted --> <h2>[Unreleased] - ReleaseDate</h2> <h2>[1.31.1] - 2025-03-31</h2> <h3>Fixes</h3> <ul> <li><em>(dict)</em> Also correct <code>typ</code> to <code>type</code></li> </ul> <h2>[1.31.0] - 2025-03-28</h2> <h3>Features</h3> <ul> <li>Updated the dictionary with the <a href="https://redirect.github.com/crate-ci/typos/issues/1266">March 2025</a> changes</li> </ul> <h2>[1.30.3] - 2025-03-24</h2> <h3>Features</h3> <ul> <li>Support detecting <code>go.work</code> and <code>go.work.sum</code> files</li> </ul> <h2>[1.30.2] - 2025-03-10</h2> <h3>Features</h3> <ul> <li>Add <code>--highlight-words</code> and <code>--highlight-identifiers</code> for easier debugging of config</li> </ul> <h2>[1.30.1] - 2025-03-04</h2> <h3>Features</h3> <ul> <li><em>(action)</em> Create <code>v1</code> tag</li> </ul> <h2>[1.30.0] - 2025-03-01</h2> <h3>Features</h3> <ul> <li>Updated the dictionary with the <a href="https://redirect.github.com/crate-ci/typos/issues/1221">February 2025</a> changes</li> </ul> <h2>[1.29.10] - 2025-02-25</h2> <h3>Fixes</h3> <ul> <li>Also correct <code>contaminent</code> as <code>contaminant</code></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/crate-ci/typos/commit/b1a1ef3893ff35ade0cfa71523852a49bfd05d19"><code>b1a1ef3</code></a> chore: Release</li> <li><a href="https://github.com/crate-ci/typos/commit/9c8a2c384f9b92ac5e7166040a1571141e271e7a"><code>9c8a2c3</code></a> docs: Update changelog</li> <li><a href="https://github.com/crate-ci/typos/commit/12195d75fea9498ad83cb8d85e357a986e90fb7e"><code>12195d7</code></a> Merge pull request <a href="https://redirect.github.com/crate-ci/typos/issues/1267">#1267</a> from epage/type</li> <li><a href="https://github.com/crate-ci/typos/commit/d4dbe5f77bde37609ce3424df4a713a61f87ad2b"><code>d4dbe5f</code></a> fix(dict): Also correct typ to type</li> <li><a href="https://github.com/crate-ci/typos/commit/718c4ff697435edabd4f1c52c3775521adbb33a3"><code>718c4ff</code></a> chore: Release</li> <li><a href="https://github.com/crate-ci/typos/commit/bfbf137ed65f9abe0e9a3a92a354a787ca084240"><code>bfbf137</code></a> chore: Release</li> <li><a href="https://github.com/crate-ci/typos/commit/d47e90e4ffad8924461124c3b3787e220b811956"><code>d47e90e</code></a> docs: Update changelog</li> <li><a href="https://github.com/crate-ci/typos/commit/0694c2a98227bebeefdfff96f2086480295d00a5"><code>0694c2a</code></a> Merge pull request <a href="https://redirect.github.com/crate-ci/typos/issues/1266">#1266</a> from epage/march</li> <li><a href="https://github.com/crate-ci/typos/commit/f715ca8b0824515b13e3e51ed80c8a255d8a7d07"><code>f715ca8</code></a> feat(dict): March 2025 updates</li> <li><a href="https://github.com/crate-ci/typos/commit/d08e4083f112e684fb88f6babd9ae60a1f1cd84f"><code>d08e408</code></a> chore: Release</li> <li>Additional commits viewable in <a href="https://github.com/crate-ci/typos/compare/db35ee91e80fbb447f33b0e5fbddb24d2a1a884f...b1a1ef3893ff35ade0cfa71523852a49bfd05d19">compare view</a></li> </ul> </details> <br /> Updates `actions/setup-java` from 4.7.0 to 4.7.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/setup-java/releases">actions/setup-java's releases</a>.</em></p> <blockquote> <h2>v4.7.1</h2> <h2>What's Changed</h2> <h3>Documentation changes</h3> <ul> <li>Add Documentation to Recommend Using GraalVM JDK 17 Version to 17.0.12 to Align with GFTC License Terms by <a href="https://github.com/aparnajyothi-y"><code>@aparnajyothi-y</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/704">actions/setup-java#704</a></li> <li>Remove duplicated GraalVM section in documentation by <a href="https://github.com/Marcono1234"><code>@Marcono1234</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/716">actions/setup-java#716</a></li> </ul> <h3>Dependency updates:</h3> <ul> <li>Upgrade <code>@action/cache</code> from 4.0.0 to 4.0.2 by <a href="https://github.com/aparnajyothi-y"><code>@aparnajyothi-y</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/766">actions/setup-java#766</a></li> <li>Upgrade <code>@actions/glob</code> from 0.4.0 to 0.5.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/744">actions/setup-java#744</a></li> <li>Upgrade ts-jest from 29.1.2 to 29.2.5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/743">actions/setup-java#743</a></li> <li>Upgrade <code>@action/cache</code> to 4.0.3 by <a href="https://github.com/aparnajyothi-y"><code>@aparnajyothi-y</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/773">actions/setup-java#773</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/setup-java/compare/v4...v4.7.1">https://github.com/actions/setup-java/compare/v4...v4.7.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/setup-java/commit/c5195efecf7bdfc987ee8bae7a71cb8b11521c00"><code>c5195ef</code></a> actions/cache upgrade to 4.0.3 (<a href="https://redirect.github.com/actions/setup-java/issues/773">#773</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/dd38875f930accc291b5816356a21f72056c0b70"><code>dd38875</code></a> Bump ts-jest from 29.1.2 to 29.2.5 (<a href="https://redirect.github.com/actions/setup-java/issues/743">#743</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/148017a9b0c6af80330bcc5db11d1c670d2e7074"><code>148017a</code></a> Bump <code>@actions/glob</code> from 0.4.0 to 0.5.0 (<a href="https://redirect.github.com/actions/setup-java/issues/744">#744</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/3b6c050358614dd082e53cdbc55580431fc4e437"><code>3b6c050</code></a> Remove duplicated GraalVM section in documentation (<a href="https://redirect.github.com/actions/setup-java/issues/716">#716</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/b8ebb8ba1d9655f7f159c0a8b8135606ae11b5c9"><code>b8ebb8b</code></a> upgrade <code>@action/cache</code> from 4.0.0 to 4.0.2 (<a href="https://redirect.github.com/actions/setup-java/issues/766">#766</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/799ee7c97e9721ef38d1a7e8486c39753b9d6102"><code>799ee7c</code></a> Add Documentation to Recommend Using GraalVM JDK 17 Version to 17.0.12 to Ali...</li> <li>See full diff in <a href="https://github.com/actions/setup-java/compare/3a4f6e1af504cf6a31855fa899c6aa5355ba6c12...c5195efecf7bdfc987ee8bae7a71cb8b11521c00">compare view</a></li> </ul> </details> <br /> Updates `tj-actions/changed-files` from 27ae6b33eaed7bf87272fdeb9f1c54f9facc9d99 to 9934ab3fdf63239da75d9e0fbd339c48620c72c4 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.4...v46.0.5">46.0.5</a> - (2025-04-09)</h1> <h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2> <ul> <li><strong>deps:</strong> Bump yaml from 2.7.0 to 2.7.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2520">#2520</a>) (<a href="https://github.com/tj-actions/changed-files/commit/ed68ef82c095e0d48ec87eccea555d944a631a4c">ed68ef8</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump typescript from 5.8.2 to 5.8.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2516">#2516</a>) (<a href="https://github.com/tj-actions/changed-files/commit/a7bc14b808f23d3b467a4079c69a81f1a4500fd5">a7bc14b</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 22.13.11 to 22.14.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2517">#2517</a>) (<a href="https://github.com/tj-actions/changed-files/commit/3d751f6b6d84071a17e1b9cf4ed79a80a27dd0ab">3d751f6</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump eslint-plugin-prettier from 5.2.3 to 5.2.6 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2519">#2519</a>) (<a href="https://github.com/tj-actions/changed-files/commit/e2fda4ec3cb0bc2a353843cae823430b3124db8f">e2fda4e</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump ts-jest from 29.2.6 to 29.3.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2518">#2518</a>) (<a href="https://github.com/tj-actions/changed-files/commit/0bed1b1132ec4879a39a2d624cf82a00d0bcfa48">0bed1b1</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.28.12 to 3.28.15 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2530">#2530</a>) (<a href="https://github.com/tj-actions/changed-files/commit/68024587dc36f49685c96d59d3f1081830f968bb">6802458</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump tj-actions/branch-names from 8.0.1 to 8.1.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2521">#2521</a>) (<a href="https://github.com/tj-actions/changed-files/commit/cf2e39e86bf842d1f9bc5bca56c0a6b207cca792">cf2e39e</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump tj-actions/verify-changed-files from 20.0.1 to 20.0.4 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2523">#2523</a>) (<a href="https://github.com/tj-actions/changed-files/commit/6abeaa506a419f85fa9e681260b443adbeebb3d4">6abeaa5</a>) - (dependabot[bot])</li> </ul> <h2><!-- raw HTML omitted -->⬆️ Upgrades</h2> <ul> <li>Upgraded to v46.0.4 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2511">#2511</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a href="https://github.com/tj-actions/changed-files/commit/6f67ee9ac810f0192ea7b3d2086406f97847bcf9">6f67ee9</a>) - (github-actions[bot])</p> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.3...v46.0.4">46.0.4</a> - (2025-04-03)</h1> <h2><!-- raw HTML omitted -->🐛 Bug Fixes</h2> <ul> <li>Bug modified_keys and changed_key outputs not set when no changes detected (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2509">#2509</a>) (<a href="https://github.com/tj-actions/changed-files/commit/6cb76d07bee4c9772c6882c06c37837bf82a04d3">6cb76d0</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->📚 Documentation</h2> <ul> <li>Update readme (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2508">#2508</a>) (<a href="https://github.com/tj-actions/changed-files/commit/b74df86ccb65173a8e33ba5492ac1a2ca6b216fd">b74df86</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->⬆️ Upgrades</h2> <ul> <li>Upgraded to v46.0.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2506">#2506</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> Co-authored-by: Tonye Jack <a href="mailto:jtonye@ymail.com">jtonye@ymail.com</a> (<a href="https://github.com/tj-actions/changed-files/commit/27ae6b33eaed7bf87272fdeb9f1c54f9facc9d99">27ae6b3</a>) - (github-actions[bot])</p> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.2...v46.0.3">46.0.3</a> - (2025-03-23)</h1> <h2><!-- raw HTML omitted -->🔄 Update</h2> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2501">#2501</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a href="https://github.com/tj-actions/changed-files/commit/41e0de576a0f2b64d9f06f2773f539109e55a70a">41e0de5</a>) - (github-actions[bot])</p> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2499">#2499</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a href="https://github.com/tj-actions/changed-files/commit/945787811a795cd840a1157ac590dd7827a05c8e">9457878</a>) - (github-actions[bot])</p> <h2><!-- raw HTML omitted -->📚 Documentation</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tj-actions/changed-files/commit/9934ab3fdf63239da75d9e0fbd339c48620c72c4"><code>9934ab3</code></a> chore(deps-dev): bump eslint-config-prettier from 10.1.1 to 10.1.2 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2532">#2532</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/db731a131ccd81ed52a3d463b6d2a4b2856c7ec9"><code>db731a1</code></a> Upgraded to v46.0.5 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2531">#2531</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/ed68ef82c095e0d48ec87eccea555d944a631a4c"><code>ed68ef8</code></a> chore(deps): bump yaml from 2.7.0 to 2.7.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2520">#2520</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/a7bc14b808f23d3b467a4079c69a81f1a4500fd5"><code>a7bc14b</code></a> chore(deps-dev): bump typescript from 5.8.2 to 5.8.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2516">#2516</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/3d751f6b6d84071a17e1b9cf4ed79a80a27dd0ab"><code>3d751f6</code></a> chore(deps-dev): bump <code>@types/node</code> from 22.13.11 to 22.14.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2517">#2517</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/e2fda4ec3cb0bc2a353843cae823430b3124db8f"><code>e2fda4e</code></a> chore(deps-dev): bump eslint-plugin-prettier from 5.2.3 to 5.2.6 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2519">#2519</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/0bed1b1132ec4879a39a2d624cf82a00d0bcfa48"><code>0bed1b1</code></a> chore(deps-dev): bump ts-jest from 29.2.6 to 29.3.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2518">#2518</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/68024587dc36f49685c96d59d3f1081830f968bb"><code>6802458</code></a> chore(deps): bump github/codeql-action from 3.28.12 to 3.28.15 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2530">#2530</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/cf2e39e86bf842d1f9bc5bca56c0a6b207cca792"><code>cf2e39e</code></a> chore(deps): bump tj-actions/branch-names from 8.0.1 to 8.1.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2521">#2521</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/6abeaa506a419f85fa9e681260b443adbeebb3d4"><code>6abeaa5</code></a> chore(deps): bump tj-actions/verify-changed-files from 20.0.1 to 20.0.4 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2523">#2523</a>)</li> <li>Additional commits viewable in <a href="https://github.com/tj-actions/changed-files/compare/27ae6b33eaed7bf87272fdeb9f1c54f9facc9d99...9934ab3fdf63239da75d9e0fbd339c48620c72c4">compare view</a></li> </ul> </details> <br /> Updates `tj-actions/branch-names` from 8.1.0 to 8.2.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tj-actions/branch-names/releases">tj-actions/branch-names's releases</a>.</em></p> <blockquote> <h2>v8.2.1</h2> <h2>What's Changed</h2> <ul> <li>fix: update sync-release-version.yml to sign commits by <a href="https://github.com/jackton1"><code>@jackton1</code></a> in <a href="https://redirect.github.com/tj-actions/branch-names/pull/416">tj-actions/branch-names#416</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/tj-actions/branch-names/compare/v8.2.0...v8.2.1">https://github.com/tj-actions/branch-names/compare/v8.2.0...v8.2.1</a></p> <h2>v8.2.0</h2> <h2>What's Changed</h2> <ul> <li>Upgraded to v8.1.0 by <a href="https://github.com/jackton1"><code>@jackton1</code></a> in <a href="https://redirect.github.com/tj-actions/branch-names/pull/410">tj-actions/branch-names#410</a></li> <li>feat: add support for replace forward slashes with hyphens by <a href="https://github.com/jackton1"><code>@jackton1</code></a> in <a href="https://redirect.github.com/tj-actions/branch-names/pull/412">tj-actions/branch-names#412</a></li> <li>chore: update update-readme.yml by <a href="https://github.com/jackton1"><code>@jackton1</code></a> in <a href="https://redirect.github.com/tj-actions/branch-names/pull/414">tj-actions/branch-names#414</a></li> <li>Updated README.md by <a href="https://github.com/github-actions"><code>@github-actions</code></a> in <a href="https://redirect.github.com/tj-actions/branch-names/pull/415">tj-actions/branch-names#415</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/github-actions"><code>@github-actions</code></a> made their first contribution in <a href="https://redirect.github.com/tj-actions/branch-names/pull/415">tj-actions/branch-names#415</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/tj-actions/branch-names/compare/v8...v8.2.0">https://github.com/tj-actions/branch-names/compare/v8...v8.2.0</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tj-actions/branch-names/blob/main/HISTORY.md">tj-actions/branch-names's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h1><a href="https://github.com/tj-actions/branch-names/compare/v8.2.0...v8.2.1">8.2.1</a> - (2025-04-11)</h1> <h2><!-- raw HTML omitted -->🐛 Bug Fixes</h2> <ul> <li>Update sync-release-version.yml to sign commits (<a href="https://redirect.github.com/tj-actions/branch-names/issues/416">#416</a>) (<a href="https://github.com/tj-actions/branch-names/commit/dde14ac574a8b9b1cedc59a1cf312788af43d8d8">dde14ac</a>) - (Tonye Jack)</li> </ul> <h1><a href="https://github.com/tj-actions/branch-names/compare/v8.1.0...v8.2.0">8.2.0</a> - (2025-04-11)</h1> <h2><!-- raw HTML omitted -->🚀 Features</h2> <ul> <li>Add support for replace forward slashes with hyphens (<a href="https://redirect.github.com/tj-actions/branch-names/issues/412">#412</a>) (<a href="https://github.com/tj-actions/branch-names/commit/af406356b42c0855d5d112babee4a0b76ee630df">af40635</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->➖ Remove</h2> <ul> <li>Deleted .github/workflows/rebase.yml (<a href="https://github.com/tj-actions/branch-names/commit/c209967c9a91450d7dced6e5adc3c61ca030c868">c209967</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->🔄 Update</h2> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/branch-names/issues/415">#415</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a href="https://github.com/tj-actions/branch-names/commit/47dfecabcf7a70329c1d7fc49d56ce56739c5420">47dfeca</a>) - (github-actions[bot])</p> <ul> <li>Update update-readme.yml (<a href="https://github.com/tj-actions/branch-names/commit/c9cf6f9a0e21d41fb9acf4025894c022a1dd22db">c9cf6f9</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2> <ul> <li>Update update-readme.yml (<a href="https://redirect.github.com/tj-actions/branch-names/issues/414">#414</a>) (<a href="https://github.com/tj-actions/branch-names/commit/b1f61bc147718240eda9ab8a823f836416ab297c">b1f61bc</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->⬆️ Upgrades</h2> <ul> <li>Upgraded from v8.0.2 -> v8.1.0 (<a href="https://redirect.github.com/tj-actions/branch-names/issues/410">#410</a>)</li> </ul> <p>(<a href="https://github.com/tj-actions/branch-names/commit/96012203a066021edaf47a9381953d843444eacf">9601220</a>) - (Tonye Jack)</p> <h1><a href="https://github.com/tj-actions/branch-names/compare/v8.0.2...v8.1.0">8.1.0</a> - (2025-03-23)</h1> <h2><!-- raw HTML omitted -->🚀 Features</h2> <ul> <li>Add support for strip_branch_prefix (<a href="https://redirect.github.com/tj-actions/branch-names/issues/406">#406</a>) (<a href="https://github.com/tj-actions/branch-names/commit/c83c87ab5379a8ff88c905ea78c391c0d53972ac">c83c87a</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->🔄 Update</h2> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/branch-names/issues/408">#408</a>)</li> </ul> <p>(<a href="https://github.com/tj-actions/branch-names/commit/d18e657ed32f367301fdebeb9a88b7e5539f3052">d18e657</a>) - (Tonye Jack)</p> <h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2> <ul> <li>Update test.yml (<a href="https://redirect.github.com/tj-actions/branch-names/issues/409">#409</a>) (<a href="https://github.com/tj-actions/branch-names/commit/f44339b51f74753b57583fbbd124e18a81170ab1">f44339b</a>) - (Tonye Jack)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tj-actions/branch-names/commit/dde14ac574a8b9b1cedc59a1cf312788af43d8d8"><code>dde14ac</code></a> fix: update sync-release-version.yml to sign commits (<a href="https://redirect.github.com/tj-actions/branch-names/issues/416">#416</a>)</li> <li><a href="https://github.com/tj-actions/branch-names/commit/47dfecabcf7a70329c1d7fc49d56ce56739c5420"><code>47dfeca</code></a> Updated README.md (<a href="https://redirect.github.com/tj-actions/branch-names/issues/415">#415</a>)</li> <li><a href="https://github.com/tj-actions/branch-names/commit/c9cf6f9a0e21d41fb9acf4025894c022a1dd22db"><code>c9cf6f9</code></a> Update update-readme.yml</li> <li><a href="https://github.com/tj-actions/branch-names/commit/b1f61bc147718240eda9ab8a823f836416ab297c"><code>b1f61bc</code></a> chore: update update-readme.yml (<a href="https://redirect.github.com/tj-actions/branch-names/issues/414">#414</a>)</li> <li><a href="https://github.com/tj-actions/branch-names/commit/af406356b42c0855d5d112babee4a0b76ee630df"><code>af40635</code></a> feat: add support for replace forward slashes with hyphens (<a href="https://redirect.github.com/tj-actions/branch-names/issues/412">#412</a>)</li> <li><a href="https://github.com/tj-actions/branch-names/commit/c209967c9a91450d7dced6e5adc3c61ca030c868"><code>c209967</code></a> Deleted .github/workflows/rebase.yml</li> <li><a href="https://github.com/tj-actions/branch-names/commit/96012203a066021edaf47a9381953d843444eacf"><code>9601220</code></a> Upgraded from v8.0.2 -> v8.1.0 (<a href="https://redirect.github.com/tj-actions/branch-names/issues/410">#410</a>)</li> <li>See full diff in <a href="https://github.com/tj-actions/branch-names/compare/f44339b51f74753b57583fbbd124e18a81170ab1...dde14ac574a8b9b1cedc59a1cf312788af43d8d8">compare view</a></li> </ul> </details> <br /> Updates `github/codeql-action` from 3.28.12 to 3.28.15 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action's releases</a>.</em></p> <blockquote> <h2>v3.28.15</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>3.28.15 - 07 Apr 2025</h2> <ul> <li>Fix bug where the action would fail if it tried to produce a debug artifact with more than 65535 files. <a href="https://redirect.github.com/github/codeql-action/pull/2842">#2842</a></li> </ul> <p>See the full <a href="https://github.com/github/codeql-action/blob/v3.28.15/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> <h2>v3.28.14</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>3.28.14 - 07 Apr 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.21.0. <a href="https://redirect.github.com/github/codeql-action/pull/2838">#2838</a></li> </ul> <p>See the full <a href="https://github.com/github/codeql-action/blob/v3.28.14/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> <h2>v3.28.13</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>3.28.13 - 24 Mar 2025</h2> <p>No user facing changes.</p> <p>See the full <a href="https://github.com/github/codeql-action/blob/v3.28.13/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>3.28.15 - 07 Apr 2025</h2> <ul> <li>Fix bug where the action would fail if it tried to produce a debug artifact with more than 65535 files. <a href="https://redirect.github.com/github/codeql-action/pull/2842">#2842</a></li> </ul> <h2>3.28.14 - 07 Apr 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.21.0. <a href="https://redirect.github.com/github/codeql-action/pull/2838">#2838</a></li> </ul> <h2>3.28.13 - 24 Mar 2025</h2> <p>No user facing changes.</p> <h2>3.28.12 - 19 Mar 2025</h2> <ul> <li>Dependency caching should now cache more dependencies for Java <code>build-mode: none</code> extractions. This should speed up workflows and avoid inconsistent alerts in some cases.</li> <li>Update default CodeQL bundle version to 2.20.7. <a href="https://redirect.github.com/github/codeql-action/pull/2810">#2810</a></li> </ul> <h2>3.28.11 - 07 Mar 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.6. <a href="https://redirect.github.com/github/codeql-action/pull/2793">#2793</a></li> </ul> <h2>3.28.10 - 21 Feb 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.5. <a href="https://redirect.github.com/github/codeql-action/pull/2772">#2772</a></li> <li>Address an issue where the CodeQL Bundle would occasionally fail to decompress on macOS. <a href="https://redirect.github.com/github/codeql-action/pull/2768">#2768</a></li> </ul> <h2>3.28.9 - 07 Feb 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.4. <a href="https://redirect.github.com/github/codeql-action/pull/2753">#2753</a></li> </ul> <h2>3.28.8 - 29 Jan 2025</h2> <ul> <li>Enable support for Kotlin 2.1.10 when running with CodeQL CLI v2.20.3. <a href="https://redirect.github.com/github/codeql-action/pull/2744">#2744</a></li> </ul> <h2>3.28.7 - 29 Jan 2025</h2> <p>No user facing changes.</p> <h2>3.28.6 - 27 Jan 2025</h2> <ul> <li>Re-enable debug artifact upload for CLI versions 2.20.3 or greater. <a href="https://redirect.github.com/github/codeql-action/pull/2726">#2726</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/45775bd8235c68ba998cffa5171334d58593da47"><code>45775bd</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2854">#2854</a> from github/update-v3.28.15-a35ae8c38</li> <li><a href="https://github.com/github/codeql-action/commit/dd78aab4078b17a672a66d6a80a990beb672ede1"><code>dd78aab</code></a> Update CHANGELOG.md with bug fix details</li> <li><a href="https://github.com/github/codeql-action/commit/e40af591743761de70080085b4e6ce37f7f6e657"><code>e40af59</code></a> Update changelog for v3.28.15</li> <li><a href="https://github.com/github/codeql-action/commit/a35ae8c380fa35365cd546f9a397a46f60dd82cf"><code>a35ae8c</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2843">#2843</a> from github/cklin/diff-informed-compat</li> <li><a href="https://github.com/github/codeql-action/commit/bb59df6c174a91d88eec1c48f2ab0ef7b5f96e99"><code>bb59df6</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2842">#2842</a> from github/henrymercer/zip64</li> <li><a href="https://github.com/github/codeql-action/commit/4b508f59648bef88ef72c74f1ffff531fda55ea8"><code>4b508f5</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2845">#2845</a> from github/mergeback/v3.28.14-to-main-fc7e4a0f</li> <li><a href="https://github.com/github/codeql-action/commit/ca00afb5f1457cf1c85da6cda07d73e720ff061a"><code>ca00afb</code></a> Update checked-in dependencies</li> <li><a href="https://github.com/github/codeql-action/commit/2969c78ce0262bf75658058604498d2b4bdb0b9b"><code>2969c78</code></a> Update changelog and version after v3.28.14</li> <li><a href="https://github.com/github/codeql-action/commit/fc7e4a0fa01c3cca5fd6a1fddec5c0740c977aa2"><code>fc7e4a0</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2844">#2844</a> from github/update-v3.28.14-362ef4ce2</li> <li><a href="https://github.com/github/codeql-action/commit/be0175c800fe14dd962aaa2c97f55371f6f95b35"><code>be0175c</code></a> Update changelog for v3.28.14</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/5f8171a638ada777af81d42b55959a643bb29017...45775bd8235c68ba998cffa5171334d58593da47">compare view</a></li> </ul> </details> <br /> Updates `coder/start-workspace-action` from 26d3600161d67901f24d8612793d3b82771cde2d to 35a4608cefc7e8cc56573cae7c3b85304575cb72 <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/coder/start-workspace-action/commit/35a4608cefc7e8cc56573cae7c3b85304575cb72"><code>35a4608</code></a> update <code>github-username</code> description to specify requirement for Coder 2.21 or...</li> <li><a href="https://github.com/coder/start-workspace-action/commit/0054568c043bba479899edb91ef96a5cfca21c55"><code>0054568</code></a> clarify requirements for the <code>github-username</code> input</li> <li><a href="https://github.com/coder/start-workspace-action/commit/f3cda2e65a469e6dd60478c111c745b919c0ec68"><code>f3cda2e</code></a> fix variable names</li> <li><a href="https://github.com/coder/start-workspace-action/commit/a6a41dc1eb63a8e58dc43a97a2c2cb04ccc40b36"><code>a6a41dc</code></a> update readme</li> <li><a href="https://github.com/coder/start-workspace-action/commit/a09e31de35a1d153448ed707d63708e2a2acef3c"><code>a09e31d</code></a> more defaults for inputs</li> <li><a href="https://github.com/coder/start-workspace-action/commit/13304209b2b4449befcb6d0392693311aad1faff"><code>1330420</code></a> Add a screenshot to the README</li> <li><a href="https://github.com/coder/start-workspace-action/commit/8d0b0d4118b6fa0c504b79c06dc99f4ed024c749"><code>8d0b0d4</code></a> clarify status comment</li> <li><a href="https://github.com/coder/start-workspace-action/commit/747b408cb53f6e3440ba04f951c75077994ff95a"><code>747b408</code></a> update input descriptions</li> <li><a href="https://github.com/coder/start-workspace-action/commit/e526e6fb8e781ffacf59c6066194286a9f3cee8a"><code>e526e6f</code></a> update example action tag</li> <li><a href="https://github.com/coder/start-workspace-action/commit/212ab2f68a115ca64029be34610433cfa16a89e0"><code>212ab2f</code></a> update readme and add a license</li> <li>Additional commits viewable in <a href="https://github.com/coder/start-workspace-action/compare/26d3600161d67901f24d8612793d3b82771cde2d...35a4608cefc7e8cc56573cae7c3b85304575cb72">compare view</a></li> </ul> </details> <br /> Updates `umbrelladocs/action-linkspector` from 1.3.2 to 1.3.4 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/umbrelladocs/action-linkspector/releases">umbrelladocs/action-linkspector's releases</a>.</em></p> <blockquote> <h2>Release v1.3.4</h2> <p>v1.3.4: PR <a href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/42">#42</a> - Update linkspector version to 0.4.4</p> <h2>Release v1.3.3</h2> <p>v1.3.3: PR <a href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/41">#41</a> - Update linkspector version to 0.4.3</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/UmbrellaDocs/action-linkspector/commit/a0567ce1c7c13de4a2358587492ed43cab5d0102"><code>a0567ce</code></a> Merge pull request <a href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/42">#42</a> from UmbrellaDocs/update-linkspector-version</li> <li><a href="https://github.com/UmbrellaDocs/action-linkspector/commit/f5418fddbc33d4b79076fee4e41451501c6ceb0f"><code>f5418fd</code></a> Update linkspector version to 0.4.4</li> <li><a href="https://github.com/UmbrellaDocs/action-linkspector/commit/3e12ade1e0b1823455dae8cf8b4f9cc92ec7dd20"><code>3e12ade</code></a> Merge pull request <a href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/41">#41</a> from UmbrellaDocs/update-linkspector-version</li> <li><a href="https://github.com/UmbrellaDocs/action-linkspector/commit/8dfab6548de1b83b975ac3262626c2d1875f59f1"><code>8dfab65</code></a> Update linkspector version to 0.4.3</li> <li>See full diff in <a href="https://github.com/umbrelladocs/action-linkspector/compare/49cf4f8da82db70e691bb8284053add5028fa244...a0567ce1c7c13de4a2358587492ed43cab5d0102">compare view</a></li> </ul> </details> <br /> <details> <summary>Most Recent Ignore Conditions Applied to This Pull Request</summary> \| Dependency Name \| Ignore Conditions \| \| --- \| --- \| \| crate-ci/typos \| [>= 1.30.a, < 1.31] \| </details> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Muhammad Atif Ali <atif@coder.com>	2025-04-14 19:55:01 +00:00
Thomas Kosiewski	abe3ad68f5	fix: add continue-on-error to SBOM generation and force flag to cosign clean (#17288 ) This PR makes the SBOM generation and attestation process more resilient by: 1. Adding `continue-on-error: true` to the SBOM generation steps in both CI and release workflows 2. Adding `--force=true` flag to all `cosign clean` commands to ensure they don't fail if in a non-interactive shell (which is the case for CI) Change-Id: Ide303c059b1a3d0e3fd77863310e99668325bc69 Signed-off-by: Thomas Kosiewski <tk@coder.com> Signed-off-by: Thomas Kosiewski <tk@coder.com>	2025-04-08 10:29:00 +02:00
Thomas Kosiewski	f48a24c18e	feat: add SBOM generation and attestation to GitHub workflow (#17277 ) Move SBOM generation and attestation to GitHub workflow This PR moves the SBOM generation and attestation process from the `build_docker.sh` script to the GitHub workflow. The change: 1. Removes SBOM generation and attestation from the `build_docker.sh` script 2. Adds a new "SBOM Generation and Attestation" step in the GitHub workflow 3. Generates and attests SBOMs for both multi-arch images and latest tags when applicable This approach ensures SBOM generation happens once for the final multi-architecture image rather than for each architecture separately. Change-Id: I2e15d7322ddec933bbc9bd7880abba9b0842719f Signed-off-by: Thomas Kosiewski <tk@coder.com>	2025-04-07 17:54:05 +02:00
M Atif Ali	51cfec3261	chore: reuse syft and cosign install actions across workflows (#16981 ) This pull request adds new GitHub Actions for installing `cosign` and `syft`, and updates the CI, release, and security workflows. New Actions: - [`install-cosign`](.github/actions/install-cosign/action.yaml): Installs `cosign` with a configurable version. - [`install-syft`](.github/actions/install-syft/action.yaml): Installs `syft` with a configurable version. Workflow Updates: - CI, release, and security workflows now use `install-cosign` and `install-syft`.	2025-03-25 01:22:17 +00:00
dependabot[bot]	4e38e6de04	ci: bump the github-actions group with 8 updates (#17068 ) Bumps the github-actions group with 8 updates: \| Package \| From \| To \| \| --- \| --- \| --- \| \| [actions/cache](https://github.com/actions/cache) \| `4.2.2` \| `4.2.3` \| \| [actions/upload-artifact](https://github.com/actions/upload-artifact) \| `4.6.1` \| `4.6.2` \| \| [actions/download-artifact](https://github.com/actions/download-artifact) \| `4.1.9` \| `4.2.1` \| \| [tj-actions/changed-files](https://github.com/tj-actions/changed-files) \| `531f5f7d163941f0c1c04e0ff4d8bb243ac4366f` \| `27ae6b33eaed7bf87272fdeb9f1c54f9facc9d99` \| \| [tj-actions/branch-names](https://github.com/tj-actions/branch-names) \| `8.0.1` \| `8.1.0` \| \| [github/codeql-action](https://github.com/github/codeql-action) \| `3.28.11` \| `3.28.12` \| \| [beatlabs/delete-old-branches-action](https://github.com/beatlabs/delete-old-branches-action) \| `0.0.10` \| `0.0.11` \| \| [umbrelladocs/action-linkspector](https://github.com/umbrelladocs/action-linkspector) \| `1.2.5` \| `1.3.2` \| Updates `actions/cache` from 4.2.2 to 4.2.3 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/cache/releases">actions/cache's releases</a>.</em></p> <blockquote> <h2>v4.2.3</h2> <h2>What's Changed</h2> <ul> <li>Update to use <code>@actions/cache</code> 4.0.3 package & prepare for new release by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1577">actions/cache#1577</a> (SAS tokens for cache entries are now masked in debug logs)</li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> made their first contribution in <a href="https://redirect.github.com/actions/cache/pull/1577">actions/cache#1577</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/cache/compare/v4.2.2...v4.2.3">https://github.com/actions/cache/compare/v4.2.2...v4.2.3</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/cache/blob/main/RELEASES.md">actions/cache's changelog</a>.</em></p> <blockquote> <h1>Releases</h1> <h3>4.2.3</h3> <ul> <li>Bump <code>@actions/cache</code> to v4.0.3 (obfuscates SAS token in debug logs for cache entries)</li> </ul> <h3>4.2.2</h3> <ul> <li>Bump <code>@actions/cache</code> to v4.0.2</li> </ul> <h3>4.2.1</h3> <ul> <li>Bump <code>@actions/cache</code> to v4.0.1</li> </ul> <h3>4.2.0</h3> <p>TLDR; The cache backend service has been rewritten from the ground up for improved performance and reliability. <a href="https://github.com/actions/cache">actions/cache</a> now integrates with the new cache service (v2) APIs.</p> <p>The new service will gradually roll out as of <strong>February 1st, 2025</strong>. The legacy service will also be sunset on the same date. Changes in these release are <strong>fully backward compatible</strong>.</p> <p><strong>We are deprecating some versions of this action</strong>. We recommend upgrading to version <code>v4</code> or <code>v3</code> as soon as possible before <strong>February 1st, 2025.</strong> (Upgrade instructions below).</p> <p>If you are using pinned SHAs, please use the SHAs of versions <code>v4.2.0</code> or <code>v3.4.0</code></p> <p>If you do not upgrade, all workflow runs using any of the deprecated <a href="https://github.com/actions/cache">actions/cache</a> will fail.</p> <p>Upgrading to the recommended versions will not break your workflows.</p> <h3>4.1.2</h3> <ul> <li>Add GitHub Enterprise Cloud instances hostname filters to inform API endpoint choices - <a href="https://redirect.github.com/actions/cache/pull/1474">#1474</a></li> <li>Security fix: Bump braces from 3.0.2 to 3.0.3 - <a href="https://redirect.github.com/actions/cache/pull/1475">#1475</a></li> </ul> <h3>4.1.1</h3> <ul> <li>Restore original behavior of <code>cache-hit</code> output - <a href="https://redirect.github.com/actions/cache/pull/1467">#1467</a></li> </ul> <h3>4.1.0</h3> <ul> <li>Ensure <code>cache-hit</code> output is set when a cache is missed - <a href="https://redirect.github.com/actions/cache/pull/1404">#1404</a></li> <li>Deprecate <code>save-always</code> input - <a href="https://redirect.github.com/actions/cache/pull/1452">#1452</a></li> </ul> <h3>4.0.2</h3> <ul> <li>Fixed restore <code>fail-on-cache-miss</code> not working.</li> </ul> <h3>4.0.1</h3> <ul> <li>Updated <code>isGhes</code> check</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/cache/commit/5a3ec84eff668545956fd18022155c47e93e2684"><code>5a3ec84</code></a> Merge pull request <a href="https://redirect.github.com/actions/cache/issues/1577">#1577</a> from salmanmkc/salmanmkc/4-test</li> <li><a href="https://github.com/actions/cache/commit/7de21022a7b6824c106a9847befcbd8154b45b6a"><code>7de2102</code></a> Update releases.md</li> <li><a href="https://github.com/actions/cache/commit/76d40dd347779762a1c829bbeeda5da4d81ca8c1"><code>76d40dd</code></a> Update to use the latest version of the cache package to obfuscate the SAS</li> <li><a href="https://github.com/actions/cache/commit/76dd5eb692f606c28d4b7a4ea7cfdffc926ba06a"><code>76dd5eb</code></a> update cache with main</li> <li><a href="https://github.com/actions/cache/commit/8c80c27c5e4498d5675b05fb1eff96a56c593b06"><code>8c80c27</code></a> new package</li> <li><a href="https://github.com/actions/cache/commit/45cfd0e7fffd1869ea4d5bfb54a464d825c1f742"><code>45cfd0e</code></a> updates</li> <li><a href="https://github.com/actions/cache/commit/edd449b9cf39c2a20dc7c3d505ff6dc193c48a02"><code>edd449b</code></a> updated cache with latest changes</li> <li><a href="https://github.com/actions/cache/commit/0576707e373f92196b81695442ed3f80c347f9c7"><code>0576707</code></a> latest test before pr</li> <li><a href="https://github.com/actions/cache/commit/3105dc9754dd9cd935ffcf45c091ed2cadbf42b9"><code>3105dc9</code></a> update</li> <li><a href="https://github.com/actions/cache/commit/9450d42d15022999ad2fa60a8b91f01fc92a0563"><code>9450d42</code></a> mask</li> <li>Additional commits viewable in <a href="https://github.com/actions/cache/compare/d4323d4df104b026a6aa633fdb11d772146be0bf...5a3ec84eff668545956fd18022155c47e93e2684">compare view</a></li> </ul> </details> <br /> Updates `actions/upload-artifact` from 4.6.1 to 4.6.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's releases</a>.</em></p> <blockquote> <h2>v4.6.2</h2> <h2>What's Changed</h2> <ul> <li>Update to use artifact 2.3.2 package & prepare for new upload-artifact release by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/685">actions/upload-artifact#685</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> made their first contribution in <a href="https://redirect.github.com/actions/upload-artifact/pull/685">actions/upload-artifact#685</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/upload-artifact/compare/v4...v4.6.2">https://github.com/actions/upload-artifact/compare/v4...v4.6.2</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/upload-artifact/commit/ea165f8d65b6e75b540449e92b4886f43607fa02"><code>ea165f8</code></a> Merge pull request <a href="https://redirect.github.com/actions/upload-artifact/issues/685">#685</a> from salmanmkc/salmanmkc/3-new-upload-artifacts-release</li> <li><a href="https://github.com/actions/upload-artifact/commit/08396203c179e13c71b9754ce3472ed71842eec0"><code>0839620</code></a> Prepare for new release of actions/upload-artifact with new toolkit cache ver...</li> <li>See full diff in <a href="https://github.com/actions/upload-artifact/compare/4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1...ea165f8d65b6e75b540449e92b4886f43607fa02">compare view</a></li> </ul> </details> <br /> Updates `actions/download-artifact` from 4.1.9 to 4.2.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/download-artifact/releases">actions/download-artifact's releases</a>.</em></p> <blockquote> <h2>v4.2.1</h2> <h2>What's Changed</h2> <ul> <li>Add unit tests by <a href="https://github.com/GhadimiR"><code>@GhadimiR</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/392">actions/download-artifact#392</a></li> <li>Fix bug introduced in 4.2.0 by <a href="https://github.com/GhadimiR"><code>@GhadimiR</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/391">actions/download-artifact#391</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/download-artifact/compare/v4.2.0...v4.2.1">https://github.com/actions/download-artifact/compare/v4.2.0...v4.2.1</a></p> <h2>v4.2.0</h2> <h2>What's Changed</h2> <ul> <li>Update README.md by <a href="https://github.com/lkfortuna"><code>@lkfortuna</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/384">actions/download-artifact#384</a></li> <li>Bump artifact version, do digest check by <a href="https://github.com/GhadimiR"><code>@GhadimiR</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/383">actions/download-artifact#383</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/lkfortuna"><code>@lkfortuna</code></a> made their first contribution in <a href="https://redirect.github.com/actions/download-artifact/pull/384">actions/download-artifact#384</a></li> <li><a href="https://github.com/GhadimiR"><code>@GhadimiR</code></a> made their first contribution in <a href="https://redirect.github.com/actions/download-artifact/pull/383">actions/download-artifact#383</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/download-artifact/compare/v4.1.9...v4.2.0">https://github.com/actions/download-artifact/compare/v4.1.9...v4.2.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/download-artifact/commit/95815c38cf2ff2164869cbab79da8d1f422bc89e"><code>95815c3</code></a> Merge pull request <a href="https://redirect.github.com/actions/download-artifact/issues/391">#391</a> from GhadimiR/main</li> <li><a href="https://github.com/actions/download-artifact/commit/278fca438a0f334c0505181835b4796f2785949b"><code>278fca4</code></a> Move log statements</li> <li><a href="https://github.com/actions/download-artifact/commit/68909842a1073010f1cf920ed7f153e2948f9c16"><code>6890984</code></a> Merge branch 'main' into main</li> <li><a href="https://github.com/actions/download-artifact/commit/f9415c0ec30f02c18e075f091cafcfe4159168d0"><code>f9415c0</code></a> Run unit tests in CI</li> <li><a href="https://github.com/actions/download-artifact/commit/76a6eb5cbca98dccb5e14c0116e53f5df13b220d"><code>76a6eb5</code></a> Merge pull request <a href="https://redirect.github.com/actions/download-artifact/issues/392">#392</a> from GhadimiR/add_unit_tests</li> <li><a href="https://github.com/actions/download-artifact/commit/a2426d7c4522072f4d5824c9508d7ea97107cb8e"><code>a2426d7</code></a> Merge branch 'main' into add_unit_tests</li> <li><a href="https://github.com/actions/download-artifact/commit/3ffa694f6f7e3d53f63807f78267796f57911dd4"><code>3ffa694</code></a> lint</li> <li><a href="https://github.com/actions/download-artifact/commit/53f6aa5f93b626e252398abac720a28f6eb048ed"><code>53f6aa5</code></a> Add extra assertion to download single artifact test</li> <li><a href="https://github.com/actions/download-artifact/commit/b456700053c87aa7d6b31d212292755e1e6eb923"><code>b456700</code></a> lint</li> <li><a href="https://github.com/actions/download-artifact/commit/9eab798a9885c1be58a1c4381da1109644016e98"><code>9eab798</code></a> Configure tsconfig</li> <li>Additional commits viewable in <a href="https://github.com/actions/download-artifact/compare/cc203385981b70ca67e1cc392babf9cc229d5806...95815c38cf2ff2164869cbab79da8d1f422bc89e">compare view</a></li> </ul> </details> <br /> Updates `tj-actions/changed-files` from 531f5f7d163941f0c1c04e0ff4d8bb243ac4366f to 27ae6b33eaed7bf87272fdeb9f1c54f9facc9d99 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.2...v46.0.3">46.0.3</a> - (2025-03-23)</h1> <h2><!-- raw HTML omitted -->🔄 Update</h2> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2501">#2501</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a href="https://github.com/tj-actions/changed-files/commit/41e0de576a0f2b64d9f06f2773f539109e55a70a">41e0de5</a>) - (github-actions[bot])</p> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2499">#2499</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a href="https://github.com/tj-actions/changed-files/commit/945787811a795cd840a1157ac590dd7827a05c8e">9457878</a>) - (github-actions[bot])</p> <h2><!-- raw HTML omitted -->📚 Documentation</h2> <ul> <li>Remove warning (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2504">#2504</a>) (<a href="https://github.com/tj-actions/changed-files/commit/813235684248c47a3518575ef56906084b59e7e8">8132356</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2> <ul> <li><strong>deps:</strong> Bump test/demo from <code>5dfac2e</code> to <code>c6bd3b3</code> (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2505">#2505</a>) (<a href="https://github.com/tj-actions/changed-files/commit/823fcebdb31bb35fdf2229d9f769b400309430d0">823fceb</a>) - (dependabot[bot])</li> <li>Pin github actions (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2503">#2503</a>) (<a href="https://github.com/tj-actions/changed-files/commit/7a369a71758acce79205e5145cb728a08ae607fb">7a369a7</a>) - (Tonye Jack)</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 22.13.10 to 22.13.11 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2502">#2502</a>) (<a href="https://github.com/tj-actions/changed-files/commit/9468856c2214566e4f7d96d3a018fb3e889a4d6d">9468856</a>) - (dependabot[bot])</li> </ul> <h2><!-- raw HTML omitted -->⬆️ Upgrades</h2> <ul> <li>Upgraded to v46.0.2 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2500">#2500</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> Co-authored-by: Tonye Jack <a href="mailto:jtonye@ymail.com">jtonye@ymail.com</a> (<a href="https://github.com/tj-actions/changed-files/commit/401c7227d10aad0ed26ab13735f1b290c3bcc919">401c722</a>) - (github-actions[bot])</p> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.1...v46.0.2">46.0.2</a> - (2025-03-22)</h1> <h2><!-- raw HTML omitted -->🐛 Bug Fixes</h2> <ul> <li>Update log message when attempting to locate merge base (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2493">#2493</a>) (<a href="https://github.com/tj-actions/changed-files/commit/a5cad85977a53287a694f9509c03feb50ac58428">a5cad85</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->➕ Add</h2> <ul> <li>Add hint to revoke leaked token (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2475">#2475</a>)</li> </ul> <p>(<a href="https://github.com/tj-actions/changed-files/commit/d52b942ee0c535798f0df9e1c05683f8e818c79b">d52b942</a>) - (undefined)</p> <h2><!-- raw HTML omitted -->🔄 Update</h2> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2496">#2496</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a href="https://github.com/tj-actions/changed-files/commit/9cc867cd4a5df418b1538ffecaaef26144a0e51f">9cc867c</a>) - (github-actions[bot])</p> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2492">#2492</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a href="https://github.com/tj-actions/changed-files/commit/f2f439bb2f890f0ec22e3ca95985b46003688a8f">f2f439b</a>) - (github-actions[bot])</p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tj-actions/changed-files/commit/27ae6b33eaed7bf87272fdeb9f1c54f9facc9d99"><code>27ae6b3</code></a> Upgraded to v46.0.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2506">#2506</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/823fcebdb31bb35fdf2229d9f769b400309430d0"><code>823fceb</code></a> chore(deps): bump test/demo from <code>5dfac2e</code> to <code>c6bd3b3</code> (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2505">#2505</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/813235684248c47a3518575ef56906084b59e7e8"><code>8132356</code></a> doc: remove warning (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2504">#2504</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/7a369a71758acce79205e5145cb728a08ae607fb"><code>7a369a7</code></a> chore: pin github actions (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2503">#2503</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/9468856c2214566e4f7d96d3a018fb3e889a4d6d"><code>9468856</code></a> chore(deps-dev): bump <code>@types/node</code> from 22.13.10 to 22.13.11 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2502">#2502</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/401c7227d10aad0ed26ab13735f1b290c3bcc919"><code>401c722</code></a> Upgraded to v46.0.2 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2500">#2500</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/41e0de576a0f2b64d9f06f2773f539109e55a70a"><code>41e0de5</code></a> Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2501">#2501</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/945787811a795cd840a1157ac590dd7827a05c8e"><code>9457878</code></a> Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2499">#2499</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/26a38635fc1173cc5820336ce97be6188d0de9f5"><code>26a3863</code></a> docs: add undefined-moe as a contributor for doc (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2498">#2498</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/a530a27a793d93d428bac022c621a9ed52f75efd"><code>a530a27</code></a> chore: update sync-release-version.yml to use commit hash for tags in docs (#...</li> <li>Additional commits viewable in <a href="https://github.com/tj-actions/changed-files/compare/531f5f7d163941f0c1c04e0ff4d8bb243ac4366f...27ae6b33eaed7bf87272fdeb9f1c54f9facc9d99">compare view</a></li> </ul> </details> <br /> Updates `tj-actions/branch-names` from 8.0.1 to 8.1.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tj-actions/branch-names/releases">tj-actions/branch-names's releases</a>.</em></p> <blockquote> <h2>v8.1.0</h2> <h2>What's Changed</h2> <ul> <li>Upgraded to v8.0.2 by <a href="https://github.com/jackton1"><code>@jackton1</code></a> in <a href="https://redirect.github.com/tj-actions/branch-names/pull/407">tj-actions/branch-names#407</a></li> <li>feat: add support for strip_branch_prefix by <a href="https://github.com/jackton1"><code>@jackton1</code></a> in <a href="https://redirect.github.com/tj-actions/branch-names/pull/406">tj-actions/branch-names#406</a></li> <li>Updated README.md by <a href="https://github.com/jackton1"><code>@jackton1</code></a> in <a href="https://redirect.github.com/tj-actions/branch-names/pull/408">tj-actions/branch-names#408</a></li> <li>chore: Update test.yml by <a href="https://github.com/jackton1"><code>@jackton1</code></a> in <a href="https://redirect.github.com/tj-actions/branch-names/pull/409">tj-actions/branch-names#409</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/tj-actions/branch-names/compare/v8...v8.1.0">https://github.com/tj-actions/branch-names/compare/v8...v8.1.0</a></p> <h2>v8.0.2</h2> <h2>What's Changed</h2> <ul> <li>Upgraded to v8.0.1 by <a href="https://github.com/tj-actions-bot"><code>@tj-actions-bot</code></a> in <a href="https://redirect.github.com/tj-actions/branch-names/pull/283">tj-actions/branch-names#283</a></li> <li>chore(deps): update codacy/codacy-analysis-cli-action action to v4.4.0 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/branch-names/pull/284">tj-actions/branch-names#284</a></li> <li>chore(deps): update tj-actions/verify-changed-files action to v19 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/branch-names/pull/285">tj-actions/branch-names#285</a></li> <li>docs: add boidolr as a contributor for doc by <a href="https://github.com/allcontributors"><code>@allcontributors</code></a> in <a href="https://redirect.github.com/tj-actions/branch-names/pull/287">tj-actions/branch-names#287</a></li> <li>Updated README.md by <a href="https://github.com/tj-actions-bot"><code>@tj-actions-bot</code></a> in <a href="https://redirect.github.com/tj-actions/branch-names/pull/288">tj-actions/branch-names#288</a></li> <li>docs: update checkout action by <a href="https://github.com/boidolr"><code>@boidolr</code></a> in <a href="https://redirect.github.com/tj-actions/branch-names/pull/286">tj-actions/branch-names#286</a></li> <li>chore(deps): update actions/checkout action to v4.1.2 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/branch-names/pull/290">tj-actions/branch-names#290</a></li> <li>Bump actions/checkout from 4.1.1 to 4.1.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/tj-actions/branch-names/pull/289">tj-actions/branch-names#289</a></li> <li>chore(deps): update actions/checkout digest to b4ffde6 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/branch-names/pull/291">tj-actions/branch-names#291</a></li> <li>Bump actions/checkout from 4.1.1 to 4.1.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/tj-actions/branch-names/pull/292">tj-actions/branch-names#292</a></li> <li>chore(deps): update actions/checkout digest to b4ffde6 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/branch-names/pull/293">tj-actions/branch-names#293</a></li> <li>Bump actions/checkout from 4.1.1 to 4.1.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/tj-actions/branch-names/pull/294">tj-actions/branch-names#294</a></li> <li>chore(deps): update actions/checkout digest to b4ffde6 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/branch-names/pull/295">tj-actions/branch-names#295</a></li> <li>Bump actions/checkout from 4.1.1 to 4.1.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/tj-actions/branch-names/pull/296">tj-actions/branch-names#296</a></li> <li>chore(deps): update actions/checkout digest to b4ffde6 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/branch-names/pull/297">tj-actions/branch-names#297</a></li> <li>Bump actions/checkout from 4.1.1 to 4.1.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/tj-actions/branch-names/pull/298">tj-actions/branch-names#298</a></li> <li>chore(deps): update actions/checkout digest to b4ffde6 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/branch-names/pull/299">tj-actions/branch-names#299</a></li> <li>Bump actions/checkout from 4.1.1 to 4.1.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/tj-actions/branch-names/pull/300">tj-actions/branch-names#300</a></li> <li>chore(deps): update actions/checkout digest to b4ffde6 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/branch-names/pull/301">tj-actions/branch-names#301</a></li> <li>Bump actions/checkout from 4.1.1 to 4.1.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/tj-actions/branch-names/pull/302">tj-actions/branch-names#302</a></li> <li>chore(deps): update actions/checkout digest to b4ffde6 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/branch-names/pull/303">tj-actions/branch-names#303</a></li> <li>Bump actions/checkout from 4.1.1 to 4.1.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/tj-actions/branch-names/pull/304">tj-actions/branch-names#304</a></li> <li>chore(deps): update actions/checkout digest to b4ffde6 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/branch-names/pull/305">tj-actions/branch-names#305</a></li> <li>Bump actions/checkout from 4.1.1 to 4.1.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/tj-actions/branch-names/pull/306">tj-actions/branch-names#306</a></li> <li>chore(deps): update actions/checkout digest to b4ffde6 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/branch-names/pull/307">tj-actions/branch-names#307</a></li> <li>Bump actions/checkout from 4.1.1 to 4.1.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/tj-actions/branch-names/pull/308">tj-actions/branch-names#308</a></li> <li>chore(deps): update actions/checkout digest to b4ffde6 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/branch-names/pull/309">tj-actions/branch-names#309</a></li> <li>Bump actions/checkout from 4.1.1 to 4.1.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/tj-actions/branch-names/pull/310">tj-actions/branch-names#310</a></li> <li>chore(deps): update actions/checkout digest to b4ffde6 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/branch-names/pull/311">tj-actions/branch-names#311</a></li> <li>Bump actions/checkout from 4.1.1 to 4.1.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/tj-actions/branch-names/pull/312">tj-actions/branch-names#312</a></li> <li>chore(deps): update actions/checkout digest to b4ffde6 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/branch-names/pull/313">tj-actions/branch-names#313</a></li> <li>Bump actions/checkout from 4.1.1 to 4.1.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/tj-actions/branch-names/pull/314">tj-actions/branch-names#314</a></li> <li>chore(deps): update actions/checkout digest to b4ffde6 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/branch-names/pull/315">tj-actions/branch-names#315</a></li> <li>Bump actions/checkout from 4.1.1 to 4.1.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/tj-actions/branch-names/pull/316">tj-actions/branch-names#316</a></li> <li>chore(deps): update actions/checkout digest to b4ffde6 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/branch-names/pull/317">tj-actions/branch-names#317</a></li> <li>Bump actions/checkout from 4.1.1 to 4.1.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/tj-actions/branch-names/pull/318">tj-actions/branch-names#318</a></li> <li>chore(deps): update actions/checkout digest to b4ffde6 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/branch-names/pull/319">tj-actions/branch-names#319</a></li> <li>Bump actions/checkout from 4.1.1 to 4.1.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/tj-actions/branch-names/pull/320">tj-actions/branch-names#320</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tj-actions/branch-names/blob/main/HISTORY.md">tj-actions/branch-names's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h1><a href="https://github.com/tj-actions/branch-names/compare/v8.0.2...v8.1.0">8.1.0</a> - (2025-03-23)</h1> <h2><!-- raw HTML omitted -->🚀 Features</h2> <ul> <li>Add support for strip_branch_prefix (<a href="https://redirect.github.com/tj-actions/branch-names/issues/406">#406</a>) (<a href="https://github.com/tj-actions/branch-names/commit/c83c87ab5379a8ff88c905ea78c391c0d53972ac">c83c87a</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->🔄 Update</h2> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/branch-names/issues/408">#408</a>)</li> </ul> <p>(<a href="https://github.com/tj-actions/branch-names/commit/d18e657ed32f367301fdebeb9a88b7e5539f3052">d18e657</a>) - (Tonye Jack)</p> <h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2> <ul> <li>Update test.yml (<a href="https://redirect.github.com/tj-actions/branch-names/issues/409">#409</a>) (<a href="https://github.com/tj-actions/branch-names/commit/f44339b51f74753b57583fbbd124e18a81170ab1">f44339b</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->⬆️ Upgrades</h2> <ul> <li>Upgraded from v8.0.1 -> v8.0.2 (<a href="https://redirect.github.com/tj-actions/branch-names/issues/407">#407</a>)</li> </ul> <p>(<a href="https://github.com/tj-actions/branch-names/commit/86aaf170e74d8cad1e7d4f566f2e9bed6cf000af">86aaf17</a>) - (Tonye Jack)</p> <h1><a href="https://github.com/tj-actions/branch-names/compare/v8.0.1...v8.0.2">8.0.2</a> - (2025-03-15)</h1> <h2><!-- raw HTML omitted -->📦 Bumps</h2> <ul> <li>Bump actions/checkout from 4.1.1 to 4.1.2</li> </ul> <p>Bumps <a href="https://github.com/actions/checkout">actions/checkout</a> from 4.1.1 to 4.1.2.</p> <ul> <li><a href="https://github.com/actions/checkout/releases">Release notes</a></li> <li><a href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">Changelog</a></li> <li><a href="https://github.com/actions/checkout/compare/v4.1.1...9bb56186c3b09b4f86b1c65136769dd318469633">Commits</a></li> </ul> <hr /> <p>updated-dependencies:</p> <ul> <li>dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ...</li> </ul> <p>Signed-off-by: dependabot[bot] <a href="mailto:support@github.com">support@github.com</a> (<a href="https://github.com/tj-actions/branch-names/commit/534653b2272678c76b23f2e681c8cfc2056d7b99">534653b</a>) - (dependabot[bot])</p> <ul> <li>Bump actions/checkout from 4.1.1 to 4.1.2</li> </ul> <p>Bumps <a href="https://github.com/actions/checkout">actions/checkout</a> from 4.1.1 to 4.1.2.</p> <ul> <li><a href="https://github.com/actions/checkout/releases">Release notes</a></li> <li><a href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">Changelog</a></li> <li><a href="https://github.com/actions/checkout/compare/v4.1.1...9bb56186c3b09b4f86b1c65136769dd318469633">Commits</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tj-actions/branch-names/commit/f44339b51f74753b57583fbbd124e18a81170ab1"><code>f44339b</code></a> chore: Update test.yml (<a href="https://redirect.github.com/tj-actions/branch-names/issues/409">#409</a>)</li> <li><a href="https://github.com/tj-actions/branch-names/commit/d18e657ed32f367301fdebeb9a88b7e5539f3052"><code>d18e657</code></a> Updated README.md (<a href="https://redirect.github.com/tj-actions/branch-names/issues/408">#408</a>)</li> <li><a href="https://github.com/tj-actions/branch-names/commit/c83c87ab5379a8ff88c905ea78c391c0d53972ac"><code>c83c87a</code></a> feat: add support for strip_branch_prefix (<a href="https://redirect.github.com/tj-actions/branch-names/issues/406">#406</a>)</li> <li><a href="https://github.com/tj-actions/branch-names/commit/86aaf170e74d8cad1e7d4f566f2e9bed6cf000af"><code>86aaf17</code></a> Upgraded from v8.0.1 -> v8.0.2 (<a href="https://redirect.github.com/tj-actions/branch-names/issues/407">#407</a>)</li> <li><a href="https://github.com/tj-actions/branch-names/commit/394802c2335dc81582b3569322f3d7da41a9978e"><code>394802c</code></a> Deleted renovate.json</li> <li><a href="https://github.com/tj-actions/branch-names/commit/32798b2266752bb2b274d694923596fdc67c399a"><code>32798b2</code></a> chore(deps): update actions/checkout action to v4.2.2</li> <li><a href="https://github.com/tj-actions/branch-names/commit/9a04c058bb2ddc036c2d273df7a6a21d42f28533"><code>9a04c05</code></a> chore(deps): update actions/checkout digest to 11bd719</li> <li><a href="https://github.com/tj-actions/branch-names/commit/e400ca0ec8ef23d62fca0f9492fc40093a3f1012"><code>e400ca0</code></a> chore(deps): update actions/checkout digest to eef6144</li> <li><a href="https://github.com/tj-actions/branch-names/commit/5d79051f9e52a0067942d0b42e53ca411220c07b"><code>5d79051</code></a> chore(deps): update actions/checkout action to v4.2.1</li> <li><a href="https://github.com/tj-actions/branch-names/commit/d353900ec68b69229ad98021a530af33c416dcb1"><code>d353900</code></a> chore(deps): update actions/checkout digest to 692973e (<a href="https://redirect.github.com/tj-actions/branch-names/issues/394">#394</a>)</li> <li>Additional commits viewable in <a href="https://github.com/tj-actions/branch-names/compare/6871f53176ad61624f978536bbf089c574dc19a2...f44339b51f74753b57583fbbd124e18a81170ab1">compare view</a></li> </ul> </details> <br /> Updates `github/codeql-action` from 3.28.11 to 3.28.12 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action's releases</a>.</em></p> <blockquote> <h2>v3.28.12</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>3.28.12 - 19 Mar 2025</h2> <ul> <li>Dependency caching should now cache more dependencies for Java <code>build-mode: none</code> extractions. This should speed up workflows and avoid inconsistent alerts in some cases.</li> <li>Update default CodeQL bundle version to 2.20.7. <a href="https://redirect.github.com/github/codeql-action/pull/2810">#2810</a></li> </ul> <p>See the full <a href="https://github.com/github/codeql-action/blob/v3.28.12/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>3.28.12 - 19 Mar 2025</h2> <ul> <li>Dependency caching should now cache more dependencies for Java <code>build-mode: none</code> extractions. This should speed up workflows and avoid inconsistent alerts in some cases.</li> <li>Update default CodeQL bundle version to 2.20.7. <a href="https://redirect.github.com/github/codeql-action/pull/2810">#2810</a></li> </ul> <h2>3.28.11 - 07 Mar 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.6. <a href="https://redirect.github.com/github/codeql-action/pull/2793">#2793</a></li> </ul> <h2>3.28.10 - 21 Feb 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.5. <a href="https://redirect.github.com/github/codeql-action/pull/2772">#2772</a></li> <li>Address an issue where the CodeQL Bundle would occasionally fail to decompress on macOS. <a href="https://redirect.github.com/github/codeql-action/pull/2768">#2768</a></li> </ul> <h2>3.28.9 - 07 Feb 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.4. <a href="https://redirect.github.com/github/codeql-action/pull/2753">#2753</a></li> </ul> <h2>3.28.8 - 29 Jan 2025</h2> <ul> <li>Enable support for Kotlin 2.1.10 when running with CodeQL CLI v2.20.3. <a href="https://redirect.github.com/github/codeql-action/pull/2744">#2744</a></li> </ul> <h2>3.28.7 - 29 Jan 2025</h2> <p>No user facing changes.</p> <h2>3.28.6 - 27 Jan 2025</h2> <ul> <li>Re-enable debug artifact upload for CLI versions 2.20.3 or greater. <a href="https://redirect.github.com/github/codeql-action/pull/2726">#2726</a></li> </ul> <h2>3.28.5 - 24 Jan 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.3. <a href="https://redirect.github.com/github/codeql-action/pull/2717">#2717</a></li> </ul> <h2>3.28.4 - 23 Jan 2025</h2> <p>No user facing changes.</p> <h2>3.28.3 - 22 Jan 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.2. <a href="https://redirect.github.com/github/codeql-action/pull/2707">#2707</a></li> <li>Fix an issue downloading the CodeQL Bundle from a GitHub Enterprise Server instance which occurred when the CodeQL Bundle had been synced to the instance using the <a href="https://github.com/github/codeql-action-sync-tool">CodeQL Action sync tool</a> and the Actions runner did not have Zstandard installed. <a href="https://redirect.github.com/github/codeql-action/pull/2710">#2710</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/5f8171a638ada777af81d42b55959a643bb29017"><code>5f8171a</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2814">#2814</a> from github/update-v3.28.12-6349095d1</li> <li><a href="https://github.com/github/codeql-action/commit/bb59f7707d836b040802dbdf2ad1a16482d319da"><code>bb59f77</code></a> Update changelog for v3.28.12</li> <li><a href="https://github.com/github/codeql-action/commit/6349095d19ec30397ffb02a63b7aa4f867deb563"><code>6349095</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2810">#2810</a> from github/update-bundle/codeql-bundle-v2.20.7</li> <li><a href="https://github.com/github/codeql-action/commit/d7d03fda1241f6b0b3fae460c9f19c6e887158ad"><code>d7d03fd</code></a> Add changelog note</li> <li><a href="https://github.com/github/codeql-action/commit/4e3a5342c5e8e627915b9a29b363f49da8c4a32e"><code>4e3a534</code></a> Update default bundle to codeql-bundle-v2.20.7</li> <li><a href="https://github.com/github/codeql-action/commit/55f023701cfc1e7d11ef2ae0c5ec3193dae4fce4"><code>55f0237</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2802">#2802</a> from github/mbg/dependency-caching/java-buildless</li> <li><a href="https://github.com/github/codeql-action/commit/6a151cd77488e58567da1dcf953e7aeeaca4950c"><code>6a151cd</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2811">#2811</a> from github/dependabot/github_actions/actions-c2c311...</li> <li><a href="https://github.com/github/codeql-action/commit/7866bcdb1b15b5d5cba0021b87f36d9f6d977156"><code>7866bcd</code></a> Manually bump workflow to match autogenerated file</li> <li><a href="https://github.com/github/codeql-action/commit/611289e0b0ce1f6fc14820f1b72edaed2de4ba2c"><code>611289e</code></a> build(deps): bump ruby/setup-ruby in the actions group</li> <li><a href="https://github.com/github/codeql-action/commit/4c409a5b664afa7d5b12cd8487e310f286487472"><code>4c409a5</code></a> Remove temporary dependency directory in <code>analyze</code> post action</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/6bb031afdd8eb862ea3fc1848194185e076637e5...5f8171a638ada777af81d42b55959a643bb29017">compare view</a></li> </ul> </details> <br /> Updates `beatlabs/delete-old-branches-action` from 0.0.10 to 0.0.11 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/beatlabs/delete-old-branches-action/releases">beatlabs/delete-old-branches-action's releases</a>.</em></p> <blockquote> <h2>v0.0.11</h2> <h2>What's Changed</h2> <ul> <li>chore: update readme by <a href="https://github.com/Edgaraszs"><code>@Edgaraszs</code></a> in <a href="https://redirect.github.com/beatlabs/delete-old-branches-action/pull/36">beatlabs/delete-old-branches-action#36</a></li> <li>fix: retrieve all branches through pagination by <a href="https://github.com/nikaro"><code>@nikaro</code></a> in <a href="https://redirect.github.com/beatlabs/delete-old-branches-action/pull/38">beatlabs/delete-old-branches-action#38</a></li> <li>fix: apply shellcheck recommandations by <a href="https://github.com/nikaro"><code>@nikaro</code></a> in <a href="https://redirect.github.com/beatlabs/delete-old-branches-action/pull/37">beatlabs/delete-old-branches-action#37</a></li> <li>fix: bump versions by <a href="https://github.com/Edgaraszs"><code>@Edgaraszs</code></a> in <a href="https://redirect.github.com/beatlabs/delete-old-branches-action/pull/40">beatlabs/delete-old-branches-action#40</a></li> <li>Sort tags via semver to preserve newest tags by <a href="https://github.com/ecdemis123"><code>@ecdemis123</code></a> in <a href="https://redirect.github.com/beatlabs/delete-old-branches-action/pull/42">beatlabs/delete-old-branches-action#42</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/Edgaraszs"><code>@Edgaraszs</code></a> made their first contribution in <a href="https://redirect.github.com/beatlabs/delete-old-branches-action/pull/36">beatlabs/delete-old-branches-action#36</a></li> <li><a href="https://github.com/nikaro"><code>@nikaro</code></a> made their first contribution in <a href="https://redirect.github.com/beatlabs/delete-old-branches-action/pull/38">beatlabs/delete-old-branches-action#38</a></li> <li><a href="https://github.com/ecdemis123"><code>@ecdemis123</code></a> made their first contribution in <a href="https://redirect.github.com/beatlabs/delete-old-branches-action/pull/42">beatlabs/delete-old-branches-action#42</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/beatlabs/delete-old-branches-action/compare/v0.0.10...v0.0.11">https://github.com/beatlabs/delete-old-branches-action/compare/v0.0.10...v0.0.11</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/beatlabs/delete-old-branches-action/commit/4eeeb8740ff8b3cb310296ddd6b43c3387734588"><code>4eeeb87</code></a> sort tags via semver (<a href="https://redirect.github.com/beatlabs/delete-old-branches-action/issues/42">#42</a>)</li> <li><a href="https://github.com/beatlabs/delete-old-branches-action/commit/1e32837fd650c9749fe7c36701f4ae6774639f40"><code>1e32837</code></a> fix: bump versions (<a href="https://redirect.github.com/beatlabs/delete-old-branches-action/issues/40">#40</a>)</li> <li><a href="https://github.com/beatlabs/delete-old-branches-action/commit/3dd382723bf794a122239bc1d6b0116662d5ec0f"><code>3dd3827</code></a> fix: apply shellcheck recommandations (<a href="https://redirect.github.com/beatlabs/delete-old-branches-action/issues/37">#37</a>)</li> <li><a href="https://github.com/beatlabs/delete-old-branches-action/commit/3a54bdf0f3658e31347dde33ff983b11fab69c7b"><code>3a54bdf</code></a> fix: retrieve all branches through pagination (<a href="https://redirect.github.com/beatlabs/delete-old-branches-action/issues/38">#38</a>)</li> <li><a href="https://github.com/beatlabs/delete-old-branches-action/commit/3aac1083bb9bf5d1111a27300a1b3891b0a68dce"><code>3aac108</code></a> chore: update readme (<a href="https://redirect.github.com/beatlabs/delete-old-branches-action/issues/36">#36</a>)</li> <li>See full diff in <a href="https://github.com/beatlabs/delete-old-branches-action/compare/6e94df089372a619c01ae2c2f666bf474f890911...4eeeb8740ff8b3cb310296ddd6b43c3387734588">compare view</a></li> </ul> </details> <br /> Updates `umbrelladocs/action-linkspector` from 1.2.5 to 1.3.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/umbrelladocs/action-linkspector/releases">umbrelladocs/action-linkspector's releases</a>.</em></p> <blockquote> <h2>Release v1.3.2</h2> <p>v1.3.2: PR <a href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/40">#40</a> - Update linkspector version to 0.4.2</p> <h2>Release v1.3.1</h2> <p>v1.3.1: PR <a href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/38">#38</a> - Add support for showing stats</p> <h2>Release v1.3.0</h2> <p>v1.3.0: PR <a href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/37">#37</a> - Update linkspector version to 0.4.1</p> <h2>What's Changed</h2> <ul> <li>Update linkspector version to 0.4.1 by <a href="https://github.com/github-actions"><code>@github-actions</code></a> in <a href="https://redirect.github.com/UmbrellaDocs/action-linkspector/pull/37">UmbrellaDocs/action-linkspector#37</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/UmbrellaDocs/action-linkspector/compare/v1.2...v1.3.0">https://github.com/UmbrellaDocs/action-linkspector/compare/v1.2...v1.3.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/UmbrellaDocs/action-linkspector/commit/49cf4f8da82db70e691bb8284053add5028fa244"><code>49cf4f8</code></a> Merge pull request <a href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/40">#40</a> from UmbrellaDocs/update-linkspector-version</li> <li><a href="https://github.com/UmbrellaDocs/action-linkspector/commit/fb49f30059a34b9bfab39967511559fef398f2c1"><code>fb49f30</code></a> Update linkspector version to 0.4.2</li> <li><a href="https://github.com/UmbrellaDocs/action-linkspector/commit/c6d4525e9f50b27a0e78fc42b537141058d034ef"><code>c6d4525</code></a> Merge pull request <a href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/38">#38</a> from UmbrellaDocs/stats</li> <li><a href="https://github.com/UmbrellaDocs/action-linkspector/commit/c311faff00cc2318a96e3cb41e1fc7dba4dffffd"><code>c311faf</code></a> Add support for showing stats</li> <li><a href="https://github.com/UmbrellaDocs/action-linkspector/commit/808d98be382b6e1f97bd3dfa6aa85b4410769dc6"><code>808d98b</code></a> Merge pull request <a href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/37">#37</a> from UmbrellaDocs/update-linkspector-version</li> <li><a href="https://github.com/UmbrellaDocs/action-linkspector/commit/3935e7368cfeff39766dbcd3b514cbc3ff90df4c"><code>3935e73</code></a> Update linkspector version to 0.4.1</li> <li>See full diff in <a href="https://github.com/umbrelladocs/action-linkspector/compare/de84085e0f51452a470558693d7d308fbb2fa261...49cf4f8da82db70e691bb8284053add5028fa244">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-03-24 12:25:03 +00:00
dependabot[bot]	27a160d136	ci: bump the github-actions group with 4 updates (#16966 ) Bumps the github-actions group with 4 updates: [docker/login-action](https://github.com/docker/login-action), [tj-actions/changed-files](https://github.com/tj-actions/changed-files), [nix-community/cache-nix-action](https://github.com/nix-community/cache-nix-action) and [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action). Updates `docker/login-action` from 3.3.0 to 3.4.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/login-action/releases">docker/login-action's releases</a>.</em></p> <blockquote> <h2>v3.4.0</h2> <ul> <li>Bump <code>@actions/core</code> from 1.10.1 to 1.11.1 in <a href="https://redirect.github.com/docker/login-action/pull/791">docker/login-action#791</a></li> <li>Bump <code>@aws-sdk/client-ecr</code> to 3.766.0 in <a href="https://redirect.github.com/docker/login-action/pull/789">docker/login-action#789</a> <a href="https://redirect.github.com/docker/login-action/pull/856">docker/login-action#856</a></li> <li>Bump <code>@aws-sdk/client-ecr-public</code> to 3.758.0 in <a href="https://redirect.github.com/docker/login-action/pull/789">docker/login-action#789</a> <a href="https://redirect.github.com/docker/login-action/pull/856">docker/login-action#856</a></li> <li>Bump <code>@docker/actions-toolkit</code> from 0.35.0 to 0.57.0 in <a href="https://redirect.github.com/docker/login-action/pull/801">docker/login-action#801</a> <a href="https://redirect.github.com/docker/login-action/pull/806">docker/login-action#806</a> <a href="https://redirect.github.com/docker/login-action/pull/858">docker/login-action#858</a></li> <li>Bump cross-spawn from 7.0.3 to 7.0.6 in <a href="https://redirect.github.com/docker/login-action/pull/814">docker/login-action#814</a></li> <li>Bump https-proxy-agent from 7.0.5 to 7.0.6 in <a href="https://redirect.github.com/docker/login-action/pull/823">docker/login-action#823</a></li> <li>Bump path-to-regexp from 6.2.2 to 6.3.0 in <a href="https://redirect.github.com/docker/login-action/pull/777">docker/login-action#777</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/login-action/compare/v3.3.0...v3.4.0">https://github.com/docker/login-action/compare/v3.3.0...v3.4.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/docker/login-action/commit/74a5d142397b4f367a81961eba4e8cd7edddf772"><code>74a5d14</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/856">#856</a> from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...</li> <li><a href="https://github.com/docker/login-action/commit/2f4f00e4c6fe8a50cdd1fd618421be2e92b2f201"><code>2f4f00e</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/login-action/commit/67c184546cf989af16f02a1b5359e4bde3cdc524"><code>67c1845</code></a> build(deps): bump the aws-sdk-dependencies group across 1 directory with 2 up...</li> <li><a href="https://github.com/docker/login-action/commit/3d4cc89e85e0cac73870ab81d3b72c0b700870d1"><code>3d4cc89</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/844">#844</a> from graysonpike/master</li> <li><a href="https://github.com/docker/login-action/commit/6cc823a6c4738f797f031790fa7f982b7a8dcfdc"><code>6cc823a</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/823">#823</a> from docker/dependabot/npm_and_yarn/proxy-agent-depen...</li> <li><a href="https://github.com/docker/login-action/commit/d94e792124647378e94c07359922f0f821a9fab2"><code>d94e792</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/login-action/commit/033db0da3047b4d01e249d66f56ae16a2ed6af87"><code>033db0d</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/812">#812</a> from docker/dependabot/github_actions/codecov/codecov...</li> <li><a href="https://github.com/docker/login-action/commit/09c2ae9716c0bacef3c03e120a61c28adfb8595b"><code>09c2ae9</code></a> build(deps): bump https-proxy-agent</li> <li><a href="https://github.com/docker/login-action/commit/ba56f006fc7190f752d4e6e1312f85697984a229"><code>ba56f00</code></a> ci: update deprecated input for codecov-action</li> <li><a href="https://github.com/docker/login-action/commit/75bf9a79af089e9aa009972a6ecb22190a520679"><code>75bf9a7</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/858">#858</a> from docker/dependabot/npm_and_yarn/docker/actions-to...</li> <li>Additional commits viewable in <a href="https://github.com/docker/login-action/compare/9780b0c442fbb1117ed29e0efdff1e18412f7567...74a5d142397b4f367a81961eba4e8cd7edddf772">compare view</a></li> </ul> </details> <br /> Updates `tj-actions/changed-files` from dcc7a0cba800f454d79fff4b993e8c3555bcc0a8 to 531f5f7d163941f0c1c04e0ff4d8bb243ac4366f <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.0...v46.0.1">46.0.1</a> - (2025-03-16)</h1> <h2><!-- raw HTML omitted -->🔄 Update</h2> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2473">#2473</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a href="https://github.com/tj-actions/changed-files/commit/2f7c5bfce28377bc069a65ba478de0a74aa0ca32">2f7c5bf</a>) - (github-actions[bot])</p> <ul> <li>Sync-release-version.yml to use signed commits (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2472">#2472</a>) (<a href="https://github.com/tj-actions/changed-files/commit/4189ec62c445484531e9ad97157d990be96e88ee">4189ec6</a>) - (Tonye Jack)</li> </ul> <h1><a href="https://github.com/tj-actions/changed-files/compare/v45.0.9...v46.0.0">46.0.0</a> - (2025-03-16)</h1> <h2><!-- raw HTML omitted -->🐛 Bug Fixes</h2> <ul> <li>Update update-readme.yml to sign-commits (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2468">#2468</a>) (<a href="https://github.com/tj-actions/changed-files/commit/0f1ffe61855cb317d5fd66122c14dc0627eab141">0f1ffe6</a>) - (Tonye Jack)</li> <li>Update permission in update-readme.yml workflow (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2467">#2467</a>) (<a href="https://github.com/tj-actions/changed-files/commit/ddef03e37c84cfb9ee89fa055b86359aaf949c86">ddef03e</a>) - (Tonye Jack)</li> <li>Update github workflow update-readme.yml (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2466">#2466</a>) (<a href="https://github.com/tj-actions/changed-files/commit/9c2df0d54a911c819d7368d7e5ed7c01c0796e0a">9c2df0d</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->➖ Remove</h2> <ul> <li>Deleted renovate.json (<a href="https://github.com/tj-actions/changed-files/commit/e37e952786556966c1fb6183c5937b3966bab099">e37e952</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->🔄 Update</h2> <ul> <li>Sync-release-version.yml (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2471">#2471</a>) (<a href="https://github.com/tj-actions/changed-files/commit/4cd184a1dd542b79cca1d4d7938e4154a6520ca7">4cd184a</a>) - (Tonye Jack)</li> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2469">#2469</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a href="https://github.com/tj-actions/changed-files/commit/5cbf22026d05fbef0c027d1b1f118fe3a1b6e435">5cbf220</a>) - (github-actions[bot])</p> <h2><!-- raw HTML omitted -->📚 Documentation</h2> <ul> <li>Update docs to highlight security issues (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2465">#2465</a>) (<a href="https://github.com/tj-actions/changed-files/commit/65253327cf47481b4b1b4b9fea78e143a1353147">6525332</a>) - (Tonye Jack)</li> </ul> <h1><a href="https://github.com/tj-actions/changed-files/compare/v45.0.4...v45.0.9">45.0.9</a> - (2025-03-15)</h1> <h2><!-- raw HTML omitted -->🐛 Bug Fixes</h2> <ul> <li><strong>deps:</strong> Update dependency <code>@octokit/rest</code> to v21.1.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2435">#2435</a>) (<a href="https://github.com/tj-actions/changed-files/commit/fb8dcda5fb8954cec37773d2b275a8579c86c781">fb8dcda</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Update dependency <code>@octokit/rest</code> to v21.1.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2394">#2394</a>) (<a href="https://github.com/tj-actions/changed-files/commit/7b72c97d739f955f5cadca0d59799d826ae9f6c9">7b72c97</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Update dependency yaml to v2.7.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2383">#2383</a>) (<a href="https://github.com/tj-actions/changed-files/commit/5f974c28f5044c411f0c9e7becf3f172029cf9cf">5f974c2</a>) - (renovate[bot])</li> </ul> <h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2> <ul> <li><strong>deps:</strong> Lock file maintenance (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2460">#2460</a>) (<a href="https://github.com/tj-actions/changed-files/commit/9200e69727eb73eb060652b19946b8a2fdfb654b">9200e69</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Update dependency <code>@types/node</code> to v22.13.10 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2459">#2459</a>) (<a href="https://github.com/tj-actions/changed-files/commit/e650cfdae513481a20f538e88d98b39106523006">e650cfd</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Update dependency eslint-config-prettier to v10.1.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2458">#2458</a>) (<a href="https://github.com/tj-actions/changed-files/commit/82af21f4a05896ca18c950539469bee225c45a89">82af21f</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Update dependency eslint-config-prettier to v10.1.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2457">#2457</a>) (<a href="https://github.com/tj-actions/changed-files/commit/82fa4a6402582d5c8c9c0e95b7ff7cc88992bbb4">82fa4a6</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Update peter-evans/create-pull-request action to v7.0.8 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2455">#2455</a>) (<a href="https://github.com/tj-actions/changed-files/commit/315505acf41d2913b71af48080fb158cd01f79e7">315505a</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Update dependency <code>@types/node</code> to v22.13.9 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2454">#2454</a>) (<a href="https://github.com/tj-actions/changed-files/commit/c8e1cdb9ea135ee549963c167ffaec5e7d4a71cd">c8e1cdb</a>) - (renovate[bot])</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tj-actions/changed-files/commit/531f5f7d163941f0c1c04e0ff4d8bb243ac4366f"><code>531f5f7</code></a> Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2479">#2479</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/dccd1949addfa3d93d458019c5495581c620b00c"><code>dccd194</code></a> doc: update README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2478">#2478</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/9237eb7a0f95c801719e6224d45095d4dda0f9bd"><code>9237eb7</code></a> Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2476">#2476</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/d52b942ee0c535798f0df9e1c05683f8e818c79b"><code>d52b942</code></a> add hint to revoke leaked token (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2475">#2475</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/45fb12d7a8bedb4da42342e52fe054c6c2c3fd73"><code>45fb12d</code></a> Upgraded to v46.0.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2474">#2474</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/2f7c5bfce28377bc069a65ba478de0a74aa0ca32"><code>2f7c5bf</code></a> Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2473">#2473</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/4189ec62c445484531e9ad97157d990be96e88ee"><code>4189ec6</code></a> update: sync-release-version.yml to use signed commits (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2472">#2472</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/4cd184a1dd542b79cca1d4d7938e4154a6520ca7"><code>4cd184a</code></a> update: sync-release-version.yml (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2471">#2471</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/5cbf22026d05fbef0c027d1b1f118fe3a1b6e435"><code>5cbf220</code></a> Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2469">#2469</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/0f1ffe61855cb317d5fd66122c14dc0627eab141"><code>0f1ffe6</code></a> fix: update update-readme.yml to sign-commits (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2468">#2468</a>)</li> <li>Additional commits viewable in <a href="https://github.com/tj-actions/changed-files/compare/dcc7a0cba800f454d79fff4b993e8c3555bcc0a8...531f5f7d163941f0c1c04e0ff4d8bb243ac4366f">compare view</a></li> </ul> </details> <br /> Updates `nix-community/cache-nix-action` from 6.1.1 to 6.1.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/nix-community/cache-nix-action/releases">nix-community/cache-nix-action's releases</a>.</em></p> <blockquote> <h2>v6.1.2</h2> <h2>Fixes</h2> <ul> <li>Fix nix store database merging logic (<a href="https://redirect.github.com/nix-community/cache-nix-action/pull/84">nix-community/cache-nix-action#84</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/nix-community/cache-nix-action/commit/c448f065ba14308da81de769632ca67a3ce67cf5"><code>c448f06</code></a> Merge pull request <a href="https://redirect.github.com/nix-community/cache-nix-action/issues/84">#84</a> from nix-community/82-bug-v610-and-v611-dont-seem-to-w...</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/fc908ede39799ad79a606fe33e69e88457d34ebc"><code>fc908ed</code></a> chore: build the action</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/57dad844a98b1a6324aa4453a8a8dc9625b1acc9"><code>57dad84</code></a> chore: build the action</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/0d5803d685b779eaef4f25299f3df35ec63d995d"><code>0d5803d</code></a> fix(action): print a message after the check</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/db360de0f846626dcb5183d838d0f1436d09c3c4"><code>db360de</code></a> chore: build the action</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/07c1e7f98e139e19f4042ac93d7a36b68012fde7"><code>07c1e7f</code></a> fix(action): join on the derivation path, not the output path</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/1b9cbefbf818ca652a08a9d1be8f18e7e2a244f7"><code>1b9cbef</code></a> fix(action): parse gc-max-store-size correctly</li> <li>See full diff in <a href="https://github.com/nix-community/cache-nix-action/compare/aee88ae5efbbeb38ac5d9862ecbebdb404a19e69...c448f065ba14308da81de769632ca67a3ce67cf5">compare view</a></li> </ul> </details> <br /> Updates `aquasecurity/trivy-action` from 0.29.0 to 0.30.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/aquasecurity/trivy-action/releases">aquasecurity/trivy-action's releases</a>.</em></p> <blockquote> <h2>v0.30.0</h2> <h2>What's Changed</h2> <ul> <li>fix: Update default trivy version in README by <a href="https://github.com/derrix060"><code>@derrix060</code></a> in <a href="https://redirect.github.com/aquasecurity/trivy-action/pull/444">aquasecurity/trivy-action#444</a></li> <li>fix: typo in description of an input for action.yaml by <a href="https://github.com/yutatokoi"><code>@yutatokoi</code></a> in <a href="https://redirect.github.com/aquasecurity/trivy-action/pull/452">aquasecurity/trivy-action#452</a></li> <li>Improve README/SBOM by <a href="https://github.com/AB-xdev"><code>@AB-xdev</code></a> in <a href="https://redirect.github.com/aquasecurity/trivy-action/pull/439">aquasecurity/trivy-action#439</a></li> <li>chore: bump trivy to v0.60.0 by <a href="https://github.com/nikpivkin"><code>@nikpivkin</code></a> in <a href="https://redirect.github.com/aquasecurity/trivy-action/pull/453">aquasecurity/trivy-action#453</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/derrix060"><code>@derrix060</code></a> made their first contribution in <a href="https://redirect.github.com/aquasecurity/trivy-action/pull/444">aquasecurity/trivy-action#444</a></li> <li><a href="https://github.com/yutatokoi"><code>@yutatokoi</code></a> made their first contribution in <a href="https://redirect.github.com/aquasecurity/trivy-action/pull/452">aquasecurity/trivy-action#452</a></li> <li><a href="https://github.com/AB-xdev"><code>@AB-xdev</code></a> made their first contribution in <a href="https://redirect.github.com/aquasecurity/trivy-action/pull/439">aquasecurity/trivy-action#439</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/aquasecurity/trivy-action/compare/0.29.0...0.30.0">https://github.com/aquasecurity/trivy-action/compare/0.29.0...0.30.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/aquasecurity/trivy-action/commit/6c175e9c4083a92bbca2f9724c8a5e33bc2d97a5"><code>6c175e9</code></a> chore: bump trivy to v0.60.0 (<a href="https://redirect.github.com/aquasecurity/trivy-action/issues/453">#453</a>)</li> <li><a href="https://github.com/aquasecurity/trivy-action/commit/53e8848d3e517db48b0e70ae4f648a12ae04fe02"><code>53e8848</code></a> Improve README/SBOM (<a href="https://redirect.github.com/aquasecurity/trivy-action/issues/439">#439</a>)</li> <li><a href="https://github.com/aquasecurity/trivy-action/commit/ef1b561207528e89045580cdc5a02032d8a544df"><code>ef1b561</code></a> fix: typo in description of an input for action.yaml (<a href="https://redirect.github.com/aquasecurity/trivy-action/issues/452">#452</a>)</li> <li><a href="https://github.com/aquasecurity/trivy-action/commit/a11da62073708815958ea6d84f5650c78a3ef85b"><code>a11da62</code></a> fix: Update default trivy version in README (<a href="https://redirect.github.com/aquasecurity/trivy-action/issues/444">#444</a>)</li> <li>See full diff in <a href="https://github.com/aquasecurity/trivy-action/compare/18f2510ee396bbf400402947b394f2dd8c87dbb0...6c175e9c4083a92bbca2f9724c8a5e33bc2d97a5">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-03-17 11:56:03 +00:00
M Atif Ali	4987de654e	chore: enable SBOM attestations for docker images (#16894 ) - Enable SBOM and provenance attestations in Docker builds - Installs `cosign` and `syft` in dogfood image - Adds [github attestations](https://docs.github.com/en/actions/security-for-github-actions/using-artifact-attestations/using-artifact-attestations-to-establish-provenance-for-builds) Signed-off-by: Thomas Kosiewski <tk@coder.com> --------- Signed-off-by: Thomas Kosiewski <tk@coder.com> Co-authored-by: Thomas Kosiewski <tk@coder.com>	2025-03-13 21:45:11 +05:00
M Atif Ali	e817713dc0	revert: "chore: enable SBOM attestation for image builds" (#16868 ) Reverts coder/coder#16852 The CI failed to create the multi-arch manifest. https://github.com/coder/coder/actions/runs/13773079355/job/38516182819#step:18:341 I personally think we should move to a [multi-arch Dockerfile](https://docs.docker.com/build/building/multi-platform/#cross-compilation) instead of creating the manifest manually.	2025-03-10 19:55:03 +00:00
M Atif Ali	05ebece03a	chore: enable SBOM attestation for image builds (#16852 ) - Added SBOM (Software Bill of Materials) generation during Docker build to enhance traceability. Refer to Docker documentation on SBOM: https://docs.docker.com/build/metadata/attestations/sbom/ - Updated Docker build scripts to use BuildKit for provenance and SBOM support: https://docs.docker.com/build/metadata/attestations/ - Configured Docker daemon in dogfood image to support the Containerd snapshotter feature to improve performance: https://docs.docker.com/engine/storage/containerd/ > [!Important] > We also need to enable `containerd` on depot runners. > <img width="587" alt="image" src="https://github.com/user-attachments/assets/1d7f87c7-fdcc-462a-babe-87ac6486ad09" /> ## Testing - Tested locally with ` docker buildx build --sbom=true --output type=local,dest=out -f Dockerfile .` to verify that an SBOM file is generated. - Tested in [CI](https://github.com/coder/coder/actions/runs/13731162662/job/38408790980?pr=16852#step:17:1) to ensure the image builds without any errors. Also closes coder/internal#88	2025-03-11 00:24:14 +05:00
dependabot[bot]	f21fcbd001	ci: bump the github-actions group across 1 directory with 5 updates (#16803 ) Bumps the github-actions group with 5 updates in the / directory: \| Package \| From \| To \| \| --- \| --- \| --- \| \| [actions/cache](https://github.com/actions/cache) \| `4.2.1` \| `4.2.2` \| \| [crate-ci/typos](https://github.com/crate-ci/typos) \| `1.29.9` \| `1.29.10` \| \| [actions/download-artifact](https://github.com/actions/download-artifact) \| `4.1.8` \| `4.1.9` \| \| [google-github-actions/get-gke-credentials](https://github.com/google-github-actions/get-gke-credentials) \| `2.3.1` \| `2.3.3` \| \| [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) \| `3.9.0` \| `3.10.0` \| Updates `actions/cache` from 4.2.1 to 4.2.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/cache/releases">actions/cache's releases</a>.</em></p> <blockquote> <h2>v4.2.2</h2> <h2>What's Changed</h2> <blockquote> <p>[!IMPORTANT] As a reminder, there were important backend changes to release v4.2.0, see <a href="https://github.com/actions/cache/releases/tag/v4.2.0">those release notes</a> and <a href="https://github.com/actions/cache/discussions/1510">the announcement</a> for more details.</p> </blockquote> <ul> <li>Bump <code>@actions/cache</code> to v4.0.2 by <a href="https://github.com/robherley"><code>@robherley</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1560">actions/cache#1560</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/cache/compare/v4.2.1...v4.2.2">https://github.com/actions/cache/compare/v4.2.1...v4.2.2</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/cache/blob/main/RELEASES.md">actions/cache's changelog</a>.</em></p> <blockquote> <h1>Releases</h1> <h3>4.2.2</h3> <ul> <li>Bump <code>@actions/cache</code> to v4.0.2</li> </ul> <h3>4.2.1</h3> <ul> <li>Bump <code>@actions/cache</code> to v4.0.1</li> </ul> <h3>4.2.0</h3> <p>TLDR; The cache backend service has been rewritten from the ground up for improved performance and reliability. <a href="https://github.com/actions/cache">actions/cache</a> now integrates with the new cache service (v2) APIs.</p> <p>The new service will gradually roll out as of <strong>February 1st, 2025</strong>. The legacy service will also be sunset on the same date. Changes in these release are <strong>fully backward compatible</strong>.</p> <p><strong>We are deprecating some versions of this action</strong>. We recommend upgrading to version <code>v4</code> or <code>v3</code> as soon as possible before <strong>February 1st, 2025.</strong> (Upgrade instructions below).</p> <p>If you are using pinned SHAs, please use the SHAs of versions <code>v4.2.0</code> or <code>v3.4.0</code></p> <p>If you do not upgrade, all workflow runs using any of the deprecated <a href="https://github.com/actions/cache">actions/cache</a> will fail.</p> <p>Upgrading to the recommended versions will not break your workflows.</p> <h3>4.1.2</h3> <ul> <li>Add GitHub Enterprise Cloud instances hostname filters to inform API endpoint choices - <a href="https://redirect.github.com/actions/cache/pull/1474">#1474</a></li> <li>Security fix: Bump braces from 3.0.2 to 3.0.3 - <a href="https://redirect.github.com/actions/cache/pull/1475">#1475</a></li> </ul> <h3>4.1.1</h3> <ul> <li>Restore original behavior of <code>cache-hit</code> output - <a href="https://redirect.github.com/actions/cache/pull/1467">#1467</a></li> </ul> <h3>4.1.0</h3> <ul> <li>Ensure <code>cache-hit</code> output is set when a cache is missed - <a href="https://redirect.github.com/actions/cache/pull/1404">#1404</a></li> <li>Deprecate <code>save-always</code> input - <a href="https://redirect.github.com/actions/cache/pull/1452">#1452</a></li> </ul> <h3>4.0.2</h3> <ul> <li>Fixed restore <code>fail-on-cache-miss</code> not working.</li> </ul> <h3>4.0.1</h3> <ul> <li>Updated <code>isGhes</code> check</li> </ul> <h3>4.0.0</h3> <ul> <li>Updated minimum runner version support from node 12 -> node 20</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/cache/commit/d4323d4df104b026a6aa633fdb11d772146be0bf"><code>d4323d4</code></a> Merge pull request <a href="https://redirect.github.com/actions/cache/issues/1560">#1560</a> from actions/robherley/v4.2.2</li> <li><a href="https://github.com/actions/cache/commit/da26677639ccfb4615f1acc52d1fc3dc89152490"><code>da26677</code></a> bump <code>@actions/cache</code> to v4.0.2, prep for v4.2.2 release</li> <li><a href="https://github.com/actions/cache/commit/7921ae235bdcb376cc8f22558dc5f8ddc3c3c2f9"><code>7921ae2</code></a> Merge pull request <a href="https://redirect.github.com/actions/cache/issues/1557">#1557</a> from actions/robherley/ia-workflow-released</li> <li><a href="https://github.com/actions/cache/commit/393773170624981bfaa3aac1cb736e3004eac1de"><code>3937731</code></a> Update publish-immutable-actions.yml</li> <li>See full diff in <a href="https://github.com/actions/cache/compare/0c907a75c2c80ebcb7f088228285e798b750cf8f...d4323d4df104b026a6aa633fdb11d772146be0bf">compare view</a></li> </ul> </details> <br /> Updates `crate-ci/typos` from 1.29.9 to 1.29.10 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/crate-ci/typos/releases">crate-ci/typos's releases</a>.</em></p> <blockquote> <h2>v1.29.10</h2> <h2>[1.29.10] - 2025-02-25</h2> <h3>Fixes</h3> <ul> <li>Also correct <code>contaminent</code> as <code>contaminant</code></li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/crate-ci/typos/blob/master/CHANGELOG.md">crate-ci/typos's changelog</a>.</em></p> <blockquote> <h1>Change Log</h1> <p>All notable changes to this project will be documented in this file.</p> <p>The format is based on <a href="http://keepachangelog.com/">Keep a Changelog</a> and this project adheres to <a href="http://semver.org/">Semantic Versioning</a>.</p> <!-- raw HTML omitted --> <h2>[Unreleased] - ReleaseDate</h2> <h2>[1.30.1] - 2025-03-04</h2> <h3>Features</h3> <ul> <li><em>(action)</em> Create <code>v1</code> tag</li> </ul> <h2>[1.30.0] - 2025-03-01</h2> <h3>Features</h3> <ul> <li>Updated the dictionary with the <a href="https://redirect.github.com/crate-ci/typos/issues/1221">February 2025</a> changes</li> </ul> <h2>[1.29.10] - 2025-02-25</h2> <h3>Fixes</h3> <ul> <li>Also correct <code>contaminent</code> as <code>contaminant</code></li> </ul> <h2>[1.29.9] - 2025-02-20</h2> <h3>Fixes</h3> <ul> <li><em>(action)</em> Correctly get binary for some aarch64 systems</li> </ul> <h2>[1.29.8] - 2025-02-19</h2> <h3>Features</h3> <ul> <li>Attempt to build Linux aarch64 binaries</li> </ul> <h2>[1.29.7] - 2025-02-13</h2> <h3>Fixes</h3> <ul> <li>Don't correct <code>implementors</code></li> </ul> <h2>[1.29.6] - 2025-02-13</h2> <h3>Features</h3> <ul> <li>Updated the dictionary with the <a href="https://redirect.github.com/crate-ci/typos/issues/1200">January 2025</a> changes</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/crate-ci/typos/commit/db35ee91e80fbb447f33b0e5fbddb24d2a1a884f"><code>db35ee9</code></a> chore: Release</li> <li><a href="https://github.com/crate-ci/typos/commit/9f43c4dbd2d1468320524b1bf059d6032cbc5a9e"><code>9f43c4d</code></a> docs: Update changelog</li> <li><a href="https://github.com/crate-ci/typos/commit/a1da2ce137a90ed418bda5bdb706e97e958f18e7"><code>a1da2ce</code></a> Merge pull request <a href="https://redirect.github.com/crate-ci/typos/issues/1244">#1244</a> from epage/containment</li> <li><a href="https://github.com/crate-ci/typos/commit/d74d5fd5ad85ea0d689c44b7d4013431b28423ac"><code>d74d5fd</code></a> Merge pull request <a href="https://redirect.github.com/crate-ci/typos/issues/1243">#1243</a> from epage/dict</li> <li><a href="https://github.com/crate-ci/typos/commit/fa6122604f999e8dafb43b92eb3da3e90136a789"><code>fa61226</code></a> refactor(dict): Drop a dict</li> <li><a href="https://github.com/crate-ci/typos/commit/6276d585f79214fb7db70ff1f93dbcb404e0bc9c"><code>6276d58</code></a> fix(dict): Correct contaminents to another spelling</li> <li><a href="https://github.com/crate-ci/typos/commit/07c9e1f6faffe39ca3e52afe58ae8731cc4ebcf7"><code>07c9e1f</code></a> chore(deps): Update Rust Stable to v1.85 (<a href="https://redirect.github.com/crate-ci/typos/issues/1241">#1241</a>)</li> <li><a href="https://github.com/crate-ci/typos/commit/71643b1191585cd20de3b91d9c1e73d949309530"><code>71643b1</code></a> Merge pull request <a href="https://redirect.github.com/crate-ci/typos/issues/1240">#1240</a> from szepeviktor/patch-1</li> <li><a href="https://github.com/crate-ci/typos/commit/931a5804a4dffb6343188d152e0c08c2147b5174"><code>931a580</code></a> Fix typo in README</li> <li><a href="https://github.com/crate-ci/typos/commit/c5137fd6aab66cddb011a1cb93e2553f56cafc9f"><code>c5137fd</code></a> refactor(action): Isolate unique parts</li> <li>See full diff in <a href="https://github.com/crate-ci/typos/compare/212923e4ff05b7fc2294a204405eec047b807138...db35ee91e80fbb447f33b0e5fbddb24d2a1a884f">compare view</a></li> </ul> </details> <br /> Updates `actions/download-artifact` from 4.1.8 to 4.1.9 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/download-artifact/releases">actions/download-artifact's releases</a>.</em></p> <blockquote> <h2>v4.1.9</h2> <h2>What's Changed</h2> <ul> <li>Add workflow file for publishing releases to immutable action package by <a href="https://github.com/Jcambass"><code>@Jcambass</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/354">actions/download-artifact#354</a></li> <li>docs: small migration fix by <a href="https://github.com/froblesmartin"><code>@froblesmartin</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/370">actions/download-artifact#370</a></li> <li>Update MIGRATION.md by <a href="https://github.com/andyfeller"><code>@andyfeller</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/372">actions/download-artifact#372</a></li> <li>Update artifact package to 2.2.2 by <a href="https://github.com/yacaovsnc"><code>@yacaovsnc</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/380">actions/download-artifact#380</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/Jcambass"><code>@Jcambass</code></a> made their first contribution in <a href="https://redirect.github.com/actions/download-artifact/pull/354">actions/download-artifact#354</a></li> <li><a href="https://github.com/froblesmartin"><code>@froblesmartin</code></a> made their first contribution in <a href="https://redirect.github.com/actions/download-artifact/pull/370">actions/download-artifact#370</a></li> <li><a href="https://github.com/andyfeller"><code>@andyfeller</code></a> made their first contribution in <a href="https://redirect.github.com/actions/download-artifact/pull/372">actions/download-artifact#372</a></li> <li><a href="https://github.com/yacaovsnc"><code>@yacaovsnc</code></a> made their first contribution in <a href="https://redirect.github.com/actions/download-artifact/pull/380">actions/download-artifact#380</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/download-artifact/compare/v4...v4.1.9">https://github.com/actions/download-artifact/compare/v4...v4.1.9</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/download-artifact/commit/cc203385981b70ca67e1cc392babf9cc229d5806"><code>cc20338</code></a> Merge pull request <a href="https://redirect.github.com/actions/download-artifact/issues/380">#380</a> from actions/yacaovsnc/release_4_1_9</li> <li><a href="https://github.com/actions/download-artifact/commit/1fc0fee191f40422f502da571c0f01ff460afe53"><code>1fc0fee</code></a> Update artifact package to 2.2.2</li> <li><a href="https://github.com/actions/download-artifact/commit/7fba95161a0924506ed1ae69cdbae8371ee00b3f"><code>7fba951</code></a> Merge pull request <a href="https://redirect.github.com/actions/download-artifact/issues/372">#372</a> from andyfeller/patch-1</li> <li><a href="https://github.com/actions/download-artifact/commit/f9ceb7763ba1fdfd81b2e2f93aa1f6015ff6b35d"><code>f9ceb77</code></a> Update MIGRATION.md</li> <li><a href="https://github.com/actions/download-artifact/commit/533298bc57c27f112a2c04a74a04a4d43e2866fd"><code>533298b</code></a> Merge pull request <a href="https://redirect.github.com/actions/download-artifact/issues/370">#370</a> from froblesmartin/patch-1</li> <li><a href="https://github.com/actions/download-artifact/commit/d06289e120b300840a833b25db66cb8c19f5d274"><code>d06289e</code></a> docs: small migration fix</li> <li><a href="https://github.com/actions/download-artifact/commit/d0ce8fd1167ed839810201de977912a090ab10a7"><code>d0ce8fd</code></a> Merge pull request <a href="https://redirect.github.com/actions/download-artifact/issues/354">#354</a> from actions/Jcambass-patch-1</li> <li><a href="https://github.com/actions/download-artifact/commit/1ce0d91ace59dfbf6763107ee5aa8466ebbadf48"><code>1ce0d91</code></a> Add workflow file for publishing releases to immutable action package</li> <li>See full diff in <a href="https://github.com/actions/download-artifact/compare/fa0a91b85d4f404e444e00e005971372dc801d16...cc203385981b70ca67e1cc392babf9cc229d5806">compare view</a></li> </ul> </details> <br /> Updates `google-github-actions/get-gke-credentials` from 2.3.1 to 2.3.3 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/google-github-actions/get-gke-credentials/releases">google-github-actions/get-gke-credentials's releases</a>.</em></p> <blockquote> <h2>v2.3.3</h2> <h2>What's Changed</h2> <ul> <li>Description must be less than 125 characters by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/331">google-github-actions/get-gke-credentials#331</a></li> <li>Release: v2.3.3 by <a href="https://github.com/google-github-actions-bot"><code>@google-github-actions-bot</code></a> in <a href="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/332">google-github-actions/get-gke-credentials#332</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/google-github-actions/get-gke-credentials/compare/v2.3.2...v2.3.3">https://github.com/google-github-actions/get-gke-credentials/compare/v2.3.2...v2.3.3</a></p> <h2>v2.3.2</h2> <h2>What's Changed</h2> <ul> <li>security: bump jsonpath-plus from 10.2.0 to 10.3.0 in the npm_and_yarn group by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/327">google-github-actions/get-gke-credentials#327</a></li> <li>Update deps by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/329">google-github-actions/get-gke-credentials#329</a></li> <li>Release: v2.3.2 by <a href="https://github.com/google-github-actions-bot"><code>@google-github-actions-bot</code></a> in <a href="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/330">google-github-actions/get-gke-credentials#330</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/google-github-actions/get-gke-credentials/compare/v2.3.1...v2.3.2">https://github.com/google-github-actions/get-gke-credentials/compare/v2.3.1...v2.3.2</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/google-github-actions/get-gke-credentials/commit/d0cee45012069b163a631894b98904a9e6723729"><code>d0cee45</code></a> Release: v2.3.3 (<a href="https://redirect.github.com/google-github-actions/get-gke-credentials/issues/332">#332</a>)</li> <li><a href="https://github.com/google-github-actions/get-gke-credentials/commit/c1387e6b1efc91945c5f6150f3375ef91a6b69a0"><code>c1387e6</code></a> Description must be less than 125 characters (<a href="https://redirect.github.com/google-github-actions/get-gke-credentials/issues/331">#331</a>)</li> <li><a href="https://github.com/google-github-actions/get-gke-credentials/commit/d08c14912d6642ca79ec62782b87462236685240"><code>d08c149</code></a> Release: v2.3.2 (<a href="https://redirect.github.com/google-github-actions/get-gke-credentials/issues/330">#330</a>)</li> <li><a href="https://github.com/google-github-actions/get-gke-credentials/commit/5f781aae169bd8866ca79bbc10c402a1256d2ed1"><code>5f781aa</code></a> Update deps (<a href="https://redirect.github.com/google-github-actions/get-gke-credentials/issues/329">#329</a>)</li> <li><a href="https://github.com/google-github-actions/get-gke-credentials/commit/67b31da175b2546b2afc28460d0cafe927e6fd42"><code>67b31da</code></a> security: bump jsonpath-plus from 10.2.0 to 10.3.0 in the npm_and_yarn group ...</li> <li>See full diff in <a href="https://github.com/google-github-actions/get-gke-credentials/compare/7a108e64ed8546fe38316b4086e91da13f4785e1...d0cee45012069b163a631894b98904a9e6723729">compare view</a></li> </ul> </details> <br /> Updates `docker/setup-buildx-action` from 3.9.0 to 3.10.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's releases</a>.</em></p> <blockquote> <h2>v3.10.0</h2> <ul> <li>Bump <code>@docker/actions-toolkit</code> from 0.54.0 to 0.56.0 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/408">docker/setup-buildx-action#408</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/setup-buildx-action/compare/v3.9.0...v3.10.0">https://github.com/docker/setup-buildx-action/compare/v3.9.0...v3.10.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/docker/setup-buildx-action/commit/b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2"><code>b5ca514</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-buildx-action/issues/408">#408</a> from docker/dependabot/npm_and_yarn/docker/actions-to...</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/1418a4ef330cff3d80e8707b47780be815fb20db"><code>1418a4e</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/93acf831ce48bc806b62b1e892b89fca8bf213e0"><code>93acf83</code></a> build(deps): bump <code>@docker/actions-toolkit</code> from 0.54.0 to 0.56.0</li> <li>See full diff in <a href="https://github.com/docker/setup-buildx-action/compare/f7ce87c1d6bead3e36075b2ce75da1f6cc28aaca...b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2">compare view</a></li> </ul> </details> <br /> <details> <summary>Most Recent Ignore Conditions Applied to This Pull Request</summary> \| Dependency Name \| Ignore Conditions \| \| --- \| --- \| \| crate-ci/typos \| [>= 1.30.a, < 1.31] \| </details> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-03-04 16:39:00 +00:00
Dean Sheather	64fec8bf0b	feat: include winres metadata in Windows binaries (#16706 ) Adds information like product/file version, description, product name and copyright to compiled Windows binaries in dogfood and release builds. Also adds an icon to the executable. This is necessary for Coder Desktop to be able to check the version on binaries. ### Before: ![image](https://github.com/user-attachments/assets/82351b63-6b23-4ef8-ab89-7f9e6dafeabd) ![image](https://github.com/user-attachments/assets/d17d8098-e330-4ac0-b104-31163f84279f) ### After: ![image](https://github.com/user-attachments/assets/0ba50afa-ad53-4ad2-b5e2-557358cda037) ![image](https://github.com/user-attachments/assets/d305cc27-e3f3-41a8-9098-498b71344faa) ![image](https://github.com/user-attachments/assets/42f74ace-bda1-414f-b514-68d4d928c958) Closes https://github.com/coder/coder/issues/16693	2025-02-28 16:03:08 +11:00
dependabot[bot]	3a2d4a2ccc	ci: bump the github-actions group with 7 updates (#16671 ) Bumps the github-actions group with 7 updates: \| Package \| From \| To \| \| --- \| --- \| --- \| \| [actions/cache](https://github.com/actions/cache) \| `4.2.0` \| `4.2.1` \| \| [crate-ci/typos](https://github.com/crate-ci/typos) \| `1.29.7` \| `1.29.9` \| \| [azure/setup-helm](https://github.com/azure/setup-helm) \| `4.2.0` \| `4.3.0` \| \| [actions/upload-artifact](https://github.com/actions/upload-artifact) \| `4.6.0` \| `4.6.1` \| \| [fluxcd/flux2](https://github.com/fluxcd/flux2) \| `2.4.0` \| `2.5.0` \| \| [ossf/scorecard-action](https://github.com/ossf/scorecard-action) \| `2.4.0` \| `2.4.1` \| \| [github/codeql-action](https://github.com/github/codeql-action) \| `3.28.9` \| `3.28.10` \| Updates `actions/cache` from 4.2.0 to 4.2.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/cache/releases">actions/cache's releases</a>.</em></p> <blockquote> <h2>v4.2.1</h2> <h2>What's Changed</h2> <blockquote> <p>[!IMPORTANT] As a reminder, there were important backend changes to release v4.2.0, see <a href="https://github.com/actions/cache/releases/tag/v4.2.0">those release notes</a> and <a href="https://github.com/actions/cache/discussions/1510">the announcement</a> for more details.</p> </blockquote> <ul> <li>docs: GitHub is spelled incorrectly in caching-strategies.md by <a href="https://github.com/janco-absa"><code>@janco-absa</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1526">actions/cache#1526</a></li> <li>docs: Make the "always save prime numbers" example more clear by <a href="https://github.com/Tobbe"><code>@Tobbe</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1525">actions/cache#1525</a></li> <li>Update force deletion docs due a recent deprecation by <a href="https://github.com/sebbalex"><code>@sebbalex</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1500">actions/cache#1500</a></li> <li>Bump <code>@actions/cache</code> to v4.0.1 by <a href="https://github.com/robherley"><code>@robherley</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1554">actions/cache#1554</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/janco-absa"><code>@janco-absa</code></a> made their first contribution in <a href="https://redirect.github.com/actions/cache/pull/1526">actions/cache#1526</a></li> <li><a href="https://github.com/Tobbe"><code>@Tobbe</code></a> made their first contribution in <a href="https://redirect.github.com/actions/cache/pull/1525">actions/cache#1525</a></li> <li><a href="https://github.com/sebbalex"><code>@sebbalex</code></a> made their first contribution in <a href="https://redirect.github.com/actions/cache/pull/1500">actions/cache#1500</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/cache/compare/v4.2.0...v4.2.1">https://github.com/actions/cache/compare/v4.2.0...v4.2.1</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/cache/blob/main/RELEASES.md">actions/cache's changelog</a>.</em></p> <blockquote> <h1>Releases</h1> <h3>4.2.1</h3> <ul> <li>Bump <code>@actions/cache</code> to v4.0.1</li> </ul> <h3>4.2.0</h3> <p>TLDR; The cache backend service has been rewritten from the ground up for improved performance and reliability. <a href="https://github.com/actions/cache">actions/cache</a> now integrates with the new cache service (v2) APIs.</p> <p>The new service will gradually roll out as of <strong>February 1st, 2025</strong>. The legacy service will also be sunset on the same date. Changes in these release are <strong>fully backward compatible</strong>.</p> <p><strong>We are deprecating some versions of this action</strong>. We recommend upgrading to version <code>v4</code> or <code>v3</code> as soon as possible before <strong>February 1st, 2025.</strong> (Upgrade instructions below).</p> <p>If you are using pinned SHAs, please use the SHAs of versions <code>v4.2.0</code> or <code>v3.4.0</code></p> <p>If you do not upgrade, all workflow runs using any of the deprecated <a href="https://github.com/actions/cache">actions/cache</a> will fail.</p> <p>Upgrading to the recommended versions will not break your workflows.</p> <h3>4.1.2</h3> <ul> <li>Add GitHub Enterprise Cloud instances hostname filters to inform API endpoint choices - <a href="https://redirect.github.com/actions/cache/pull/1474">#1474</a></li> <li>Security fix: Bump braces from 3.0.2 to 3.0.3 - <a href="https://redirect.github.com/actions/cache/pull/1475">#1475</a></li> </ul> <h3>4.1.1</h3> <ul> <li>Restore original behavior of <code>cache-hit</code> output - <a href="https://redirect.github.com/actions/cache/pull/1467">#1467</a></li> </ul> <h3>4.1.0</h3> <ul> <li>Ensure <code>cache-hit</code> output is set when a cache is missed - <a href="https://redirect.github.com/actions/cache/pull/1404">#1404</a></li> <li>Deprecate <code>save-always</code> input - <a href="https://redirect.github.com/actions/cache/pull/1452">#1452</a></li> </ul> <h3>4.0.2</h3> <ul> <li>Fixed restore <code>fail-on-cache-miss</code> not working.</li> </ul> <h3>4.0.1</h3> <ul> <li>Updated <code>isGhes</code> check</li> </ul> <h3>4.0.0</h3> <ul> <li>Updated minimum runner version support from node 12 -> node 20</li> </ul> <h3>3.4.0</h3> <ul> <li>Integrated with the new cache service (v2) APIs</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/cache/commit/0c907a75c2c80ebcb7f088228285e798b750cf8f"><code>0c907a7</code></a> Merge pull request <a href="https://redirect.github.com/actions/cache/issues/1554">#1554</a> from actions/robherley/v4.2.1</li> <li><a href="https://github.com/actions/cache/commit/710893c2369beb60748049b671f18c43a3656fce"><code>710893c</code></a> bump <code>@actions/cache</code> to v4.0.1</li> <li><a href="https://github.com/actions/cache/commit/9fa7e61ec7e1f44ac75218e7aaea81da8856fd11"><code>9fa7e61</code></a> Update force deletion docs due a recent deprecation (<a href="https://redirect.github.com/actions/cache/issues/1500">#1500</a>)</li> <li><a href="https://github.com/actions/cache/commit/36f1e144e1c8edb0a652766b484448563d8baf46"><code>36f1e14</code></a> docs: Make the "always save prime numbers" example more clear (<a href="https://redirect.github.com/actions/cache/issues/1525">#1525</a>)</li> <li><a href="https://github.com/actions/cache/commit/53aa38c736a561b9c17b62df3fe885a17b78ee6d"><code>53aa38c</code></a> Correct GitHub Spelling in caching-strategies.md (<a href="https://redirect.github.com/actions/cache/issues/1526">#1526</a>)</li> <li>See full diff in <a href="https://github.com/actions/cache/compare/1bd1e32a3bdc45362d1e726936510720a7c30a57...0c907a75c2c80ebcb7f088228285e798b750cf8f">compare view</a></li> </ul> </details> <br /> Updates `crate-ci/typos` from 1.29.7 to 1.29.9 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/crate-ci/typos/releases">crate-ci/typos's releases</a>.</em></p> <blockquote> <h2>v1.29.9</h2> <h2>[1.29.9] - 2025-02-20</h2> <h3>Fixes</h3> <ul> <li><em>(action)</em> Correctly get binary for some aarch64 systems</li> </ul> <h2>v1.29.8</h2> <h2>[1.29.8] - 2025-02-19</h2> <h3>Features</h3> <ul> <li>Attempt to build Linux aarch64 binaries</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/crate-ci/typos/blob/master/CHANGELOG.md">crate-ci/typos's changelog</a>.</em></p> <blockquote> <h1>Change Log</h1> <p>All notable changes to this project will be documented in this file.</p> <p>The format is based on <a href="http://keepachangelog.com/">Keep a Changelog</a> and this project adheres to <a href="http://semver.org/">Semantic Versioning</a>.</p> <!-- raw HTML omitted --> <h2>[Unreleased] - ReleaseDate</h2> <h2>[1.29.9] - 2025-02-20</h2> <h3>Fixes</h3> <ul> <li><em>(action)</em> Correctly get binary for some aarch64 systems</li> </ul> <h2>[1.29.8] - 2025-02-19</h2> <h3>Features</h3> <ul> <li>Attempt to build Linux aarch64 binaries</li> </ul> <h2>[1.29.7] - 2025-02-13</h2> <h3>Fixes</h3> <ul> <li>Don't correct <code>implementors</code></li> </ul> <h2>[1.29.6] - 2025-02-13</h2> <h3>Features</h3> <ul> <li>Updated the dictionary with the <a href="https://redirect.github.com/crate-ci/typos/issues/1200">January 2025</a> changes</li> </ul> <h2>[1.29.5] - 2025-01-30</h2> <h3>Internal</h3> <ul> <li>Update a dependency</li> </ul> <h2>[1.29.4] - 2025-01-03</h2> <h2>[1.29.3] - 2025-01-02</h2> <h2>[1.29.2] - 2025-01-02</h2> <h2>[1.29.1] - 2025-01-02</h2> <h3>Fixes</h3> <ul> <li>Don't correct <code>deriver</code></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/crate-ci/typos/commit/212923e4ff05b7fc2294a204405eec047b807138"><code>212923e</code></a> chore: Release</li> <li><a href="https://github.com/crate-ci/typos/commit/659bf5525349fd206cd1678999f83d18de56aff1"><code>659bf55</code></a> docs: Update changelog</li> <li><a href="https://github.com/crate-ci/typos/commit/092b7056bbee0592fb00c370409b891f458a6e08"><code>092b705</code></a> Merge pull request <a href="https://redirect.github.com/crate-ci/typos/issues/1239">#1239</a> from codingskynet/fix/support-aarch64</li> <li><a href="https://github.com/crate-ci/typos/commit/298a143ed0001bf83403a9ac2acd9d97bf90fb8c"><code>298a143</code></a> chore(gh): Fix links</li> <li><a href="https://github.com/crate-ci/typos/commit/d7059d7796bd95ed84d7371925404ada3ef367b2"><code>d7059d7</code></a> chore(gh): Fix links</li> <li><a href="https://github.com/crate-ci/typos/commit/636d59beef47e4c8c75497423a853bc830349dcf"><code>636d59b</code></a> chore(gh): Encourage people to check for dupes</li> <li><a href="https://github.com/crate-ci/typos/commit/51cd88f328acb0b208a232c5cbccb83de6ac8188"><code>51cd88f</code></a> chore(gh): Add a data template</li> <li><a href="https://github.com/crate-ci/typos/commit/c11cf6c0e1b424b62965a1370ec9926a0266dfb1"><code>c11cf6c</code></a> chore(gh): Try to clarify template</li> <li><a href="https://github.com/crate-ci/typos/commit/3bcb9191487d04efb8260b9753e6f62262199265"><code>3bcb919</code></a> fix: add aarch64 on arm64 cond</li> <li><a href="https://github.com/crate-ci/typos/commit/1ea66fdf4d62b5a980bff2c47e0be131365bfcf2"><code>1ea66fd</code></a> docs(readme): Call out that the readme is not exhaustive</li> <li>Additional commits viewable in <a href="https://github.com/crate-ci/typos/compare/51f257b946f503b768e522781f56e9b7b5570d48...212923e4ff05b7fc2294a204405eec047b807138">compare view</a></li> </ul> </details> <br /> Updates `azure/setup-helm` from 4.2.0 to 4.3.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/azure/setup-helm/releases">azure/setup-helm's releases</a>.</em></p> <blockquote> <h2>v4.3.0</h2> <ul> <li><a href="https://redirect.github.com/azure/setup-helm/issues/152">#152</a> feat: log when restoring from cache</li> <li><a href="https://redirect.github.com/azure/setup-helm/issues/157">#157</a> Dependencies Update</li> <li><a href="https://redirect.github.com/azure/setup-helm/issues/137">#137</a> Add dependabot</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/Azure/setup-helm/blob/main/CHANGELOG.md">azure/setup-helm's changelog</a>.</em></p> <blockquote> <h1>Change Log</h1> <h2>[4.3.0] - 2025-02-15</h2> <ul> <li><a href="https://redirect.github.com/azure/setup-helm/issues/152">#152</a> feat: log when restoring from cache</li> <li><a href="https://redirect.github.com/azure/setup-helm/issues/157">#157</a> Dependencies Update</li> <li><a href="https://redirect.github.com/azure/setup-helm/issues/137">#137</a> Add dependabot</li> </ul> <h2>[4.2.0] - 2024-04-15</h2> <ul> <li><a href="https://redirect.github.com/azure/setup-helm/issues/124">#124</a> Fix OS detection and download OS-native archive extension</li> </ul> <h2>[4.1.0] - 2024-03-01</h2> <ul> <li><a href="https://redirect.github.com/azure/setup-helm/issues/130">#130</a> switches to use Helm published file to read latest version instead of using GitHub releases</li> </ul> <h2>[4.0.0] - 2024-02-12</h2> <ul> <li><a href="https://redirect.github.com/azure/setup-helm/issues/121">#121</a> update to node20 as node16 is deprecated</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/Azure/setup-helm/commit/b9e51907a09c216f16ebe8536097933489208112"><code>b9e5190</code></a> build</li> <li><a href="https://github.com/Azure/setup-helm/commit/0e8654bb94582592935dc70ca0438926cea61865"><code>0e8654b</code></a> Release setup-helm version 4.3.0 (<a href="https://redirect.github.com/azure/setup-helm/issues/162">#162</a>)</li> <li><a href="https://github.com/Azure/setup-helm/commit/b48e1dfac1cac293240bf5ea8d7054a228769739"><code>b48e1df</code></a> feat: log when restoring from cache (<a href="https://redirect.github.com/azure/setup-helm/issues/152">#152</a>)</li> <li><a href="https://github.com/Azure/setup-helm/commit/855ae7a03c297d33ee0f6e0959cfc87f4ba7ee0c"><code>855ae7a</code></a> Bump the actions group across 1 directory with 3 updates (<a href="https://redirect.github.com/azure/setup-helm/issues/159">#159</a>)</li> <li><a href="https://github.com/Azure/setup-helm/commit/124c6d88e7a75334a4fad6d0905089d6d714d088"><code>124c6d8</code></a> Dependencies Update (<a href="https://redirect.github.com/azure/setup-helm/issues/157">#157</a>)</li> <li><a href="https://github.com/Azure/setup-helm/commit/048f4e7eae1192e88a86787d033f837a2aa27d4c"><code>048f4e7</code></a> Bump the actions group across 1 directory with 2 updates (<a href="https://redirect.github.com/azure/setup-helm/issues/151">#151</a>)</li> <li><a href="https://github.com/Azure/setup-helm/commit/8618769467d74e09809f09197c6fb7ca9f50d5ae"><code>8618769</code></a> Bump the actions group across 1 directory with 4 updates (<a href="https://redirect.github.com/azure/setup-helm/issues/149">#149</a>)</li> <li><a href="https://github.com/Azure/setup-helm/commit/4eb898eef0f80e48f43929d83a1db3b30e766a1f"><code>4eb898e</code></a> Bump the actions group across 1 directory with 2 updates (<a href="https://redirect.github.com/azure/setup-helm/issues/145">#145</a>)</li> <li><a href="https://github.com/Azure/setup-helm/commit/7a2001c0f6ca6db9afce16d84b88c7307ed9a707"><code>7a2001c</code></a> Bump the actions group across 1 directory with 2 updates (<a href="https://redirect.github.com/azure/setup-helm/issues/143">#143</a>)</li> <li><a href="https://github.com/Azure/setup-helm/commit/e90c86ceeaceb8a9de7d8225d29b43fa620e3709"><code>e90c86c</code></a> Bump the actions group across 1 directory with 9 updates (<a href="https://redirect.github.com/azure/setup-helm/issues/141">#141</a>)</li> <li>Additional commits viewable in <a href="https://github.com/azure/setup-helm/compare/fe7b79cd5ee1e45176fcad797de68ecaf3ca4814...b9e51907a09c216f16ebe8536097933489208112">compare view</a></li> </ul> </details> <br /> Updates `actions/upload-artifact` from 4.6.0 to 4.6.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's releases</a>.</em></p> <blockquote> <h2>v4.6.1</h2> <h2>What's Changed</h2> <ul> <li>Update to use artifact 2.2.2 package by <a href="https://github.com/yacaovsnc"><code>@yacaovsnc</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/673">actions/upload-artifact#673</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/upload-artifact/compare/v4...v4.6.1">https://github.com/actions/upload-artifact/compare/v4...v4.6.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/upload-artifact/commit/4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1"><code>4cec3d8</code></a> Merge pull request <a href="https://redirect.github.com/actions/upload-artifact/issues/673">#673</a> from actions/yacaovsnc/artifact_2.2.2</li> <li><a href="https://github.com/actions/upload-artifact/commit/e9fad966ccdffceea5de0445882c9455934bcf8e"><code>e9fad96</code></a> license cache update for artifact</li> <li><a href="https://github.com/actions/upload-artifact/commit/b26fd06e9da88a61ada55f23d7863325b1f115d3"><code>b26fd06</code></a> Update to use artifact 2.2.2 package</li> <li>See full diff in <a href="https://github.com/actions/upload-artifact/compare/65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08...4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1">compare view</a></li> </ul> </details> <br /> Updates `fluxcd/flux2` from 2.4.0 to 2.5.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/fluxcd/flux2/releases">fluxcd/flux2's releases</a>.</em></p> <blockquote> <h2>v2.5.0</h2> <h2>Highlights</h2> <p>Flux v2.5.0 is a feature release. Users are encouraged to upgrade for the best experience.</p> <p>For a compressive overview of new features and API changes included in this release, please refer to the <a href="https://fluxcd.io/blog/2025/02/flux-v2.5.0/">Announcing Flux 2.5 GA blog post</a>.</p> <p>Overview of the new features:</p> <ul> <li>Support for GitHub App authentication (<code>GitRepository</code> and <code>ImageUpdateAutomation</code> API)</li> <li>Custom Health Checks using CEL (<code>Kustomization</code> API)</li> <li>Fine-grained control of garbage collection (<code>Kustomization</code> API)</li> <li>Enable decryption of secrets generated by Kustomize components (<code>Kustomization</code> API)</li> <li>Support for custom event metadata from annotations (<code>Alert</code> API)</li> <li>Git commit status updates for Flux Kustomizations with OCIRepository sources (<code>Alert</code> API)</li> <li>Resource filtering using CEL for webhook receivers (<code>Receiver</code> API)</li> <li>Debug commands for Flux Kustomizations and HelmReleases (Flux CLI)</li> </ul> <p>❤️ Big thanks to all the Flux contributors that helped us with this release!</p> <h3>Kubernetes compatibility</h3> <p>This release is compatible with the following Kubernetes versions:</p> <table> <thead> <tr> <th>Kubernetes version</th> <th>Minimum required</th> </tr> </thead> <tbody> <tr> <td><code>v1.30</code></td> <td><code>>= 1.30.0</code></td> </tr> <tr> <td><code>v1.31</code></td> <td><code>>= 1.31.0</code></td> </tr> <tr> <td><code>v1.32</code></td> <td><code>>= 1.32.0</code></td> </tr> </tbody> </table> <blockquote> <p>[!NOTE] Note that the Flux project offers support only for the latest three minor versions of Kubernetes. Backwards compatibility with older versions of Kubernetes and OpenShift is offered by vendors such as <a href="https://control-plane.io/enterprise-for-flux-cd/">ControlPlane</a> that provide enterprise support for Flux.</p> </blockquote> <h3>OpenShift compatibility</h3> <p>Flux can be installed on Red Hat OpenShift cluster directly from OperatorHub using <a href="https://operatorhub.io/operator/flux-operator">Flux Operator</a>. The operator allows the configuration of Flux multi-tenancy lockdown, network policies, persistent storage, sharding, vertical scaling and the synchronization of the cluster state from Git repositories, OCI artifacts and S3-compatible storage.</p> <h2>Upgrade procedure</h2> <p>Upgrade Flux from <code>v2.4.0</code> to <code>v2.5.0</code> by following the <a href="https://fluxcd.io/flux/installation/upgrade/">upgrade guide</a>.</p> <p>There are no new API versions in this release, so no changes are required in the YAML manifests containing Flux resources.</p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/fluxcd/flux2/commit/af67405ee43a6cd66e0b73f4b3802e8583f9d961"><code>af67405</code></a> Merge pull request <a href="https://redirect.github.com/fluxcd/flux2/issues/5204">#5204</a> from fluxcd/kubectl-1.32.2</li> <li><a href="https://github.com/fluxcd/flux2/commit/6f65c92fe7f335ba965d743ffb6d53c0b3470779"><code>6f65c92</code></a> Update kubectl in flux-cli image</li> <li><a href="https://github.com/fluxcd/flux2/commit/c84d3122890a05491ce9ef6215e5b1dfb741cc99"><code>c84d312</code></a> Merge pull request <a href="https://redirect.github.com/fluxcd/flux2/issues/5203">#5203</a> from fluxcd/fix-cli-build</li> <li><a href="https://github.com/fluxcd/flux2/commit/d37473ff4469cb62f2b5c8fe142209be624c9afc"><code>d37473f</code></a> Update flux-cli image</li> <li><a href="https://github.com/fluxcd/flux2/commit/712b03727ae48f9366b80af783f334b2f5d7d919"><code>712b037</code></a> Merge pull request <a href="https://redirect.github.com/fluxcd/flux2/issues/5200">#5200</a> from fluxcd/update-k8s-check</li> <li><a href="https://github.com/fluxcd/flux2/commit/14da7d58be2f61eac70e206bfa040707676354e6"><code>14da7d5</code></a> Update Kubernetes min supported version to 1.30</li> <li><a href="https://github.com/fluxcd/flux2/commit/45da6a86f84e1a6839afbbf723c11c8548911764"><code>45da6a8</code></a> Merge pull request <a href="https://redirect.github.com/fluxcd/flux2/issues/5199">#5199</a> from fluxcd/tests-2.5</li> <li><a href="https://github.com/fluxcd/flux2/commit/3053a0b8405545b406bab8b27d3aac252c92374c"><code>3053a0b</code></a> Update integration tests dependencies for Flux 2.5</li> <li><a href="https://github.com/fluxcd/flux2/commit/96f95b6b4c9c9dc3b9e02f1045f756093f36630c"><code>96f95b6</code></a> Merge pull request <a href="https://redirect.github.com/fluxcd/flux2/issues/5195">#5195</a> from fluxcd/update-components</li> <li><a href="https://github.com/fluxcd/flux2/commit/cf92e02f531dede408ba81add5adcaf7ae8d7e70"><code>cf92e02</code></a> Update toolkit components</li> <li>Additional commits viewable in <a href="https://github.com/fluxcd/flux2/compare/5350425cdcd5fa015337e09fa502153c0275bd4b...af67405ee43a6cd66e0b73f4b3802e8583f9d961">compare view</a></li> </ul> </details> <br /> Updates `ossf/scorecard-action` from 2.4.0 to 2.4.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/ossf/scorecard-action/releases">ossf/scorecard-action's releases</a>.</em></p> <blockquote> <h2>v2.4.1</h2> <h2>What's Changed</h2> <ul> <li>This update bumps the Scorecard version to the v5.1.1 release. For a complete list of changes, please refer to the <a href="https://github.com/ossf/scorecard/releases/tag/v5.1.0">v5.1.0</a> and <a href="https://github.com/ossf/scorecard/releases/tag/v5.1.1">v5.1.1</a> release notes.</li> <li>Publishing results now uses half the API quota as before. The exact savings depends on the repository in question. <ul> <li>use Scorecard library entrypoint instead of Cobra hooking by <a href="https://github.com/spencerschrock"><code>@spencerschrock</code></a> in <a href="https://redirect.github.com/ossf/scorecard-action/pull/1423">ossf/scorecard-action#1423</a></li> </ul> </li> <li>Some errors were made into annotations to make them more visible <ul> <li>Make default branch error more prominent by <a href="https://github.com/jsoref"><code>@jsoref</code></a> in <a href="https://redirect.github.com/ossf/scorecard-action/pull/1459">ossf/scorecard-action#1459</a></li> </ul> </li> <li>There is now an optional <code>file_mode</code> input which controls how repository files are fetched from GitHub. The default is <code>archive</code>, but <code>git</code> produces the most accurate results for repositories with <code>.gitattributes</code> files at the cost of analysis speed. <ul> <li>add input for specifying <code>--file-mode</code> by <a href="https://github.com/spencerschrock"><code>@spencerschrock</code></a> in <a href="https://redirect.github.com/ossf/scorecard-action/pull/1509">ossf/scorecard-action#1509</a></li> </ul> </li> <li>The underlying container for the action is now <a href="https://github.com/ossf/scorecard-action/pkgs/container/scorecard-action">hosted on GitHub Container Registry</a>. There should be no functional changes. <ul> <li>🌱 publish docker images to GitHub Container Registry by <a href="https://github.com/spencerschrock"><code>@spencerschrock</code></a> in <a href="https://redirect.github.com/ossf/scorecard-action/pull/1453">ossf/scorecard-action#1453</a></li> </ul> </li> </ul> <h3>Docs</h3> <ul> <li>Installation docs update by <a href="https://github.com/JeremiahAHoward"><code>@JeremiahAHoward</code></a> in <a href="https://redirect.github.com/ossf/scorecard-action/pull/1416">ossf/scorecard-action#1416</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/JeremiahAHoward"><code>@JeremiahAHoward</code></a> made their first contribution in <a href="https://redirect.github.com/ossf/scorecard-action/pull/1416">ossf/scorecard-action#1416</a></li> <li><a href="https://github.com/jsoref"><code>@jsoref</code></a> made their first contribution in <a href="https://redirect.github.com/ossf/scorecard-action/pull/1459">ossf/scorecard-action#1459</a> <strong>Full Changelog</strong>: <a href="https://github.com/ossf/scorecard-action/compare/v2.4.0...v2.4.1">https://github.com/ossf/scorecard-action/compare/v2.4.0...v2.4.1</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/ossf/scorecard-action/commit/f49aabe0b5af0936a0987cfb85d86b75731b0186"><code>f49aabe</code></a> bump docker to ghcr v2.4.1 (<a href="https://redirect.github.com/ossf/scorecard-action/issues/1478">#1478</a>)</li> <li><a href="https://github.com/ossf/scorecard-action/commit/30a595ba8670f7bd5e2d33119dfeeb6ab2f64991"><code>30a595b</code></a> 🌱 Bump github.com/sigstore/cosign/v2 from 2.4.2 to 2.4.3 (<a href="https://redirect.github.com/ossf/scorecard-action/issues/1515">#1515</a>)</li> <li><a href="https://github.com/ossf/scorecard-action/commit/69ae593b7addfd5241b46c43c7ed6abbd7203d55"><code>69ae593</code></a> omit vcs info from build (<a href="https://redirect.github.com/ossf/scorecard-action/issues/1514">#1514</a>)</li> <li><a href="https://github.com/ossf/scorecard-action/commit/6a62a1cbf28018bd61197d0c2852b94b046fe1a4"><code>6a62a1c</code></a> add input for specifying <code>--file-mode</code> (<a href="https://redirect.github.com/ossf/scorecard-action/issues/1509">#1509</a>)</li> <li><a href="https://github.com/ossf/scorecard-action/commit/2722664778d49161a69d42f8e82e15ed38fea8d1"><code>2722664</code></a> 🌱 Bump the github-actions group with 2 updates (<a href="https://redirect.github.com/ossf/scorecard-action/issues/1510">#1510</a>)</li> <li><a href="https://github.com/ossf/scorecard-action/commit/ae0ef3171a81cb48c3fdaaf34cba323d0c51fefb"><code>ae0ef31</code></a> 🌱 Bump github.com/spf13/cobra from 1.8.1 to 1.9.1 (<a href="https://redirect.github.com/ossf/scorecard-action/issues/1512">#1512</a>)</li> <li><a href="https://github.com/ossf/scorecard-action/commit/3676bbc29082184ac34a84d1573c0419f81c4a68"><code>3676bbc</code></a> 🌱 Bump golang from 1.23.6 to 1.24.0 in the docker-images group (<a href="https://redirect.github.com/ossf/scorecard-action/issues/1513">#1513</a>)</li> <li><a href="https://github.com/ossf/scorecard-action/commit/ae7548a0ff1b94dda3a89eeda8f59c031874f035"><code>ae7548a</code></a> Limit codeQL push trigger to main branch (<a href="https://redirect.github.com/ossf/scorecard-action/issues/1507">#1507</a>)</li> <li><a href="https://github.com/ossf/scorecard-action/commit/9165624e75f0c73d13a9db2d4d920bcc5fc3a801"><code>9165624</code></a> upgrade scorecard to v5.1.0 (<a href="https://redirect.github.com/ossf/scorecard-action/issues/1508">#1508</a>)</li> <li><a href="https://github.com/ossf/scorecard-action/commit/620fd28d6b2ba01c1d70cf63dfb4bdf868e19d6f"><code>620fd28</code></a> 🌱 Bump the github-actions group with 2 updates (<a href="https://redirect.github.com/ossf/scorecard-action/issues/1505">#1505</a>)</li> <li>Additional commits viewable in <a href="https://github.com/ossf/scorecard-action/compare/62b2cac7ed8198b15735ed49ab1e5cf35480ba46...f49aabe0b5af0936a0987cfb85d86b75731b0186">compare view</a></li> </ul> </details> <br /> Updates `github/codeql-action` from 3.28.9 to 3.28.10 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action's releases</a>.</em></p> <blockquote> <h2>v3.28.10</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>3.28.10 - 21 Feb 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.5. <a href="https://redirect.github.com/github/codeql-action/pull/2772">#2772</a></li> <li>Address an issue where the CodeQL Bundle would occasionally fail to decompress on macOS. <a href="https://redirect.github.com/github/codeql-action/pull/2768">#2768</a></li> </ul> <p>See the full <a href="https://github.com/github/codeql-action/blob/v3.28.10/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>3.28.10 - 21 Feb 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.5. <a href="https://redirect.github.com/github/codeql-action/pull/2772">#2772</a></li> <li>Address an issue where the CodeQL Bundle would occasionally fail to decompress on macOS. <a href="https://redirect.github.com/github/codeql-action/pull/2768">#2768</a></li> </ul> <h2>3.28.9 - 07 Feb 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.4. <a href="https://redirect.github.com/github/codeql-action/pull/2753">#2753</a></li> </ul> <h2>3.28.8 - 29 Jan 2025</h2> <ul> <li>Enable support for Kotlin 2.1.10 when running with CodeQL CLI v2.20.3. <a href="https://redirect.github.com/github/codeql-action/pull/2744">#2744</a></li> </ul> <h2>3.28.7 - 29 Jan 2025</h2> <p>No user facing changes.</p> <h2>3.28.6 - 27 Jan 2025</h2> <ul> <li>Re-enable debug artifact upload for CLI versions 2.20.3 or greater. <a href="https://redirect.github.com/github/codeql-action/pull/2726">#2726</a></li> </ul> <h2>3.28.5 - 24 Jan 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.3. <a href="https://redirect.github.com/github/codeql-action/pull/2717">#2717</a></li> </ul> <h2>3.28.4 - 23 Jan 2025</h2> <p>No user facing changes.</p> <h2>3.28.3 - 22 Jan 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.2. <a href="https://redirect.github.com/github/codeql-action/pull/2707">#2707</a></li> <li>Fix an issue downloading the CodeQL Bundle from a GitHub Enterprise Server instance which occurred when the CodeQL Bundle had been synced to the instance using the <a href="https://github.com/github/codeql-action-sync-tool">CodeQL Action sync tool</a> and the Actions runner did not have Zstandard installed. <a href="https://redirect.github.com/github/codeql-action/pull/2710">#2710</a></li> <li>Uploading debug artifacts for CodeQL analysis is temporarily disabled. <a href="https://redirect.github.com/github/codeql-action/pull/2712">#2712</a></li> </ul> <h2>3.28.2 - 21 Jan 2025</h2> <p>No user facing changes.</p> <h2>3.28.1 - 10 Jan 2025</h2> <ul> <li>CodeQL Action v2 is now deprecated, and is no longer updated or supported. For better performance, improved security, and new features, upgrade to v3. For more information, see <a href="https://github.blog/changelog/2025-01-10-code-scanning-codeql-action-v2-is-now-deprecated/">this changelog post</a>. <a href="https://redirect.github.com/github/codeql-action/pull/2677">#2677</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d"><code>b56ba49</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2778">#2778</a> from github/update-v3.28.10-9856c48b1</li> <li><a href="https://github.com/github/codeql-action/commit/60c9c77c33f2cd66390a3778d54de88b735b2526"><code>60c9c77</code></a> Update changelog for v3.28.10</li> <li><a href="https://github.com/github/codeql-action/commit/9856c48b1a54789454314b4c32ef2354fe213208"><code>9856c48</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2773">#2773</a> from github/redsun82/rust</li> <li><a href="https://github.com/github/codeql-action/commit/9572e09da430b4c71f7488e4195b4ca6ce1c6ef0"><code>9572e09</code></a> Rust: fix log string</li> <li><a href="https://github.com/github/codeql-action/commit/1a529366ac3620317d953e2d4018eafa7459cb1c"><code>1a52936</code></a> Rust: special case default setup</li> <li><a href="https://github.com/github/codeql-action/commit/cf7e90952bcceaebd4a548c2809ea6a5d461a1bc"><code>cf7e909</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2772">#2772</a> from github/update-bundle/codeql-bundle-v2.20.5</li> <li><a href="https://github.com/github/codeql-action/commit/b7006aab6d38638d18e38a27c18f67138529c2f8"><code>b7006aa</code></a> Merge branch 'main' into update-bundle/codeql-bundle-v2.20.5</li> <li><a href="https://github.com/github/codeql-action/commit/cfedae723eaced5e13052b529375e7b00d49a9cd"><code>cfedae7</code></a> Rust: throw configuration errors if requested and not correctly enabled</li> <li><a href="https://github.com/github/codeql-action/commit/3971ed2a74ede0669fa7f4f5af4292030280dbfd"><code>3971ed2</code></a> Merge branch 'main' into redsun82/rust</li> <li><a href="https://github.com/github/codeql-action/commit/d38c6e60dfb0232f85e388dd416559ed07da5f3a"><code>d38c6e6</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2775">#2775</a> from github/angelapwen/bump-octokit</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0...b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-02-24 13:10:51 +00:00

1 2 3 4

170 Commits